Posts
PDF
Classmates.com has agreed to pay up to $9.5 million to users who say they were duped into paying a $15 subscription fee in response to the site's deceptive advertising scheme.
Founded way back in 1995 -- the pre-historic Web 1.0 era -- Classmates.com was one of the first social networking sites. Today, it's perhaps best known for its cheese-tastic ads -- usually involving old yearbook pictures and a little quip along the lines of "She married him?!"
But it was a different marketing tactic that led a California man to file a class action lawsuit against the site for false advertising: after he signed up for a free membership with the site (which really doesn't let users take advantage of many -- if any -- interesting online tools or networking functions), Classmates.com sent him messages along the lines of "Your classmate is looking for you!" Or, "See who viewed your profile!"
But getting this juicy stuff (is it your junior high crush?! is it that jerk who stood you up on prom night?!) required an upgrade to a paid membership. The problem was, after he forked over the payment, he learned no one was looking for him after all.
Talk about kicking the lonely guy when he's down.
In November of 2008, Anthony Michaels filed a lawsuit against Classmates.com for deceptive advertising, and according to wired.com, now the site (although it denies wrongdoing) has agreed to pay up to $9.5 million in refunds to users who upgraded to a paid membership after seeing those kinds of advertisements. The proposed settlement awaits court approval.
Classmates.com has long faced criticism for its marketing and advertising, and for years has faced consumer complaints.
Oh, but that's not all.
Classmates.com and its parent company, United Online, (along with other retailers) have also been dealing with a congressional investigation stemming from questionable marketing tactics and complaints from people who found mysterious charges on their credit card invoices.
But wait. There's more.
Earlier this month, two named plaintiffs filed a class action lawsuit against Classmates.com for recent changes to its privacy policy that resulted in user profile information going public. The plaintiffs sued Classmates.com for violations of the Electronic Communications Privacy Act (well, the attorneys accidentally referred to it as the Electronic Data Privacy Act), violations of the state consumer protection act, breach of contract, unjust enrichment; it also asks for an injunction.
I guess we can chalk this up as yet another reason so many of us just want to forget our high school years.
Showing posts with label ECPA. Show all posts
Showing posts with label ECPA. Show all posts
Wednesday, March 17, 2010
Friday, February 19, 2010
School Faces Class Action Lawsuit for Secretly Spying on Kids at Home Via Remote-Controlled Webcams
Let's say a school administrator crawled into your kid's backpack to sneak into your home.
Creepy McCreeperson? A Pennsylvania family sure thought so when they experienced the functional equivalent.
The Robbins family filed a federal class action lawsuit against a school district after learning the district used a webcam in a school-issued laptop to secretly spy on their 15-year-old son when he was at home. They've sued for invasion of privacy under state law, violation of the Pennsylvania Wiretapping and Electronic Surveillance Act, and violations of the federal Electronic Communications Privacy Act, Computer Fraud Abuse Act, Stored Communications Act, and the Fourth Amendment.
According to the complaint (which Philly.com posted online), the school surreptitiously spied on students by remotely activating the webcams installed on the laptops the Lower Merion School District issued to them.
The family learned about the remote spying in November of 2009, when an assistant prinicipal told their son, Blake, that she believed he “was engaged in improper behavior in his home, and cited as evidence a photograph from the Webcam embedded in [his] personal laptop issued by the School District.”
The school posted a response on its website, essentially admitting the laptops' webcams can be remotely activated, but saying it was meant to be used for security purposes -- to track down a lost or stolen piece of equipment.
(Thanks to Bret D. for the tip on this story!)
Creepy McCreeperson? A Pennsylvania family sure thought so when they experienced the functional equivalent.
The Robbins family filed a federal class action lawsuit against a school district after learning the district used a webcam in a school-issued laptop to secretly spy on their 15-year-old son when he was at home. They've sued for invasion of privacy under state law, violation of the Pennsylvania Wiretapping and Electronic Surveillance Act, and violations of the federal Electronic Communications Privacy Act, Computer Fraud Abuse Act, Stored Communications Act, and the Fourth Amendment.
