Tuesday, December 14, 2004

MIRLN -- Misc. IT Related Legal News [23 Nov – 14 Dec 2004; v7.15]

PANEL: GOV’T CAN’T MANDATE SECURITY (Network World Fusion, 15 Nov 2004) – Now is not the time for the U.S. government to mandate cybersecurity standards to private industry, despite significant threats and a lack of understanding by many company executives. So concluded a panel of government officials that met to discuss the issue in September. The panel of cybersecurity-focused officials -- part of a discussion in Washington, D.C., on whether government and private industry are doing enough to protect confidential information -- agreed that cybersecurity mandates were not the right way to encourage private companies to adopt cybersecurity best practices. Instead of a so-called “stick” approach, the Congress could instead develop some “carrot” incentives for companies looking to upgrade their cybersecurity efforts, according to Bob Dix, staff director of the technology and information policy subcommittee of the U.S. House of Representatives Committee on Government Reform. The subcommittee is considering several incentives for cybersecurity efforts, including an investment tax credit and a limit on liability for companies adopting cybersecurity best practices, Dix said. A liability limit could include an exemption from Federal Trade Commission (FTC) actions taken against companies that adopt best practices but still experience a security compromise -- such as hacker intrusion -- that results in the release of consumer data, Dix added. http://www.nwfusion.com/news/2004/1115panelgovt.html

PERFECT 10 CLAIMS GOOGLE GIVES IT AWAY (Red Herring, 20 Nov 2004) -- Perfect 10, a publisher of an adult entertainment web site and magazine, on Friday filed a lawsuit against Google, alleging that the search engine giant provided Internet users with at least 800,000 unauthorized links to images of Perfect 10’s nude models, stealing membership fees and advertising revenue from the Los Angeles publisher. The lawsuit is one of the first of its kind against Google. The suit, filed in Los Angeles county, claims that Google committed 12 counts of intellectual property violations against Perfect 10 magazine and the web site, Perfect10.com. Perfect 10 claims in the suit that Google’s violation “is devastating to and threatens the existence of Perfect 10’s business.” The publisher’s attorneys want a jury trial. Most of the violations alleged by Perfect 10 are copyright claims. The suit states that Google’s search results pull up photos of nude female models that belong to Perfect 10. These search results, according to the suit, constitute an infringement. Google’s search picks up the photos from other Internet locations, which are described in the lawsuit as “stolen content sites,” or web sites that steal images and allow Internet users to avoid paying subscription or membership fees for members-only pornography web sites. http://redherring.com/Article.aspx?a=10981
Perfect 10’s Complaint (redacted for graphic content):
http://cyber.law.harvard.edu/blogs/gems/palfrey/Perfect10ComplaintPDFCropped.pdf

FILE-SWAPPING EMBRACED (SiliconValley.com, 24 Nov 2004) -- In another deal that signals the music industry’s increasing willingness to co-opt rather than crush file-swapping technology, three major record labels have agreed to distribute songs through a new online service expected to debut early next year. Sony BMG Music Entertainment, Universal Music Group and Warner Music Group are expected to announce today that they will distribute songs for purchase on a file-swapping network called Peer Impact. ``What’s groundbreaking about Peer Impact is that it’s a legitimate peer-to-peer offering built from the ground up, not a filtering technology built on top of an existing system,” said Lucy Goldenhersh, a former Universal Studios executive who helped broker the deals for Wurld Media, owner of Peer Impact. Today’s licensing deal is another sign of the music industry’s changing public posture toward Internet file-swapping. Attempts to use the courts, technological countermeasures and Congress to shut down services like Kazaa have so far failed. In a new strategy to capitalize on the technology, Universal Music Group last week agreed to license its 150,000-song catalog to Snocap, a company started by Napster founder Shawn Fanning. The San Francisco start-up will provide the technology to let listeners buy music legally distributed over another file-swapping service called Mashboxx, which is expected to launch in January. http://www.siliconvalley.com/mld/siliconvalley/news/10261238.htm

SECURITY OFFICIALS TO SPY ON CHAT ROOMS (CNET, 24 Nov 2004) -- The CIA is quietly funding federal research into surveillance of Internet chat rooms as part of an effort to identify possible terrorists, newly released documents reveal. In April 2003, the CIA agreed to fund a series of research projects that the documents indicate were intended to create “new capabilities to combat terrorism through advanced technology.” One of those projects is research at the Rensselaer Polytechnic Institute in Troy, N.Y., devoted to automated monitoring and profiling of the behavior of chat-room users. Even though the money ostensibly comes from the National Science Foundation, CIA officials were involved in selecting recipients for the research grants, according to a contract between the two agencies obtained by the Electronic Privacy Information Center (EPIC) and reviewed by CNET News.com. NSF program director Leland Jameson said Wednesday the two-year agreement probably will not be renewed for the 2005 fiscal year. “Probably we won’t be working with the CIA anymore at all,” Jameson said. “I think that people have moved on to other things.” The NSF grant for chat-room surveillance was reported earlier this year, but without disclosure of the CIA’s role in the project. The NSF-CIA memorandum of understanding says that while the Sept. 11, 2001 attacks and the fight against terrorism presented U.S. spy agencies with surveillance challenges, existing spy “capabilities can be significantly enhanced with advanced technology.” http://news.com.com/Security+officials+to+spy+on+chat+rooms/2100-7348_3-5466140.html?tag=nefd.lede

HIDDEN GOLD IN CORPORATE CLEANUP (CNET, 24 Nov 2004) -- Sarbanes-Oxley may strike dread in the hearts of some IT executives, but not Tracy Austin. Austin, the chief information officer with casino operator Mandalay Resort Group, said the financial reporting regulations act resulted in a 30 percent increase in her information technology budget this year and battle-tested her fairly young IT staff. “I was able to beef up our test and development system budget, as well as our firewall and intrusion detection system budget,” Austin said. “Sarbanes-Oxley opened up the awareness of our (chief) executives and prompted questions about...our business risks. So instead of talking about technology, we were talking about what are our business risks and the technology to address them.” Compliance technology has gone from the wish lists of bean-counters to the important to-do lists of key executives and board members. That’s because the regulations laid down in the Sarbanes-Oxley Act and other laws hold executives’ feet to the fire, making them responsible for signing off on the accuracy of their financial statements. Last week, a key section of Sarbanes-Oxley kicked in, turning up the heat. Companies are spending more on compliance in general, according to a PricewaterhouseCoopers survey released on Tuesday, which found that about half of U.S. and European businesses expect to increase those budgets by an average of 23 percent during the next year to two. http://news.com.com/Hidden+gold+in+corporate+cleanup/2100-1029_3-5465305.html?tag=nefd.lede

AMAZON KEEPS KIDS’ DATA UNDER WRAPS, REGULATORS (CNET, 29 Nov 2004) -- Amazon.com’s virtual toy store is perfectly legal because it doesn’t ask children to type in personal information, federal regulators have decided. A letter from the Federal Trade Commission dated Nov. 24 rejected allegations from advocacy groups that said the online retailer violated the law by targeting its toy store at children under 13 and permitting them to post product reviews without a parent’s permission. The FTC letter, signed by associate director Mary Engle, concludes that the toy site is “not directed to children” and no government action is necessary. Under a 1998 law called the Children’s Online Privacy Protection Act, it is unlawful for Web sites “directed to children” to collect personal information from minors under 13 without an adult’s consent. “We think they simply misapplied the law,” said Chris Hoofnagle, associate director of the Electronic Privacy Information Center (EPIC). “A Web site can have more than one purpose, but we argued that (the toy site) was primarily directed at children.” http://news.com.com/2100-1038_3-5470145.html

LAW FIRM FILES SUIT FOR PLAGIARISM OF ITS WEB SITE (eMediaWire, 29 Nov 2004) -- You probably spent a great deal of time and money getting your web site to look just right and to include the appropriate message. Imagine the shock and feeling of violation that you would experience if your work was copied. Sadly, this outcome is not unusual for many businesses. Plagiarism is too common on the web, sometimes word-for-word and picture-by-picture. Brayton Purcell, a respected plaintiff law firm based in Novato, California, decided to do something about the plagiarism problem when it discovered large portions of its popular web site, Elder Abuse Information (http://www.elder-abuse-information.com), posted on another web site. On November 24, 2004, it filed a lawsuit against Recordan & Recordan, a San Diego law firm(Case No. C04-4995-EMC, United States District Court for the Northern District of California). The complaint alleged copyright infringement, false advertising, and unfair competition. Brayton Purcell seeks money damages as well as the removal of the offending web site material from the Internet. http://www.emediawire.com/releases/2004/11/emw182573.htm

INSTANT MESSAGES GETTING A BOOST FROM SMALL FIRM (SiliconValley.com, 29 Nov 2004) -- We’ve written so much about Google lately, it’s nice to be reminded that a lot of innovation in Silicon Valley still comes from small shops. For instance, David Weekly of Hillsborough recently launched IM Smarter (imsmarter.com), and it may be one to watch. IM Smarter is a Web-based service that enhances your instant messenger -- AIM, Yahoo IM, MSN Messenger, iChat, etc.-- by adding features such the ability to save copies of conversations. Unlike Google’s Desktop Search tool, which logs AIM messages to your computer, IM Smarter stores the conversations on its servers so they can be accessed from anywhere. The service also lets you program reminders to yourself, which pop up as instant messages on your computer screen. Weekly characterizes his service as an electronic ``secretary” that takes notes and alerts you to important events. ``The logging will appeal to people who passed notes in school and would keep them in a shoe box,” he said. ``And there are people who use IM for business purposes and want to keep those conversations.” http://www.siliconvalley.com/mld/siliconvalley/10293868.htm

