Crime in the Suites: An Analyis of Current Issues in White Collar Defense
Archive for the ‘Internet Law’ Category
Aug 11
2013

Administration Issues Latest Road Map to Combat Trade Secret Theft

The Obama administration has issued a road map to combat intellectual property theft over the next three years.

The “2013 Intellectual Property Enforcement Coordinator Joint Strategic Plan” follows up on the more narrowly tailored “Administration Strategy on Mitigating the Theft of Trade Secrets” that we wrote about earlier this year, and reviews progress made on intellectual property issues in general since the administration’s first general IP strategic plan was issued in 2010.

While this year’s plan rightfully highlights the administration’s achievements in trade secret protection, it sheds little light on the concrete steps necessary to achieve its future goals in that area.

The strategic plan reveals progress made on the trade secret legislation, investigation, prosecution, and sentencing fronts. The enactment of Public Law 112-236, the “Theft of Trade Secrets Clarification Act of 2012,” closed a loophole by clarifying that the Economic Espionage Act protects trade secrets related to “a product or service used in or intended for use in” interstate or foreign commerce. The FBI unveiled a public education campaign to raise awareness of trade secret theft, and FBI trade secret theft cases are up 39 percent.

The Department of Justice has provided federal prosecutors with special training in computer crimes in order to support law enforcement agencies in the investigation of trade secret theft perpetrated by persons who pose a national security threat. Over the past three years the administration has also bolstered criminal penalties for economic espionage and directed the U.S. Sentencing Commission to consider increasing offense levels for trade secret crimes.

Despite these accomplishments, there is much more to achieve. The plan aims to press for protection of trade secrets overseas and enforcement actions to address their theft or misappropriation, and expresses concern about “forced technology transfer,” that is, efforts by foreign governments to condition market access or the ability to do business on the transfer of trade secrets or proprietary information.

While this document is high on aspirational talk regarding international coordination, it is notably low on concrete proposals for domestic trade secrets legislation. The lack of momentum on this front may be understandable considering that the administration received only 13 comments in response to the “Administration Strategy on Mitigating the Theft of Trade Secrets” that it released in February. However, there is a general consensus in the IP community that the law needs to provide a federal civil cause of action for trade secret theft that provides for broad civil remedies, similar to the Copyright Act or the Patent Act. Until such an act is implemented, trade secrets will not have a level of protection commensurate with their importance.

Jul 05
2013

Andrew Auernheimer Appeals Hacking Conviction

Earlier this week, attorneys for convicted computer hacker Andrew “Weev” Auernheimer filed their opening brief in their appeal to the U.S. Court of Appeals for the Third Circuit to have his conviction overturned.

In 2010, Auernheimer’s co-defendant Daniel Spitler, who agreed to plead guilty in 2011, discovered a flaw in AT&T’s iPad user database, that he used to collect 114,000 email addresses. Auernheimer then disclosed those email addresses to Gawker, who published a redacted form of some of the account information. The disclosure of the email addresses attracted significant media attention and ultimately forced AT&T to change their security protocols.

Last November, Auernheimer was found guilty by a jury after a five day trial of violating the Computer Fraud and Abuse Act (CFAA) and conspiracy to gain unauthorized access to a computer without authorization. He was sentenced in March to 41 months imprisonment to be followed by three years of supervised release.

Auernheimer’s appellate brief focuses on the argument that he did not violate the CFAA because visiting an unprotected public website is not unauthorized access which is required under the statute. Spitler’s program visited the publicly accessible websites and collected the information that was available on those sites. The email addresses that were collected by Spitler’s program were published on publicly accessible websites that did not employ security measures such as passwords. Auernheimer’s lawyers argued that it is irrelevant that AT&T “subjectively wished that outsiders would not stumble across the data.” Spitler’s program did not access any private accounts and according to Aurenheimer’s lawyers, it did not even violate any written prohibitions or Terms of Use on AT&T’s website. His lawyers also stated that no data was taken, deleted or destroyed.

The CFAA prohibits accessing a computer without proper authorization, which is the same statute that Internet activist Aaron Swartz was convicted of violating. The law has faced steep criticism for being overly broad and allowing prosecutors wide discretion by allowing them to charge individuals who have violated a website’s terms of service. Last month “Aaron’s Law” was introduced in Congress, which would amend the CFAA to prevent prosecutors from charging an individual with violation a company’s terms of service and from bringing multiple charges against an individual for the same act.

