What is the legal liability for internet advertisements? They’re everywhere, and support a lot of worthy sites, but they’re also a prime vector for malware, particularly on mobiles. Suppose I go to a website with adverts and get hit by non-trivial malware. Suppose, for the sake of arguing that I have a clean backup and proxy server logs which absolutely confirm the time and date and source of the infection. Suppose I’m a highly-paid guy and lose a substantial sum of money from the infection. Who is liable for my loss? Is it the site owner? The advertiser? The ad provider? Do the ad providers carry insurance?
Lawyers in this situation would sue EVERYONE remotely concerned with the harm done to your cell phone. Including the electric company for providing the electricity which enabled your cell phone to be damaged!
I guess the legitimate service claims to be a co-victim and says they want to sue the malware source too !
lets do a taxonomy for clarity and didactic purposes.
So you are reading a website, I’ll call that xyz.news for simplicity.
They have on their website, adverts provided by EFG ADVERTS, they just syndicate adverts.
So what if EFG ADVERTS provided the malware…because they had turned dark side and wanted to cash out of the business… take some cash and buy a entry to the university , an airplane ticket, a deposit on a house, and therefore the 6pm to 3am shift at the 7/11 somewere in a western country…
There’s a problem … are you suing the website you were seeing, XYZ NEWS ? Or did the news service disclaimer T&C protect them ? "its all care and no responsibility wrt those adverts, readers "
So then you try to sue EFG ADVERTS ? Hey see our T&C, and btw that advert was provided by LATVIA SEO CO. They seem to be based in eastern ukraine now… Do you get to sue EFG ADVERTS, or are you pushed off to track down LATVIA SEO ?
IANAL but it seems to me that it would be most reasonable to sue the website as they are who you chose to visit as you believed they were trustworthy. They would then be able to sue the ad provider if they wished. If they can’t get the cash back the perhaps they should do better due diligence next time…
Cite?
An industrial relations lawyer first told me that many many years ago. I’ve read this many times since. Simply go to your local courthouse and look at lawsuit cases. Quite common for there to not be just one name, but many!
Unfortunately my local courthouse has just realized there are computers in the world and has recently started computerizing! But you STILL can’t access anything via the internet. (This IS 2016!!!)
And some courthouse libraries restrict use to lawyers only! (Say you are a law student.)
So not an easy thing to access cases via the internet as of yet, but here is a bit…
“Sue Everyone! The Anatomy of a Construction Lawsuit,” Professional Women in Construction…
http://www.goldbergsegalla.com/content/sue-everyone-anatomy-construction-lawsuit-professional-women-construction
Think Carefully Before You Sue Everyone In Sight…
Why Does Everyone Get Sued…
One cite that is relevant:
In general laws that apply to other media also apply to the internet. If someone sets up a scam website, they don’t get a free pass to commit fraud because it wasn’t in print.
But there isn’t really anything analogous to the OP’s question in any other medium. He’s not talking about a scam website; he’s talking about a reputable website which is running a damaging ad.
I’m not so sure. Didn’t spies back in WWI (and possibly even much earlier) sometimes use personal ads in newspapers to deliver encrypted information to the enemies? (Maybe I’ve gotten this from some old detective fiction stories, but the idea seems perfectly plausible.)
Magazines have gotten into trouble once in great while for the ads they run.
There were outfits 30-40 years ago that placed a lot of scam ads. Envelope stuffing down to “Make money via mail order, send me $5 to find out how.” It took a concerted effort by consumer groups and the FTC to get them to stop carrying the ads. The issue was “awareness” that these were scams. If the magazine doesn’t know they are frauds, they could carry them. But with all the information and complaints, the magazines could no longer say they were unaware.
I think the same thing might apply to web sites. If they don’t know what the ads are and if they’re bad in some way, they have negligible legal liability. But if they are repeatedly told they are running a malware delivery ad and they do nothing, they should be partly responsible.
Note that the admins of many sites don’t see all the ads their ad providers are running. Some of the scammier ad networks have IP address lists of their customers and feed page requests from those ranges the safest ads. The rest of us get the crap.
