The online business cyber-attack: DEFAMATION

The worst lies are told behind your back. Protect your business from the online cyber-attack.

It is said that the worst lies are told behind your back. That may be true. Until recently, rumors about businesses have generally been oral, fleeting in nature, and (hopefully) not given much credence. Unfortunately, the dynamics of the rumor mill are changing. Just about everything on the Web, including the good, the bad and the outright lies, is now indexed by search engines.

That leads to problems.

In the online world, rumors or outright lies are receiving unprecedented publicity primarily because Congress granted service providers (those not involved in, or responsible for, the content of a Web site) immunity from liability as publishers of defamatory content. Coupled with the anonymity of the Web, damaging lies are now easier to tell, and it is easier to tell them without getting caught. But these lies don’t just come across to others as baseless rumors. They now have credibility, because they are right there on the Internet to see! And, sometimes, others will appear to have posted similar false claims about the company, giving the appearance of independent validation.

The source of the defamation seems to come from four types of online information purveyors: Weblogs, industry forums or boards, commercial Web sites, and self-proclaimed “consumer protection” sites. There is almost always a direct economic motivation by the author. Perhaps the responsible party is an affiliate or supplier of a competitor, or the competitor itself. Consider that, recently, an online industry forum was providing customer satisfaction ratings in a seemingly objective manner. It became quickly apparent, however, that the revenue from the site was exclusively banner advertising, and those companies not advertising on the site were getting horribly negative “customer ratings.”

Of particular interest right now are the “spam” sites that label a company a “spammer” because they use a definition of spam that includes even those companies actually complying with our federal CANSPAM Act. The site owner is reportedly selling e-mail software in competition with many of those reported as “spammers” on its own site. Follow the money, because that is often the motivating factor for the publication of online defamation.

It is not surprising, then, that the most prevalent platforms for defamation are chat boards or forums on which competitors, acting like customers, offer up damaging “testimonials ” about how your company ripped them off. Of course, the author, purely for the benefit of public consumption and protection, helpfully points out that all of the people working for your company are crooks, or felons, or wife beaters. The general public, your customers and your vendors often view these comments on “public service” sites as unbiased and, therefore, truthful. If you rely on the Web to drive business sales, how many unknown prospects went elsewhere after researching your company?

Unfortunately, these are complex matters to solve. Search engines, Web sites, chat boards, “public service” sites, rating sites and the like generally won’t agree to remove a defamatory post without a court order. After all, Congress gave them immunity from liability. There are ways, however, to deal with online lies without litigation.

Sometimes the site publishing the statements is not a “service provider” since it actually influences content, and therefore is not immune. The realization of possible litigation tends to get the attention of the site proprietor if a convincing theory of liability is put forth.

Sometimes the poster can be tracked down and identified through research. An author facing a lawsuit can often be motivated to remove the offending postings. An employee’s actions are often imputed to a company, so that legal notice to a business that is a suspected source can reap dividends.

In the end, though, if litigation does become necessary to identify the author and to seek damages and an injunction, the anonymity of the Web often dissolves. The chance of identifying the author is high if you move quickly. Remember that most Web sites and ISPs keep log files and access records for between 30 and 90 days, so time is of the essence. Having your lawyer send a standard cease-and-desist form is usually illadvised; you may find it posted as support for newly alleged extortion, intimidation and harassment. All demand letters, such as the aforementioned cease-and-desist letter, must be exacting, detailed, tactful yet direct, and have interspersed within the body of the letter allegations supported by facts that the recipient would not want to post.

Going forward, then, there are steps your company can take to manage the damage caused by this type of cyber attack:

• First, monitor the search engines. I strongly recommend the “Google Alert” feature that sends out a report of indexed results based upon your keywords (consider using company, business, product, officer and key employee names). While you are at it, consider adding your key competitors to the alert for business intelligence.
• Second, designate a person to search the top engines (Google, Yahoo!, MSN, AOL, Dogpile) to look at the results for your keywords on a regular basis.
• Third, do your best to determine what your customers, and prospective customers, are hearing about you. There are ways to prevent search engine spiders from indexing a Web site, and even the most devious competitor can post lies, providing a “confidential” link to selected parties. I guess it is true…the worst lies are told behind your back.

How often does Internet defamation and related defamation of character happen? A lot more than you realize. Often times the only way to know about it is to search the engines. Just a sampling of the issues we have worked on follows:

• A prominent online business was targeted on a Web log through Internet defamation, and the posts escalated to the point that death threats were being made and a map to the company headquarters was posted. Google had indexed the blog in the first position whenever someone searched for our client.
• A small business was defamed by a competitor launching a Web site and going  far as to post a portion of the owner’s credit report.
• Industry bulletin board posts from a former customer claimed that our client was running a “scam” operation.
• A consumer protection “review” site seemed to always return extremely negative and detailed reviews of any company not advertising on the site.
• An unhappy customer launched an extensive Web site critical of our client, including false and misleading claims and altered documents.
• A nationally recognized speaker was defamed on a series of “review sites” surreptitously run and controlled by competitors and indexed high on the major search engines.
• A prominent University professor was told of a site with his name and photograph falsely claiming the he was a convicted pedophile.
• A long established and upstanding franchise company was attacked on scam reporting sites by a disgruntled former franchise holder.
• Our Web hosting client was wrongly sued for hosting an allegedly defamatory Web site, despite being immune under federal law.
• A dissatisfied distributor of our client’s products used a copy of the client’s e-mail customer list to send out defamatory e-mails to all of the client’s customers.
• Our client is sued in California for allegedly defamatory postings on a Web site forum made by a third party.
• Dissatisfied customers of our client decide to publish defamatory statements that quickly show up on the first page of organic Google results.
• Our client’s business was initially referred to by a popular blogger as a “scam”, an inaccurate description requiring immediate attention since the results were showing up at the top of Google’s results.
• A business was told it would have to pay a very significant amount of money for a defamatory posting to be removed from a rip off reporting site.
• The major business bureau issued a fraud warning on our client, threatening the existence of its business, without having conducted adequate due diligence and appropriate analysis to fully understand the nature of the business.
• The President of an online marketing company was in the “cross hairs” of a former client. The former client launched a site dedicated to attacking our client’s business and posted links on a major scam Web site to his personal site, demanding money to take it down.
• A disgruntled customer posted a string of defamatory comments on its Web site and demanded an exorbitant sum to take them down.
• An “industry rating” Web site had our client baffled…the great majority of complaints were about them. After investigation, it became clear that the site was owned and controlled by its chief competitor.