News/Publications

Publications

Publications

Cybersmears: The Next Generation

Advocacy Groups Seek to Protect the Identities of Company Critics

by Jeffrey R. Elkin

Reprinted from
Business Law Today
July/August 2001

"A voice in the electronic wilderness lashes out at a company. The company lashes back with a lawsuit to flush out its attacker. The battle is joined. But wait, a white knight is on the way . . ."

Over the past few years, individuals and companies have filed numerous lawsuits claiming that defamatory comments were made about them on the Internet. With the whole country (and the world, for that matter) wired together through this relatively new medium, virtually anyone with a computer can compose and distribute ideas, information, views, commentary and "facts" through e-mails, bulletin boards, chat rooms and Web sites.

Casual Net users pass along "rumors" about company personnel through e-mails; frustrated employees spread "innuendos" about company management on bulletin boards or chat rooms; and self-proclaimed "experts" circulate disparaging comments about company goals and strategy.

In the early days of the Internet, most people never gave the risk of litigation a second thought. Much of the dialogue seemed to be nothing more than garden-variety "office cooler" gossip that workers have engaged in for years. In addition, because these distributions and postings were made under anonymous names, many message writers believed there was virtually no chance they would ever get caught.

Perhaps because they did not take the threats seriously or think their identities could ever be discovered, posters occasionally sent messages that became more than harmless gossip. They often negatively affected a company's operations, moved stock prices in a certain direction, or did irreparable harm to a business' reputation. When these published statements were believed to be false and damaging, lawsuits followed.

In the earliest cases, the courts held that the laws of defamation applied to false statements made over the Net and a whole new potential for litigation was opened up. On the Internet, ordinary individuals who would not normally have had a forum to spread their words, were able to widely "publish" their views and opened themselves to defamation lawsuits.

While the initial suits went after the potential deep pockets of Internet Service Providers (ISPs) like Yahoo and AOL, the courts found these companies not to be at fault, stating that they could not possibly be expected to monitor all of their postings and police their subscribers. The courts found that the Communications Decency Act (CDA) of 1996 immunized ISPs from defamation liability for information that originated from third parties.

Still, the ISPs were not removed entirely from the litigation process merely because of the wordings of the CDA and the rulings in those initial Internet defamation cases. Because the names of those making the potentially defamatory comments remained anonymous, corporate plaintiffs (the subject of the chat-room and bulletin board postings) turned to the courts to force the ISPs to reveal the identity of the "anonymous" online critic.

The early litigation process followed a very similar pattern. Following the objectionable e-mail or posting on a bulletin board, the target company would file a lawsuit naming "John Doe" as the defendant because the true name was unknown at the time. The company would then file for a subpoena to be issued to the appropriate ISP for it to reveal the true identity of the anonymous poster.

Once the ISP received a court order, it would typically provide the personal contact information because, though many subscribers may not have realized it, Yahoo (and others) warn them in advance that they will "reveal names, e-mail addresses and other information when served with a subpoena."

After the identity was revealed, the lawsuit was often dismissed. In many cases, the companies seemed more interested in finding out the name of the true perpetrators and then handling the situations on their own. Typically, these individuals turned out to be employees who either had personal grudges against their companies or sought to profit from stock price fluctuations once the posted "news" had spread. Over the past few years, companies such as Raytheon, HealthSouth Corp. and ITEX Exchange all successfully identified those posting messages they claimed to be defamatory by filing suits and serving the appropriate ISP with a subpoena.

As the successful lawsuits grew in number, civil liberties organizations and free speech advocates emerged to assist the "John Does" and counter the complaints of the plaintiffs. The ACLU, Public Citizen and Internet-oriented organizations like Electronic Frontier Foundation, claimed that many of these suits were indeed frivolous and merely represented an attempt to stifle the free speech protected by the First Amendment.

These organizations asserted that most of the suits were filed by deep-pocket corporations who were more interested in disclosure of the posters' identity than to true claims of defamation. They correctly pointed out that since many of the defendants lacked power and money themselves, the companies often dropped the suits once the identities were revealed and subsequently fired the employees.

According to these advocacy groups, if the corporate plaintiffs continued to prevail, most individuals would be less willing to express any controversial positions for fear that they would be named in a lawsuit regardless of whether or not their words were defamatory or for fear of other employment-based retaliation. These groups believed that such lawsuits served to stop uninhibited free speech as the very time the Internet was creating the biggest marketplace of ideas the world had ever seen.

They fought for rights on behalf of the underdog John Doe defendant and attempted to make these suits a public relations nightmare for the plaintiff company as mighty Goliath attacked tiny David.

