Spyware, trade-secret theft, and $30m in damages: How two online support partners spectacularly fell out On Thursday, a jury in a federal court in Oakland, California, found call center biz [24]7.ai – as in, 24/7 – guilty of unfair competition and stealing trade secrets from chatbot maker LivePerson, awarding the company more than $30m in damages. The case was filed in 2014. In its complaint [PDF], LivePerson described how its …
7 years probably represents the time required to get the legal fees up to the value of the clients. With enough money at stake litigation can continue for centuries.
(SCO vs IBM started in 2003 and was dismissed in 2016. There was an appeal and AFAIK that is still in "progress". Can someone with a time machine check to see if it is still a thing in 2503?)
Perhaps LivePerson have technology I haven't encountered, but in my experience, all these automated systems basically return a response saying:
The answer to your question may be found buried in our website, or, if not, you'll have to trawl the internet for a customer services number that we no longer publish in case you actually ring it.
If that's your attitude to customer service, why would you waste money on systems that utterly fail to disguise it?
Well at least the curent chatbots somewhat react to input like "i will not type into chatbots and want a real person" by redirecting you to the next functionally identical chatbot.
Customer service is irrelevant, once the product has been sold. Look at googles widevine DRM, they explicitly refuse to do end customer support, reminds a bit of microsoft, doesn´t it ?
Those "help" sites are just the bare minimum to fake a kind of "customer support". As long as mandatory warranties and other enforced customer rights get eroded more and more, this tendency will continue to pollute the relationship to customers until once no warranties (either expressed or implied) are enforced by law, all those fake "support centres" will also shut down promptly.
Yup. eBay, Google, etc are all essentially uncontactable by customers.
Eg, PayPal cancelling Tor supporters:
https://www.eff.org/deeplinks/2021/06/paypal-shuts-down-long-time-tor-supporter-no-recourse
[24/7, it's claimed, maliciously disrupted LivePerson technology on the websites of customers, misrepresented data related to LivePerson's technology, services, and system performance to promote its own competing service, and "[injected] spyware into LivePerson’s databases, through unauthorized use of LivePerson’s copyrighted code, in order to gather information regarding the operation of LivePerson technology—presumably to reverse engineer LivePerson’s technology."
"Once 24/7’s live-interaction software has been installed on a website that also contains LivePerson’s technology, it appears that 24/7 improperly injects 'spyware' into LivePerson’s systems," the complaint states. "24/7’s spyware appears expressly designed to capture confidential and proprietary information and data regarding LivePerson’s technology and client relationships."]
I have my doubts that LivePerson's databases were breached as claimed. The unauthorized use of LivePerson's copyrighted code is also questionable but plausible. "Presumably to" weasel words alert! And "reverse engineer" is a valid legal means of deriving trade secrets, but should have been covered in the agreement specifically. It can also be hard to prove reverse engineering as a defense if one has access to said secrets. "Appears" twice mentioned in claims is also a weasel word.
I think most of the implementation was using javascript. Javascript which runs in the web browser in the context of the website but hosted by other servers. Something called cross-site scripting which used to be considered a security issue. Web browsers have little to no sandboxing of javascript coming from the site's domain or other domains referenced from the site's domain. It is trivial to mess with javascript in a browser session when your javascript is executing in the same session. If LivePerson's trade secrets are represented by this javascript then there is essentially no protection of the trade secret. While the javascript itself may be protected by copyright the methods it embodies are not. Patent protection is better suited for that situation. Trade secrets rely upon confidentiality agreements prior to revealing them. But if the trade secret is being revealed to any web browser visiting the clients' sites, then confidentiality is questionable.
I know precedents in other cases went the other way for trade secrets in similar circumstances. I wonder if the court understood the technology well enough to make the decision. Or, did LivePerson's lawyers put on a good show while 24/7's dropped the ball.
"LivePerson provides online engagement technology, which takes the form of chatbots that corporate clients add to their websites to field questions, gather interaction data, and reduce customer support costs."
Sorry.... Well actually no I'm not sorry. It really pisses me off when outfits think a chatbot or any other sort of automated non-human "entity" is a substitute for a real live person.
Particularly when you try to get through to a person and all you get it that F**KING BOT!!!
If I want to "talk" to a non-human about a techinal or other issue, I'll talk to my cat. He's a billion more likely to respond with something useful.
"LivePerson provides online engagement technology, which takes the form of chatbots that corporate clients add to their websites to field questions, gather interaction data, and reduce customer support costs."
Or, to be more precise, just trim 'er support costs' off the end.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
