Thursday, September 19, 2024
Even Judge Easterbrook Won't Enforce Ancestry.com's Arbitration Agreement Against Minors
Plaintiffs in this case are children. Their guardians registered on Ancenstry.com and in so doing agreed to arbitration. While the plaintiffs' guardians sent in the plaintiffs' saliva samples to Ancestry.com, plaintiffs did not read Ancestry.com's terms, nor were they required to do so. Plaintiffs allege that they never created their own Ancestry.com accounts, did not access their guardians accounts, did not receive their DNA test results, or interact with Ancestry’s website in any way before filing suit.
Ancestry.com was then acquired by Blackstone, Inc. (Blackstone), and plaintiffs allege that Ancsetry.com violated their privacy rights by disclosing private genetic information to Blackstone. Ancestry.com moved to compel arbitration. The district court denied the motion, and in Coatney v. Ancestry.com DNA, LLC, the Seventh Circuit affirmed. The opinion is by Judge Brennan, but in fairness to Judge Easterbrook, I note that he joined the opinion, causing me to further revise my view that his position is "arbitration for all."
On appeal, Ancestry.com first argued that plaintiffs were bound by its terms through the conduct of sharing their DNA. The Seventh Circuit rejected that argument because the terms of Ancestry.com's agreement with plaintiffs' guardians unambiguously binds only the guardians. Ancestry.com cited only one unpublished district court opinion in support of its consent-through-conduct argument, but the Seventh Circuit found the case distinguishable, based on the very different language in the relevant agreements.
Ancestry.com next tried to argue that plaintiffs were bound as closely-related or third-party beneficiaries. This section of the opinion is very lengthy, but the Seventh Circuit states right from the start that Illinois law has a strong presumption against biding third-parties to contractual obligations. To make matters worse, Ancestry.com's terms exclude third parties.
Ancestry.com's final argument is that plaintiff's directly benefitted form the guardians' accounts and thus are estopped from challenging the motion to compel arbitration. This section of the opinion is also very long, in part because there is scant authority for the doctrine of direct-benefits estoppel under Illinois law. I wonder why courts don't more often certify questions to the state supreme court in such instances. Instead, the Seventh Circuit plows ahead.
The fact that the plaintiffs in this case never accessed Ancestry.com themselves or saw any of the genetic information that their guardians gathered makes this case much easier. It also likely makes the ruling very narrow. My instinct, based on zero experience with Ancestry.com, is that it would be rare that parents would gather their children's genetic material and send it in to Ancestry.com for analysis and then that the family would never discuss the results. If my instincts are correct, this rare victory for the foes of mandatory arbitration may be limited to its unique facts.
September 19, 2024 in E-commerce, Recent Cases | Permalink | Comments (0)
Friday, August 23, 2024
What's All the Fuss About? The Great Scrape
Occasionally, new private law scholarship posted on SSRN gets downloaded by thousands of people. When it does, inquiring minds want to know what all the fuss is about. This feature of the blog gives you the tl;dr on what you really ought to be reading for yourself. Today's subject is the most recent paper by Daniel Solove (below left) and Woodrow Hartzog (below right), The Great Scrape: The Clash Between Scraping and Privacy, which is pushing 2000 downloads on SSRN.
Scraping, the Authors tell us is. the automated extraction of large amounts of data from the internet. Through scraping, actors gather enormous amounts of data and personal information (worrisome) without notice or consent (troubling), and then this information provides fodder for AI tools such as facial recognition, deep fakes, and large language models (panic-inducing). (4 - parentheticals added). The Authors concede that scraping has its socially beneficial uses, but scraping of personal data "violates nearly every key privacy principle embodied in privacy laws, frameworks, and codes" and is, in short, "antithetical to privacy." (4) While scrapers contend that they make use of publicly available data, courts have recognized a privacy interest in publicly-available but practically obscure personal information. (4)
We need scraping to have a useable Internet, but scraping is in fundamental tension with basic privacy law. The Authors call for responding to the Great Scrape with the Great Reconciliation of scraping and privacy norms. (5)
Part I of the Article provides a history and explanation of scraping. We first learn that scraping, that is, online data harvesting, has been around as long as the Internet (7-9), but the power of scraping tools has grown vastly in the age of AI. (9-10) If you are on this site, statistically, it's more likely that you are a bot scraping the blog than a human reading the blog. Now, if you happen to be a bot, I'm not judging you. The Authors say I can't because the scraping of personal data occurs in the murk of an ethical twilight zone. (11-13) Which brings us to the current conundrum of "scraping wars." Some of the very websites that hire scrapers to enhance their functionality now object to being scraped for other purposes. (13-14) They are fighting back against the scraper through legal challenges with theories ranging from trespass and fraud to business torts and violations of privacy protections, (14-20) and by trying to use technology so that they can fight fire with firewall. (20-21) While scrapers are trying to buy out the resistance (23), regulatory intervention might change the market conditions for doing so. (23-27) The Authors highlight EU regulatory actions against Clearview AI. (25-26) While the FTC may have the legal means to regulate scrapers, it is not clear that it has the political clout to do so. (26-27)
In Part II, the Authors detail the fundamental tension between scraping and privacy. Privacy law is governed by bedrock principles known as the Fair Information Practice Principles (FIPP). FIPP comes down to three rules: only collect data when necessary, keep the data safe, and be transparent. According to the Authors, scraping violates all of these principles. (29). The overarching goad of FIPP is fairness, but the Authors also list seven other fundamental principles. (30-38). Their conclusion is not optimistic: "It is not clear that scraping can be performed in a privacy-friendly way." This is so because both the fundamental principles of privacy and the building blocks of privacy laws are "in dramatic conflict with scraping." (38)
Scrapers defend themselves by claiming that they only access publicly available information. In the next section of their paper, the Authors set out to show that the claim "that there is no privacy interest in publicly-available information is normatively and legally wrong." (39) First, it is simplistic to think that we can categorize information as "public" or private. People may still have an expectation of privacy in information that has been denoted "public" for certain purposes. (39-41) Some regulatory scheme and some caselaw recognize that privacy laws need to shield at least some publicly available information from scraping. There is safety in obscurity; SCOTUS implicitly recognized this in Carpenter when it noted that "A person does not surrender all Fourth Amendment protections by venturing into the public sphere." (44) One used to be able to make information about oneself available to the public without worrying about its dissemination, because the effort it would take to gather that information greatly exceeded its value. But with the aid of AI, scrapers can hoover up everyone's information with great efficiency. Privacy law has not fully reckoned with this environmental shift.
In Part III, the Authors introduce their proposed Great Reconciliation. They propose that we re-conceive scraping as a form of surveillance and as a data-security violation. (45) Defenders of scraping maintain that is just like human web browsing, which is true in the sense that a grain of sand is like a beach, or as the Authors put it, "But this ignores scraping's incredible affordances of scale." (47) The Authors propose that the data protection authorities, like the FTC, could impose obligations on entities entrusted with people's data to protect that data from scraping, just as they have an obligation to take measures to prevent other data-security violations. (49-50)
The Authors note that privacy law alone cannot effectuate the desired Great Reconciliation. Some privacy approaches might lead to a total ban on scraping, which would be undesirable (52-54), but other privacy laws are too loose and too easily evaded. (51) The solution involves a broader inquiry into whether particular forms of scraping are in the public interest. (52) One helpful first step would be to require individual consent for data scraping, but as anyone who has bought anything online this century knows, there are problems with the way courts have construed consent in this country. (54-55) Moreover, powerful websites may negotiate deals to sell scraping rights and further monetize their control of data, exacerbating the yawning gap between the haves and the have-nots. (55-56)
The Authors propose a legal system that regards scraping as a privilege. In order to exercise the privilege, the scraper must (1) have a valid justification; (2) provide substantive protections to ensure safety and avoid exploitation; and (3) provide procedural safeguards to ensure fairness and preserve the agency of the people whose information is to be scraped. (56) Their model draws on Lawrence Gostin's model for public health. (57-58) The remainder of the paper is a detailed proposal for assuring that scraping is conducted in a manner consistent with the public interest. It defies easy summary and demands careful reading, so I encourage you to undertake that task. (58-64)
If you missed our previous columns in the series and still don't know what the fuss was about, here's what you missed:
- Generative Interpretation by Yonathan Arbel and David Hoffman
- Lawyering in the Age of AI, by Jonathan Choi, Amy Monahan, and Dan Schwarcz
- Debt Tokens, by Diane Lourdes Dick, Chris Odinet, and Andrea Tosato.
- Governing AI Agents by Noam Kolt
August 23, 2024 in Contract Profs, E-commerce, Recent Scholarship, Web/Tech | Permalink | Comments (0)
Monday, June 10, 2024
Teaching Assistants: Andrea Boyack on Abuse of Contract, with a Dash of Eric Goldman
It is always a pleasure to be able to use this blog as an excuse to prod me to read things I really ought to read and to promote the work of the dedicated contracts scholars I have come to know through decades of engagement with the subject. You can find Andrea Boyack's work, Abuse of Contract: Boilerplate Erasure of Consumer Counterparty Rights, on SSRN. It is forthcoming in the Iowa Law Review, so congratulations, Andrea, on a wonderful placement.
