'ClickWrap' Ruling Could Allow Privacy Suits

A federal appeals court ruling in a 'spyware' suit against Netscape paves the way for privacy lawsuits and helps define the validity of online 'clickwrap' agreements.
Posted October 2, 2002

Erin Joyce

Erin Joyce

AOL Time Warner's Netscape Communications browser division has lost an appeal in a lawsuit accusing it of electronic eavesdropping with "cookies" , which it had used with its free software "SmartDownload" feature.

The ruling by the U.S. 2nd Circuit Court of Appeals, which also draws a distinction between the structure of online and offline contractual agreements, means a privacy lawsuit against Netscape can go forward.

It may also be the first circuit court decision to hold that online contracts regarding software downloads (usually called clickwraps) may not be valid because of where the legal terms were placed. In this case, the contractual terms were one page below the button that launched the software download on the Netscape page, which would have required the user to scroll down to see them.

The hope with the case is that "companies from now on will take steps to insure that if they want somebody to enter into a contract, that somebody knows they are entering into a contract and does it intentionally instead of by accident," said attorney Joshua Rubin of Abbey, Gardy & Squitieri, the law firm representing the plaintiffs.

The ruling has major implications for online publishers, software companies, and marketers, especially those that use "cookies" to add functionality to their applications or to create user profiles for marketing purposes. While privacy statements on Web sites or prior to software downloads have long been a part of the Internet landscape, there hasn't been much legal guidance on what form those statements should take.

A spokesman for AOL Time Warner was not immediately available to comment on the ruling.

The case began two years ago when Christopher Specht, a New Jersey photographer who operated a Web site called lawphoto.com, filed suit against Netscape. The suit charged that unbeknownst to the end-user, Netscape's SmartDownload software program, which helps users download software over the Internet, was using "cookies" to transmit back to Netscape the name and location of any file transferred using SmartDownload, along with a unique identifier.

The suit charged the practice was a violation of the Computer Fraud and Misuse Act and the Electronic Communications Privacy Act.

Netscape had argued that the SmartDownload file transfer utility, which Netscape later disabled, gave users the ability to pause and resume downloads, among other features, and using these features was a form of informed consent.

At issue in the case was the placement of the fine print about the user agreement, including the use of the cookie, which was only viewed after the user scrolled past the download button to a page below. In its appeal, Netscape argued that the case should be settled in arbitration instead of in court because the user agreement.

But Tuesday's ruling said because the placement of the user agreement was below the download button, the plaintiffs may not have learned of the existence of those terms.

"When products are 'free' and users are invited to download them in the absence of reasonably conspicuous notice that they are about to bind themselves to contract terms, the transactional circumstances cannot be fully analogized to those in the paper world of arm's-length bargaining," the ruling said.

"Reasonably conspicuous notice of the existence of contract terms and unambiguous manifestation of assent to those terms by consumers are essential if electronic bargaining is to have integrity and credibility."

The case now moves on to discovery, and seeks class action status, Rubin said.

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.