October 2016: Entertainment Litigation Update

by Quinn Emanuel Urquhart & Sullivan, LLP
Contact

Quinn Emanuel Urquhart & Sullivan, LLP

Pokémon GO: What Legal Pitfalls Await Augmented Reality Games? On July 6, 2016, Pokémon GO launched in the United States to immediate popularity—more than 45 million people downloaded and played the game on their smartphones in its first month. The inescapable media coverage of Pokémon GO introduced many to the concept of “augmented reality games”—or “AR games”—which use technology, such as smartphones, to prompt or direct users to take physical actions. By layering a virtual game universe on top of the real world, these AR games take to a new level more established activities, such as geocaching, in which players use GPS coordinates to track down hidden “treasure” (usually small boxes with little trinkets) or “checking in” online with a physical location.

Pokémon GO works by spawning virtual “Pokémon” (fictional animals with special abilities) at real world locations, which players identify using the game app on their mobile devices. The app also provides the real world locations where players can acquire or replenish virtual game items; can gain points, level up, and improve in status (at virtual “PokéStops”); and can battle (at virtual Pokémon gyms). Players can also add “lures” to PokéStops to attract more Pokémon for a short time—and, because the lures are visible to other players, the lures may also draw other players looking for an abundance of Pokémon. The game selects PokéStops and Pokémon gyms based on known points of interest in communities, but provides an online form for requests to remove certain locations from use as a PokéStop or Pokémon gym, as well as a form to report inappropriate game play. See https://support.pokemongo.
nianticlabs.com/hc/en-us/articles/221968408
. While game play is free, in-app purchases are available.

While many have praised AR games’ effect of drawing gamers away from their home computer and TV screens and into live interaction with humans in the real world, not everyone is happy with the consequences. Media reports have focused on two groups of the discontented: those unhappy with the travel of Pokémon GO players to a given physical location (such as police stations, museums, or homeowners’ yards) and Pokémon GO players who have been injured in pursuit of a game objective.

What exposure does Niantic, the game maker, face from these unhappy groups?

Trespass/Nuisance. Private property owners have already filed two putative class action complaints alleging nuisance and trespass violations: Marder v. Niantic (N.D. Cal., filed July 29, 2016) and Docich v. Niantic (N.D. Cal., filed Aug. 10, 2016). These complaints contend that Niantic’s placement of geographical markers on private property causes players to make unwanted incursions onto the land, causing harm, and that Niantic’s proffered solutions—allowing property owners to opt-out from being a game destination and reminding users not to venture onto private property without permission—do not absolve Niantic.

The plaintiffs’ claims seem unlikely to succeed. Tort liability for the acts of third parties is traditionally predicated on the defendant’s creation of an unreasonable risk of harm to the plaintiff. Unlike the foreseeable risk of reckless driving arising from a radio station offering a cash prize and interview to the first driver to catch a disk jockey driving around Los Angeles, the complained-of harm is not a necessary component of the game. Contrast Weirum v. RKO General, Inc., 15 Cal. 3d 40 (1975) (affirming liability against a radio station for contest participants’ reckless driving that killed another driver). Rather, the facts are more like those the Weirum court distinguished, such as harms arising from limited sporting event tickets or “get it while they last” sales. As the court explained, “any haste involved in the purchase of the commodity is an incidental and unavoidable result of the scarcity of the commodity itself. In such situations there is no attempt, as here, to generate a competitive pursuit on public streets, accelerated by repeated importuning by radio to be the very first to arrive at a particular destination.” 15 Cal. 3d at 49; see also Melton v. Boustred, 183 Cal. App. 4th 521 (2010) (sustaining demurrer, summarizing other cases involving alleged liability for third party acts, and rejecting plaintiff’s argument that “a homeowner of common sense would know that a public invitation posted on MySpace to a free party offering music and alcohol was substantially certain to result in an injury”).

Because nuisance and trespass are not “a necessary component” of Pokémon GO, the putative class action plaintiffs will have difficulty pleading and establishing that Niantic “engaged in active conduct that increased the risk of harm to plaintiffs,” which is necessary to impose “a legal duty … to prevent the harm inflicted by unknown third persons.” Melton, 183 Cal. App. 4th at 535.

Negligence/Failure to Warn. Niantic is also unlikely to be held liable for injuries players sustain as a result of their real world activities following a Pokémon GO’s map or playing late at night (when some of the best Pokémon appear for capture) in dangerous areas. Courts have historically been loathe to find a duty to protect all recipients of information from the potentially harmful consequences of relying on generally published information, even when the readers subscribed to the publication. E.g., First Equity Corp. of Florida v. Standard & Poor’s Corp., 869 F.2d 175 (2d Cir. 1989) (summarizing New York and Florida precedent and affirming dismissal of claims, explaining: “The publication at issue is a source of information disseminated to a wide public. The class of potential plaintiffs is multitudinous. Even the most careful preparation will not avoid all errors.”). The same holds true for interactive information. For example, a court dismissed claims against Google filed by a Google Maps user who was struck by a car while following Google Maps’ walking directions on a heavily trafficked rural highway. Rosenberg v. Harwood, No. 100916536, 2011 WL 3153314 (Utah Dist. Ct. May 27, 2011). While recognizing that Google may have foreseen some harm, the court concluded that the actual likelihood of injury was relatively low, the relationship between Google and the plaintiff was somewhat attenuated, and policy considerations weighed strongly against imposing the suggested duties on Google because of the heavy burdens associated with such a duty.