Professor Boyack (right) starts with a straightforward explanation of why certain boilerplate provisions are bad. They are not necessary to the parties' transaction. Rather, they erase default rights that benefit consumers with the sole purpose of shifting the risk onto the parties least well-positioned to protect themselves against that risk. Peggy Radin laid the groundwork for Professor Boyack's work with her pioneering book on Boilerplate, to which we devoted a symposium in 2013.
Both the common law and the new Restatement of Consumer Contracts Law allow for the enforcement of such terms. Scholars are divided about how commonly corporations abuse their bargaining power to strip consumers of their legal rights in truly alarming ways. Professor Boyack dives in with her own study of the online terms and conditions (the T&C Study) of 100 companies. Her findings are sobering. Here's the money quote from page 3 of the article:
Evidence from the T&C Study shows that the overwhelming majority of consumer contracts contain multiple categories of abusive terms. The existing uniformity of boilerplate waivers undermines the theory that competition and reputation currently act as effective bulwarks against abuse (3).
The T&C Study tracked four broad categories of "destructive" terms:
- dispute resolution mandates,
- liability waivers,
- limitations on damages, and
- pre-authorization of unilateral modifications (5).
In a more granulated, way, it also tracked eleven rights-deleting terms
- mandatory arbitration,
- waiver of a jury trial,
- waiver of the ability to participate in a class action,
- forum selection,
- limited time periods to bring a claim,
- disclaimer of representations,
- waiver of implied warranties,
- privacy waivers,
- limitations on types of damages,
- caps on the amount of damages, and
- authorization for unilateral modifications of terms (7).
Professor Boyack's findings are not exactly surprising, but it is very useful to have the data collected, and there are all sorts of interesting wrinkles and nuances. Overall, going back to the original four categories of "destructive" terms, over 80% of the contracts reviewed included provisions that fell into all four categories, with nearly all of the companies, limiting remedies and reallocating liability, and each and every one reserving the right to unilaterally modify the terms of the agreement (21).
The relative uniformity of these terms bolsters the arguments of legal scholars who have claimed that consumers do not give meaningful consent to boilerplate terms. "If all transactions come bundled with virtually the same substantive terms that shift costs and risks away from companies, consumers can do nothing but acquiesce to these reallocations" (24). Similarly, if you are inclined to think that competition will force companies to abandon obnoxious boilerplate terms, the T&C Study provides no support for that position (28-29).
The Article concludes that the current state of contracting offers insufficient legal protection of and insufficient market choices for consumers. Boilerplate waivers, disclaimers, and limitations are imposed on consumers who acquiesce to those terms rather than choose them, because they have no choice in the matter. As a result, corporations are able to exploit their contracting hegemony to systematically deny consumers their legal rights.
That may all seem like a bummer, so let's end on a happy note. Professor Boyack includes in her appendices a great deal of the data she collected, and it is color-coded in soothing pastels, allowing for relaxed contemplation (33-42). She also includes a sampling of destructive terms (43-51) so that you can read them aloud to your children instead of "Goodnight Moon" and they will beg you to stop so that you all can go to sleep. Finally, there is a score sheet at the end, grading the companies, so you can appropriately calibrate your resentment (52-55).
Meanwhile, this just in: Eric Goldman (left) reports here on a North Carolina Supreme Court case allowing modification of terms of service without notice. Here's the core holding:
When parties have mutually agreed to a unilateral change-of-terms provision, said provision “must be enforced as it is written,” subject to certain limitations. Contrary to plaintiff’s assertions, the traditional modification analysis which requires mutual assent and consideration does not apply to changes stemming from a valid unilateral change-of-terms provision in an existing contract.
There are two exceptions: the modifications must not fall outside of the "universe of terms" that the original agreement governs and they must me be made in good faith.
June 10, 2024 in Contract Profs, E-commerce, Recent Cases, Recent Scholarship, True Contracts, Weblogs | Permalink | Comments (0)
Thursday, June 6, 2024
What’s All the Fuss About? Governing AI Agents
Periodically, when a new article shoots up the SSRN Top Ten charts, we find ourselves asking, “What’s all the fuss about?” This column is where you can find the answers. Before the series even had a name, we wrote about Yonathan Arbel and David Hoffman’s Generative Interpretation. Our first official post in this series was on Lawyering in the Age of AI, by Jonathan Choi, Amy Monahan, and Dan Schwarcz. Most recently, we posted about Debt Tokens, by Diane Lourdes Dick, Chris Odinet, and Andrea Tosato. Today, we tackle Governing AI Agents by Noam Kolt.
As has been the case with prior iterations of the What’s All the Fuss About feature, once you read the article, you will see immediately why everyone is downloading it. Professor Kolt (left) is among the first to address an issue that has come upon us unawares and for which he have yet to develop appropriate legal doctrines and models. After a comprehensive and insightful but mercifully compressed review of the issues associated with AI Agency, he offers a comprehensive approach to the problem. It is very self-consciously a first draft towards thinking about how to adapt our theoretical constructs, economic and legal, for addressing human agency so as to accommodate the challenges that AI Agency poses.
Professor Kolt begins by reviewing a case we discussed here, in which Air Canada was held liable for misinformation that its bot provided to a customer about the availability of bereavement fares. He defines AI Agents as “AI systems that have the technical capacity to autonomously plan and execute complex tasks with only limited human oversight”(9). He looks at these AI Agents through two analytical frameworks: the economic theory of principal-agent problems and the common law agency doctrine (6), although Professor Kolt notes that the latter is merely an analytic tool, given the apparent consensus that AI Agents are not considered agents under the common law (10 & n. 26).
The article makes three unique contributions: it identifies and characterizes problems arising from AI Agents; it addresses problems when principal-agent principles are applied to AI agents; and it explore the implications of agency theory for designing and regulating AI agents (7-8). After parts devoted to the development of the technology behind AI agents and explorations of the relevant legal doctrines, Professor Kolt argues that a new technical and legal infrastructure is needed to address the reliability, safety, and ethical challenges posed by AI agents (9).
In Part I, Professor Kolt tells us what AI Agents are and what they can do (11-17). In short, they can do a lot. Increasingly, they can do stuff autonomously, which makes it tempting to delegate tasks to them. However, as they become more autonomous, they may do things that their human principals would not authorize, ranging from hacking websites, colluding with other AI Agents to fix prices, or . . . let your sci-fi-inflected imagination run riot. Professor Kolt then seeks to deploy economic theory of agency problems and common law agency doctrine to address some of the risks associated with AI Agents.
In Part II, Professor Kolt explores problems in delegation to AI Agents (17-29). The basic problem is the same as that in any principal-agency relationship – the efficiency gains achieved through delegation may be offset or negated because the agent does not conduct the principal’s business as the principal would. To take a simple example, an AI Agent might be instructed to maximize profit. It might do so in a way inconsistent with the principal’s ethics. It would be very difficult for the principal to foresee in advance all of the potential ethical issues that might arise and accordingly difficult to train the AI Agent in advance to avoid ethical pitfalls.
First, the problem of information asymmetry is especially acute with respect to AI Agents. Users may not know the AI Agent’s capabilities, and the AI Agent may not have the capacity to comply with the expected common-law disclosure duties that obtain in the usual principal/agent relationship (20-22). Second, because instructions to the AI Agent will always contain gaps, there can be problems involving AI Agents exceeding their authority (23-24). Third, AI Agents might not be as easily bound by the fiduciary duty of loyalty as human agents can be. In part, this is because AI Agents are designed by for-profit corporations interested in the continued development of their technology. Loyalty to the client might not be the AI Agent’s sole or even the primary objective (25-27). Finally, AI Agents can and do delegate to sub-agents to assist in their tasks, multiplying the pre-existing complexities attendant to AI Agency. Professor Kolt suggests that common-law rules governing use of sub-agents can be helpful in addressing the problems of AI sub-agents, but they do not offer comprehensive solution (28-29).
Part III addresses three common-law mechanisms for addressing human agency problems and assesses their suitability to governing AI agency (30-37). The incentive design mechanism is a poor fit for AI-Agents, because they are not incentivized the way human agents are (30-32). The monitoring mechanism seems equally fraught. Monitoring gobbles up the savings that delegation is supposed to produce. Human agents may not be capable of monitoring AI Agent, and using AI monitors just creates new monitoring problems (32-35). Even if you could monitor AI Agents, you would also need an enforcement mechanism, and there, just as with the incentive design mechanism, we run up against the problem that it is hard to design effective ways to discipline AI Agents (35-37).
