Blog

• FTC goes after astroturfing

Last week the U.S. Federal Trade Commission announced a settlement with Reverb Communications, a firm that describes its business as a:

… full service videogame agency that provides public relations, marketing, and sales services through one integrated campaign to the interactive entertainment and music industry.  Using precise messaging and calculated marketing campaigns, we are able to drive consumer and industry demand for our clients’ products, resulting in increased product sales.

According to the FTC’s complaint, some of the “precise messaging” involved the firm putting in fake positive user reviews of various video games on the iTunes store.

I haven’t been able to track down Reverb’s answer to the charges except a statement repeated here, a blog entry that reports some additional details of how the FTC got onto Reverb’s trail.  Reverb is said to have said:

During discussions with the FTC, it became apparent that we would never agree on the facts of the situation. Rather than continuing to spend time and money arguing, and laying off employees to fight what we believed was a frivolous matter, we settled this case and ended the discussion because as the FTC states: “The consent agreement is for settlement purposes only and does not constitute admission by the respondents of a law violation.”

That sounds like a non-denial denial, and the FTC appears to be doing good work here.  In the fall of ’09 it announced that paid commercial endorsements had to be disclosed — even on Twitter, Facebook, and in blogs.  There was some handwringing over this — would the government be going after any blogger who says something good about something and might have a financial interest in it?  It is not particularly easy to predict, especially since the FTC, unlike other Federal agencies, does not do formal rulemakings — it can only announce guidelines and then bring one enforcement action at a time under its general charter to combat unfair or deceptive trade practices.

The Reverb case provides a good example of how the FTC is thinking about applying its limited staff power: to professional organizations working to subvert ratings schemes.  That’s a good place to start; if nascent ratings schemes are to work, it’s helpful to know what the boundaries are — especially to PR and marketing firms that don’t want to have to race to the bottom.  Now they can tell their clients that they’re just not able to help out with fake reviews.  (In the meantime, the Reverb main home page is showing a generic parked message — odd.)

I remain curious how effective sites like subvertandprofit.com are.  S&P says it:

… runs social media campaigns across a variety of social media sites, via our 25,000 users who earn money by viewing, voting, fanning, rating, or posting assigned tasks. Since 2007, our user actions have effectively promoted our advertisers’ web content to popularity at significant cost savings. In 2010, Subvert and Profit merged with Crowdsource Corp. to extend the power of crowdsourcing to a variety of social and business applications.

More directly, S&P tells advertisers that they can:

Buy votes on social media sites.

1. Sign up.
2. Add funds to your account.
3. Buy votes.
4. Get visitors to your site for cheap.
5. Repeat.

And in turn, social media users can “get paid just for clicking buttons.”

Perhaps they or other intermediaries that help to launder ratings could find themselves answering some questions from the FTC.  I see the domain for subvertandprofit is registered in Massachusetts, so I’ve sent an email to its owner — I’ll update this post if I hear anything.

• Fried Androids?

In March, a panel of the Federal Circuit affirmed a Texas district court ruling requiring EchoStar to remotely disable the DVRs of innocent customers as part of its damages for infringing on TiVo’s DVR patents.  At the time, Elisabeth and JZ predicted that we would see an increasing number of similar cases as companies — and governments — figured out how to take advantage of additional control points that exist in tethered appliances.  Their Delphian suggestion came to pass in the mobile arena recently when Oracle filed suit against Google for patent and copyright infringement.  The lawsuit claims that Google’s Android OS (along with its software development kit and custom virtual machine) infringes Oracle’s IP rights in the Java programming language.

Much of the online discussion has focused on the merits of the suit.  Oracle officially acquired Sun Microsystems early this year.  Sun originally developed Java and, over time, released most of the platform into the open source ecosystem.  Patents that were filed may have been a defense against litigation or even a joke.  And Google has licenses for those patents.  So the question here revolves around whether, by strict or loose interpretation, Google violated its licenses, but the vagueness and generality of Oracle’s complaint [pdf] (and press release) renders most of this analysis speculative pending additional clarification.  (More discussion on the open source backdrop is available here and here, and counterpoint here.)

