In what seems like a very dangerous ruling, antithetical to basic anonymity rights, a magistrate judge has ruled that Sony can unmask anyone who visited GeoHot's website where he had posted the jailbreak data or who viewed the YouTube video that demonstrated the jailbreak for the PS3 that allowed PS3 owners to bring back a feature that Sony had killed off. This seems pretty extreme. Why is it okay to identify people just because they visited a website or watched a video? As the EFF noted, these subpoenas seem extremely broad, and it's disappointing that the judge signed off on them.
The NY Times recently had an odd review of a new book about anonymity online. The book, called The Offensive Internet, is a collection of essays from various legal scholars, apparently taking a look at the fact that (gasp!) some people are just nasty online. The review, by Stanley Fish, makes some claims that don't make much sense, either logically or legally. If his summaries of the book accurately reflect what was written, then it suggests that the professors might not really have a firm grasp on what they're talking about. For example, Fish notes that multiple authors in the book seem willing to toss out Section 230's safe harbors for third party service providers, because some anonymous commenters might be mean:
An unconstrained marketplace of ideas is often said to facilitate informed decision-making by providing all the information, even erroneous information, that is out there. But how, asks Brian Leiter in a powerful essay, is the process of deliberation helped by the anonymous poster who reports falsely “that Jane Doe has herpes” and announces “that he would like to sodomize her?” The Internet and the real world, Leiter concludes, “would both be better places” if Internet providers were held accountable for the scurrilous and harmful material they disseminate.
Later, Fish quotes others, with similar arguments:
Saul Levmore (Nussbaum’s co-editor) suggests that immunity might be conditioned on the willingness of a provider either to take down a message after notice of its falsity or defamatory character has been given, or “to enforce non-anonymity” and thus open the way for an injured party to seek redress. The law, writes Anupam Chander, “should allow the individual to find information to lead her to the person who committed the privacy invasion.” As it is now, with an expansive reading of Section 230, “the law no longer puts any obstacles in the way of the Sociopath” who, traveling on the Internet, can go anywhere and spray venom that lasts forever. (Leiter)
Except, as Paul Levy points out in great detail in a response to Fish's column, if Fish accurately reported what these law professors wrote, then those law professors don't actually know the law.
They appear to be confusing anonymity with safe harbors for service providers. But there's nothing at all in Section 230 that forbids or prevents a person who has been wronged -- say via defamation -- from going to court and getting a service provider to identify an anonymous commenter. All the safe harbor does is prevent the service provider from being liable for the user's speech. But it does nothing to protect their anonymity. Arguing otherwise is simply wrong. As Levy notes:
Under current law, if actionable expression is communicated online, the victim of the statutory, tort or contract violation can sue the author for that expression, but can no more sue the host of the web site, or the provider of the email service, than he could sue the postal service for carrying a defamatory book or newspaper, or sue a library for lending such a book out. Moreover, even if the name of the author is not provided with the expression, generally speaking the host of a web site that contains offending content (or an email provider) maintains at least for a period of time the data that is needed to identify the author.
That information can be subpoenaed from the host. And such a subpoena can be enforced by anybody who has a substantial claim of defamation or other actionable content. That is, they will succeed in the subpoena proceeding so long as they can identify the allegedly defamatory words about them, the words are actionable statements of facts and not just opinions, they have evidence of falsity and of damage, and there is no other reason to withhold identification, such as a real risk of extra-judicial retaliation.
In other words, the attack on Section 230 (if Fish is to be believed, mainly by law professor Brian Leiter) is woefully misplaced. He seems to be blaming safe harbors for third parties for the fact that some anonymous commenters can be jackasses. But the two things are unrelated.
Furthermore, I've noted in the past how misguided attacks on anonymity are. We've been running Techdirt for well over a dozen years and have always allowed anonymous comments. On the whole, we probably have just as many smart anonymous comments as we do smart "named" comments -- and the same is true of the annoying or abusive comments. To suggest that anonymity alone automatically leads to worse comments is a myth. It's something that some people want to believe, but there is little evidence to support it.
As I've said, we prefer that people identify themselves, because we like it, but we try to do that by offering positive reasons for people to identify themselves (if you're registered users there are various perks and such), but if people want to remain anonymous, that's fine too. But, the thing is, when someone does decide to comment anonymously, they are signaling something to the world, and part of that signal is often "this might not be as credible, so you might want to double check." So when the essays in this book complain about people making speech online anonymously, what they appear to be ignoring is the fact that such anonymous speech is already handicapped, in that it's a lot less believable on its face. For some reason, too often people seem to think that if someone says something, everyone automatically believes it. And that seems to be driving much of the conversation here, but it seems reasonable to go back and question that assumption.