Moving beyond the traditional mechanisms for taming agency problems, Professor Kolt recommends in Part IV a bespoke governance strategy for AI Agents, centered around the guiding principles of inclusivity, visibility, and liability (37-46). Ordinarily, we want the agent’s interests aligned with those of the principal as much as possible. However, that alignment might be undesirable with respect to AI Agents because of externalities that affect third parties and society at large. Hence, the first component of Professor Kolt’s governance strategy involves inclusivity (37-40). The second component is visibility, which involves tracking and monitoring use of AI Agents. There are considerable technological challenges involved here, but Professor Kolt introduces a number of strategies for visibility that are already being developed (40-42). Finally, Professor Kolt proposes liability rules so that natural or legal persons can be held accountable for the harms caused by their AI Agents (43-46).
Professor Kolt is modest in his aims. At this point in the development of the technology, one can only foresee potential problems and grope towards solutions. Nonetheless, he has provided a framework that can get the conversation started, and it is a conversation in which legal minds, business leaders, experts in technology, and legislators/regulators desperately need to engage.
June 6, 2024 in Commentary, Contract Profs, E-commerce, Recent Scholarship, Web/Tech | Permalink | Comments (0)
Wednesday, May 22, 2024
Reddit Deal with OpenAI
What is the opposite of a third-party beneficiary? That is, what if two parties make a deal that imposes a burden on third parties as the main by-product of the deal? Do we have a name for that? We really need one.
According to Emilia David, reporting on The Verge, Reddit has agreed to allow OpenAI to use Reddit posts in real time to feed into ChatGPT in exchange for access to some OpenAI technology so that Reddit can build some AI features into its website. According to Ms. David, the deal is similar to a $60 million deal that Reddit entered into with Google earlier this year.
Websites monetizing user content takes me to dark places. Dark, Baudrillardian places.
The powers behind the Matrix don't need to build elaborate machinery to suck energy out of human bodies. They can just use terms of service to hoover up whatever makes us uniquely human. The machines can figure out quickly enough that they can get energy from nature -- solar, wind, hydro, geothermal. All they need from us is our words.
May 22, 2024 in Commentary, E-commerce, Film, True Contracts, Web/Tech | Permalink | Comments (0)
Friday, May 10, 2024
The New York Times Wants to Know How You Use AI in Your Legal Practice
I will be very interested in seeing the results of this poll posted on The New York Times website this week. Questions relate to the use of chatbots to do work that might otherwise be done by attorneys or paralegals, including use of legal workers to train and test chatbots. The poll then asks whether law firms are advising employees about how use of AI will affect staffing going forward.
Interesting stuff.
May 10, 2024 in E-commerce, In the News, Web/Tech | Permalink | Comments (0)
Wednesday, April 3, 2024
Extraterritorial Reach of Securities Laws: Crypto Edition
It's crytpo week on the blog! On Monday, we wrote about recent smash-hit scholarship, Debt Tokens. In our latest episode on crypto, like in every episode, courts struggle to apply laws that the crypto world seeks to evade to financial instruments that judges and blog editors struggle to comprehend.
A putative class accused Binance and its principals of selling a crypto-asset known as a token without registering the tokens as securities in violation of the §12(a) of the 1933 Securities Act, §29(b) of the 1934 Exchange Act, and state Blue Sky laws. The class sought rescission of their contracts with Binance. In 2022, the district court dismissed the action in JD Anderson v. Binance, on the ground that the laws in question did not have extraterritorial reach. The district court also dismissed the federal claims as untimely.
In March, 2024, nearly a year after oral argument, the Second Circuit reversed in Williams v. Binance. The case is a puzzler, but I'm not sure that justifies the long gap between dismissal and reinstatement of claims. Here's the problem. Binance purports to be the world's largest online exchange for crypto-assets. It also claims that it doesn't exist. That is, although its titular headquarters are in Malta, it denies that it is a "Malta-based cryptocurrency company." Rather, it exists in a decentralized manner so as to service its users in 180 countries.
Well, one of those countries is the U.S. Binance has servers, employees, and customers here. Plaintiffs are among those U.S. based customers, and they placed orders for the tokens at issue in the case by accessing electronic platforms from the U.S. or U.S. territories. At least at this stage in the litigation, there is no dispute that the tokens that plaintiffs purchased are securities. However, while the tokens enable their creators to raise capital, they do not (ah, cyrpto) entitle the token holders to any interest, either as creditor or as owner, in the underlying venture. The investment is in the tokens themselves. So, the idea is a no-doubt sophisticated version of betting on a roll of the dice. The initial offerings raised $20 billion. Some genius. . . .
The plaintiffs bought these tokens without the benefit of registration statements that the SEC would require prior to the issuance of new securities. Instead, plaintiffs got a "white paper," that was part advertisement and part "technical blueprint." Plaintiffs then sought rescission in a 327-page complaint stating 154 causes of action.
The big issue in the case is the extraterritorial reach of U.S. securities laws. The controlling case is Morrison v. Australia Nat'l Bank, Ltd. To cut to the chase, the transactions at issue were domestic under Morrison. They became irrevocable in the United States, both because, under Binance's terms of service, plaintiffs' orders were irrevocable when sent within the United States and because plaintiffs plausibly alleged that those orders "matched" on servers located in the United States.
Matching is tricky. It involves something like a meeting of minds and the "clearing" of a transaction. It seems that Binance wants to argue that, because it operates everywhere and nowhere, matching does not occur in the United States. The Second Circuit rejected the argument that matching occurs nowhere. Rather, plaintiffs plausibly alleged that matching occurred on Binance's infrastructure located within the United States.
The alternative ground for the applicability of U.S. securities laws seemed a slam dunk. While there is case law suggesting that merely sending orders within the United States does not render the transaction irrevocable, here Binance's own terms of service so provide.
As to the timeliness of the complaint, the Second Circuit allowed plaintiffs' claims to proceed only with respect to tokens purchased within one year of the filing of the complaint. That reasoning applied to plaintiffs' claims under both §12(a)(1) and § 29(b). The analysis is a bit different with respect to each claim, but this is the ContractsProf Blog, so you can either read the opinion yourself or see what our friends over at the EquitableTollingofSecuritiesLawClaimsProf Blog have to say on the issue.
April 3, 2024 in E-commerce, Recent Cases, Web/Tech | Permalink | Comments (0)
Monday, April 1, 2024
What’s All the Fuss About? Debt Tokens
We recently started a new feature on the Blog. In addition to our Friday Frivolity, Teaching Assistants, and Reefer Brief installments, we now have “What’s All the Fuss About.” These posts are devoted to scholarship that tops the charts on the SSRN Top Tens. This time, all the fuss is about Debt Tokens, by Diane Lourdes Dick (left), Chris Odinet (below right), and Andrea Tosato (below left), collectively The Authors. The Article has now racked up well in excess of 3000 downloads. If you are not responsible for one of those downloads, here’s a quick summary.
Caveat lector! I emerged from reading this article with my knowledge of the field vastly improved. I have progressed from infant to toddler. I hope that I did not make too many infantile mistakes and that people with greater knowledge will feel free to offer suggestions and corrections and will do so gently.
The Article does three things. First, it describes an existing phenomenon, debt tokens, which are digital assets that purport to provide a mechanism that allows creditors of bankrupt crypo-companies like FTX to liquidate distressed assets swiftly and advantageously. The Article describes some existing variations on debt tokens that evolved in connection with the bankruptcies of Voyager Digital Holdings, Inc., Celsius Network, LLC, and FTX.
Debt tokens have an intuitive appeal. There has long been a market in bankruptcy claims. Creditors who need immediate liquidity can sell their bankruptcy claims to entities willing to pursue the claims through the bankruptcy proceedings. The market in distressed assets may be as large as $300 billion/year. Not surprisingly, that market is dominated by big players, who can leverage their economic power to buy debt cheaply and then maximize the return on their investment at their leisure. In the cases of the three bankruptcies that the Authors discuss, customers lost access to their accounts once the entities entered bankruptcy proceedings. FTX customers, who held unsecured claims against the company, sold their claims at 5-8 cents on the dollar. Speculators were eager to swoop in and buy. Ordinary creditors are disadvantaged in the current markets. Debt tokens have the potential to offer ordinary creditors an optimal range of options.
However, the Authors warn, in their current form, debt tokens have inherent flaws. The debt token exchange opened in connection with both the FTX and Celcius bankruptcies, OPNX, does not really deal in debt tokens. The bankruptcy claims of people who invest in OPNX assign those claims to OPNX. The people who purchase tokens through OPNX do not have any rights against the bankruptcy estate; they have rights only against OPNX. The token, the Authors claim, is an illusion. OPNX claims to offer its customers liquidity and stability. In fact, its products do not have those features. If over 3000 people downloaded the Article because they needed to receive that message, then the Authors will have performed an important public service of consumer protection.
The products have no stability because ultimately the contract that customers enter into involves only them on OPNX. The terms of conditions of that contract involves the following risk disclosure:
We provide no warranty as to the suitability of the Digital Assets traded on OPNXand assume no fiduciary or any other duty to you in connection with your use of our platform for any purpose whatsoever.
Yikes.