However, the remedy Oracle wants couldn’t be more clear.  It asks for monetary damages to compensate it for its financial losses and punitive damages because it alleges Google “knowingly,” i.e. intentionally, violated its IP rights.  In addition, Oracle requests “[a]n order permanently enjoining Google, its officers, agents, servants, employees, attorneys and affiliated companies, its assigns and successors in interest, and those persons in active concert or participation with it, from continued acts of infringement of the patents and copyrights at issue in this litigation” and “[a]n order that all copies made or used in violation of Oracle America’s copyrights, and all means by which such copies may be reproduced, be impounded and destroyed or otherwise reasonably disposed of.”  The last one is the kicker: just like TiVo’s demand of EchoStar, Oracle wants the court to tell Google to reach into Android owners’ handsets and rip out the offending material, leaving innocent consumers with a gutted shell — and the remainder of their two-year service contract.

The destruction remedy applies only to the copyright claim.  If the case goes to trial a jury could conceivably find Google liable for patent infringement but not copyright violation.  And even if it did, the district judge has discretion over what relief to grant.  Plus, the appeals process could hack back overbearing damages.

But as long as it is on the table, the availability of such a remedy is a very big stick.  Even if Google believes it should win the suit, betting on that outcome doesn’t make sense if it means risking having to destroy consumers’ phones or fighting a long and uncertain legal battle after the destruction provision is awarded, instead of paying conventional monetary damages.

Google has seen how a similar fight has played out for EchoStar.  EchoStar attempted to comply with the court order by sending DVR boxes an update that replaced the infringing technology with noninfringing parts, leaving intact the DVRs’ functionality.  The Federal Circuit said “no dice,” the remedy was disablement of the DVRs, and that alone would suffice.  EchoStar continues to refuse to disable its customers’ DVRs and has been held in contempt and fined $200 million.

The Federal Circuit has agreed to rehear EchoStar’s case en banc.  And in the interim, the U.S. Patent and Trademark office has invalidated the very patents TiVo claimed EchoStar infringed. (TiVo is appealing the ruling; until its appeal is exhausted, the patents remain in force.)  And the FTC has stepped in to give the circuit court some guidance, filing an amicus brief urging it to consider how specific sanctions will impact innovation across the technology industry.

The availability of destruction as a remedy smothers innovation.  If Oracle can’t strong-arm Google into settling but wins at trial and is awarded the destruction provision (and it survives appeal and Google eventually capitulates instead of balking and riding a series of contempt proceedings into a draconian post-litigation settlement or bankruptcy), (1) consumers would have their phones replaced with bricks and think twice before buying new tech again; (2) Android developers would see their platform and all their apps evaporate; and (3) in the future, companies would likely waste time reinventing the wheel to avoid Google’s court-ordered fate rather than developing new technologies.  There is a storm brewing, brought on by the rise of tethered appliances and the thicket of software patent regulation.

—By Jennifer Halbleib

• The Google/Verizon framework

I’ve been trying to figure out what the Google/Verizon announcement means.  It’s not easy to do, in large part because the announcement doesn’t precisely announce anything.  It’s titled a “legislative framework proposal.”  That is, on its own terms it’s not an agreement between two companies — neither is bound to do anything by it, which I guess is how they could deny last week’s New York Times report about a “deal on web pay tiers” — but it does represent a meeting of the minds between them about what ought to happen in the world, in particular what American (and presumably others’) law should become here.

