The estimable Alex Wade - author of the Swordplay blog and the Times's Surf Nation blog - has today written a nice piece in the Times about blogging by lawyers in the UK with some kind comments about Naked Law and other UK bloggers. I had an interesting chat with Alex while he was researching the article.
Two recent cases have given guidance on who has the rights to a profile on social networking sites.
In Hays Specialist Recruitment (Holdings) Limited and Another v Ions and Another the court held that Hays had “reasonable grounds for considering that” Mr. Ions had used LinkedIn, a social networking site specifically aimed at linking business contacts, to copy and retain confidential information belonging to Hays.
Hays alleged that Mr. Ions had, whilst still an employee of Hays, copied and then retained confidential information concerning clients and contacts of Hays. They then say he used that information in his subsequent business thereby breaching the restrictive covenant in his contract of employment. Hays was granted an order for the pre-action disclosure of documents which evidenced the uploading of business contacts and evidenced dealing with those contacts after Mr. Ions had left employment.
Mr. Ions contended that Hays knew he had uploaded contact details onto LinkedIn and, indeed, was encouraged to use the site to gain potential business. He claimed that once these contacts were loaded and the LinkedIn invitation accepted the information was no longer confidential.
Whilst the Judge was not asked to rule on this particular issue he did say that “even if [Mr. Ions] uploaded [the contacts] with authority, it is difficult to imagine that the authority was not limited to using them in the performance of his duties as an employee of Hays”.
This case would lead to the conclusion that your LinkedIn profile if used in the course of your employment might not belong to you but to your employer. If this is the case then as Talent Technology Blog point out what do you do when you move employer? Do you have to delete all recommendations from ex-clients? Do you have to remove all work contacts? What happens if those contacts are also personal contacts? Watch this space and maybe we will have an answer.
On a slightly related note it would appear that the situation on Facebook may be different. In the recent case of Firsht v Readman, Mr. Firsht successfully sued for defamation and libel. Mr. Firsht discovered that a false profile of him had been generated on Facebook and that it contained private information about him purporting to include details of his sexual orientation and preferences and his political and religious beliefs.
The court found that the IP address used to set up the profile belonged to the home computer of a Mr. Grant Raphael, who was an ex-friend of Mr. Firsht. The court then went on to find that the material uploaded was defamatory and libelous.
Even though the profile was removed by Facebook within 16 days of it first appearing, Mr. Firsht was awarded £22,000 in damages including aggravated damages.
Mr. Firsht was able to obtain a successful prosecution due to the fact that Mr. Readman had used his own computer; if Mr. Readman had used a computer in an internet café the situation may have been very difficult.
Following on from Sarah's post earlier this year, the Scrabulous application has now been removed from Facebook but only for US and Canadian users of the site. The removal of the application comes after Hasbro, the owner of the rights to "Scrabble" in the US and Canada, commenced legal action for copyright and trade mark infringement. However, Scrabulous is currently still available to UK users of Facebook although perhaps not for much longer as Mattel, the owner of rights to "Scrabble" in the UK, has launched legal action against the developers of Scrabulous.
In response, those behind Scrabulous have released a new version of the game called "Wordscrapper" although it remains to be seen whether this will put an end to the disputes surrounding the game. Scrabulous has been hugely popular with Facebook users and fans have embraced "Wordscrapper" whilst shunning online versions of the Scrabble game by Mattel and Hasbro and even calling for boycotts of Hasbro products. This is sure to annoy Mattel and Hasbro and it will be interesting to see what happens next.
Nominet's new Dispute Resolution Policy and Procedure come into force today. A summary of the changes is available here.
The most significant change is the introdution of a new "summary decision" option. If the domain name owner does not respond to the complaint, the complainant can opt (for £200 plus VAT) to have an expert's decision on the key issues of whether the complainant has rights in the domain name and whether there has been an abusive registration. If the expert finds in favour of the complainant, the domain name is transferred.
What you don't get for your money is the full, reasoned decision of the expert - but presumably most aggrieved complainants would be happy with just the transfer.
