Results 1 to 7 of 7
  1. #1
    Join Date
    Oct 2017
    Posts
    2

    Default Can You Sue an Antivirus Companies for Falsely Flagging Your Site

    My question involves defamation in the state of: Any

    These days, it's the independent developers that are hit hardest by antivirus companies claiming that a website or software is malicious in some way. It can be detrimental to a developer if a customer's (potential or established) antivirus pops up saying that the developer's produce is malware. This notification has a ripple effect especially in this social-media age and can render a business "tainted" for a long time.

    I have read another thread about the very same subject on this forum but the thread was closed prematurely as I feel it deserves more discussion. In the previous thread, it was asked how one would prove that the statements from an antivirus program caused revenue loss.

    Defamation according to FindLaw:

    First, the plaintiff must prove that the defendant made a false and defamatory statement concerning the plaintiff - I think this first one is easily proven - either the software is malware or it's not. I think in a court, the defendant would be given the opportunity to prove that it IS (if possible).

    Second, the plaintiff must prove that the defendant made an unprivileged publication to a third party.

    I don't know what this second part means - maybe someone could help with that.

    Third, the plaintiff must prove that the publisher acted at least negligently in publishing the communication.

    I think this could be easily proven if the software is not malicious - the defendant would have to prove that it acted in good faith and with some kind of proof that the software was dangerous in some way.

    Fourth, in some cases, the plaintiff must prove special damages.

    Easily proven with convincing sales statistics.

    Defamatory Statement examples according to FindLaw:

    1. A communication that suggests the plaintiff was involved in a serious crime involving moral turpitude or a felony
    2. A communication that exposes a plaintiff to ridicule
    3. A communication that reflects negatively on the plaintiff's character, morality, or integrity
    4. A communication that impairs the plaintiff's financial well-being
    5. A communication that suggests that the plaintiff suffers from a physical or mental defect that would cause others to refrain from associating with the plaintiff

    I would focus on number 4 (and possibly 3)

    I believe that it may be possible to successfully litigate a case like this if the business were to use sales statistics for proof. The statistics would need to show sales trends from years before the event and show a sharp decline in sales after.

    What do you think?

  2. #2
    Join Date
    Sep 2010
    Posts
    19,901

    Default Re: Antivirus Companies and False Positives

    Just because the software mistakenly identified something as a threat doesn't make it defamation. Now if the manufacturer specifically and with intent to harm put your product in a database of dangerous software you might have a claim, otherwise I'm failing to see an action no matter how financially harmed you are.

  3. #3
    Join Date
    Sep 2005
    Location
    Behind a Desk
    Posts
    98,846

    Default Re: Can You Sue an Antivirus Companies for Falsely Flagging Your Site

    Odds are the prior thread isn't closed -- just that it's a very old thread to which new members cannot post. It would have been helpful for you to link to it.

    The underlying issue is why the site is flagged, and what remedies are available to the webmaster. If the site is flagged by a company that knows it is wrongly flagging sites, and they want money to remove the flag, then that would provide a potential basis for both civil litigation and criminal litigation. If it has been flagged because it contains an unusual script that looks like malware, then it would not be unreasonable for an anti-virus company to flag the site as a service to its customers -- "Stop! This site may contain malware".

    The facts matter.

    Sharing an opinion, even if wrong and even if harmful to the target's reputation or income, is not ordinarily a basis for a defamation action.

  4. #4
    Join Date
    Oct 2017
    Posts
    2

    Default Re: Can You Sue an Antivirus Companies for Falsely Flagging Your Site

    Quote Quoting Mr. Knowitall
    View Post

    The facts matter.

    Sharing an opinion, even if wrong and even if harmful to the target's reputation or income, is not ordinarily a basis for a defamation action.
    I agree that the facts matter but how does the end-user know that it's just an opinion? It is certainly expressed as a fact in the scary popup. To the user, it is presented as fact.

    In other words, These people are holding up signs and pointing at people:

    1. I am a regular person, and I think that guy is a rapist.

    vs

    2. I am I private investigator and I'm sure that guy is a rapist.

    vs

    3. I am a regular person and I know that guy is a rapist.

    Number 1 is an opinion. Number 2 and 3 are presented as fact. Why are 2 and 3 not actionable?

    There is also another argument to be made here. I believe that people are under the impression that a personal statement by a human is different than software written by a human. In fact, they are both the same. Take this example, for instance:

    Let's say I have a website with the sentence, "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua."

    1. Someone developing for an antivirus company once ran across a terrorist website that contained the words, "eiusmod tempor".
    2. The developer then decided to add the words, "eiusmod tempor" as a signature for categorizing terrorist websites.
    3. People with this antivirus visit a website that contain those words and are presented with a big scary statement on the user's screen that it is a terrorist website and blocks it.

    There is absolutely no difference between someone writing software that proclaims that this website is related to terrorism and any other person making the same statement elsewhere OTHER than the fact that the software gets to make this claim directly to every user who visits the website.

    Antivirus software works by looking at very small portions of executable files - that's it. There is no testing, no vetting, no review, no nothing. it's up to the antivirus company to decide what tiny part of an executable it looks at.