The government’s brief is due on July 22 and Auernheimer will then have the opportunity to file a reply brief by August 5.

We will know in a matter of months how the Third Circuit will rule on Auernheimer’s appeal and whether his conviction and sentence will be upheld. This case raises some very interesting issues on the scope of computer crime laws and prosecutorial discretion. Is the conduct of Auernheimer the type that we need to devote government resources to send a person with no criminal record to prison for a significant period of time?

tags:
Feb 26
2013

N.J. Legalizes Online Gaming as Christie Signs State Bill Into Law

Today, New Jersey became the third state in the country to legalize online gaming within its borders, as New Jersey Governor Chris Christie (R) signed into law a bill legalizing online gaming in the state.

Here is a video in which Jeff Ifrah, founding partner of Ifrah Law, discusses this exciting development.

Both houses of the state legislature had previously passed the bill by large margins and Gov. Christie had sent the bill back to the legislature requesting minor changes to the bill. The legislature made the changes requested by Gov. Christie, and on Tuesday the state General Assembly voted 68-5-1 to pass the bill with the Governor’s requested changes. The State Senate then voted to pass the bill by a margin of 35-1. Governor Christie signed the bill into law shortly thereafter.

The changes requested by the Governor included an enhanced level of funding for compulsive gambling treatment programs, a requirement that state employees and legislators disclose any representation past or present of entities seeking Internet gaming licenses, and an extension of a prohibition on any casino-related employment for state employees and legislators to include companies involved in Internet gaming.

New Jersey’s online gaming law would allow the state to participate in interstate gaming compacts with other states that have legalized online gaming within their borders, as long as this is consistent with federal law. Online gaming compacts would allow for the possibility of generating much larger player pools for the games as well as significant extra revenue for the state.

Under the law, casinos or their affiliates would be allowed to offer the same games that are currently offered on Atlantic City casino gaming floors. All players must be physically located in New Jersey, but do not need to be residents of New Jersey. There is no definitive word yet on when games will become operational, but it is quite possible that it could happen this year.

The law will help to stimulate the New Jersey economy and created needed jobs and revenue for the state.

“Internet gaming will provide a lifeline to New Jersey casinos by producing more jobs and additional revenue,” said bill sponsor New Jersey State Senator Raymond Lesniak (D). “At the same time, it will contribute to the state’s economic recovery and generate more revenue for state programs for seniors and the disabled.”

Under the law, all equipment used in Internet gaming is required to be located in Atlantic City. This will create a significant number of jobs in the region.

We are very happy to see New Jersey enact an online gaming law. This will be an enormous boost for the state as well as great news for gamers, who will soon be able to play online again.

 

posted in:
Internet Law
Feb 12
2013

Domain Name Seizure – It’s Not Just a U.S. Law Enforcement Tactic

We have previously reported in this space about the use of domain name seizures by American law enforcement – for example, here and here.  Recent media reports show that domain name seizure has become the go-to tactic for law enforcement for other countries as well.

Canadian police made a series of arrests during an invitation-only Super Bowl party attended by 2300 people as part of Project Amethyst. A Royal Canadian Mounted Police spokesperson says this was connected with the arrest of 21 individuals related to a separate online credit betting operation in November. The more recent arrests were connected with an online sports betting operation that used the website located at www.platinumsb.com. In addition to arresting six individuals, officers also seized $2.5 million in cash as a result of the execution of nine search warrants in and around Toronto.

Police also seized the domain name associated with a Costa Rica-based website, which is registered with Washington State-based Enom, Inc. Police obtained a Canadian court order for that purpose, and then submitted a request under the Mutual Legal Assistance Treaty (MLAT) between Canada and the United States. The domain name was then transferred to the control of Canadian law enforcement authorities who, in turn, redirected it to a new landing page. Visitors to the platinumsb.com website are now greeted by a notice stating that the web site has been “restrained by court order granted to the Attorney General of Ontario.”