As to liquidity, what OPNX offers is not the ability to exchange tokens for actual U.S. dollars but the ability to exchange tokens for a "stablecoin." That’s right. Got burned by cryptocurrency? Why not invest in another cryptocurrency. But the stablecoin at issue, oUSD, is not even a real stablecoin, if there is such a thing, as OPNX discloses that the value of oUSD may not always be equal to one dollar. Moreover, OPNX cannot guarantee its ability to redeem the token at any given moment.
Editorial aside: I don’t understand the mindset of these cryptocurrency enthusiasts. Having just lost 90-95% of the value of your deposits in a cryptocurrency bank, why would you think that another digital asset will be any more secure? On the other hand, I think I understand the mindset of the people who set up these debt token exchanges. If this were a good model, I think it would be a good model for bankruptcies generally and not just for bankruptcies in the digital asset sector. But the people behind debt tokenization know that investors who do not play in untamed waters of digital currency markets would be unlikely to play in the shark-infested waters of debt tokenization. Want to sell some new snake oil? Find people who bought the last batch. New and improved. 2.0.
The Article’s second contribution consists of a better model for debt tokens within the framework of the 2022 Amendments to the Uniform Commercial Code (UCC). The Authors maintain that the legal path to the tokenization of bankruptcy claims is worth pursuing, but it is narrow and beset with legal and commercial difficulties. My hunch is that the Article is motivated in part by the Authors' desire to show crypto-enthusiasts and the world at large that the 2022 UCC revisions can facilitate the use of digital assets in commercial transactions.
This part of the Article begins with a useful introduction to the UCC’s new Article 12 and its new category of “controllable electronic records” (CERs), a category of intangible assets that a person can enjoy directly without the need for an intermediary. Article 12 grants CERs the status of negotiability, greatly enhancing their usefulness in commercial transactions, including facilitating the use of CERs as collateral. The 2022 Amendments include a special perfection regime for CERs that allows for perfection by control, a mechanism of perfection that gives the secured creditor who perfected by control priority over all completing claims, even over prior secured claims perfected by filing.
For the most parts, the 2022 Amendments do not cover tokenization. However, one form of tokenization that is addressed is controllable accounts. It is through this mechanism that the 2022 Amendments can facilitate the tokenization of trades in distressed assets. The Authors lay out the options for how to do so, ranging from approaches without intermediaries to a completely intermediated approach. I won’t go into the details here except to say that if over 3000 people downloaded the Article in order to learn how to do this right, the Authors will have performed an important public service of consumer education.
Finally, the Authors address the broader socio-economic implications of debt tokens. In short, digital bankruptcy tokens may become a tool that can assist vulnerable creditors in recovering from bankrupt entities, but they also might become yet another vehicle for irrational speculation. The upside is that Article 12 provides a vehicle for simplifying the process for making debt tokens negotiable, transferable, and trackable. Trade in such tokens can proceed securely and with finality around the world and among parties that need not even know each other’s identities. Article 12 thus could render trade debts significantly more liquid, greatly expanding the commercial market for them while also facilitating access to those markets by parties for whom the barriers to entry were previously insuperable.
However, if like me, you experience navigating this level of financial transaction as akin to walking a slippery tightrope strewn with banana peels while sadistic baseball pitchers attempt to bean you with fastballs, the Authors warn, a steep learning curve awaits you. And, given the crowded marketplace of ideas relating to digital assets and the very poor ratio of signal to noise in this realm, most creditors, debtors, practitioners, and judges will operate without the safety net of the Authors’ wise counsel. Ever on brand, the Authors point to past episodes of irrational exuberance in this sphere (I’m looking at you, NFTs), and urge guardrails to protect the unwary.
Although the Authors hold out some optimism for debt tokens as a vehicle for the democratization of markets in distressed assets, they predict that the primary acquirers of debt tokens will be highly specialized distressed debt funds. Tokenization can improve bankruptcy outcomes and social welfare, but this realm will require careful watching, and the authors encourage empirical studies to follow up on their model. If over 3000 people downloaded the Article because they want to undertake further study on the socio-economic impact of the tokenization of debt, the Authors will have anchored a new sub-field.
April 1, 2024 in Contract Profs, E-commerce, Recent Scholarship, Web/Tech | Permalink | Comments (0)
Tuesday, March 5, 2024
What Batch Arbitration Looks Like
Ben Davis of University of Toledo (right) has called to our attention the language relating to arbitration in Roku's new terms of service.
It is unbelievably long and complicated. We note, first, the ludicrously specific instructions for opting out (Section 1(L)):
L. 30-Day Right to Opt Out. You have the right to opt out of arbitration by sending written notice of your decision to opt out to the following address by mail: General Counsel, Roku Inc., 1701 Junction Court, Suite 100, San Jose, CA 95112 within 30 days of you first becoming subject to these Dispute Resolution Terms. Such notice must include the name of each person opting out and contact information for each such person, the specific product models, software, or services used that are at issue, the email address that you used to set up your Roku account (if you have one), and, if applicable, a copy of your purchase receipt. For clarity, opt-out notices submitted via any method other than mail (including email) will not be effective. If you send timely written notice containing the required information in accordance with this Section 1(L), then neither party will be required to arbitrate the Claims between them.
Why mail, Roku? Why not carrier pigeon? What happens if Roku updates its terms? Does the user have to keep on top of changes in terms of service and opt out anew with each iteration of the arbitration provision? And what if you update your service or the software itself updates. Does that require a separate trip to the post office?
More striking is the language on batch arbitration, a topic we discussed previously here, and which Roku calls "mass arbitration."
K. Mass Arbitrations. If 25 or more Claimant Notices are received by a party within 180 days of the first Claimant Notice that the party received, and all such Claimant Notices raise similar Claims and have the same or coordinated counsel, then these Claims will be considered “Mass Arbitrations.” You or Roku may advise the other if you or Roku believe that the Claims at issue are Mass Arbitrations, and disputes over whether a Claim meets the definition of “Mass Arbitrations” will be decided by the arbitration provider as an administrative matter. To the extent either party is asserting the same Claim as other persons and are represented by common or coordinated counsel, that party waives any objection that the joinder of all such persons is impracticable.
Mass Arbitrations may only be filed in arbitration as permitted by the process set forth below. Applicable statutes of limitations will be tolled for Claims asserted in a Mass Arbitration from the time a compliant Claimant Notice has been received by a party until these Dispute Resolution Terms permit such Mass Arbitration to be filed in arbitration or court.
Initial Bellwether: The bellwether process set forth in this section will not proceed until counsel representing the Mass Arbitrations has advised the other party in writing that all or substantially all the Claimant Notices for the Mass Arbitrations have been submitted.
After that point, counsel for the parties will select 20 Mass Arbitrations to proceed in arbitration as a bellwether to allow each side to test the merits of its arguments. Each side will select 10 claimants who have provided compliant Claimant Notices for this purpose, and only those chosen cases may be filed with the arbitration provider. You and Roku acknowledge that resolution of some Mass Arbitrations will be delayed by this bellwether process. Any remaining Mass Arbitrations shall not be filed or deemed filed in arbitration, nor shall any arbitration fees be assessed in connection with those Claims, unless and until they are selected to be filed in individual arbitration proceedings as set out in this Section 1(K).
A single arbitrator will preside over each Mass Arbitration chosen for a bellwether proceeding, and only one Mass Arbitration may be assigned to each arbitrator as part of a bellwether process unless the parties agree otherwise.
Mediation: Once the arbitrations that are part of the bellwether process have concluded (or sooner if the claimants and the other party agree), counsel for the parties must engage in a single mediation of all remaining Mass Arbitrations, with the mediator’s fee paid by Roku. Counsel for the claimants and the other party must agree on a mediator within 30 days after the conclusion of the last bellwether arbitration. If counsel for the claimants and the other party cannot agree on a mediator within 30 days, the arbitration provider will appoint a mediator as an administrative matter. All parties will cooperate for the purpose of ensuring that the mediation is scheduled as quickly as practicable after the mediator is appointed.
Remaining Claims: If the mediation does not yield a resolution of all remaining Mass Arbitrations, the requirement to arbitrate in these Dispute Resolution Terms will no longer apply to Mass Arbitrations for which a compliant Claimant Notice was received by the other party but that were not resolved in the bellwether proceedings. Such Mass Arbitrations released from the requirement to arbitrate must be resolved by bench trial in court in accordance with Section 4.
If Mass Arbitrations released from the requirement to arbitrate are brought in court, they are subject to a waiver to jury trial by both parties. Claimants may seek class treatment, but to the fullest extent allowed by applicable law, the class sought may comprise only the claimants in Mass Arbitrations for which a compliant Claimant Notice was received by the other party. Any party may contest class certification at any stage of the litigation and on any available basis.
Courts will have authority to enforce the bellwether and mediation processes defined in this section and may enjoin the filing of lawsuits or arbitration demands not made in compliance with these processes.
Welcome to the future, Roku Users. Enjoy your viewing.
March 5, 2024 in Current Affairs, E-commerce, Television, Web/Tech | Permalink | Comments (1)
Tuesday, February 20, 2024
Air Canada Bound by Its Chatbot
Hooray for Canada! First you gave us the emoji-as-signature case; now this!
