Enjoining Damaging Web Posts by Former Employees Comes at a Steep Price

Posted on March 7, 2008 by Philip L. Gordon and Justin A. Morello

Our last blog entry discussed the First Amendment shield that covers current and former employees who use anonymous or pseudonymous Internet postings to trash their employers. Today’s cautionary tale highlights the practical challenges employers face in court even when a current or former employee posts confidential records on the Web in violation of confidentiality agreements and laws.

Bank Julius Baer & Co., a Cayman Island subsidiary of a Swiss bank, fired a disgruntled vice president. On her way out, she took confidential documents she believed show that her former employer engaged in unlawful conduct. The next day, she posted those documents on a public website devoted to leaking confidential documents.

Instead of pursuing the disgruntled vice president, the Bank filed a lawsuit seeking to enjoin the leaking website, Wikileaks.org, and its domain name registrar, Dynadot. The Wikileaks website enables users to anonymously publish submissions, including alleged confidential corporate and government documents. The site aims to be an “untraceable version of Wikipedia for untraceable mass document leaking and analysis.” The site runs on modified MediaWiki software, similar to the software that runs Wikipedia.

Dynadot, a small company not interested in a protracted legal battle, stipulated to a permanent injunction that required it to shut down the website instead of fighting the Bank. Judge Jeffrey White of the federal district court in San Francisco signed the stipulated permanent injunction. The Bank dismissed its lawsuit against Dynadot with prejudice, and Dynadot shut down the website. The Bank appeared to have silenced its disgruntled vice-president, quickly, quietly and at minimal cost.

But the next day, Wikileaks was up and running through multiple mirror sites. Mirror sites use a similar domain name that is registered through a different domain name registrar. Wikileaks, for example, also used the domain name Wikileaks.cx through a domain registrar in the Christmas Islands. Wikileaks posted the Bank’s confidential documents on these mirror sites. 

Within the week, the New York Times, while neglecting to mention the agreement between the Bank and Dynadot, reported that Judge White’s approval of the stipulated permanent injunction “present[ed] a major test of First Amendment rights.” Also failing to mention the agreement between the parties, blogs buzzed about apparent constitutional violations. 

Not long after publication of the Times article, heavy hitters such as the ACLU, Project on Government Oversight, and the Electronic Frontier Foundation, came out with statements against the Bank. In response to their court papers, Judge White abnegated the agreement the Bank had negotiated with Dynadot, dissolved the permanent injunction, denied the Bank's request for a restraining order, noted the injunction may involve impermissible prior restraints, pondered whether an injunction would serve any purpose and questioned whether the Court had subject matter jurisdiction to hear the dispute. In the meantime, the Wikileaks site, complete with the Bank's stolen documents, is still up and running. On March 5, 2008, the Bank voluntarily dismissed its lawsuit, apparently concluding that litigation was no longer worth the cost.

Employers should view the Bank’s experience as a cautionary tale. What started as a quick agreement and apparent resolution literally, as the saying goes, ended up on the front page of the New York Times. The case also shows how quickly journalists will publicize a story that can be portrayed as “an attack on the First Amendment.” Sometimes filing suit is not the best way for an employer to protect its interest.

Tags: , , , , , , ,

Employers' Efforts To Combat Cybersmear Hit The First Amendment Shield

Posted on February 19, 2008 by Philip Gordon

The balance of power has shifted. In the “old days” -- before the Internet explosion -- a disgruntled current or former employee did not have many outlets. She might complain to a spouse, a cadre of sympathetic co-workers or a union representative. But her employer had little fear that her scalding criticism of her direct report, the company’s business strategy or senior management would be front-page news or fodder for radio talk shows.

In today’s world of blogs, personal Web pages, chat rooms, and message boards, that dynamic has been flipped. Employees — and particularly terminated, former employees — are venomously trashing their employers in cyberspace, where anyone who wants to “tell all” can speak freely. Employers have been left desperately searching for the answer to one simple question: “How can I shut that guy up?”

A decision published by the California Court of Appeal earlier this month, Krinsky v. Doe 6, highlights one of the major obstacles to squelching these silicon diatribes, often referred to as “cybersmear.” Who do you shut down? Most current and former employees venting on the Web are cagey enough to hide behind anonymity or veiled identity. In Krinsky, for example, the offending poster dubbed the plaintiff, a departing senior executive, “boobs” and said that he would “reciprocate felatoin [sic] with [her] even though she has fat thighs, a fake medical degree, 'queefs' and ... poor feminine hygiene” but, for obvious reasons, did not take personal responsibility for this juvenile comment.

The Krinsky plaintiff, like other business people on the receiving end of an anonymous or pseudonymous diatribe, are left knocking on the typically sealed door of the Internet Service Provider (ISP) that hosts the server where the post resides. The ISPs, fulfilling assurances of confidentiality in their subscriber agreement or complying with obligations imposed by the Stored Communications Act, typically will disclose the identity of an anonymous or pseudonymous user posting content only in response to a subpoena or court order. The ISP also typically will put its subscriber on notice that a subpoena has been served to give the subscriber an opportunity to ask the issuing court to quash the subpoena.

No matter how obnoxious their posting, current and former employees who speak anonymously or pseudonymously on the Web arrive in court with the upper hand; they are cloaked in the protective garb of the First Amendment. The First Amendment does not protect cybersmearing employees from being terminated (albeit anti-retaliation statutes and other statutes might, depending upon the content of the post). Rather, the First Amendment restricts the power of the judiciary to issue a speech-squelching injunction.

In Krinsky, the Court announced a new test applicable in California (where many Silicon Valley-spawned ISPs happen to be located) for deciding whether a subpoena seeking to uncover the identity of an allegedly libelous poster should be quashed. The defamation plaintiff must (a) show that she tried to notify the anonymous or pseudonymous poster of the subpoena — for example, by posting a notice on the blog where the cybersmear appeared, and (b) establish a prima facie case of defamation.

In most circumstances, Point (b) means the target of the cybersmear must establish that the libelous statement is factual (as opposed to non-actionable opinion) and that the libel damaged the plaintiff, e.g., caused plaintiff to lose her job or damaged a customer relationship. These standards can be difficult to satisfy. In Krinsky, for example, the court held that the cybersmear fell “into the category of crude, satirical hyperbole which, while reflecting the immaturity of the speaker, constitute[s] protected opinion under the First Amendment.” Even if a plaintiff, like Krinsky, is the target of an outright factual lie, she often will find it difficult, if not impossible, to link any economic loss to what most likely is a relatively obscure Internet post.

Krinsky teaches that in most cases the target of cybersmear is better off turning the proverbial other cheek (or finding a padded room in which to vent) than resorting to the court system for relief. Eventually, the scurrilous diatribe will be washed away in the muck of self-expression that fills the Web.

Tags: , , ,