Archive for the ‘Privacy (Gossip & Shaming)’ Category
Understanding Privacy in Paperback
posted by Daniel Solove
I’m pleased to announce that my book, Understanding Privacy, has just come out in paperback from Harvard University Press, with a price that’s much more reasonable and affordable than the hardcover.
Understanding Privacy offers a comprehensive overview of the many difficulties involved in discussions of privacy. Drawing from a broad array of interdisciplinary sources, I set forth a framework for understanding privacy that provides clear practical guidance for engaging with privacy issues.
September 14, 2009 at 7:36 am
Posted in: Articles and Books, Book Reviews, Privacy, Privacy (Consumer Privacy), Privacy (Electronic Surveillance), Privacy (Gossip & Shaming), Privacy (ID Theft), Privacy (Law Enforcement), Privacy (Medical), Privacy (National Security)
Print This Post
No Comments
Breaching a Child’s Confidentiality
posted by Daniel Solove
Over at the NYT blog is an interesting story about a British writer (Julie Myerson) who has published a memoir about her son’s drug addiction (The Lost Child). Her 20-year old son has criticized the publication of the book. According to the Telegraph (UK):
The 20-year-old said: “What she has done has taken the very worst years of my life and cleverly blended it into a work of art, and that to me is obscene.
“I was only 17, I was a confused teenager, I was too young really to know who I was or what was happening.
“What she describes in her book are a series of incidents, it’s not who I am and I find it very sad that she feels the need to tar me with the ‘drug addict’ brush.
“She’s been writing about me since I was two, and, quite frankly, I’m not surprised by anything she does any more.
The NYT Blog asks:
Is it inappropriate and even harmful to expose the private lives of minor children, in particular? What privacy lines should be observed, if any, in writing about family members and others?
It contains responses from four people, Alison Gopnik (a psychology professor), David Matthews (author), Melanie Gideon (author0, and Michael Greenberg (author). For example, Author David Matthews writes:
Nothing is off limits as far as I’m concerned. Whether an author wants to risk fraying familial and social ties in the pursuit of the truth (as they see it) is a question left up to the writer.
Matthews’ response strikes me as rather extreme. In Britain, family members owe each other duties to keep private information confidential. In the US, the breach of confidentiality tort applies to doctors, lawyers, and others, but hasn’t been extended to friends and family. Perhaps it should be.
According to the Telegraph article, Myerson’s son said:
“I even consulted a lawyer to try to stop it, but was told there wasn’t much I could do, so I made her take out the part where she said I was selling drugs to my 12-year-old brother, which was one of her fantasies.
I’m surprised that he was advised the law didn’t protect him, since the book was published in Britain and he’d likely have a decent case under British precedent.
The Myerson case is increasingly becoming more common. Numerous bloggers are chronicling the lives of their children online, posting photos and a day-by-day account of their lives. What happens when these children grow up and resent having their entire childhood permanently recorded for the world to see?
Should family members owe each other a duty of confidentiality? Should parents write about a child’s life without that child’s consent?
Hat tip: PogoWasRight
September 1, 2009 at 7:40 am
Posted in: Family Law, Privacy, Privacy (Gossip & Shaming), Tort Law
Print This Post
8 Comments
The Revenge of College Gossip Websites
posted by Daniel Solove
A while ago, the notorious college gossip website, Juicy Campus, bit the dust. But according to an article by Jeffrey Young in the Chronicle of Higher Education:
“This is the new JuicyCampus,” says a note at Campus Gossip, which boasts campus-specific message boards for hundreds of colleges and encourages anonymous and racy barbs such as “These Fellas got herpes,” with a list of names attached. Going even further than its predecessor, there’s also a photo section where students can post embarrassing pictures and videos of others.
The site is planning a back-to-school marketing push, including a happy hour near Arizona State University where a rap artist named Sabotage will perform a song about the pleasures of campus gossip.
Another site, CollegeACB (the letters stand for Anonymous Confession Board), paid the defunct JuicyCampus $10,000 to redirect visitors from its Web address to CollegeACB.
For those who want a first-hand look at these sites, the Campus Gossip site is here and the CollegeACB site is here. I’m quoted in the article, as is co-blogger Danielle Citron:
Internet shaming creates an indelible blemish on a person’s identity,” wrote Daniel J. Solove, a professor of law at George Washington University, in his 2007 book, The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale University Press). “It’s similar to being forced to wear a digital scarlet letter or being branded or tattooed. People acquire permanent digital baggage. They are unable to escape their past, which is forever etched into Google’s memory.” . . . .
“I don’t see why it has to be that way,” the law professor told me in a recent interview. “Just like when you drive, it’s not a free-for-all,” he added, equating the current laws governing online forums to a road without traffic lights or stop signs. “It’s like if we looked at the roads and said, There’s just nothing to be done—let’s just abolish all rules of the road.” . . . .