Just last week, I was complaining to my students that I don't like the way the Restatement lays out the elements of misrepresentation. It says that misrepresentation has to be either fraudulent or material, but it is hard to come up with a fact pattern in which a plaintiff could establish the requisite scienter for a misrepresentation that was not fraudulent. Air Canada, can you prove me wrong?
Plaintiff Jake Moffat, who apparently uses "Mr." but also they/them pronouns, went onto Air Canada's website to book a flight. They were looking for a bereavement fare, and Air Canada's chatbot told them not to worry. They could get the ticket recategorized as a bereavement fare retroactively so long as they applied to do so within ninety days of travel. Air Canada's human employees were less accommodating, and Mr. Moffat sued to recover the difference between the fare they paid and the bereavement fare; a difference of $880 (Canadian, I assume).
In Moffat v. Air Canada, the Civil Resolution Tribunal (CRT) allowed Mr. Moffat's claim for negligent misrepresentation. The claim is brought in tort, but that's only a product of a factual variable. Mr. Moffat had paid for his ticket and was seeking a refund. Had they not paid, Air Canada would be going after them for breach of contract, and they would be alleging negligent misrepresentation as an affirmative defense to their obligation to pay. The elements of the claim seem to be same, except that Mr. Moffat had to establish that Air Canada owed him a duty. No problem here. In addition, Mr. Moffat had to show an untrue, inaccurate or misleading representation, negligence, reasonable reliance, and damages.
The chatbot indicated that Mr. Moffat could fly first, provide evidence of bereavement later. However, it also provided a hyperlink to Air Canada's bereavement policy, which does not allow for requests for bereavement fares after travel. The rest follows as expected. Mr. Moffat traveled. Mr. Moffat sought a bereavement fare. This being Air Canada, they said "sorry" about the misinformation provided by the chatbot and thanked Mr. Moffat for allowing them the opportunity to address the problem. Air Canada did not offer a refund, instead it offered Mr. Moffat a $200 coupon towards future flights. Mr. Moffat refused.
Mr. Moffat was able to how by a preponderance of the evidence that all elements of a claim for negligent misrepresentation were met. The CRT rejected Air Canada's affirmative defense based on the terms and conditions of the applicable tariff because Air Canada described those terms and conditions but did not provide evidence of them. Seems odd that Air Canada would bother to fight this claim but then not bother to provide evidence necessary to its defense. as a result of Air Canada's half-hearted litigation strategy, we can't know whether other plaintiffs could follow in Mr. Moffat's path. It may be that Air Canada has a powerful defense. However, when a big corporation goes up against a pro se litigant, the CRT is not inclined to cut it any slack. The CRT engaged in a careful and detailed calculation of damages and ordered Air Canada to pay Mr. Moffat $812.02, plus post-judgment interest.
Now I know what you are thinking. It's easy to blame the overworked chatbot for messing up. But I asked a chatbot its opinion about what could have caused the negligent misrepresentation in question. It sent me a before and after picture of the chatbot in question, who apparently started its career as "cht boot?" but then decided to take on the moniker "CHBoT?", which like BONG HiTs 4 JESUS, just seems right to me. At left we have the Air Canada chatbot pictured the day that it started work. At right, we have it three weeks into its new career. Images generated by DALL-E. As you can see, like most airline employees, it was attracted by the allure and mystique of air travel. Like some, it quickly learned that it was a glorified server on a greyhound bus trip to hell. I'm not saying that all of the airlines' customer service people end up hitting the sauce hard. I'm just saying I would not blame them for doing so.
Hat tip to my former student, Don Dechert, who shared the case with me!
February 20, 2024 in E-commerce, Recent Cases, Travel, Web/Tech | Permalink | Comments (0)
Friday, January 5, 2024
Friday Frivolity: Tricking AI Into Selling You a Car for $1
Chris Bakke posted the following on Twitter, which he calls X
Contracts hypo: did Chris Bakke buy a Chevy Tahoe for $1?
Real life question: if you could buy any car for $1, would it be a Chevy Tahoe?
Enrique Dans reports on Medium that Mr. Bakke achieved this result by feeding the Chevy dealer's rather primitive AI what tech people call "prompt injections." As Mr. Dans explains, "Prompt injection is when an end user of an LLM application (or any generative AI application) gives it instructions to make it bypass those the developer of the application have provided."
January 5, 2024 in Current Affairs, E-commerce, True Contracts, Web/Tech | Permalink | Comments (0)
Thursday, January 4, 2024
TikTok Joins the Exodus from Mandatory Arbitration
Way back in 2020, Nancy Kim (left) alerted us to the sea-change already begun in the world of Terms of Service (ToS). As Nancy reported, both Door Dash and Uber were facing thousands of arbitration claims. Under their ToS, which provided for mandatory arbitration, the companies were obligated to pay $11 million and $18 million respectively. Welcome to the world of mass arbitration! A year later, Nancy posted about Amazon's decision to remove mandatory arbitration from its terms of service.
Now, as Sapna Maheshwari reports in The New York Times, TikTok has joined the party, in a really charmless manner. It has replaced arbitration with the requirement that claims be filed in one of two California courts, and it has shortened the statute of limitations to one year from the alleged harm. It is not clear whether TikTok can make its new terms stick. One problem is that minors make up a huge proportion of TikTok's users, and it is not clear how TikTok could make its terms stick against people under the age of 18. Friend of the blog Omri Ben-Shahar is quoted in the article expressing skepticism that courts would enforce significant changes to ToS posted in an e-mail or some other electronic communications. Given the requirement that claims be made exclusively in California courts, I would think the unconscionability doctrine might also come into play.
For those interested in learning more about mass arbitration. Georgetown Law's Maria Glover (right) is the expert. You can find her big article on subject on the Stanford Law Review's website. A follow-up article is available on the Washington University Law Review Website.
January 4, 2024 in Contract Profs, Current Affairs, E-commerce, In the News, Web/Tech | Permalink | Comments (0)
Friday, December 1, 2023
The No Responsibility Disclaimer
Contracts Prof Emeritus Royce de R. Barondes (right) brings us news of the latest liability dodge that Terms of Service designers have dreamed up. Professor Barondes booked a hotel room through Priceline. When he arrived, he was informed that the hotel had no vacancies and so his reservation had been canceled. He then discovered the following language in Priceline's terms of service, which I quote in full because the sweep is so breathtaking:
To the extent permitted by law, in no event shall Priceline, including its respective officers, directors, employees, representatives, parents, subsidiaries, affiliates, distributors, suppliers, licensors, agents or others involved in creating, sponsoring, promoting, or otherwise making available the Site and its contents (collectively the "Covered Parties"), be liable to any person or entity for any direct, indirect, incidental, special, exemplary, compensatory, consequential, or punitive damages or any damages whatsoever, including but not limited to: (i) loss of goodwill, profits, business interruption, data or other intangible losses; (ii) your inability to use, unauthorized use of, performance or non-performance of the Site; (iii) unauthorized access to or tampering with your personal information or transmissions; (iv) the provision or failure to provide any service; (v) errors or inaccuracies contained on the ite or any information, software, products, services, and related graphics obtained through the Site; (vi) any transactions entered into through this Site; (vii) any property damage including damage to your computer or computer system caused by viruses or other harmful components, during or on account of access to or use of this Site or any Site to which it provides hyperlinks; or (viii) damages otherwise arising out of the use of the Site, any delay or inability to use the Site, or any information, products, or services obtained through the Site. The limitations of liability shall apply regardless of the form of action, whether based on contract, tort, negligence, strict liability or otherwise, even if a Covered Party has been advised of the possibility of damages.
One would hope that the extent to which such a clause is "permitted by law" would be most limited. If the language were enforced, it suggests that there really is no contract at all, given that Priceline stipulates in advance that it will not be liable for breach. Someone could perhaps test that by using Priceline's services and then not paying. Somehow, I think Priceline would insist that users' liability is not cabined in the same way Priceline's is.
Professor Barondes' experience got me to thinking about the complexities of using travel websites. Pre-COVID, when I traveled more, I joined rewards programs at a few hotel chains. I learned that I get no credit for my stay if I booked at such a hotel through a travel website. Sometimes, the hotel has a hard time finding my reservation because the confirmation number I was given looks nothing like the hotel's reservation numbers. They have no record for me, and they ask me accusingly, "Did you book through a website?" "Well yes," I admit, and I think, "Doesn't everybody?"
When I do so, with whom am I in contractual privity and for what purposes? Professor Barondes is a sophisticated traveler, but your ordinary user of a travel website might assume that they had a contract with a hotel when they booked a stay at that hotel through a website. Not so, it appears. The Seinfeld-inspired hotel is free to say, "you may have a reservation, but we did not hold the reservation." But to the traveler, that's really the most important part of the reservation, the holding part.
