MAIN PAGE
MISSION
BACKGROUND
ETHICAL DISCUSSION
LEGAL DISCUSSION
GUIDANCE
LINKS
About us
Presentation
| |
LEGAL DISCUSSION
Pop-up ads are certainly a nuisance - but are they illegal? The answer is
subtler than a simple yes or no.
Copyright
Trademark
FTC
Suggestions for Future Policy
Copyright
Richard H. Stern, in his Micro Law
column of the IEEE Micro newsletter, deals
with the legality of pop-up ads in detail. One way a pop-ad might be considered
to be illegal is if it violates Section 106 of the Copyright Act, which
prohibits the unauthorized preparation of derivative works. A derivative work is
a copy of an original work, with a slight alteration. A famous example of an
unauthorized derivative work is a depiction of Mona Lisa with a goatee and
moustache, which caused an uproar in France.
Does the addition of a pop-up ad on top of a website constitute the unauthorized
preparation of a derivative work? Stern argues that it probably does. One reason
is that pop-ads are often unauthorized by the creator of the original website.
For instance, companies such as Gator and WhenU have made a business out of
contracting with a particular company, such as Amazon, and displaying a pop-up
ad for that company when an Internet user visits a competitor’s site, such as
Barnes & Noble. In this case, Barnes & Noble has not authorized its website to
be modified by layering a pop-up window on top of it. (Challenging search
engines and pop-ups under copyright law - part 3)
To be considered a derivative work, the new work must have some element of
originality. The change cannot be so small as to be considered trivial. Stern
argues that the originality requirement is not an issue because the pop-up
window is so similar to the website that it covers. The change is not trivial
because it drastically changes the way in which the original website is
presented; a pop-up window can block a significant portion of a website.
Furthermore, Section 106 of the Copyright Act is unique in that it prohibits the
preparation of a derivative work. This means that, before the derivative work is
even physically copied or distributed, it could be in violation of Section 106.
This is particularly applicable in regard to pop-up ads: Even though a pop-up ad
is fleeting, and can be closed by the user almost immediately after it appears
on screen, this slight moment of modification is enough to meet the preparation
criteria of Section 106. (Challenging search engines and pop-ups under copyright
law - part 3)
Even an unauthorized derivative work may get out of any copyright infringement
liability if it falls under the umbrella of fair use. Stern references an
example of this scenario with the case of Kelly v. Arriba Soft. Arriba Soft had
designed an image search engine used thumbnails - small versions of images - to
allow users to quickly browse through the search results. The plaintiff, Les
Kelly, objected to this practice because he thought the thumbnail images
displayed his photographs out of their original context. However, the court
ruled that the thumbnails were fair use because they provided users with a
useful function that Arriba Soft could not accomplish without them. Certainly,
text-based image search results would be considerably less useful.
The question then becomes: Does a pop-up ad, even if an unauthorized derivative
work, fall under fair use? Stern specifies two criteria to determine whether a
derivative work should be acceptable. First, does it intercept the flow of
commerce that would otherwise go to the original work? An affirmative here would
hurt the work’s case for acceptability. Second, does it provide a useful
function for public use? If so, this would help to redeem the work. A pop-up ad
certainly meets the first criteria because it is specifically designed to divert
trade. The second criteria is less clear. A pop-up ad is useful in that it
provides the user with an ad of interest, presumably an alternative product or
service to the one that he or she is seeking by visiting the original website.
However, in so doing it provides a barrier to the original point of interest.
The net utility is questionable at best. (Challenging search engines and pop-ups
under copyright law - part 3)
Despite Stern’s argument, court rulings on this issue have not found pop-up ads
to be liable. One reason given by the court is that, if an unauthorized work
were indeed created by the addition of a pop-up ad, the individual Internet user
would have to be considered the primary violator for triggering the pop-up ad to
appear on their screen. Companies like WhenU would merely be secondary
contributors to the violation. The courts found it unconscionable to expose
thousands of Internet users to potential infringement liability simply by
manipulating the display of a website in any number of ways, pop-up ads
included.
Stern’s response is that not all manipulations by the user are equal, and that
the court should not judge them as such. While moving a second browser window
over the first may be considered a benign act, this does not mean that a pop-up
ad should also be considered fair use.
Trademark
If a copyright violation cannot be established, a pop-up ad may be considered to
be illegal if it violates a trademark. An
article in the Technology Law Bulletin
looks at the same cases against WhenU that Richard H. Stern did in his column,
but from a trademark perspective. Three companies, U-Haul, 1-800 CONTACTS, and
Wells Fargo, brought trademark infringement claims against WhenU in three
different courts.