Danielle Citron, a law professor at the University of Maryland at Baltimore, said she hoped that stamping out harassment on campus-gossip Web sites would be considered a matter of civil rights.
She makes the case in an article published in the Michigan Law Review this year called “Law’s Expressive Value in Combating Cyber Gender Harassment.” In it, she argues that law-enforcement officials fail to take seriously complaints about online anonymous comments, and that using “civil-rights remedies” may be the most effective way to pursue such acts.
“Women should not have to wait until cyberharassment fulminates into physical violence for law enforcement to address it,” she wrote. “A civil-rights agenda … would demonstrate that the Internet is not the lawless Wild West, just as court settlements and state legislation made clear that the home does not insulate abusing husbands from societal intervention.”
August 31, 2009 at 9:51 am
Posted in: Anonymity, Privacy, Privacy (Gossip & Shaming), Social Network Websites, Web 2.0
Print This Post
2 Comments
Lori Drew Case Decided
posted by Daniel Solove
The Lori Drew case has finally been decided. Background about the case is here. In previous posts (here and here), I argued that the CFAA should be held to be unconstitutionally vague.
In an opinion released on August 28, Judge George Wu struck down, on unconstitutional vagueness grounds, the prosecution’s attempt to enforce violations of website terms of service as crimes under the Computer Fraud and Abuse Act (CFAA):
[I]f any conscious breach of a website’s terms of service is held to be sufficient by itself to constitute intentionally accessing a computer without authorization or in excess of authorization, the result will be that section 1030(a)(2)(C) becomes a law “that affords too much discretion to the police and too little notice to citizens who wish to use the [Internet].” City of Chicago [v. Morales], 527 U.S. [41] at 64 [(1999)].
Congratulations to Orin Kerr, who assisted in the defense, and who is cited numerous times throughout the court’s opinion.
August 29, 2009 at 10:18 pm
Posted in: Anonymity, Privacy, Privacy (Electronic Surveillance), Privacy (Gossip & Shaming), Web 2.0
Print This Post
No Comments
Interview on Internet Anonymity on Above the Law
posted by Daniel Solove
Over at Above the Law, Kashmir Hill has posted a Q&A with me about the “Skanks in NYC” blogger case. She also discusses with me how and why I became interested in privacy law.
August 25, 2009 at 3:06 pm
Posted in: Privacy, Privacy (Gossip & Shaming), Social Network Websites, Tort Law, Web 2.0
Print This Post
No Comments
Can You Be Sued for Unmasking an Anonymous Blogger?
posted by Daniel Solove
A model named Liskula Cohen was being attacked on a blog called Skanks in NYC. The author of the Skanks blog was anonymous. Kashmir Hill reports:
Cohen started pursuing the defamation suit against the anonymous ‘Skanks’ blogger in January after discovering the site, on which the blogger called Cohen a skank, a ho, and an old hag, among other nasty things, and posted photos of her, taken from various websites. Since Cohen needed the identity of the blogger in order to file the lawsuit against her, a judge in Manhattan granted Cohen’s request to force Google to reveal the e-mail address and IP address of the alleged defamer.
Cohen has since dropped her $3 million lawsuit. The unmasked blogger — Rosemary Port — plans to sue Google for $15 million for breaching its fiduciary duty to defend her anonymity.
Over at CyberSLAPP, a website maintained by EFF (disclosure: I’m on EFF’s advisory board), ACLU, CDT, EPIC, and Public Citizen, they have posted documents from the case, including the court’s order to Google to unmask the author of Skanks.
CyberSLAPP seeks to combat frivolous lawsuits to reveal another’s identity:
CyberSLAPP cases typically involve a person who has posted anonymous criticisms of a corporation or public figure on the Internet. The target of the criticism then files a frivolous lawsuit just so they can issue a subpoena to the Web site or Internet Service Provider (ISP) involved, discover the identity of their anonymous critic, and intimidate or silence them.
The Skanks in NYC raises a lot of interesting issues. I’ll tackle a few in this post.
1.Was Cohen’s lawsuit frivolous? Cohen might have a decent defamation lawsuit, but she subsequently dropped it when she found out Cohen’s identity. This behavior indicates she was using the lawsuit only to unmask the blogger. I agree with CyberSLAPP that such a practice should be restricted.
August 25, 2009 at 7:04 am
Posted in: Anonymity, Privacy, Privacy (Gossip & Shaming), Social Network Websites, Tort Law, Web 2.0
Print This Post
23 Comments
Employers Researching Applicants Online
posted by Daniel Solove
Over at the New York Times Bits Blog, Jenna Wortham writes:
According to a new study conducted by Harris Interactive for CareerBuilder.com, 45 percent of employers questioned are using social networks to screen job candidates — more than double from a year earlier, when a similar survey found that just 22 percent of supervisors were researching potential hires on social networking sites like Facebook, MySpace, Twitter and LinkedIn.
The study, which questioned 2,667 managers and human resource workers, found that 35 percent of employers decided not to offer a job to a candidate based on the content uncovered on a social networking site. (The survey has no margin of sampling error because it was not drawn from a representative nationwide sample but rather from volunteer participants.)