In the end, there are lots of important benefits to anonymous speech. Yes, some people abuse it. But that's no reason to automatically throw out all the benefits of anonymous speech.
You may recall the story we discussed recently concerning a church in Florida, where one member of the church was anonymously blogging critical comments about the church. Another member of the same church, who was heavily involved in the church hierarchy, was also a local police officer and used that position to get subpoenas and to reveal the blogger's identity. Once he did so, he dropped the investigation, destroyed the records and told the church leaders who it was. The whole thing was highly questionable. At the time, we questioned why the state's attorney was willing to issue subpoenas on such an issue.
Paul Levy wanted to know the answer to another question: why did both Google and Comcast cough up this guy's identifying information without even giving him a chance to quash the subpoenas. He asked both companies and the answer he got is, basically, that they immediately cough up info if it's a criminal subpoena rather than a civil one:
Although neither Google nor Comcast generally opposes outright civil subpoenas to identify their users, both have a good history of insisting that the enforcement of such subpoenas be deferred until they have a chance to give notice to the customers, so that the customers will have a chance to defend their anonymity. This practice made their failure to defend their customer’s rights in this instance all the more surprising. I inquired of their legal departments why they acted as they did. I was disappointed to learn that neither company customarily asks any questions or gives any notice to customers when their receive subpoenas in connection with a criminal investigation. Instead, they verify only that the subpoena forms are properly filled out and are issued by courts of competent jurisdiction.
Considering how frequently we hear stories of governments abusing their investigative power, it's a bit troubling that these companies do not, in fact, go further in protecting their customers' rights even in cases of criminal subpoenas. Levy notes that, unlike those two companies, many actual media companies are much better at resisting criminal subpoenas when appropriate:
The discussion reminded me that although the major ISP’s have generally behaved well when they receive civil subpoenas to identify their users, insisting that their users get notice and an opportunity to seek to quash, they lag far behind the mainstream media when it comes to criminal subpoenas. Newspapers and broadcasters have a forty-year history of fighting criminal investigators who issue subpoenas to identify their sources. Newspaper and television reporters regularly accept incarceration as the price that sometimes has to be paid for this principle. I can’t think of an ISP that has stood up to state power so strongly.
In least in some cases, that history has led media companies to resist criminal subpoenas to identify bloggers, although the media lawyers present evinced wide variation in the value that they placed on the content provided by users who comment on media web sites. All agreed that, at the very least, users should get notice so that they can move to quash on their own. And after the panel Barbara Wall, a vice-president of the Gannett media chain, discussed with me a number of cases around the country where Gannett has successfully resisted criminal subpoenas to identify the users of the web sites of some of their outlets around the country. Sometimes Gannett is able to talk to prosecutors out of pursuing subpoenas, and sometimes it beats them in court. (It appears that Gannett adopted a firm policy in response to an embarrassing incident involving one of its own papers.).
This is a good point and one that doesn't get much attention in the tech space. Hopefully, more tech service providers will begin to recognize that their customers have rights in criminal investigations as well as in civil lawsuits.
Gabriel Tane alerts us to an interesting story about online anonymity coming out of Jacksonville, Florida. Apparently, a member of the First Baptist Church there had been writing a blog that was critical of the church leadership. A local sheriff's detective, Robert Hinson, who was (in addition to being a sheriff's detective) a member of the same church, a provider of security to the church, a deacon at the church and a member of the church's "disciplinary committee," used his position in the sheriff's office to open an official investigation into the blog, and was able to get Stephen Siegel, an assistant state attorney to issue a subpoena to reveal the blogger.
Once the blogger's name was revealed to Hinson, he revealed the blogger's name to church officials, closed down his "investigation" and (wow) destroyed the files related to the investigation. He claimed that the files were destroyed to "protect the civil rights" of the blogger -- which is pretty funny since the entire investigation appears to have been designed to violate the civil right of anonymity of the blogger. Even more troubling, was that the state records concerning the subpoena were also destroyed -- though the state attorney claims this was "inadvertent." Meanwhile, with the blogger revealed to church leaders, he and his wife were accused of "sin," and then filed a "trespass" warning against him, effectively barring him from the church.
The guy sued the city and the state for the actions of Hinson, and have separately sued the church (they've since joined another church...). The state and the city have now "settled" without admitting guilt, but the lawyer for the blogger points out that the overall situation "speaks for itself." While it definitely sounds like a violation and a conflict of interest by the detective, what's amazing to me is that the state's attorney office was willing to issue that subpoena without realizing that it appeared to be more of a personal vendetta, and without any concern for the First Amendment anonymity rights of the blogger.