In recent Internet defamation cases, advocacy groups have worked with the John Doe defendants by assisting with their representation. They have argued that a judge should not allow subpoenas without the ISP first notifying potential defendants of the litigation. They have claimed that if a company asserts a libel claim against a "John Doe," then it should have to prove that libel actually exists before the anonymity is lost and the identity revealed. They believed that the specifics of the allegedly objectionable postings should be included in each complaint before the ISP is told to reveal the personal information.

While these groups have met with some limited success in recent suits, the primary result has been a leveling of the playing field between giant company and tiny defendant. With the experiences and clout of civil liberties and advocacy organizations behind them, the individual is no longer standing "alone on an island." No longer can the deep-pocket corporations quickly act to quash the comments of their employees without facing any negative PR repercussions of their own.

While filing lawsuits and subpoenas was once an easy way to limit online dialogue, the advocacy groups have slowed the process. At the very least, they are now forcing companies to think twice about whether an issue of defamation actually exists before moving forward.

Recent cases show the trend: AnswerThink and Aquacool_2000 - In February 2000, AnswerThink Internet Consulting Group filed a complaint in federal court in Miami against several John Does charging defamation. Later, subpoenas were issued to Yahoo and other ISPs to determine the identity of those individuals posting what the company considered to be defamatory comments. One of the individuals AnswerThink was attempting to identify went by the online name "aquacool_2000."

Over a period of several months, aquacool_2000 had posted a series of messages on the AnswerThink message board, many of which were critical of the company and the management team. Among the comments written by aquacool_2000 were: "management primarily does things that benefit them personally" and "the chief executive does not understand that his role is to maximize all shareholder wealth and not just a few." Another posting even referred to a member of the management team as an "arrested adolescent with a taste for bathroom humor."

Reacting to the subpoena, Yahoo revealed the personal contact information of aquacool_2000. He turned out to be an employee of AnswerThink, who lived in Ohio. A short time later, this individual was fired and denied a large bonus that he had been expecting. Additionally, he was stripped of numerous shares of company stock that he would have been entitled to receive in a rather short time based on a vesting schedule and his tenure with the firm. In a subsequent lawsuit against this former employee, AnswerThink charged him with defamation, breach of nondisclosure terms of his employment contract, and breach of fiduciary duties to the company.

In earlier suits involving defamation issues and the Internet, this case may very well have ended here. Having identified the individual through subpoena and terminated his employment, the company may have dropped the lawsuit. But with help of the advocacy groups providing information to these John Does and their lawyers, the Aquacool_2000 case continues with a few very interesting twists.

In May 2000, aquacool_2000 filed a suit against Yahoo in federal court in California, claiming that the company violated his constitutional and contractual rights to privacy by disclosing his personal information without first notifying him. Aquacool_2000 has also filed a counter suit in Ohio against his former employer, AnswerThink, claiming civil rights violations, invasion of privacy and breach of contract, among others.

Civil liberties groups have joined the fray, proclaiming that Yahoo had a very poor reputation of failing to adhere to its privacy policy. Further, they believe that the California constitution requires these ISPs to notify the anonymous individuals of the subpoena before turning over personal information to third parties. Such notification would give them adequate time to object and obtain counsel. Aquacool_2000 was not aware of the case until Yahoo revealed his personal contact information. By then, he had no time to respond and soon found himself without a job and what he believes to be rightfully due compensation.

Yahoo claims that its privacy policy does not require it to notify individuals before responding to subpoenas. However, in recent times, the ISP has begun to notify individuals in advance and is allowing them 15 days to comment and initiate any relevant action before turning over the information to the third party. Other ISPs like AOL and MSN have adapted similar notification policies.

Because this case is believed to be the first known suit against Yahoo for disclosing the identity and personal information of an anonymous poster, it is being closely monitored and should have wide implications for future defamation cases involving the Internet.

Hritz and Doe - Two advocacy groups have taken very active roles in another case involving defamation issues and the Internet. The Electronic Frontier Foundation and Public Citizen have teamed up with another anonymous "Jane Doe" in an attempt to protect her identity as the author of controversial postings on a message board for AK Steel, a company based in Middletown, Ohio. Among her comments, Jane Doe claimed that John Hritz, the executive vice president and general counsel of AK Steel, is very litigious. "Hritz will litigate the time of day. OOPS I will be in court."

Hritz took great exception to this posting and filed a petition for discovery that was used to obtain a subpoena to Yahoo and AOL in an attempt to identify Jane Doe. The petition claims that such comments were "disparaging, threatening and defamatory." Under Ohio law, such a petition for discovery can be filed even before a lawsuit has been initiated.