According to the report, most employers did their research on applicants by using Facebook. I wonder whether they respected the applicants’ privacy settings. If the applicants limited the access of their profile to a select group of friends, and the employer accessed that profile, then the employer might find themselves at odds with the Computer Fraud and Abuse Act — with possible criminal penalties!
What leads to job rejections? Photos! Photos involving nudity, drink, and drugs are the most frequent job killers.
As I discuss in The Future of Reputation: Gossip, Rumor, and Privacy on the Internet, people must learn to be more careful about what they post about themselves and others or else they will face serious consequences and lost opportunities.
In an earlier post regarding college admissions officers researching applicants online, I argued that most lack guidelines for how they conduct such research and for how they use the information they find. These questions also pertain to employers:
* Should such information be used? When?
* How heavily should it be relied upon?
* What kinds of things should negatively impact an applicant? Information about sex life? Drug use? Drinking? Bad behavior?
* What steps should be taken to make sure that the information was accurate?
* Should a distinction be made between information that people post about themselves and information that others have posted about them, perhaps invading their privacy without their consent?
* What steps should be taken to make sure that the information used in fact relates to the applicant and not to somebody else with the same name?
* Should people be notified that information online was used against them and be given an opportunity to be heard to explain it?
August 20, 2009 at 6:37 pm
Posted in: Employment Law, Privacy, Privacy (Gossip & Shaming), Social Network Websites, Web 2.0
Print This Post
No Comments
Lori Drew Tentatively Acquitted
posted by Daniel Solove
Judge George Wu has ruled that he is planning to dismiss the charges against Lori Drew, the woman involved in the MySpace suicide case involving Megan Meier. Background about the case is here. According to an article by Kim Zetter of Wired, who has provided terrific coverage of the case:
“It basically leaves it up to a website owner to determine what is a crime,” said Wu on Thursday, echoing what critics of the case have been saying for months. “And therefore it criminalizes what would be a breach of contract.” . . . .
Wu told Assistant U.S. Attorney Mark Krause that if Drew had been convicted of the felonies, he would have let the convictions stand, and would have already sentenced her. But the misdemeanor convictions troubled him, because of the vague wording of the statute. . . .
To convict Drew of the felonies, prosecutors would have needed to prove two things: that Drew accessed MySpace “without authorization,” and did it for the purpose of committing a tortious act — in this case, to intentionally cause harm to Megan Meier.
But for the misdemeanors, the jury just had to find that Drew obtained the unauthorized access. Wu said that language, standing on its own, was too vague to pass constitutional muster in this case.
“I don’t see how the misdemeanor aspect would be constitutional,” he said. “That is the issue I’m wrestling with at this time.”
Wu also doubted that MySpace provided sufficient notice to members to hold them responsible. If a user didn’t read the terms of service, the judge asked prosecutor Krause, could they still be charged with violating them?
In previous posts (here and here), I argued that the CFAA should be held to be unconstitutionally vague. I’m encouraged that Judge Wu agrees, though I believe the CFAA is unconstitutionally vague not only in its misdemeanor provisions, but in its felony ones as well.
Congratulations to my colleague, Orin Kerr, who assisted in Lori Drew’s defense.
The AP story is here.
July 2, 2009 at 7:41 pm
Posted in: Privacy, Privacy (Electronic Surveillance), Privacy (Gossip & Shaming), Web 2.0
Print This Post
10 Comments
On the Rumored Cyber Security Czar Candidate: Let’s Look Before We Leap
posted by Danielle Citron
According to Time magazine, former Congressman Tom Davis has emerged as a front runner for the newly created Cyber Security Czar position. The Time piece cited Davis’s authorship of the Federal Information Security Management Act of 2002, his work as chair of the Subcommittee on Technology and Procurement policy, his connections to the IT community through his former district, and his current work at Deloitte as some of the reasons supporting his candidacy.
President Obama has stressed that privacy is key to the government’s cyber security efforts. Davis’s record on privacy issues, however, is troubling. As Wired’s Ryan Singel reports, Davis has been on the “wrong side of privacy issues.” Davis supported the controversial REAL ID Act.” He attempted to undo a measure that ultimately put a chief privacy officer in every major government agency. He embraced the Bush Administration’s expansion of government wiretapping powers. Aside from his spotty record on privacy, Davis’s congressional record suggests that he does not share the President’s regard for government transparency. He helped pass the Critical Infrastructure Act, which created an exemption to FOIA for information provided DHS by private companies concerning its oversight of critical infrastructure. Hopefully, the President will consider these issues before making his final decision.
