Ninth Circuit Provides Some Relief for Employers and Executives Anonymously Trashed on the Web

Posted on July 23, 2010 by Privacy and Data Protection Practice Group

Keeping silentAnonymous Internet posts attacking employers and executives have become all too common. Until the Ninth Circuit Court of Appeals’ decision last week in Anonymous Online Speakers v. United States District Court for the District of Nevada Reno, courts have relied on the First Amendment right to speak anonymously to set substantial obstacles in the path of employers and executives seeking to compel Internet service providers to disclose the identity of anonymous speakers on the Web. In a case of first impression in the federal appellate courts, the Ninth Circuit appears to have made it significantly easier for employers and executives to unmask the perpetrators of anonymous Internet attacks.

The case arose out of Signature Management TEAM’s alleged smear campaign against Quixtar. According to Quixtar, TEAM was responsible for anonymous posts that accused Quixtar of “systemic dishonesty,” “systemic noncompliance” with regulations, and improperly treating its franchisees. TEAM’s online content manager refused to answer questions at his deposition seeking the anonymous speaker’s identity. Quixtar sought an order compelling disclosure; the anonymous speakers intervened in the proceeding to prevent disclosure.

In a significant victory for employers and executives, the Ninth Circuit rejected the approach to unmasking requests taken by all other courts to date. These courts required the putative victim of an anonymous attack to produce levels of proof that almost always will be unattainable at the early stages of a case when the unmasking issue typically is addressed, so the defendant can be identified, served with the complaint, and subject to discovery. The Ninth Circuit ruled that rather than requiring the victim to prove his claims, trial courts should determine whether the anonymous speech is political, religious or literary and entitled to heightened protection, or commercial and entitled to less protection.

When anonymous speech is “commercial,” which typically will be the case when employers or executives come under attack, a trial court should apply a balancing test. The test weighs the anonymous speaker’s First Amendment rights against the “need for relevant discovery,” recognizing the "great potential for irresponsible, malicious, and harmful communication" and that particularly in the age of the Internet, the "speed and power of internet technology makes it difficult for the truth to 'catch up' to the lie." Although future application of these high-level principles is difficult to predict, the Ninth Circuit’s new approach to “unmasking cases” almost surely will result in greater success for employers and executives seeking to unmask anonymous speakers on the Web.

While savoring this victory, employers should keep in mind that litigation against anonymous speakers on the Web can be expensive, time consuming, and distracting. In many circumstances, the victims of an anonymous attack will be better served by letting the offending comment become lost in the daily flood of information on the Internet.

This entry was written by Philip L. Gordon and Christopher M. Leh.

Photo credit: rtiom
Tags: , , ,
  • Email This
  • Print
  • Trackbacks
  • Share Link

The Legal Perils of Social Media & Social Networking: Questions & Answers

Posted on October 5, 2009 by Privacy and Data Protection Practice Group

On September 29, 2009, Littler Mendelson presented a webinar, hosted by HR.com, entitled, “Legal Perils of Social Media & Social Networking: What Every Employer Needs to Know.” Several of the attendees submitted questions by e-mail that could not be answered during the time allotted for the webinar. The answers to those questions are below.

Question: Because of the sketchy and inconsistent nature of HR policy around this topic, it seems reasonable for employees to ask for definition from their employers regarding use of social media to avoid being surprised should there be a potential issue. Would you agree?

Response: I would agree. The intersection of social networking sites and work is so new that accepted etiquette, custom, or norms have not yet developed. Employers can address this problem by establishing a policy that provides easily understood guidelines for employees’ social media activities whether authorized by the employer or not. Training also is very important in this area. Employers need to train managers and employees on how to respond to and handle the many complicated issues raised by the intersection of work and social media activity.

Question: What if employees are using their cell phones for social networking, not utilizing company technology? And what if they are doing it on their own times: breaks and lunch?

Response: Employers can establish guidelines for employees’ off-duty social media activities even if employees are using their own cell phones, laptops, desktops, or other personal devices. As discussed in the webinar, there are several laws that might restrict an employer’s ability to take adverse action based upon an employee’s off-duty social networking activities. These laws include, for example, the National Labor Relations Act, state laws that prohibit adverse action based on an employee’s lawful off-duty activities, the First Amendment for public employers, and anti-discrimination laws.

