On July 27, 2010, a Federal Judge sitting in the Southern District of New York ruled that a search engine could sue for gross negligence against its Internet service provider, even though the search engine had signed a waiver of liability. In Baidu, Inc. v. Register.com, 10 Civ 444 (SDNY 2010), the Court was presented with a case in which a company that operates one of the world’s largest search engines, Baidu, Inc., was shut down for a number of hours by hackers from the “Iranian Cyber Army.” Once the hackers penetrated the website’s security protocols, they posted an Iranian flag and a broken Star of David.

As reported in the New York Law Journal, Volume 224, No. 10 (2010), the parties admitted that the ISP agreement had clearly stated that Baidu, Inc. was proceeding at its own risk and would provide its own security. However, the hacker was able to penetrate by emailing Register.com that it had lost its password. It provided a new password, notwithstanding the fact that the hacker was unable to answer the security questions.

The Court held that the gross negligence by Register.com was either intentional wrongdoing or at the very least, “reckless disregard for the rights of others.” On that basis the Court allowed the case to proceed on the claims of gross negligence and breach of contract.

Comments/Questions: ljm@gdnlaw.com

© 2009 Nissenbaum Law Group, LLC