June 23, 2009 at 4:29 pm
Posted in: Privacy, Privacy (Gossip & Shaming), Privacy (Law Enforcement), Privacy (National Security), Technology, Uncategorized
Print This Post
One Comment
Barnes v. Yahoo!, CDA Immunity, and Promissory Estoppel
posted by Daniel Solove
The Ninth Circuit recently decided Barnes v. Yahoo!, a case with some very interesting holdings relating to the Communications Decency Act § 230 as well as promissory estoppel. I wrote about this case briefly in my book, The Future of Reputation, long before it made it up to the Ninth Circuit.
Celia Barnes’ ex-boyfriend created fake profiles in her name on Yahoo. Moreover, as the court relates:
The profiles contained nude photographs of Barnes and her boyfriend, taken without her knowledge, and some kind of open solicitation, whether express or implied is unclear, to engage in sexual intercourse. The ex-boyfriend then conducted discussions in Yahoo’s online “chat rooms,” posing as Barnes and directing male correspondents to the fraudulent profiles he had created. The profiles also included the addresses, real and electronic, and telephone number at Barnes’ place of employment. Before long, men whom Barnes did not know were peppering her office with emails, phone calls, and personal visits, all in the expectation of sex.
Barnes contacted Yahoo to get the profiles taken down:
May 19, 2009 at 6:14 pm
Posted in: Constitutional Law, Cyberlaw, First Amendment, Law School, Media Law, Privacy, Privacy (Gossip & Shaming), Social Network Websites, Tort Law, Web 2.0
Print This Post
4 Comments
Peoples Dirt, Now Terrorizing High Schoolers Everywhere
posted by Danielle Citron
When Juicy Campus closed for business, many students, parents, and educators sighed with relief. We unfortunately had little to celebrate. As I noted then, Juicy Campus was but one player in a crowded line up of anonymous attack sites.
Yesterday’s Washington Post sadly underscored that point in its coverage of Peoples Dirt. The site has the dubious distinction of being one of the first to organize anonymous gossip by high schools. A review of its postings reveals that the site is a Juicy Campus for Juniors. And like its now-defunct older sibling, Peoples Dirt is filled with attacks on named individuals. As Brian Leiter has aptly described similar sites, it is a cyber cesspool of racist, sexist, and homophobic rants. Posters claim to have had sex with named female students. They disparage named girls’ body parts; they compile lists of the “ugliest middle school” girls. They discuss students’ sexuality in threatening ways. A posting under a male student’s name: “we know your g@y…just come out of the closet…and you should choke on a dick and die.”
Sadly, the era of the anonymous gossip site is far from over.
May 18, 2009 at 3:05 pm
Posted in: Anonymity, Privacy (Gossip & Shaming)
Print This Post
One Comment
Privacy Rights vs Architects of Our Own Doom
posted by Jacqueline Lipton
In recent months, I’ve noticed several comments in privacy literature that mention the importance of acknowledging the role individuals play in protecting their own privacy. In other words, those (like me) who have advocated strengthening privacy-protections in the digital age need to face the question of the balance between legal privacy protections on the one hand, and the responsibility of individuals to keep some measure of control over their personal information on the other. Of course, it’s harder to maintain as much control over personal information in the digital age than it is in the physical world. Nevertheless, most of us would acknowledge that individuals should take whatever reasonable measures they can to maintain the privacy/secrecy of things they do not want the world to see online. This balance between state imposed privacy protections and personal responsibility for private information raises a number interesting questions including:
May 10, 2009 at 2:58 pm
Tags: Privacy
Posted in: Privacy, Privacy (Gossip & Shaming), Uncategorized
Print This Post
No Comments
Family Privacy Rights in Death-Scene Images of the Deceased
posted by Daniel Solove
In Newsweek, Jessica Bennett tells the tragic story about a family being harassed by the spread of death-scene images of their daughter, who was killed in an automobile accident. The photos of Nikki Catsouras were particularly gruesome — Nikki was decapitated in the crash. According to the article, soon after the crash, photos taken by the California Highway Patrol started circulating on the Internet:
Two weeks later, Lesli’s brother, Geoff, got a call from a neighbor. “Have you seen the photos?” he asked. Apparently, photos of the crash scene were circulating around town, via e-mail. Soon they showed up on Web sites, many of them dedicated to hard-core pornography and death. A fake MySpace page was set up in Nikki’s name, where she was identified as a “stupid bitch.” “That spoiled rich girl deserved it,” one commenter wrote. “What a waste of a Porsche,” announced another.
The family filed a formal complaint about the photos’ release, and three months later, they received a letter of apology from the California Highway Patrol. An investigation had revealed that the images, taken as a routine part of a fatal accident response, had been leaked by two CHP dispatchers: Thomas O’Donnell, 39, and Aaron Reich, 30. O’Donnell, a 19-year CHP veteran, had been suspended for 25 days without pay. Reich quit soon after—for unrelated reasons, says his lawyer. Both men declined requests for comment, but Jon Schlueter, Reich’s attorney, says his client sent the images to relatives and friends to warn them of the dangers of the road. “It was a cautionary tale,” Schlueter says. “Any young person that sees these photos and is goaded into driving more cautiously or less recklessly—that’s a public service.”
