.

By Richard Stobbe

A seemingly simple dispute lands on the desk of a judge in Vancouver, BC. By analogy, it could be described like this:

• A Canadian purchased 530 units of foreign currency #1 from a Singapore-based currency trader.
• By mistake, the currency trader transferred 530 units of currency #2 to the account of the Canadian.
• It turns out that 530 units of currency #1 are worth $780.
• You guessed it, 530 units of currency #2 are worth $495,000.
• Whoops.
• The Singaporean currency trader immediately contacts the Canadian and asks that the currency be returned, to correct the mistake.

Seems simple, right? The Canadian is only entitled to keep the currency worth $780, and he should be ordered to return the balance.

Now, let’s complicate matters somewhat. The recent decision in Copytrack Pte Ltd. v Wall, 2018 BCSC 1709 (CanLII), one of the early decisions dealing directly with blockchain rights, addresses this scenario but with a few twists:

Copytrack is a Singapore-based company which has established a service to allow copyright owners, such as photographers, to enforce their copyrights internationally. Copyright owners do this by registering their images with Copytrack, and then deploying software to detect instances of online infringement. When infringement is detected, the copyright owner extracts a payment from the infringer, and Copytrack earns a fee.  This copyright enforcement business is not new. However, riding the wave of interest in blockchain and smart contracts, Copytrack has launched a new blockchain-based copyright registry coupled with a set of cryptocurrency tokens, to permit the tracking of copyrights using a blockchain ledger, and payments using blockchain-based cryptocurrency.  Therefore, instead of traditional fiat currency, like US dollars and Euros, which is underpinned by a highly regulated international financial services industry, this case involves different cryptocurrency tokens.

When Copytrack started selling CPY tokens to support their new system, a Canadian, Mr. Wall, subscribed for 580 CPY tokens at a price of about $780.  Copytrack transferred 580 Ether tokens to his online wallet by mistake, enriching the account with almost half a million dollars worth of cryptocurrency.  Mr. Wall essentially argued that someone hacked into his account and transferred those 530 Ether tokens out of his virtual wallet.  Since he lacked control over those units of cryptocurrency, he was unable to return them to Copytrack.

The argument by Copytrack was based in an old legal principle of conversion – this is the idea that an owner has certain rights in a situation where goods (including funds) are wrongfully disposed of, which has the effect of denying the rightful owner of the benefit of those goods.  With a stretch, the court seemed prepared to apply this legal principle to intangible cryptocurrency tokens, even though the issue was not really argued, legal research was apparently not presented, the proper characterization of cryptocurrency tokens was unclear to the court, the evidentiary record was inadequate, and in the words of the judge the whole thing “is a complex and as of yet undecided question that is not suitable for determination by way of a summary judgment application.”

Nevertheless, the court made an order on this summary judgement application. Perhaps this illustrates how usefully flexible the law can be, when it wants to be. The court ordered “that Copytrack be entitled to trace and recover the 529.8273791 Ether Tokens received by Wall from Copytrack on 15 February 2018 in whatsoever hands those Ether Tokens may currently be held.”

How, exactly, this order will be enforced remains to be seen. It is likely that the resolution of this particular dispute will move out of the courts and into a private settlement, with the result that these issues will remain complex and undecided as far as the court is concerned. A few takeaways from this decision:

1. As with all new technologies, the court requires support and, in some cases, expert evidence, to understand the technical background and place things in context. This case is no different, but the comments from the court suggest something was lacking here: “Nowhere in its submission did Copytrack address the question of whether cryptocurrency, including the Ether Tokens, are in fact goods or the question of if or how cryptocurrency could be subject to claims for conversion and wrongful detention.”
2. It is interesting to note that blockchain-based currencies, such as the CPY and Ether tokens at issue in this case, are susceptible to claims of hacking. “The evidence of what has happened to the Ether Tokens since is somewhat murky”, the court notes dryly. This flies in the face of one of the central claims advanced by blockchain advocates: transactions are stored on an immutable open ledger that tracks every step in a traceable, transparent and irreversible record. If the records are open and immutable, how can there be any confusion about these transfers? How do we reconcile these two seemingly contradictory positions?  The answer is somewhere in the ‘last mile’ between the ledgerized tokens (which sit on a blockchain), and the cryptocurrency exchanges and virtual wallets (using ‘non-blockchain’ user-interface software for the trading and management of various cryptocurrency accounts). It may be infeasible to hack blockchain ledgers, but it’s relatively feasible to hack the exchange or wallet. This remains a vulnerability in existing systems.
3. Lastly, this decision is one of the first in Canada directly addressing the enforcement of rights to ownership of cryptocurrency. Clearly, the law in this area requires further development – even in answering the basic questions of whether cryptocurrency qualifies as an asset covered by the doctrines of conversion and detinue (answer: it probably does). This also illustrates the requirement for traditional dispute resolution mechanisms between international parties, even in disputes involving a smart-contract company such as Copytrack. The fine-print in agreements between industry players will remain important when resolving such disputes in the future.

Seek experienced counsel when confronting cryptocurrency issues, smart contracts and blockchain-based rights.

Calgary – 07:00 MST

.

