Justia Communications Law Opinion Summaries
USA V. THOMPSON
Paige Thompson committed a significant data breach, hacking into Amazon Web Services (AWS) customers' accounts, stealing data from at least 30 entities, and causing tens of millions of dollars in damage. She also used the stolen credentials to mine cryptocurrency, further increasing the financial impact on the victims. Thompson was arrested after she revealed her activities to a cybersecurity professional, leading to an FBI investigation.The United States District Court for the Western District of Washington calculated Thompson's sentencing range under the Federal Sentencing Guidelines to be 168 to 210 months of imprisonment. However, the court granted a substantial downward variance, sentencing her to time served (approximately 100 days) and five years of probation. The court emphasized Thompson's personal history, including her transgender identity, autism, and past trauma, as significant factors in its decision.The United States Court of Appeals for the Ninth Circuit reviewed the case and found that the district court overemphasized Thompson's personal story and failed to properly weigh several of the 18 U.S.C. § 3553(a) factors. The appellate court held that the district court's findings regarding Thompson's lack of malicious intent, her remorse, and the seriousness of her actions were clearly erroneous and not supported by the record. The Ninth Circuit also noted that the district court did not adequately consider the need for general and specific deterrence or the risk of unwarranted sentencing disparities.The Ninth Circuit vacated Thompson's sentence and remanded the case for resentencing, instructing the district court to properly weigh all relevant factors and provide a more substantial justification for any variance from the Guidelines. View "USA V. THOMPSON" on Justia Law
USA V. SULLIVAN
Joseph Sullivan, the former Chief Security Officer for Uber Technologies, was convicted of obstruction of justice and misprision of a felony. The case arose from Sullivan's efforts to cover up a significant data breach at Uber while the company was under investigation by the Federal Trade Commission (FTC) for its data security practices. The breach involved hackers accessing and downloading sensitive information from Uber's servers. Sullivan and his team tracked down the hackers and had them sign a non-disclosure agreement (NDA) in exchange for a payment, recharacterizing the hack as part of Uber's Bug Bounty Program.The United States District Court for the Northern District of California presided over the trial, where a jury found Sullivan guilty. Sullivan appealed, challenging the jury instructions, the sufficiency of the evidence, and an evidentiary ruling. He argued that the district court erred in rejecting his proposed jury instructions regarding the "nexus" requirement for the obstruction charge and the "duty to disclose" instruction. He also contended that the evidence was insufficient to support his misprision conviction and that the court improperly admitted a guilty plea agreement signed by one of the hackers.The United States Court of Appeals for the Ninth Circuit reviewed the case and affirmed the district court's decisions. The court held that Ninth Circuit precedent foreclosed Sullivan's argument regarding the "nexus" instruction and that the district court did not err in rejecting it. The court also found that the omission of the "duty to disclose" instruction was proper, as the theories of liability under Section 1505 and Section 2(b) were conjunctive. The court concluded that the evidence was sufficient to support Sullivan's misprision conviction and that the district court did not abuse its discretion in admitting the hacker's guilty plea agreement. The Ninth Circuit affirmed Sullivan's conviction. View "USA V. SULLIVAN" on Justia Law
Six4Three v. Facebook
