DOCSLIB.ORG

Kirch V. Embarq Supreme Court Petition

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Kirch V. Embarq Supreme Court Petition No. _______ In The Supreme Court of the United States -------------------------- ʕ --------------------------- KATHLEEN AND TERRY KIRCH, Petitioners, v. EMBARQ MANAGEMENT COMPANY AND UNITED TELEPHONE COMPANY OF EASTERN KANSAS, Respondents. -------------------------- ʕ -------------------------- ON PETITION FOR WRIT OF CERTIORARI TO THE UNITED STATES COURT OF APPEALS FOR THE TENTH CIRCUIT -------------------------- ʕ -------------------------- PETITION FOR WRIT OF CERTIORARI -------------------------- ʕ -------------------------- Scott A. Kamber Joseph H. Malley Counsel of Record LAW OFFICE OF David A. Stampley JOSEPH H. MALLEY KAMBERLAW LLC 1045 North Zang Boulevard 100 Wall Street, 23rd Floor Dallas, Texas 75208 New York, New York 10005 (214) 943-6100 (212) 920-3072 [email protected] [email protected] [email protected] Counsel for Petitioners Counsel for Petitioners Dated: March 28, 2013 THE LEX GROUPDC i 1825 K Street, N.W. i Suite 103 i Washington, D.C. 20006 (202) 955-0001 i (800) 856-4419 i Fax: (202) 955-0022 i www.thelexgroup.com i QUESTIONS PRESENTED 1. Does an ISP acquire the contents of its customers electronic communications within the meaning of the ECPA when the ISP uses a device intentionally to redirect the customers communication to a third party without the consent of any party to the communications. 2. Does the fact that an ISP transmits customers electronic communications in its ordinary course of Business mean that an ISP acts within the ordinary course of business and therefore does not engage in interception when it reconfigures its network intentionally to redirect customers communications to a third party without the consent of any party to the communications. ii TABLE OF CONTENTS Page QUESTIONS PRESENTED ....................................... i TABLE OF CONTENTS ............................................ ii TABLE OF AUTHORITIES ....................................... v OPINIONS BELOW ................................................... 1 JURISDICTION ......................................................... 1 RELEVANT STATUTORY PROVISIONS ................ 1 STATEMENT OF THE CASE ................................... 1 A. Statutory Background ........................... 2 1. Electronic communications ........ 2 2. ECPA, ISPs and the Internet ....................................... 4 B. Material Facts ....................................... 6 1. Embarq redirected the Kirches Internet communications to a third- party ............................................ 6 iii 2. Embarq reconfigured its network indiscriminately to redirect all Internet communications of its customers .................................... 6 C. Proceedings Below ................................. 7 1. The Kirches file suit ................... 7 2. The district court grants Embarqs summary judgment motion ......................... 7 3. The Tenth Circuit affirms on limited grounds ...................... 8 REASONS THE WRIT SHOULD BE GRANTED .... 9 A. An electronic communication is intercepted when, without lawful purpose, the whole of it is redirected to an unintended recipient, regardless of whether communicative content is subsequently extracted from it ........... 14 B. The ECPA presupposes an ISPs acquisition of customers electronic communications .................. 21 C. Remand is necessary ........................... 24 CONCLUSION ......................................................... 25 iv APPENDIX Published Opinion and Judgment of The United States Court of Appeals for The Tenth Circuit entered DecemBer 28, 2012 ................ 1a Memorandum and Order of The United States District Court for The District of Kansas entered August 19, 2011 ................... 20a 18 U.S.C. § 2510 ........................................... 44a 18 U.S.C. § 2511 ........................................... 47a 18 U.S.C. § 2520(a) ...................................... 52a v TABLE OF AUTHORITIES Page(s) CASES Amati v. City of Woodstock, 829 F. Supp. 998 (N.D. Ill. 1993) ................... 17 Bartnicki v. Vopper, 532 U.S. 514 (2001) ........................ 4, 10, 12, 13 Brown v. Waddell, 50 F.3d 285 (4th Cir.1995) ............................... 5 Hall v. Earthlink Network, Inc., 2003 WL 22990064 (S.D.N.Y. Dec. 19, 2003) ................................ 