The companies claimed that WhenU’s database of trademarked names constituted
trademark infringement. WhenU’s pop-up ad generating software, SaveNow, monitors
an Internet user’s activity by checking each URL visited against a database of
some 40,000 URLs and keywords contained in WhenU’s database. This is how SaveNow
determines, as in the previous example, to display an Amazon pop-up ad if the
user is looking at the Barnes & Noble website. U-Haul argued that this practice
violates trademark law because it could cause customer confusion, in which a
user might think that the pop-up ad was generated by the original website being
viewed. Users might think, for instance, that Barnes & Noble encouraged its
customers to visit Amazon. (Pop-up Ads, Trademark Law and the Meaning of “Use”)
The courts hearing this argument focused their deliberations on what it means to
use a trademark. In non-Internet related cases, a trademark is used when it is
placed on the packaging or labels of products. In this case, the trademarked
name, Barnes & Noble for example, is used only in a database that is never
actually seen by the Internet user. WhenU argued that since its software only
used the trademarked names in its proprietary database to trigger a pop-up ad,
this did not qualify as “use” under trademark law. (Pop-up Ads, Trademark Law and the Meaning of “Use”)
WhenU’s argument won over the court in two of the three cases brought against
it, those heard in Virginia and Michigan. However, a judge in New York hearing
the case brought by 1-800-CONTACTS found WhenU to be in violation. The judge
ruled that including a trademarked name, “www.1800contacts.com” in a database,
as well as triggering a pop-up ad, did in fact qualify as illegal use under
trademark law. (Pop-up Ads, Trademark Law and the Meaning of “Use”)
Advancements in computers, the Internet, and technology in general are moving at
a breakneck pace, often leaving the judicial system in uncharted waters. In the
case of pop-up ads, the precedents that have informed decisions regarding
copyright law and trademark law in the past do not necessarily hold when it
comes to Internet related cases. Should we hold a company that places a pop-up
ad on top of a browser window liable for copyright infringement, when users can
easily make such modifications themselves? Can a trademark be used illegally if
the user never sees the “use” in question? These are some of the questions that
the legal system is currently grappling with, and the outcome is far from clear.
FTC
Online advertising in the United States falls under the purview of the U.S.
Federal Trade Commission (FTC). Even though, as we have seen, the legality of
pop-up ads has not been unequivocally determined, in many instances the FTC has
found the tactics used by various programs to display these pop-up ads to be
violation of fair advertising practices.
The FTC has a large task on its hands in regulating Internet advertising. In
certain respects, the Internet is all other media forms combined: television,
radio, and print media. The FTC has adapted its consumer protection rules and
guidelines to apply to Internet commerce ad specified how such terms as
“written,” “printed,” or “direct mail” are adaptable to electronic media.
Details of these rules and guidelines explained in the FTC‘s guide for
businesses, Dot Com Disclosures.
We will not delve into these details here, but the fundamentals are simply
stated in the report resulting from the FTC‘s workshop on Spyware. Section 5 of
the FTC Act gives the agency authority to challenge practices that are
“deceptive” or “unfair.” An unfair practice is one that causes or is likely to
cause substantial injury to consumers without being outweighed by any
significant benefits to consumers. The injury must not have been reasonably
avoidable. A deception is defined as a representation, omission, or practice
that is likely to mislead consumers to their detriment who are acting reasonably
under the circumstances.
Despite the abstractness of these principles, the FTC has applied them in over
100 law enforcement actions since 1994 to stop fraud and deception online. One
example is the case against a company created by two college students called D
Squared. The company took advantage of the Windows Messenger Service that is
built into Microsoft Windows - which usually provides messages about print jobs
or system shut downs - to bombard users with pop-up ads that advertised D Squared’s own pop-up blocking software. According to the FTC, the ads appeared
as frequently as every 10 minutes for as long as the users were connected to the
Internet, causing some computers to lose productivity, freeze, or crash. In its
settlement with the FTC in 2004, D Squared was banned from sending pop-up ads
through Windows Messenger Service or marketing its pop-up blocking software.
Microsoft subsequently took action to prevent its Messenger service from being
exploited by advertisements.
D Squared exploited a loophole in software pre-installed with Windows. Also
objectionable, in the FTC’s judgment, is separate adware software that comes
bundled with other software products. Advertising.com settled with the FTC in
2005 over charges that it failed to disclose that adware had been included in an
offer for free security software called SpyBlast. Advertising.com had
distributed ads that a user’s IP address was at risk from hackers. Users who
clicked on this ad received an Active X installation box for SpyBlast that
failed to disclose that installing SpyBlast would also install adware. The
adware collected information about users, such as the URLs of webpages visited,
and then sent them pop-up ads according to browsing habits. According the FTC‘s
report, since knowing about the presence of adware would be material to
consumers deciding whether to install SpyBlast, the failure to disclose this
information was deceptive. The settlement prevented Advertising.com from making
any claims about the efficacy of SpyBlast without also stating that those
installing the program will receive advertisements.
A final example demonstrates how adware can be both deceptive and unfair
according to FTC standards. The FTC’s 2006
case against Zango included
complaints that the company had used third parties to install its adware
software on consumers’ computers without their knowledge. For example,
downloading free content such as screensavers or games would also install
Zango’s adware without disclosing this information, which the FTS found to be
deceptive. The adware would track the consumers’ Internet use and display pop-up
ads accordingly. Furthermore, the FTC complained that Zango deliberately made it
difficult to identify, locate, and remove the adware once it was installed. For
instance, the adware files had names resembling core system files and provided
uninstall software would fail to remove the adware. The FTC found these
practices to be unfair. The settlement barred downloads of adware without user
consent, required Zango to provide a way to remove it, and demanded a $3 million
fine for ill-gotten gains.