According to the complaint (which Philly.com posted online), the school surreptitiously spied on students by remotely activating the webcams installed on the laptops the Lower Merion School District issued to them.
The family learned about the remote spying in November of 2009, when an assistant prinicipal told their son, Blake, that she believed he “was engaged in improper behavior in his home, and cited as evidence a photograph from the Webcam embedded in [his] personal laptop issued by the School District.”
The school posted a response on its website, essentially admitting the laptops' webcams can be remotely activated, but saying it was meant to be used for security purposes -- to track down a lost or stolen piece of equipment.
(Thanks to Bret D. for the tip on this story!)
Saturday, October 3, 2009
Employer Liability for Accessing Employee's MySpace Group, Part Deux
In yesterday's post on Pietrylo v. Hillstone Restaurant Group, I blogged about an employer that found itself in hot water for accessing an employee's "by invitation only" MySpace group (called the Spectator) by using another employee's login information. The jury found the restaurant liable under the Stored Communications Act (also known as Title II of the Electronic Communications Privacy Act of 1986). The plaintiffs in that case also pursued a common law invasion of privacy claim. Although the plaintiffs lost on that count, there's an important jury finding worth pointing out.
On the invasion of privacy claim ("intrusion upon seclusion"), the jury instructions asked, "Was the Spectator a place of solitude and seclusion which was designed to protect the Plaintiffs' private affairs and concerns?" To this, the jury responded, "yes."
The instructions went on to ask, "Did the Plaintiffs have a reasonable expectation of privacy in the Spectator?" Here, the jury answered "no," which left the plaintiffs without a claim. (The jury didn't go on to determine whether a reasonable person would find it highly offensive, the next element to prove the claim).
This seems a bit curious -- as the two answers appear to be mutually exclusive. In other jurisdictions, an affirmative answer to the first question would necessarily mean the plaintiffs had a reasonable expectation of privacy in the "thing" intruded. An invasion of privacy claim for intrusion upon seclusion in Iowa, for example, just has two elements: (1) an intentional intrusion upon the solitude or seclusion of another, (2) which a reasonable person would find highly offensive.
However this verdict form might be analyzed, one thing is clear: a jury may well find that "by invitation only" MySpace groups --as well as other online content with certain privacy controls -- can be a "place of solitude and seclusion" for purposes of an invasion of privacy claim.
Here's the relevant portion of the jury form:
![]()
On the invasion of privacy claim ("intrusion upon seclusion"), the jury instructions asked, "Was the Spectator a place of solitude and seclusion which was designed to protect the Plaintiffs' private affairs and concerns?" To this, the jury responded, "yes."
The instructions went on to ask, "Did the Plaintiffs have a reasonable expectation of privacy in the Spectator?" Here, the jury answered "no," which left the plaintiffs without a claim. (The jury didn't go on to determine whether a reasonable person would find it highly offensive, the next element to prove the claim).
This seems a bit curious -- as the two answers appear to be mutually exclusive. In other jurisdictions, an affirmative answer to the first question would necessarily mean the plaintiffs had a reasonable expectation of privacy in the "thing" intruded. An invasion of privacy claim for intrusion upon seclusion in Iowa, for example, just has two elements: (1) an intentional intrusion upon the solitude or seclusion of another, (2) which a reasonable person would find highly offensive.
However this verdict form might be analyzed, one thing is clear: a jury may well find that "by invitation only" MySpace groups --as well as other online content with certain privacy controls -- can be a "place of solitude and seclusion" for purposes of an invasion of privacy claim.
Here's the relevant portion of the jury form:
Friday, October 2, 2009
Employer Liability for Accessing Employee's MySpace Group
A jury decided an employer violated the Stored Communications Act (“SCA”) and the parallel state statute when management used an employee’s login information to access the site, awarding compensatory and punitive damages.