By Richard Stobbe

At the intersection of this Venn diagram  [ Artificial Intelligence + Copyright + Art ] lies the work of a Paris-based collective.

By means of an AI algorithm, these artists have generated a series of portraits that have caught the attention of the art world, mainly because Christie’s, the auction house,  has agreed to place these works of art on the auction block. Christie’s markets themselves as “the first auction house to offer a work of art created by an algorithm”.  The series of portraits is notionally “signed” (𝒎𝒊𝒏 𝑮 𝒎𝒂𝒙 𝑫 𝔼𝒙 [𝒍𝒐𝒈 𝑫 (𝒙))] + 𝔼𝒛 [𝒍𝒐𝒈(𝟏 − 𝑫(𝑮(𝒛)))]), denoting the algorithm as the author.

We have an AI engine that was programmed to analyze a range of prior works of art and create a new work of art. So where does this leave copyright? Clearly, the computer software that generated the artwork was authored by a human; whereas the final portrait (if it can be called that) was generated by the software.  Can a work created by software enjoy copyright protection?

While Canadian courts have not yet tackled this question, the US Copyright Office in its Compendium of US Copyright Office Practices has made it clear that copyright requires human authorship: “…when a work is created with a computer program, any elements of the work that are generated solely by the program are not registerable…”

This is reminiscent of the famous “Monkey Selfie” case that made headlines a few years ago, where the Copyright Office came to the same conclusion: without a human author, there’s no copyright.

Calgary – 0:700 MST

Photo Credit: Obvious Art

By Richard Stobbe

It’s always exciting when there’s a new decision about an obscure 5-year old subsection of the Copyright Act! Back in 2012, Canada changed its Copyright Act to try and drag it into the 21st century. Among the 2012 changes were provisions to prohibit the circumvention of TPMs. In plain English, this means that breaking digital locks would be a breach of the Copyright Act.

In Nintendo of America Inc. v. King and Go Cyber Shopping (2005) Ltd. the Federal Court reviewed subsections 41 and 41.1 of the Act. In this case, the defendant Go Cyber Shopping was sued for circumvention of the TPMs which protected Nintendo’s well-known handheld video game consoles known as the Nintendo DS and 3DS, and the Wii home video game console.  Specifically, Nintendo’s TPMs were designed to protect the code in Nintendo’s game cards (in the case of DS and 3DS games) and discs (in the case of Wii games).

The defendants were sued for copyright infringement (for the copying of the code and data files in the game cards and discs) and for circumvention of the TPMs. Interestingly (for copyright lawyers), the claim was based on “secondary infringement” which resulted from the authorization of infringing acts when Go Cyber Shopping provided its customers with instructions on how to copy Nintendo’s data.

The Court agreed that Nintendo’s digital locks qualified as “technological protection measures” for the purposes of the Act. The open-ended language of the TPM definition permits copyright owners to protect their business models with “any technological tool at their disposal.” This is an important acknowledgement for copyright owners, as it expands the range of technical possibilities, based on the principle of “technological neutrality” which avoids discrimination against any particular type of technology, device, or component. To put this another way, a copyright owner should be able to fit into the definition of a TPM  fairly easily since there is no specific technical criteria, aside from the general reference to an “effective technology, device or component that, in the ordinary course of its operation, controls access to a work…”

Next, the court agreed with Nintendo that Go Cyber Shopping has engaged in “circumvention” which means “to descramble a scrambled work or decrypt an encrypted work or to otherwise avoid, bypass, remove, deactivate or impair the technological protection measure…”

Lastly, Nintendo sought statutory damages, which avoids the need to show actual damages, and instead relies on automatic damages at a set amount. The court has a range from which to pick.  Nintendo suggested statutory damages between $294,000 to $11,700,000 for TPM circumvention of 585 different Nintendo Games, based on a statutorily mandated range between $500 and $20,000 per work. For copyright infringement, the evidence showed infringement of 3 so-called “Header Data” files. The court was convinced to award damages at the highest level of the range.

In the end the court made an award in favour of Nintendo, setting statutory damages at $11,700,000 for TPM circumvention in respect of its 585 Nintendo Games, and of $60,000 for copyright infringement in respect of the three Header Data works. This shows that TPM circumvention, as a remedy for copyright owners, has real teeth and may, in the right circumstances, easily surpass the damages awarded for copyright infringement. On top of this, the court awarded punitive damages of $1,000,000 in light of the “strong need to deter and denounce such activities.” Total… $12.7 million.

Calgary – 07:00 MT

.
By Richard Stobbe

Ever wanted to remove something after it had been swallowed up in the gaping maw of the internet? Then you will relate to this story about an individual’s struggle to have certain content deleted from the self-appointed memory banks of the web.

The Federal Court recently rendered a procedural decision in the case of Davydiuk v. Internet Archive Canada and Internet Archive 2016 FC 1313 (for background, visit the Wayback Machine… or see our original post Copyright Implications of a “Right to be Forgotten”? Or How to Take-Down the Internet Archive).

