ISPs May Be Tracking User Behavior

tracking user behaviorSocial media websites violating user privacy seem to be an issue of an age long post (Web 2.0?), the current trend — aside from the NSA’s recent antics — is tracking user behavior online by the users’ internet service providers. That’s right, if it isn’t enough that everything you do is documented in a secret government database, it seems now that your own ISP may be hacking your web browsing to sell your behavior profile to marketing companies.

According to Hayden James Lee, who noticed some odd script running in the background during his online browsing, his ISP Access Media 3 seems to be injecting code for tracking user behavior into his unsecured HTML browsing:

Upon further inspection it turns out this ‘random script’ had been injected by a <script> tag in the header. I looked at some other sites and noticed the same script being inserted almost everywhere. Here is what it looks like:

<script type=”text/javascript”> var dot=’.’; var setCookie=’net’;var gAnalytic=’adsvc1107131′;var IETest=’rxg’; var v=’ashx’; var R=’ajs’; var gid=’5d738f4aeccb49c39d3013cabc563f64′; </script>
<script type=”text/javascript” src=”;5d738f4aeccb49c39d3013cabc563f64″ id=”js-1006893410″ data-loaded=”true”></script>

I realized that the only sites that weren’t affected were those using https rather than http. This makes sense, you can’t inject code into https because it is encrypted.

Mr. Lee skimmed his ISP contract  to find that the ISP reserved the right  ‘monitor’ the traffic across their network. However, as Mr. Lee noted, if “by monitor they mean ‘conduct XSS injections against every user’ I know a lot of people will not be happy.”

How is the ISP using this monitored data? At this point it is hard to tell. But according to Mr. Lee:

At the very least I can see multiple references to persisting cookies – a way to track a user’s behavior on the internet. As seen by MediaShift’s website it is clear that they offer this data collection system as a way for networks to make money. Its therefore not too much of a stretch to conclude that Access Media is making money from selling the data of its users behavior to unknown parties.

We will likely soon see some privacy violation lawsuits in the works, and I will keep this issue updated. In the meantime, has also been reporting of similar trends by other ISPs of tracking user behavior.

LegalZoom Is Not For Serious Entrepreneurs

legalzoomThe Texas Supreme Court just denied LegalZoom’s petition to review a lower court’s authorization of a putative statement consumer class action over the company’s trademark application forms.

Whether or not you agree with earlier accusations that LegalZoom is practicing law without a license, it has been my experience that “entrepreneurs” who can’t set aside some capital for decent legal advice as part of starting up their company are not going to take that company very far. Maybe incorporating an entity and filing for a trademark fulfills some sort of self-actualizing New Year’s resolution, and LegalZoom certainly lets you do so on the cheap, but the one enduring rule of the marketplace is this: you get what you pay for.

NimbleTV’s Content Streaming Model Is Not (Unfortuantely) A Fair Use

NimbleTVLast night Mashable sought my comment on the legality of NimbleTV’s business model vis-a-vis the latest developments in the Aereo and FilmOn X litigations. Some background:

NimbleTV launched its television-on-demand service on Tuesday to the New York City area. Next, the world… The company acts as a middleman between cable companies and subscribers seeking to access television content on computers, tablets and phones. NimbleTV takes cable content and streams it for a fee (the basic package is $3.99 per month).

However the service is not for cord cutters — a cable subscription is required or one must be purchased through NimbleTV, which pairs customers with cable providers based on the channels they want and the price.

Like Aereo and FlimOn X, NimbleTV does not have an agreement with with the cable companies. According to Mashable, when asked about the legality of their business model, NimbleTV CEO Anand Subramanian replied that it is a “fair use” concept since subscribers can only stream content that they already pay their cable providers to view.

Unfortunately, The Fair Use Argument May Not Hold Up.

I am not sure whether Mr. Subramanian’s “fair use” response was meant to convey NimbleTV’s legal position on its streaming model, or if he just thinks that it is fair to re-broadcast content to users who have already paid the cable companies for it. The problem is that copyright law does not recognize the colloquial definition of “fairness” and that the legal definition of the Fair Use doctrine is unlikely to apply to what NimbleTV is doing.