Apparently, the two California Highway Patrol officers took the pictures and improperly circulated them to others. The photos then started spreading like a virus around the Internet.
The conduct of the anonymous people spreading the photos over the Internet was despicable. From the complaint:
An individual sent an e-mail to Christos Catsouras with the subject line “Woo Hoo Daddy,” whereupon Christos Catsouras opened it, only to read the e-mail message stating “Hey Daddy I’m still alive,” with the graphic and horrific images of Decedent’s uncovered decapitated remains displayed immediately next to the message. . . .
An individual sent an e-mail to Plaintiffs with the subject line “Fletcher Jones,” which is a Mercedes-Benz dealer in Orange County, California, whereupon Christos Catsouras opened it, only to see the graphic and horrific images of Decedent’s uncovered decapitated remains displayed on the e-mail message. . . .
Over 2,500 Internet websites have been identified throughout in the United States and the United Kingdom which have posted the graphic and horrific images of Decedent’s uncovered remains, and all of them have done so without the permission, authority or consent of any of the Plaintiffs.
The family brought suit against the California Highway Patrol, alleging, among other things, that it violated the family’s constitutional right to information privacy. In Whalen v. Roe, 429 U.S. 589 (1977), the Supreme Court stated that the constitutional right to privacy protected two “different kinds of interests” — (1) “the individual interest in avoiding disclosure of personal matters” and (2) “the interest in independence in making certain kinds of important decisions.” The first interest has become known as the constitutional right to information privacy. Most federal circuit courts have recognized the constitutional right to information privacy, including the 9th Circuit.
But the trial court threw out their claim. In a pithy order, the court declared that no duty exists between the highway patrol officers and the family members. The case is currently on appeal.
This reasoning strikes me as incorrect. I’m quoted in the Newsweek article, but here’s an elaboration of my argument as to why the court got it wrong.
April 27, 2009 at 12:05 am
Posted in: Privacy, Privacy (Gossip & Shaming)
Print This Post
7 Comments
Online Symposium: Citron’s Cyber Civil Rights
posted by Frank Pasquale
From tomorrow through Thursday, Concurring Opinions will be hosting a number of scholars invited to discuss Danielle Citron’s work Cyber Civil Rights. Responding to controversies over online attacks, Citron argues the following:
Social networking sites and blogs have increasingly become breeding grounds for anonymous online groups that attack women, people of color, and members of other traditionally disadvantaged groups. These destructive groups target individuals with defamation, threats of violence, and technology-based attacks that silence victims and concomitantly destroy their privacy. Victims go offline or assume pseudonyms to prevent future attacks, impoverishing online dialogue and depriving victims of the social and economic opportunities associated with a vibrant online presence. Attackers manipulate search engines to reproduce their lies and threats for employers and clients to see, creating digital “scarlet letters” that ruin reputations. . . .
Web 2.0 technologies accelerate mob behavior. With little reason to expect self-correction of this intimidation of vulnerable individuals, the law must respond. General criminal statutes and tort law proscribe much of the mobs’ destructive behavior, but the harm they inflict also ought to be understood and addressed as civil rights violations. Civil rights suits reach the societal harm that would otherwise go unaddressed and would play a crucial expressive role. Acting against these attacks does not offend First Amendment principles when they consist of defamation, true threats, intentional infliction of emotional distress, technological sabotage, and bias-motivated abuse aimed to interfere with a victim’s employment opportunities. To the contrary, it helps preserve vibrant online dialogue and promote a culture of political, social, and economic equality.
As I’ve noted before, I think this piece breaks new ground in applying venerable laws to the online environment. In this cyber-symposium, we propose to discuss the following issues:
What can the law do to respond to these threats?
How we deter harassment while promoting legitimate speech?
How do we balance the privacy rights of speakers and those they speak about in the new communicative landscape created by sites like AutoAdmit, Juicy Campus, Facebook, and anonymous message boards?
A list of scholars invited to discuss these issues appears below:
April 13, 2009 at 9:18 pm
Posted in: Anonymity, Civil Rights, Constitutional Law, Culture, Current Events, Cyberlaw, Feminism and Gender, Google & Search Engines, Law and Inequality, Privacy, Privacy (Electronic Surveillance), Privacy (Gossip & Shaming), Social Network Websites, Technology
Print This Post
One Comment
Rethinking Free Speech and Civil Liability
posted by Daniel Solove
When does civil liability for speech trigger First Amendment protections?
Recently, Professor Neil Richards and I posted on SSRN our new article exploring this question: Rethinking Free Speech and Civil Liability, 109 Columbia Law Review (forthcoming 2009).
Surprising, the issue of when civil liability for speech triggers First Amendment scrutiny is governed by two totally contradictory rules. Since New York Times v. Sullivan, the First Amendment applies to tort liability for speech, including defamation and invasion of privacy.