PAYDAY LENDERS USE INTERNET TO AVOID LAWS, STUDY SAYS (SiliconValley.com, 30 Nov 2004) -- Short-term ``payday” lenders are increasingly using the Internet to circumvent state laws, charging annual interest rates as high as 780 percent and automatically debiting late fees and other charges from customer bank accounts, according to a new study. The study released Tuesday by the Consumer Federation of America shows a spike in abuses among payday lenders that have moved their operations online. Many don’t bother to get licensed in the states in which they operate and fail to comply with state consumer protection laws, according to the CFA’s report on Internet Payday Lending. Payday loans are small, quick cash loans with high interest rates, designed as an advance against a borrower’s next paycheck when the loan is due in full. The high fees, typically $15 to $30 per $100 loaned for two weeks, make the industry extremely lucrative. The CFA estimated that there are approximately 22,000 storefront payday loan outlets in the United States generating roughly $40 billion a year in loans and $6 billion in finance charges. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10305691.htm

ONLINE RETAILERS SEE THANKSGIVING SURGE (AP, 30 Nov 2004) -- Computer-savvy consumers did plenty of online shopping over the Thanksgiving weekend, giving companies like Amazon.com and walmart.com the same kickoff to the holiday season as department stores and malls had. The pickup in business on the Web was the result of online merchants using marketing tricks like their brick and mortar counterparts — plying consumers with special discounts to get them to shop early. Online sales excluding travel shot up 100 percent to $133 million on Thanksgiving Day compared to the same day last year, said comScore Networks Inc., an Internet research company. On Friday, online sales hit $250 million, up 41 percent from a year ago. “We certainly expected a strong performance during the holiday weekend, but these are impressive figures,” said Dan Hess, senior vice president at comScore. Historically, the online shopping season has begun the Monday after Thanksgiving, when consumers begin buying from their workplace computers. But the early start this year can be attributed to two phenomena: Merchants are working harder to get online sales, and millions of homes have converted to high-speed Internet connections, making it easier to shop from home. About 53 percent of those consumers who have access to the Internet from the home currently have high-speed Internet connections, compared with 40.9 percent a year ago, according to Ken Cassar, an analyst at NielsenNetRatings Inc. According to Nielsen/NetRatings, the sites that had the biggest spikes in visits this past Friday, compared with a week earlier, were those operated by traditional retailers including walmart.com, sears.com and toysrus.com. Toysrus.com’s traffic soared 212.6 percent on Friday, while Amazon.com was up 49.7 percent, Nielsen/NetRatings said. http://story.news.yahoo.com/news?tmpl=story&cid=528&e=3&u=/ap/20041129/ap_on_hi_te/online_retailers

FIGHTING FOR FILE-SWAPPING ON CAPITOL HILL (CNET, 30 Nov 2004) -- Philip Corwin has one of the least enviable jobs in Washington, D.C.: He defends file-swapping networks. That’s not a trivial task for Corwin, the lobbyist for Kazaa’s parent company. When making the rounds on Capitol Hill, Corwin, 54, is up against the dual political powerhouses of the Recording Industry Association of America and the Motion Picture Association of America. Australia-based Sharman Networks hired Corwin almost three years ago to be its lone representative in Washington, D.C. Since then, Sharman has been fending off lawsuits and a slew of legislative proposals designed either to shutter the service or scare users away from it. Being an underdog is a switch for Corwin, who spent much of his career lobbying for the influential American Bankers Association, the Commercial Finance Association and the Independent Bankers Association of America, after a stint as a U.S. Senate staffer. Now he’s a partner at the Butera & Andrews lobbying firm. Kazaa is one of the largest and most successful file-trading networks. It boasts about 2.48 million users a day, roughly the same as eDonkey’s claimed 2.54 million. CNET News.com spoke with Corwin about piracy, pornography and his experiences as a lobbyist. [Editor: Interesting interview. Corwin is an active, valued member of the ABA’s Cyberspace Law Committee.] http://news.com.com/Fighting+for+file-swapping+on+Capitol+Hill/2008-1082_3-5470022.html

PRICELINE TO STOP OFFERING NORTHWEST AIR (Reuters, 30 Nov 2004) -- Online travel agency Priceline.com Inc. said on Tuesday it will no longer offer Northwest Airlines Corp. tickets due to a disagreement over the terms of distribution. Norwalk, Connecticut-based Priceline, in a filing with the U.S. Securities and Exchange Commission (news - web sites), said it does not believe the action will materially hurt its operating results, adding that ticket sales will be made up by other participating airlines. A Priceline spokesman declined to detail the disagreement, citing company policy. http://story.news.yahoo.com/news?tmpl=story&cid=582&e=3&u=/nm/20041130/wr_nm/leisure_priceline_dc

COURT: INTERIOR DEPARTMENT SYSTEMS CAN GO BACK ONLINE (ComputerWorld, 6 Dec 2004) -- An appeals court has reversed a March 15 U.S. District Court decision under which the U.S. Department of the Interior was forced to disconnect a substantial number of its computer systems from the Internet. In an opinion published Friday, the U.S. Court of Appeals for the District of Columbia reversed the earlier decision, saying that the District Court erred in disregarding Interior Department security certifications and in failing to hold a hearing that would have given the department a chance to argue that its computers were secure. Under the March 15 ruling, all Interior Department computers were disconnected from the Internet except systems deemed essential for public safety reasons, as well as the systems of the National Park Service, Office of Policy Management and Budget and the U.S. Geological Survey. The ruling comes as part of a lawsuit over the department’s failure to secure data about money owed to native Americans for grazing, energy and mineral royalties. http://www.computerworld.com/governmenttopics/government/legalissues/story/0,10801,98073,00.html?source=x62

U.S. ITUNES MUSIC STORE NOW ACCEPTS PAYPAL (MacWorld, 10 Dec 2004) -- Apple Computer Inc. announced Friday that the U.S. version of its iTunes Music Store now accepts payments through PayPal, the popular electronic payment service owned by eBay. With PayPal, users can pay for their iTunes downloads using a “virtual wallet” that’s linked to a credit card, bank account or stored account balance. Apple also announced that the first 500,000 customers to open a new iTunes account using PayPal as their payment method before March 31, 2005 will receive five free songs. http://www.macworld.com/news/2004/12/10/itunespaypal/index.php/?lsrc=mcrss-1204

FORMER BUSH CAMPAIGN OFFICIAL INDICTED (CNET, 1 Dec 2004) -- A former Republican Party bigwig in New England has been indicted on charges of orchestrating a low-tech version of a denial-of-service attack. Internet DoS attacks, which overload a Web site’s servers and cause them to be temporarily inaccessible, have targeted everything from Whitehouse.gov to the SCO Group and eBay. Now James Tobin, who was the top Bush campaign official for New England and formerly the Republican National Committee’s regional director, is being accused of mounting a similar kind of attack on the phone networks of five Democratic Party offices during the November 2002 election. A federal grand jury indictment released Wednesday charges Tobin with attempting to “disrupt communications” by clogging the Democrats’ phones on Election Day through repeated hang-up calls. The four-count indictment also says Tobin targeted the Manchester Professional Firefighters Association’s phones in an attempt to interfere with its get-out-the-vote effort. http://news.com.com/2100-1028_3-5473524.html

FIGHT FOR PUBLIC DOMAIN GOES ON (Wired, 2 Dec 2004) -- Digital archivists aren’t giving up on their efforts to free out-of-print books, movies and music from overreaching copyright laws, despite a recent setback in court. District Judge Maxine Chesney dismissed the case filed by Brewster Kahle, founder of the Internet Archive, and Rick Prelinger, founder of the Prelinger Archives, in late November. The archivists allege that the government’s sweeping changes in copyright laws are unconstitutional because they lock up creative works that should be returned to the public domain. The government filed a motion to dismiss, and the motion was granted Nov. 19. Kahle -- who wants to include out-of-print books and films in his nonprofit archive for educational and research purposes -- and Prelinger will appeal the case to the 9th U.S. Circuit Court of Appeals in the next several weeks, said Chris Sprigman, a fellow at the Stanford Law School Center for Internet and Society. Sprigman, one of the lawyers representing the plaintiffs, said First Amendment matters are normally dealt with at the appeals court level of the judicial system anyway. The plaintiffs challenged the constitutionality of four copyright laws: the Copyright Renewal Act of 1992, the Sony Bono Copyright Term Extension Act, the Copyright Act of 1976 and the Berne Convention Implementation Act. http://www.wired.com/news/culture/0,1284,65898,00.html

AGENCIES FIND WHAT THEY’RE LOOKING FOR (Washington Post, 3 Dec 2004) -- When computer users hunt for information on the Internet, they typically turn to Google or Yahoo. When analysts working for U.S. intelligence look for documents and data stored on computers inside their own agencies, they often turn to software made by a little-known firm from Northern Virginia. While the high-profile battle between the major search engines that scour the Web rages on, Convera Corp. quietly has carved out a niche for itself: selling software that helps U.S. and foreign intelligence agents search their databases. The Vienna company is like a lot of small companies that are attempting to compete with the search engine giants, not by out-Googling Google, but by offering specialized services to organizations that are drowning in electronic data. From the FBI to the CIA to the National Security Agency, and from the Department of Homeland Security to the Pentagon, thousands of analysts use Convera’s software, which bears the moniker RetrievalWare. More than a dozen foreign intelligence services use it as well. Convera offers such features as the ability to automatically notify intelligence analysts when a new document matching a search query is added to the agency’s database, and to search for patterns within data, identifying relationships buried in mountains of separate documents. Helen Mitchell, head of enterprise search for the FDA, says: “Before, people couldn’t find everything if things were misfiled or they didn’t have the time or resources. With the Convera software, and the technology for searching documents and patterns, they can find documents even with misspellings.” Convera plans to make its Internet search engine available to regular computer users for free sometime next year. http://www.washingtonpost.com/wp-dyn/articles/A30161-2004Dec2.html

SUPREME COURT TO DECIDE STATUS OF CABLE INTERNET SERVICE (Steptoe & Johnson’s E-Commerce Law Week, 4 Dec 2004) -- On December 3, the Supreme Court of the United States agreed to hear a case that likely will decide whether cable television companies, like telephone companies, will be required to share their high-speed networks with unaffiliated Internet service providers. By agreeing to review the Ninth Circuit’s October 2003 decision in Brand X Internet Services v. FCC, the Supreme Court’s decision ultimately could have a significant impact on competition between cable and telephone-based Internet services, as well as on how these broadband access services will be regulated by the Federal Communications Commission (FCC) going forward. The Supreme Court agreed to hear two of three separate appeals of the Brand X case – one filed by the FCC and one by the National Cable & Telecommunications Association (NCTA) – the cable industry’s trade association. A decision is likely to come by July of next year. http://www.steptoe.com/index.cfm?fuseaction=DspNewsDetails&id=3789&site_id=182