For those who forget the details, this case relates to a long-running plan by Mr. Davydiuk to remove certain adult video content in which he appeared about a dozen years ago. He secured the copyright in the videos and all related material including images and photographs, and went about using copyright to remove the online reproductions of the content. In 2009, he discovered that Internet Archive, a defendant in these proceedings, was hosting some of this video material as part of its web archive collection.  It is Mr. Davydiuk’s apparent goal to remove all of the content from the Internet Archive – not only the video but also associated images, photos, and screenshots taken from the video.

The merits of the case are still to be decided, but the Federal Court has decided a procedural matter which touches upon an interesting copyright question:

When a screenshot is taken from a video, is there sufficient originality for copyright to extend to that screenshot? Or is it a “purely mechanical exercise not capable of copyright protection”?

This case is really about the use of copyright in aid of personal information and privacy goals. The Internet Archive argued that it shouldn’t be obliged to remove material for which there is no copyright. Remember, for copyright to attach to a work, it must be “original”. The Supreme Court of Canada (SCC) has made it clear that:

For a work to be “original” within the meaning of the Copyright Act, it must be more than a mere copy of another work.  At the same time, it need not be creative, in the sense of being novel or unique.  What is required to attract copyright protection in the expression of an idea is an exercise of skill and judgment.  By skill, I mean the use of one’s knowledge, developed aptitude or practised ability in producing the work.  By judgment, I mean the use of one’s capacity for discernment or ability to form an opinion or evaluation by comparing different possible options in producing the work. This exercise of skill and judgment will necessarily involve intellectual effort. The exercise of skill and judgment required to produce the work must not be so trivial that it could be characterized as a purely mechanical exercise.  For example, any skill and judgment that might be involved in simply changing the font of a work to produce “another” work would be too trivial to merit copyright protection as an “original” work. [Emphasis added]

From this, we know that changing font (without more) is NOT sufficient to qualify for the purposes of originality. Making a “mere copy” of another work is also not considered original. For example, an exact replica photo of a photo is not original, and the replica photo will not enjoy copyright protection.  So where does a screenshot fall?

The Internet Archive argued that the video screenshots were not like original photographs, but more like a photo of a photo – a mere unoriginal copy of a work requiring a trivial effort.

On the other side, the plaintiff argued that someone had to make a decision in selecting which screenshots to extract from the original video, and this represented an exercise of sufficient “skill and judgment”.  The SCC did not say that the bar for “skill and judgment” is very high – it just has to be higher than a purely mechanical exercise.

At this stage in the lawsuit, the court merely found that there was enough evidence to show that this is a genuine issue. In other words, the issue is a live one, and it has to be assessed with the benefit of all the evidence. So far, the issue of copyright in a screenshot is still undetermined, but we can see from the court’s reasoning that if there is evidence of the exercise of “skill and judgment” involved in the decision-making process as to which particular screenshots to take, then these screenshots will be capable of supporting copyright protection.

Stay tuned.

Calgary – 07:00 MT

By Richard Stobbe

There are dozens of online photo-sharing platforms. When using such photo-sharing venues, photographers should take care not to make the same mistake as Art Drauglis, who posted a photo to his online account through the photo-sharing site Flickr, and then discovered that it had been published on the cover of someone else’s book. Mr. Drauglis made his photo available through a Creative Commons CC BY-SA 2.0 license, which permitted reproduction of his photo, even for commercial purposes.

You might be surprised to find out how much online content is licensed through the “Creative Commons” licensing regime. According to recent estimates, adoption of Creative Commons (CC) has expanded from 140 million licensed works in 2006, to over 1 billion today, including hundreds of millions of images and videos.

In the decision in Drauglis v. Kappa Map Group LLC (U.S. District Court D.C., cv-14-1043, Aug. 18, 2015), the federal court acknowledged that, under the terms of the CC BY-SA 2.0 license, the photo was licensed for commercial use, so long as proper attribution was given according to the technical requirements in the license. The court found that Kappa Map Group complied with the attribution requirements by listing the essential information on the back cover. The publisher’s use of the photo did not exceed the scope of the CC license; the copyright claim was dismissed.

There are several flavours of CC license:

• The Attribution License (known as CC BY)
• The Attribution-ShareAlike License (CC BY-SA)
• The Attribution-NoDerivs License (CC BY-ND)
• The Attribution-NonCommercial License (CC BY-NC)
• The Attribution-NonCommercial-ShareAlike License (CC BY-NC-SA)
• The Attribution-NonCommercial-NoDerivs License (CC BY-NC-ND)
• Lastly, a so-called Public Domain (CC0) designation permits the owner of a work to make it available with “No Rights Reserved”, essentially waiving all copyright claims.

Looks confusing? Even within these categories, there are variations and iterations. For example, there is a version 1.0, all the way up to version 4.0 of each license. The licenses are also translated into multiple languages.

Remember: “available on the internet” is not the same as “free for the taking”. Get advice on the use of content which is made available under any Creative Commons license.

Calgary – 07:00 MST

By Richard Stobbe

The Vancouver Aquarium brought an injunction application to stop the online publication of a critical video entitled “Vancouver Aquarium Uncovered”, which used the Aquarium’s copyright-protected materials in a “derogatory manner”, according to the Aquarium.