This new procedure seems to me to be a great idea. Savvy cybersquatters have been all too aware of the higher cost of the full expert decision (£750 plus VAT) and choose to "offer" their domain names for sale for a slightly cheaper sum. And in many cases this is successful and genuine rights holders pay up, because it still costs less than going down the official route. Hopefully this new procedure will help to alleviate this.
Of course, unscrupulous individuals will no doubt seek to capitalise on the new procedure where possible and this has led to concerns of reverse domain name hijacking - where someone issues a complaint, counts on the domain name holder failing to reply and then effectively "buys" the domain name for the £200 fee. I am not wholly convinced of this - the hijacker would still need to pay out to get the name, which seems counter-intuitive when there are so many freely available names out there. However, the message for genuine domain name holders is to ensure your contact details are kept up to date with Nominet and make sure you deal promptly with any complaints.
Skype have finally reneged on their ongoing challenge to the validity of the GPL2 open source software licence.
Skype had used open source software (Linux) licensed under the GPL2 in Skype-phones, but didn't comply with the requirement to supply the source code of the software with the phone. GPL compliance enforcer extraordinaire Harald Welte brought a case against Skype before the German Courts, who deemed this a breach of the GPL2 licence terms in August 2007. Skype initially decided to appeal against this decision.
Commenting on the issue of GPL2’s requirement to make source codes available, in possibly one of the more esoteric analyses of open source software terms, one of the judges stated:
“If a publisher wants to publish a book of an author that wants his book only to be published in a green envelope, then that might seem odd to you, but still you will have to do it as long as you want to publish the book and have no other agreement in place.”
This seems to me to imply that open source software licensing is really weird (at least to a German judge), but that an open source software licensee must still comply with the terms of the licence. Which is probably correct, albeit using a rather strange example.
Skype’s decision to withdraw from the Appeal (as opposed to being ruled against) sadly leaves us with no definitive legal decision to add any clarity (although we still have the first instance decision). It does, however, indicate that, at least in Germany, GPL licence terms are taken seriously.
How much sweeter is a perfume when it is supplied by a selected distributor? Dior, Guerlain, Kenzo and Givenchy have clearly placed their marker in the French eBay case (in the perfume claims), where they have apparently succeeded in having eBay fined for permitting the auction of genuine branded products, because they were not being supplied through the appropriate distribution channels established by Dior, Guerlain, Kenzo and Givenchy for (as well as for counterfeit products in the handbag claims, discussed in my earlier post). Of course, if the brand holders are right that no branded products for which there is an established exclusive or selective distribution network can be supplied through eBay, it could also solve the problem of counterfeit sales at a stroke, at least where the brand name is mentioned. Establish a network and eBay can exclude all such products from its auctions.
However, this does, as ipKat notes, seem to raise some rather odd questions. Where did these products originate from in the first place? If they were on the market in the EU, then the brand owners rights should have been exhausted. And presumably they were being supplied by the brand owners or distributors within the brand owners' network. If so isn't there some breakdown in this network- unless network members are supplying large enough quantities for these to be resold on eBay, in which case the brand owner has already been paid? Shouldn't the brand owners take action against them? Or more profoundly, do we seriously think that selective distribution networks are justified for something like perfumes and many other branded goods, other than as a means for maintaining high prices? I can't remember when I have been helped by a store assistant in buying a perfume.
Do the French eBay decision and the US Google decision mark a real turning point in the very long legal honey moon for internet businesses? The early years of the internet were often described as a Wild West where laws did not apply. Of course, only partly true. Often too many laws applied; but few were applied. And an environment thrived which has created not just large and successful businesses, but new business models which now underpin the modern economy.
However, while politicians and legislatures have recognised the value of such an economy, and provided harmonisation and light touch regulation, established businesses have seen their business models undermined, frustrated at the impotence of existing rights and enforcement regimes to provide meaningful protection. Now perhaps the tide is turning. Despite the electronic commerce directive (which is intended to provide freedom for ISPs from regulation) a French Court has fined eBay (in the handbag claims) for failing to take adequate action to remove counterfeit handbags from auction sale.
