JOLT Digest

By Geng Chen

DOJ Defends Expansive Interpretation of Computer Fraud and Abuse Act

NPR reports that Richard Downing, deputy chief of the Computer Crime and Intellectual Property Section at the Department of Justice, testified before a House Judiciary subcommittee on the DOJ’s proposal to broaden its reading of the Computer Fraud and Abuse Act (“CFAA”). An advance copy of Downing’s written statement, obtained by CNET, advocated for criminal prosecutions based on violations of Web sites’ “terms of service” policies or any “similar contractual agreement with an employer or provider.” As reported by the WSJ, at the hearing, Professor Orin Kerr of George Washington Law School criticized the vague and broad statutory language of the CFAA that would permit such prosecutions and expressed concern that the DOJ’s new interpretation would criminalize routine violations such as lying about one’s physical attributes on Internet dating sites. Though Downing verbally reassured lawmakers that these were “unsubstantiated fears”, given the government’s limited time and resources, he did not repudiate the government’s authority to pursue such cases.

Rambus Loses Antitrust Case Against Micron and Hynix

The Washington Post reports that after five months of deliberations, a California jury has found against Rambus in its antitrust case against Micron and Hynix for conspiracy to fix memory chip prices and interference with its business relationship with Intel. As reported by Bloomberg, though Intel initially collaborated with Rambus to implement its proprietary RDRAM technology, Rambus alleged that Micron and Hynix conspired to artificially raise prices of chips incorporating RDRAM and drove Intel away from adopting RDRAM as an industry standard. A Reuters article, relying on an anonymous source within the jury, indicates that the jury was not convinced that a lone Micron email adequately proved conspiracy and was swayed by the testimony of a former Intel executive that described the souring of the Rambus-Intel relationship as unrelated to pricing. Rambus is considering an appeal, based on grounds that the judge disallowed from evidence certain facts from a Department of Justice price-fixing investigation in 2005.

PhoneDog Sues Former Employee for His Twitter Account

Ars Technica reports developments in the case of a former employee of PhoneDog, an “interactive mobile news and reviews web resource,” who was sued for misappropriation of trade secrets, interference with economic advantage, and conversion over his Twitter account. Noah Kravitz amassed 17,000 followers as “@PhoneDog_Noah” but changed his handle to “@noahkravitz” after leaving the company. The trial judge dismissed PhoneDog’s interference claim but allowed the trade secrets and conversion claims to go forward. According to Forbes, Kravitz says that his employer never asked him to create the account and that he always used it for personal as well as business purposes. The damages of $2.50 per follower claimed by PhoneDog may be complicated by the additional 4,000 followers that Kravitz has accumulated since his resignation. An official statement by PhoneDog, as reported by Computerworld, argues that the company’s Twitter account naming convention establishes company ownership of the account, but does not mention any implied or express contract with Kravitz specifically regarding this particular account.

Sixth Circuit Rules that High-Volume Phone and Email Campaign Violates Computer Fraud and Abuse Act

By Michael Hoven – Edited by Abby Lauer

Pulte Homes, Inc. v. Laborers’ Int’l Union of N. Am., Nos. 09-2245; 10-1673 (6th Cir. Aug. 2, 2011)
Slip opinion

The Sixth Circuit affirmed in part and reversed in part the United States District Court for the Eastern District of Michigan, which had granted the Laborers’ International Union of North America’s (“LIUNA”) motion to dismiss Pulte Homes’ claim that LIUNA had violated the Computer Fraud and Abuse Act (“CFAA”) by carrying out a phone and email campaign against Pulte. The district court held that Pulte failed to show that LIUNA intentionally caused damage to Pulte’s phone and email systems.

The Sixth Circuit held that Pulte had successfully stated a “transmission” claim under the CFAA but agreed with the district court that it had not stated an “access” claim. The Sixth Circuit concluded that Pulte alleged sufficient facts to state a transmission claim, which requires showing that the defendant intentionally caused damage. The court reasoned that LIUNA’s phone and email bombardment had caused damage to Pulte’s computer system by diminishing Pulte’s ability to send and receive calls and emails. Such damage was also intentional, the court found, because LIUNA likely knew it was causing damage even if it acted without actual knowledge of the consequences of its phone and email barrage. The Sixth Circuit agreed with the lower court that Pulte failed to state an access claim but articulated different reasoning, holding that LIUNA’s actions were not “without authorization” because Pulte allowed members of the public to contact its offices and executives by phone or email. In so holding, the court adopted a “diminished-ability” standard for assessing damage, which may broaden liability under the CFAA.

The Computer Fraud/Data Protection blog provides an overview of the case. Techdirt criticizes the decision for expanding the CFAA beyond its original purpose of combating computer hacking to cover emails sent as part of a labor protest. The Technology & Marketing Law Blog questions whether Pulte had suffered significant damage and whether the allegations were sufficient to demonstrate intent on the part of LIUNA. (more…)

Sony Settles Lawsuit with PlayStation 3 Hacker
By Vivian Tao – Edited by Chinh Vo

Sony Computer Entm’t Am. v. Hotz, No. CV11-0167 (N.D. Cal. Apr. 11, 2011)
Final Judgment hosted by Electronic Frontier Foundation

On April 11, 2011, the United States District Court for the Northern District of California entered a final judgment for plaintiff Sony Computer Entertainment America (“Sony”), granting Sony a permanent injunction against defendant George Hotz. The injunction prevents Hotz, a notorious hacker, from engaging in any unauthorized access to Sony products, circumventing security measures in those products, or trafficking and posting any information, service, or product that would lead to such circumvention.

While a motion to dismiss regarding Hotz’s claim over lack of personal jurisdiction is pending, this final judgment comes on the heels of a March 31 settlement agreement between Sony and Hotz. Both parties have agreed to accept this judgment and to waive their rights to appeal.

Ars Technica provides an overview of the case. PC World criticizes the judgment, stating that the injunction’s effect will be constrained by other sites that have already listed and can continue to include information from Hotz’s hacking efforts.

(more…)

Conviction in Lori Drew MySpace Case Thrown Out

By Vera Ranieri – Edited by Amanda Rice
United States v. Drew, No. CR 08-0582-GW (C.D. Cal. Aug. 28, 2009)
Opinion

On August 28, 2009, Judge Wu of the Central District of California released a written opinion outlining his reasons for granting Lori Drew’s FRCP 29(c) motion for a post-verdict acquittal, a decision he had initially announced in early July. Judge Wu’s decision overturned the jury’s conviction of Lori Drew for violating the Computer Fraud and Abuse Act (“CFAA”) by breaching the MySpace Terms of Service (“ToS”).

Ars Technica and Wired summarize the case. Eric Goldman provides a thoughtful analysis of the case, characterizing it as “a good jurisprudential development” while criticizing its lack of clarity. (more…)