But in other contexts, the First Amendment does not apply to liability for speech. According to Cohen v. Cowles, there is no First Amendment scrutiny for speech restricted by promissory estoppel and contract. The First Amendment rarely requires scrutiny when property rules restrict speech.
In a large range of situations, however, these rules collide. Tort, contract, and property law overlap to a substantial degree, so formalistic distinctions between areas of law will not adequately resolve when the First Amendment should apply to civil liability.
This conflict is vividly illustrated by the law of confidentiality. We pose the following hypothetical in the article:
Suppose an attorney representing a client in a highly-publicized case discloses the client’s confidential information. The client sues under the breach of confidentiality tort. The attorney claims that she was engaging in free speech and that the First Amendment protects her right of expression. Does the Sullivan or Cohen rule apply? One could argue that the Sullivan rule applies because breach of confidentiality is a tort. On the other hand, breach of confidentiality remedies a contract-like harm. Even if never expressed orally or in writing, an implicit agreement exists between the attorney and client that the attorney will maintain the confidentiality of the client’s information. Perhaps this situation should fall under the Cohen rule because the breach of confidentiality claim more closely resembles an action for promissory estoppel rather than an action for public disclosure of private facts. If this were the case, then the First Amendment would not apply.
In our article, we explore how this problem can be resolved. We survey the way that existing doctrine and theories attempt to address the conflict between the Sullivan and Cohen rules, and we demonstrate why such approaches are lacking. We aim to develop a coherent approach for resolving when the First Amendment applies to civil liability for speech. To find out our solution, take a look at our article and let us know what you think.
March 17, 2009 at 11:59 am
Posted in: Articles and Books, Constitutional Law, Contract Law & Beyond, First Amendment, Media Law, Privacy, Privacy (Gossip & Shaming), Tort Law
Print This Post
2 Comments
Cyber Harassment: Yes, It is a Woman’s Thing
posted by Danielle Citron
In response to yesterday’s post, commentators questioned whether cyber harassment is a gendered problem. The answer is yes. While cyber attackers target men (see my post here), more often their victims are female. According to a University of Maryland study, online users who appear female are 25 times more likely to receive threats and sexually explicit messages than online users with male names. The disproportionate targeting of women accords with statistics compiled by the organization Working to Halt Online Abuse (WHOA). In 2007, 61 percent of the individuals reporting online abuse to WHOA were female while 21 percent were male. 2006 followed a similar pattern: 70 percent of those reporting online harassment identified themselves as women. Overall, in the years covering 2000 to 2007, 72.5 percent of the 2,285 individuals reporting cyber harassment were female and 22 percent were male. 70 percent of the victims were between the ages of 18 and 40 and half of them reported having no relationship with their attackers.
What of the comment that these statistics are somehow skewed because women are just more likely to “*complain* about it [whereas] Men are more likely to either ignore it, see it as trivial, or engage in self-help.” Here, the study from the University of Maryland’s Department of Electrical and Computer Engineering Department is particularly instructive. Robert Meyer and Michel Cukier studied the threat of attacks associated with the chat medium IRC. They used a combination of simulated users (i.e., bots) and regular users. In an experiment using silent bots, they tested whether or not the gender of the user-name had an affect on the number of attacks received. The female names used were Cathy, Elyse, Irene, Melissa, and Stephanie. The male names were Andy, Brad, Dan, Gregg, and Kevin. The study found that female bots received on average 100 malicious private messages a day while the male bots received an average of 3.7. It found that the user gender had a significant impact on the number of sexually explicit and threatening messages received. Moreover, studies suggest that women under-report cyber harassment due to feelings of shame, not over-report as the commentator suggests.
March 10, 2009 at 11:23 am
Posted in: Civil Rights, Privacy (Gossip & Shaming)
Print This Post
52 Comments
Trivializing Women’s Harms: The Story of Cyber Gender Harassment
posted by Danielle Citron
On March 3, 2009, National Public Radio host Tom Ashbrook hosted a conversation about cyber harassment with David Margolick, Marc Randazza, Anthony Ciolli, and myself. Our discussion focused on the attacks on female law students at AutoAdmit in 2007. Here is a little background: anonymous individuals posted hundreds of sexually explicit, threatening, economically-harming, and allegedly defamatory statements about named female students. For instance, “[female student's name] is a dumbass slut with huge fake t****s who I want to rape in the ass”; “I will force myself on her and sodomize her repeatedly”; “She deserves to be raped so that her little fantasy world can be shattered by real life.” Posters suggested that they had access to the named women, noting what they wore at the law school gym, providing updates on their whereabouts, and encouraging others to take pictures of the named women and post them on the site. Posters accused named women of having sexually transmitted diseases (e.g., “[Named female student] is a slut but don’t f***k her she has herpes”). They sent emails to former and prospective employers urging the law firms not to hire named women due to their low character. A poster told the community there that he sent an email to a named student’s faculty members with embarassing information about her. Posters hailed the sender as a hero who should be awarded a Congressional medal. Others engaged in a google bombing campaign to ensure the prominence of the offensive threads in searches of the women’s names: “We’re not going to let that bitch have her own blog be the first result from googling her name!”