In the fascinating case of Vancouver Aquarium Marine Science Centre v. Charbonneau, 2016 BCSC 625 (CanLII), the court weighed the Aquarium’s effort to prevent the unauthorized use of their copyright-protected video clips, against the movie producer’s argument that the exposé is on a topic of public interest and shouldn’t be silenced.

This represents the first judicial review of Section 29.21 of the Copyright Act, first introduced in 2012, which covers “non-commercial user-generated content”. In the injunction application the court skimmed over this issue, preferring to leave it to trial. However, the court made passing comments about the availability of a defence which relies on showing that the copyright-protected content was used “solely for non-commercial purposes”. In this case, there was evidence before the court that the movie had recently been screened in Vancouver where attendees had been charged a $10 entry fee. The court also made reference to an Indiegogo fundraising campaign related to the movie production.

Ultimately, the court restricted publication of 15 images and video clips – about 4 minutes worth of content - which the Aquarium claimed to own. The injunction stopped short of attempting to enjoin publication of the whole video, but rather ordered that the defendants remove the 15 contested segments from the video.

If it proceeds to trial, this will be one to watch.

Calgary – 07:00 MST

–

By Richard Stobbe

When a copyright owner suspects online infringement, but lacks evidence of the identity of the alleged infringers, it can seek an order to disclose those details. Canadian law is clear that “A court order is required in every case as a condition precedent to the release of subscriber information.”

A Norwich order is a “litigation tool requiring non-parties to a litigation to be subject to discovery or being compelled to provide information.” In a recent case, Voltage Pictures LLC v. John Doe, 2014 FC 161, a decision released in February, 2015, this tool was used by the Plaintiff (Voltage) to obtain the names and addresses of some 2,000 subscribers of an ISP known TekSavvy Solutions Inc.

Teksavvy said it would only disclose subscriber information if Voltage obtained a court order compelling disclosure. Voltage did obtain its so-called Norwich order, and Teksavvy was compelled to release subscriber information to Voltage, with some controls.

Then Voltage and Teksavvy argued about who should bear the costs for correlating and compiling the subscriber info. The resulting court opinion in Voltage Pictures LLC v. Teksavvy Solutions Inc. 2015 FC 339, makes for interesting reading (if you’re into this sort of thing) regarding best practices for copyright owners and ISPs to manage costs:

• The copyright owner should first ascertain, in advance “with clarity and precision”, the method used by the ISP to correlate IP addresses with subscriber information, and the investment in time and costs based on a hypothetical number of IP addresses. In other words, the copyright owner should ask the ISP: “What methods do you use, how long would it take and how much would it cost if we wanted you to correlate 100 or 1000 IP addresses?”
• Next, the copyright owner and ISP should agree on these timelines and costs in advance (in writing if possible) before the copyright owner files and serves its motion for a Norwich order.
• For smaller ISPs, the copyright owner should not make the assumption that the smaller ISP will handle IP address and subscriber info in the same way as larger ISPs, where such processes are likely automated.

 

Calgary – 07:00 MST

 

–

By Richard Stobbe

In Part 1 we looked at some basic concepts. In Part 2, we look at “enhanced disclosure” requirements.

If the computer program that is to be installed performs one or more of the functions listed below, the person who seeks express consent must disclose additional information. This disclosure must be made “clearly and prominently, and separately and apart from the licence agreement”. In this additional or enhanced disclosure, the software vendor must describe the program’s “material elements” including the nature and purpose of the program, and the impact on the user’s computer system. A software vendor must bring this info to the attention of the user. This applies if you, as the software vendor, want to install a program that does any of the following things, and causes the computer system to operate in a manner that “is contrary to the reasonable expectations of the owner”. (You have to guess at the reasonable expectations of the user.) These are the functions that the legislation is aimed at:

• collecting personal information stored on the computer system;
• interfering with the owner’s or an authorized user’s control of the computer system;
• changing or interfering with settings, preferences or commands already installed or stored on the computer system without the knowledge of the owner or an authorized user of the computer system;
• changing or interfering with data that is stored on the computer system in a manner that obstructs, interrupts or interferes with lawful access to or use of that data by the owner or an authorized user of the computer system;
• causing the computer system to communicate with another computer system, or other device, without the authorization of the owner or an authorized user of the computer system;
• installing a computer program that may be activated by a third party without the knowledge of the owner or an authorized user of the computer system.

If the computer program or app that you, as the software vendor, want to install does any of these things, then you need to comply with the enhanced disclosure obligations, as well as get express consent.

There are some exceptions: A user is considered to have given express consent if the program is

• a cookie,

• HTML code,

• Java Scripts,

• an operating system,

• any other program that is executable only through the use of another computer program whose installation or use the person has previously expressly consented to, or

• a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose; AND

• the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation.

Remember: These additional provisions in CASL which deal with the installation of software come into effect on January 15, 2015, in less than 3 months. An offence under CASL can result in monetary penalties as high as $1 million for individuals and $10 million for businesses.

If you are a software vendor selling in Canada, get advice on the implications for automatic installs and updates, and how to structure consents, whether this is for business-to-business, business-to-consumer, or mobile apps. There are already more than 1,000 complaints under the anti-spam provisions of the law. You don’t want to be the test case for the computer program provisions.

