Eric Goldman is a well-known and very highly regarded expert in the area of internet law. He currently is a law professor at Santa Clara University School of Law. He also has worked as general counsel of an internet start-up and as a technology transactions attorney for a firm in Silicon Valley. I asked him about his thoughts on the relationship between the law and the internet, regulating the internet, and lawyers applying the law to the internet. 

What are the top three mistakes you think lawyers make when it comes to the internet and the laws applied to it? How can these mistakes be avoided?

1) Blaming the wrong parties. Plaintiffs’ lawyers routinely sue multiple defendants, even those tangentially related to the principal wrongdoer. However, Congress severely restricted the number and identity of online defendants in 47 USC 230, which basically dictates that there should be only one defendant–the content originator–for any item of problematic content. It’s highly embarrassing when plaintiffs don’t know this fundamental rule that’s been on the books over 2 decades, and it can be an expensive mistake in the face of fee-shifting provisions like anti-SLAPP laws.

2) Online contract formation. Forming online contracts is pretty straightforward: require users to signal their assent with a click in response to a clear and prominent “call to action.” Yet, over and over again, big companies with smart lawyers have their online contracts tossed in court. Sometimes this is due to rogue engineers; which can be overcome through better QA processes that ensure the lawyers are involved in the product decisions both at the beginning and the end. Occasionally the marketing people deliberately push the envelope on contract formation, and usually the lawyer can combat this by showing how many brand-name companies have chunked their online formation process.

3) Misjudging the business case for litigation. Over and over again, I see plaintiffs bring cases that lack economic rationality. For example, I keep a list of cases where trademark owners sued over competitive keyword advertising using their trademarks, only to find that the defendant got minimal or no sales from the advertising. In these cases, the plaintiffs spent tens of thousands of dollars to prevent activity that may have cost them tens of dollars of profits or revenue. If they don’t get their attorneys’ fees from defendants (and the Lanham Act awards fee shifts only in “exceptional” cases), the plaintiff almost certainly could have achieved better economic outcomes with different advice.

What is your view regarding those who have the said that the courts lack being tech-savvy and that has, in turn, been detrimental to the governance of the internet?

Many judges have below-average first-hand experience with the Internet. However, judges routinely deal with legal questions where they lack domain expertise. Thus, the burden is on the litigators to make sure the judge adequately understands the Internet. So often complaints about the judges’ technological illiteracy is really a reflection of litigators’ failure to bridge that gap.

I know that California recently passed California Consumer Privacy Act. Will other states follow suit at some point? Do you think that the US will ever have something akin to the GDPR?

California’s move has forced the issue. The California Consumer Privacy Act (CCPA) is so misguided and poorly drafted that it seems like Congress may have to act to override it. However, several parts of the GDPR that would be clearly unconstitutional under the First Amendment. So it’s possible we will see deviations from the GDPR approach–just like the CCPA took a pretty different regulatory approach than the GDPR.

What is your take on balancing the need to innovate with the need, if there is one, to regulate?

Regulating innovation is tricky for two reasons. First, it’s virtually impossible to predict how new innovations will be used or how follow-on development will change the implications. Second, future innovators who might be inhibited by new regulations are not able to advocate for their interests because, by definition, they don’t yet exist. Instead, we rely on incumbents and civil society to represent the interests of future innovators during these regulatory processes, even though neither group’s interests are precisely aligned with future innovators’ needs. As a result, regulators who intervene too early with new technologies often mis-calibrate the regulations and degrade the long-term arc of innovation. In contrast, regulators can find more success by creating safe harbors and immunities to protect innovation in rapidly evolving technologies, and then revisiting regulation after the social implications of the innovations have emerged more clearly.

In what ways has the law evolved for the better or the worse in terms of governing the internet?

In the 1990s, regulators passed laws to protect Internet activity, such as Section 230 and the Internet Tax Freedom Act. These foresighted laws were essential to the growth and success of the Internet.

Since then, regulators have increasingly viewed the Internet with suspicion, typically fueled by techno-panics about the potential for catastrophic consequences from technological evolution. These laws have routinely been ill-advised and detrimental.

The other thing that has changed is the sheer volume of Internet-specific law. We have too much law, and we’re seeing slowdowns in innovation and reductions in competition as incumbents can afford to comply with the law while startups are chilled by the higher costs of entry due to the massive stack of regulation.