Menu Bar
Netlitigation
Topics
Brought to you by Netlitigation.Com


Privacy:

Overview
Cases
Background Notes
Security

Overview

The wellspring of the Internet's power is access to information and ease of communicating it. Since the right of privacy concerns the proper limits on distribution of personal information, the potential for Internet-related conflicts over privacy abounds. Beginning with the Bill of Rights, in particular the Fourth Amendment's right to keep papers and be free of searches without warrants, American law has provided more explicit and extensive protection against government intrusion than it has against intrusion by fellow citizens or corporations. A classic description of the right of privacy is that it is the right to be left alone. All of the cases which follow deal with questions about challenges to that sense of integrity.

For a more detailed discussion of this topic see our Background Notes.

up

Cases

In the Matter of GeoCities, Federal Trade Commission Docket Number C-3850

Shortly after issuing its initial report on web site privacy practices to Congress and proposing legislation regulating how information is collected from children on-line, the FTC served a draft complaint against GeoCities, alleging that, by misrepresenting how personal identifying information was collected from consumers and how it was used, GeoCities had committed unfair or deceptive trade practices. The FTC then reached a settlement of this initial enforcement action concerning Internet privacy protection, with GeoCities not admitting the violations alleged. The FTC's final Decision and Order was issued on February 5, 1999.

For further information about this case see our in-depth analysis.

up

McVeigh v. Cohen,, 983 F.Supp. 215 (D.D.C. 1998)

In this case, a federal court enjoined proceedings by the United States Navy to discharge a Naval Officer for violating the "Donít Ask, Donít Tell" policy. The proceedings were based on information the Navy obtained from AOL in violation of the Electronic Communications Privacy Act. The court effectively suppressed this evidence and also suggested that the Navyís initiation of its investigation based on statements appearing on the Internet and attributed to the officer was not appropriate. According to the court, such statements were of limited value because the Internetís "virtual" nature invites fantasy and affords anonymity.

For further information about this case see our in-depth analysis.

up

Liu v. DeFelice, 1998 WL 404 935 (D. Mass.)

Although the courtís decision in this case concerns the issue of personal jurisdiction, a subject discussed in greater detail elsewhere, the basis of the invasion of privacy claim is worth noting here. In this case, the finding of jurisdiction, and, indeed, the substantive basis for the invasion of privacy claim raised was the New York defendantís unauthorized accessing of credit information of a Massachusetts resident, through an on-line request to a New York credit agency.

For further information about this case see our in-depth analysis.

up

Zeran v. America Online, 129 F.3d. 327 (4th Cir. 1997)

Although the Zeran case is significant for its interpretation of the Communications Decency Act, the underlying facts illustrate the potential for mischief which the Internet presents. A prankster who was never apprehended posted phony advertisements on the Internet for t-shirts and other memorabilia, in extremely bad taste, commemorating the Oklahoma federal office bombing. The advertisements were falsely attributed by the poster to Kenneth Zeran, who instantly became a demon in the eyes of the public.

up

Jessup-Morgan v. America Online, Inc., 1998 W.L. 65258 (E.D. Mich.)

This case demonstrates that even claims based on a fundamental right such as the right to privacy must have some rational basis. The plaintiff in this action filed suit claiming, in part, that AOL had violated her right to privacy by identifying her, in response to a subpoena, as the account owner of an AOL account from which sexually suggestive messages had been posted and which included the telephone number of the plaintiffís husbandís ex-wife. The court summarily dismissed the case.

For further information about this case see our in-depth analysis.

up

Bret Michaels, plaintiff, and Pamela Anderson Lee, Intervenor, v. Internet Entertainment Group, Inc. et als,, U.S. D. C. Central Dist. Calif. No. CV 98-0583 DDP

In this case, Brett Michaels, Pamela Anderson Leeís ex-boyfriend and lead singer of the band "Poison," sued Internet Entertainment Group (IEG) to preclude IEG from publishing and offering for sale on its web site a sexually explicit video tape of Mr. Michaels and Ms. Anderson Lee that IEG had obtained from a private investigator. On Michaelís motion, the court enjoined IEG from publishing the tape finding that the content of the tape was not newsworthy and that the private facts depicted on the tape had not been public by virtue of Anderson Leeís acting or by dissemination of the Tommy Lee/Pamela Anderson Lee videotape which was the subject of an earlier lawsuit involving Ms. Anderson Lee and IEG.

For further information about this case see our in-depth analysis.

up

Raytheon, Inc. v. John Does, 1-21,Commonwealth of Massachusetts, Middlesex Superior Court, Civil Action Number 99-0816.

On February 1, 1999, Raytheon filed suit against 21 employees it alleges posted or discussed confidential corporate information on a Yahoo! message board, in violation of their employment contracts and Raytheon's published employment policy, and by claiming in addition that this conduct constituted misappropriation of Raytheon's trade secrets. To identify the "John Does," Raytheon sought and received a court order allowing its counsel to take out-of-state discovery from Yahoo, AOL, Earthlink and various other ISPs, seeking documents and information identifying the 21. Yahoo, after being served with a subpoena identified the posters. In May, 1999, Raytheon dismissed the action, after several of the posters resigned.

For further information about this case see our in-depth analysis or read the complaint.

up

Shoney's, Inc. v. John Does 1-3, State of Tennessee, Davidson County Court of Chancery.

In this case, Nashville-based restaurant chain, Shoney's, Inc., sued three individuals who posted messages on the Yahoo Finance message board suggesting that the company was on the verge of bankruptcy and would be closing a number of its restaurants. The messages were posted anonymously, although some were allegedly "signed" by Shoney's CEO. Along with its complaint, Shoney's filed papers seeking to obtain the names of the posting individuals from Yahoo. Since this case, unlike the Raytheon case, apparently does not include a claim based on breach of employment contract, if the information posted is true, the first amendment right to free speech may indeed be at issue.

up

Wade Cook Financial Corp v. John Does 1-10, United States District Court for the District of Washington State.

In March, 1999, Wade Cook Financial Corporation, the controversial Seattle-based financial seminar company, sued 10 unknown Yahoo message board users for posts that allegedly defame the firm and its CEO, Wade Cook. The plaintiff has indicated that like Shoney's and Raytheon, it intends to obtain a court order compelling Yahoo to identify the individuals responsible for the posts.

up

Itex Corp. v. John Does 1-100

In September, 1998, the "barter exchange" site, Itex filed an action against some 100 Yahoo BBS authors for allegedly posting false and defamatory statements about Itex's management, including referring to Itex's management as "blind, stupid, and incompetent." In response to a court order, Yahoo provided Itex with the authors' email addresses it had on file. At the time, Yahoo's policies did not include verification of accurate email addresses for its visitors, including its chat room users. Relying on that information to obtain court orders against various ISPs, Itex eventually identified 5 of the "John Does." In part as a result of this lawsuit, Yahoo changed its policy and it now attempts to authenticate the email addresses given by visitors.


Security: ISO 17799, BS7799

Of course, prevention is always better than cure. With this in mind, perhaps the following privacy and security resources may be of interest:

BS7799, ISO 17799
This is the international information security standard. BS7799 / ISO 17799 Central is an established start point for information.

Computer Forensics
Computer forensics is the science of analysis and assessment with respect to computers, in an investigative scenario. This resource serves as a good introduction.

BS7799
Network and computer security portal aligned with BS7799 and ISO 17799. .

up

Copyright SRBC 1998 up