Among the newest is the recent lawsuit filed by St. Louis Cardinals manager Tony LaRussa against Twitter. A user who claimed to be LaRussa opened a Twitter account in his name and said some nasty things, including mocking references to the deaths of two Cardinals pitchers. Twitter denied initial reports that the suit had been settled in a somewhat bellicose blog post (remember, lawyers: it isn’t a settlement until the other guy’s client signs off). Twitter then removed the case (that is, transferred it) from state to federal court, where it currently remains active on the docket of the Northern District of California. (The best news coverage is here and here.) The phony LaRussa account was terminated long ago; impersonation violates Twitter’s terms of service.

LaRussa’s actual grievances sound like they should give rise to defamation or false light, or perhaps the appropriation tort. But these would all be blocked, quite routinely, by section 230. Of course, LaRussa could go after the individual impostor, assuming that person could be found. Instead, his lawyers framed much of his complaint in terms of trademark infringement. Why? It’s no coincidence that section 230(d) carves out IP (along with criminal law) from the special immunity, stating, “Nothing in this section shall be construed to limit or expand any law pertaining to intellectual property.”

But to prevail on the trademark infringement claim, LaRussa has to prove that the phony account was likely to confuse consumers into thinking he endorsed Twitter, thus harming him. That is why his complaint emphasizes:

The Site states in large lettering, ‘Tony LaRussa is using Twitter,’ and encourages users to ‘Join today to start receiving Tony LaRussa’s updates.” It also contains a picture of Plaintiff with his name printed next to ít. Beneath the picture, the Site contains written entries that are impliedly written by Plaintiff himself when in fact they are not.

In this particular case, proving confusion and harm will be very difficult, since (1) the account only had four followers; (2) it included a notation in the user’s profile section, “Bio Parodies are fun for everyone;” (3) it’s not clear a statement (even a false one) that LaRussa used the service can fairly be called an endorsement of the service (though the “endorsement” concept can be slippery, as I have written elsewhere). Trademark dilution does not require confusion or monetary harm, but LaRussa pleaded under federal dilution law, which allows only injunctive relief — now moot since the profile is gone — and completely exempts “noncommercial use” of a trademark.

More generally, however, this case highlights the possibility of a loophole for celebrities who can recast privacy-like claims under trademark law (and possibly also rights of publicity, if those are interpreted as intellectual property under the language of section 230(d)). Where would that leave us? Well, it shows (again) that the apparently bright lines of section 230 sometimes aren’t. But it might also create what I’d consider a pernicious double standard: celebrities maligned by anonymous online impostors could plead around section 230 by claiming trademark or publicity rights in their name, while many ordinary people victimized by defamation or cyber-bullying would have their claims blocked. Other law, defamation in particular, expects celebrities to have thicker skin and tolerates more insensitive speech about them. If LaRussa pulled off this suicide squeeze, that sensible dichotomy might get turned on its head.

[UPDATE: I plumb forgot to mention another crucial angle: Twitter now wants to sell verified accounts to celebrities (as in, “This is the real Tony LaRussa tweeting.”) Those wouldn’t fetch a very high price if the fake accounts from which the celebs are trying to distinguish themselves are unlawful and Twitter is liable for them.)

First, Jonathan Zittrain has a nice post looking at longer-term implications of this particular storm, now that it has passed. Like me, JZ seems to agree that the significance of the actual change to the TOS here was relatively minor, and he argues that such storms are “good times to think about these matters — too often people are too busy shoveling out their data to really think through the implications of what they’re doing.” Well said. He also points out that, as he discusses in his recent book, “peer-to-peer privacy” may be a more significant peril on Web 2.0 than the traditional conceptualization of privacy as Big Data Collector vs. Individual Data Subject.

Second, you can approve or disapprove of assertion of rights like Facebook’s, but you can’t deny their ubiquity. Another privacy-conscious friend has powerfully demonstrated just how ordinary the extremely broad Facebook terms or service are by posing this simple question: guess the derivation of the following terms of service paragraph.

Except as otherwise set forth in this User Agreement, by transmitting any public Communication to the Site, you grant [Site X] an irrevocable, non-exclusive, worldwide, perpetual, unrestricted, royalty-free license (with the right to sublicense) to use, reproduce, distribute, publicly display, publicly perform, modify, edit, create derivative works from, incorporate into one or more compilations and reproduce and distribute such compilations, and otherwise exploit such Communications, in all media now known or later developed. You warrant that you have the right to grant these rights to [Site X] and that you will not post any content that infringes or violates any proprietary, privacy or publicity, or other rights of any party or that violates any law. You hereby waive all rights generally known as “moral rights” in your Communications to the extent they can be waived, under any existing or future law of any jurisdiction.

(Click this link for the answer; those terms apply to this high-traffic site.)

On one hand, as Dan Solove suggests, “Facebook continually sparks privacy dust ups, but to its credit, Facebook is quick to respond and [to] reform its policy in response.” On the other hand, those repeated “privacy dust ups” display a pervasive failure to understand the importance of privacy to users, and indeed a real detachment from user sentiment. Every time this happens, Facebook apologizes but seems mystified (and perhaps a little peeved) that users just didn’t understand that the company meant to help us. I found it especially naive, almost absurd, when the announcement of Beacon took such pains to emphasize that Facebook protected users’ private information from advertisers, without ever anticipating that people might also rebel against unexpected disclosures to their friends.