Media reports indicate that the website was back online as www.platinumsb.tk within hours of the shutdown. The .tk top level domain belongs to Tokelau, a non-self-governing territory off the coast of New Zealand. The .tk version of the domain name was reportedly registered in 2004, suggesting that the group operating the sports book had set up contingency plans for a seizure of its .com website.

Whatever the merits of the Canadian prosecution against individuals affiliated with PlatinumSB, the seizure of the platinumsb.com domain name certainly shows that domain name seizure is by no means a tactic used only by U.S. law enforcement. As more and more businesses move largely or exclusively to the Internet, the global use of this law enforcement tactic is sure to grow.

Feb 11
2013

Facebook Takes Steps to Expand Presence in Real Money Gaming

Facebook is quickly expanding its real money gaming platform. Net Entertainments has signed a license agreement with Bonza Gaming, which is a joint venture between gaming publisher Plumbee and online gaming operator Sportingbet. Under the agreement Net Entertainment will offer a range of casino games to Bonza Gaming, which will create an app, Bonza Slots, that will be available on Facebook to users that want to participate in real money gaming.

Facebook is now the world’s largest social media outlet, with over a billion active users. Last summer, Facebook announced that it would expand its social gaming to real money gaming, beginning initially with users in the United Kingdom. Bonza Slots becomes the third real money gaming app on Facebook, joining Gamesys and 888 Holdings; all three companies have recently reached deals with Facebook to launch their real money gaming apps. With Facebook’s massive user base, it can accomplish what other online gaming sites could likely only achieve on a much smaller scale — the ability to reach a large and constantly growing base of players.

Facebook is no stranger to online gaming. For some time now, it has offered its users the option of playing online games for Facebook credits as an alternative to real money. In 2011, Facebook changed its advertising policies, allowing online gambling companies to advertise in jurisdictions where such services are permitted. In the past, Facebook has been extremely strict when it comes to advertising online gambling business on its website. Now, Facebook’s Advertising Guidelines web page has a specific online gambling clause under the Gambling and Lotteries subsection of the Ad Content section, which reads: “Ads that promote or facilitate online gambling, games of skill or lotteries, including online casino, sports books, bingo, or poker, are only allowed in specific countries with prior authorization from Facebook.”

It is not clear how much Facebook will charge real money gaming companies to operate on its platform. In general, Facebook charges other apps 30 percent of their revenue, and there is no indication that gaming will work any differently. After reviewing Facebook’s public filings, we still have some questions about this and we will report back as we find answers.

In any case, Facebook’s new online real gaming platform will immediately give it a strong position in the real money market in the United Kingdom and a great opportunity to monetize its very large user base. With legislative efforts for real money online gaming gaining momentum across the United States, Facebook could be well positioned to be a power in the U.S. market in the future if it chooses to do so.

posted in:
Internet Law
Jan 25
2013

Court Finds State Ban on Sex Offenders’ Use of Social Media Tramples Speech Rights

In a January 23, 2013, ruling, the U.S. Court of Appeals for the 7th Circuit held that an Indiana law that prohibited most registered sex offenders from using social media websites was unconstitutional because it was “not narrowly tailored to protect the state’s interest.” The decision was restricted to the Indiana statute on sex offenders and did not extend its reasoning to another, related issue – whether courts can permissibly, as a condition of probation or supervised release, restrict white-collar criminals from using the Internet.

The fatal flaw of the Indiana law, the appeals court held, was that it was overbroad because it targeted substantial protected speech, rather than retaining a narrow focus on the specific evil of improper communication to minors.

The 7th Circuit noted that the Indiana statute affected First Amendment rights because it controlled expression via social media and limited the ability to receive information and ideas.

In recent cases of various sorts, including e-commerce cases, federal courts have proved all too willing to imposed Internet bans that trample on various constitutional rights. We focused on this problem in a National Law Journal article a couple of years ago that argued that courts go too far when they impose a broad ban on the use of the Internet against a defendant who had committed online fraud.

In the sex-offender case, Doe v. Marion County Prosecutor, the 7th Circuit acknowledged the strong state interest in protecting minors from harmful online communication, but explained that the ban must be narrowly tailored to target only the appropriate evil. All parties agreed that there is nothing inherently dangerous about using social media – except when a sex offender communicates with minors, which is only a “minuscule subset of the universe of social network activity.”