During the program, former New York Times At the Bar columnist and current editor at Portfolio magazine David Margolick characterized the AutoAdmit attacks as mostly “juvenile, immature, and obnoxious, but that is all they are.” He called them “frivolous frat boy rants.” Margolick said that because the female law students who graduated from the most prestigious law school in the country now have good jobs, they suffered no harm. Mark Randazza agreed with this characterization of the harassment: “these are digital natives; it is their juvenile shtick.”
As my article “Law’s Expressive Value in Combating Cyber Gender Harassment” (forthcoming Michigan Law Review) argues in great detail, far too many people like Margolick and Randazza trivialize the serious harms that women uniquely suffer as a result of such cyber harassment in much the same way that society downplayed or ignored workplace sexual harassment until 1970s. In the face of threats of sexual violence, women not only feel afraid, but also chilled to act on their own desires. Women withdraw from online discussion groups, shut down their blogs, and alter their physical activities to avoid offline harassment connected to the online harassment. For instance, AutoAdmit victims stopped going to the gym to ensure that the anonymous posters could not take a picture of her and post it online. The cyber harassment also harms women’s dignity and sense of equal worth. Online assaults objectify women by reducing them to their body parts. Harassers further humiliate women by reducing them to diseased body parts. This treats women as moral subordinates and undermines their self-respect just as workplace sexual harassment makes women feel like sex objects, not competent workers. Women suffer a performative harm: they may assume male pseudonyms online to avoid cyber harassment. And cyber harassment inflicts distinct harms to women’s emotional and physical well-being. Women fear that online threats of sexual violence will be realized: anonymous threats are all the more frightening as they are shorn of any cues that might alleviate that fear.
March 8, 2009 at 5:38 pm
Posted in: Anonymity, Culture, Current Events, Cyberlaw, Feminism and Gender, First Amendment, Privacy (Gossip & Shaming), Technology, Web 2.0
Print This Post
28 Comments
Juicy Campus: One Down, Too Many More to Go
posted by Danielle Citron
Today, Juicy Campus shut its virtual doors. The good news: that site will no longer host anonymous postings that terrorize individuals with vile threats. It will no longer feature posts that disclose women’s home addresses with instructions that they are available for sex. It will no longer feature postings that jeopardize reputations with defamatory lies and embarassing personal information. The bad news: Juicy Campus is but a small (but notorious) player in a crowded (and odious) outfield. Anyone who thinks that its closing heralds the demise of anonymous gossip sites and cyber harassment more generally is sadly mistaken. Online harassment (especially of women) is pervasive in our networked environment. Approximately 40% of female Internet users have experienced cyber harassment. Although the tough economy cost Juicy Campus its online ad revenue and financial support, it did not dampen the appetite for such destructive behavior. Indeed, one might imagine that job lay offs and light wallets would fuel dissatisfaction and the desire to abuse others online. Unfortunately, eradicating cyber harassment will take much more than shuttering Juicy Campus and their ilk.
February 5, 2009 at 7:49 pm
Posted in: Privacy (Gossip & Shaming)
Print This Post
4 Comments
Criminalizing Google’s YouTube in Italy
posted by Daniel Solove
In Italy, a rather disturbing prosecution is taking place. Google officials, including Chief Privacy Counsel Peter Fleischer, are being criminally prosecuted for a video somebody else uploaded to YouTube. According to an article by Tracey Bentley in the International Association of Privacy Professionals’ The Privacy Advisor:
The video that sparked the investigation was captured in a Turin classroom. Four high school boys were recorded taunting a young man with Down syndrome, and hitting the 17-year-old with a tissue box. One of the boys uploaded the footage to Google Video’s Italian site on September 8, 2006.
According to Google, more than 200,000 videos are uploaded to Google Video each day. Under EU legislation incorporated into Italian law in 2003, Internet service providers are not responsible for monitoring third-party content on their sites, but are required to remove content considered offensive if they receive a complaint about it. Between November 6 and 7, 2006, Google received two separate requests for the removal of the video–one from a user, and one from the Italian Interior Ministry, the authority responsible for investigating Internet-related crimes. Google removed the video on November 7, 2006, within 24 hours of receiving the requests.
Nonetheless, Milan public prosecutor Francesco Cajani decided that by allowing the 191-second clip onto its site, Google executives were in breach of Italian penal code. . . .
Cajani is prosecuting Google as an Internet content provider. Unlike Internet service providers, Italian penal code states that Internet content providers are responsible for the third-party content posted to their sites. This is essentially the same law regulating newspaper and television publishers.
I’ve been quite critical of very broad immunity for websites or ISPs that host defamatory or privacy invasive content of others. See Chapter 6 of The Future of Reputation. However, I find this Italian prosecution extremely troubling. And if I find it troubling, one can only imagine how apoplectic Professor Eric Goldman will be!