In contrast to earlier issues like Beacon, I do agree with Facebook that the proposed changes to the terms of service actually were not such a big deal. But that’s all the more reason to roll them out slowly, carefully, and transparently, rather than simply plopping them onto an obscure page of the web site as if they were trying to be sneaky. By their failure to anticipate a backlash, they unnecessarily undermined user trust and gathered a whole bunch of bad media attention. If they had launched this cooperative revision process before they got in trouble, we’d all be praising them.

That’s the third time this has happened, Facebook. Do you get the message yet?

I was interviewed about it today on NPR’s All Things Considered, where I tried to make three simple but crucial points:

1. This is not a very significant change. Facebook, like many sites, claims quite sweeping rights in the content you post, requiring you to waive both intellectual property and privacy-like claims you might make against their use of that content. Greg Lastowka made much the same point in the New York Times this morning.

2. Incidents like this do make people realize how much control they routinely surrender over their personal information. Even if the new rules don’t represent much of a change, it is a teachable moment for people to understand what broad rights Facebook and other sites already claim.

3. This is yet another example of poor transparency by Facebook — so ironic considering their whole business is built on the model of open information sharing. Just as in the Beacon and News Feed controversies, the company has done something stealthily and invited a backlash that now has founder Mark Zuckerberg scrambling to explain (exactly like he needed to do here and here).

My views on this topic have changed somewhat as I have learned more from colleagues like Danielle Citron, Dan Solove, and Ann Bartow about the impact of these cyberbullying mobs on their victims. But I am still afraid the response will be a dramatic evisceration or even elimination of Section 230 immunity. We might end up with some kind of notice-and-takedown regime that could be abused just as it is in the DMCA setting, allowing anyone to effectively force the elimination of web content they dislike with the mere untested allegation that it was tortious. Worse, we might see an effort to repeal section 230 altogether, making it impossible to run an open online forum for user-generated content without risking significant liability.

Reading the article, it also struck me that the true problem may lie in substantive law of defamation or intentional infliction of emotional distress, not internet law. After all, Margolick reports how in the AutoAdmit case, even when the plaintiffs identified the nasty bullies responsible for such offensive and malicious postings, they have had trouble proving their claims under tort theories. Whatever happens to 230, there can’t be secondary liability where there is not primary liability. Maybe the real problem is that defamation and IIED have become so toothless?

These are not simple issues. Those colleagues I mentioned, and others like Mark Lemley (who represents both the AutoAdmit plainitffs and Google), have tried to puzzle through the right solutions. I am really only certain of one point: anyone who thinks the answer is simple is mistaken.

“Social marketing” is among the newest advertising trends now emerging on the internet. Using online social networks such as Facebook or MySpace, marketers can send personalized promotional messages featuring an ordinary customer to that customer’s friends. Because they reveal a customer’s browsing and buying patterns, and because they feature implied endorsements, the messages raise significant concerns about disclosure of personal matters, information quality, and individuals’ ability to control the commercial exploitation of their identity. Yet social marketing falls through the cracks between several different legal paradigms that might allow its regulation — spanning from privacy to trademark and unfair competition to consumer protection to the appropriation tort and rights of publicity.

This Article examines potential concerns with social marketing and the various legal responses available. It demonstrates that none of the existing legal paradigms, which all evolved in response to particular problems, addresses the unique new challenges posed by social marketing. Even though policymakers ultimately may choose not to regulate social marketing at all, that decision cannot be made intelligently without first contemplating possible problems and solutions. The Article concludes by suggesting a legal response that draws from existing law and requires only small changes. In doing so, it provides an example for adapting existing law to new technology, and it argues that law should play a more active role in establishing best practices for emerging online trends.

Thanks to all the commenters and e-mailers who responded to the blogging and helped shape this project!

The coalition was organized by Open MIC, a group seeking to involve investors and other private sector actors in efforts to promote openness in the development of communications media and preserve the “democratizing potential of the digital era.”

Derek and I have both written here before about the importance of market-oriented efforts of this type. Here’s Derek’s post. As I said just about two years ago:

Activists and policy wonks who work with environmental issues take it for granted that private corporate activities and markets lie at the center of both the problems and the potential solutions … to issues such as water pollution, global warming, and habitat destruction. … Until recently, the same was not true for info/law issues. The problems were often seen as based almost entirely on some combination of legal regulation and technological architecture. Tech companies were regarded as ideals by many socially responsible investors — they had low environmental impacts, typically they had progressive employment policies and benefits, and their supply chains did not involve the sorts of entanglements with corrupt regimes and human rights problems that beset industries from oil to global agriculture.

There is still a significant lag in the application of the “corporate responsibility” ethos and tactics to the problems of Info/Law. But this move by Open MIC is another sign that such efforts are emerging, albeit very very slowly.

And the new group’s policy agenda sounds pretty good, culminating in this rather grand statement:

FPF will advocate for privacy advances that are business practical, but that substantially raise the bar to ensure personal autonomy for all who seek to embrace the benefits of our digital society. We will seek to work with industry, advocates and policymakers to ensure the future of privacy is one where we are not enslaved by our data, but rather where data serves the benefit of humankind.

It will be interesting to see how the FPF pursues its mission and how it fits in with existing industry initiatives as well as established advocacy groups like the Electronic Privacy Information Center and the Center for Democracy and Technology.