STUDY: ARTISTS NOT THREATENED BY FILE SHARING (CNET, 5 Dec 2004) -- Recording labels and movie studios have hired phalanxes of lawyers to pursue peer-to-peer networks like Kazaa, and have sued thousands of individuals who distribute copyrighted material through such networks. But most of the artists surveyed by the nonprofit Pew Internet and American Life Project said online file sharing did not concern them much. Artists were split on the merits of peer-to-peer networks, with 47 percent saying that they prevent artists from earning royalties for their work and another 43 percent saying they helped promote and distribute their material. But two-thirds of those surveyed said file sharing posed little threat to them, and less than one-third of those surveyed said file sharing was a major threat to creative industries. Only 3 percent said the Internet hurt their ability to protect their creative works. http://news.com.com/2100-1027_3-5478329.html Report at
http://www.pewinternet.org/pdfs/PIP_Artists.Musicians_Report.pdf

WEB SERVICES PATENTS FETCH $15.5 MILLION (CNET, 6 Dec 2004) -- A mysterious bidder paid $15.5 million Monday in a bankruptcy court auction of dozens of Internet-related patents--and then rushed out of the courtroom. On the United States Bankruptcy Court auction block were 39 patents owned by Commerce One, a bankrupt software company in Santa Clara, Calif., that’s in the process of shutting down and liquidating its assets. The patents cover a set of key technical protocols known as Web services, a popular method for exchanging business documents over the Internet. The protocols are in wide use today; Microsoft, IBM and other software companies both large and small have incorporated them into their programs. The winning bidder was a company called JGR Acquisitions. An attorney representing JGR was mum about his client, dodging reporters’ questions as he rushed out of the court room at the close of the auction. Attorneys for Commerce One and the bankers who solicited bids for the auction also declined to discuss JGR. A document the company filed with the court was scarce on information as well, so JGR’s business, its owners, its location and its plans for the newly acquired patents all remain mysteries. Although the patents may be too broad to enforce or may be otherwise invalidated if challenged, the auction has drawn the attention of some big names in Silicon Valley, including Google, Oracle and Sun Microsystems. Representatives for those and about a dozen other companies convened a meeting last month to discuss the auction and the danger of infringement suits from whomever won it. The companies also considered a proposal to pool funds in order to jointly bid on the patents and retire them if they won. http://news.com.com/2100-1038_3-5480341.html

FLORIDA E-VOTE STUDY DEBUNKED (Wired, 7 Dec 2004) -- A study by Berkeley grad students and a professor showing anomalies with electronic-voting machines in Florida has been debunked by numerous academics who say the students used a faulty equation to reach their results and should never have released the study before getting it peer-reviewed. The study, released three weeks ago by seven graduate students from the University of California, Berkeley’s Quantitative Methods Research Team and sociology professor Michael Hout, presented analysis showing a discrepancy in the number of votes Bush received in counties that used touch-screen voting machines versus counties that used other types of voting equipment. But Bruce McCullough, a decisions science professor at Drexel University in Philadelphia, and Binghamton University economics professor Florenz Plassmann released an analysis (at http://election04.ssrc.org/research/critique-of-hmcb.pdf) of the Berkeley report criticizing the results. According to the Berkeley study, the number of votes granted to Bush in touch-screen counties far exceeded expectation, given a number of variables -- including the number of votes those counties gave Bush in 2000 -- while counties using other types of voting equipment gave Bush a predictable number of votes. http://www.wired.com/news/evote/0,2645,65896,00.html

DEBIT CARDS GIVE PLASTIC EDGE OVER PAPER (Washington Post, 7 Dec 2004) -- Americans kept their checkbooks in their pockets and instead flashed debit cards in record numbers last year, making 2003 the first time plastic and other electronic payment methods beat out paper, according to a survey released yesterday by the Federal Reserve. A total of 44.5 billion electronic payment transactions crossed the wires in 2003, compared with 36.7 billion check payments. Those numbers marked a turnabout from 2000, when Americans wrote 41.9 billion checks, and electronic payments clocked in at 30.6 billion, the Fed said. The trend toward electronic payments and away from paper checks has been in progress for many years. But it has been accelerated by especially strong growth in the popularity of debit cards, which can now be used to buy just about anything -- plane tickets or McDonald’s Happy Meals. The Fed estimates that debit card payments are increasing at an annual rate of 23.5 percent, more than credit cards and other types of electronic payment. http://www.washingtonpost.com/wp-dyn/articles/A41858-2004Dec6.html

TECH CEOS ISSUE CYBER-SECURITY RECOMMENDATIONS (Washington Post, 7 Dec 2004) -- A group representing technology industry chief executives on Tuesday warned that the Bush administration has failed to follow through on its two-year-old strategy for protecting the nation’s information infrastructure and offered recommendations for improving the government’s handling of cyber-security in President Bush’s second term. At the top of the Cyber Security Industry Alliance’s set of recommendations is raising the profile of cyber-security at the Department of Homeland Security by elevating the position of national cyber-security director to the assistant secretary level. Such a move, the technology community and some members of Congress believe, would bring stronger leadership to the division, whose director currently reports to an assistant secretary who is responsible for both cyber and physical security threats. “There is not enough attention on cyber-security within the administration,” said Paul Kurtz, the alliance’s director and a former senior cyber-security official in the Bush administration. “The executive branch must exert more leadership.” Kurtz was joined at Tuesday’s event by Amit Yoran, the former director of Homeland Security’s National Cyber Security Division who resigned in September. http://www.washingtonpost.com/wp-dyn/articles/A44474-2004Dec7.html

LEAN TIMES LINGER FOR VALLEY FIRMS (SiliconValley.com, 9 Dec 2004) -- Silicon Valley expected to be enjoying good times by now. Instead, almost four years after the downturn in technology spending began, high-tech companies still find themselves clawing for any sale they can get. Savvy corporations are playing desperate technology vendors against one another, extracting deep discounts for the latest equipment and services -- a far cry from the boom years when customers had to pay premium prices for backlogged products. This fundamental power shift has huge implications for Silicon Valley. Tech spending is projected to grow only slightly in the coming years. All over the region, companies that sell technology are being forced to slash costs, look for more business overseas, try to buy competitors, revamp marketing strategies and keep a tight lid on jobs in the United States. ``They’re all fighting for a pie that isn’t increasing as fast as they’d like to tell their shareholders,” said Martin Reynolds, a technology spending analyst for Gartner, a high-tech market research firm. ``Everyone is aggressively trying to cut costs. You’ve got to fight for every penny.” This is bad news if you’re a long-suffering job hunter. It’s good news if you’re a Fortune 500 company like FedEx. After growing steadily, the cargo transport company’s annual technology budget has remained level for several years, fluctuating between $1.5 billion and $1.3 billion. When FedEx does make new investments, it’s in a position to dictate the terms. http://www.siliconvalley.com/mld/siliconvalley/10374844.htm

SUPREME COURT TO HEAR P2P CASE (ZDnet, 10 Dec 2004) -- The U.S. Supreme Court on Friday said it would hear a controversial case on whether file-sharing software companies could be held legally responsible for copyright infringement on their networks. The court’s action is good news for big record labels and Hollywood studios, which have lost successive rulings on the issue in lower courts. They want software companies like Morpheus parent StreamCast Networks and Grokster to be held legally responsible when copyrighted material is swapped using their software. “There are seminal issues before the court--the future of the creative industries and legitimate Internet commerce,” Mitch Bainwol, chief executive officer of the Recording Industry Association of America, said in a statement. “These are questions not about a particular technology, but the abuse of that technology by practitioners of a parasitical business model.” The court’s decision could also be a sobering sign for technology companies well outside the world of file-swapping. At the core of the case is an interpretation of a 20-year-old decision that made VCRs legal despite their ability to copy TV shows and movies, which ultimately helped pave the way for a host of technologies ranging from CD burners to Apple Computer’s iPod. That case, known as the Sony-Betamax decision, set out rough guidelines under which technology used to make illegal copies of copyrighted material could be distributed without the manufacturer being responsible for the resulting piracy, as long as the product was also capable of “substantial noninfringing uses.” http://news.zdnet.com/2100-9588_22-5487491.html and http://www.wired.com/news/digiwood/0,1412,65995,00.html


COURT CASE PITS GOOGLE AND GEICO (New York Times, 13 Dec 2004) – A federal judge in Alexandria, Va., will hear opening arguments today in a case that pits Geico against Google. Geico, the auto insurer owned by Berkshire Hathaway, sued Google in May for trademark infringement. By allowing competing insurance companies to buy ads linked to searches for “Geico” and “Geico Direct,” Geico asserted, Google directs Web surfers seeking Geico to its competitors’ sites. The outcome of the suit is uncertain and any ruling is likely to be appealed. But a final determination will help define how companies in the red-hot Internet search business make their money. The ruling could also affect the bottom line at Google, the world’s most popular search engine. The company reported revenue of $805.9 million in the third quarter, of which $411.7 million, or 51 percent, came from selling ads that are displayed on-screen next to search results. The company went public in August with an initial public offering that sold a small percentage of its shares and raised $1.67 billion. Until April, Google prevented marketers from using other companies’ trademarks as keywords if the trademark owner complained. That month, however, it allowed trademarks as keywords, although it still blocks the use of competitors’ trademarks within the ads themselves. In August, Google warned in a filing to the Securities and Exchange Commission that possible trademark infringement lawsuits could result. “Defending these lawsuits could take time and resources,” the company said in the filing. “Adverse results in these lawsuits may result in, or even compel, a change in this practice which could result in a loss of revenue for us, which could harm our business.” http://www.nytimes.com/2004/12/13/business/media/13adco.html?ex=1260680400&en=7e997bd78429c942&ei=5090&partner=rssuserland and http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10408643.htm