Question: Can you expand upon the scope of First Amendment protections and the Connecticut law that you mentioned during the webinar?

Response: One common misconception is that the First Amendment protects all employees against adverse action based on their speech. In fact, the First Amendment protects only public employees. However, Connecticut has an unusual law (Conn. Gen. Stat. 31-51q) that extends First Amendment protections to private employees. A private employer violates the law by terminating a Connecticut employee on account of that employee's exercise of rights guaranteed by the First Amendment--provided such activity does not substantially or materially interfere with the employee's bona fide job performance or the working relationship between the employee and the employer.

Question: Can employees assume that because the company hasn't blocked a social site from being accessed that it must be okay for them to use it during the day?

Response: Employees might make that assumption if the employer does not have any policy addressing Internet use generally or social media use in particular, or if a general Internet policy permits incidental non-business use of the employer’s Internet access. An employer can defeat the assumption without blocking access to social media sites by specifically informing employees in a policy that use of the employer’s electronic resources to access social media sites for non-business purposes is prohibited. For the policy to eliminate an assumption like this one, management and human resources professionals need to communicate about, and consistently enforce, the policy. In this regard, HR and managers should work together to remain well versed on best practices and ongoing developments in this area.

This entry was co-written by Philip L. Gordon and Kevin P. O'Neill.
Tags: , , , ,
  • Email This
  • Print
  • Share Link

Enjoining Damaging Web Posts by Former Employees Comes at a Steep Price

Posted on March 7, 2008 by Philip L. Gordon and Justin A. Morello

Our last blog entry discussed the First Amendment shield that covers current and former employees who use anonymous or pseudonymous Internet postings to trash their employers. Today’s cautionary tale highlights the practical challenges employers face in court even when a current or former employee posts confidential records on the Web in violation of confidentiality agreements and laws.

Bank Julius Baer & Co., a Cayman Island subsidiary of a Swiss bank, fired a disgruntled vice president. On her way out, she took confidential documents she believed show that her former employer engaged in unlawful conduct. The next day, she posted those documents on a public website devoted to leaking confidential documents.

Instead of pursuing the disgruntled vice president, the Bank filed a lawsuit seeking to enjoin the leaking website, Wikileaks.org, and its domain name registrar, Dynadot. The Wikileaks website enables users to anonymously publish submissions, including alleged confidential corporate and government documents. The site aims to be an “untraceable version of Wikipedia for untraceable mass document leaking and analysis.” The site runs on modified MediaWiki software, similar to the software that runs Wikipedia.

Dynadot, a small company not interested in a protracted legal battle, stipulated to a permanent injunction that required it to shut down the website instead of fighting the Bank. Judge Jeffrey White of the federal district court in San Francisco signed the stipulated permanent injunction. The Bank dismissed its lawsuit against Dynadot with prejudice, and Dynadot shut down the website. The Bank appeared to have silenced its disgruntled vice-president, quickly, quietly and at minimal cost.

But the next day, Wikileaks was up and running through multiple mirror sites. Mirror sites use a similar domain name that is registered through a different domain name registrar. Wikileaks, for example, also used the domain name Wikileaks.cx through a domain registrar in the Christmas Islands. Wikileaks posted the Bank’s confidential documents on these mirror sites. 

Within the week, the New York Times, while neglecting to mention the agreement between the Bank and Dynadot, reported that Judge White’s approval of the stipulated permanent injunction “present[ed] a major test of First Amendment rights.” Also failing to mention the agreement between the parties, blogs buzzed about apparent constitutional violations. 

Not long after publication of the Times article, heavy hitters such as the ACLU, Project on Government Oversight, and the Electronic Frontier Foundation, came out with statements against the Bank. In response to their court papers, Judge White abnegated the agreement the Bank had negotiated with Dynadot, dissolved the permanent injunction, denied the Bank's request for a restraining order, noted the injunction may involve impermissible prior restraints, pondered whether an injunction would serve any purpose and questioned whether the Court had subject matter jurisdiction to hear the dispute. In the meantime, the Wikileaks site, complete with the Bank's stolen documents, is still up and running. On March 5, 2008, the Bank voluntarily dismissed its lawsuit, apparently concluding that litigation was no longer worth the cost.

