Posted

by

MP900302974.JPG

The Supreme Court has validated the ability of software developers to prevent customers from owning the copy of software they acquire. Because software developers can limit the customers rights to a mere license, they can impose restrictions that can prevent the customer from reselling the software. This is a huge win for software companies as it limits the resale market, which cuts into sales of new software. This ruling may also benefit the virtual goods industry which also commonly uses a licensing vs. sale model. However, it is important to note that in order to get the benefits of this decision, the software distributor must carefully craft their End User License Agreement.

On October 3, 2011, the U.S. Supreme Court declined the petition for certiorari regarding the Ninth Circuit Court of Appeals decision in Vernor v. Autodesk,
Inc. As we outlined in a previous post, the Vernor decision held that software developers can grant mere licenses and that doing so does not violate the First Sale Doctrine,” which states:

“[T]he owner of a particular copy…lawfully made under this title…is entitled,
without the authority of the copyright owner, to sell or otherwise dispose of the possession of that copy…”

This doctrine applies if the initial distribution is a sale. As the Ninth Circuit held in Vernor, software developers can legally prevent customers from owning (and distributing) the copies of software that they purchase. This is accomplished by drafting software purchase agreements (e.g., End User License Agreements) in a way to avoid the first-sale doctrine, such as by structuring the agreement as a license or placing valid restrictions on the customer’s use of the software. Under such an agreement, software developers can retain ownership in the copies they distribute and customers merely have a license to use the software.

Extending the Vernor holding to virtual goods and currency, this ruling seems to provide additional ammunition for the validity of merely licensing virtual items to users instead of selling the items. This approach is commonly used with virtual item models.  In light of Vernor, it is clear that the “license” which is included in the terms of service must be carefully drafted.  But if done properly,
this can help prevent unauthorized resale of virtual items via secondary markets or otherwise.

For more information on the legal issues with virtual goods, click here.

Posted

by

MP900426565.JPG

Given the great interest in “the cloud” from a business perspective, as well as Microsoft’s popularization of the concept with its “To the Cloud!” advertising campaign, it’s no wonder that many game providers are looking to the cloud as the next viable and profitable gaming platform. The cloud movement not only provides economic incentives through various subscription and pay-to-play models,
but also helps defeat piracy by locking down game code and other intellectual property from potential thieves.

Cloud game providers have a lot to gain from virtualization, but moving to a cloud-based framework raises potential legal issues that should be considered.

Latency

The first big issue for gaming providers considering moving to the cloud is both a practical one and a legal one – latency. Unlike digital downloads, streaming games require both down and upstream communications. Further, gaming often demands instant, real-time action, so any material latency will be noticed, especially for multi-player, FPS-type or other real-time games. Currently, some game providers have tried to satisfy gamers’ demand for real-time, low-latency play by operating in data centers that are physically close to the gamer. From a technical perspective, cloud gaming may present an issue because it could involve moving the game servers much farther away from the gamer, thus having the potential to lead to increased, or even significant latency. Another technical fix may be to use “tricks” similar to those used in non-cloud gaming to compensate for latency issues.

From a legal perspective,
however, the move to the cloud could bring such “tricks” into the realm of patents held by the gaming company OnLive–patents which cover “twitch gameplay” over a cloud-based system. When porting a game from client-server or mobile-based platforms to a cloud-based platform, game providers should be sure to investigate whether the conversion will expose them to potential infringement liability, including the OnLive patent portfolio.
This is especially important because most game providers are not the actual game developer, so game providers should also review their agreements with the game developer to understand whether indemnification or re-development are options. Further, if the agreement is with a small game developer, the developer may not have the financial resources to indemnify the game provider,
and thus the game provider should be aware of the potential risks before embarking on a cloud-based venture.

To read this publication in its entirety, click here.

 

Posted

by

The Digital Millennium Copyright Act, 17 U.S.C. § 512 provides many benefits to copyright holders. Add one more to the list. In Xcentric Ventures LLC v. Karsen Limited et al (2011), the court refused the let the Russian Defendant play hide-and-seek to avoid service of process and authorized the Plaintiff to effect service by email due to a provision in the DMCA.