The same principle ought to be applied to restrictions on Internet use placed upon those who have been found guilty of fraud in e-commerce. Not all Internet usage should be treated as suspect.

Towards the end of its opinion, the court discussed Internet restrictions in the context of conditions of probation or supervised release. The court distinguished between a criminal statute, as in Indiana, that governs the protected speech of the general populace (including registered sex offenders) and the sentences imposed by district courts that may govern Internet usage.

The court said its opinion “should not be read to affect district courts’ latitude in fashioning terms of supervised release.” It elaborated that “Our penal system necessarily implicates various constitutional rights . . . a court could conceivably limit a defendant’s Internet access if full access posed too high a risk of recidivism.”

Somewhat ironically, the court noted that “The alternative to limited Internet access may be additional time in prison, which is surely more restrictive of speech than a limitation on electronics.” Although the 7th Circuit was not willing to expand its protection of Internet usage to the sentencing and probation context, we still think that its strong protection of Internet usage in the First Amendment context bodes well for future challenges in that context.

Jan 17
2013

Domain-Name Rights: Pursue Them or Lose Them, Arbitrator Rules

Domain-name registrants who sit on their rights rather than go after trademark infringers do so at their peril. In a case decided last July, an arbitrator for the World Intellectual Property Organization (WIPO) held that a foreign registrant’s bad-faith registration and continued use of an infringing domain name, at some point, transformed into legitimate use. As a result, the trademark holder, Victoria’s Secret, was denied any relief under Australia’s version of the Uniform Domain Name Dispute Resolution Policy (auDRP).

In May 2012, lingerie retailer Victoria’s Secret filed a complaint with WIPO seeking cancellation or transfer of the domain name “victoriassecrets.com.au,” which allegedly had been routing Victoria’s Secret customers to an escort service based in Sydney, Australia. As required under the auDRP, Victoria’s Secret alleged all three prongs required for relief: (i) a domain name that is identical or confusingly similar to a valid trademark; (ii) illegitimate use; and (iii) bad faith.

First, Victoria’s Secret alleged that the infringing domain name was confusingly similar to the company’s trademark, which had been registered in the United States since 1977 and in Australia since 1990. Indeed, the infringing domain name incorporated Victoria’s Secret’s entire trademark, simply adding an “s” at the end. The company further alleged that the Australian women who registered the domain name had intentionally used Victoria’s Secret’s brand and image to promote prostitution.

Second, Victoria’s Secret claimed that the Australian escort service had no rights or legitimate interests in the domain name: the escort service was not known by the name “Victoria’s Secret,” the service was not authorized to use the trademark, the registrants were not using the name in connection with a bona fide offering of services, and they were not putting the name to legitimate non-commercial or fair use.

With respect to the “bad faith” prong, Victoria’s Secret alleged that the respondents had registered and used the name to deceive Internet users into believing the lingerie company was a source, sponsor or affiliate of the escort service. Victoria’s Secret further alleged that given its previous registration and worldwide customer base, the registrants knew their domain name would cause confusion.

What’s more, the registrants intended to trade on the confusion and, in the process, tarnished the lingerie company’s reputation.

The WIPO arbitrator agreed — for the most part. With seemingly no hesitation, he found for the complainant on the first and third prongs. He stated that the disputed domain was “confusingly similar” to Victoria’s Secret’s trademark. Moreover, he found that the registrants “knew of the Victoria’s Secret trademark at the time they registered and began using the domain name” and that they “deliberately chose” the domain so that their escort business would benefit from the resulting confusion. Nonetheless, the arbitrator held that Victoria’s Secret was not entitled to relief.

In his view, Victoria’s Secret had failed to show that the escort service had no legitimate interest in the domain. According to the arbitrator, evidence submitted by the parties showed that the registrants had been using the disputed domain name for almost 10 years and, more importantly, that Victoria’s Secret had been aware of the infringing use for seven years prior to filing the complaint. Although Victoria’s Secret had issued a couple of cease-and-desist letters in 2005, the company ultimately decided not to pursue the matter. At some point after that, the escort service obtained a legitimate interest in using the domain. In the arbitrator’s words:

[Victoria’s Secret’s] failure to press the allegations of infringement led the Respondent to understand that the Complainant no longer objected to the Respondent’s behavior. The effect of this subsequent bona fide use of the disputed domain name was that, by the time the Complaint was filed, the Respondent had acquired a right or legitimate interest in the disputed domain name.