GOOGLE IS ADDING MAJOR LIBRARIES TO ITS DATABASE (New York Times, 14 Dec 2004) – Google, the operator of the world’s most popular Internet search service, plans to announce an agreement today with some of the nation’s leading research libraries and Oxford University to begin converting their holdings into digital files that would be freely searchable over the Web. It may be only a step on a long road toward the long-predicted global virtual library. But the collaboration of Google and research institutions that also include Harvard, the University of Michigan, Stanford and the New York Public Library is a major stride in an ambitious Internet effort by various parties. The goal is to expand the Web beyond its current valuable, if eclectic, body of material and create a digital card catalog and searchable library for the world’s books, scholarly papers and special collections. Google has agreed to underwrite the projects being announced today while also adding its own technical abilities to the task of scanning and digitizing tens of thousands of pages a day at each library. Librarians involved predict the project could take at least a decade. Because the Google agreements are not exclusive, the pacts are almost certain to touch off a race with other major Internet search providers like Amazon, Microsoft and Yahoo. Like Google, they might seek the right to offer online access to library materials in return for selling advertising, while libraries would receive corporate help in digitizing their collections for their own institutional uses. “Within two decades, most of the world’s knowledge will be digitized and available, one hopes for free reading on the Internet, just as there is free reading in libraries today,” said Michael A. Keller, Stanford University’s head librarian. The Google effort and others like it that are already under way, including projects by the Library of Congress to put selections of its best holdings online, are part of a trend to potentially democratize access to information that has long been available to only small, select groups of students and scholars. Last night the Library of Congress and a group of international libraries from the United States, Canada, Egypt, China and the Netherlands announced a plan to create a publicly available digital archive of one million books on the Internet. The group said it planned to have 70,000 volumes online by next April. “Having the great libraries at your fingertips allows us to build on and create great works based on the work of others,” said Brewster Kahle, founder and president of the Internet Archive, a San Francisco-based digital library that is also trying to digitize existing print information. The challenge for publishers in coming years will be to continue to have libraries serve as major influential buyers of their books, without letting the newly vast digital public reading rooms undermine the companies’ ability to make money commissioning and publishing authors’ work. From the earliest days of the printing press, book publishers were wary of the development of libraries at all. In many instances, they opposed the idea of a central facility offering free access to books that people would otherwise be compelled to buy. But as libraries developed and publishers became aware that they could be among their best customers, that opposition faded. Now publishers aggressively court librarians with advance copies of books, seeking positive reviews of books in library journals and otherwise trying to influence the opinion of the people who influence the reading habits of millions. http://www.nytimes.com/2004/12/14/technology/14google.html?ex=1260680400&en=0c69d796770d4f2c&ei=5090&partner=rssuserland

A JUDGE FOR SALE ON EBAY, SHIPPING INCLUDED, ISN’T LAUGHING (New York Times, 13 Dec 2004) -- Jerald R. Klein, a Manhattan housing court judge, got a call from a reporter yesterday morning, he had no idea why he was being bothered at home on the weekend. He did not know that his face was all over eBay. He did not know that he was for sale. “What are you talking about?” he said. “Yes, I am a housing court judge. But I’m not for sale.” According to a posting on eBay, an online auction house, the 55-year-old judge would go to the highest bidder. After four days, the best offer was $127.50. The eBay advertisement, titled “Judge for Sale,” showed a picture of Judge Klein sitting in a courtroom and grinning at the camera, and then listed a number of accusations criticizing the way the judge dispenses justice. Free worldwide shipping was even included. http://www.nytimes.com/2004/12/13/nyregion/13judge.html?ex=1260594000&en=3164979acd94ec15&ei=5090&partner=rssuserland

****RESOURCES****
IS AN INTERNET PHONE RIGHT FOR YOU? (PC World, 7 Dec 2004) -- VoIP services are cropping up all over the place. We answer your questions about this new breed of phone services. http://www.pcworld.com/resource/printable/article/0,aid,118734,00.asp

JUDGE POSNER’S BLOG (launched 7 Dec 2004) -- http://becker-posner-blog.com/

SOURCES:
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School, http://cyber.law.harvard.edu.
2. Edupage, http://www.educause.edu/pub/edupage/edupage.html.
3. SANS Newsbites, sans@sans.org.
4. NewsScan and Innovation, http://www.newsscan.com.
5. Internet Law & Policy Forum, http://www.ilpf.org.
6. BNA’s Internet Law News, http://ecommercecenter.bna.com.
7. The Ifra Trend Report, http://www.ifra.com/website/ifra.nsf/html/ITR-HTML.
8. Crypto-Gram, http://www.schneier.com/crypto-gram.html.
9. David Evan’s “Internet and Computer News”, http://www.abanet.org/scripts/listcommands.jsp?parm=subscribe/at-internet
10. Readers’ submissions, and the editor’s discoveries.

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.

Sunday, November 21, 2004

MIRLN -- Misc. IT Related Legal News [1-22 November 2004; v7.14]

HOW TO BE AN (INFO) PEEPING TOM (CNN, 25 Oct 2004) -- Just how much do you really know about your neighbor? Sure, the guy next door drives a five-year-old Honda and only waters his lawn on Sundays, but wouldn’t you like to know how much he paid for his house? Curious as to why you never see his wife anymore, or if she is still his Mrs.? “As scary and creepy as it is that you have access to this information, it is public record,” says Don MacLeod, editor-in-chief for Internet Law Researcher and reference librarian for law firm Cadawalder, Wickersham & Taft. “It isn’t something someone created on his own.” Spying on your neighbor is hardly the next best thing to bringing over milk and cookies. But from the price of a house to a person’s age, nosy neighbors have an ever increasing number of tools at their disposal. In this election season, perhaps you want to know more about someone’s political leanings? The Federal Election Commission’s Web site, fec.gov, lists contributions of $200 or more dating back to 1997. Also, the Web site for the Center for Responsive Politics, opensecrets.org, lists donor contributions from as early as 1989. You can even find out if he registered to vote by visiting your county’s board of elections office. Some even post the information on their Web sites. Same goes for home prices and property tax information. It’s public information, and many counties are making this available online through their county clerk or assessor’s office. * * * http://money.cnn.com/2004/10/14/pf/peeping/

FILE SHARERS WIN MORE PROTECTION (Wired, 28 Oct 2004) – Alleged file sharers must be given a notice explaining their legal rights before their internet service provider hands over any personal information to the music labels, a Pennsylvania judge ruled, making it still harder for the music industry to use the courts to intimidate people suspected of piracy. Privacy advocates called the Oct. 12 order by U.S. District Judge Cynthia Rufe a positive step in protecting the privacy and due process rights of accused copyright infringers. The Recording Industry Association of America has filed thousands of so-called “John Doe” lawsuits, where the industry’s trade association sues people based on their internet protocol addresses without knowing their names. The RIAA must first obtain an order from a judge to subpoena the internet service providers for the name of the defendant. With Rufe’s order, now ISPs in the Eastern District of Pennsylvania must provide a detailed notice to their customer advising them of their rights, before they hand over their customers’ names to the music companies’ lawyers. “It’s another step in the evolution of protections for people who are accused by the record labels of file sharing, but may have a defense and may want to protect their anonymity,” said Wendy Seltzer, an attorney with the Electronic Frontier Foundation, an organization that filed a friend-of-the-court brief in the case. “It puts some procedural safeguards into the process.” “We have always encouraged ISPs to inform their subscribers of pending subpoenas. This action by the court is consistent with that,” Jonathan Lamy, a spokesman for the RIAA, wrote in an e-mail. http://www.wired.com/news/digiwood/0,1412,65516,00.html

INFORMATION SECURITY: HOW LIABLE SHOULD VENDORS BE? (ComputerWorld, 28 Oct 2004; opinion by Bruce Schneier) -- Information insecurity is costing us billions. We pay for it in theft: information theft, financial theft. We pay for it in productivity loss, both when networks stop working and in the dozens of minor security inconveniences we all have to endure. We pay for it when we have to buy security products and services to reduce those other two losses. We pay for security, year after year. The problem is that all the money we spend isn’t fixing the problem. We’re paying, but we still end up with insecurities. The problem is insecure software. It’s bad design, poorly implemented features, inadequate testing and security vulnerabilities from software bugs. The money we spend on security is to deal with the effects of insecure software. And that’s the problem. We’re not paying to improve the security of the underlying software. We’re paying to deal with the problem rather than to fix it. The only way to fix this problem is for vendors to fix their software, and they won’t do it until it’s in their financial best interests to do so. http://www.computerworld.com/printthis/2004/0,4814,96948,00.html

-- and --

PROTECTING INDUSTRIAL CONTROLS (FCW, 29 Oct 2004) -- About 500 academic, government and industry technical experts recently released a common set of cybersecurity requirements that could help the electrical power, oil and gas, and water industries, among other critical infrastructures and utilities, strengthen their computer-based systems. The draft document, “System Protection Profile (SPP) for Industrial Control Systems,” was issued by the Process Control Security Requirements Forum, which was formed by the National Institute of Standards and Technology in 2001. Although Version 1.0 of the requirements was completed more than six months ago, it was publicly announced earlier this month. http://www.fcw.com/fcw/articles/2004/1025/web-pcfrs-10-29-04.asp

-- and --

FDIC OFFERS GUIDANCE FOR USING OPEN SOURCE SOFTWARE (BNA’s Internet Law News, 4 Nov 2004) -- The Federal Deposit Insurance Corp. has released guidance for banks on managing risks associated with the use of free and open source software as part of their overall information technology programs. Although open source software does not pose risks that are fundamentally different from the risks presented by the use of proprietary or self-developed software, the FDIC says, open source software may require banks to establish “unique risk management practices.” Guidance at http://www.fdic.gov/news/news/financial/2004/fil11404a.html

-- and --

OR, AS THEY SAID ON THE TITANIC, “INSURERS AND AUDITORS FIRST” (Steptoe & Johnson, E-Commerce Law Week, 6 Nov 2004) -- “Sauve qui peut.” While it sounds better in French than “every man for himself” sounds in English, the reality isn’t pretty in either language. Still, a pell-mell rush for the lifeboats seems to be the order of the day for the private sector as computer security continues to attract Congressional attention. Case in point: the Corporate Information Security Working Group (CISWG), which started meeting in 2003 under the guidance of Rep. Adam Putnam (R-FL) and his Government Reform Subcommittee on Technology. Phase I of CISWG brought together trade association representatives and academics to brainstorm a list of recommendations for the public and private sector to consider when evaluating and implementing cybersecurity plans. The mission of CISWG Phase II, it seems, has been to take those initial recommendations and turn them into public policy, perhaps even legislation, that will create metrics and incentives for increased computer security. The result may be a private sector recommendation that comes remarkably close to imposing new liability on the private sector for computer security failures. http://www.steptoe.com/index.cfm?fuseaction=DspNewsDetails&id=3719&site_id=182

UK COURT ASSERTS NET JURISDICTION OVER GOV. SCHWARZENEGGER (BNA’s Internet Law News, 2 Nov 2004) -- The UK Court, Queen’s Bench Division, has asserted jurisdiction over an Internet libel suit launched against California Governor Arnold Schwarzenegger. The suit arises from an article in the LA Times available online that discussed alleged sexual harassment. The court applied last month’s Lewis v. King decision in determining that an “internet publication takes place in any jurisdiction where the relevant words are read or downloaded.” Case name is Richardson v. Schwarzenegger.

