MLS Data Security
One of the issues raised by Internet Data Exchange (IDX) and Virtual Office Websites ("VOW") is how an MLS can continue to protect the security of MLS data in this new Internet environment. Below is a chronological summary of past cases where REALTOR® Associations and MLSs brought lawsuits against individuals and/or companies who were using the MLS data in an unauthorized way. Following the summaries are some tips that can be gleaned from these cases, which are intended to help MLSs and associations protect their data and databases.
Greater Lansing Board of REALTORS® v. Dobson Van Lines (MI)
In 1985, the Board suspected that a moving company had unauthorized access to MLS data because the moving company was contacting property owners before any "for sale" signs appeared in the yards of the property owners. The Board hired a private investigator to pose as a potential customer, and the detective was able to gather information which confirmed that the moving company had unauthorized access to the MLS information.
The Board filed a lawsuit against the moving company in federal court, alleging copyright infringement. The Board had properly registered the MLS database with the United States Copyright Office. During discovery, a sales agent for the moving company admitted to buying MLS sheets from a member of the Board. Eventually, the parties settled the dispute, with the moving company paying damages to the Board and also agreeing to the entry of a permanent injunction barring it from accessing the MLS in the future. Subsequently, the MLS took disciplinary action against the MLS participant who sold the listing sheets and the MLS's right to take such action was upheld by a court.
Southern California Van Lines v. San Fernando Valley Board of REALTORS® (CA)
The Board and the California Association of REALTORS® brought a lawsuit against approximately ten different moving companies and other individual defendants for copyright infringement based on the copying of MLS publications or providing the copied MLS publications to other defendants. The Board learned that the unauthorized users, primarily moving companies, were receiving access to the MLS data in a number of ways. Some MLS subscribers were selling MLS data or even their passwords to intermediaries, who then used that information to create mailing labels for properties listed in the MLS, which were then sold to moving companies. Some of the defendants were illegally obtaining the information by hacking into the MLS database or even by digging through the dumpsters of real estate offices for listing information.
After bringing the lawsuit, a number of the defendants settled with the Board, paying damages of approximately $80,000. Thereafter, the case proceeded to trial against the remaining defendants. The court ruled in favor of the Board, determining that the MLS copyrights were valid and the defendants had infringed those copyrights. The court awarded approximately $120,000 in damages to the Board for infringements that occurred after the Board began registering its MLS publications with the United States Copyright Office.
Montgomery County Association of REALTORS® v. Realty Photo Master (MD)
In 1988, Realty Photo Master ("RPM") began offering to MLS participants a software system which digitized and downloaded to a real estate agent's personal computer photographs of homes that were offered for sale. In order to identify and photograph properties listed for sale in the system, RPM needed to gain access to the Association's MLS. RPM persuaded a MLS participant to provide such access. RPM then sold its database of computerized photos of homes to several MLS participants.
Upon discovering that RPM was accessing its MLS database, the Association sued RPM alleging that RPM's use of its database constituted copyright infringement and RPM countersued, alleging antitrust violations. The court determined that the computerized MLS database was copyrightable and that copyright registrations secured by the Association were valid. However, the court did not reach the question of whether RPM violated Association's copyright. Although RPM conceded that it downloaded the MLS database into its computer, it had gained access to the database through an agreement with an MLS participant and so an issue existed as to whether RPM's downloading was authorized. After the Association received judgment in its favor on the antitrust allegations and had entered into an agreement with another vendor to digitize the property photographs in its database, the Association dismissed the copyright infringement claims against RPM, since it no longer had any reason to pursue these claims.
REALTOR® Association of Greater Fort Lauderdale v. Property America Corp. (FL)
In 1998, the Association became aware that the defendants were “pirating” information from the MLS and posting it on their free Internet site. A broker participating in the MLS was giving the Defendants computer disks containing unauthorized copies of the MLS database. The Defendants claimed not to know where the information came from, although they admitted that they assumed it came from the Association’s database.
The Association filed a lawsuit against the Defendants seeking to stop the pirating of MLS data. The Association sought to immediately stop the Defendants’ from pirating and posting the MLS information on its website by obtaining a preliminary injunction. The court ruled that the MLS data was entitled to copyright protection, but the court declined to enter a preliminary injunction against the Defendants because the court found that money would compensate the Association for its damages and so a preliminary injunction was not necessary. The case eventually settled on terms that were favorable to the Association.
RMLS v. IMS, Inc. (OR)
The MLS discovered that IMS, Inc. had unauthorized access to its database. IMS was downloading the MLS data and repackaging it into statistical reports, selling these reports to members of the MLS. The MLS filed a lawsuit seeking a permanent injunction against IMS to stop the piracy of its data, pursuant to an Oregon law outlawing data piracy. Eventually, the parties reached a settlement, with IMS agreeing to the entry of a permanent injunction against its entry into the MLS database, unless it first received prior written permission from the MLS. The remaining terms of the settlement are confidential.
Arizona Regional MLS v. Doe (AZ)
The MLS became suspicious that moving companies were receiving unauthorized access to the MLS. The MLS "seeded" a listing, using their attorney's home (which was located in a gated community) as the bait and selecting "Internet "No"" when the listing was submitted to the MLS. When the moving companies solicited the attorney, the MLS filed a lawsuit against "John Does", and subpoenaed the moving companies for the source of their information. When the moving companies identified two MLS participants as the source of the information, the MLS named them in the lawsuit, alleging violations of the MLS rules and breach of their agreement to abide by the MLS rules. The two participants are claiming that they obtained this information over the Internet, not from the MLS. The lawsuit is pending.
Tips for Securing MLS Data
A number of lessons can be drawn from the above cases. First, it is important to copyright the MLS database. As illustrated by the cases above, an MLS database is entitled to copyright protection and infringement of the MLS's copyrights entitles the MLS to statutory damages. For more information about how to copyright your database, click here.
Second, you will need to be able to prove to a court that someone has received unauthorized access to the MLS database. As illustrated above, the MLSs, working with their attorneys, have come up with a variety of creative ways to confirm their suspicions of unauthorized MLS access by certain individuals and/or companies prior to filing a lawsuit. In some of the cases, the MLS used the discovery process to learn how the unauthorized users were able to obtain the MLS information and identify the MLS participants who were giving these users access to the MLS database.
Third, as demonstrated by the Oregon data piracy case, don't forget about your state's laws, as they may also be another useful tool in pursuing data pirates.
Finally, a participant's failure to abide by the MLS rules and regulations, gives rise to a breach of contract action against an MLS participant and/or disciplinary proceedings.
For a general article about protecting your MLS from data pirates, click here to read an article by Ralph Holmen, NAR's Associate General Counsel.