Hot News Doctrine Already Being Stretched; Company Says Its Contact Database Is Hot News
from the hot-news-needs-to-burn dept
In the last year, there’s been a sudden resurgence in interest in the concept of “hot news,” a doctrine that most people thought was dead and buried, which allowed a judicially-created form of intellectual property on factual information that was deemed to be “hot news.” There’s no statute that covers this. Just a court decision. And that was a century or so ago. But… the concept started showing back up in court recently, and in March a ruling came down, blocking a website from reporting on news for two hours, using this doctrine. With that on the books, other “hot news” lawsuits were quickly filed.
However, one such recent lawsuit seems to stretch the concept of hot news so far that you can only sit back and admire the audacity of including it in the lawsuit, while fearing the results should a court actually buy it. Thomas O’Toole has the details of what is likely to be a very interesting lawsuit on a few different factors, beyond just the hot news claim (but we’ll get to those other issues, so read on…).
The case apparently involves an employee at Goldman Sachs (or potentially multiple employees) who got the username and password of another account holder on a database put together by a company called Ipreo Networks, called “Bigdough.” Bigdough is apparently a database of contact info on 80,000 financial industry people. The Goldman Sachs employee(s) logged in with someone else’s username/password and downloaded a bunch of information.
This sort of thing happens all of the time. People share logins all of the time. Violating it is basically a terms of service violation, but here the company has broken out the big guns. Yes, it’s claiming that the contact info in its database represents “hot news,” and Goldman accessing it is a violation of the “hot news” doctrine. Think about that for a second. Contact information. “Hot news?” And, of course, the whole purpose of the “hot news” doctrine is about another publisher republishing the information — something that Goldman Sachs didn’t do here at all. The whole “hot news” claim here seems to stretch the (already questionable) concept way past the breaking point. Hopefully that part gets tossed quickly. Otherwise, imagine what else will suddenly be called “hot news.”
But that’s not all that’s interesting in this case. As O’Toole notes in his report, there are two other interesting legal questions, having to do with the use of someone else’s login. First, there’s the question of whether or not Goldman Sachs is liable here, even if the actions are just that of a rogue employee (or group of employees). O’Toole points out that the legal standard to get GS on the hook here is pretty damn high. The second question, of course, is whether or not just using a login that someone shared with you is a violation of the Computer Fraud and Abuse Act (CFAA). We recently discussed how there are also a growing series of cases trying to stretch the CFAA to make all sorts of activities classified as “unauthorized access.” CFAA was really designed as an anti-hacking law — which was about people really breaking in to a computer system. If someone simply shares their login credentials with you, does that really count as criminal hacking? If that’s the case, an awful lot of people may be guilty of doing so.
So, this should be a fun one to follow. Three separate interesting legal questions, and in all three cases, Ipreo appears to be trying to stretch the law beyond its intentions, so hopefully the court recognizes this. If you want to see the full filing, it’s below:
Filed Under: bigdough, cfaa, contacts, database, hacking, hot news
Companies: goldman sachs, ipreo networks
Comments on “Hot News Doctrine Already Being Stretched; Company Says Its Contact Database Is Hot News”
I hate to be a lawyer cop (as opposed to a grammar cop), but…
“There’s no law that covers this. Just a court decided it.“
How about, “There’s no statute that covers this. Just a court decision.”
Re: Re:
How about, “There’s no statute that covers this. Just a court decision.”
Fair enough. Changed…
I find it interesting that many are attempting to buy technology’s progression through judicial legislation, only driving data (information) further underground but of course it is no less accessible. This is progress?
I mean, it is progress, but it seems an awfully absurd way of attaining it.
Laws “online” are having a smaller and smaller impact to those people that know technology.
If anything it would fall under a trade secret, not hot news.
This would be a trade secret, not hot news. Goldman is going batshit insane.
ill agree only if the following applies
1)they are all contacts to BIG BREATED women
2)they are clean and free a dieseases
3) they are slutty
otherwise not HOT
Re: ill agree only if the following applies
4) ???
5) Profit
BREATED = BREASTED
.
Feeding Trolls
Please don’t feed the trolls… it only makes them grow.
Trolls are fat, lazy and ugly and need to be ignored until they go away… or cacoon themselves and metaphasize into something that is intelligent and beautiful and doesn’t expect everything to be handed to them on a silver platter.
Well ...
This actually isn’t quite as crazy as it sounds on its face. One of BigDough’s products is time-sensitive, a list of people who have joined or left various companies, which comes out every night at midnight. (They actually call it “Hot News.”) I agree that the hot news doctrine itself is troubling, but if they’re trying to apply it to this “news” product, that makes more sense than trying to claim hot news doctrine over the database. I’d imagine that’s what’s going on here.
@8 you do not gt sarcasm do you
/me slashes and dices the TAM
YA hes da man cause everyone can but tam
not sure here
…but it seems to me (and my experience in the field has tended this way) that even if a user voluntarily provides a login name and password to another person who isn’t allowed on the system, it’s still unauthorized access if the second person logs in. If they get found out, that is.
In light of that, it’s even more idiotic to try for a “hot news” claim. With an industrial espionage claim you get to humiliate the respondent regardless of how the case actually shakes down.
> The second question, of course, is whether or not just using a login that someone shared with you is a violation of the Computer Fraud and Abuse Act (CFAA).
“Dan resolved the dilemma by doing something even more unthinkable—he lent her the computer, and told her his password. This way, if Lissa read his books, Central Licensing would think he was reading them.”
http://www.gnu.org/philosophy/right-to-read.html
Read the Ipreo contract, understand their products, then state your opinion. Unauthorized access is a violation as stated in their agreements and is punishable by law. “Hot News” is in fact the name of one of their services.
CFAA has password sharing provisions?
Doesn’t the CFAA have a section about “trafficking passwords” or something like that?
I suspect that software hacking for this sort of thing is really rare in comparison to social engineering. Even Kevin Minnick really didn’t “hack” as much as was given access to the information he wanted.
-chad
dough
ipreo is behaving badly. I am hearing they are going after every body for breaking any of the rules no matter how small with mean and rude lawyers. When all they need to do is try and treat customers better instead of giving them what amounts to a mafia shake down.
Going after Goldman for $3 million is bad business. their fees are about 15 to 20k a year!