24 Hall v. EarthLink Network, Inc., 396 F.3d 500 (2d Cir. 2005) ........................... 23 In re Pharmatrak, Inc., 329 F.3d 9 (1st Cir. 2003) ................................ 5 In re State Police Litigation, 888 F. Supp. 1235 (D. Conn. 1995) .......... 18, 19 Jacobson v. Rose, 592 F.2d 515 (9th Cir. 1978) .......................... 17 Katz v. United States, 389 U.S. 347 (1967) ........................................ 12 vi Klumb v. Goan, 884 F. Supp. 2d 644 (E.D. Tenn. 2012) ......... 20 Olmstead v. United States, 277 U.S. 438 (1928) ........................................ 12 Reno v. American Civil Liberties Union, 521 U.S. 844 (1997) ........................................ 13 Shefts v. Petrakis, 758 F. Supp. 2d 620 (C.D. Ill. 2010) .............. 20 United States v. Councilman, 418 F.3d 67 (1st Cir. 2005) .............................. 5 United States v. Denman, 100 F.3d 399 (5th Cir. 1996) .......................... 16 United States v. Jones, 132 S. Ct. 945 (2012) ...................................... 10 United States v. Luong, 471 F.3d 1107 (9th Cir. 2006) .................. 12, 16 United States v. Nelson, 837 F.2d 1519 (11th Cir.), cert. denied, 488 U.S. 829 (1988) ................................... 16-17 United States v. Ramirez, 112 F.3d 849 (7th Cir. 1997) .......................... 16 vii United States v. Rodriguez, 968 F.2d 130 (2d Cir.), cert. denied, 506 U.S. 847 (1992) ................................ passim United States v. Shields, 675 F.2d 1152 (11th Cir.), cert. denied, 459 U.S. 858 (1982) .................................. 12, 16 United States v. Szymuszkiewicz, 622 F.3d 705 (7th Cir. 2010) ...................... 5, 15 United States v. Townsend, 987 F.2d 927 (2d Cir. 1993) ........................... 15 United States v. Turk, 526 F.2d 654 (5th Cir.), cert. denied, 429 U.S. 823 (1976) ............................ 12, 17, 19 STATUTES 18 U.S.C. § 2510 et seq. ............................................... 1 18 U.S.C. § 2510 .......................................................... 4 18 U.S.C. § 2510(4) ................................... 4, 15, 16, 20 18 U.S.C. § 2510(12) ................................................... 3 18 U.S.C. § 2511(3)(a) ............................... 5, 13, 21, 23 18 U.S.C. § 2511(3)(b)(iii) ......................................... 21 viii 18 U.S.C. § 2520(a) ..................................................... 4 28 U.S.C. § 1254(1) ..................................................... 1 28 U.S.C. § 1291 ......................................................... 1 28 U.S.C. § 1331 ......................................................... 7 28 U.S.C. § 1332(d)(2) ................................................. 7 RULES Fed. R. App. P. 35(c) ................................................... 1 Fed. R. App. P. 40(a)(1) .............................................. 1 OTHER AUTHORITIES 132 Cong. Rec. H4039-01 (June 23, 1986) ................. 4 Paul Ohm, The Rise and Fall of Invasive ISP Surveillance, 2009 U. ILL. L. REV. 1417 (2009) .......................... 4, 11 Presidents Commission on Law Enforcement and Administration of Justice, The Challenge of Crime in a Free Society (1967) .... 13 S. Rep. No. 99-541, U.S. Code Cong. & Admin. News 1986 .......... 3, 18, 19 ix S. Rep. No. 1097, U.S. Code Cong. & Admin. News 1968 .................... 10 Steven R. Morrison, What The Cops Cant Do, Internet Service Providers Can: Preserving Privacy in Email Contents, 16 VA. J.L. & TECH. 253 (2011) ................................... 4 1 PETITION FOR WRIT OF CERTIORARI Petitioners Kathleen and Terry Kirch respectfully petition for a writ of certiorari to review the judgment of the United States Court of Appeals for the Tenth Circuit in this case. OPINIONS BELOW The opinion of the United States Court of Appeals for the Tenth Circuit is published at 702 F.3d 1245 and reproduced at Pet.App.1a. The district courts unreported opinion is reproduced at Pet.App.20a. JURISDICTION The Tenth Circuit exercised jurisdiction under 28 U.S.C. § 1291, entering judgment on December 28, 2012. The time for filing a petition for rehearing elapsed 45 days later, on February 11, 2013. Fed. R. App. P. 35(c), 40(a)(1). This Court has jurisdiction under 28 U.S.C. § 1254(1). RELEVANT STATUTORY PROVISIONS Pertinent portions of the Electronic Communications Privacy Act, 18 U.S.C. § 2510 et seq., are reproduced in the appendix to this petition. STATEMENT OF THE CASE This case presents the important federal