Calgary – 07:00 MST

–

By Richard Stobbe

It’s mid-October. Like many businesses in Canada, you may be weary of hearing about CASL compliance. Hopefully that weariness is due to all the hard work you did 3 months ago to bring your organization into compliance for the July 1st start-date.

If you’re a software vendor, then you should gird yourself for round two: Yes, there are additional provisions in CASL which deal with the installation of software, and those rules come on stream in 3 months on January 15, 2015.

Section 8 of CASL ostensibly deals with spyware and malware. Hackers are not the only problem; think of the Sony Rootkit case (See our earlier post here) as another example of the kind of thing that this law was designed to address.

This is the essence of Section 8: “A person must not, in the course of a commercial activity, install …a computer program on any other person’s computer system… unless the person has obtained the express consent of the owner …” This applies only if the computer system is located in Canada, or if the person either is in Canada at the relevant time or is acting under the direction of a person who is in Canada at the time when they give the directions.

This relatively simple idea – get consent if you want to install an application on someone else’s system in Canada – has far-reaching implications due to the way the legislation draws the definitions of “computer program” and “computer system” from the Criminal Code. As you can guess, the Criminal Code definitions are extremely broad. So, what does this mean in real life?

• Certain types of specified programs require “enhanced disclosure” by the software vendor. (I am saying ‘software vendors’ as those are the entities most likely to bring themselves into compliance. Of course, hackers and organized crime syndicates should also take note of the enhanced disclosure requirements);
• Express consent, under this law, means that the consent must be requested clearly and simply, and the purpose of the consent must be described;
• The software vendor requesting consent must describe the function and purpose of the computer program that is to be installed;
• The software vendor requesting consent must provide an electronic address so that the user can request, within a period of one year, that the program be removed or disabled;
• Note that if a computer program is installed before January 15, 2015, then the person’s consent is implied. This implied consent lasts until the user gives notice that they don’t want the installation anymore. Or until January 15, 2018, whichever comes first. I’m not making this stuff up, that’s what the Act says.
• One more thing: Enhanced disclosure does not apply if the computer program only collects, uses or communicates “transmission data”. Transmission data is what you might call envelope information. The Act defines it as data that deals with “dialling, routing, addressing or signalling” and although it might show info like “type, direction, date, time, duration, size, origin, destination or termination of the communication”, it does not reveal “the substance, meaning or purpose of the communication”. So there is effectively a carve-out for the tracking of this category info.

Don’t worry, Canadian anti-spam laws are kind of like Lord of the Rings: Sequels will keep coming whether you like it or not. Once we’re past January 15, 2015, you can look forward to July 1, 2017, which is the day on which sections 47 to 51, 55 of CASL come into force. These provisions institute a private right of action for any breach of the Act.

If you are a software vendor selling in Canada, get advice on the implications for automatic installs and updates, whether this is for business-to-business, business-to-consumer, or mobile apps. There are already more than 1,000 complaints under the anti-spam provisions of the law. You don’t want to be the test case for the computer program provisions.

Calgary – 07:00 MST

–

By Richard Stobbe

Browsewrap, clickwrap, clickthrough, terms of use, terms of service, EULA. Just what are we talking about and how did we get here?

In Nguyen v. Barnes & Noble, Inc., 2014 WL 4056549 (9th Cir. Aug. 18, 2014) the US Ninth Circuit wades into the subject of online contracting. Law professor Eric Goldman (ericgoldman.org) argues that these terms we’re accustomed to using, to describe ecommerce agreements, only contribute to the confusion. The term “browsewrap” derives from “clickwrap”, which is itself a portmanteau derived from the concept of a shrinkwrap license. As one court described it in 1996: “The ‘shrinkwrap license’ gets its name from the fact that retail software packages are covered in plastic or cellophane shrink wrap, and some vendors… have written licenses that become effective as soon as the customer tears the wrapping from the package.”

The enforceability of a browsewrap – it is argued – is based not on clicking, but on merely browsing the webpage in question. However, the term browsewrap is often used in the context of an online retailer hoping to enforce its terms, in a situation where they should have used a proper click-through agreement.

In Nguyen, the court dealt with a claim by a customer who ordered HP TouchPad tablets from the Barnes & Noble site. Although the customer entered an order through the shopping cart system, Barnes & Noble later cancelled that order. The customer sued. The resulting litigation turned on the enforceability of the online terms of service (TOS). The court reviewed the placement of the TOS link and found a species of unenforceable browsewrap - the TOS link was somewhere near the checkout button, but completion of the sale was not conditional upon acceptance of the TOS.

There is a whole spectrum upon which online terms can be placed. At one end, a click-the-box agreement (in which completion of the transaction is conditional upon acceptance of the TOS) is generally considered to be valid and enforceable. At the other end, we see passive terms that are linked somewhere on the website, usually from the footer, sometimes hovering near the checkout or download button.  In Nguyen, the terms were passive and required no active step of acceptance. The court concluded that: “Where a website makes its terms of use available via a conspicuous hyperlink on every page of the website but otherwise provides no notice to users nor prompts them to take any affirmative action to demonstrate assent, even close proximity of the hyperlink to relevant buttons users must click on —without more — is insufficient…”

This leaves open the possibility that browsewrap terms (where no active step is required) could be enforceable if the user has notice (actual or constructive) of those terms.