According to court documents, two Houston’s restaurant employees, Brian Pietrylo and Doreen Marino, created a private MySpace group called the “Spectator” to (in Brian’s words) “vent about any BS” they dealt with at work. One of the invitees was restaurant greeter, Karen St. Jean. Management apparently caught wind of the web page, and asked Karen for her login information. She voluntarily turned it over to them, and the managers logged on to find all kinds of stuff they weren’t too pleased about:
Talk of workplace violence (i.e., “The Navajo rug needs to be set on fire”),
References to illicit drug use (i.e., “If you had to drop acid with one person in Houston[’]s, who would it be?”),
Offensive name-calling and sexual remarks (i.e., “management dick suckers” and reference to a “rim job,” which apparently involves some kind of anal sex act),
Disclosure of proprietary business information (i.e., entire wine test on a new wine list that was to be given to the staff)
Sarcastic and derogatory comments about the quality and standards of Houston’s, as well as its management (i.e., “stupid corporate f---s”).
Houston’s fired Brian and Doreen, and they sued. The jury returned a verdict in favor of Brian and Doreen on their SCA claims, finding that through its managers, Houston’s had knowingly or intentionally accessed the Spectator without authorization.
Following the jury verdict, Houston’s moved for judgment as a matter of law, or alternatively, a new trial. On September 25, 2009, the US District Court for the District of New Jersey issued its opinion denying the motion.
The court said that although Karen voluntarily handed over her login information to them, she testified she would not have turned over her password to any non-managers who asked for it, and she worried she “probably would have gotten in trouble” if she hadn’t complied. Thus, according to the court, a reasonable jury could have decided her purported “authorization” was coerced or pressured. Further, the managers accessed the site on multiple occasions, despite the fact is was clear on the group page that it was meant to be private and accessed only by members. Heck, the way they went about accessing the password-protected MySpace group also suggested they knew they weren’t authorized. Despite the restaurant’s claimed belief its managers pursued access to the Spectator for legitimate business reasons, the jury didn’t believe the way Houston’s tried to protect those interests was proper.
This case reminds employers there are risks in attempting to access employee’s online content – particularly when that access might be considered “unauthorized.” Employers generally should avoid using false information or someone else’s login and password to gain access to any web sites.
According to court documents, two Houston’s restaurant employees, Brian Pietrylo and Doreen Marino, created a private MySpace group called the “Spectator” to (in Brian’s words) “vent about any BS” they dealt with at work. One of the invitees was restaurant greeter, Karen St. Jean. Management apparently caught wind of the web page, and asked Karen for her login information. She voluntarily turned it over to them, and the managers logged on to find all kinds of stuff they weren’t too pleased about:
Talk of workplace violence (i.e., “The Navajo rug needs to be set on fire”),
References to illicit drug use (i.e., “If you had to drop acid with one person in Houston[’]s, who would it be?”),
Offensive name-calling and sexual remarks (i.e., “management dick suckers” and reference to a “rim job,” which apparently involves some kind of anal sex act),
Disclosure of proprietary business information (i.e., entire wine test on a new wine list that was to be given to the staff)
Sarcastic and derogatory comments about the quality and standards of Houston’s, as well as its management (i.e., “stupid corporate f---s”).
Houston’s fired Brian and Doreen, and they sued. The jury returned a verdict in favor of Brian and Doreen on their SCA claims, finding that through its managers, Houston’s had knowingly or intentionally accessed the Spectator without authorization.
Following the jury verdict, Houston’s moved for judgment as a matter of law, or alternatively, a new trial. On September 25, 2009, the US District Court for the District of New Jersey issued its opinion denying the motion.
The court said that although Karen voluntarily handed over her login information to them, she testified she would not have turned over her password to any non-managers who asked for it, and she worried she “probably would have gotten in trouble” if she hadn’t complied. Thus, according to the court, a reasonable jury could have decided her purported “authorization” was coerced or pressured. Further, the managers accessed the site on multiple occasions, despite the fact is was clear on the group page that it was meant to be private and accessed only by members. Heck, the way they went about accessing the password-protected MySpace group also suggested they knew they weren’t authorized. Despite the restaurant’s claimed belief its managers pursued access to the Spectator for legitimate business reasons, the jury didn’t believe the way Houston’s tried to protect those interests was proper.
This case reminds employers there are risks in attempting to access employee’s online content – particularly when that access might be considered “unauthorized.” Employers generally should avoid using false information or someone else’s login and password to gain access to any web sites.
Subscribe to:
Posts (Atom)