question of whether an ISPs wholesale redirection of its customers Internet communications to an 2 unintended recipient without customer consent lies outside the ISPs ordinary course of business and constitutes interception under the ECPA. Here, Internet services provider Embarq, unbeknownst to its customers, installed a device in its Internet services network facility to transmit all customer Internet communications to an online advertising network. As part of that installation, Embarq recabled its network to redirect customers communications through the device before resuming the path to their intended, Internet-connected recipients. The third-party ad network paid Embarq for its access to the Embarq customer communications. The Tenth Circuit held Embarq did not engage
Load more

Recommended publications
  • Valentine, Et Al. V. Nebuad, Inc., No
    IMPORTANT COURT-ORDERED NOTICE—PLEASE READ THIS NOTICE SUMMARIZES THE TERMS OF A PROPOSED CLASS ACTION SETTLEMENT UNDER WHICH YOU MAY HAVE CERTAIN LEGAL RIGHTS. SUBJECT: Notice of Pendency of Class Action and Proposed Settlement in the U.S. District Court, Northern District Of California — Valentine, et al. v. NebuAd, Inc., No. 3:08-cv-05113 (TEH)(EMC). DATE: September 20, 2011 Introduction .................................................................................................................................................................................. 1 The Lawsuit ................................................................................................................................................................................... 1 A. What Is a Class Action? ..................................................................................................................................................... 1 B. What Lawsuit and Parties Are Related to This Settlement? ............................................................................................... 1 C. What Is the Lawsuit About? ............................................................................................................................................... 2 Class Membership ........................................................................................................................................................................ 2 A. Who Is in the Class? ..........................................................................................................................................................
    [Show full text]
  • Testimony of Gigi B. Sohn President, Public Knowledge Before the U.S
    ! ! ! Testimony of Gigi B. Sohn President, Public Knowledge Before the U.S. Senate Committee on Commerce, Science & Transportation Hearing On: Broadband Providers and Consumer Privacy Washington, DC. September 25, 2008 Testimony of Gigi B. Sohn President, Public Knowledge Before the U.S. Senate Committee on Commerce, Science, and Transportation Hearing on: Broadband Providers and Consumer Privacy September 25, 2008 Chairman Inouye, Ranking Member Hutchison and Members of the Committee, thank you for giving me the opportunity to testify about broadband providers and consumer privacy. I’d like to focus today on the growing use of the collection of technologies known as “Deep Packet Inspection,” or DPI, which has immense implications for the privacy rights of the American public. Over the past several months, Public Knowledge, in partnership with Free Press, has been analyzing these technologies and their impact on privacy and an open Internet. In June, our organizations published a white paper entitled NebuAd and Partner ISPs: Wiretapping, Forgery and Browser Hijacking, which examined the technical and policy aspects of DPI. I applaud the Committee for its continued scrutiny of the use of these technologies.1 I. Introduction Today's hearing on consumer privacy comes in the wake of two high-profile online consumer privacy violations, both of which involved the use of Deep Packet Inspection (DPI) technology on an Internet Service Provider's (ISP) network. The first instance came to light in October 2007, when an Associated Press report revealed that Comcast was interfering with its customers' BitTorrent traffic.2 The report confirmed earlier tests conducted by independent network researcher Robb Topolski, who found that Comcast was analyzing its users' web traffic in order to determine the types of applications and protocols being used.