AUTHORS GAIN CONTROVERSIAL ROYALTIES RIGHTS UNDER NEW BILL (World Copyright Law Report, 29 Oct 2004) -- The Mexican Congress has passed a bill amending the Copyright Act 1996 in order to grant additional rights to authors and holders of neighbouring rights (eg, artists and record producers). Among other things, the bill increases the copyright term to the life of the author plus 100 years - an increase of 25 years. Once this term has expired, the government has the power to collect fees in relation to the use of works that are no longer protected. http://www.worldcopyrightlawreport.com/Article/?r=508&c=20004233

-- and --

ONE INTERNET, MANY COPYRIGHT LAWS (New York Times, 8 Nov 2004) -- Project Gutenberg, the volunteer effort to put the world’s literature online, may be the latest victim in the Internet battle over copyright. Earlier this year, the Australian affiliate of Project Gutenberg posted the 1936 novel “Gone With the Wind” on its Web site for downloading at no charge. Last week, after an e-mail message was sent to the site by the law firm representing the estate of the book’s author, Margaret Mitchell, the hyperlink to the text turned into a “Page Not Found” dead end. At issue is the date when “Gone With the Wind” enters the public domain. In the United States, under an extension of copyright law, “Gone With the Wind” will not enter the public domain until 2031, 95 years after its original publication. But in Australia, as in a handful of other places, the book was free of copyright restrictions in 1999, 50 years after Mitchell’s death. The case is one more example of the Internet’s inherent lack of respect for national borders or, from another view, the world’s lack of reckoning for the international nature of the Internet, and it is also an example of the already complicated range of copyright laws. The issue of national sovereignty over the Internet has not been firmly established, either by trade agreement or by court precedent, some legal experts say, and conflicts continue to be settled individually. But there are much bigger copyright battles looming as more material, including songs by Elvis Presley and the Beatles, approach public domain in countries around the world. http://www.nytimes.com/2004/11/08/technology/08newcon.html?ex=1257570000&en=7897c4058f081006&ei=5090&partner=rssuserland

-- and --

OTTAWA’S COPYRIGHT PLANS WRONGHEADED, EXPERTS SAY (Globe & Mail, 11 Nov 2004) -- Ottawa is about to blunder in cyberspace, lawyers and academics warn. Last week, the standing committee on Canadian Heritage resubmitted its recommendations for updating the Copyright Act of 1998 and ratifying the World Intellectual Property Organization (WIPO) treaty. Copyright lawyers say that if the changes are made into law, you will not even be able to own your own wedding pictures or save a Web page without paying for it. Among other things, the committee proposes that photographers keep the rights to their work and surfers would have to pay a levy for material even if was offered free of charge. Copyright holders could also shut down websites that they claim -- even erroneously -- are violating copyright, putting the burden of proof on the website charged. Michael Geist, who holds the Canada Research chair in Internet and e-commerce law at the University of Ottawa, and Howard Knopf, a Canadian copyright lawyer and director for the Center for Intellectual Property at the John Marshall Law School in Chicago, have sharply condemned the proposals. Mr. Geist blames “an amazing lobby job” by the recording industry, and Mr. Knopf calls it a “travesty [and] an exercise in hyperbole.” The committee’s premise is that all work on the Internet is someone’s property. You can read it or listen to it, but unless there is an explicit legal notice saying the material can be used, you would not be permitted to save a copy to disk or print it out without paying a copyright collective such as Access Copyright. “This last part is crucial,” says Laura Murray, a Queen’s University English professor who maintains a website called FairCopyright.ca. “It means that the bulk of sites used in educational settings -- resources designed by museums, libraries, universities, experts of various kinds -- that are intended for educational uses may be levied,” with a government agency automatically charging for the content. “It will be very difficult to communicate to the thousands of sites outside of Canada that are commonly used by Canadian students and educators (the Library of Congress, the British Library) that they must put such explicit notices on their sites,” she adds. “This is perverse.” http://www.theglobeandmail.com/servlet/story/RTGAM.20041111.gttwcopy11/BNStory/Technology/

EBAY BUYERS CAN RETURN GOODS, GERMANY’S HIGHEST COURT RULES (Bloomberg, 3 Nov 2004) -- EBay Inc., the world’s largest Internet auctioneer, isn’t exempt from consumer protection rules that allow customers to return goods without a reason, Germany’s highest civil court ruled. The Federal Court of Justice in Karlsruhe said EBay doesn’t meet the definition of an auction under German law, meaning that buyers of goods from professional sellers on the system don’t have to have a reason in order to get a refund. German law excludes auctions from some rules on reversing purchases. http://www.bloomberg.com/apps/news?pid=10000085&sid=aStrr0fa.dxU&refer=europe and http://www.out-law.com/php/page.php?page_id=germancourtruleso1099576245&area=news

E-VOTE VENDORS HAND OVER SOFTWARE (Wired, 26 Oct 2004) -- In an effort to increase the integrity of next week’s presidential election, five voting machine makers agreed for the first time to submit their software programs to the National Software Reference Library for safekeeping, federal officials said on Tuesday. The companies include Election Systems and Software, Diebold Election Systems, Sequoia Voting Systems and Hart InterCivic. The stored software [which does not include source code] will serve as a comparison tool for election officials should they need to determine whether anyone tampered with programs installed on voting equipment. The National Software Reference Library is part of an election security initiative launched by the U.S. Election Assistance Commission, a new federal entity that Congress created after the Florida 2000 election problems. The EAC is the first federal entity established to improve the integrity and efficiency of elections. The National Institute of Standards and Technology -- the agency that sets official measurements and defines standards for all kinds of commercial products -- will maintain the voting software library. NIST already manages a library of other types of software, like the Windows 2000 operating system, to help law enforcement investigate crimes involving computers. If questions about the veracity of a voting system arise after the election, computer forensic experts will be able to compare the software used on machines with the software in the NIST library to see if the software was altered. They can do this by comparing cryptographic hash files, which are digital fingerprints that identify the integrity of software. http://www.wired.com/news/print/0,1294,65490,00.html

-- and --

COMPUTER SCIENTISTS CAUTIOUS OF E-VOTING (AP, 4 Nov 2004) -- After only scattered problems in electronic voting’s biggest day ever in the United States, with roughly 40 million people casting digital ballots, voting equipment company executives crowed. To them, the relatively smooth election was a vindication of paperless touch-screen systems. For more than a year, computer scientists and voting rights advocates had vigorously assailed the nation’s 175,000 touch-screen machines as insecure and unreliable, prone to software bugs, hackers and hardware failures. Some naysayers had even predicted worst-case scenarios in which the ATM-like computers deleted or altered votes, machines overheated and crashed under record turnout. But that’s not to say electronic voting was trouble-free. On Tuesday, poll workers in New Orleans had numerous problems operating the equipment. On Election Day and during early voting, several dozen voters in six states reported difficulty selecting candidates, apparently due to miscalibration. Tuesday’s vote was not marred, however, by the problems that plagued primaries earlier this year — power outages, missing memory cartridges, machines that displayed the wrong ballots and suspicious delays in reporting results. “It was a very positive day for the American voting system generally and for electronic voting machines particularly,” said Harris Miller, president of the industry trade group Information Technology Association of America, which represents voting equipment companies. “The machines performed beautifully ... Instead of theories about catastrophes, the simple reality is that the machines produce accurate results and the voters love them.” Computer scientists reserved judgment. Many acknowledged that the hardware performed well. But software errors may have changed results, they said. The vast majority of touch screens in the United States do not produce paper records. And that means, critics say, that the machines could alter or delete ballots without anyone noticing. “What has most concerned scientists are problems that are not observable, so the fact that no major problems were observed says nothing about the system,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory in California. “The fact that we had a relatively smooth election yesterday does not change at all the vulnerability these systems have to fraud or bugs.” http://story.news.yahoo.com/news?tmpl=story&cid=528&e=3&u=/ap/20041104/ap_on_el_pr/eln_e_voting_tested

-- and --

MORE E-VOTING GLITCHES SURFACE (CNET, 5 Nov 2004) -- A transmission error in the battleground state of Ohio gave President George W. Bush almost 4,000 phantom votes in the preliminary results posted online, the Secretary of State’s office in Ohio acknowledged on Friday. The error would not have escaped detection during the certification process that validates the election results and does not even come close to changing the outcome, said Carlo LoParo, director of media and voter services for the Ohio Secretary of State’s office. Scrutiny of the unofficial results posted to the Board of Elections Web site in Franklin County uncovered that Bush had received 3,893 extra votes. Bush’s preliminary total is actually 365, the Associated Press stated. The document summarizing the unofficial tallies could no longer be accessed via the Web site late Friday. LoParo referred questions about the particular incident to Franklin County, where the error occurred. Representatives of the Board of Elections for that county did not return numerous phone calls seeking comment. The mistake is one of the latest minor errors that have marred the performance of electronic voting machines during an election that was heavily scrutinized. A county in North Carolina lost more than 4,500 votes because officials had thought the memory that stored ballots electronically could hold more data than it did, stated a report by the Associated Press. http://news.com.com/More+e-voting+glitches+surface/2100-1002_3-5440809.html?tag=nefd.top