In Canada, the concept was most recently addressed by the court in Century 21 Canada Limited Partnership v. Rogers Communications Inc., 2011 BCSC 1196 (CanLII). In that case, there was no active click-the-box terms of use, but the “browsewrap” terms were nevertheless upheld as enforceable, in light of the circumstances. Three particular factors convinced the court that it should uphold the terms: 1. the dispute did not involve a business-to-consumer dispute (as it did in Nguyen). Rather the parties were “sophisticated commercial entities”. 2. The defendants had actual notice of the terms. 3. The defendants employed similar terms on their own site.

The lessons for business?

The “browsewrap” is a passive attempt to impose terms on a site visitor or customer. Such passive terms should not be employed where the party seeking to enforce those terms requires certainty of enforceability. Even where there is a “conspicuous hyperlink” or “notice to users” or “close proximity of the hyperlink”, none of these factors should be relied upon, even if they might create an enforceable contract in special cases. Maybe it is time to retire the term “browsewrap” and replace it with “probably unenforceable”.

Now, do you still want to rely on a browsewrap agreement?

Related Reading: Online Terms – What Works, What Doesn’t

Calgary – 07:00 MST

Let’s say you pitch a story idea to a TV production company – and not just an idea, but a complete set of storyboards, characters and scripts. You would be surprised if one day you saw that story idea come to life in a TV production that gave no credit to you as the orginal creator of the materials. That’s what happened to Claude Robinson and his idea for a children’s TV program inspired by Robinson Crusoe.

One of the most important copyright decisions in 2013 was issued by the Supreme Court of Canada (SCC) in late December: In Cinar Corporation v. Robinson, 2013 SCC 73, the court reviewed Mr. Robinson’s claim that Cinar Corp. infringed copyright in his original story materials by copying a substantial part of those materials in the new TV production called “Robinson Sucroë”.

I am often asked when or why someone can copy the ideas of someone else. Ideas themselves are not protected by copyright law. Many features of a TV show or a movie are simply non-protectable, including ideas, elements drawn from the public domain or generic components of a story, like heroes, villains, conflict and resolution. However, in this case, the idea was articulated and expressed in a set of original written materials which resulted from the skill and judgement of the author.

The court framed this fascinating issue in this way: “The need to strike an appropriate balance between giving protection to the skill and judgement exercised by authors in the expression of their ideas, on the one hand, and leaving ideas and elements from the public domain free for all to draw upon, on the other, forms the background against which the arguments of the parties must be considered.”

In the end, the court rejected the notion that the two works must be compared piecemeal to determine if protectable elements of the original work were similar to the copy. Instead, the court reviewed the “cumulative effect” of the features copied from the original, to determine if those features amount to a substantial part of the original work as a whole. Thus the court approved a “qualitative and holistic assessment of the similarities between the works”, rather than dissecting both works to compare individual features in isolation.

This decision will be applied in other copyright infringement situations in Canada, including art, media, music and software.

Calgary – 05:00 MST

–

The app economy is, by most estimates, equivalent in size to the GDP of a small country: $15 billion in 2012, projected to mushroom to $74 billion by 2016. All that economic activity inevitably breeds litigation. In what appears to be a case of first impression in the US, a federal court looked at the issue of whether the app store is liable for the apps it distributes, or the app developer.

The case of Evans v. Hewlett-Packard Co., 2013 WL 4426359 (N.D. Cal. Aug. 15, 2013), the court looked at the liability of Hewlett-Packard for a third-party app which allegedly infringed trade-mark rights.

This case hinges on an interpretation of Section 230 of the Communications Decency Act (47 U.S.C. §230), 1996 legislation which provides immunity for providers of an “interactive computer service”, such as ISPs and website operators. The court decided that HP, as the operator of the app store, does qualify for immunity under this legislation, putting the app store into the same category as ISPs.

Remember, the Communications Decency Act  is US legislation, not Canadian. However, Canadian app developers should take note of this decision, as most Canadian developers seek to market and sell their apps in the US.

Other app case are pending, such as this claim (Pirozzi v. Apple, Inc., 12-cv-01529-JST (N.D. Cal. Aug. 3, 2013)) which is proceeding against Apple, for violation of privacy rights. Stay tuned.

Calgary – 07:00 MDT

–

The criminal defence lawyers have their TV shows and movies. What about those humble lawyers who draft online agreements and terms of use all day long? It’s not every day that this kind of legal fine print gets time on the silver screen. Check out this documentary Terms and Conditions May Apply.

Playing next weekend at the Vancouver International Film Festival and Hot Docs Canadian International Documentary Festival.

Calgary – 07:00 MDT

–

When a user dies, who owns the contents of that user’s account?

