Sign Up
Stay current with GH&R Newsletters. Click here to sign up.
E-Commerce News
Identity Theft Victim Granted Civil Remedy; Tiffany and eBay Duke it Out
January 22, 2008
IDENTITY THEFT VICTIM GRANTED CIVIL REMEDYThe United States Court of Appeals for the Ninth Circuit recently permitted an indentity theft victim to proceed with a lawsuit against the health care company from whom his personal information was stolen. The court, however, affirmed the dismissal of the cases of two other parties to the suit. Their cases were dismissed because, although their personal data was stolen, they apparently did not suffer any identity theft. They alleged only that they faced credit monitoring costs as a result of the breach of their information.
The case arose when three plaintiffs filed a complaint on behalf of themselves and other unnamed plaintiffs against a health care company after thieves stole personal information on over a half million military retirees from the company's offices. The plaintiffs alleged negligence, a violation of Arizona Consumer Fraud Act, and federal Privacy Act claims.
In September 2005, the U.S. District Court for the District of Arizona granted summary judgment to the defendant. Because two of the plaintiffs had not faced any identity theft consequences they could not demonstrate damages sufficient to support a claim. The court held that "enhanced future risk of injury cannot form the basis for a negligence action."
The other plaintiff, however, identified at least six unauthorized attempts to use his personal information within six weeks after the data breach. But according to the trial court, "evidence that the burglary [at the health care company] preceded the incidents of identity fraud does not allow a reasonable jury to infer that the burglary caused the incidents of identity fraud."
All three plaintiffs appealed to the Ninth Circuit. For the two plaintiffs who’d not suffered any identity theft consequences, the news was not so good. The Ninth Circuit agreed that an alleged increased risk of ID theft could not support a negligence claim.
But as to the third plaintiff, the Ninth Circuit found a logical inference that the type of personal data stolen from the health care company--name, address and Social Security number--was the kind needed to open new credit accounts. The plaintiff was not required to prove that connection by direct evidence. The Ninth Circuit decided that it "is a matter of common knowledge from which a jury could reasonably draw inferences regarding its probative value in establishing causation."
The plaintiff also presented evidence that he did not use the Internet to transmit personal information and that he shredded all mail containing personal information. These facts persuaded the Ninth Circuit that other possible avenues by which thieves could have obtained the personal information used to open new credit accounts in the plaintiff's name were eliminated. For this reason, the Ninth Circuit Court reversed the summary judgment and permitted the plaintiff’s case to proceed.
This ruling is important for indentity theft victims and entities that control sensitive information. For the victim, the ruling recognizes that there is a deep pocket available, which is nice, since the actual thieves may never be found. For the entity, the ruling requires actual harm to the "victim" before a civil suit can proceed. Sounds like a reasonable ruling.
TIFFANY AND EBAY DUKE IT OUT
Exclusive jeweler Tiffany’s has accused the Internet auction site eBay of knowingly selling counterfeit merchandise on its site. Tiffany’s argues that this conduct constitutes contributory trademark infringement. Tiffany’s and eBay are engaged in a lawsuit in a federal trial court in New York. The case was tried to the bench and recently concluded. The parties are now submitting post trial briefs.
Tiffany’s sued eBay, contending that the site made counterfeits of Tiffany’s items available for sale to the general public. Tiffany’s contended this activity infringed its trademark.
United States Supreme Court precedent has established that a distributor is liable for contributory infringement if it continues to supply its product to one whom it knows or has reason to know is engaging in trademark infringement.
While Tiffany and eBay agreed that the above standard controls, not surprisingly, they disagreed on how it applied to the facts at issue.
Tiffany contended that eBay’s general knowledge about counterfeit Tiffany jewelry sales on the site satisfied the knowledge standard. Tiffany produced evidence that it had complained to eBay, and sent statistics and statements about the nature of the problem.
But eBay contended that this information was too general to trigger a duty to act. According to eBay, the knowledge standard requires knowledge concerning information about specific postings. eBay argued that it needed to have had knowledge of specific, discrete instances of counterfeiting, rather than a broad idea that counterfeiting may be happening.
Tiffany’s contended that cases involving very low tech "flea market" operations applied to its high tech dispute with eBay. In a case involving a flea market operator, the US Court of Appeals for the Seventh Circuit ruled that a flea market operator who had seen "suspect" Hard Rock Cafe shirts for sale at his market could be held contributorily liable for infringing goods sold there based on his involvement with the sale.
In a similar case, the Ninth Circuit Appellate Court held that swap meet operators were contributorily liable for trademark infringement when illegal sound recordings were evidently "rampantly" bought and sold at the meets.
Tiffany’s argued that eBay is able to control what is bought and sold on its site, and profits from the infringing activity by taking a commission on each sale. And because eBay exerted control over its site, it had both knowledge of the infringing activity and the ability to stop it. According to Tiffany’s, that made eBay a contributor.
eBay argued, though, that "general knowledge" was insufficient, citing the Ninth Circuit’s Napster decision for support. In that case, the Ninth Circuit ruled that "[A]bsent any specific information which identifies infringing activity, a computer system operator cannot be liable."
Applying the Napster holding to its own circumstances, eBay maintained that it could not be liable "for contributory trademark infringement unless the trial record demonstrates that eBay possessed actual knowledge or reason to know of specific infringements (i.e., counterfeit listings of Tiffany merchandise), and failed to act on that knowledge."
eBay argued that if it were liable in any way, it was only as an "innocent infringer." Innocent infringers are subject only to an injunction against future printings. And according to eBay, an injunction would be limited "to what eBay already offers rights owners--namely, removal of listings reported to it."
The evolving law of the Internet has tended to be protective of Web hosts, and has not imposed stringent burdens for policing content. The decision in this case will demonstrate whether courts wish to continue the trend. And, if Tiffany’s succeeds in convincing the court that eBay is essentially an online flea market, perhaps eBay will change its name to "fleaBay."
This Newsletter is a periodic publication of Graydon Head & Ritchey LLP and should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general information purposes only, and you are urged to consult your own advisor concerning your situation and any specific legal question you may have.