The initial subpoena was sent to Yahoo, which was unable to identify the individual but could tell that the postings came from an AOL account. AOL was then served with a subpoena of its own. Under company procedures, AOL sent a letter to the anonymous subscriber by overnight mail, informing her that her personal contact information would be disclosed within 14 days if she did not object through legal means. Once she received the letter, the individual contacted a lawyer who asked that the Electronic Frontier Foundation assist with her case.

Subsequently, these advocacy groups filed a motion to quash the subpoena that was served on AOL. In support of the motion to quash, the groups argued that the statement in question was purely opinion and, therefore, did not constitute defamation. In fact, the group pointed out, Hritz' case against Doe in of itself substantiates her claims about his being litigious.

They further assert that the fact that no lawsuit has been filed further proves that the subpoena was merely an intimidation tactic to scare other individuals into "self-censoring speech." This case is also being closely monitored to determine just how the Internet will be used as a tool for uninhibited free speech in the future.

Advocacy groups have recently attempted to have courts impose a new layer of procedural protection before the identity of an anonymous online critic can be revealed. In Melvin v. Doe, the ACLU fought on behalf on an anonymous Web site author whose site contained comments and accusations that others claimed to be defamatory. As in the above examples, the lawsuit attempted to force disclosure of the author's identity.

A Pennsylvania state court ruled that the identity of an anonymous poster should not be disclosed until that individual has had the chance to show that the suit is frivolous and without merit. The court held that the plaintiff must show that a "reasonable possibility" exists that defamation did occur and he or she could win at trial. A plaintiff cannot make an ISP reveal the identity merely by filing a claim of defamation.

Advocates believe that this case created new protections for anonymous free speech without the threat of frivolous lawsuits.

In another case, however, a very different result was reached. A Miami Dade County circuit court in Florida ruled that First Amendment grounds in of themselves are not enough to quash pending subpoenas to unmask anonymous speakers. In J. Erik Hvide v. "John Does 1-8," et al, John Hvide, chief executive of Hvide Marine Inc., claimed he had been defamed by postings on the company message board.

The ACLU asked the court to block the revelation of the poster's identity and to first examine whether or not the complaint had sufficient merit to even justify a suit. The civil liberties group argued that Hvide should be required to prove "special economic harm" before the identity would be revealed. The judge rejected these arguments, ordered the ISPs to comply with the subpoenas and identify the personal contact information.

A spokesman for the Electronic Privacy Information Center voiced disappointment with the ruling, explaining, "The ACLU is not arguing that there is an absolute right to 'anonymity' on the Internet. We need some sort of mechanism to screen out the legitimate cases from the bad ones."

Moving forward, companies can take steps to protect themselves, their management and their shareholders against defamatory comments made by anonymous speakers.

They can routinely correspond with the media and investors by issuing press releases to ensure that company information is disclosed in an accurate manner; rather than waiting for information to be heard second hand from a disgruntled employee or another outside party on a message board. They should maintain a company Web site with links to current press releases and other facts that inform their audiences about developments, both positive and negative.

They should constantly monitor chat rooms and bulletin boards in an attempt to identify any inaccurate and potentially defamatory postings. They should respond to such messages in an appropriate manner through the media, shareholders and contrasting postings of their own. When they find comments that concern them, they must consider the potential public relations consequences of litigation and should ensure that they have a solid case before proceeding with litigation.

Company management should ask itself the following questions:

  • How badly (if at all) have they been defamed by such postings?
  • How significant are the comments to the operations of the company, the individuals involved and their respective reputations?
  • Are they truly concerned about the effect of these postings or will they merely be attempting retribution once the identities have been disclosed?
  • Will such suits end these defamatory postings or perhaps cause other individuals to speak up as well?
  • What are the risks of further damages occurring if no action at all is taken?
  • Do they believe they will be victorious in court or could the suit be perceived as frivolous?
  • Has precedent been set in these specific areas in state and federal courts?
  • Are these comments truly intended to be fact or merely statements of opinion?
  • Are any of the disputed allegations perhaps true and accurate?
  • What repercussions could occur in terms of negative PR should any of the advocacy groups join the fight against them?

Only after the "defamed" companies (or individuals) have answered these questions and determined that they will be better off pursuing such an action should they be prepared to move forward with litigation.

As the Internet continues to expand, threats of litigation will also be on the rise. Initially, corporations were able to "chill" much of the anonymous speech, merely by threatening legal actions and thereby forcing disclosure of the identity of the posters.

As the advocacy groups joined the fray, individuals have been given a fighting chance to defend against such suits and no longer have to be as fearful, or feel as isolated, about expressing controversial thoughts. Defamation suits have now entered the second generation; the third generation cannot be far behind.

Jeff Elkin is a partner at Porter & Hedges, LLP, in Houston. His e-mail is jelkin@porterhedges.com

Related Professionals
Related Practices
Related Industries
Related Files
Related Links