In Ajemian v. Yahoo Inc.  (May 7, 2013), a Massachusetts court considered this question. Two brothers, who administered their brother John’s estate, brought a lawsuit against Yahoo for access to email messages of their deceased brother, and a declaration that the email account was property of John’s estate. The court considered the Yahoo Terms of Service, which included this clause: “You agree that your Yahoo! account is non-transferable and any rights to your Yahoo! ID or contents within your account terminate upon your death. Upon receipt of a copy of a death certificate, your account may be terminated and all contents therein permanently deleted.”

The court looked at the central question of whether these terms – in particular, this “No Right of Survivorship and Non-Transferability” clause described above – was reasonably communicated to the user. The terms were amended before the time of death but the evidence was unclear on whether the deceased user had assented to this particular amendment. Because of the weak evidence on this point, the court decided that Yahoo could not rely on the forum selection clause which would have deflected the case to California.

The court took the view that the deceased user was a Massachusetts resident and courts in that state had a strong interest in the outcome of the case as it related to the assets of a deceased resident, as opposed to the nature of Yahoo’s services. The ultimate decision was remanded to the lower court, but we can take away a few important lessons:

1. The method of implementing Terms of Use and (just as important) amendments to those terms should be carefully reviewed by any Canadian company conducting business online. This includes everything from an email service like Yahoo, to cloud-computing service providers, online retailers, ebook sellers and software vendors.
2. Corporate accounts may not impacted by the death of a user, but anyone making consumer sales should review their online terms to address survivorship issues. And there are many cases where even a “corporate” user is signing up as an individual, without any clarity on what happens to that account as an “asset” of the business after death.

Get advice from our licensing and internet law experts in this complex area.

Related Reading: Is There Life After Death for Your Digital Assets?

Calgary – 07:00 MDT

In Pelchat v. Zone 3 Inc., 2013 QCCS 78, a Quebec court decision has addressed the dichotomy between the idea for a TV show, and the “form and expression” of ideas, as embodied in a TV show. In this case, the defendant Zone 3 was sued for a claim of copyright infringement related to its makeover TV show called “Métamorphose”. The lawsuit was brought by Mr. Pelchat, who claimed that his own show “Look” (which aired in the late 1980s) was infringed by Zone 3’s show. Mr. Pelchat claimed his infringed work was a “beauty makeover of a woman on TV through hair, makeup and clothes”.  Copyright law is clear that it will only protect original expressions of an idea, not the idea itself. Thus, there is no infringement where the ideas between two shows are similar, but there is no actual copying of protected original expression.

In this case, the court did review the overall expression of the two shows, the structure, dialogue, sets, characters and other elements of expression. It concluded that Zone 3 did not engage in any copyright infringement.

Thanks to the l’Association du Jeune Barreau de Montréal for its case summary and link to the original judgment.

Contact Field Law’s Entertainment Law experts for advice in this area.

Calgary – 07:00 MDT

–

“The world has changed dramatically in the last two decades… An entity may now have a profound impact upon a foreign jurisdiction solely through its virtual projection via the Internet.”

This statement from the New York Court of Appeals in the recent decision in Overstock v. New York Taxation and Finance (PDF) paved the way for an interesting conclusion on the taxing power of New York State – and by extension, the sales tax that may be applied to many online sales, including sales by Canadian online business into the US market.

Traditionally, a state’s taxing authority was based on “economic activities” by the seller, for example, through its employees or sales agents in that state. The question faced by the court in this case was whether click-through links on a “local website” (that is, a website owned by a local state owner) would qualify to establish “economic activities” in that state. For example, a link to Amazon from a local New York State website has the effect of driving sales to Amazon. The court decided that by compensating the local New York State website owner who has signed-on to an affiliate agreement, Amazon is deemed to have established an “in-state sales force”.  The site which hosts the link is paid a commission, flat fee or price-per-click, and this was considered enough to create a “substantial nexus” to the state. Passive advertisements, by contrast, would not by themselves create a substantial nexus.

It is not clear whether Overstock.com and Amazon will appeal the decision.

In other news, the U.S. Senate voted 74-20 to put The Marketplace Fairness Act of 2013 to a final vote, an Act which would allow states to collect online sales taxes. The OECD is also preparing guidelines on how to handle international value-added taxes, to deal with the current “uncertainty and risks of double taxation and unintended non-taxation”. The 2013 draft of the OECD Guidelines derives from the “neutrality” principle (the notion that value-added tax is a tax on final consumption that should be neutral for business), and the so-called “destination” principle (that tax should be paid in the jurisdiction of consumption).

In the meantime, Canadian online retailers selling into the US marketplace should consider reviewing their affiliate click-through agreements and assess sales-tax collection policies with tax advisors.

Related Reading: New York’s Highest Court Affirms Constitutionality of Click-Through Nexus

Calgary- 07:00 MDT

–

When a cloud privacy breach occurs in Canada, what happens? In some cases, businesses are subject to mandatory breach notification requirements. This means that a privacy breach – whether as a result of a hacker, a lost USB or some other human error – must by law be reported to the commissioner and to affected individuals. Ontario has implemented mandatory breach notification under its Personal Health Information Protection Act. In Alberta, organizations subject to the Personal Information Protection Act (PIPA) are required to report a breach to the commissioner “without unreasonable delay” where a “reasonable person would consider that there exists a real risk of significant harm to an individual as a result of the loss or unauthorized access or disclosure”.

