Sign Up
Stay current with GH&R Newsletters. Click here to sign up.
E-Commerce News
Talk America Can't Change Service Terms Via Web Posting; CFAA Does Not Cover Data Misuse
August 28, 2007
TALK AMERICA CAN'T CHANGE SERVICE TERMS VIA WEB POSTINGLong distance carrier Talk America recently discovered that it cannot effectively alter its terms of service by merely posting notice of the modification on its Web site. As a result, Talk America’s efforts to force a customer dispute into arbitration was disconnected.
The case arose when a customer of Talk America objected to a number of changes in his plan, which Talk America implemented after acquiring the service contract from AOL. The changes included additional charges, a class action waiver and an arbitration clause.
The customer filed a class action lawsuit, alleging various federal and state law causes of action. Talk America asked the trial court to send the dispute to arbitration, relying on the arbitration provision in the modified service agreement. The trial court granted the motion and the customer appealed.
On appeal to the Ninth Circuit Court of Appeals, the customer argued that he’d never been notified of the changes Talk America had made to the Service Agreement. The trial court had sided with Talk America’s position that posting notice on the Web site was sufficient notice. The trial court judge, apparently not connected with reality, noted that, since the terms were posted on the Web site, the customer "could have read had he wanted to know the terms and conditions under which he was receiving services." Sure, doesn’t everybody routinely read their long distance carrier’s terms of service?
The appellate court judges, unlike the trial court judge, however, evidently attended a seminar on common sense. They noted that, even if the customer had visited Talk America's Web site to pay his monthly bill (which he didn’t – it was automatically charged to his credit card), he would have had no reason to look at the service contract posted there. The appellate court elaborated, observing that the customer would have had no indication when to check Talk America's Web site for changes, since, presumably, Talk America didn’t advise its customers when to check the site.
Once it decided that the customer had received no notice of the changes, the appellate court disposed of the appeal. It is very basic law that one party to a contract cannot unilaterally change the terms of the deal, without the other party’s consent.
And the fact that the customer received no notice of the changes doomed Talk America’s contention that the customer had agreed to the service contract changes by continuing to use Talk America's services. Continued use would constitute consent to the changes only if the customer knew about the changes!
Burying terms too deep in the fine print of an agreement will often invalidate those terms. Based on this holding, that rule of thumb applies in the digital age too.
CFAA DOES NOT COVER DATA MISUSE
A federal court in Pennsylvania recently made a critical distinction between improper data access and improper data use for purposes of the Computer Fraud Abuse Act ("CFAA"), when it held that the CFAA does not apply to data legally accessed, even if the information is subsequently misused.
The CFAA prohibits anyone from intentionally accessing a protected computer without authorization or in excess of their authorization, with the intent to defraud.
The court read this section to impact only access, not use, and accordingly dismissed the plaintiff's CFAA claims in this case.
The case at issue was filed by a Pennsylvania law firm against a former employee. Immediately prior to his departure, the employee accessed the firm’s database to download client files. He later transferred these files to his new employer.
Unfortunately for the law firm’s CFAA claim, the employee was authorized to access client files and download them. While he was not permitted to transfer the files to the firm's competitors, the court found that activity outside the scope of the CFAA.
The court said it’s ruling would not change even if the employee breached his employment contract in transferring the information. The breach of contract is governed by common law, not the CFAA.
The court determined that in enacting the CFAA, congress did not intend to "criminalize state law breaches of contract."
For CFAA purpopses, it is more about how you get it, than what you do with it thereafter!
This Newsletter is a periodic publication of Graydon Head & Ritchey LLP and should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general information purposes only, and you are urged to consult your own advisor concerning your situation and any specific legal question you may have.