-- and --

BLOGGERS SAID TO BLAME FOR BAD POLL INFO (Salon.com, 4 Nov 2004) -- News organizations promised Wednesday to look into why their Election Day exit polls showed an initial surge for John Kerry, but also blamed bloggers for spreading news that gave a misleading view of the presidential race. The exit poll data was delivered at several points Tuesday to ABC, CBS, NBC, CNN, Fox News Channel and The Associated Press by the National Election Pool, a company formed in the wake of the networks’ blown calls on election night 2000. The first wave showed Kerry with a lead of three percentage points in Florida and four points in Ohio _ both battleground states won by President Bush when the votes were actually counted, giving the president his margin of victory. ``Once one part of it is in question and is wrong, it kind of puts the whole thing in question,” said Marty Ryan, Fox News Channel’s executive producer for political coverage. ``It was disappointing. ... During the primary season, it worked very well for us, we were happy with it. But that was not good last night.” Other network representatives said their confidence in NEP remained unshaken. The Florida and Ohio exit poll results, along with those in other states were Kerry was strong, was quickly disseminated on Web sites such as Slate, the Drudge Report, Wonkette.com, Atrios.blogspot.com and Command Post. Some of these sites cautioned readers not to make too much of the information. The Command Post delivered the news under the headline ``Grain of Salt.” Drudge removed the numbers almost as quickly as they were posted. And Slate warned: ``these early exit poll numbers do not divine the name of the winner.” But the people who read these numbers _ among them, thousands of ordinary Americans with an intense interest in the election _ put too much faith into them and leaped to conclusions, said Bill Schneider, CNN’s polling expert. ``I think people believed them, and it’s particularly the case with Internet bloggers,” said Kathy Frankovic, CBS News’ polling director. ``That’s unfortunate because it sets up expectations that may or may not be met. I think it’s a good exercise because it reminded people that early exit polls can be unreliable.” http://www.salon.com/tech/wire/2004/11/03/bloggers/index.html

-- and --

RESEARCHERS: FLORIDA VOTE FISHY (Wired, 18 Nov 2004) -- Electronic voting machines in Florida may have awarded George W. Bush up to 260,000 more votes than he should have received, according to statistical analysis conducted by University of California, Berkeley graduate students and a professor, who released a study on Thursday. The researchers likened their report to a beeping smoke alarm and called on Florida officials to examine the data and the voting systems in counties that used touch-screen voting machines to provide an explanation for the anomalies. The researchers examined the same numbers and variables in Ohio, but found no discrepancies there. http://www.wired.com/news/evote/0,2645,65757,00.html Report at http://ucdata.berkeley.edu/new_web/VOTE2004/index.html

NORTH CAROLINA MAN SENTENCED TO 9 YEARS FOR SPAM (CNET, 3 Nov 2004) -- A North Carolina man was sentenced to nine years in prison for sending hundreds of thousands of unwanted e-mail messages, Virginia prosecutors said Wednesday. Jeremy Jaynes of Raleigh was found guilty under a Virginia state law that sets limits on the number of e-mails marketers can send in a given time period and prohibits them from using fake e-mail addresses, Virginia Attorney General Jerry Kilgore said. http://news.com.com/2100-1024_3-5438340.html

-- and, in another first sentence case --

FIRST SENTENCE FOR VIOLATING HIPAA (New York Times, 7 Nov 2004) -- Lying in a hospital bed, gravely ill from leukemia and weakened by chemotherapy, Eric Drew began to get mail thanking him for opening credit accounts he knew nothing about. After a maddening six months of calling the companies, the police, journalists and collection agencies, Mr. Drew discovered that a technician at the Seattle Cancer Care Alliance, where he received the first of two bone marrow transplants last fall, had stolen his identity. On Friday, the technician, Richard W. Gibson, 42, was sentenced to 16 months in prison, becoming the first person sentenced under a new federal law designed to protect patients’ privacy, federal prosecutors said. The sentence was four months longer than prosecutors requested. http://www.nytimes.com/2004/11/07/national/07theft.html?ex=1101186000&en=9defe550cfc25c7c&ei=5070&oref=login

WTO SAYS UNITED STATES SHOULD DROP BAN ON OFFSHORE INTERNET GAMBLING (SiliconValley.com, 10 Nov 2004) -- In a ruling that could open the United States to offshore Internet gambling, a World Trade Organization panel Wednesday said Washington should drop prohibitions on Americans placing bets in online casinos. In its final 287-page report, the WTO panel confirmed the preliminary ruling it issued in March in a dispute pitting the United States against the tiny Caribbean nation of Antigua and Barbuda, saying the ban represented an unfair trade barrier. U.S. diplomats in Geneva said they would contest the ruling before the WTO’s seven-member appeals body. Antigua filed a case before the WTO last year. It contended that U.S. restrictions on Internet gambling violated trade commitments the United States has made as a member of the 148-nation WTO. U.S. trade officials disagreed, saying that negotiators involved in the Uruguay Round of global trade talks, which created the WTO in 1995, clearly intended to exclude gambling. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10146233.htm Decision at
http://www.wto.org/english/tratop_e/dispu_e/285r_e.pdf

FBI PURSUING MORE CYBER-CRIME CASES (Washington Post, 4 Nov 2004) -- A former technology company executive charged with hiring hackers to attack a competitor’s Web site has joined the FBI’s most-wanted list, the latest sign of the federal law enforcement agency’s growing interest in cyber-crime. http://www.washingtonpost.com/wp-dyn/articles/A25579-2004Nov4.html

-- and --

NATIONS USE NET TO SPY, PLOT ATTACKS EX-BUSH AIDE (Reuters, 5 Nov 2004) -- The world’s most advanced military powers are using the Internet to spy on their enemies and prepare digital attacks against rogue targets, a leading cyber security expert said on Friday. “When there’s a major cyber incident it’s very difficult to prove most of the time who did it,” said Richard Clarke, former White House adviser on national security and cyber threats. “There are incidents, I think, where governments are involved, doing either reconnaissance or testing out concepts, probing for weaknesses.” Clarke said he suspects Russia and China are the most pervasive users of Internet for intelligence-gathering on suspected enemy states and plotting ways to use the information for military purposes. Law enforcement officials believe organized crime is behind much of the new so-called “spyware” that emerges on the Internet daily. The programs have proved adept at conning consumers out of money or stealing their banking details and major companies have been hit as well. “Organized hacking is mainly done for economic purposes,” said Ira Winkler, a former network security specialist for America’s National Security Agency. He added some governments are also interested in using the medium to steal a march on their economic rivals, as the Internet has proved to be one of the best resources for corporate espionage. For that reason, security experts have begun to warn the world’s most visible multi-national conglomerates to shore up their networks defenses against cyber snooping -- with mixed results. http://story.news.yahoo.com/news?tmpl=story&cid=582&e=2&u=/nm/20041105/wr_nm/security_internet_spy_dc

U.K. SOFTWARE PIRACY WHISTLE-BLOWERS GET BIGGER REWARDS (CNET, 5 Nov 2004) -- The Business Software Alliance is doubling the maximum reward it will pay to individuals who report companies that are using pirated software. The BSA--a trade group supported by Microsoft, Adobe Systems and other major software makers to enforce software licenses and copyrights--announced on Friday that it is raising the ceiling on payments to U.K. whistle-blowers to $37,000 (20,000 pounds) for reports received during November and December this year. Under the BSA’s rules, someone who reports that a company is using illegal software--such as counterfeit or unlicensed programs--will receive a reward of 10 percent of the face value of the software recovered. Previously, this payment was capped at $18,500. The BSA is hoping that this offer of a larger maximum reward will force companies which are using illegal software to address the issue. http://news.com.com/2100-1012_3-5440483.html

MOST THIRD WORLD E-GOVT PROJECTS FAIL: WORLD BANK (The Age, 8 Nov 2004) -- Eighty-five percent of e-government projects in developing countries fail either partially or fully, a World Bank official says. “It is estimated approximately 35 percent of e-government projects in developing countries are total failures and approximately 50 percent are partial failures,” Robert Schware, World Bank lead informatics specialist, said on Friday. E-government refers to the use of information and communications technologies to improve the efficiency, effectiveness, transparency and accountability of government. The World Bank funds many e-government projects worldwide such as developing e-trade facilitation systems, e-procurement pilots and one-stop government gateways. “Only some 15 percent can be fully seen as success. There are equal numbers of very sad statistics about the number of failed implementations in the US and Europe,” Schware told delegates at a seminar on e-government. In India half of the ongoing 200 e-governance projects were bound to fail, he said. “By failure I mean the inability to deliver government services that provide benefit to citizens or business.” http://www.theage.com.au/news/Breaking/Most-Third-World-egovt-projects-fail-World-Bank/2004/11/08/1099781282280.html?oneclick=true

STATES, NBA, MLB JOIN ENTERTAINMENT CASE AGAINST FILE-SHARING (SiliconValley.com, 8 Nov 2004) -- A disparate group made up of dozens of state attorneys general, labor unions, retailers, professional sports leagues and others urged the U.S. Supreme Court on Monday to hear a claim brought by the recording and film industries against two Internet file-sharing firms. In several legal briefs filed with the court, the petitioners stressed the justices should take the entertainment companies’ case and finally resolve conflicting lower court rulings on file-sharing, said Steven Marks, general counsel for the Recording Industry Association of America. The filings are designed to support a petition made last month by a coalition of major recording companies and Hollywood movie studios who asked the court to reverse lower court decisions clearing Grokster Ltd. and StreamCast Networks Inc. of liability for their customers’ online swapping of movies and music. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/10131024.htm