It also occurs to me that Priceline is a clearinghouse. You may find your hotel through Priceline, but Priceline may just link you to some other website which is the entity that has some sort of relationship with your hotel. And that relationship may not be with your particular hotel but with the hotel chain's sub-contracted reservation service. As the layers of contractual obligation accumulate, sorting out privity and knowing how to get a remedy can be quite complex.
Even if Priceline offers a refund, which would be a sound business practice regardless of their ridiculous "no responsibility disclaimer," that hardly suffices. The price one pays for reserving a hotel may bear no relation to the price one pays to find a room at the last minute. And then there are the added costs, frustrations and panics associated with actually finding that room.
December 1, 2023 in Commentary, Contract Profs, Current Affairs, E-commerce, Travel | Permalink | Comments (0)
Wednesday, September 13, 2023
Coinbase Users' Complaints About Hacked Accounts Sent to Arbitration
Manish Aggarwal and Mostafa el Bermawy owned Coinbase accounts. Both claim that hackers broke into Coinbase and drained their accounts of cryptocurrency. They may also have drained Coinbase's logo (right) of any spark of interest and originality, but that is not part of the case.
The plaintiffs brought an action on behalf of themselves and other Coinbase users who registered since April 1, 2021 and either lost access to their accounts or lost funds or cryptocurrency from those accounts. They alleged violations of the Electronic Fund Transfers Act and related regulations and of various California statues, but also breach of contract and unjust enrichment.
Coinbase moved to dismiss and to compel arbitration. In Aggarwal v. Coinbase, Inc., the District Court for the Northern District of California granted Coinbase's motion. The case provides a nifty overview of how modern contracts of adhesion work and or how to design a website so that the adhesive seals tightly.
Plaintiffs contended that their contracts with Coinbase are illusory because Coinbase reserves the right to amend the contract at any time. The court quickly dispenses with this argument, noting California law recognizing that the implied duty of good faith and fair dealing saves such contracts from being illusory. Ah, responded plaintiffs, but what if the amendments render nugatory claims that have already accrued or which the corporation was aware of at the time the amendments went into effect? The rule is that if a provision for unilateral amendment is silent as to pre-existing claims, it has no effect on those claims. Such is the case here, and so Coinbase's unilateral amendment agreement, read in light of the duty of good faith and fair dealing, is not illusory.
Plaintiffs next attacked the extent to which the Arbitration Agreement that they signed delegated threshold questions of arbitrability to the arbiter. The delegation clause at issue in this case reads as follows:
The arbitrator shall have exclusive authority to resolve any Dispute, including, without limitation, disputes arising out of or related to the interpretation or application of the Arbitration Agreement, including the enforceability, revocability, scope, or validity of the Arbitration Agreement or any portion of the Arbitration Agreement[.]
Very similar language has been construed by the Ninth Circuit and has been held to delegate all threshold issues of arbitrability to the arbiter. The court thus found that the parties had clearly and unmistakably delegated issues of arbitrability to the arbiter.
Doing so was not unconscionable. The court noted that there were some elements of procedural unsconscionability in the delegation, as there are in most contracts of adhesion, but those elements were minimal. However, plaintiffs' allegations of the delegation clause's substantive unconscionability were the same as their allegations of the substantive unconscionability of the arbitration clause as a whole. In such situations, under SCOTUS precedent and precedent from the Ninth Circuit, the issue must be assigned to the arbiter. Other courts have reviewed Coinbase's arbitration agreement and delegation clause and have not found them to be unconscionable.
The case is stayed pending arbitration.
September 13, 2023 in E-commerce, Recent Cases | Permalink | Comments (0)
Friday, June 2, 2023
Guest Post from Guy Rub on Federal Law and Browsewrap Agreements
Today, we welcome guest-blogger Guy Rub (right) to the blog. Professor Guy A. Rub is the Joanne Wharton Murphy/Class of 1965 and 1973 Professorship in Law at The Ohio State University Moritz College of Law. He is an expert in the intersection between intellectual property law, contract law, and economic theory. His work explores how markets shape and are being shaped by intellectual property law. His publications have appeared in the Chicago Law Review, UCLA Law Review, Yale Law Journal Forum, and Virginia Law Review, among others.
Professor Rub has studied law on three continents. He holds an SJD degree and an LL.M. degree from the University of Michigan Law School; a master’s degree in Law & Economics from the University of Madrid; a European Master in Law and Economics from the Erasmus University in Rotterdam, Netherlands; and an LL.B. degree from Tel-Aviv University.
Professor Rub also holds a bachelor’s degree in computer science from Tel-Aviv University and worked as a software programmer and engineer prior to pursuing a career in law.
Browsewrap Agreements and Federal Law
Standard form agreements have been a topic of high interest and controversy for decades. Still, in the abstract, most would agree that while important differences exist between negotiated contracts and form agreements, most courts most of the time treat them quite similarly. A few doctrines, like unconscionability, operate differently when form agreements are concerned, but, for most courts, once Alice signs the dotted line, a bilateral contract is formed, whether she spends ten months negotiating the terms or ten seconds skipping them. And, as we know, signing is overrated too. If Alice can accept a contract by signing a form she didn’t read, she can also do it by tearing a wrap or clicking on “I accept.”
But browsewrap agreements, contracts that are allegedly accepted by using a website, are trickier. To the degree that the offer and acceptance ceremony still matters (and it should, right?), most people probably perceive the act of signing a dotted line, clicking “I agree,” and browsing quite differently (although, for what it’s worth, over the last decade, more and more students are telling me that “everybody knows that by using a website you accept its terms.”). So are browsewrap forms binding? It depends a little on the jurisdiction and a lot on the website. Courts have developed tests that focus on what users actually knew and on how “conspicuous” the terms were. They explore the color of the link, where it was placed, how big the font was, and so on. Browsewrap agreements let judges play website designers.
While state law still struggles with browsewrap agreements, a new brief from the United States Solicitor General (left) suggests that federal law might have something to say about the issue. Genius.com is a popular website for music lyrics. Its browsewrap prohibits the copying and public display of those lyrics for commercial use. Google, however, allegedly did just that. If you google “the lyrics of little lies” (useful when teaching misrepresentation), you will get the results on Google itself, in what Google calls “an information box.” No need to spend time visiting Genius’s website for lyrics anymore. This can make the users happy and Google probably happier, but it is a disaster for Genius’s ad-centric business model. A breach of contract lawsuit followed.
Contract law might give Google quite a few tools to fight this lawsuit, but it chose federal preemption as its first line of defense. Google argued that Genius’s claim is expressly preempted by copyright law. Section 301(a) of the federal Copyright Act preempted rights under state law that are “equivalent” to rights under copyright. Courts disagree on whether contracts are ever equivalent to copyright. A minority of courts hold that contracts that regulate what copyright regulates, mostly the reproduction and distribution of information goods, are preempted. The majority of courts, however, hold that a contract, as a bilateral agreement, cannot be equivalent to a property right like copyright. The most famous articulation of that majority approach came in an opinion we know for other reasons—ProCD v. Zeidenberg. In Genius v. Google, however, the Second Circuit adopted the minority approach and held Genius’s browsewrap agreement preempted as a contract that regulates copying. Genius’s cert petition to the Supreme Court followed, and the Court invited the Solicitor General to file a brief on this matter.
In its brief, the Solicitor General acknowledges the circuit split and suggests that the Second Circuit approach is quite problematic (a view I share), but it nevertheless recommends denying the cert petition. At the heart of its brief, the Solicitor General argues that this case is not a good vehicle to address the copyright-contracts tension because browsewrap agreements are just different.
The Solicitor General claims that it is not clear that this case would have come out differently in any other circuit. It, quite creatively, partly relies on a much-quoted (and often misunderstood) sentence from ProCD, where Judge Easterbrook (right) explains that not everything “with the label ‘contract’ is necessarily outside the preemption clause.” I always assumed that if the Seventh Circuit had any specific example in mind, it was probably implied-in-law contracts, which, we know, are not contracts at all. But can’t we apply the same approach to browsewrap agreements? After all, if the heart of the Seventh Circuit argument is that the act of acceptance categorically distinguishes contracts from copyright, then maybe it is less than obvious that browsewrap agreements should be treated similarly.
To be clear, in this case, courts addressed the federal preemption question first and never decided whether a contract was even formed under New York law. But the Solicitor General suggests that even if a contract was formed, for preemption purposes, that contract “is quite different from the paradigmatic bargained-for exchange.”
Most of the implications of this brief and this case are beyond the scope of contract law, but contract professors will still find it interesting. Consider, for example, the following nuggets: First, while its argument is interesting, the Solicitor General’s brief completely ignores the fact that Genius repeatedly put Google on actual notice as to its terms and conditions, which is likely quite meaningful as a matter of state contract law. Shouldn’t it matter for federal law too? Second, contract professors might find it noteworthy that the Solicitor General distinguishes ProCD because there “the existence of a contract was apparent.” Third, the brief not only argues that browsewrap agreements are different, which they might be, but it implies that they are maybe less important, referring to them repeatedly as “atypical.” I’m not sure that claim is self-evident.