A lawsuit over the legality of a "Girls Gone Wild" video has turned into something of a free speech battle. Apparently four women who appeared in one of the famous videos as teenagers, are suing Joe Francis, the guy behind the whole GGW franchise. The women (all in their 20s now) want to remain anonymous in their lawsuit, saying that they were humiliated enough when the footage was released. The judge rejected the request to remain anonymous, and the women are now appealing. Various news organizations are taking the other side of the case, arguing that journalists should be allowed to report on names of plaintiffs for newsworthy stories. While I'm definitely a big supporter in protecting anonymous speech, I'm not sure that it makes sense here. The women were not anonymous. They appeared in public and did what the videos show them doing, whether or not they're happy about it now. On top of that, while protecting anonymous speech is a valid First Amendment issue, so is the right of journalists to publish relevant factual information on a news story. I'd be surprised if the appeals court rejects the district court's decision denying them the ability to file this case anonymously.
This probably isn't a surprise. Lots of traditional journalism folks have been busy slamming "anonymous" commenters online, often falsely blaming them for things they did not do. Earlier this year, we pointed to an excellent defense of anonymous commenting, by the Washington Post's Ombudsman, Andrew Alexander, with the key line being:
For every noxious comment, many more are astute and stimulating. Anonymity provides necessary protection for serious commenters whose jobs or personal circumstances preclude identifying themselves. And even belligerent anonymous comments often reflect genuine passion that should be heard.
We've seen it here. We've always allowed anonymous commenters, even as we've continually added more and more features to make it worthwhile to identify yourself. And yet, if people do want to be anonymous, we're fine with that. To be honest, in over a decade of doing this, I've really seen no difference in either the level of "bad" or "good" comments from anonymous commenters as I have from named commenters. We have anonymous commenters who are brilliant, insightful, well-informed and add to the discussion all the time. In fact, with a few of them, I can even recognize that they're the "same" commenters via their writing style (even as some of them are totally anonymous, via proxies). At the same time, some of the commenters who freely admit who they are, can be some of the rudest, most obnoxious and uninformed commenters around. And, of course, the reverse is true as well. Certainly there are plenty of anonymous clueless commenters and plenty of insightful named commenters. The point is that the anonymity is the wrong thing to blame. We've seen no indication that anonymity leads to a higher level of clueless comments.
Unfortunately, however, some have decided to go in a different direction. Reuters is apparently now the latest to ban anonymous comments on their site. This is unfortunate, as among the big news providers out there, Reuters often seemed more "aware" of how to best embrace the internet, but this move seems like it's a mistake. It won't stop snide comments, but they may lose many valuable community members who, for whatever reason, did not have enough incentive to reveal who they were.
Phil Kadner, from The Southtown Star newspaper, who has been covering the mayor's comments, has a great response at the end of his writeup (the last link above):
I told him about the early days of newspapers in this country, when Founding Fathers such as Jefferson and Hamilton actually paid people to write scandalous articles under false names about their political enemies. Somehow the country survived and democracy thrived.
Ultimately, you have to have faith in the wisdom of the average person. That's what the First Amendment really is all about.
Let everyone have their say, and the public decides who to believe. It was a radical idea then and still is today.
And so, the mayor of Mokena gets a history lesson on the First Amendment from the press that the First Amendment enables. There's something nice about that, though, you would have hoped the history lesson would have come sooner.
I've mentioned in the past that we receive about one legal threat per month around here. However, until last week, we had never (knowingly) received a subpoena for any information on the site. Last week, however, we were emailed a subpoena that had apparently been issued to try to find out some information about commenters on a particular Techdirt blog post, which the lawyer's clients were claiming were defamatory. We've discussed multiple times on the site both the importance of protecting anonymity online, as well as the fact that many US federal courts have recognized that anonymous blog comments are to be judged against the First Amendment when determining if the identity of their author should be revealed.
Since this is something that we certainly believe strongly in, we're not about to just roll over and give out information on commenters, without a clear legal requirement to do so. Our policy is pretty firm that we believe that it's proper to protect the interests of our community, within legal boundaries (of course). There were some oddities with this subpoena -- issued from a Florida court -- including the fact that it had apparently initially been issued way back in January and sent to a random law firm in Philadelphia that I've never heard of, which has never represented Techdirt/Floor64 and certainly is not authorized to accept subpoenas on our behalf. Thus, we never received it when it was first sent out -- but were finally emailed a copy last week.
