Posts Tagged ‘California Reader Privacy Act’

2011 in Review: Bad Legislation

Monday, January 2nd, 2012

2011Unlike a lot of tawdry, pandering, cut-rate journalistic operations out there (Time, CNN, etc.) who claim to review 2011 before it’s over yet, here at Blog Law Blog, your faithful blogger waited until it was all over before claiming to look back at it.

So now it’s time. What characterized 2011 in blog law?

First up: Bad legislating. This was a year when legislatures engaged in all kinds of nonsense that, at best, was dopey, and, at worst, was potentially disastrous.

The California legislature outdid itself this year. First there was the absurd new statute threatening jurors with jail time if they tweet, blog, or otherwise use the internet to communicate about their trial. The law’s not inane because I have an affection for tweeting jurors. It’s inane because, when you look at it closely, it’s inane:

Could the California legislature have felt egged on by reading my withering critique? Well, they urned around and did something even worse with their Reader Privacy Act. Some laws I just disagree with. But the California Reader Privacy Act actually makes no sense. Here’s an actual quote from me about this law:

That’s P.O. Box Crazy Crazy Crazy, Crazytown Station, Crazy Valley Acres, California 95814.

For a more in-depth explanation:

Now, the worst legislation of 2011 was a set of related measure working their way through the U.S. Congress: the Protect IP Act (PIPA) in the U.S. Senate and the Stop Online Piracy Act (SOPA) in the House of Representatives. Now this stuff hasn’t become law yet – it’s still a bill (sittin’ there on Capitol Hill). But it’s really bad. The House Judiciary Committee will be taking SOPA back up this month. Let’s hope 2012 is a better year for legislation than 2011 was.

Playing Simon Says: California’s Crazy, Crazy Reader Privacy Act

Tuesday, November 1st, 2011

Electronic Simon game from the 1980sGetting a subpoena is a highly unpleasant experience.

A subpoena is a legal document that commands you to hand over documents or appear someplace at a certain time to answer questions under oath. Subpoenas are necessary to get the business of our civil justice system done, but they can make the IRS seem like an old friend by comparison.

And that makes for what I think is the biggest problem with the Reader Privacy Act, a new California law intended to increase people’s privacy with regard to what books they choose to read. (More problems here and here.) To accomplish this, the new law puts certain requirements on any online “book service” provider (which, oddly, might include a blog) that receives a subpoena seeking information on any of the provider’s readers. The requirements are that before complying with the the subpoena, the “book service” provider must give notice to any reader whose information is sought and/or the provider must make a number of determinations about the legal appropriateness of the subpoena.

So, for instance, a provider covered under the law is not allowed to comply with a qualifying subpoena unless the provider first gives 35-day advance notice to the reader about the reader’s ability to seek a motion to quash the subpoena. §1798.90(c)(2)(B)(iv).

Just think about that for a minute: The subpoena is an order issued by a court commanding a person to do something. But under this new law, a person is prohibited by law from obeying that court order unless and until the person fulfills certain requirements.

You would think, if you got a court order, you’d be safe in obeying it. But not so!

And that’s crazy. That’s more than just crazy. That’s the Crazy Suite at the Hotel Crazy.

But wait, it actually gets crazier.

Under §1798.90(c)(1), it is illegal for a covered “book service” provider to obey a subpoena commanding the disclosure of information to a law enforcement agency unless the law enforcement agency has met two conditions and the court itself has met three conditions. For instance, you can’t obey a subpoena under the law unless the court first “finds that the law enforcement entity seeking disclosure has a compelling interest in obtaining the personal information sought.” §1798.90(c)(1)(B).

Yes, that means it’s illegal for you to do something the court is commanding you to do unless the court made a certain finding before hand. To be quite plain, it is unlawful for you to comply with a court order demanding that you cooperate with law enforcement.

That’s beyond crazy. That’s No. 1 Crazy Street, Crazy City, Crazyland, U.S.A.

The only precedent I can think for whackitude like this is the children’s game of Simon Says. In Simon Says, the leader barks commands preceded by the words “Simon says.” If you obey a command that is not preceded by the words “Simon says,” you’re out.

It’s silly, but that’s what makes it fun. For children. Who are playing.

But it’s not fun for the California legislature to do this. It’s not fun at all.

If the California legislature thinks the courts and the police are out of control, then – I hate to have to point out the obvious here – they can put restrictions on the courts and the police. That only makes sense.

Instead, the California legislature has made it illegal for people to cooperate with the police and the courts when the police and courts are, in the legislature’s judgment, going too far.

But wait. It gets CRAZIER still. Look at this provision:

A provider shall disclose personal information of a user to a law enforcement entity only pursuant to a court order issued by a duly authorized court with jurisdiction over an offense that is under investigation and only if …
[p]rior to issuance of the court order, the law enforcement entity seeking disclosure provides, in a timely manner, the provider with reasonable notice of the proceeding to allow the provider the opportunity to appear and contest issuance of the order.