    [Show full text]
  • Tenth Circuit Decision Limits ECPA Liability of Isps for Privacy Violations by Third Party Partner by Mary Ellen Callahan, David A
    Privacy and Information Governance January 8, 2013 Privacy and Information Governance Client Alert Tenth Circuit Decision Limits ECPA Liability of ISPs for Privacy Violations by Third Party Partner by Mary Ellen Callahan, David A. Handzo and Matthew E. Price The U.S. court of Appeals for the Tenth Circuit data collected by NebuAd, other than the access it has held that an internet service provider (ISP) had in the ordinary course of its business as an ISP. did not violate privacy laws when it allegedly Thus, regardless of whether NebuAd had engaged allowed a third-party advertising company to gather in prohibited interception, Embarq could not be held information concerning the websites visited by the liable for any such interception under an aiding and ISP’s customers – information that the advertising abetting liability theory. company used to deliver targeted advertisements In reaching that conclusion, the court rejected the The decision has important implications for online plaintiffs’ argument that Embarq could be held advertising and e-commerce. directly liable for interception merely because it had The case, Kirch v. Embarq Management Company, custody and control over the hardware that NebuAd was a putative class action against Embarq, had installed on the network. The court held that, in an ISP, brought by two of its customers. The order to hold Embarq liable, the plaintiffs would need plaintiffs alleged that Embarq had “intercepted” to prove that Embarq had acquired the information their communications in violation of the Electronic collected by that hardware, and the summary Communications Privacy Act (“ECPA”) by allowing judgment record showed that Embarq did not.
    [Show full text]
  • Privacy Implications of Online Advertising Hearing
    S. HRG. 110–1179 PRIVACY IMPLICATIONS OF ONLINE ADVERTISING HEARING BEFORE THE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION UNITED STATES SENATE ONE HUNDRED TENTH CONGRESS SECOND SESSION JULY 9, 2008 Printed for the use of the Committee on Commerce, Science, and Transportation ( U.S. GOVERNMENT PRINTING OFFICE 76–329 PDF WASHINGTON : 2012 For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866) 512–1800; DC area (202) 512–1800 Fax: (202) 512–2104 Mail: Stop IDCC, Washington, DC 20402–0001 VerDate Nov 24 2008 14:12 Oct 23, 2012 Jkt 075679 PO 00000 Frm 00001 Fmt 5011 Sfmt 5011 S:\GPO\DOCS\76329.TXT JACKIE SENATE COMMITTEE ON COMMERCE, SCIENCE, AND TRANSPORTATION ONE HUNDRED TENTH CONGRESS SECOND SESSION DANIEL K. INOUYE, Hawaii, Chairman JOHN D. ROCKEFELLER IV, West Virginia TED STEVENS, Alaska, Vice Chairman JOHN F. KERRY, Massachusetts JOHN MCCAIN, Arizona BYRON L. DORGAN, North Dakota KAY BAILEY HUTCHISON, Texas BARBARA BOXER, California OLYMPIA J. SNOWE, Maine BILL NELSON, Florida GORDON H. SMITH, Oregon MARIA CANTWELL, Washington JOHN ENSIGN, Nevada FRANK R. LAUTENBERG, New Jersey JOHN E. SUNUNU, New Hampshire MARK PRYOR, Arkansas JIM DEMINT, South Carolina THOMAS R. CARPER, Delaware DAVID VITTER, Louisiana CLAIRE MCCASKILL, Missouri JOHN THUNE, South Dakota AMY KLOBUCHAR, Minnesota ROGER F. WICKER, Mississippi MARGARET L. CUMMISKY, Democratic Staff Director and Chief Counsel LILA HARPER HELMS, Democratic Deputy Staff Director and Policy Director CHRISTINE D. KURTH, Republican Staff Director and General Counsel PAUL NAGLE, Republican Chief Counsel (II) VerDate Nov 24 2008 14:12 Oct 23, 2012 Jkt 075679 PO 00000 Frm 00002 Fmt 5904 Sfmt 5904 S:\GPO\DOCS\76329.TXT JACKIE C O N T E N T S Page Hearing held on July 9, 2008 ................................................................................