The actual subpoena came from a lawyer representing John Maragoudakis, who goes by the name John Markis, and runs a company called Trusted Traditions, which sells stuff on eBay. The blog post in question was from way back in 2002, and was about some people who were arrested for "shill bidding" on eBay. In 2009, someone posted a comment, making certain allegations about Maragoudakis/Markis and Trusted Traditions that he claims are false and defamatory, and he has already taken legal action against the individual he believes was making such posts around the web.
After looking over the details, and trying (and failing) to get the lawyer who issued the subpoena on the phone, Paul Alan Levy from Public Citizen Litigation Group helped us respond in writing to the subpoena, pointing out some of the basic procedural errors, but also (more importantly) highlighting the key First Amendment issues raised, along with the associated case law, to make it clear that we don't take such requests lightly, and don't just hand over information because something official-looking shows up demanding it.
What's even odder, in this case, is that there's already a lawsuit going on by Maragoudakis/Markis against the person who he believes posted the content in question. In other words, he's already pretty sure he knows who wrote the content in question -- meaning that they already have a perfectly acceptable means of using the discovery process with that individual to find out if he made the comments on Techdirt. So, they don't need us to say if it's him. And, if it's not him, then not only is the subpoena almost certainly past the statute of limitations on defamation, but it's highly questionable that we should just reveal information on a commenter because someone hopes that it's another person they already sued. Either way, it comes across as a fishing expedition, based on the hopes that sites won't protect the rights of their community, and will just hand over the information. We're not about to just hand such information over without a real legal basis (even if some publications out there apparently don't protect their community's anonymity).
You can read our entire response below. None of this means, of course, that commenters are immune from having their info subpoenaed, but we will satisfy ourselves that there is a legal basis for the request before handing over any information.
You may remember last year when model Liskula Cohen went to court to get Google to hand over the name of a blogger who was mean to her, calling her a skank. Of course, in doing so, it brought a lot more attention to the blog which almost no one had read before. In fact, it seems clear that a hell of a lot more people now associate "Liskula Cohen" with "skank" due to her legal actions, than the blog. Eventually a court said Google should unmask the anonymous blogger -- which it did. The outed blogger, Rosemary Port, then claimed she was going to sue Google for $15 million for exposing her identity -- though I haven't heard whether or not any lawsuit was ever actually filed. Almost every legal expert noted that the case had almost no chance of succeeding. Still, it did raise some questions about how far Google should go to protect anonymous users of its site. The company's terms of service do make it clear that they can and will reveal people if necessary, but that doesn't mean it shouldn't fight for its users in many cases.
Either way, it looks like we're getting something of a repeat -- as another woman, this time a former model and actress, and now a consultant named Carla Franklin -- has gone to court to get Google to hand over the names of some YouTube users who posted some videos of her, and referred to her as a "whore." She's claiming that the comments hurt her job prospects -- though, one might imagine that going to court over someone being a jerk to you online might also hurt your job prospects.
Obviously, it's no fun to have people say mean things about you online. But, in weighing the pros and cons, at some point you have to wonder if just ignoring it makes a lot more sense than ramping up the legal response -- which is only guaranteed to get the whole situation a lot more attention (and cost a lot more money). Perhaps Ms. Franklin should take the advice that she was giving in one of the videos that she's upset was uploaded. According to various news reports (the video itself has now been taken down), in the video she advised people "Don't take things so seriously." Sometimes, that's good advice.
Claire Ryan wrote in to let us know about the bizarre situation in Ireland, where the Irish Red Cross has sued Google in an attempt to identify and silence an anonymous blogger who has been very critical of the organization. It's worth noting, by the way, that Google is apparently one of the Red Cross' largest donors. Apparently, the Irish Red Cross is specifically upset that the blogger claimed that $150,000 that the Irish Red Cross collected for the Asian tsunami appeal was not actually used for that. Instead, the blogger claims, it was held in a bank for years, and the money was only moved after there was an audit which discovered the account.
Of course, it sounds like nearly everything about the Irish Red Cross' decision to go legal is backfiring. This story, which wasn't getting much attention, is now getting a ton of attention -- and it's not looking good for the Irish Red Cross. Apparently, because of the publicity over the Irish Red Cross' decision to sue Google, The Sunday Times ran a front page article about the $150,000.
In other words, by suing to try to silence the blogger over this particular issue, the issue itself has become front page news. But what's not clear is why the IRC is still going after this blogger. Now that the news is everywhere, what good does it do to try to silence this guy? Will they sue The Sunday Times next?