Plaintiff XCENTRIC VENTURES is the operator of a consumer complaint website. It discovered that a website owned and operated by defendant allegedly contains certain copyrighted material. Pursuant to the DMCA, it sent a series of DMCA take-down notices to non-party Google, Inc. to remove the infringing content from its search index and inform defendant that it is infringing on plaintiff’s copyrights. Google complied. Pursuant to the DMCA, defendant responded by serving a counter-notice on Google to contest the accuracy of the initial notice. To be effective, the counter-notice must contain certain things including: “the subscriber’s name, address, and telephone number, and a statement that the subscriber consents to the jurisdiction of the Federal District Court . . . and that the subscriber will accept service of process from the person who provided notification under subsection (c)(1)(C)
or an agent of such person.” §
512(g)(3)(D).

Plaintiff filed a suit alleging copyright and trademark infringement. See §
512(g)(2)(C) (stating that unless a party files an action seeking a court order to prohibit the infringing activity, the service provider can restore the removed material). Plaintiff attempted to serve defendant a copy of the summons and complaint via Federal Express delivery to the address provided in St.
Petersburg, Russia and via email. Delivery at the Russian address was unsuccessful because the address was “incorrect” according to FedEx.
On June 13, 2011, defendant emailed plaintiff in response to plaintiff’s emailed service of process. Defendant generally objected to the lawsuit and included a response, which it asked plaintiff to file with the court. In a later email correspondence, defendant argued that it never waived service of process and any service must be in compliance with the Hague Service Convention.

Plaintiff moved for an order determining whether it has effectively accomplished service of process on defendant Karsen or for leave to perform alternative service. Defendants did not respond or otherwise appear in the case.

The court found:

It is clear to the court that defendant has notice of the lawsuit and is evading service of process. By filing the counter-notice, defendant expressly agreed to accept service of process at its Russian address. Plaintiff attempted to perform service there but was unsuccessful. Defendant also purports not to understand the English language or the American court system, yet it corresponds sufficiently in English and appears capable of drafting a responsive pleading, as evidenced by the response it emailed plaintiff. Plaintiff has made other diligent, but unsuccessful, efforts to locate an alternative mailing address. In the absence of a correct address, plaintiff cannot personally serve defendant in Russia. It seems the only medium effective at reaching defendant is email.

We cannot, however, find that plaintiff has already accomplished service of process. While defendant did agree to accept service of process when it filed the counter-notice, plaintiff was unsuccessful in serving defendant by conventional means at its Russian address. [*3] Service by alternative methods, such as email, is only effective after court approval. See Rio Props., Inc. v. Rio Int’l. Interlink,
284 F.3d 1007, 1018
(9th Cir. 2002) (stating that email service is not available absent a Fed R.
Civ. P. 4(f)(3)
court decree); see also Fed.R.Civ.P. 4(h)(2)
(authorizing service of process on a foreign business in the manner prescribed by Rule 4(f)).

The court granted plaintiffs leave to serve defendant via email, stating “Service by email in circumstances where the defendant is evading service of process and it is the only method reasonably calculated to appraise defendant of the pendency of the action is permissible. See Rio Props., 284 F.3d at 1017 (approving an order granting leave to serve by email under similar circumstances); see also Liberty Media Holdings, LLC v.
Vingay.com, No. CV-11-0280-PHX-LOA, 2011 WL 810250 (D. Ariz. March 3, 2011) (permitting service by email). Moreover,
alternative methods of service in Russia, even those not required under the Hague Service Convention, are permissible, since Russia unilaterally suspended all judicial cooperation with the United States in 2003. See Nuance Commc’ns., Inc. v. Abby Software, 626 F.3d 1222, 1237-38
(9th Cir. 2010) (holding that a district court erred in requiring service upon a Russian corporation to be in compliance with the Hague Service Convention).
As the Ninth Circuit stated, “when faced with an international e-business scofflaw, playing hide-and-seek with the federal court, email may be the only means of effecting service of process.” Rio Props., 284 F.3d at 1018.

