home

__SAT APR 11 -__ __FINAL GROUP MEETING (Study Room 9 from 4pm - whenever)__

__1) Samuel__ The popularity of SNSs has given rise to the controversy concerning privacy in recent years. SNS users are more concerned about privacy infringement when their personal information is being used for purposes other than the users’ intention and without the users’ consent. Privacy is defined as “the right to be let alone, to protect private personal information, and to be free of physical intrusion, surveillance, and misuse of an image or name”. (Yate et al, 586).

One has to be well aware of the potential legal liabilities for privacy infringement prior to the development of social websites. Since the site is open to all individuals, users can easily create and share information with other members of the site. Owners of the websites may be liable for damages claimed by users under tort law. Tort refers to “a body of law which will allow an injured person to obtain compensation from the person who caused the injury”. (Duhaime, 2008). Wrongdoers who cause damages to others, either intentionally or negligently, can be required by the court to compensate the injured party. Tort law is different from criminal law by means of compensation. Under tort law, wrongdoers pay for their actions to the injured party; under criminal law, the state will prosecute the wrongdoers on behalf of the society instead of the victim. Any fine handed out against the wrongdoer as a sentence would not go to the victim, but would go to the government. (Duhaime, 2008)

One of the most common legal liabilities that SNSs would bear is defamation. Defamation is the “published false statement that is to a person’s detriment”. (Yate, Bereznicki-Korol, & Clarke 141). It is a primary concern for businesses involved in media communications and the Internet. For the statements to be defamatory, it must be derogatory, false, published and refer to the plaintiff. The Internet acts as a convenient medium for users to express themselves freely without prior censor. Therefore, the Internet is considered to be a vulnerable medium on which users can commit defamation. Defamation on the Internet is considered libel. Justice Helen Pierce of the Ontario Superior Court declared that “placing material on the Internet, via a website, where it may be accessed by a large audience, constitutes broadcasting within the meaning of the Libel and Slander Act.” (Bowley Kerr Collins, 2003). The distinction between libel and slander lies in the form in which the defamatory statement is published (Pinsent Masons). Libel is seen to be more deliberate, more premeditated, and more permanent, compared to slander (Yate, Bereznicki-Korol, & Clarke 141). In libel, offending statements are published in more durable forms on newspaper, movies and websites and they possess more far-reaching consequences than slander. Slander, on the other hand, occurs when the offending statement is published in forms of conversation, gesture and sounds, which are considered to be a less durable form of defamation.

Understanding such legal obligations prior to setting up SNSs can alleviate our concerns and risks. Legal obligations of privacy and defamation bear crucial relevance to the Internet due to the increasing popularity of the Internet. The proposal of allowing individuals to create their own materials in any digital forms may pose privacy risks as the information may include personal information. User’s information may be sold to third party by Internet Service Providers (ISPs) for marketing purposes without the prior consent of the users. Besides, personal information created may be shared among and viewable to all other members of the site. While allowing its users to create their own widgets which in turn increase the functionality might be fun, the company is at the same time, exposing itself to tremendous privacy risks. The company should assure that the widgets are spyware-free. However, it is extremely challenging to ensure that widgets created by third party also comply with the same privacy standard. The company has to be aware of the fact that users may invent widgets embedded with spyware that can be shared among all users over site easily. By outsourcing some widget development, the company has to ensure the developer also complies with the privacy standard. Members of the site are also allowed to communicate with each other and, to a limited extent, modify or add to the personal sites of others if they are given permission. This function poses the risks of defamation when members are allowed to express themselves freely in which their content of conversation is not censored before it is published on the site.

In Canada, the Privacy Act “extend the present laws of Canada that protect the privacy of individuals and that provide individuals with a right of access to personal information about themselves” (Department of Justice of Canada). The Act requires that organizations to reveal to individuals, upon request, how the personal information on the site is going to be shared with the third party. However, the control becomes extremely challenging when widgets of the websites can be made by other users and also third party widget developers. Some security researchers warn that developers of the software have assembled too much information – home town, schools attended, employment history – and can use the data in ways that could harm or annoy users (Kim Hart, 2008). Such widgets masquerade as entertaining applications such as games, IQ tests and quizzes. They, however, might be malicious programs that data-mine personal information from the user’s page and use the information for purposes other than the users’ intention such as marketing purposes. Annoying spam mails and pop-ups are results of these malicious data-mining widgets.