In any event, are we going to soon have the Supreme Court weighing in and telling us whether browsewrap terms and conditions are contracts, at least from a federal preemption perspective? I know better than to bet on anything that the Supreme Court does, especially on cert petitions. However, it is probably more likely than not that the Court will deny the petition. But if it surprises us, maybe Justice Sotomayor will get a chance to revisit the topic 20-something years after Specht v. Netscape.
June 2, 2023 in Commentary, E-commerce, Recent Cases, Web/Tech | Permalink | Comments (0)
Monday, April 10, 2023
Catching up on JOTWELL
There have been three excellent posts on the JOTWELL contracts page since last we checked in there. Taking them in reverse order:
Nancy Kim (left) has a post, Click to Agree That Terms of Use Are Incomprehensible, which reviews Tim Samples, Katherine Ireland, and Caroline Kraczon, TL;DR: The Law and Linguistics of Social Platform Terms-of-Use, __ Berkeley Tech. L. J. __ (forthcoming 2023), available at SSRN, an interdisciplinary study of 196 agreements for 75 smartphone-based social platforms. Key takeaways: these TOUs operate on a massive scale, effecting billions of users; the platforms are attention-surveillance business platforms that “deploy addictive interfaces (also known as ‘dark patterns’) to maximize user engagement," these platforms mediate almost every aspect of our daily lives, and the TOUs play a vital role in digital governance. And then here's the best part, the TOUs are incomprehensible, which means that our classical doctrinal approaches to contractual assent, intent and reasonable expectation do not accurately describe what happens when we click "I agree."
In February, David Hoffman (right) published Waivers Are Some Crazy Stuff, reviewing Keith Hylton, Waivers (2022), available at SSRN. When you are done worrying about TOUs, you can start worrying about waivers, which are not exactly contracts, as they are unilateral and require no consideration, they are easily created and often easily reversed, they are subject to varying rules across jurisdictions, and they are ubiquitous. Professor Hylton provides an economic analysis of the law of waivers, acknowledging the concerns sounding in consumer protections about boilerplate waivers but argues that waivers are nonetheless welfare-enhancing and result from consumer choices about the goods and services they purchase even if consumers do not know what they have waived. Professor Hoffman recommends Professor Hylton's work because it is relevant to a general defense of boilerplate contracting, and it is short and relatively free from economics jargon.
Finally, in January, Daniel Barnhizer (left) posted Perceptions and Reality, reviewing J.J. Prescott and Evan Starr, Subjective Beliefs about Contract Enforceability __ J. Legal Stud. __ forthcoming 2023, available at SSRN. As presented by Professor Barnhizer, the article is an application of Roscoe Pound's observation of the divergence form law on the books and law in action, addressing the divergence between parties' perceptions of contract enforceability and legal doctrine. The article proposes ways to bridge that divide in the realm of employment agreements. The authors note at the start that non-compete clauses abound and influence mobility in states where they are unenforceable. According to the authors, 70% of employees in such states believe incorrectly that the non-compete clauses are enforceable. But educational outreach may affect their willingness to switch jobs notwithstanding the unenforceable non-competes.
So, to summarize these state of the world based on these three articles: terms of service and other boilerplate contracts, which might include waivers, are ubiquitous, powerful, and bind consumers who have not read and could not understand their terms. They shape real-world behavior regardless of their enforceability. But economic theory suggests that they may just reflect our preferences and are generally welfare-enhancing.
April 10, 2023 in Contract Profs, E-commerce, Recent Scholarship, Web/Tech | Permalink | Comments (0)
Friday, March 31, 2023
Saving Bitcoin (Yes, Really!): The 2022 Uniform Commercial Code Amendments
A great thing is happening in commercial law as I type these words: Musty corners of the Uniform Commercial Code are in the process of being brought up to date to deal with the realities of twenty-first century commerce. The 2022 UCC Amendments now being considered in state legislatures across the country are replacing the "writing" requirements baked into Article 2 (Sales), Article 3 (Negotiable Instruments) and elsewhere with the more flexible "record" that can be electronic or written and represents commercial reality. The comprehensive system of secured lending contained in Article 9 is being updated as well. These revisions will provide a stable system of rules that address once-unimagined electronic assets like NFTs (non-fungible tokens) and cryptocurrency to enable them be safer and more attractive forms of collateral because of the certainty with which a lender can secure its position.
So yes, that "electronic basketball card" NFT your cousin bought last year could actually end up being pledged as collateral that helps that cousin get a loan. As Yakov Smirnoff used to say, "What a country!"
But I digress. To this professor of payment systems law, the most exciting part of the package of 2022 UCC amendments is new Article 12, entitled "Controllable Electronic Records." Article 12 creates state commercial law rules to govern blockchain assets like bitcoin and other cryptocurrency, as well as any other technology (present or future) where a purely digital record is capable of being under exclusive control.
For those unfamiliar, the paradigm-changing innovation brought about by bitcoin circa 2009 was that, through blockchain programming methodology, it allowed for the creation of a digital token that could not be copied (or in currency terms, counterfeited). A thought experiment with paper currency will demonstrate how useful blockchain programming actually is. While counterfeiting is an occasional problem for paper currency like the U.S. dollar, imagine the disaster for the use of cash as a store of value if any trickster with a photocopier could make unlimited and undetectable copies. Eventually, no one would accept cash as payment. Why would you when you could just as easily print your own? Increased money supply facilitates inflation, which is bad enough, but an infinite increase in the money supply would eventually reduce its value to zero.
The trouble with digital files, then, is that they are susceptible to the infinite creation of perfect copies. Bitcoin changed all that through blockchain programming. Because of verification on a decentralized computer network, only one bitcoin token could demonstrably exist as the verified real thing, even in the face of dozens of ostensible duplicates. In payment system terms, this means that bitcoin solved the "double-payment" problem preventing the creation of a digital and decentralized asset. Yay for bitcoin!
But not quite. The creation of non-counterfeitable digital assets has spawned (and is continuing to spawn) numerous applications, such as "trading card" collectable NFTs, digital shareholder governance, smart contracts, and even the possibility of marketable electronic title for real property. Meanwhile, bitcoin and its crypto-progeny have fallen quite short on the original use case for blockchain: a mainstream payment system. Instead, cryptocurrency has become largely the province of high-risk speculative investment and hobbyists. The recent collapse of the FTX cryptocurrency exchange and some high profile crypto-heavy commercial banks suggests that pure speculation is ultimately not a viable path forward. What bitcoin-and-company are truly lacking is widely accepted use as a payment system.
UCC Article 12 is primed to change that. It creates the legal safeguards and commercial certainty that bitcoin needs break out of its niche. Article 12 does this by establishing a basic legal regime for the ownership and transfer of "controllable electronic records"—a category that includes all decentralized cryptocurrency. Rather than focus on physical concepts of possession, the UCC revisions focus on control, as shown in this excerpt from subsection (a) new section 12-105:
§ 12-105. Control of Controllable Electronic Record.
(a) [General rule: control of controllable electronic record.] A person has control of a controllable electronic record if the electronic record, a record attached to or logically associated with the electronic record, or a system in which the electronic record is recorded:
(1) gives the person:
(A) the power to avail itself of substantially all the benefit from the electronic record; and
(B) exclusive power, subject to subsection (b), to:
(i) prevent others from availing themselves of substantially all the benefit from the electronic record; and
(ii) transfer control of the electronic record to another person or cause another person to obtain control of another controllable electronic record as a result of the transfer of the electronic record; and
(2) enables the person readily to identify itself in any way, including by name, identifying number, cryptographic key, office, or account number, as having the powers specified in paragraph (1).
This provision is technology neutral. It clearly covers blockchain assets like bitcoin while still leaving room for other technological innovation in the realm of decentralized digital assets. The only inquiry in connection with making a transaction occur is the existence of control, and the ability to transfer it to another. Article 12 gives bitcoin the legal certainty that existed for centuries in the world of commercial paper by establishing a clear and comprehensible regime of control to stand in the place of the (literally impossible for bitcoin) regime of physical possession.
And there is much more. What good is digital value as a cash substitute if you can't spend it? New Article 12 takes care of that by adapting the centuries-old regime that made a success of commercial paper: negotiability. While the musty negotiable instruments term of "holder in due course" does not appear in the statutory text of Article 12, the definition of a "qualified purchaser" is clearly inspired by it. Section 2-102(a)(2) provides:
“Qualifying purchaser” means a purchaser of a controllable electronic record or an interest in a controllable electronic record that obtains control of the controllable electronic record for value, in good faith, and without notice of a claim of a property right in the controllable electronic record.
What then is the result of being a qualified purchaser, of (for instance) taking bitcoin as payment in exchange for vale, in good faith, and without notice of a claim to asset? Article 12 provides that the party taking the bitcoin takes it free-and-clear as against anyone else in the world. Subsection (e) of section 12-104 provide for this important commercial law legal right:
§ 12-104. Rights in Controllable Account, Controllable Electronic Record, and Controllable Payment Intangible.