Posted

by

Many people invest significant time, effort and in some cases real money to acquire virtual goods. There is great perceived value in these virtual goods. But there are a growing number of cases, where users have been the subject of hacking and other situations where they have had their virtual property stolen. See for example our prior blog entry on a massive theft of 400 billion poker chips from Zynga users.

Most game and virtual world operators try to shield themselves from claims of loss by their users through effective legal strategies embodied in their terms of service. In most cases, users are only granted a license to use the virtual goods, but they do not own them and the terms often make clear that there is no independent value to goods. Additional disclaimers and liability avoidance language may also be included. Yet, this has not stopped some users from suing for the loss of the perceived value of their virtual goods.

Given these potential claims, what else can companies do to protect themselves from such risks? Apparently, this risk may now be insurable – at least in China – thanks to a collaboration between Sunshine Insurance Group and Gamebar.  According to a report, by China Daily a Sunshine Insurance spokesperson said “The insurance will help to reduce operating risks for online games
companies as the companies which purchase the insurance will be covered
to compensate customers in the event of lost or stolen property.”

It will be interesting to see if that catches on in the US and elsewhere, and if so, what will be covered and what will not. Check back for updates.

 

Posted

by

The Supreme Court of the United States issued a long-awaited decision in Brown v. EMA. The decision authored by Justice Scalia (in which Justices Kennedy, Ginsburg, Sotomayor and Kagen joined and Alito and Roberts concurred) opined on the validity of California Assembly Bill 1179 (2005), Cal.
Civ. Code Ann. §§1746-1746.5 (“Act”). The Act prohibited the sale or rental of violent video games to minors and required packaging to be labeled ‘”18″ if the game included options for “killing,
maiming, dismembering, or sexually assaulting an image of a human being”
in ways that reasonably could be considered as appealing to “a deviant or morbid interest of minors” or is “patently offensive to prevailing standards in the community”.

The Supreme Court strongly held that video games qualify for First Amendment protection and that the “basic principals of freedom of speech . . . do not vary” with the creation of a new and different communication medium.  Specifically, the Court stated that “[l]ike the protected books, plays, and movies that preceded them, video games communicate ideas — and even social messages — through many familiar literary devices (such as characters, dialogue, plot and music) and through features distinctive to the medium (such as the player’s interaction with the virtual world).  That suffices to confer First Amendment Protection.”  The decision stated that the First Amendment protection is subject to only a few limited exceptions for historically unprotected speech, such as obscenity, incitement and fighting words and a legislature may not create new categories simply by deciding that such categories of speech do not have sufficient societal value.  Moreover, the Court’s decision stuck down the proffered argument that violence is a form of obscenity by holding that “[v]iolence is not part of obscenity that the Constitution permits to be regulated”.

The court did not remove the possibility of any sort of video game regulation and clearly understood California’s desire to protect its minor citizens.  “No doubt a State possesses legitimate power to protect children from harm . . . but that does not include a free-floating power to restrict the ideas to which children may be exposed.”  The Court found that if California could actually demonstrate that its Act passes the strict scrutiny test (i.e. justified by a compelling governmental interest and is narrowly tailored to serve said interest) it may be able to restrict the protected speech inherent in video games.  However, the Court opined that California could not meet this standard as its evidential psychological studies were flawed and its Act is “widely underinclusive” raising concerns that it is merely disfavoring a certain viewpoint rather than protecting a valid state interest.

“Here, California has singled out the purveyors of video games for disfavored treatment — at least when compared to booksellers,
cartoonists, and movie producers — and has given no persuasive reason why.”  Therefore, the Court felt that by limiting its purported regulation to the video game industry while ignoring other industries that make violent content available to minors, California demonstrated a unconstitutional bias.  Moreover, the court stated that the video game industry’s ESRB voluntary rating system already accomplishes one of the Act’s goals, that of assisting parents in restricting their children’s access to violent video games eliminating the compelling need for California’s Act.