-- and --

MUSIC PIRACY ‘DOES HIT CD SALES’ (BBC, 9 Nov 2004) – Record sales in the US have fallen because of people using the internet to download albums, a study suggests. The report, for the country’s National Bureau of Economic Research, studied the habits of 412 students. It said the US music industry lost one fifth of a sale for each album downloaded from the internet. The study contradicts a previous report, conducted in 2002, which said swapping songs online had no negative effect on music sales. That report, by Harvard and North Carolina universities, said high levels of file-swapping had an effect that was “indistinguishable from zero”. Other research quoted by the IFPI global music industry body has estimated some 15% of users who download music illegally go on to spend more on music. But the IFPI added that for every one person who uses file-sharing networks to sample music, a further two will cut back on their purchasing, or stop buying music altogether. The report, Piracy on the High Cs, was compiled by University of Pennsylvania professors Rafael Rob and Joel Waldfogel. http://news.bbc.co.uk/2/hi/entertainment/3995885.stm

FCC ASSERTS ROLE AS INTERNET PHONE REGULATOR (Washington Post, 10 Nov 2004) -- The Federal Communications Commission said yesterday that the federal government, not states, has the authority to regulate phone service provided over the Internet. The unanimous ruling in a case involving Vonage Holdings Corp. was a victory for companies offering local and long-distance phone service over high-speed Internet connections. It was a defeat for state utilities regulators who sought to subject the new Internet services to many of the fees and regulations they have long applied to traditional phone providers. Companies providing Internet phone service said they had been reluctant to expand into more states until it was clear whether they would face state-by-state regulation and whether their consumers would have to pay state fees. But the FCC’s unanimous decision did not resolve the broader question of whether Internet phone services will be treated as information services or as traditional phone providers. As traditional providers, they could be required to contribute to federal universal service programs that subsidize phone service in poor and rural areas, and they could have to pay whenever they connected with the networks owned by traditional phone providers to complete calls. http://www.washingtonpost.com/wp-dyn/articles/A37972-2004Nov9.html
Release at
http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-254112A1.pdf

ECJ SCALES BACK SCOPE OF DATABASE RIGHTS (BNA’s Internet Law News, 10 Nov 2004) -- The European Court of Justice has released four decisions that address the scope of the EU database rights. The decisions focus on the need for a substantial investment in the database, concluding that the definition of ‘substantial investment’ which gives rise to protection for the maker of a database against unauthorized acts of copying and distribution to the public covers only the work involved in seeking, collecting, verifying and presenting existing materials and not the resources used to create the materials which make up the database. Release at http://curia.eu.int/en/actu/communiques/cp04/aff/cp040089en.pdf

DHS’s NDA FOR “SENSITIVE BUT UNCLASSIFIED INFORMATION” (Federation of American Scientists, Nov 2004) – Covers information that could “adversely affect the national interest of the conduct of Federal programs”. NDA at http://www.fas.org/sgp/othergov/dhs-nda.pdf

UNITED NATIONS ESTABLISHES WORKING GROUP ON INTERNET GOVERNANCE (United Nations, 11 Nov 2004) -- Secretary-General Kofi Annan announced today the establishment of the Working Group on Internet Governance. The Working Group will prepare the ground for a decision on this issue by the second phase of the World Summit on the Information Society, to be held in Tunis in November 2005. The Secretary-General was requested to establish a working group on Internet governance by the first phase of the World Summit on the Information Society held in Geneva in December 2003. The task of this Working Group is to organize an open dialogue on Internet Governance, among all stakeholders, and to bring recommendations on this subject to the second phase of the Summit. The two documents adopted by the Geneva Summit -- the Declaration of Principles and the Plan of Action -- asked the Working Group “to investigate and make proposals for action, as appropriate, on the governance of the Internet by 2005”. The Group was requested to: -- Develop a working definition of Internet governance; -- Identify the public policy issues that are relevant to Internet governance; and -- Develop a common understanding of the respective roles and responsibilities of governments, international organizations and other forums, as well as the private sector and civil society from both developing and developed countries. The Working Group on Internet Governance will be chaired by Nitin Desai, Special Adviser to the Secretary-General for the World Summit. It includes 40 members from governments, private sector and civil society, representing all regions (see the list below). http://www.un.org/News/Press/docs/2004/pi1620.doc.htm [Editor: Ayesha Hassan of the ICC/Paris is one of the Working Group members.]

-- and --

NO ROLE FOR UN IN ICANN (News.com, 16 Nov 2004) -- The global domain name governing body has warned off the UN, saying it will operate as a private organisation when its agreement with the US Department of Commerce expires in 2006. The Internet Corporation for Assigned Names and Numbers is responsible for managing the domain name and internet protocol address system, and operates under an agreement with the US Commerce Department. ICANN chief executive Paul Twomey, an Australian, said the organisation would cut its ties with the department when the agreement expired in 2006, and ICANN would not be under the authority of any international organisation. http://www.news.com.au/common/story_page/0,4057,11393890%255E15318,00.html

EVEN DIGITAL MEMORIES CAN FADE (New York Times, 10 Nov 2004) -- The nation’s 115 million home computers are brimming over with personal treasures - millions of photographs, music of every genre, college papers, the great American novel and, of course, mountains of e-mail messages. Yet no one has figured out how to preserve these electronic materials for the next decade, much less for the ages. Like junk e-mail, the problem of digital archiving, which seems straightforward, confounds even the experts. “To save a digital file for, let’s say, a hundred years is going to take a lot of work,” said Peter Hite, president of Media Management Services, a consulting firm in Houston. “Whereas to take a traditional photograph and just put it in a shoe box doesn’t take any work.” Already, half of all photographs are taken by digital cameras, with most of the shots never leaving a personal computer’s hard drive. So dire and complex is the challenge of digital preservation in general that the Library of Congress has spent the last several years forming committees and issuing reports on the state of the nation’s preparedness for digital preservation. Peter Schwartz, chairman of the Global Business Network, which specializes in long-range planning, says that a decade or two from now, the museum approach might be the most feasible answer. “As long as you keep your data files somewhat readable you’ll be able to go to the equivalent of Kinko’s where they’ll have every ancient computer available,” said Mr. Schwartz, whose company has worked with the Library of Congress on its preservation efforts. http://www.nytimes.com/2004/11/10/technology/10archive.html?ex=1257742800&en=11bf041b08f3ab93&ei=5090&partner=rssuserland

E-MAIL AUTHENTICATION: COST, STANDARDS REMAIN PROBLEMS (InfoWorld, 10 Nov 2004) -- E-mail authentication can help fight the growing spam e-mail problem, but vendors need to come up with a single, open standard to avoid confusion and crippling costs for small ISPs (Internet service providers), participants in a U.S. government summit said. The security of the DNS, on which some leading e-mail authentication proposals are built, was also called into question at the conference, hosted by the U.S. Federal Trade Commission (FTC) and the National Institute of Standards and Technology (NIST). Holes in the DNS, which translates numeric addresses into readable Internet domain names, could allow spammers to enter false authentication information, said Scott Chasin, chief technology officer of MX Logic Inc., an e-mail filtering company. “I believe the fragile nature of DNS will affect those trying to thwart e-mail authentication schemes,” Chasin said. MX Logic supports efforts to create e-mail authentication, but Chasin also called for the widespread adoption of DNS Security Extensions (DNSSEC), a security project that’s been in the works for a decade, and is now being approved by the Internet Engineering Task Force (IETF). “(Authentication) is not a cure-all for spam,” he added in an interview. “It is not a cure-all for phishing.” Participants in the summit seemed divided about the potential of e-mail authentication that would establish DNS rules to allow e-mail recipients to receive e-mail only from trusted senders. Such authentication schemes would be based on a reputation system, similar to so-called white lists, in which e-mail from certain domains, such as Yahoo.com or IBM.com, would be cleared as legitimate e-mail. There could be multiple reputation systems run by multiple companies or organizations. Elizabeth Bowles, president of the 40,000-subscriber ISP Aristotle.Net Inc., raised concerns about at least six e-mail authentication proposals moving forward, including Sender ID, advanced by Microsoft Corp., and Sender Permitted From (SPF), being used by America Online Inc. Small ISPs can’t afford to configure their e-mail to comply with a variety of authentication standards, she said. Bowles and others who had concerns about e-mail authentication noted that various proposals require ISPs and Internet domain owners to publish different types of DNS records to comply with authentication standards. “We can’t have AOL implementing one system, and Microsoft implementing another, and everyone having to comply with a bunch of different standards,” said Bowles. “It has to be unified.” E-mail authentication standards should be easy to implement and the solutions should be easy to tailor to an ISP’s needs, she added. “I don’t think it can have a part of it that’s proprietary, that would require us to basically get a license for a piece of software that we couldn’t subsequently modify or improve,” she said. “If it is proprietary, at least it needs to be open, and it needs to be a flexible system.” Despite these concerns, others at the summit said e-mail authentication represents the best hope for senders who want to distinguish their e-mail from spam. A recent study conducted by Return Path Inc., an e-mail services provider, found that 18 percent of legitimate e-mail was blocked by the top 10 ISPs, said J. Trevor Hughes, executive director of the Email Service Provider Coalition, which represents 52 companies. An e-mail authentication standard could solve some of those problems, he said. http://www.infoworld.com/article/04/11/10/HNemailauthentication_1.html

-- and --

YAHOO TAKES ON SPAM, BOOSTS E-MAIL STORAGE (CNET, 15 Nov 2004) -- Yahoo on Monday said it has begun attaching antispam technology to all of its outgoing e-mails, hoping that other providers will follow suit. Messages from its free e-mail service will include a “DomainKey,” a system that creates a digital signature for outgoing e-mail and then lets receivers verify that the message comes from where it claims. The technology tries to thwart spam “phishing” attacks in which messages pretend to originate from a familiar address and then launch viruses or social engineering hacks when opened. The changes won’t be noticeable to the Yahoo Mail user, since DomainKeys are resolved in Yahoo’s servers and network infrastructure. http://news.com.com/2100-1032_3-5450821.html