Employers should view the Bank’s experience as a cautionary tale. What started as a quick agreement and apparent resolution literally, as the saying goes, ended up on the front page of the New York Times. The case also shows how quickly journalists will publicize a story that can be portrayed as “an attack on the First Amendment.” Sometimes filing suit is not the best way for an employer to protect its interest.
Tags: , , , , ,
  • Email This
  • Print
  • Trackbacks
  • Share Link

Employers' Efforts to Combat Cybersmear Hit the First Amendment Shield

Posted on February 19, 2008 by Philip Gordon

The balance of power has shifted. In the “old days” -- before the Internet explosion -- a disgruntled current or former employee did not have many outlets. She might complain to a spouse, a cadre of sympathetic co-workers or a union representative. But her employer had little fear that her scalding criticism of her direct report, the company’s business strategy or senior management would be front-page news or fodder for radio talk shows.

In today’s world of blogs, personal Web pages, chat rooms, and message boards, that dynamic has been flipped. Employees — and particularly terminated, former employees — are venomously trashing their employers in cyberspace, where anyone who wants to “tell all” can speak freely. Employers have been left desperately searching for the answer to one simple question: “How can I shut that guy up?”

A decision published by the California Court of Appeal earlier this month, Krinsky v. Doe 6, highlights one of the major obstacles to squelching these silicon diatribes, often referred to as “cybersmear.” Who do you shut down? Most current and former employees venting on the Web are cagey enough to hide behind anonymity or veiled identity. In Krinsky, for example, the offending poster dubbed the plaintiff, a departing senior executive, “boobs” and said that he would “reciprocate felatoin [sic] with [her] even though she has fat thighs, a fake medical degree, 'queefs' and ... poor feminine hygiene” but, for obvious reasons, did not take personal responsibility for this juvenile comment.

The Krinsky plaintiff, like other business people on the receiving end of an anonymous or pseudonymous diatribe, are left knocking on the typically sealed door of the Internet Service Provider (ISP) that hosts the server where the post resides. The ISPs, fulfilling assurances of confidentiality in their subscriber agreement or complying with obligations imposed by the Stored Communications Act, typically will disclose the identity of an anonymous or pseudonymous user posting content only in response to a subpoena or court order. The ISP also typically will put its subscriber on notice that a subpoena has been served to give the subscriber an opportunity to ask the issuing court to quash the subpoena.

No matter how obnoxious their posting, current and former employees who speak anonymously or pseudonymously on the Web arrive in court with the upper hand; they are cloaked in the protective garb of the First Amendment. The First Amendment does not protect cybersmearing employees from being terminated (albeit anti-retaliation statutes and other statutes might, depending upon the content of the post). Rather, the First Amendment restricts the power of the judiciary to issue a speech-squelching injunction.

In Krinsky, the court announced a new test applicable in California (where many Silicon Valley-spawned ISPs happen to be located) for deciding whether a subpoena seeking to uncover the identity of an allegedly libelous poster should be quashed. The defamation plaintiff must (a) show that she tried to notify the anonymous or pseudonymous poster of the subpoena — for example, by posting a notice on the blog where the cybersmear appeared, and (b) establish a prima facie case of defamation.

In most circumstances, Point (b) means the target of the cybersmear must establish that the libelous statement is factual (as opposed to non-actionable opinion) and that the libel damaged the plaintiff, e.g., caused plaintiff to lose her job or damaged a customer relationship. These standards can be difficult to satisfy. In Krinsky, for example, the court held that the cybersmear fell “into the category of crude, satirical hyperbole which, while reflecting the immaturity of the speaker, constitute[s] protected opinion under the First Amendment.” Even if a plaintiff, like Krinsky, is the target of an outright factual lie, she often will find it difficult, if not impossible, to link any economic loss to what most likely is a relatively obscure Internet post.

Krinsky teaches that in most cases the target of cybersmear is better off turning the proverbial other cheek (or finding a padded room in which to vent) than resorting to the court system for relief. Eventually, the scurrilous diatribe will be washed away in the muck of self-expression that fills the Web.
Tags: , , ,
  • Email This
  • Print
  • Trackbacks (2)
  • Share Link