While the Court’s decision did not put a final nail in the coffin of any future laws seeking to regulate video game content,
it did make it significantly more difficult to do so without meeting the strict scrutiny standard.

Posted

by

On June 21, Canada’s Federal Office of Privacy Commissioner released its 2010 annual report on Canada’s data privacy law, the Personal Information Protection and Electronic Documents Act (known as “PIPEDA”). According to the report, in 2010 the Office of the Privacy Commissioner:

§ Received 4,793 inquiries in 2010 under PIPEDA,
§ Received 108 “early resolution” complaints of violations,
§ Received 99 formal complaints of violations, and
§ Closed a total of 249 investigations into formal PIPEDA complaints.

Among other things, the Report states, “Social media networks, which some research suggests now link together more than half of all Canadian Internet users, were of particularly pressing interest to our Office.” This is consistent with similar statements that have been made by the UK Information Commissioner’s Office, and should indicate to any game or social media company with global ambitions that the days of flying under the radar of data protection authorities are coming to an end.

The Report includes discussion of the Office of Privacy Commissioner’s investigations into the privacy practices of Facebook and issues around the launch of Google Buzz and Google’s well-known street-view wifi data collection practice. The Report also covers a previously unreported investigation of online dating site eHarmony’s privacy practices. The investigation was prompted by a complaint by an eHarmony member. According to the Report, when she requested to delete her online account after her membership ended, eHarmony’s response was to tell her that her account was inaccessible to other members, but that the personal information could not be entirely removed.

The Privacy Commissioner found that the option to “close” an account was not readily accessible on the eHarmony website, and that the website did not provide a clear explanation of what eHarmony meant by the term “close the account.” Based on recommendations from the Office of Privacy Commissioner, eHarmony is establishing a two-year retention period for personal information collected from its users, providing a “clear and efficient process” for users to request removal of their personal information, and providing users with “clear information” on the difference between deactivating and deleting an account and on its personal information retention policy.

It’s important to note that the Report stressed that the office’s interest in the privacy practices of online dating sites is not restricted to eHarmony. The Report noted that other dating sites do not have privacy policies at all and others have policies but do not specify how they handle personal information after a user is no longer active.

The fact that the Privacy Commissioner felt the need to note that some websites do not have privacy policies is somewhat shocking. Since July 1, 2004, it has been a violation of the California Online Privacy Protection Act (OPPA) of 2003 to fail to post a conspicuous privacy policy on any commercial website that collects personal information about California residents.

The 132-page 2010 annual report is available at http://www.priv.gc.ca/information/ar/201011/2010_pipeda_e.pdf.

Posted

by

The EU “Cookie Rule,” which requires companies with European customers to get informed consent from visitors to their websites in order to use most cookies (other than those “strictly necessary” for the service requested by the consumer), went into effect on May 25. As an example of how they wanted websites to behave, the UK Information Commissioner’s Office put the following banner on their website:

clip_image002.jpg

Thanks to a Freedom of Information request from Vicky Brock, we can see the effect of the opt-in cookie requirement on tracked traffic to the ICO website:

clip_image003.jpg

Vicky has also made the underlying data available in a Google Docs spreadsheet.

While this does seem to pose a challenge for marketers, there are a couple of things about this data to keep in mind:

1)         The UK ICO implemented the opt-in via a banner on the top of the page. People have grown so used to ignoring banners that they might not have even looked at the option being provided. Thus, another method for requesting consent might have a greater opt-in rate.  Guidance from the UK ICO states that consent can be obtained via the following methods:

 

  • Pop-ups. A website operator could ask a user directly if they agree to a website operator putting something on their computer and if they click “yes”, this would constitute consent.
  • Terms and conditions. A website operator could alternatively make users aware of the use of cookies via the terms and conditions, asking a user to tick a box to indicate that they consent to the new terms.
  • Settings-led consent. Consent could also be gained as part of the process by which the user confirms what they want to do or how they want the website to work, e.g., some websites “remember”
    which language version of a website a user prefers. If this feature is enabled by the storage of a cookie, then the website operator could explain this to the user and that it will not ask the user every time they visit the website.