That kind of mental-but-not-legal agreement can get away with being far more vague than a typical contract.  It’s amenable to what Cass Sunstein calls “incompletely theorized agreements.”  Cass’s work points out that parties who disagree on basic things — such as a would-be polity that wants to produce a constitution for the first time — risk coming away empty handed if they insist on their own views.  But they don’t want to compromise, either.  So what they do is strategically punt: they come up with texts that are intentionally vague, leaving it for another day to figure out what they mean in practice, so they can move on with a joint endeavor of some kind.  There are lots of vague statements of that sort in the proposal, some of which are drawn from another likely-intentionally vague set of FCC principles about the Net.  So, for example, under the proposal, carriers can’t engage in undue discrimination.  They can do reasonable network management.  There’s to be transparency, but not neutrality, for wireless at this time. These definitions would have to be much more fleshed out to understand what the agreement means, and lawyers use terms like these so that the parties’ different ideas of “undue,” “reasonable,” and “now” can be parked in peace under the same roof.

Here’s my own take so far — I figured it might be useful to share my own process in working this through rather than writing (yet) a firm advocacy piece for one view over another. Read more »

• FOI Topics and Links of the Week

Game on. A featureless update released recently by TI blocks a hack that allowed owners to write their own programs for the company’s Nspire calculator. It’s not immediately obvious what rationale TI used to justify the block. It isn’t under pressure to protect the commercial interests of a partner service provider. And worst case, a buggy calculator isn’t exactly as calamitous as a compromised cell phone. In any event, the competition illustrates what may become an increasingly common arms race between hardware companies trying to lock down their products and consumers who want to load the software of their choice on a device they own.

Disintegrating Droids. The Droid X comes pre-loaded with eFuse technology, which prevents it from booting with unapproved software. Motorola points out that triggering eFuse doesn’t permanently disable the phone — it can re-boot once approved software is reinstalled. Much better.

Neighborhood watch for software vulnerabilities. At the Black Hat security conference last week, Microsoft advocated for cooperation between software companies, researchers, and security vendors to share information on flaws and patches in order to keep users safe. Perhaps cross-pollination at the meeting will spread the idea of mutual aid to website owners as well.

Researcher remotely hacks ATMs. Also at Black Hat, a security researcher demonstrated that he could remotely order stand-alone ATMs to spew cash. While causing a remote ATM to dispense money at will is less appealing to the average thief than cracking open a proximate machine, an accomplice with a laptop in a van nearby could make it a profitable endeavor.

Apple rejects iPad magazine subscription app. Apple has nixed an app from Time, Inc. that would have allowed iPad owners to purchase a digital subscription to Sports Illustrated. Peter Kafka of Media Memo hypothesizes that Apple doesn’t want to give magazine publishers the access to personal user information they would have with an app. But publishers are likely salivating over the targeted advertising potential of mining that data. Plus, single-issue sales through iTunes are cumbersome and inefficient. There may be a confrontation brewing, unless publishers are willing to be satisfied with whatever options Apple grants them.

FBI challenges Wikipedia over logo. This week, the FBI accused Wikipedia of illegally displaying the agency’s official seal. Wikipedia has refused to remove the image from its FBI page. Wikipedians have a history of standing firm on controversial articles. It’s unclear whether a specific incident triggered agency action. The BBC notes that since the seal is published elsewhere on the Web, the FBI’s selective targeting of Wikipedia is also mysterious. And many reports on the story now include . . . images of the seal.
Zombie cookie revenge. A lawsuit filed in federal court alleges that several prominent websites used Flash or “zombie” cookies to surreptitiously collect personal user information. Flash cookies can re-create browser cookies deleted by users. They function as extra storage for websites and maintain user preferences, but can also be exploited to track users online.
—By Jennifer Halbleib
• What matters in net neutrality

It’s hard to know what to make of the Google/Verizon deal since until earlier today both companies have denied that there is one. And it’s hard to argue about net neutrality because it means so many different things to different people. I’ve got lots of reading to do to catch up on the newly released set of principles from the companies, but in the meantime here are a few thoughts on the topic.