In addition, to the extent an injury results from a player’s use of a “lure” to attract other players, Niantic may also have a defense under the Communications Decency Act because a third party, not Niantic, is the publisher of the allegedly harmful content. See, e.g., Doe v. MySpace Inc., 2008 WL 2068064 (5th Cir. May 16, 2008) (dismissing negligence claims against MySpace predicated on sexual assault of MySpace user by another user); Gibson v. Craigslist, Inc., No. 08 Civ. 7735 (RMB), 2009 U.S. Dist. LEXIS 53246 (S.D.N.Y. 2009) (dismissing claim against Craigslist for third-party posted ad for gun that was used to shoot plaintiff).

Location Privacy. Because AR games are based around real-life conduct, they necessarily track users’ physical locations and may broadcast them to other players. Such location data has been the center of an evolving privacy law debate for many years. Last year, the Federal Trade Commission, which has established itself as the chief regulator for internet privacy, issued a lengthy report setting forth best data privacy practices. See Federal Trade Commission, “Internet of Things: Privacy & Security in a Connected World” (January 2015), available at https://www.ftc.gov/system/files/documents/
reports/federal-trade-commission-staff-report-november-2013-workshop-entitled-internet-things-privacy/150127iotrpt.pdf
. The FTC report recommends, among other things, that smartphone apps developers apply data minimization practices in order to protect consumer privacy. These practices include limiting the collection of data to that which is truly necessary to the service, obtaining user consent to collect that data, encrypting that data, limiting the length of time for its retention, and anonymizing it as associated with any particular user. Pokémon Go’s privacy policy sets forth its location data collection and sharing practices, including that it will aggregate and anonymize any location data shared with third parties. See Niantic Labs, Pokémon Go Privacy Policy, (July 1, 2016), available at https://www.nianticlabs.com/privacy/pokemongo/en. It thus seems to be complying with best privacy practices.

Future app developers who unveil similar games or features to Pokémon Go should ensure before launch that their privacy policies are robust and their location data is secure. Location data leakage, either through technological bugs or liberal data sharing policies, bears a significant risk of privacy class-action lawsuits. Just this past September, a Massachusetts district court allowed a privacy case to move forward which alleged that a smartphone news application had shared its users’ location data with third parties without consent. See Yershov v. Gannet Satellite Info. Network, Inc., No. 14-CV-13112, 2016 WL 4607868, at *2 (D. Mass. Sept. 2, 2016). Citing the Supreme Court’s recent privacy law decision in Spokeo v. Robins, 136 S. Ct. 1540, 1549 (2016), Yershov explained that “an individual’s right to privacy, both as to certain personal information and private locations, has long been regarded as providing a basis for a lawsuit in English or American courts. Also in September, a California district court allowed a smartphone privacy case to proceed to trial, explaining that smartphone applications’ “community norms of privacy” “are very much in flux.” Opperman v. Path, Inc., No. 13-CV-00453, 2016 WL 4719263, at *11 (N.D. Cal. Sept. 8, 2016) (privacy claims based on application’s unauthorized upload and sharing of address book data were not appropriate for summary judgment).

Reflecting this recognized “flux” in the law, many location privacy claims have been dismissed outright for failure to state a claim. See, e.g., In re Google Android Consumer Privacy Litig., No. 11-MD-02264, 2013 WL 1283236, at *14 (N.D. Cal. Mar. 26, 2013) (dismissing all substantive claims for privacy violations based on Google’s alleged unauthorized tracking of user location data and failure to de-anonymize that data); In re iPhone Application Litig., 844 F. Supp. 2d 1040, 1078 (N.D. Cal. 2012) (dismissing Stored Communications Act claim alleging that Apple’s smartphones had transmitted location data even after users affirmatively revoked permission to do so, but allowing two state law claims to proceed). Given the evolving state of the law, however, AR developers seeking to capitalize on Pokémon Go’s success should take care to adopt best practices to insulate themselves from privacy claims.

* * * 

Although augmented reality games must continue to be sensitive to possible real world effects, as a practical matter, the current state of tort law poses a challenge to anyone attempting to impose liability on game developers for third-party actions in games such as Pokémon GO because of the difficulty of demonstrating specific knowledge of a likely harm or an unusual special relationship between Niantic and the plaintiff.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Quinn Emanuel Urquhart & Sullivan, LLP | Attorney Advertising

Written by:

Quinn Emanuel Urquhart & Sullivan, LLP
Contact
more
less

Quinn Emanuel Urquhart & Sullivan, LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Privacy Policy (Updated: October 8, 2015):
hide

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.

Security

JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at info@jdsupra.com. In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at: info@jdsupra.com.

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.