The arbitrator added that if the Australian registrants were to change their use of the domain name following the decision, their legitimate interest in the domain would very likely be lost.

It will be interesting to see if other arbitration panels follow suit. Whatever the case, Victoria’s Secret is probably keeping a close watch on the domain while considering potential alternatives for relief.

posted in:
Internet Law
Nov 21
2012

Domain Names and the First Amendment: The Latest Word

The intersection of domain names and the First Amendment is not new. Indeed, in the early days of the domain name system, courts considered the issue of whether a domain name registrar could prohibit the registration of domain names on the basis of content – for instance, domain names containing profanities. See Nat’l A-1 Advertising, Inc. v. Network Solutions, Inc., 121 F. Supp. 2d 156 (D.N.H. 2000); Seven Words LLC v. Network Solutions, Inc., 260 F.3d 1089 (9th Cir. 2001). However, the U.S. Court of Appeals for the Fifth Circuit recently was confronted, in Gibson v. Texas Dep’t of Insurance, with a new twist on the First Amendment as it applies to domain names: whether a particular domain name is pure “commercial speech” (entitled to only limited First Amendment protection) or “expressive speech” (entitled to more extensive protection).

The Texas Labor Code prohibits the use together of the words and phrases “Texas,” and “Workers Compensation,” or similar abbreviations. Nonetheless, Gibson, a workers compensation lawyer in Texas, registered the domain name texasworkerscomplaw.com. On the associated website, Gibson discusses matters relating to Texas workers compensation law and, of course, advertises his law practice. The Texas Department of Insurance took offense to Gibson’s domain name, and sent Gibson a cease and desist letter. Gibson, being a lawyer, sued in federal court, alleging that the Texas Labor Code restrictions violated his constitutional rights.

The Fifth Circuit, in an interesting opinion, addressed the commercial speech/pure speech dichotomy inherent in domain names used by commercial enterprises, but artfully dodged the question of whether the domain name was in fact commercial speech. Instead, the court first analyzed whether, if the domain name was in fact commercial speech (which can under some circumstances be restricted), it was the sort of commercial speech that the Texas Department of Insurance could restrict.

The court found, correctly, that commercial speech can be restricted only if it is “inherently likely to deceive.” The state argued that Gibson’s domain name implied a connection with or approval of the state. The Fifth Circuit dispensed with the state’s argument, noting that since there was nothing to suggest that texasworkerscomplaw.com could not be viewed in a non-deceptive fashion (a truism), the state could not restrict the use of the domain name as commercial speech.

There is a second exception allowing a restriction on commercial speech: A state may regulate non-deceptive commercial speech if the restriction “advances a substantial state interest” and is narrowly tailored to serve that interest. On this issue, the Fifth Circuit sent the case back to the federal district court to develop a factual record. It seems unlikely that the Texas Department of Insurance will prevail in the end, as the statute on which its objection is based is vastly overreaching, and would prohibit anyone providing services relating to workers compensation in Texas from registering domain names that accurately describe what they do. For instance, a physician who performs workers compensation examinations could not register texasworkerscompdoc.com (as of this writing, this domain name is available for the taking).

Obviously, such a domain name is not misleading, and there is no legitimate basis upon which the state can restrict it. Domain names are often a form of speech. Just because they are a relatively new format of expression does not change this fact and give the government a basis to attempt to restrict their use.

posted in:
Internet Law
Sep 19
2012

Libya Loses Court Battle Over Its Own ‘Libyan Embassy’ Trademark

In an interesting recent opinion, the U.S. District Court for the District of Columbia rebuffed the Libyan Government’s bid to obtain a transfer to it of the domain name registration for libyanembassy.com from a “legalization expeditor” – a company that certifies documents as one step in the process of international legalization of documents (such as foreign birth certificates).