The core question is this: when Internet Service Providers turn out to have captive audiences of subscribers — either because their customers have few if any alternatives for broadband, or because switching is complicated and cumbersome, or because ISP practices are obscure and thus hard for customers to adapt to — how far should they be allowed to leverage that captivity?

That question arises in the midst of a very confused economy for the movement of bits over the Internet.  With telephones the baseline rule was simple: sender pays.  On the Internet, it’s more complicated: both sender and receiver pay their respective Internet Service Providers to move their data traffic.  Now, suppose these are large ISPs who are considering connecting to each other directly.  The ISP who hosts a sender of traffic like YouTube might say to the ISP with lots of individual users who watch YouTube videos: “We seem to have a lot of stuff that your users want, and they’re paying you to get it to them.  What will you pay us to pass this stuff efficiently over to you?”  The ISP with the individual users might reply with a different point of view: “You’ve got a lot of stuff you want to send to our users, and your corporate customer is making money through advertising or subscription fees when our users access it. What will you and your corporate subscriber pay us to be able to reach our captive audience?”  It’s an odd puzzle: both sides benefit from the transaction, so who should pay for it, given that there’s no baseline rule like “sender pays”?

In the past this dilemma between large ISPs has been resolved through peering arrangements that have amounted to simple handshakes: I’ll carry your traffic aimed at my subscribers if you carry mine aimed for yours, and we’ll call it even.  Today those deals are more complicated, and their details are typically trade secrets.  But we know this much: Verizon, like other broadband providers, already says to its customers: pay us more and we’ll give you faster Internet access.  That’s not controversial.  So should Verizon also be able to make a similar offer in the other direction, to faraway upstream content providers?  Verizon could say to Google: regardless of what you pay your own ISP to get your bits launched on the Internet, pay us more and we’ll make sure your YouTube videos get to our subscribers all the more quickly as they come in for a landing.

Google might well be able to pay — and then leave poorer content providers behind.  The next two guys who want to start, say, ShmouTube won’t be able to do it if they’ve got to negotiate business development deals with one ISP after another in order to reach those ISPs’ subscribers.  And that’s the real danger: when each ISP can, in effect, speak on behalf of its unwitting subscribers, serving as the troll under the bridge offering up different conditions for access to them, the economics of the Net will start to favor the consolidated, the well-connected, the well-heeled.  Verizon and Google each have reason to take the trouble to negotiate with one another to begin with — they’ve both big, and each can offer uniquely desirable benefits to the other.  The generative power of the Internet is that it has offered a perch for anyone who wants to plant a flag in the ground.  Set up www.mynewamazingwebsite.com, and people the world over can beat a path to it or not as they please.  That represented a huge change from the proprietary consumer networks of the 1980s and 90s, where AOL or CompuServe got to say who could have a presence within their gated communities.

It may turn out to be too simple to have a blanket rule against ISPs charging faraway providers for access.  There are even some outcomes that make that desirable for consumers — imagine if Internet access were free, with ISPs beating down your door to provide you with broadband, because if you choose them then they’ll get paid by Google et al. for the privilege of sending bits (and ads) to you.  That’s a dubious outcome for a number of reasons, but it’s theoretically possible.  But much more dangerous is if ISPs get to pick and choose: one deal for Google, another for the New York Times, a third for eBay, and no deal at all for mynewamazingwebsite.  In a medium in which so many of the giants were yesterday’s scrappy upstarts — eBay, Google, even the Web itself — it would be a travesty to freeze out the next round of innovation from odd corners by deploying an impenetrable web of contracts and fees.  That’s what I take to be at the core of Chairman Genachowski’s comment that “Any outcome, any deal that doesn’t preserve the freedom and openness of the Internet for consumers and entrepreneurs will be unacceptable.”

Update: More thoughts here.

About Jonathan Zittrain

Jonathan Zittrain is Professor of Law at Harvard Law School and co-founder of the Berkman Center for Internet and Society at Harvard Law School