[UPDATE: Note the change in the legal analysis below.]
The Complaint is available here; it claims that the newspaper’s identifying Judge Shirley Strickland Saffold as the supposed author of items posted under the “lawmiss” account breached the newspaper’s Privacy Policy. A bit of background, from a WKYC story:
A comment by an Internet poster identified only as “lawmiss” on cleveland.com concerning the mental state of a relative of a Plain Dealer reporter was removed for violating the site’s policy against personal attacks.
The Plain Dealer reported March 22 that the online editor looked into who “lawmiss” was, and linked the “lawmiss” anonymous comments to Judge Saffold’s personal e-mail account.
Subsequent articles in the Plain Dealer noted that further investigation showed several “lawmiss” posts about an attorney….
[UPDATE: Whoops, I’d planned to include some more information, but neglected to; here it is:] The posts related to some of the cases decided by the judge herself.
A UPI story reports that the the judge and her attorney “claim any comments from a user going by the name ‘lawmiss’ connected to cases involving the judge were most likely left by the judge’s 23-year-old daughter Sydney, an aspiring law student,” though there is of course controversy about that.
Here’s my thinking: If the policy is seen as a binding promise on the newspaper’s part not to reveal commenters’ names, there’s no First Amendment problem with awarding damages for breach of that promise, even when the publication is on a matter of public concern and about a public figure. See Cohen v. Cowles Media (1991).
And it seems to me that the policy indeed promises not to disclose commenters’ identities, except in the ways that are specifically mentioned. The policy is described as involving “terms and conditions” that the user is said to “agree to” by using the Web site; that suggests that the newspaper is making binding promises there.
Nor do any of the exceptions seem to apply here. In particular, the statement that “In addition, we reserve the right to use the information we collect about your computer, which may at times be able to identify you, for any lawful business purpose, including without limitation to help diagnose problems with our servers, to gather broad demographic information, and to otherwise administer our Website” (emphasis added), doesn’t seem to cover the publication of the name of the commenter (as opposed to information about the computer). This is especially so because reading the exception as covering all revelation of information for a “lawful business purpose” would essentially undo all the privacy protection that the rest of the policy provides.
UPDATE: On the other hand, as some commenters pointed out, the User Agreement, which is as binding as the Privacy Policy, provides, “You hereby agree to release service provider, its affiliates and third-party service providers, and each of their respective directors, officers, employees, and agents from claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, suspected and unsuspected, disclosed and undisclosed …, arising out of or in any way connected with your use of this site.” So it might be that this makes the Privacy Policy entirely unenforceable, if courts are willing to accept the user agreement as the all-encompassing waiver of any right to make any claims under any agreements that it seems to be.
But have a look at the policy yourself, and see what you think. An interesting “it’s a small world” item: Ted Diadiun, the Reader’s Representative at the Cleveland Plain Dealer (which is the defendant in this case), was a codefendant in Milkovich v. Lorain Journal, the 1990 Supreme Court libel case.