Six4Three, LLC developed an app called "Pikinis" that allowed users to search for photos of people in bathing suits on Facebook. Six4Three sued Facebook, Inc. and six individuals, alleging a "bait-and-switch" scheme where Facebook initially provided developers with access to data but later restricted it. Six4Three claimed this restriction harmed their business.The case began in April 2015, with Six4Three filing against Facebook. Facebook responded with demurrers, leading to multiple amended complaints. The trial court allowed new causes of action but not new defendants. Six4Three filed a third amended complaint and sought to add individual defendants through a writ of mandate. The trial court sustained some demurrers and granted summary adjudication on certain damages. Six4Three's fourth amended complaint included eight causes of action against Facebook. Facebook filed an anti-SLAPP motion, and the trial court initially denied it as untimely but granted the individual defendants' anti-SLAPP motion. On appeal, the denial of Facebook's motion was affirmed, but the individual defendants' motion was remanded for reconsideration.The California Court of Appeal, First Appellate District, reviewed the case. The court found that the trial court did not abuse its discretion in considering Facebook's untimely anti-SLAPP motion after granting the individual defendants' motion. The court also held that Six4Three failed to demonstrate the commercial speech exception to the anti-SLAPP statute and did not show a probability of prevailing on its claims. The court affirmed the trial court's orders granting the anti-SLAPP motions and awarding $683,417.50 in attorney fees to the defendants. The court concluded that section 230 of the Communications Decency Act barred Six4Three's non-contract claims and that Six4Three did not show a probability of prevailing on its breach of contract claim. View "Six4Three v. Facebook" on Justia Law
Gray Television, Inc. v. Federal Communications Commission
Gray Television, a broadcaster in Alaska, sought review of a final forfeiture order by the Federal Communications Commission (FCC). The FCC had imposed the maximum forfeiture penalty on Gray for violating the prohibition on owning two top-four stations in a single designated market area (DMA). Gray acquired the CBS network affiliation of KTVA-TV for its own station, KYES-TV, which resulted in Gray owning two top-four stations in the Anchorage DMA. Gray did not seek a waiver from the FCC for this transaction.The FCC issued a Notice of Apparent Liability for Forfeiture (NAL) against Gray, proposing a penalty of $518,283, the statutory maximum. Gray responded, arguing that the transaction did not violate the rule because KYES was already a top-four station according to Comscore ratings data. Gray also contended that the FCC failed to provide fair notice of its interpretation of the rule and that the enforcement action violated the First Amendment and the Communications Act.The United States Court of Appeals for the Eleventh Circuit reviewed the case. The court affirmed the FCC's determination that Gray violated the rule, finding that the FCC reasonably relied on Nielsen ratings data, which showed that KYES was not a top-four station at the time of the transaction. The court also held that the FCC's interpretation of the rule was reasonable and that Gray had fair notice of the rule's application to its transaction.However, the court vacated the forfeiture penalty and remanded for further proceedings. The court found that the FCC failed to provide adequate notice to Gray that the proposed penalty was based on a finding of egregiousness, which violated due process. Additionally, the court held that the FCC did not adequately explain its consideration of Gray's good faith in determining the penalty amount. View "Gray Television, Inc. v. Federal Communications Commission" on Justia Law
IN RE: CALIFORNIA PIZZA KITCHEN DATA BREACH LITIGATION
A cyberattack on California Pizza Kitchen, Inc. (CPK) in September 2021 compromised the personal information of over 100,000 former and current employees. This led to multiple class action lawsuits against CPK, alleging negligence and other claims. The consolidated plaintiffs reached a settlement with CPK, offering cash payments and credit monitoring services to class members, with CPK required to make payments only to those who submitted valid claims. The settlement's monetary value was estimated at around $950,000, while the attorneys sought $800,000 in fees.The United States District Court for the Central District of California approved the settlement but reserved judgment on the attorneys' fees until after the claims process concluded. The consolidated plaintiffs reported a final claims rate of 1.8%, with the maximum monetary value of the claims being around $950,000. Despite expressing concerns about the scope of