The Directive is intended (amongst other things) to ensure that ISP hosts do not have burdens placed on them to keep track of what is going on and prevent it. If a host is notified of an alleged infringement it should take suitable steps to remove it; but shouldn't that mean just to stop that (specific) act of alleged infringement, not any other ones which are like it? If a take-down notice can properly apply to a range of potential infringements other than the specific one identified then effectively the host has a monitoring requirement imposed on it, which is not permitted under the Directive; on the other hand, if it only applies to the individual identified act of infringement then a rights holder has a monumental task to police possible infringements.
There has always been a concern that if a host does more than just host - eg provides some monitoring - that it may find that it is no longer protected under the Directive. It is unclear whether eBay has ironically fallen foul of this in its attempt to provide rights holders, through its VeRo programme, with tools to assist them identifying potential infringement, or perhaps with its other restrictions such as control over who may auction trade mark goods, and the types of auction they may enter. Or is this, a French judge being persuaded to protect a French institution - the fashion industry - just evidence of the Establishment rallying its forces more effectively against e-Commerce? If not a change in sentiment within the French court system - one could be forgiven for not being very surprised that a French court has decided this way - perhaps an astute choice of forum to make the point.
Even so, there are strong signs that political pressure, even if not public sentiment, is everywhere shifting towards much more rigorous protection of intellectual property rights, and even perhaps a trace of an idea that the incumbent e-commerce service providers would not be too unhappy with some shift now that they are incumbent. Either way there are clearly some very interesting battles to be fought out here because the interests of a very free and open market which lowers the costs of intermediaries (the cost of "doing the deal") is very much in tension with the fact that making it easy to do the deal makes it easier to do the illegal deal. Some changes will undoubtedly be on the way, but let us hope that they are not ones which stifle innovative new businesses.
I was chatting to a friendly journalist this week and realised that we'd hit another milestone in the history of Naked Law: now we are three years old (as of Sunday just gone). This made me look back at my previous posts about our first and second birthdays.
There have been no revolutions at Naked Law in the past three years, though there have been some evolutionary changes along the way (notably when we changed the layout and adopted Barbara's new logo, of which we remain very proud). We're glad to have survived the inevitable ups and downs that most bloggers experience, particularly when the team has been rather (understandably) preoccupied with fee-earning work. And we are planning to keep going too - there is still plenty to talk about on the themes we have chosen.
As always, we welcome any comments and feedback that our readers and subscribers may have about the future of Naked Law. Thanks to you all for coming back for more.
Privacy and data protection appears to be the topic of the moment, with many new cases being reported on, and publicity surrounding data protection breaches. We have mentioned a number of these cases on our blog over the past few weeks.
The BBC has reported last week on some complaints being made about the positioning of Google's privacy policy. Prompted by this, I wanted to see just how accessible Google have made their policy. I discovered that at the bottom of the i-Google home page there is a link to the policy: however the page reached from clicking on that link is not actually the policy but a 'privacy notice' which then links to a 'privacy policy' with a further one or two clicks depending on the link selected.
The complaints about Google's site have been made in the US, and in the context of compliance with the online privacy protection act 2003 applicable in California. Not being a US lawyer, I am not going to comment on whether Google comply or not in this case. But I thought a brief mention about privacy policies and why they are so important to include on websites might be useful to readers.
Anyone who runs a website needs to be aware of the legal requirements surrounding the use of personal data, as these not only come into play where the site actually asks users to enter personal information about themselves. Even the use of cookies to track on-line movements of users of the website, and other data obtained about traffic using the site including location data, and browsing activities, could amount to what's known as 'processing of personal data'. Under UK law, users of any website should be informed if their personal data is going to be 'processed', and how the information obtained about them will be used and stored. The best way of notifying users is by including an easily accessible privacy policy on your site, with clear and obvious links to it from your home page. The privacy groups in the US were complaining that Google had not got this right under US law.
Under UK law, website owners must also be careful to be data protection compliant with what they do with the data, and consent is required to be obtained from individuals before certain types of processing can be undertaken (for example use for direct marketing by email, disclosure to third parties) of personal data. It is important to note that inclusion of a privacy policy of itself if not sufficient to ensure compliance with the Data Protection Act 1988.