The Libyan Government brought an action under the Anticybersquatting Consumer Protection Act (ACPA) against Ahmad Miski, who operates the Arab-American Chamber of Commerce, a document certification service. Miski redirected traffic to the domain name to his website promoting his certification services. Libya contended that Miski’s registration and use of the domain name infringed its trademark for “Libyan Embassy.”

The case raised two issues that are often misunderstood. First, the court dealt with a claim under an unregistered trademark – “Libyan Embassy” – and had to determine whether it could be enforced under the ACPA. Second, the court had to examine whether the term “Libyan Embassy” is descriptive or suggestive under trademark law. The determination of whether a trademark is descriptive or suggestive is crucial to determining whether trademark rights in the phrase are enforceable, as a merely “descriptive” phrase is enforceable as a trademark only if it acquires “secondary meaning.”

The court quickly dispensed with the issue surrounding the unregistered trademark. It correctly noted that while an unregistered trademark is not entitled to the presumption of validity enjoyed by a registered trademark, it can nonetheless be enforced. However, the Libyan Government’s claim then collapsed. Libya took the position that the phrase “Libyan Embassy” was suggestive under trademark law (meaning that the term itself tells a customer that it refers to a brand and immediately signals to a consumer a brand or product source), which would have entitled it to protection under trademark law.

Miski, conversely, took the position that the phrase was merely descriptive (meaning that it just describes a product’s features, qualities or ingredients, or describes the use to which a product is put), which would preclude its enforceability under trademark law, unless it acquired secondary meaning in the market (the classic example of a merely descriptive mark clothed with secondary meaning is “American Airlines”).

Ultimately, the court performed a cogent and concise analysis of the issues under trademark law, and determined that the term “Libyan Embassy” was merely descriptive, as little imagination is necessary to understand from the name what services (consular services) are being offered. A suggestive mark, on the other hand, requires that there be some element of imagination necessary to tie the mark to the goods or services offered (think Coppertone™ – for suntan products).

Libya could have overcome this ruling, however, by showing that the term “Libyan Embassy” had obtained secondary meaning – which occurs when in the minds of the public, the primary significance of the mark is to identify the source of the product rather than the product itself. It seems that Libya should have had little trouble making this showing. All it needed to do was present evidence – typically through use of a survey showing public perceptions of what is meant by “Libyan Embassy” and the services it provides – showing that the public associates “Libyan Embassy” with the services provided by the Embassy of Libya. This would seem to be an easy task. But Libya presented no such evidence. Therefore, the Court found that it failed to meet its burden to show secondary meaning.

Libya’s failure in this regard is a cautionary note to those who enter into trademark litigation without adequate preparation. Obtaining evidence through the use of surveys, economic analysis, and tracking down persons who have actually been confused by infringing behavior can be expensive, time-consuming, and difficult. But in the world of trademark litigation, it also can be indispensable. It seems likely that had Libya taken these steps before pursuing the registrant of, it would have had a reasonably strong chance of prevailing. Having not done so, its case was irretrievably compromised.

posted in:
Internet Law
Sep 07
2012

Founding Partner Jeff Ifrah: Why the DOJ Settlement With Poker Stars is a Win-Win

When online gaming is successful, Ifrah says, players participate in all aspects of the industry – including in the casinos. This is a great development for the gaming industry and great for business and for the nation’s economy.

tags:
Connect with Us Share

About Ifrah Law

Crime in the Suites is authored by the Ifrah Law Firm, a Washington DC-based law firm specializing in the defense of government investigations and litigation. Our client base spans many regulated industries, particularly e-business, e-commerce, government contracts, gaming and healthcare.

Ifrah Law focuses on federal criminal defense, government contract defense and procurement, health care, and financial services litigation and fraud defense. Further, the firm's E-Commerce attorneys and internet marketing attorneys are leaders in internet advertising, data privacy, online fraud and abuse law, iGaming law.

The commentary and cases included in this blog are contributed by founding partner Jeff Ifrah, partners Michelle Cohen and George Calhoun, counsels Jeff Hamlin and Drew Barnholtz, and associates Rachel Hirsch, Nicole Kardell, Steven Eichorn, David Yellin, and Jessica Feil. These posts are edited by Jeff Ifrah. We look forward to hearing your thoughts and comments!

Visit the Ifrah Law Firm website