attorneys' fees, the district court ultimately awarded the full $800,000 in fees and costs.The United States Court of Appeals for the Ninth Circuit reviewed the case and affirmed the district court's approval of the class settlement, finding that the district court had properly applied the heightened standard to review the settlement for collusion and had not abused its discretion in finding the settlement fair, reasonable, and adequate. However, the Ninth Circuit reversed the fee award, noting that the district court had not adequately assessed the actual value of the settlement and compared it to the fees requested. The case was remanded for the district court to determine the settlement's actual value to class members and award reasonable and proportionate attorneys' fees. View "IN RE: CALIFORNIA PIZZA KITCHEN DATA BREACH LITIGATION" on Justia Law
Wisconsin Bell, Inc. v. United States ex rel. Heath
The E-Rate program, established under the Telecommunications Act of 1996, subsidizes internet and telecommunications services for schools and libraries. The program is funded by contributions from telecommunications carriers, managed by the Universal Service Administrative Company, and regulated by the FCC. The "lowest corresponding price" rule ensures that schools and libraries are not charged more than similarly situated non-residential customers. Todd Heath, an auditor, alleged that Wisconsin Bell overcharged schools, violating this rule and leading to inflated reimbursement requests from the E-Rate program.Wisconsin Bell moved to dismiss Heath's suit, arguing that E-Rate reimbursement requests do not qualify as "claims" under the False Claims Act (FCA) because the funds come from private carriers and are managed by a private corporation, not the government. The District Court and the Seventh Circuit rejected this argument. The Seventh Circuit held that the government "provided" E-Rate funding through its regulatory role and by depositing over $100 million from the U.S. Treasury into the Fund.The Supreme Court of the United States held that E-Rate reimbursement requests are "claims" under the FCA because the government provided a portion of the money by transferring over $100 million from the Treasury into the Fund. This transfer included delinquent contributions collected by the FCC and Treasury, as well as settlements and restitution payments from the Justice Department. The Court affirmed the judgment of the Seventh Circuit and remanded the case for further proceedings. View "Wisconsin Bell, Inc. v. United States ex rel. Heath" on Justia Law
DOE V. GRINDR INC.
An underage user of the Grindr application, John Doe, filed a lawsuit against Grindr Inc. and Grindr LLC, alleging that the app facilitated his sexual exploitation by adult men. Doe claimed that Grindr's design and operation allowed him to be matched with adults despite being a minor, leading to his rape by four men, three of whom were later convicted. Doe's lawsuit included state law claims for defective design, defective manufacturing, negligence, failure to warn, and negligent misrepresentation, as well as a federal claim under the Trafficking Victims Protection Reauthorization Act (TVPRA).The United States District Court for the Central District of California dismissed Doe's claims, ruling that Section 230 of the Communications Decency Act (CDA) provided Grindr with immunity from liability for the state law claims. The court also found that Doe failed to state a plausible claim under the TVPRA, as he did not sufficiently allege that Grindr knowingly participated in or benefitted from sex trafficking.The United States Court of Appeals for the Ninth Circuit reviewed the case and affirmed the district court's dismissal. The Ninth Circuit held that Section 230 barred Doe's state law claims because they implicated Grindr's role as a publisher of third-party content. The court also agreed that Doe failed to state a plausible TVPRA claim, as he did not allege that Grindr had actual knowledge of or actively participated in sex trafficking. Consequently, Doe could not invoke the statutory exception to Section 230 immunity under the Allow States and Victims to Fight Online Sex Trafficking Act of 2018. The Ninth Circuit affirmed the district court's dismissal of Doe's claims in their entirety. View "DOE V. GRINDR INC." on Justia Law
USA v. USCC Wireless Investment, Inc.