The “real risk of significant harm” requires some analysis in the event of a breach and the Alberta commissioner’s Mandatory Breach Reporting Tool (PDF) has been released recently, to assist organizations determine if they are required to report a breach under section 34.1 of PIPA. This area of law may be changing further: a private members bill  was recently introduced in Parliament to implement mandatory data breach reporting in the federal personal information protection law.

Here’s a recent case that illustrates the pitfalls of a cloud privacy breach in Canada:

• In the recently released decision relating to WhatsApp (Report of Findings: Investigation into the personal information handling practices of WhatsApp Inc.), the Canadian and Dutch privacy authorities investigated WhatsApp Inc. a US company operating “WhatsApp Messenger”, a cloud-based cross-platform mobile messaging app allowing the exchange of messages for iOS, BlackBerry, and Android platforms.
• The Commissioner launched an exhaustive review of the privacy aspects of the service after complaints regarding WhatsApp’s information-handling procedures, including the collection of more information than was necessary, the potential for privacy breach, the lack of encryption.
• While the story generated damaging headlines, WhatsApp did work with the Commissioner to resolve many of the privacy concerns.
• This investigation also shows the extent to which international privacy watchdogs will work together to launch an investigation that concerns personal information that crosses international borders.

The privacy lessons are clear: get advice on privacy implications of the cloud-based service, and don’t underestimate the importance of well-drafted privacy policies and user terms. Cloud service providers should also take time to understand the breach notification protocols that would apply in the event of a privacy breach.

Calgary – 07:00 MDT

–

The Canadian Intellectual Property Office has released guidance on “Computer-Implemented Inventions” as planned, in the wake of the Federal Court of Appeal decision in Amazon.  While “software” is technically not patentable, a “computer-implemented invention” is.  Such an invention could fall into one of several categories: a method (art, process or method of manufacture), machine (generally, a device that relies on a computer for its operation), or product (an article of manufacture). As before, computer programs, data structures and computer-generated signals alone are not patent-eligible.

Calgary – 07:00 MDT

 

–

In 2012, LinkedIn made headlines as a result of a significant data breach. The passwords and email addresses of over 6 million LinkedIn users were hacked and posted online. Encryption and security was improved by LinkedIn in the wake of this breach. A class action lawsuit was commenced in the United States based on claims by LinkedIn “premium” users (who paid a monthly or yearly fee for upgraded services). The claim relied on an alleged breach of the terms of LinkedIn’s privacy policy which included fairly standard language about protection of personal information “with industry standard protocols and technology.” In the decision In re LinkedIn User Privacy Litigation , 2013 WL 844291 (N.D. Cal. Mar. 5, 2013), a US court has shut down the claim, deciding the plaintiffs lack standing. The claims were based on a “benefit of the bargain” concept – an argument that the claimants were allegedly entitled to security as paying customers and LinkedIn breached this promise.

The court rejected the claims since there was no indication that the extra service paid for by premium users included enhanced security or encryption, since “paid” users and “free” users received the same level of security. It is clear that claims based on breach of privacy will face a uphill battle in the US, and this decision together with the decision in last year’s iPhone class action claim demonstrate the complexities and difficulties of this class of claims.

Calgary – 7:00 MDT

–

Are APIs protected by copyright?

In the long-running litigation (and hey, is there any litigation that isn’t “long-running”?) between Oracle and Google, a US court decided in 2012 that APIs in this case were not eligible for copyright protection. See our earlier post. This meant a complete loss for Oracle in its lawsuit against Google for infringement of the Java APIs used in Google’s Android software.

Copyright protects only original expression. Applied to software code (including API protocols), the law of copyright tells us that certain elements are not protectable by copyright since they lack originality. The US trial level decision in Oracle vs. Google has been appealed and the parties are now filing briefs in the US Federal Court of Appeals (a copy of Oracle’s brief is here). The briefs make fascinating reading for those interested in the finer points of copyright law and the history of the Java programming.

Oracle’s brief opens by sketching a scene: “Ann Droid wants to publish a bestseller. So she sits down with an advance copy of Harry Potter and the Order of the Phoenix  —the fifth book—and proceeds to transcribe. She verbatim copies all the chapter titles—from Chapter 1 (“Dudley Demented”) to Chapter 38 (“The Second War Begins”). She copies verbatim the topic sentences of each paragraph, starting from the first (highly descriptive) one and continuing, in order, to the last, simple one (“Harry nodded.”). She then paraphrases the rest of each paragraph. She rushes the competing version to press before the original under the title: Ann Droid’s Harry Potter 5.0. The knockoff flies off the shelves.”

Does this constitute copyright infringement?

One of the big issues on appeal will be whether the appeals court accepts the notion that copyright infringement can occur without any actual direct copying of code. This is the so-called SSO argument – that the “structure, sequence and organization” of the software can attract copyright protection, regardless of whether specific code is cut-and-paste. As illustrated in the Harry Potter example above.

Stay tuned. This is one to watch in 2013.

Calgary – 07:00 MST

Photo credit: Google, Inc.