    [Show full text]
  • ISP-Enabled Behavioral Ad Targeting Without Deep Packet Inspection
    ISP-Enabled Behavioral Ad Targeting without Deep Packet Inspection GabrielMaci´a-Fern´andez YongWang RafaelRodr´ıguez Aleksandar Kuzmanovic University of Granada University of Electronic Science University of Granada Northwestern University Granada, Spain and Technology of China, China Granada, Spain Evanston,IL,USA [email protected] [email protected] [email protected] [email protected] Abstract—Online advertising is a rapidly growing industry collection systems is a legal one:1 unlike Google (not a currently dominated by the search engine ’giant’ Google. In an broadband provider), ISPs that provide broadband services are attempt to tap into this huge market, Internet Service Providers not exempt from the Federal Wiretap Act, originally enacted (ISPs) started deploying deep packet inspection techniques to track and collect user browsing behavior. However, such tech- in 1968 to protect against phone wiretapping and amended niques violate wiretap laws that explicitly prevent intercepting in 1986 to cover computer network communications. It states the contents of communication without gaining consent from a simple prohibition: thou shalt not intercept the contents of consumers. In this paper, we show that it is possible for ISPs communications (see 18 U.S.C §2411(1)) [11]. Violations can to extract user browsing patterns without inspecting contents of result in civil and criminal penalties. Indeed, this prohibition communication. Our contributions are threefold. First, we develop a metho- has clearly been violated by deep packet inspection techniques dology and implement a system that is capable of extracting [12]. The law predicts several exceptions, e.g., security reasons web browsing features from stored non-content based records of (see 18 U.S.C.
    [Show full text]
  • Nebuad Report Final
    NebuAd and Partner ISPs: Wiretapping, Forgery and Browser Hijacking Robert M. Topolski Chief Technology Consultant Free Press and Public Knowledge June 18, 2008 Executive Summary This report addresses the technical aspects of NebuAd, a targeted behavioral advertising company with offices located in the United States and United Kingdom that recently began seeking deals with Internet Service Providers (ISPs). NebuAd recently made headlines when the cable operator Charter announced that it had struck a deal with the company. Charter’s announcement prompted public and congressional inquiries into NebuAd’s practices, including a letter from Rep. Ed Markey (D-Mass.) and Rep. Joe Barton (R-Texas). NebuAd has also been deployed by WOW!, Embarq, Broadstripe, CenturyTel, Metro Provider and others. To determine NebuAd’s practices, this investigation used sound and reproducible network testing methods. The investigation concludes that NebuAd’s advertising hardware monitors, intercepts and modifies the contents of Internet packets using Transmission Control Protocol on Internet Protocol (TCP/IP). In doing so, NebuAd commandeers users’ Web browsers and collects uniquely identifying tracking cookies to facilitate its advertising model. Apparently, neither the consumers nor the affected Web sites have actual knowledge of NebuAd’s interceptions and modifications. NebuAd exploits several forms of “attack” on users’ and applications’ security, the use of which has always generated considerable controversy and user condemnation, including browser hijacking, cross-site scripting and man-in-the-middle attacks. These practices -- committed upon users with the paid-for cooperation of ISPs -- violate several fundamental expectations of Internet privacy, security and standards-based interoperability. Moreover, NebuAd violates the Internet Engineering Task Force (IETF) standards that created today’s Internet where the network operators transmit packets between end users without inspecting or interfering with them.
