Facebook v. Power.com - Battling Social Networks
Facebook recently filed a lawsuit against Power.com (NYT coverage here ("Facebook is no Friend of Power.com")). At its root, the lawsuit is about Facebook’s attempt to force third party developers to go through the channels made available by Facebook in integrating Facebook on to a third party website or application. The law is not settled on this issue and given the efforts of various networks to regulate access by third party applications, this may be litigated more often. (Access a copy of the complaint here [pdf].)
The lawsuit is at the complaint stage and the allegations in the complaint cannot be taken as fact. For context, Power.com’s user interface looks approximately like this:
Summary of Allegations: Power.com developed an application which allows people to access their social profiles “in one place”. This requires Power.com to access third party networks such as Facebook on behalf of Facebook users. After Power.com rolled out its product, Facebook brought a variety of claims alleging Power.com violated Facebook’s rights in testing and deploying the application. Facebook’s claims included claims under the Computer Fraud and Abuse Act, CAN-SPAM, and copyright and trademark law.
CAN-SPAM Claims: Facebook’s CAN-SPAM claims were centered around Power.com’s promotion efforts. Power.com launched a promotion which encouraged users to refer third party users to the Power.com website and promised these users the chance to win $100 if they referred the most users. Apparently Power.com allowed users to input their log-in/password on the Power.com website and generate a list of their Facebook friends. Power.com then gave these users the ability to select which of their Facebook friends would receive an invitation (sent though Facebook) to join Power.com. The CAN-SPAM claims are peripheral to the lawsuit, and Power.com could have avoided the CAN-SPAM claims by steering clear of the promotion and structuring the "invite your friends" function a bit differently.
Computer Fraud Claims: Facebook’s Computer Fraud and Abuse Act claims are the core of the lawsuit. First, in designing Power.com’s interface, Power.com signed up for a Facebook account and agreed to Facebook’s terms of service. Second, (Facebook argues) in accessing Facebook’s servers at the request of Power.com’s users, Power.com is violating the Facebook terms of service (by effecting automated queries and accessing the network for commercial purposes?). Whether a terms of service violation in this context supports a claim under the Computer Fraud and Abuse Act is fairly unsettled (as illustrated by the recent Lori Drew prosecution – she was prosecuted under the Computer Fraud and Abuse Act for creating a fake profile and using MySpace’s network contrary to MySpace terms of service; commentators uniformly condemned the prosecution as resting on legally flimsy grounds). Facebook will have a tough time proving that it was damaged by this conduct. Facebook alleges damages in that the password/log-in information of the Facebook users are exposed to Power.com’s website which is allegedly less secure than Facebook’s website. Absent a demonstration that Power.com’s security practices are lax, it is unclear how much mileage Facebook will get at the end of the day on this allegation. In any event, it’s likely that the password/log-in information is exposed to far less secure environments in the hands of the users themselves. Also, Facebook engages in a practice very similar that Power.com - with respect to third party applications. Facebook allows its users to integrate data from third party applications, sometimes with permission and sometimes without. Notwithstanding the niceties of the Computer Fraud and Abuse Act, courts have, in other contexts (e.g., scraping) respected the right of a website owner to fully dictate the terms of access of a website. For example, websites whose competitors have repeatedly accessed the website’s servers have obtained injunctions. (See, e.g., Bidder's Edge; Verio.)
Copyright Claims: Facebook’s copyright claims allege that Power.com reproduced portions of Facebook’s website. The Complaint does not detail how and where exactly Power.com reproduced portions of Facebook’s website. Facebook’s claims are fairly weak to the extent that Power.com merely reproduced information (such as friend lists) in a different format on Power.com’s website in response to Power.com user requests. Facebook will have a difficult time establishing that content such as friend lists (which Facebook doesn’t necessarily own in the first place) are entitled to copyright protection. (There's a tweak here and this may be a stretch, but what if the information on the Facebook network is owned by the individual users . . . don't they have the right to access the information through any application or method which they desire?)
Trademark Claims: It’s unclear exactly what facts support Facebook’s trademark claims. Facebook alleges generally that Power.com used Facebook’s mark in a manner that implied “affiliation . . . or association” with Facebook’s product. Facebook may be able to bolster facts in support of its claims if Power.com was careless in using Facebook’s marks or logos or in failing to make clear to Power.com users that Facebook and Power.com are not related (and Facebook does not endorse Power.com’s product in anyway).
Commentary: Mike Masnick from Techdirt was not terribly impressed with Facebook’s claims [link]. His comments epitomize how many in the technology community reacted to the Facebook lawsuit:
I'm having trouble seeing how Power.com violates any of these things. Power.com, like plenty of other aggregator services, lets you bring together all your different social networking profiles in one spot. That seems like it could be valuable if you use a lot of those services. It doesn't do anything fraudulently, and it does not appear to misrepresent that it is a separate service. Users have to decide whether it's worth providing their username and password to Power.com, but it's not as if Power.com tricks anyone into doing so or does so in a misleading way. There's no confusion, so it's difficult to see what the trademark problem is about. It seems like a pretty big stretch for Facebook to also claim that showing the content from a user's profile is copyright infringement as well. Computer fraud? Please. Unlawful competition? Again, it may be (slightly) competitive, but it appears to actually improve the value of Facebook, rather than diminish it.Intuitively, I agree with Masnick, but courts seem to be much more solicitous to claims asserted by owners of websites and networks who try to "keep people out". This lawsuit will probably settle (it was rumored to have settled a couple of times) but if it moved forward, I wouldn't be surprised if a court said that Power.com improperly accessed Facebook's networks in this context. (Often these lawsuits are resolved at the injunction level so the facts aren't as fleshed out as they otherwise would be.)
This is a pretty weak response from Facebook. Basically, it looks like Facebook trying to exert undue control over what other websites and services can do, and it's not clear that it has any real legal basis for doing so. It's a shame that a company like Facebook is becoming a legal bully at such a young age. I would have expected better. In the end, though, if Facebook keeps up actions like this, it will only hasten the shift to other social networks that don't try to limit what their users can do. Facebook might want to take a lesson from the eventual flop of Friendster after that social network was accused of being too controlling.
It's also interesting to note the different approaches taken by various networks. The two are completely different, but Twitter has been fairly open in allowing third parties to build apps which use Twitter data. Then again, there's news that Twitter is clamping down [link] ("Twitter Puts New Limits on API Callls").
More: forgot to add the link to cNet which discusses the story. I added a link to the complaint as well.