§1798.90(c)(1)(D).

That’s right: It’s illegal for you to obey the subpoena if the police didn’t inform you of your right to contest the subpoena.

That’s like making it illegal for a suspect to answer questions while in police custody if the police failed to inform the suspect of the suspect’s right to remain silent.

That’s P.O. Box Crazy Crazy Crazy, Crazytown Station, Crazy Valley Acres, California 95814.

Unfounded Allayances for a Misarchitected Law

Tuesday, October 25th, 2011

Huge pile of building rubbleMisarchitected.
(Photo: EEJ)

Over at Technology & Marketing Law Blog, Eric Goldman has written that the just-enacted California Reader Privacy Act may impose a new burden on individual bloggers who are on the receiving end of subpoenas. Paul Alan Levy, a lawyer with Public Citizen, a leading public-interest law firm, doesn’t agree. Levy says that the phrase “commercial entity” in the bill could not be construed to cover individuals because, individuals can’t be “entities.”

In this post, I’m going to take issue with what Levy says, and I’m going to offer some things to bolster Goldman’s critique.

Let me note at the outset that Levy is a heavy-hitting litigator who fights the good fight. He’s on the right side of battle after battle, doing pro bono impact litigation that makes our world a better place. So, I’m certainly not at odds with Levy in the greater scheme of things. But I do think that Goldman points out a serious flaw in California’s new privacy law, one that is bad for bloggers, and one that’s worth dwelling on for a bit.

Also, I’m a California litigator. I’ve spent a lot of time puzzling over California statutes. I’ve come to believe that California statutory law needs some watchdogging. So I offer my comments in that vein.

Here’s Levy’s argument that the statute won’t apply to individual bloggers:

… Professor Goldman ignores the limiting impact of the word “entity.” An individual is not an entity; rather, an entity is defined by Black’s Law Dictionary as an organization whose identity is separate from its members.

First, while a dictionary can be helpful resource for readers stumbling across unfamiliar legal words, it is not, at least in my view, a particularly persuasive foundation for interpreting a statute. Regardless, however, I don’t think the definition that Levy cites excludes natural persons. If you look at the whole definition, it clearly says that an entity can have a separate legal existence from its members, but the definition doesn’t say that a natural person can’t be an entity.

At any rate, dictionary definitions are really beside the point. The fact is, there’s a plentitude of legal precedents considering “entity” to embrace an individual person. For instance, many statutory schemes explicitly define “entity” to embrace an individuals. One prominent example is the U.S. Bankruptcy Code. See, 11 U.S.C. § 101(14).

Moreover, courts have plainly used the word “entity” to refer to an individual person. In discussing what the word “individual” meant, for instance, New York’s high court held, “An individual is one entity, one distinct being, a single one, and when spoken of the human kind means one man or one woman.” People v. Doty, 35 Sickels 225, 1880 WL 12385 (N.Y. 1880).

In defining “sole proprietorship,” a D.C. court used the word “entity,” saying, “A sole proprietorship is an entity that is so identified with its owner that the business either must undergo a fundamental change or cease to exist upon the owner’s death or retirement.” Hunter Innovations Co. v. Travelers Indem. Co. of Connecticut, 605 F. Supp. 2d 170, 173 (D.D.C. 2009).

Levy makes other arguments, however:

The statute itself confirms this construction, in that it limits any disclosure (voluntary or compelled) to a “government entity,” but limits compelled disclosure to “any person, private entity, or government entity.”

This is a helpful argument, one which I find somewhat persuasive. But it’s not the end of the matter. The fact is, “person” under the law frequently includes such entities as corporations. Often – I would even say most of the time – when the law means an individual human being, and not things such as corporations, the law uses the term “natural person.” In fact, a neighboring section of the California Civil Code, Section 1798.3, says that “‘individual’ means a natural person” and “‘person’ means any natural person, corporation,partnership, limited liability company, firm, or association.” If “person” includes “corporation,” that arguably makes the term “private entity” redundant of “person,” except that ”person” might embrace a public corporation (i.e., a corporation with publicly traded shares), whereas, perhaps, “private entity” would not.

All of this going around in circles, of course, just illustrates that this statute is poorly drafted. It’s another home run by the folks in the California Legislature. I wish someone would come up with a ballot initiative to force the California Legislature to employ a huge army of well-paid staff to draft and analyze legislative language. It would be worth every penny. The alternative is half-baked text or the made-to-order work product of lobbyists. (Although, with the ACLU, EFF, and (ahem) Google lobbying for this, you’d think made-to-order language would have been pretty good.)

Okay, let’s go on to Levy’s next argument:

A similar understanding that an individual is not an entity is shown by the fact that “government entity” is defined to include any “state or local agency” or “any individual acting or purporting to act for or on behalf of a state or local agency.” If “government entity” included individuals, this last clause would not be needed[.]