    [Show full text]
  • Deep Packet Inspection and Communications Laws and Policies"
    CENTER FOR DEMOCRACY & TECHNOLOGY Statement of Alissa Cooper Chief Computer Scientist, Center for Democracy & Technology Before the House Committee on Energy and Commerce, Subcommittee on Telecommunications and the Internet " What Your Broadband Provider Knows About Your Web Use: Deep Packet Inspection and Communications Laws and Policies" July 17, 2008 ! I. Summary !"#$%&#'()#%*+,(#'-()+&.+%/(01(2"+(34.50&&$22++6( 7'(.+"#81(01(2"+(!+'2+%(10%(9+&05%#5,(:(;+5"'080<,(=!9;>?(@(2"#'*(,04(10%(2"+( 0AA0%24'$2,( 20( 2+/2$1,( 20-#,B( C+( #AA8#4-( 2"+( 34.50&&$22++D/( 8+#-+%/"$A( #'-( 10%+/$<"2( $'( +E#&$'$'<( 2"+( +&+%<$'<( A08$5,( #'-( 8+<#8( $&A8$5#2$0'/( 01( 2"+( 2+5"'$F4+(*'0G'(#/(H-++A(A#5*+2($'/A+52$0'BI( J%+/+%K$'<(2"+(@'2+%'+2(#/(#(2%4/2+-(0A+'(A8#210%&(10%(/A++5"(#'-($''0K#2$0'?( G$2"042(<#2+*++A+%/(0%(5+'2%#8(50'2%08?("#/(.++'(#(-+1$'$'<($//4+(10%(!9;(/$'5+( $2/( $'5+A2$0'B( ;"+( @'2+%'+2( G#/( .4$82( #%04'-( 2"+( H+'-L20L+'-I( A%$'5$A8+6( 2"+( '02$0'( 2"#2( #AA8$5#2$0'/( #%+( .+22+%( 8+12( 20( .+( $&A8+&+'2+-( #2( 2"+( @'2+%'+2D/( +'-A0$'2/( %#2"+%( 2"#'( $2/( 50%+?( 8+#K$'<( 2"+( '+2G0%*( $2/+81( 4'1+22+%+-( .,( #',( A#%2$548#%( A#%2,D/( $'2+%+/2/BM( J4%/4#'2( 20( 2"$/( +'-L20L+'-( -+/$<'?( -#2#( "#/( 2%#-$2$0'#88,( 2%#K+%/+-( 2"+( @'2+%'+2( G$2"042( $'2+%1+%+'5+( 1%0&( $'2+%&+-$#%$+/B( N+<$/8#2$K+( #'-( 8+<#8( -+5$/$0'/( A%02+52$'<( @'2+%'+2( /+%K$5+( A%0K$-+%/( 1%0&( $'2+%&+-$#%,(8$#.$8$2,(=!"#"?(8$#.$8$2,(10%(50'2+'2(2"#2(0%$<$'#2+/(G$2"(4/+%/>("#K+( .++'(104'-+-(0'(2"+(A%$'5$A8+(2"#2(2"+('+2G0%*(0A+%#20%($/('02(&#'$A48#2$'<(2"+( 50'2+'2(2"#2(A#//+/(2"%04<"($2/('+2G0%*B(O0%(-+5#-+/?(#-"+%+'5+(20(2"+(+'-L20L +'-( A%$'5$A8+( "#/( A%+/+%K+-( 2"+( @'2+%'+2( #/( #( 2%4/2+-( A8#210%&( #'-( "#/( /4AA0%2+-( #/204'-$'<( 8+K+8/( 01( $''0K#2$0'?( +50'0&$5( #52$K$2,?( #'-( $'-$K$-4#8( +EA%+//$0'B(( (((((((((((((((((((((((((((((((((((((((((((((((((((((((( 1 J.H.
