On September 17, 2009, Microsoft Corporation (Microsoft) filed five lawsuits in the Superior Court of King County, Washington, alleging that malicious online advertisements, "malvertisements," caused users of Microsoft products to purchase and download malicious software, or "scareware" onto their computers, resulting in damage to consumers as well as to Microsoft's business. Microsoft has requested relief in the form of damages and injunctive relief.
All five suits name anonymous defendants, as Microsoft has been unable to locate the true identities of the persons driving this alleged activity. Microsoft has, however, identified the individuals by the fictitious business names believed to be used by the unknown individuals, namely, DirectAd Solutions, Soft Solutions Inc., Qiweroqw.com, ITmeter Inc., and ote2008.info, noting that Microsoft will amend the complaints once the true identities of the individuals behind the alleged activities are known. The discussion below is limited to the discussion of Microsoft's complaint against DirectAd Solutions.
Microsoft alleges in its complaint against one defendant, JOHN DOES 1-20, d/b/a DirectAd Solutions ("DirectAd"), that DirectAd posed as an ad agency working on behalf of Global Travel International, a legitimate company. DirectAd allegedly placed an ad with Microsoft for display on the MSN network of websites. Microsoft alleges that, according to information and belief, DirectAd has no affiliation to Global Travel International.
Microsoft alleges that DirectAd used this advertising space to direct consumers to a website which created the impression that the consumer's machine was being scanned for infection by Microsoft security software. The scan returned a list of "dangerous files" and urged consumers to purchase fake security software to eliminate them and protect against future problems. According to the complaint, Microsoft has determined that each scan was preprogrammed, and thus false, as was the furnished software. In addition, Microsoft alleges that DirectAd's website, where the false security software or "scareware" was made available, resembled the "look and feel" of Microsoft's Windows XP operating system, that the website generated a look-alike Windows Security pop-up alert and deceptively used Microsoft's trademarks. Microsoft alleges that these instances created the impression that this website, the warning, and the software available for purchase were associated with Microsoft.
Microsoft's prayer for relief requests temporary and permanent injunctive relief against DirectAd, actual damages in amounts to be proven at trial, disgorgement of DirectAd's ill-gotten profits, statutory damages as available, enhanced damages in an amount to be proven at trial under Washington law, and attorneys' fees and costs. Microsoft's claims against DirectAd, which constitute the force behind Microsoft's prayer for relief, are summarized as follows:
1) Violation of §4 of Washington Computer Spyware Act, alleging that DirectAd induced consumers to install software, deceptively misrepresenting the extent to which the software was necessary. As a result, Microsoft has been adversely affected and is entitled to injunctive relief and actual or statutory damages (whichever is greater) in addition to attorneys fees.
2) Violation of the Washington Consumer Protection Act, alleging that DirectAd's activities in targeting Microsoft's programs and customers constitute deceptive practices affecting the public interest.
3) Breach of Contract, alleging that DirectAd entered into a contractual agreement with Microsoft in purchasing ad space, and that DirectAd's submission of a malvertisement breached numerous terms of the agreement and has damaged Microsoft.
4) Fraud, alleging that DirectAd knowingly and with intent to deceive made false and misleading representations, knowing that Microsoft would rely upon them.
5) Trademark Infringement under the Lanham Act 15 U.S.C. § 1114, alleging that DirectAd's use of Microsoft's trademarks was unauthorized and constituted counterfeits of Microsoft's trademarks to promote, market or sell products and services, thus damaging Microsoft.
6) False Designation of Origin under the Lanham Act – 15 U.S.C. §1125(a), alleging that DirectAd used Microsoft's trademarks in a manner that is likely to cause confusion, mistake or deception as to the origin, sponsorship or approval of such goods or services, thus damaging Microsoft.
7) Unfair Competition/False Advertising under the Lanham Act – 15 U.S.C. §1125(a), alleging that DirectAd has used Microsoft's trademarks in connection with goods or services with false, misleading descriptions in commercial advertising, thereby misrepresenting the nature or qualities of their, or another person's goods or services.
8) Violation of the Federal Computer Fraud and Abuse Act – 18 U.S.C. §1030(a)(2), (4), and (5), alleging that DirectAd knowingly and with the intent to defraud accessed a protected computer without authorization, attempting to obtain value. Microsoft also alleges that DirectAd knowingly caused the transmission of a program or other information via computer with the intent to cause damage, resulting in loss of at least $5000 to one or more persons during a one-year period.
9) Intentional Interference with Contractual Relationships and Business Expectancies, alleging that Microsoft has contractual relationships and business expectations based upon the programs, services and software it provides to consumers; that DirectAd knew of these relationships; that DirectAd promoted and sold scareware targeting Microsoft programs, knowing that this activity would interfere with Microsoft's existing and prospective contracts with consumers.
10) Unjust Enrichment, alleging that DirectAd's conduct constitutes unjust enrichment at Microsoft's expense in violation with Washington common law.
DirectAd's response, as well as the response from the other John Doe defendants has yet to be seen.
In addition to Microsoft's own battle against malvertisements and scareware, in the days before these actions were filed, the New York Times claimed that it unintentionally ran an advertisement on its website for a supposedly legitimate company. This ad redirected consumers to a promotional website for anti-virus software, persuading them to purchase additional protection, much like the activity alleged in the Microsoft complaints.
It has been suggested by some that the incident with the New York Times and the instances involving Microsoft are linked. Whatever the case, these situations point to potential vulnerability in even the most trusted online sources, and raise an increased need for consumers' own skepticism in online marketing. Although safety in exposure to internet marketing has increased substantially, thanks to policing efforts by entities such as Microsoft and the New York Times, among others, if consumers operate with a heightened sense of awareness and responsibility, purveyors of malvertisement and scareware scams will see their profit base dissipate.
Vol. 53, June 2010