  5. #5
    Join Date
    Sep 2005
    Location
    Behind a Desk
    Posts
    98,846

    Default Re: Can You Sue an Antivirus Companies for Falsely Flagging Your Site

    This has absolutely nothing with one person accusing another of being a criminal. It has to do with an algorithm detecting signals on a website that suggest that it may be infected with malware, and warning subscribers of a service of that possibility. Try to stick to relevant subject matter, as this discussion will end up going nowhere.

    As for flagging sites based upon possible inappropriate content, all of those algorithms are over-inclusive. Some of the sites blocked by filters that screen for "age appropriate" content are, to a human eye, absurd. But such is life. If somebody wants to subscribe to a filter that is over-inclusive, whether to protect themselves from malware or to protect their kids from inappropriate content, it's their right to do so.

  6. #6
    Join Date
    Oct 2014
    Posts
    8,238

    Default Re: Can You Sue an Antivirus Companies for Falsely Flagging Your Site

    Quote Quoting SandStrom
    View Post

    First, the plaintiff must prove that the defendant made a false and defamatory statement concerning the plaintiff - I think this first one is easily proven - either the software is malware or it's not. I think in a court, the defendant would be given the opportunity to prove that it IS (if possible).
    Not so fast. With defamation claims you start by analyzing the exact statements made by the defendant. And if the statement made is something like "Our system has detected indications that [name of site] may contain software that could be harmful to your computer” then that statement may indeed be factually true even though it turns out that the site does not actually contain anything that would harm the computers of visitors to the site. If the statement is factually true then it is not defamatory.

    Quote Quoting SandStrom
    View Post
    Second, the plaintiff must prove that the defendant made an unprivileged publication to a third party.

    I don't know what this second part means - maybe someone could help with that.
    This means that the statement had to (1) be made to some person other than the plaintiff himself/herself and (2) the law does not provide a privilege that protects the defendant even though it turns out the statement is false. There are certain circumstances in which the law protects a defendant from liability for the statements he makes. For example, often complaints to law enforcement of criminal activity or reports to a child protection services agency are protected from defamation claims so long as the person making the complaint did not not the information reported was untrue. The reason for that privilege is to encourage the public to report possible crimes and abuse so that the government may check them out. No privilege in any state would cover this virus flagging situation, however.

    Quote Quoting SandStrom
    View Post
    Third, the plaintiff must prove that the publisher acted at least negligently in publishing the communication.

    I think this could be easily proven if the software is not malicious - the defendant would have to prove that it acted in good faith and with some kind of proof that the software was dangerous in some way.
    Note that not all states require negligence as part of a defamation claim. But if the plaintiff must prove negligence then the burden is on him to prove the negligence, not on the defendant to “to prove that it acted in good faith and with some kind of proof that the software was dangerous in some way.” Not that negligence generally means that the defendant took reasonable steps to avoid the harm, not that the defendant had to be right. Thus, if the defendant took reasonable care in flagging potentially dangerous sites he may not be negligent even if it turns out the site was not, in fact, dangerous.

    Quote Quoting SandStrom
    View Post
    Fourth, in some cases, the plaintiff must prove special damages.

    Easily proven with convincing sales statistics.
    It may not be as easy as you think. Many a plaintiff has been shocked to lose a case that he or she thought was “easy.” The plaintiff’s own bias in looking at the evidence blinded them to what that evidence might look like to some stranger who is not as intimately involved with the situation as the plaintiff himself/herself is.

    In general defamation claims are tricky ones to bring and can end up costing a large amount to litigate. If it was so easy, you would think there would be rash of defamation lawsuits already out there in the situation you pose. But I’m not seeing that to be the case.

  7. #7
    Join Date
    Sep 2005
    Location
    Behind a Desk
    Posts
    98,846

    Default Re: Can You Sue an Antivirus Companies for Falsely Flagging Your Site

    Quote Quoting Taxing Matters
    View Post
    It may not be as easy as you think.
    In this context, it would apparently mean that a developer would be pointing to flags on clients' accounts, then claiming that the flags caused the client to lose business -- whether with that client or others. The thing is, if you are doing something on the websites you design that cause them to routinely be flagged as containing potentially malicious scripts, you're doing something wrong. Even if you can show that whatever you did that caused your clients' sites to be flagged ended up costing you business, the big question is why you didn't fix what you were doing so as to stop disserving your clients by creating sites that produce those erroneous warning messages. After all, the overwhelming majority of web designers manage to pull off that feat, ever day.

    1. Sponsored Links
       

Similar Threads

  1. Sex Offenses: Soliciting Somebody on a Chat Site Who Falsely Claims She is an Adult
    By Corolla2791 in forum Criminal Charges
    Replies: 2
    Last Post: 08-30-2016, 06:19 AM
  2. Libel: Background Check Site Falsely Reports a Criminal Record
    By ConfusedAndWorrying in forum Defamation, Slander And Libel
    Replies: 4
    Last Post: 11-23-2015, 07:18 AM
  3. False Light: Trying to Sue Irresponsible Antivirus Company for Lost Revenue
    By Sebalv in forum Defamation, Slander And Libel
    Replies: 30
    Last Post: 07-22-2011, 11:39 AM
  4. Copyright Law: Am I Allowed to Use Images from Another Site, Posted by the Site 'Guests'
    By nissangtr in forum Intellectual Property
    Replies: 4
    Last Post: 12-04-2010, 08:14 PM
 
 
Sponsored Links

Legal Help, Information and Resources