First, this is a criminal prosecution, and I’m generally very troubled for criminal prosecutions for defamation or privacy invasions. There might be some limited circumstances where criminal liability is warranted, though I believe that the problem is best deal with through civil liability, not criminal. While the prospect of civil liability can certainly chill speech, criminal law is an even more serious threat, and therefore, it shouldn’t be treated in the same way. Free speech protections should therefore be greater when criminal liability is involved.
Second, Google is not the content provider here. It shouldn’t be prosecuted as one. Apparently, from the reports (I haven’t seen the specific Italian law), Italy has a law that resembles Communications Decency Act (CDA), 47 U.S.C. § 230, which immunizes a website or ISP for the content posted by others. I agree with this general immunity. However, I believe that if a website or ISP is on notice that content is defamatory or invasive of privacy, then it must take down that material or lose its immunity from civil liability. Under the CDA, as interpreted by the courts, websites and ISPs are immune even after having knowledge that content posted on their sites is defamatory or invasive of privacy. I’ve argued that immunity under these circumstances is going too far. From what I’ve read, Italian law adopts the position I advocate.
But Google complied with the law and took down the videos after being notified. Thus, I don’t understand what Google did wrong. I don’t understand how it can be deemed the content provider. If Google officials can be criminally prosecuted any time a person uploads a defamatory or privacy invasive video to YouTube, it’s hard to see how they can possibly avoid running afoul of the law. YouTube and much of Web 2.0 would pose massive risks of criminal liability.
So as one who has strongly advocated for less immunity for defamatory and privacy invasive material online, even I find Italy’s prosecution of Fleischer and other Google executives to be quite outrageous and unjustified.
If anyone has a link to the Italian ISP immunity legislation in English, as well as more information about the specific criminal charges against Google, please let me know.
February 4, 2009 at 7:53 pm
Posted in: Privacy, Privacy (Gossip & Shaming), Privacy (Law Enforcement), Social Network Websites, Web 2.0
Print This Post
One Comment
Privacy Expectations: Being Seen vs. Being Recorded
posted by Daniel Solove
An interesting case from the Wisconsin Court of Appeals embodies what I believe is a thoughtful and nuanced understanding of privacy. The case is Wisconsin v. Jahnke, 2007AP2130-CR (Dec. 30, 2008).
The case is a criminal prosecution of a man who secretly recorded his girlfriend in the nude, in violation of Wisconsin Statute § 942.09(2)(am). I’ve posted the text of the full statute below. The statute provides that it is a felony to record another person in the nude without that person’s consent “in a circumstance in which [the person] has a reasonable expectation of privacy.” The defendant contended that his girlfriend didn’t have a reasonable expectation of privacy because (as the court characterizes his argument), “she knowingly and consensually exposed her nude body to him while he was secretly videotaping her.” In other words, he argued that since she expected to be seen by him, she lost her expectation of privacy in her nude body.
The court wisely rejected the defendant’s construction of the statute:
Under this construction, Jahnke’s girlfriend’s privacy interest in not being recorded in the nude is left unprotected any time she permits anyone, under any circumstance, to view her nude. If she disrobes in a medical facility and permits medical personnel to view her, such personnel could record her without violating subsection 1 and, of course, later share that recording without violating subsections 2 or 3. It is one thing to be viewed in the nude by a person at some point in time, but quite another to be recorded in the nude so that a recording exists that can be saved or distributed and viewed at a later time.
The dissent raises some interesting arguments involving statutory construction and some prior caselaw. In particular, the dissenting judge points to an earlier decision defining the term “reasonable expectation of privacy” under the statute, holding that it “requires that the person who is depicted nude is in a circumstance in which he or she has an assumption that he or she is secluded from the presence or view of others, and that assumption is a reasonable one under all the circumstances.” State v. Nelson, 718 N.W.2d 168 (Wisc. App. 2006). The majority concluded that the Nelson definition was “incomplete” and that the “statute is plainly directed at reasonable expectations vis-à-vis not being recorded.”
The majority opinion wisely avoids a trap that many courts get into — understanding “privacy” narrowly as absolute secrecy or seclusion. Privacy involves a cluster of expectations involving the nature and extent to which their information is captured, used, and disseminated. It seems quite reasonable to assume that two lovers who see each other nude nevertheless expect privacy. They might be exposing their nude bodies to each other, but what they expect is that nobody else will see them. Since this is a criminal statute, it is important that courts avoid interpreting privacy too liberally, especially in areas where expectations of privacy are muddy. But it seems to me that under this circumstance–the nonconsensual recording of a person in the nude when she is exposing her body only to her boyfriend (rather than walking down a public street in the nude)–expectations are clear that the intended exposure is for the boyfriend’s eyes only.
January 4, 2009 at 8:01 pm
Posted in: Criminal Law, Privacy, Privacy (Electronic Surveillance), Privacy (Gossip & Shaming)
Print This Post
2 Comments
