January 03, 2012

"Google's legal troubles"

Shapiro Sher partner William A. McComas writes in the National Law Journal about Google's "acceptance by silence" paradigm.

Full article:

Google's Legal Troubles

Will we look back on 2011 as the year Google became too powerful for its own good? Evidence is mounting, at least, that the transformative corporation is straining the limits of the law on several fronts, and the public has begun to take notice. To wit:

Earlier this fall, Google’s CEO Eric Schmidt testified before a U.S. Senate subcommittee in a session titled “The Power of Google: Serving Consumers or Threatening Competition?” Meanwhile, the Federal Trade Commission is conducting an antitrust inquiry into the company, which already faces several antitrust suits in Europe.

Google has also been hit with multiple lawsuits across the country asserting that its use of Android data-tracking software for smartphones violates the law.

Additionally, Google may soon find itself in litigation over its Google Books project, following an appellate decision that dealt the company a blow. Google has been working for several years to settle a class action suit brought by publishers and authors concerning the company’s digitization and commercialization of copyrighted content. Now it also finds itself prepping for trial, which may begin as early as July 2012, according to news reports.

Google’s gathering legal troubles arise from a fundamental pattern: the company routinely relies on an “acceptance-by-silence” paradigm under which it assumes the right to acquire and commercialize content unless the content’s originators explicitly “opt-out” of Google’s various commercial endeavors.

Google, and many other internet companies, have been operating according to this paradigm for years. Search engines have always taken data without express consent from website owners. The Google Books project moved forward in a similar manner, with the company preemptively scanning the collections of research libraries without permission from copyright holders. It was left to copyright holders to learn about the project, and, if they opposed Google’s scanning of their property, copyright holders had to expend their own resources to assert their rights.

Now this paradigm has become entwined with the personal lives of consumers. The company, poised to become a major player in the mobile phone market with its acquisition of Motorola, tracks and sells data about smartphone users. The Android operating system gathers user information that the company has been commercializing--just as it has commercialized web content and digitized books.

This year, however, the company has run into obstacles that call into question the viability of the acceptance-by-silence paradigm.

One such impediment involves Google’s efforts to settle class action suits brought by author and publisher organizations. In March 2011, U.S. District Judge Denny Chin rejected a settlement proposal concerning the Google Books project. In his decision, Judge Chin noted that the settlement would have given the company too much power by granting it the right to exploit books without the express permission of copyright holders. Also of concern was that the company would enjoy a monopoly over billions of dollars in advertising revenue generated by the database of books.

In rendering his decision, Judge Chin reiterated earlier remarks that much of the problem would be averted if Google would simply make its inclusion in Google Book Search an “opt-in” procedure, rather than “opt-out.” Google refuses to do so. It claims that there are simply too many “orphan” books out there still under copyright but whose authors cannot be reached – and Google wants to include them in its database, too.

It is this “opt-in” versus “opt-out” question that is most disconcerting in the war over the world’s information.

It is pivotal in the Android-related lawsuits. In Pessano et al v. Google, Inc., which was filed originally in US District Court in Tampa, Florida, but was recently transferred to Multidistrict Litigation, the plaintiffs allege that Google “violates user privacy in an effort to amass an unlawful database of individual location data unapproved by users, but worth billions of dollars in marketing money to Google[.]”

The Pessano case and other pending suits assert that Google collects more information than is necessary to provide mapping functions on its Android phone and that it sells or makes accessible this information to third-party marketers for advertising revenues without customer consent. (Apple’s iPhone faces similar lawsuits.)

Google’s response is that customers “opt-in” to this data-tracking convenience and they are welcome to shut it off. True. But by shutting it off, customers lose the Android’s navigation component and other features. The bottom line is that Google assumes customers’ willingness to “opt-in” to data tracking means they also are willing to have their information sent to marketers. Google’s technology doesn’t allow customers to select the features they want and simultaneously “opt-out” of the marketing component. It also assumes that users will learn about this feature and will know how to configure the device so that it shuts off such transmissions.

Google’s other line of defense against the Android lawsuits is that the third-party marketers receive little information about each customer--only basic demographic data; more sensitive information is encrypted. That may be true, but the arrangement still gives Google enormous power over consumers’ information.

Whether the plaintiffs in Pessano and similar cases succeed or fail, the problem they point to will remain. The paradigm of the Internet age is now deeply entrenched in our society. Every moment, “web crawlers” and other electronic agents interact with consumers’ computers and smartphones, compiling data for marketing or search-engine purposes that they sell or use for commercial gain without our express consent. These electronic agents – and the companies that profit from them – are so intrinsic to the infrastructure of the Internet that we don’t realize how much the practice diverges from accepted commercial and legal norms.

Every law student who has ever taken a contracts class knows that a contract cannot be formed by a participant’s silence. In business, there must be a manifestation of assent, such as a signature, to establish an agreement between two parties. Yet the Internet -- and now smartphones too -- operate according to a completely different paradigm.

If long-standing norms were followed, privacy would be better protected and distinguishing between Google’s programming and harmful spyware, malware and other malicious code would be simple. In other words, customer information would not be commercially exploitable without customer consent.

Instead, to stop the penetration of our computers and personal devices, consumers and websites can try to deploy advanced security measures, but such steps are often beyond the capacity of the average user. The tradeoff is that much of the information we get from the Internet and apps on our smartphones is “free.” The proliferation we’ve seen of new apps and technologies shows that the consumer has benefited by this symbiotic relationship between technology companies and the public.

Still, until we demand that Google and others begin operating under traditional commercial contracting practices -- and force them to relinquish their acceptance-by-design protocol (or silence-is-acceptance as used in certain circumstances through its opt-out strategy) -- there is little that can be done to stop them from gaining even more control over our information. And this control will only grow stronger with every new product, gadget, app and resource they role out for our consumption.

William A. McComas, a partner at the Maryland law firm Shapiro Sher Guinot & Sandler, practices technology law and can be reached at wam@shapirosher.com.