The FTC sent a message to “patent trolls” earlier this month, though how well that message will resonate remains to be seen. On Nov. 6, the FTC’s Bureau of Consumer Protection concluded its investigation into MPHJ Technology Investments, LLC’s practices involving its so-called “inquiry letters” by agreeing to accept a consent order. The consent order addresses two sets of misrepresentations contained in various letters that MPHJ sent to alleged infringers of MPHJ patents. First, the FTC found that MPHJ misrepresented that they had sold a substantial number of licenses within a certain price range; second, they misrepresented that they intended to initiate a lawsuit if they did not receive a response from the letters’ addressees.
The FTC outlines in its complaint how MPHJ and Farney Daniels, P.C., MPHJ’s attorneys, engaged in a three-stage campaign to promote and sell licenses for then-recently purchased patents. Farney Daniels and MPHJ had signed a written agreement splitting the proceeds of the letter campaign. In the first stage, they sent approximately 16,465 letters to small businesses (between 20 and 99 employees) that did business in veterinary services, lawn and garden services, building maintenance services or medical laboratories. The letters informed each business that it was likely infringing patents by using common office equipment. Next, they sent a second wave of letters to most of those same businesses, once again informing them of their likely infringement, but this time also offering to license the patent. The letter stated that MPHJ needed to hear back within two weeks. Finally, letters were sent on Farney Daniels’s letterhead that referenced the first two letters and threatened litigation for patent infringement if the business did not respond within two weeks. Each of the Farney Daniels’s letters contained a nine-page complaint alleging a cause of action for patent infringement. Nearly 4,870 small businesses received a letter from Farney Daniels. Evidently, MPHJ and Farney Daniels had no intentions of actually filing the complaints. Continue Reading
The Internet Corporation for Assigned Numbers and Names continues to be sluggish in delegating new gTLDs this month, delegating no new gTLDs since our last post. But ICANN has made a dent this year in the 1,930 gTLD applications submitted, delegating 432 new gTLDs to date. Of those 1,930 applications, 1,157 are proceeding through the new gTLD program and 341 have been withdrawn.
Are new gTLDs selling?
More than 3 million second-level domains have been purchased in new TLDs, but of those 3 million, nearly two-thirds are parked domains, i.e., registered internet domain names which are not associated with any services. A total of 62,666 new second-level domain registrations were purchased within the last week, at an average of nearly 9,000 a day.
Top 10 gTLDs in terms of registrations:
No. of registrations
ICANN has given 34 gTLDs the green light to launch since our last gTLD update. Only 14 new gTLDs were launched in the month of October, and only 21 were delegated in total for the month of September. These numbers are strikingly low compared with the rapid-fire delegation the Internet community witnessed through the summer. The following list represents the small batch of gTLDs that have been delegated by ICANN since Sept. 15, 2014:
- .vermögensberatung (financial advice)
- .vermögensberater (financial advisor)
- .pyc (Russian)
This sluggish behavior also is demonstrated with the small number of gTLDs currently entering or in the sunrise phase this month.
These gTLDs are in the queue for launching: Continue Reading
Have to give them an “A” for effort. “Patent troll” MPHJ Technology Investments, LLC sued the FTC hoping to shut down its investigation into the company because the investigation violated MPHJ’s First Amendment rights to petition. A West Texas federal judge recently ruled that MPHJ could not “derail” the FTC investigation with such a claim.
MPHJ, which had bought a number of patents related to computer scanning programs, mailed demand letters in an effort to license its patents to various companies that were already using similar technology. But MPHJ didn’t stop there. Many of the letters also threatened to sue those same companies if they didn’t sign license agreements and pay MPHJ’s demanded licensing fees. Those inquiry letters landed MPHJ in hot water with the attorneys general of various states, including Vermont and Nebraska—and with the FTC. Specifically, the FTC is investigating whether the inquiry letters violated Section 5 of the FTC Act. The FTC has already offered to settle the matter with MPHJ via a consent judgment, but MPHJ rejected the offer, leaving the investigation open and pending. Indeed, the Commissioners have yet to make a final decision about bringing any enforcement action at all, which would be accomplished by a majority vote.
The recent data breaches at Target, Home Depot, and Jimmy John’s have kept data privacy and security in the news lately. But from a legal perspective, there has never been much that the victims of these breaches could do to obtain a remedy in the absence of actual proof of identity or other theft. Indeed, ever since the U.S. Supreme Court decision in Clapper v. Amnesty International, it has been clear that the mere potential for future injury is insufficient to confer standing on a data breach victim to sue. Instead, the plaintiff must prove that injury is “certainly impending,” a standard that was thought to rule out class action lawsuits arising out of data breaches.