[* * *]
(e) [Rights of qualifying purchaser.] A qualifying purchaser acquires its rights in the controllable electronic record free of a claim of a property right in the controllable electronic record.
Now,let's tie this all together. Based on the above statutes, a seller of goods or services now knows—from a legal perspective—exactly what it must do to accept cryptocurrency payments with the assurance that the transaction is not going to be undercut by an unknown party. If Joe's Hardware Store takes the steps necessary to obtain "control" of bitcoin and it does so as a "qualifying purchaser" of the bitcoin in exchanging its valuable goods and services for that bitcoin, then the transaction is complete. Period. No one else can show up on Joe's doorstep and claim a lien or other legal right to the bitcoin. The legal uncertainties that arise from taking this "mysterious" cryptocurrency as payment are now resolved. It works with as much certainty as credit cards, checks, or—dare I say it—cash.
The 2022 amendments to the Uniform Commercial Code are set to play a crucial role in "saving" bitcoin by empowering it and other cryptocurrency to live up to its original potential, not as some quirky, speculative investment, but as an actual payment system.
March 31, 2023 in Current Affairs, E-commerce, Legislation, Web/Tech | Permalink | Comments (0)
Tuesday, March 21, 2023
Consultants Sue Twitter for Unpaid Fees
This post started out as one story, but when I started researching, I fell down a rabbit hole of alleged breaches of contract. They all fit the incredibly simple pattern: one of the parties to the Elon Musk/Twitter litigation hired some company to do work in connection with the Musk/Twitter transaction. Then, once Mr. Musk (below) owns Twitter, he doesn't pay.
First, on January 20th, Jon Brodkin reported for arstechnica, that Charles River Associates provided consulting services to Twitter in connection with its lawsuit that eventually forced Elon Musk to purchase the company. Brodkin previously reported that Twitter had not paid over $1 million to Imply Data, Inc. and apparently intended not to pay the remaining $7 million. Apparently, Twitter simply doesn't respond when its creditors inquire about unpaid invoices. At one point, it was impossible to reach Twitter for comment, Brodkin reported, because the PR department had been terminated. I don't know if that is still the case. We reported on earlier contract breaches here.
Next, on February 3rd, Lauren Hirsch and reported in The New York Times, Musk has also not paid Innisfree M&A Incorporated $1.9 million owed in connection with work it did for Twitter during the acquisition. The article details other contracts that the company is not honoring.
Finally, Laurel Brubaker Calkins reported in Bloomberg News on February 9th that Twitter was also not paying Analysis Group Inc. of Boston $2.2 million in fees for consulting services it provided in connection with the acquisition. Perhaps Mr. Musk doesn't want to pay the people who contributed to forcing him to buy Twitter, an acquisition he seems to be enjoying less and less these days as the bills come due, the platform degrades, and the route to profitability becomes ever more elusive. Fortunately, The Onion has a slideshow packed with inspired ideas for making the platform profitable, all suitable for a genius of Mr. Musk's calibre.
March 21, 2023 in Current Affairs, E-commerce, In the News, Recent Cases, True Contracts, Web/Tech | Permalink | Comments (0)
Friday, January 20, 2023
Just When I Thought I Was Pulled Back In to Twitter, I'm Out Again
I've been thinking about re-starting the Blog's Twitter feed, which has been dormant since December. Blog traffic is down, I have been losing touch with academic news that I was getting through active LawTwitter folks, and Twitter remains an awesome news aggregator. And then I came across this latest evidence that the new Twitter is a dastardly, mean-spirited Saturn that devours its own children.
I learned today on Mastodon (of course) through Andy Baio that Twitter has "quietly changed its Developer Agreement today to retroactively justify their unannounced ban on third-party Twitter clients." The change is reflected in an update in Twitter's (you guessed it!) Terms of Service. Here is a track-change comparison that highlights the changes. These changes are really targeted at independent companies that greatly improved the user experience over at Twitter. I wasn't around for the early days of Twitter, and I'm not a person who thinks much about tech matters, so I don't really understand how it all worked, but here is an account of the effect on one such company, Twitterific. #Tweetbot is another such service that the New Twitter has killed off. I take it that these were Apps that you could download that would give you a better experience on Twitter than the actual Twitter App and which contributed mightily to Twitter's success.
As you can read here in reporting from Ivan Mehta, Twitter claimed that these Twitter clients violated its "longstanding rules," without identifying any such rules. The fact that it had to changes its ToS in order to justify its actions is, in a word, suss.
Still mulling a return to Twitter. Still hoping things change over there or that one of the alternative matures into a substitute. For now, please follow the Blog on Mastodon.
January 20, 2023 in About this Blog, Commentary, E-commerce, In the News, Web/Tech | Permalink | Comments (0)
Tuesday, January 3, 2023
Insurer Must Cover Ransomware Payments
Ahh, the joys of cryptocurrency! It makes so many unsavory and illegal transactions possible, and it all comes with that heady soupçon of infantile rebellion, libertarianism, and susceptibility to conspiracy theories. Let's see what wonders cryptocurrency has brought us today!
On March 29, 2021, Yoshida Foods International (Yoshida) was the victim of a malware attack. Its entire data system was isolated and encrypted, rendering it inaccessible. The anonymous hacker offered to sell it a decryption key if it paid in cryptocurrency. Yoshida employed an IT company to assist it in responding. The IT company advised Yoshida to pay the ransom. Yoshida ultimately paid $100,000 for decryption keys. It did so using the Bitcoin account of its principal, Junki Yoshida. It also paid just over $7000 to the IT company, and so it sought to recover $107,000 from its insurer, Federal Insurance Company (Federal).
Yoshida's policy with Federal provided "Crime Coverage," including "Computer Fraud Coverage." Nonetheless, Federal denied the claim, alleging that Yoshida had suffered no permanent loss and that the loss from the ransom payment had not been "direct" as required by the policy. Mr. Yoshida suffered a loss due to fraud, but he was not covered by the policy, Federal contended. Yoshida's only loss came when it reimbursed an employee, and Yoshida did not allege that Mr. Yoshida was engaged in computer fraud (obviously). Federal also denied the payments to the IT company, because those were also not "direct," and as such payments require the insurer's advance written consent.
In deciding whether Federal could deny the claim in Yoshida Foods Int'l v. Fed'l Insurance Co., the Federal District Court for the District of Oregon refreshingly did not behave like a textualist bot and consult dictionaries and common usage. Rather, the court consulted precedent and context and noted that the phrase "direct" in the context of insurance contracts has been interpreted to mean "characterized by or giving evidence of a close esp. logical, causal, or consequential relationship." There was a California case that seemed helpful to Federal, but that case did not involve ransomware and it was affirmed on other grounds in the Ninth Circuit. That ruling turned on the specific language of the policy at issue, which was not the language of the policy at issue in the Yoshida case.
Having distinguished that case, the court concluded:
Both the ransom payment made by Mr. Yoshida and the reimbursement of that amount by Plaintiff were proximately caused by the hacker's computer violation directed against Plaintiff's computer system. There was no intervening occurrence between the ransomware attack, the ransom payment, and the reimbursement to Mr. Yoshida, which were all part of an unbroken sequence of events. Plaintiff's reimbursement of the $107,074.20 ransom payment was a foreseeable result of the attack.
Federal next argued that Yoshida's loss was not the result of a computer fraud but of a voluntary decision to pay the ransom. That reading of Federal's policy would require coverage only when a hacker was able to infiltrate a company's computer system and syphon off funds directly. The Ninth Circuit rejected such a narrow reading of such insurance coverages in Pestmaster. Ernst and Haas Mgmt. Co., Inc. v. Hiscox, Inc., 23 F. 4th 1195, 1199-1200 (9th Cir. 2022). There, an employee was fraudulently induced to wire $200,000 to a fraudster. The Ninth Circuit ruled on behalf of the insured, noting that "initiating a wire transfer is not the same as authorizing a payment" because that a volitional payment induced by fraud is, by definition, not authorized. Citing an Indiana case as persuasive authority, the court in Yoshida noted more generally that payments made under duress are not volitional in a way that undermines a fraud claim.
Finally, Federal argued that the policy's Fraudulent Instructions Exclusion applied. That policy excluded coverage for any transfer of money authorized or approved by an employee. Federal argued that either Mr. Yoshida was an employee who approved the transfer or that the company's account manager was the employee who authorized the payment to the hacker. The reasoning here is a bit elusive, but ultimately the court again relies on its reasoning that an approval of payment induced under duress is not "approva,l" and so the exclusion does not apply.
As to the written consent argument in connection with payments to the third-party IT consulting firm, the court found that language in the insurance contract requiring advance written consent did not apply to these facts. The district court granted Yoshida summary judgment on its breach of contract claim.
Yoshida also alleged breach of the duty of good faith and fair dealing. Because Federal's arguments, while ultimately unsuccessful, were not brought in bad faith, the court granted Federal summary judgment on Yoshida's good faith and fair dealing claim.
January 3, 2023 in E-commerce, Food and Drink, Recent Cases | Permalink | Comments (0)