It is worth noting, however, that the guidance does not purport to be exhaustive. The ICO states that they will consider supplementing the advice with further examples of how to gain consent for particular types of cookies in the future. It goes on to say that the examples listed are not intended to be a prescriptive list on how to comply,
rather, that a website operator is best placed to work out how to get information to users and what users will understand.  Each case will be facts-specific.

2)
Even for those who did see the banner, there isn’t really any incentive to opting-in. If a website makes a case for the opt-in by pointing out additional functionality or other benefits to opting-in, that may increase the opt-in rate.

Another issue for websites is that it is not yet clear whether the Cookie Rule applies to non-cookie tracking technologies like web beacons. Technically, the Cookie Rule applies to “the storing of information, or the gaining of access to information already stored, in the terminal equipment of a subscriber or user.” However, given the assertive position that many European Data Protection Authorities take towards the protection of personal information, it may be prudent to assume that anything that lets a website track users could require consent. In the case of web beacons, as well, since they could disclose a users IP address, which could be personally indentifying information, they might be subject to the general obligation to obtain user consent before collecting personal information,
anyway.

Posted

by

On April 12, 2011, the Massachusetts Department of Revenue issued Letter Ruling 11-4 holding that a product providing a customer access to information from a Taxpayer’s database is not subject to sales or use tax where the services provided do not involve transfers of prewritten software or a license to use software on a server hosted by the Taxpayer or a third party.

The Massachusetts Department of Revenue (“DOR”) issued Letter Ruling 11-4 addressing the issue of whether Massachusetts customers of a Taxpayer’s product, which provides employment application collection and selection services through proprietary software, are subject to Massachusetts sales and use tax.  The DOR held that sales of the taxpayer’s products to Massachusetts customers are not subject to the Massachusetts sales and use tax.  Massachusetts imposes a 6.25% sales tax on sales of tangible personal property and telecommunication services within the state including sales of prewritten (canned) software regardless of the method of delivery.  Also, the sale of a license or right to use software on a server hosted by a taxpayer or third party is taxable.  However, where there is no charge for the use of the software and the object of the transaction is acquiring the good or service other than the use of the software, sales or use tax on software does not apply.  See 830 CMR 64H.1.3(14)(a); LR 10-1.  In the instant matter, the provision of information services to customers based on data gathered from prospective employees and provided in a report by a taxpayer to its customers is not subject to tax.  The object of the customer’s purchase of the product is to obtain database access including reports prepared by the taxpayer, rather than use of the software itself.  The taxpayer customers do not have the ability to operate, direct, or control the software.  The DOR concluded that the services provided by the taxpayer do not involve transfers of prewritten software or a license to use software on a server hosted by taxpayer or a third party and therefore are not subject to sales and use tax.

The taxation of on-line services is evolving in many jurisdictions.  Jurisdictions without specific statutory or regulatory authority addressing such services look to existing provisions for information, telecommunication, data processing or software services in attempts to include some on-line services within their scope.  As the above ruling indicates, under existing sales and use tax principles such as true object of the transaction or primary purpose tests such efforts may not succeed.  However, every jurisdiction has is own statutory provisions and tests so one needs to review them in the context of the specific facts relating to the online game or other social media services.

Posted

by

A recent lawsuit by SocialApps LLC (d/b/a take(5) social and playSocial) accuses Zynga of copyright infringement, theft of trade secret and various other acts concerning Farmville. Farmville is one of the most widely played and profitable social games, with around 80 million users and was released in June 2009. SocialApps allegedly developed and released “myFarm” in November 2008.

Did Zynga independently create Farmville or, as SocialApps alleges, did Zynga approach SocialApps using a ruse of due diligence in an attempt to acquire the IP rights and source code to get access to the details of myFarm?
Perhaps we will learn the answer as the suit progresses.

If SocialApps did indeed invent the game earlier, did they do all they could to protect the IP? Many companies in the online social game space do not.
For an overview of some of the ways that social game companies can protect their IP, see our previous post entitled “What You Don’t Know About IP Protection For Social Games Can Hurt You“.