Except in California. Bucking the trend for dismissing class actions resulting from data breaches, a federal court in the Northern District of California in In re Adobe Systems, Inc. Privacy Litigation recently denied a motion seeking dismissal based on a lack of standing. The Adobe litigation arose out of a 2013 hacking that caused a data breach that compromised customer debit and credit card numbers and other personal information. In addition to claims brought under California statutory law, the plaintiff customers, like most of the plaintiffs in other data breach class actions, alleged damages as a result of an increased risk of future harm by identity theft and the cost of mitigating that harm. (The plaintiffs also alleged that they suffered economic injury in the form of lost value of the Adobe products that they paid for, but the court found it unnecessary to address that issue.) Contrary to every other post-Clapper court that has addressed this issue – with the exception of the Southern District of California Court in In re Sony Gaming Networks & Customer Data Security Breach Litigation – the Adobe Court found that the plaintiffs had stated a sufficient claim to establish standing to sue. Continue Reading
Twenty-three new gTLDs have been delegated since our last post. The following gTLDs have been cleared for takeoff:
- .企业 (Chinese for “enterprise”)
Delegation is the green light for new gTLDs to launch into their respective mandatory sunrise period before moving on to landrush, early access and their final destination: general availability. Continue Reading
We wanted to take a moment to announce our newest endeavor, Antitrust Law Source. Antitrust Law Source is a new site designed for visitors to quickly and easily learn about developments in this growing arena. The site will focus primarily on news and legal updates related to antitrust in a podcasting format. The podcasts will feature a variety of insights, educational offerings, discussions and interviews with thought leaders across a variety of industries.
The site is prepared by members of our firm’s Antitrust Practice Group and will feature news and information on a range of areas, including:
- Civil litigation
- Compliance programs/audits
- Consumer protection
- Criminal and civil government enforcement
- Distribution, pricing and promotional allowance programs
- Intellectual property/Technology
- International issues
- Legislative matters
- Mergers, acquisitions and joint ventures
- Privacy and data security
We encourage you to share your thoughts with us.
There’s exciting news in the world of cryptocurrency, the exchange medium that uses cryptography to secure the transactions and control the creation of new units. Bitcoin, created in 2009, was the first cryptocurrency and remains the most popular, though numerous other cryptocurrencies, such as Coinye, have emerged in the interim.
Where can you find cryptocurrency? Certainly not at your local bank.
Cryptocurrency is essentially digital money, a virtual medium of exchange that is not issued, backed, or tied to any particular nation or government. Cryptocurrency derives value through a variety of ways, such as buying either from exchanges, or directly from other people selling them, or try your hand at mining, which requires software you download to your computer.
After obtaining cryptocurrency, such as a bitcoin, the next hurdle is finding someone who will accept the currency in exchange for goods and services — which isn’t as difficult as you might think. Analysts estimate that over 65,000 bitcoin transactions occur every day through electronic transactions. What types of goods and services are exchanged, you may ask? Almost anything from the mundane products, such as electronics or dog apparel, to swanky cocktails or a Tesla, or to the illegal, including drugs and guns. Because purchases occur online through user’s virtual wallets, purchasers can remain anonymous and law enforcement can’t freeze their accounts.
Ready for the first day of sunrise
ICANN continues to make big strides in widening the Internet playing field. To date, ICANN has invited 1,159 new gTLDs to contract, and of those 1,159 invited, 495 registry agreements have been signed. From the 495 applicants who have signed a registry agreement, ICANN has delegated 357 new gTLDs to the root zone including the newest 20 that have been delegated since our last post. The newly delegated gTLDs are:
- .佛山 (Chinese city of Foshian)
- .广东 (Chinese province of “Guangdong)
On July 7-11, 2014, a group of 25 privacy lawyers met in a historic building overlooking the Keizersgracht, one of Amsterdam’s most beautiful canals, and spent five days learning about U.S. privacy law, European data protection law, and the complex interactions between them. The setting was the Summer Course on Privacy Law and Policy, presented by the University of Amsterdam’s Institute for Information Law (IViR), one of the largest information law research centers in the world. Course faculty included leading practitioners, regulators and academics from both sides of the Atlantic. Course participants came from an even wider geographic area that included Hungary, Greece, Poland, the Netherlands, Hong Kong, Kyrgyzstan, Switzerland, the UK, Belgium and Canada. I was lucky enough to serve as a co-organizer of, and faculty member in, the course. In this post, I describe presentation highlights and identify some cross-cutting themes that emerged during the week.
Dr. Kristina Irion, Marie Curie Fellow at IViR (and the other course organizer) started the course with “An Update on European Data Protection Law and Policy.” The Summer Course does not try to cover every aspect of privacy law. Instead, it focuses on law and policy related to the Internet, electronic communications, and online and social media. In her presentation, Irion analyzed the latest European legal and policy developments in these areas. The most important such development is the proposed General Data Protection Regulation (GDPR) — a major reform proposal that several of the faculty presenters believe will become law in 2015.
The GDPR would replace the current patchwork of national data protection laws with a single, harmonized, directly enforceable Regulation. It will establish new substantive rights and principles such as the Right to be Forgotten and the principle of Data Portability. It will also create new obligations for organizations including the implementation of privacy by design and privacy impact statements. Dr. Irion identified and discussed other significant developments in EU data protection law including the Court of Justice of the European Union’s (CJEU) holding in SABAM v. Scarlet that ISPs may not be asked to filter content to protect copyright, and its landmark decision in Google v. AEPD that individuals may, in certain circumstances, require companies to remove online links to embarrassing information (the so-called Google Right to be Forgotten case). Continue Reading