As outlined in the 2nd Circuit’s most recent Google Books decision, the Fair Use doctrine is a defense where the defendant says, “Yes, I am infringing on your copyrights, but what I am doing is protected by copyright law because it transforms the copyrighted work in such a way as to promote education or the arts, etc…” (This is contrary to Aereo’s model where Aereo denies any infringement on its part, arguing that the subscribers at home doing the copying and are merely using the antennas that Aereo provides.)

When analyzing fair use, a court examines (i) the purpose and character of the use; (ii) the nature of the copyrighted work; (iii) the amount or portion of the work copied; and (iv) the effect of the use on the potential market.

In most cases (Google Books was the exception), when the character of the use is commercial, this spells a death knell for the fair use defense. In NimbleTV’s case, the video streaming service is clearly commercial in nature — NimbleTV makes money off the service. Additionally, there is the major factor that some cable channels, like HBO, have begun to offer a streaming service like HBO Go that NimbeTV’s service would directly compete with.

When it is fairly clear that NimbleTV’s service is taking potential profits out of the content providers’ pockets and, unlike Aereo, directly copies the copyrighted content, I unfortunately do not see a legal argument that would save NimbleTV’s service should it get sued.

I Say Unfortunately…

I say “unfortunately” because I, like many cable consumers, would love to see a good streaming service. HBO Go is, in my opinion, sub-par in that it still requires you to subscribe to the entire cable package of unwanted channels (HBO is probably contractually obligated to do this).

I should also note that back in 2011 a company called ivi, Inc. tried to do something similar to what NimbleTV is doing, arguing that its streaming service was legal based on the Copyright Act’s compulsory license provisions for re-broadcasters. Unfortunately the SDNY and the 2nd Circuit decided that the compulsory license provisions were not meant to apply to internet re-broadcasting. See WPIX, Inc. v. ivi, Inc., 691 F.3d 275, 285 (2d Cir.2012).

So here’s one consumer hoping that NimbleTV will work out some sort of distribution agreement with the cable companies before it gets sued.

Mashable Consults Tim Bukher On Nimble TV Streaming Article

If HBO decided to monetize its app, NimbleTV’s fair use argument would not hold up, says Tim Bukher, a lawyer specializing in intellectual property and technology at Handal & Morofsky.

“Since HBO is the content owner, it is within their right to say, ‘No, you’re not going to provide something we’re going to provide that we’re trying to make money off of,” Bukher says. “At the end of the day, they are the copyright holders so they get carte blanche in the ways they want to exercise their copyrights.”


No Reason to Worry About the New gTLD Expansion

Internet LawLast week the Internet Corporation for Assigned Names and Number (ICANN) announced the latest expansion in available gTLDs (e.g., .com, .net, .gov are all “generic Top-Level Domains”). The internet is now abuzz with articles questioning whether this massive expansion of potential trademark infringement urls spells the end for brand owners as we know it!

It does not.

While it is true that, for example, the owner of the ACME trademark (and owner of the domain) may now have to worry about potential competitors registering, say, acme.widgets, this isn’t all that problematic for two reasons:

  1. The gTLD sunrise period gives trademark owners 30 days (as of the start of last week) to petition ICANN for the exclusive rights to any gTLDs that potentially infringe with their registered marks. So Mr. ACME can go ahead and secure the rights to acme.widgets, acme.products,, and anything else he feels might be used by potential infringers to dilute his products.
  2. It remains the case that the .com gTLD is still trusted by the vast majority of users as the “official” home for any given brand. As far as internet culture goes, users are just much more likely to go to and look for the “store” link than to assume that ACME’s official store would be at

The cultural norm in #2 could of course change, but this would be less and less likely in the event that gTLD-alarmists prove correct. Meaning, if these new gTLDs are in fact rampantly used by infringers then internet users are more likely to associate the .com gTLD with the only gTLD that they could trust for any given brand.