    [Show full text]
  • Deep Packet Inspection, Public Pressure and Regulatory Actions
    Deep Packet Inspection, Public Pressure and Regulatory Actions Comparative Cases on Online Copyright Enforcement and Behavioral Targeted Advertising Andreas Kuehn, Milton Mueller School of Information Studies, Syracuse University www.deeppacket.info Talk @ HIIG, Berlin, Oct 24, 2012 Flyer der Digitale Gesellschaft e.V. zum Thema DPI, Oktober 2012. Source: https://digitalegesellschaft.de/wp-content/uploads/2012/10/dg_dpi_FINAL1.pdf Stellen Sie sich vor, die Post öffnet alle Ihre Briefe und liest den Inhalt. Manche schreibt sie um – und andere schmeißt sie einfach weg. Das klingt absurd? Genau das passiert mit Ihren Daten im Internet Flyer der Digitale Gesellschaft e.V. zum Thema DPI, Oktober 2012. Overview • Introduction – What is DPI? – DPI Capabilities and Applications • Cases: Online Copyright Enforcement • Cases: Online Behavioral Advertising – Proposed 4-Stage Disclosure Pattern • Conclusion • Q&A Deep Packet Inspection SPI Header DPI Payload Deep Packet Inspection Key Features • DPI pertains to information in motion, not information at rest. Technical Capabilities • Recognition • Manipulation • Notification Applications and Deployments • Using these three basic capabilities, vendors and network operators build DPI applications. • The list of DPI use cases is long and the lines between them are blurry. DPI as “Disruptive Technology” • Tension or conflict with three fundamental principles of Internet governance: – The end to end argument (a.k.a. net neutrality) – Intermediary immunity – Expectations of privacy General Research Question
    [Show full text]
  • Intellectual Property & Technology Law Journal Eric C. Bosset Simon J
    PRIVATE ACTIONS CHALLENGING ONLINE DATA COLLECTION PRACTICES ARE INCREASING: ASSESSING THE LEGAL LANDSCAPE Intellectual Property & Technology Law Journal Eric C. Bosset Simon J. Frankel Mali B. Friedman Stephen P. Satterfield February 2011 The advent of the browser (or HTTP) cookie in the mid-1990s provided Web publishers and online advertisers with a new means of collecting information about consumer interests and for serving targeted advertisements on the basis of that information. This innovative technology also drew criticism from some circles and ultimately prompted several lawsuits against publishers, advertisers, and the ad networks that facilitate the relationship between them.1 Although these suits largely were unsuccessful, the controversy over HTTP cookies led to modifications in browser privacy controls that gave users an increased ability to limit and delete cookies on their computers. In the past decade, the number and quality of online data collection technologies have increased. At first, these technologies were subject to scrutiny principally by regulators, and industry responded by developing more robust privacy disclosures concerning their use. More recently, these next-generation technologies also have been a topic of heightened interest from the press—for example, an ongoing series in the Wall Street Journal2—and have inspired a spate of putative class action lawsuits relating to online data collection, alleging violations of various federal and state laws. Indeed, the past few years have witnessed the rise of a privacy
    [Show full text]
  • Canadian Internet Policy and Public Interest Clinic Clinique D'intérêt Public Et De Politique D'internet Du Canada 25 July
    Canadian Internet Policy and Public Interest Clinic Clinique d’intérêt public et de politique d’internet du Canada 25 July 2008 BY COURIER AND EMAIL Privacy Commissioner of Canada 112 Kent Street Ottawa, Ontario K1A 1H3 Dear Commissioner Stoddart: Re: Request for an investigation and development of guidelines re: ISP use of Deep Packet Inspection technology for behavioural targeted marketing purposes 1. This is a request that your office investigate the current and potential use of deep packet inspection (DPI) technology by internet service providers (ISPs) for the purpose of behavioural targeted advertising, with a view to developing industry guidelines consistent with legal requirements under the Personal Information Protection and Electronic Documents Act (PIPEDA). 2. This request is separate from and in addition to our complaints made under s.11 of PIPEDA against Bell Canada (complaint #6100-02744), and by way of separate letters today, against Rogers Communications Inc., Shaw Communications Inc. and Eastlink. Those complaints focus on the use by those ISPs of DPI for the purpose of traffic management. 3. Given the speed with which DPI technology is being deployed, the variety of purposes for which it is being marketed, and the obvious privacy concerns that it raises, we submit that the time is ripe for your office to investigate these matters on an industry-wide basis and to develop guidelines for PIPEDA-compliant use of DPI by ISPs, in the context of behavioural targeting as well as traffic-shaping. 4. Our research suggests that some Canadian ISPs may be engaging or preparing to engage in the collection of subscriber data via DPI in order to target advertising at individual users.