According to Chris Soghoian, a cyber-security researcher at Indiana University, both MySpace and Facebook Inc., the largest online social networks, let outside developers see a member’s information when they add a widget. (Kim Hart, 2008). MySpace has set policies on what information the widget developer can see. It claimed that developers can see users’ public details only such as name, profile picture and friend lists, when they download a program. When a user installs one on Facebook, the developer can see everything in a profile except contact information, as well as friends’ profiles. (Kim Hart, 2008) Both developers claimed that developers are only allowed to keep those data for 24 hours.

In the case MySpace Inc. v. Sanford Wallace d/b/a Freevegasclubs.com, Realvegassins.com, and Feebleminded Productions 498 F.Supp.2d 1293, 2:07-cv-01929-ABC-AGR (C.D. Ca., July 2, 2007), the Court declared that defendant Sanford Wallace violated the CAN-SPAM Act, 15 U.S.C. Section 7704, as a result of his transmission of unsolicited commercial emails to MySpace users by gathering users’ personal information from widgets. The Court, as a result, banned the defendant from further use of MySpace or its internet messaging service, from establishing or maintaining MySpace accounts, or from using MySpace for commercial purposes (Samson, 2007). The case demonstrates that widget developers are responsible for their own actions in case they choose to solicit personal information for purposes other than the users’ intention. As a result, the company would have to watch the legal liabilities if it chooses to make its own widgets. However, by allowing its users to modify the widgets or outsourcing its widget development, the company can alleviate the privacy risks posed by the widgets.

Under Section 230 of the Communications Decency Act, it immunizes websites from any liability resulting from the publication of information provided by website users, including defamation. Thus, “if a user posts defamatory or otherwise illegal content, Section 230 shields the social network provider from any liability arising out of the publication. Websites that, in whole or in part, create or develop contested information, on the other hand, are deemed 'content providers' that do not benefit from the protections of Section 230.”

However, in the case Fair Housing Council of San Fernando Valley, et al. v. Roommates.com LLC 489 F.3d 921, CV-03-09386-PA (9th Cir., May 15, 2007) aff'd en banc 2008 WL 879293 (9th Cir., April 3, 2008), two fair housing groups sued Roommates.com for violating Fair Housing Act (FHA) when collecting answers from users. The defendant asked its users “to fill in their roommate preference amounted to discrimination since users could state their desire to avoid homosexual roommates, roommates with children or roommates from other groups protected under FHA” (Fayle 2007). The Court denied the defendant’s immunity under Section 230 because “the site wrote the questions, and therefore it is the provider of the content and not subject to the immunity provisions” (Fayle 2007). The panel also justified that “by channeling information to users and providing search capabilities, Roommates.com has added an additional layer of information, "meta-information" you could say, that it is at least partly responsible for creating or developing” ( Fayle 2007). . This may set precedent to MySpace and other SNSs when these sites attempts to restrict the ability to view underage profiles by preventing older users from accessing them through asking for and filtering their ages. MySpace may be liable for charges if users lie about their ages and then commit sexual assault to underage users. As a result, the company has to watch the issues of whether it will be liable for any statements made by the users. The main concern is whether or not the company has, in whole or in part, developed or created contested information so it may lose the immunity under Section 230.

The company should therefore, give users control of their information. Users should be able to change their privacy so they can control who can have access to their information. By developing the widgets itself, the company has more control on the privacy issues associated with the widgets. However, the company should realize that third party widgets developed by other suppliers may pose higher risks of data mining personal data of users and should have stricter standards on them. Besides, users should be informed in advanced of how the widgets could potentially harm their computers. By having agreements and terms, the company should ask for the users’ consent so that the company can be free from legal liabilities. In terms of communication on the site, users should be aware of the fact that they are solely responsible for the defamatory statements made on the Internet, provided that the company has not, in whole or in part, created that defamatory information. Users would have to agree with terms and agreements outlined by the company and accept them prior to joining the site.

__2) Hazelle__ Contracting licensing cybercrime

__3) Lisa__ copyright intro widgets

__4) Jessica__ trademarks patents