The case involves a False Claims Act (FCA) suit alleging that U.S. Cellular and other entities committed fraud in Federal Communications Commission (FCC) wireless spectrum auctions. The alleged fraud involved using sham small businesses to obtain and retain bidding discounts worth millions of dollars. The district court dismissed the qui tam action because a previous lawsuit had raised substantially the same allegations, triggering the FCA’s public disclosure bar, and the relators bringing the action were not original sources of the information.Previously, the law firm Lampert, O’Connor & Johnston, P.C., filed a qui tam action in 2008 alleging that the same defendants conspired to register sham designated entities to obtain and hold discounted spectrum licenses for U.S. Cellular’s use. The government investigated but declined to intervene, and the law firm voluntarily dismissed the action. In 2015, Sara Leibman and Mark O’Connor filed a new complaint in federal court in Oklahoma, asserting FCA claims against the same defendants. The case was transferred to the District of Columbia, where the district court found the complaint asserted substantially the same allegations as the 2008 action, triggering the public disclosure bar, and dismissed the action.The United States Court of Appeals for the District of Columbia Circuit reviewed the case and affirmed the district court’s decision. The court held that the relators’ allegations were substantially the same as those in the 2008 qui tam action, thus triggering the FCA’s public disclosure bar. The court also found that the relators did not qualify as original sources of the information because their contributions did not materially add to the publicly disclosed allegations. Consequently, the court affirmed the dismissal of the qui tam action. View "USA v. USCC Wireless Investment, Inc." on Justia Law
Hay v. Marinkovich
The plaintiff filed a complaint against the defendant, alleging that he made and retained an unauthorized copy of her computer hard drive, which contained private and confidential data. The complaint included a claim for violation of Penal Code section 502, which prohibits unauthorized use of any computer system for an improper purpose. The plaintiff sought damages and attorney fees.In the Superior Court of San Diego County, a civil jury trial was held, and the jury found in favor of the defendant on all of the plaintiff's causes of action. The trial court entered judgment for the defendant. Subsequently, the defendant filed a motion for attorney fees and costs under section 502, subdivision (e). The trial court granted the defendant's costs but denied his request for attorney fees, concluding that section 502 does not permit an award of fees to prevailing defendants and that, even if it did, it would be unreasonable to award fees in this case because there was no evidence that the plaintiff's claim was frivolous or abusive.The defendant appealed the order to the Court of Appeal, Fourth Appellate District, Division One, State of California. The appellate court agreed with the defendant that section 502 allows the award of attorney fees to prevailing defendants. However, the court concluded that section 502 defendants may only recover attorney fees where the plaintiff's claim was objectively without foundation when brought, or the plaintiff continued to litigate after it clearly became so. The appellate court found that the trial court acted within its discretion in finding that the plaintiff's claim was not frivolous or abusive and affirmed the order denying attorney fees. View "Hay v. Marinkovich" on Justia Law
M.P. v. Meta Platforms Inc.
In June 2015, Dylann Roof shot and killed nine people at Mother Emanuel AME Church in Charleston, South Carolina, including M.P.'s father, Reverend Clementa Pinckney. M.P., a minor, filed a lawsuit against Meta Platforms, Inc. (formerly Facebook, Inc.) and its subsidiaries, alleging that Facebook's algorithm recommended harmful content that radicalized Roof, leading to the murders. M.P. asserted claims of strict products liability, negligence, and negligent infliction of emotional distress under South Carolina law, as well as a federal claim under 42 U.S.C. § 1985(3) for conspiracy to deprive her of her civil rights.The United States District Court for the District of South Carolina dismissed M.P.'s complaint under Federal Rule of Civil Procedure 12(b)(6), concluding that Section 230 of the Communications Decency Act barred her state law tort claims. The court also found that M.P. failed to plausibly allege a claim under 42 U.S.C. § 1985(3).The United States Court of Appeals for the Fourth Circuit reviewed the case and affirmed the district court's decision. The appellate court held that M.P.'s state law tort claims were barred by Section 230 because they sought to hold Facebook liable as a publisher of third-party content. The court also determined that M.P. failed to plausibly allege proximate causation under South Carolina law, as her complaint did not provide sufficient factual foundation linking Roof's Facebook use to his crimes. Additionally, the court found that M.P. forfeited her challenge to the dismissal of her Section 1985 claim by not adequately addressing it in her appellate brief. The court also concluded that any potential claim under 42 U.S.C. § 1986 was barred by the one-year statute of limitations. Thus, the Fourth Circuit affirmed the district court's judgment granting Facebook's motion to dismiss. View "M.P. v. Meta Platforms Inc." on Justia Law