RSS Hijacking? A threat to podcast and blogging infrastructure?

I received an email from Erik Marcus, the podcaster responsible for and the "Erik's Diner" podcasts. Erik informed me that his podcast's RSS feed was "hijacked". I was at first unclear on how this really happens, but he laid it out for me quite simply and is hoping to warn others who might have this happen to them. Here's what Erik writes:

RSS hijacking is different [from domain hijacking]. Most podcasters/bloggers are not technically savvy, and the technique used for hijacking their feeds doesn't involve swiping passwords or overt illegal methods. Rather, it merely involves finding a target podcast, and creating your own
unique URL for it on a website you control. You then point your URL to the RSS feed of the target podcast. Next, you do what it takes to make sure that as new podcast search engines come to market, the page each engine creates for your target podcast points to your URL instead of the podcast creator's official URL.

After taking these steps, Erik explained that the hijacker "counts on the fact that most bloggers/podcasters won't care or won't notice that iTunes' et al.'s pages aren't pointing to their own URL. Since the URL points to their RSS feed, everything works fine and listeners will be able to hear their show through iTunes, Yahoo, etc." The RSS hijacker can then sit back back for months or year letting "the target continue to grow his/her show's listenership. At some point, [the hijacker] can then spring out of the woodwork and demand payment from [the] target [podcaster]." The podcaster is "supremely vulnerable", because the hijacker can at any moment change URL pointer to any other show of the hijacker's desire and the target podcaster's audience will "vanish."

Unfortunately, this is what has evidently happened to Erik's Diner podcast. Overnight he has lost at least 75% of his audience. He's left with fixing the problem, and looking for some sort of recourse against RSS hijackers. He's also trying to rebuild his listenership, which of course takes time.

So, what can you do to stop this? Well, practically speaking, i have the following immediate suggestions:
1. You should check all the podcast directories and search engines to be sure that their RSS feeds are pointing to your official URL/RSS feed. (Though, in iTunes and possibly others, this information may not be readily available or obvious.)
2. If you learn of a hijacking, you can write to the hijacker and demand that she or he stop their conduct.
3. You can also write to the podcast directories and search engines to point out the bad actor's conduct.
4. And, of course, you can consult a lawyer about possible claims against the hijacker.

Possible legal claims against an RSS hijacker? Since RSS and podcasting is new technology, there does not exist a handy "anti-RSS feed hijacking statute" out there on the books. There are, however, other possible claims that a lawyer can consider. For example, I'm brainstorming on a number of claims including unfair competition, trademark infringement/dilution, DMCA takedown options, computer fraud and abuse, tresspass, right of publicity, misappropriation, and the like. I haven't done a complete analysis on any of these possible claims at this time (and some may be weaker/stronger than others) but I will post more here when I have some conclusions to share. I would also welcome thoughts from other lawyers, law students, law professors, etc. if they have ideas about potential claims.

Add new comment