Suggestions for Future Policy
In the most malicious cases, the law is clear: The Computer Fraud and Abuse Act
of 1984 gives the Department of Justice the authority to prosecute the
unauthorized acquisition of data from a protected computer that results in
damage. For example, the Department of Justice has pursued individuals who use
keyloggers - programs that record a user’s keystrokes - to obtain passwords,
credit card numbers, and other private information. (Spyware Workshop)
Of course, in the case of less blatantly egregious practices like intrusive
pop-up ads, the ethical standards - and likewise the laws and regulations
governing such practices - become less clear cut. As we’ve seen, pop-up ads
themselves may not be considered illegal, but often the way in which they are
generated is in violation of FTC standards. Up to this point, the FTC takes
action on a case-by-case basis after complaints surface regarding a particular
questionable practice. While the FTC has pursued 14 such cases, surely some
perpetrators have gotten by. Clearly, with this number of cases, the FTC’s
guidelines themselves do not constitute an adequate deterrent.
For these reasons, federal legislation is needed to regulate spyware, adware,
and similar programs that generate pop-up ads and other forms of intrusive
advertising. The anti-spyware bill recently approved by the U.S. House of
Representatives is a step in the right direction. The legislation would require
that consumers be clearly notified and their consent granted before programs can
be installed on a computer. This bill has more teeth than another recently
passed by the House, which imposes new penalties on fraudulent uses of spyware,
but no new regulations. The U.S. Senate has yet to take up the issue, and
previous attempts in the past at anti-spyware regulation have failed to make it
into law. (Tougher anti-spyware legislation gets US approval)
While certain U.S. states such as California and Utah have passed anti-spyware
legislation, this is inadequate given the global nature of the Internet. (Spyware
Workshop)
The European Union has the authority to regulate commerce over much of the
European continent, and therefore plays an important role in establishing a
global policy against intrusive advertising. The European Commission, under its
e-Privacy Directive and the General Data Protection Directive, has given
national authorities the power to act against unlawful access to computer
equipment, including adware and spyware programs. A
report late last year from
the European Commission stressed a need to improve cooperation across member
states and thus leverage the technical expertise of different agencies.
The European Commission has placed a particularly strong emphasis on combating
spam. The reason is loss of productivity: The report estimates that the
worldwide cost of spam in 2005 was 39 billion Euro. While the report does not
estimate the productivity lost to intrusive forms of advertising such as pop-up
ads, it is reasonable to expect that it would be significant as well. We would
encourage the European Commission to include this consideration in its efforts
to protect productivity. In its report, the Commission states that it plans to
introduce legislative proposals in 2007 to strengthen rules in the areas of
privacy and security in the communications sector - topics that certainly could
cover spyware and pop-up ad concerns. (On Fighting spam, spyware, and malicious
software)
A U.S. federal law would give consumers more complete protection against
unwanted intrusions, and another tool with which to fight them off. Industry
self-regulation and software solutions such as pop-up blockers and spyware
scanners are useful and necessary, but not sufficient protection. Individuals
should not be left to fend for themselves, nor should the industry be trusted to
take care of the problem. Furthermore, individual Internet users, like any
distributed demographic, should not be expected to come together on their own to
organize and express their grievances against intrusive and damaging advertising
practices. Rather, this is the task of government. A law would show, with one
voice, that the people do not accept such practices. More importantly, it would
establish a set of baseline standards that by which all Internet-based
advertising must abide, whether it be pop-up ads or any other future form of
advertising.
An important component to future strategies for dealing with pop-up ads and
other forms of intrusive advertising is close coordination between government
and industry. In general, the legislative and judicial systems face great
challenges when dealing with technology-related issues, simply because so much
of the technology itself is new. If informed action is to be taken by
governments, the judges and legislators must receive guidance from the people
who know the technology best - those who develop it. For example, Microsoft
filed an affidavit in the FTC case against Seismic Entertainment explaining how
a security vulnerability in its Internet Explorer was being exploited to
distribute software. Such cooperation should be encouraged in the future. (Spyware
Workshop)
Policies aimed at combating intrusive Internet advertising must include consumer
education. One of the panelists on the FTC’s spyware workshop claimed that half
of the world’s computers do not have even basic protection against virus
attacks, despite years of consumer education about viruses. Clearly, more work
needs to be done by industry and the government to communicate computing risks
to the public.
While regulations should be enforced to ensure software developers make it clear
to users when their programs are about to be installed, it is also up to the
consumer to know what they are installing. Consumer education could help users
determine which websites to trust and to make informed decisions when installing
programs. Finally, if consumers know what to look for when it comes to spyware
and adware, the task of identifying and prosecuting those that violate
government standards will be all the more successful.
|