Hmmm. I get exactly the opposite out of that. By including individuals within the term “government entity,” the legislature, it seems to me, shows that it understands individual persons to qualify as a kind of entity.

Levy’s bottom line:

So the individual blogger is plainly off the hook as a “commercial entity.” A corporation that blogs, yes. A partnership blogs, yes. But not an individual.

I very much disagree with the phrase “plainly off the hook.” I’d go with “arguably.” Levy makes a fine argument. But, in my mind, that’s all it is: an argument. Take it from me – a member of the California bar who has spent approximately eleventeen bazillion billable hours researching and briefing issues of California statutory interpretation: This is not an easily-disposed-of issue.

But while we are on the subject of phraseology, I note that Goldman’s word for describing the new statute is “misarchitected” – a word which, technically speaking, doesn’t seem to exist. That’s not a knock on Goldman. To the contrary, as I’ve pointed out before, I think it’s part of the job of a law professor to use big words and to even make up new words. Every once in a while, I slip a big, nonexistent word by law-review editors. And count me on board with this one. I’m already thinking about how I can stick misarchitected into one of my working manuscripts.

In the meantime, when it comes to the Reader Privacy Act, I simply do not find Levy’s allayances persuasive. Thus, I must offer the California Legislature my regretulations on a job not-super-well-done.

Later this week, I’ll explain my biggest problem with the Reader Privacy Act.

More from me:

Yikes! Is My Blog Regulated By California’s Reader Privacy Act? Is Yours?

Monday, October 24th, 2011

Looking up at the California capitol dome on a sunny day
The California Capitol. (Photo: EEJ)

Well, this is terrifying.

Eric Goldman, in a new blog post, hypothesizes that California’s newly enacted Reader Privacy Act could be read to impose statutory requirements on bloggers. The law requires “book services” to give notice to persons who are the target of a personal-information-seeking subpoena served on the book service. In other words, if someone throws a subpoena at an online book service in order to find out what books someone is reading, the book service has to first reach out to that someone before turning over the information.

So far, that doesn’t sound too bad.

But where Professor Goldman gets alarmed … (Let me just pause to note that while I would feel comfortable calling Eric Goldman by his first name, if I start saying “Eric argues” or “where Eric gets alarmed” on this blog, people are going to think I’m talking about myself in the third person. And while I’m generally okay with people thinking I’m a bit eccentric, I don’t want people thinking I’ve got the mindset of a marginal presidential candidate who is slowly losing touch with reality.)

So, anyway, as I was saying, where Professor Goldman gets alarmed is in looking carefully at who qualifies as a “book service” and who is therefore is obligated under the new law:

Let’s look closely at who is required to comply with the law — recognizing that the statute has a private cause of action that will be enforced by a rapacious privacy plaintiffs’ bar.

What?!? A “rapacious” plaintiffs’ bar?!? In CALIFORNIA?!?!? I can’t believe that. Anyway, as Goldman was saying …

[C]learly this covers Amazon and other online book retailers. But in this day and age, what is a “book” and, more importantly, what isn’t? The statute defines a book as:

paginated or similarly organized content in printed, audio, electronic, or other format, including fiction, nonfiction, academic, or other works of the type normally published in a volume or finite number of volumes, excluding serial publications such as a magazine or newspaper

… [W]hat about blogs? Are they “book services”? Before you discount the latter, consider that many blogs are, in fact, paginated (at least in the URL–see Blog Law Blog as an example).

Isn’t that awesome? I did a nested double-blockquote! Who knew you could even do that? Hey, wait a minute! That’s ME he’s talking about! AIYEEEAAHHH?!?!? There’s nothing like waking up in the morning and finding out that the California legislature has just done something that might expose you to private plaintiffs’ actions.

But wait, I can actually breathe a sigh of relief, because I’m pretty confident I don’t count as a “commercial entity” under the law. And since I’m not a commercial entity, the law’s requirements don’t apply to me.

But what about you, dear reader? Does your blog have advertisements on it? Even AdSense or Amazon affiliate links could, in Goldman’s view, possibly expose a blogger to “commercial entity” status.

And that’s just one more reason not to have ads on your site. As I said in regards to the question of whether having an ad-bearing blog imposes tax liability (in a post that my WordPress installation faithlessly labeled “page 1075“):

My advice for most bloggers is this: Dump the ads. Why bother putting ads on your blog unless it is going to make you substantial amounts of money? Ads clutter up blogs. They look terrible, and they are often for products that are either ridiculous (like herbal cures) or kindov depressing (like life insurance). That detracts from a user’s experience. And if ads cause you to have legal trouble – and even trying to figure out if you have legal trouble is a kind of legal trouble – then you should flush them down the drain.

I’ll have more to say on California’s Reader Privacy Act in posts this week. I’ll weigh in on the debate between Paul Alan Levy of Public Citizen and Goldman about whether an individual can be an “entity’ under the new act. I’ll also explain my biggest problem with the new law.