    [Show full text]
  • Every Click You Make
    Every Click You Make http://www.washingtonpost.com/wp-dyn/content/article/2008/04/03/AR... Every Click You Make Internet Providers Quietly Test Expanded Tracking of Web Use to Target Advertising By Peter Whoriskey Washington Post Staff Writer Friday, April 4, 2008; D01 The online behavior of a small but growing number of computer users in the United States is monitored by their Internet service providers, who have access to every click and keystroke that comes down the line. The companies harvest the stream of data for clues to a person's interests, making money from advertisers who use the information to target their online pitches. The practice represents a significant expansion in the ability to track a household's Web use because it taps into Internet connections, and critics liken it to a phone company listening in on conversations. But the companies involved say customers' privacy is protected because no personally identifying details are released. The extent of the practice is difficult to gauge because some service providers involved have declined to discuss their practices. Many Web surfers, moreover, probably have little idea they are being monitored. But at least 100,000 U.S. customers are tracked this way, and service providers have been testing it with as many as 10 percent of U.S. customers, according to tech companies involved in the data collection. Although common tracking systems, known as cookies, have counted a consumer's visits to a network of sites, the new monitoring, known as "deep-packet inspection," enables a far wider view -- every Web page visited, every e-mail sent and every search entered.
    [Show full text]
  • Nebuad Closing Doors After Internet Privacy Woes 20 May 2009, by DEBORAH YAO , AP Business Writer
    NebuAd closing doors after Internet privacy woes 20 May 2009, By DEBORAH YAO , AP Business Writer (AP) -- NebuAd Inc., a company that sought to and expects to deploy it this year. target ads to consumers based on their online behavior, is going out of business after facing Griffiths said Phorm asks consumers upfront after scrutiny over whether its technology infringed on they log on whether they want to receive targeted the privacy of Internet surfers. ads. Griffiths added that the company has received assurances from the British government that its In court filings this week, NebuAd said it has been technology "can be operated in a lawful manner." winding down its business since last year. It laid off virtually all its employees in July and August, Even so, Richard Clayton from Internet think tank closing its office in Redwood City, Calif., in Foundation for Information Policy Research in September. NebuAd once employed over 60 Cambridge, England, believes Phorm is getting people. some snubs from potential partners. NebuAd has "essentially ceased to exist," "I haven't seen any other ISPs queuing up to according to documents filed with the U.S. District associate themselves with Phorm at all," he said. Court for the Northern District of California. "A number of smaller ones have said they won't go anywhere near it." NebuAd's clients - Internet service providers who wanted to share the ad revenue with NebuAd - ©2009 The Associated Press. All rights reserved. started dropping out after Congress held hearings This material may not be published, broadcast, last July on the technology, which examined rewritten or redistributed.
    [Show full text]