A web site usually takes one of two approaches to ads: Be all in, gung ho on stopping the bad ones or to completely ignore the ads. Being half=hearted doesn’t work so well. Since you’re making a effort, you obviously know that you’re feeding bad ads, but since you’re not really stopping them your inaction is causing users harm.
A lawyer who dabbles in torts is obviously the most qualified to answer these questions, but my own limited knowledge of the law is that liability is liability. If you’re running a website, the fact that it wasn’t your ad may not be sufficient to protect you from a compensatory damages claim.
Again, I’m not a lawyer, but I would imagine that the tort claims would assert some form of negligence on the part of the website owner. There are a lot of potential factors involved, but it’s possible that a craft litigator could argue that a website owner has a duty to provide reasonable care that their product will not cause economic harm to users. How a judge would ultimately decide would probably depend on a number of factors. If the website had no reason to believe that the advertiser were dubious, and if they had taken steps to protect users in a manner consistent with industry standards, then that would mitigate their liability. If, however, a jury or judge found that they knowingly allowed distributors of malware on their site, or if there were previously reported suspicious activities and they failed to act, then that would be textbook negligence. Generally, businesses and service providers have a duty to provide reasonable care and reasonable safety to their end users, regardless of the product.
Now, there are a lot of other factors to consider. A plaintiff has to prove he sustained damages, and he may also have to prove that he took reasonable steps on end to protect himself. If it was found that he had no malware protection, then that might weaken his case. If he has a blog but doesn’t make that much money, then he’s going to have a hard time showing that he is owed damages. Some states also have ‘loser pays’ statutes, which means that some attorneys might not want to take your case. And some attorneys just might not think your case is worth their time when they’re busy working on multi-million dollar shake-downs, er, settlements with insurance companies.
How about this. You respond to a classified ad printed in a newspaper. The “seller” beats you up when you meet him. Is the newspaper liable?
I think this could be analogous to the OP’s scenario.
I think Craigslist has been sued over incidents like this, which is why you see a lot of enhanced built-in security features to protect anonymity, safety tips, and disclosure statements that you didn’t see 10 years ago. They’re not a newspaper, but they’re a “publisher,” just like a newspaper or a website. If someone produces a product and they don’t take reasonable steps to protect consumer safety, whether it is a Hasbro toy or a website, then they increase their exposure to legal liability.
I think it’s more analogous to hiring a general contractor that hires some carpet layer that ends up stealing my stuff and ruining my kitchen.
In neither of those cases it is clear that the perpetrator intended (much less, showed any intention to) do their deed when placing the ad.
The whole thing is about how deep a publisher should have to dig into layers and layers of information, using every available method to try to extract any encrypted info, before publishing it.
So how about this, a general contractor (website) hires on a worker (ad service) that repeated performs substandard work including shoddy construction (bad scripts) and in some cases has damaged customers home (injected malware). Thing is, the general contractor knows this due to numerous complaints by multiple clients (members). The general contractor (website) continues to use the worker (ad service) despite this.
What is the general contractor’s liability?
Firstly, the website isn’t a “contractor”. The website owner has no contract with website visitors. This is important because (speaking very generally) people who contract to provide something to a customer tend to have a far higher duty towards the customer than the tortious duty owed by a person to the public in general.
It’s really more akin to, say, a business that owns a nice garden that the public can enter freely, and the business makes money by leasing out spots in the garden to food vendors. If there was one particular food vendor that unquestionably gave people food poisoning multiple times, perhaps the garden owner could become liable. But if the garden owner can’t really tell for themselves whether any given food vendor (or supplier to any given food vendor) is causing food poisoning, and the visitors to the garden are visiting numerous other gardens with their own food vendors, and food vendors in gardens have a poor reputation for food poisoning known to everyone, the liability of the garden owner for the actions of a food vendor (or a food vendor’s supplier) is probably not that clear.
Is it caveat emptor? Do sites make promises that there won’t be malware or viruses?
Practically, it is much like sub-sub-sub-contractor relationships. The offending party may be several levels deep, that’s just the way some ad networks function in reality. I would imagine that if there is *any *legal responsibility, it would be at each link to show they did basic oversight or due diligence, or had some processes, or in some way weren’t grossly negligent.
Have there been no legal cases?