CHINESE ELECTRONIC SIGNATURE STANDARDS RELEASED (ChinaTechNews.com, 11 Nov 2004) -- An electronic signature safety seal, jointly developed by the China E-commerce Association and the Material Evidence Validation Center of the Ministry of Public Security, was formally launched this week. The new system consists of two parts: e-seal and an e-signature. The system encrypts Chinese business seals and prints according to the embedded standards while binding them with a digital certificate issued by the relevant departments. Then the system combines them in a key whose code is authorized by the State Password Office. The e-seal and e-signature can be used so long as the key is connected with a computer. Currently, China International Travel Service, China International Economic Consulting Company, and Shanghai Zhongtai Industry Company have adopted the system to sign contracts with overseas businesses. The system is believed to be the first step towards realization of the e-signature law which will be implemented starting April 1, 2005. http://www.chinatechnews.com/index.php?action=show&type=news&id=2097

EPA BACKS NANOMATERIAL SAFETY RESEARCH (Washington Post, 12 Nov 2004) -- The Environmental Protection Agency has awarded $4 million in grants to study the health and environmental risks posed by manufactured nanomaterials -- the new and invisibly tiny materials that are revolutionizing many industries but whose effects on living things remain largely unknown. The grants to a dozen universities mark the first significant federal effort to assess the biological and medical implications of nanotechnology, a burgeoning field of science that is expected to become a trillion-dollar industry within the next decade. Measuring three-billionths of an inch or less, [nanotech products] are small enough to enter the lungs and perhaps even be absorbed through the skin. Experiments in animals have shown that once in the body, they can travel to the brain and other organs. Several experiments are already underway that involve deliberately spreading nanomaterials in the environment despite some studies suggesting they can accumulate in the food chain and kill ecologically important microorganisms. With hundreds of tons of nanomaterials already being made in U.S. labs and factories every year -- and the release this year of several cautionary reports from European scientific organizations and insurance companies -- activists have become more vocal in their demands for safety studies. The 12 new EPA grants, to be announced today by Paul Gilman, the agency’s assistant administrator for research and development, aim to address some of those concerns. “This emerging field has the potential to transform environmental protection, but at the same time we must understand whether nanomaterials in the environment can have an adverse impact,” Gilman said in prepared remarks released last night. http://www.washingtonpost.com/wp-dyn/articles/A43763-2004Nov11.html

WHAT WAL-MART KNOWS ABOUT CUSTOMERS’ HABITS (New York Times, 14 Nov 2004) – [Editor: Long and interesting story. Excerpts follow.] Hurricane Frances was on its way, barreling across the Caribbean, threatening a direct hit on Florida’s Atlantic coast. Residents made for higher ground, but far away, in Bentonville, Ark., executives at Wal-Mart Stores decided that the situation offered a great opportunity for one of their newest data-driven weapons, something that the company calls predictive technology. A week ahead of the storm’s landfall, Linda M. Dillman, Wal-Mart’s chief information officer, pressed her staff to come up with forecasts based on what had happened when Hurricane Charley struck several weeks earlier. Backed by the trillions of bytes’ worth of shopper history that is stored in Wal-Mart’s computer network, she felt that the company could “start predicting what’s going to happen, instead of waiting for it to happen,” as she put it. The experts mined the data and found that the stores would indeed need certain products - and not just the usual flashlights. “We didn’t know in the past that strawberry Pop-Tarts increase in sales, like seven times their normal sales rate, ahead of a hurricane,” Ms. Dillman said in a recent interview. “And the pre-hurricane top-selling item was beer.” Thanks to those insights, trucks filled with toaster pastries and six-packs were soon speeding down Interstate 95 toward Wal-Marts in the path of Frances. Most of the products that were stocked for the storm sold quickly, the company said. Such knowledge, Wal-Mart has learned, is not only power. It is profit, too. With 3,600 stores in the United States and roughly 100 million customers walking through the doors each week, Wal-Mart has access to information about a broad slice of America - from individual Social Security and driver’s license numbers to geographic proclivities for Mallomars, or lipsticks, or jugs of antifreeze. The data are gathered item by item at the checkout aisle, then recorded, mapped and updated by store, by state, by region. By its own count, Wal-Mart has 460 terabytes of data stored on Teradata mainframes, made by NCR, at its Bentonville headquarters. To put that in perspective, the Internet has less than half as much data, according to experts. Information about products, and often about customers, is most often obtained at checkout scanners. Wireless hand-held units, operated by clerks and managers, gather more inventory data. In most cases, such detail is stored for indefinite lengths of time. Sometimes it is divided into categories or mapped across computer models, and it is increasingly being used to answer discount retailing’s rabbinical questions, like how many cashiers are needed during certain hours at a particular store. [snip] Wal-Mart is also driving manufacturers to invest in radio frequency identification. By next October, the company will require its biggest suppliers to tag shipments to some of its distribution centers with tiny transmitters that would eventually let Wal-Mart track every item that it sells. With so much data at Wal-Mart’s corporate fingertips, what are the risks to consumers? Most have no clue that their habits are monitored to such an extent. There are no signs - like the ones for Wal-Mart’s anti-shoplifting cameras - advising customers that information is being collected and stored. And there is no giveback: Wal-Mart doesn’t use loyalty cards and rarely offers promotions based on past purchases. It is aware, however, that shoppers are concerned about privacy. On its Web site, Wal-Mart posts a privacy policy that states, in part: “We take reasonable steps to protect your personal information. We maintain reasonable physical, technical and procedural measures to limit access to personal information to authorized individuals with appropriate purposes.” [snip] Eventually, some experts say, Wal-Mart will use its technology to institute what is called scan-based trading, in which manufacturers own each product until it is sold. “Wal-Mart will never take those products onto its books,” said Bruce Hudson, a retail analyst at the Meta Group, an information technology consulting firm in Stamford, Conn. “If you think of the impact of shedding $50 billion of inventory, that is huge.” The impact will probably be felt by suppliers, he added, but none are likely to complain. “You can see the pattern of Wal-Mart’s mandates, and as Wal-Mart grows in power, it is getting more dictatorial,” he said. “The suppliers shake their heads and say, ‘I don’t want to go this way, but they are so big.’ Wal-Mart lives in a world of supply and command, instead of a world of supply and demand.” http://www.nytimes.com/2004/11/14/business/yourmoney/14wal.html?ex=1258088400&en=0605d1fc88b8ab98&ei=5090&partner=rssuserland

SBC TAPS MICROSOFT FOR TV SOFTWARE (CNET, 17 Nov 2004) -- SBC Communications, as part of its efforts to compete head-on with the cable industry for television subscribers, plans to announce on Wednesday that it will pay $400 million to Microsoft for software used to deliver TV programming over high-speed data lines. It would be a crucial move into unproven territory for SBC, which like the other regional telephone giants wants to grow by expanding beyond phone and Internet services and into entertainment. To do that, SBC expects to spend more than $4 billion during the next three years on its fiber-optic network in order to offer faster Internet connections capable of carrying digital video programming. The deal is also a milestone for Microsoft. The company has spent roughly $20 billion in the past decade trying to break into the television business, but it has little to show for that investment, industry analysts said. The 10-year agreement with SBC is Microsoft’s first commercial contract to help deliver programming to millions of homes. SBC plans to deploy Microsoft’s software to encode television programming before it is sent to subscribers and then decode the same programs on TV set-top boxes in customers’ homes. Most important, the software compresses digital signals so that video programs can be sent over high-speed data lines. http://news.com.com/SBC+taps+Microsoft+for+TV+software/2100-1046_3-5455421.html?tag=nefd.top

TOP RESEARCHERS ASK WEB USERS TO JOIN SCIENCE GRID (Reuters, 16 Nov 2004) -- IBM and top scientific research organizations are joining forces in a humanitarian effort to tap the unused power of millions of computers and help solve complex social problems. The World Community Grid will seek to tap the vast underutilized power of computers belonging to individuals and businesses worldwide and channel it into selected medical and environmental research programs. Volunteers will be asked to download a program to their computers that runs when the machine is idle and reaches out to request data to contribute to research projects. Organizers say the Grid can help unlock genetic codes that underlie diseases like AIDS and HIV, Alzheimer’s or cancer, improve forecasting of natural disasters and aid studies to protect the world’s food and water supply. The massive volunteer project will be unveiled Tuesday by Sam Palmisano, CEO of International Business Machines Corp. (IBM), the world’s largest computer company, along with United Nations officials, researchers from the Mayo Clinic, Oxford University and South Africa, and others. “This is not just a project for techno-geeks,” said Jonathan Eunice, an analyst with research firm Illuminata of Nashua, New Hampshire, who was briefed on the scope of the plan. The project is designed to handle up to 10 million participants, or more, if demand is greater, IBM said. Details can be found at http://www.worldcommunitygrid.org/. http://www.reuters.com/newsArticle.jhtml?storyID=6829592

INTERNET ARCHIVE’S WEB PAGE SNAPSHOTS HELD ADMISSIBLE AS EVIDENCE (Stanford Law School, Nov. 2004) -- The Internet Archive (IA) is a non-profit effort to preserve Internet sites and other digital media and make them available online. IA’s spiders regularly crawl the World Wide Web, making copies of web pages and storing them permanently in an enormous digital archive. Using the “Wayback Machine”, one of the Archive’s popular services, users can input the address of a web page and call up a series of dated copies, allowing them to see what the page contained at the times it was accessed by the IA spider. Polska is the American provider of TV Polonia, a Polish-language television channel. According to its pleadings in the case, it had reached a deal with EchoStar, which operates the Dish Network satellite TV service, to provide TV Polonia to Dish Network. The contract included marketing rights, giving EchoStar the right to use Polska’s trademarks to sell subscriptions to its television service. The deal was scheduled to expire in stages: absent a renewal, EchoStar’s marketing rights would expire in April of 2001, and programming would stop a year afterwards. The deal was not renewed, and Polska alleges that EchoStar continued to use the “TV Polonia” name to market its satellite service after its rights to exploit that trademark had expired. EchoStar pointed out that Polska seemed to have no problem with advertisements stating that TV Polonia could be found on the Dish Network, since Polska had one on its own website after the expiration of marketing rights. EchoStar offered IA snapshots dated to various times in 2001 as proof of the past content of Polska’s website. As part of a series of motions in limine, Polska attempted to suppress the snapshots on the grounds of hearsay and unauthenticated source. Magistrate Judge Arlander Keys rejected Polska’s assertion of hearsay, holding that the archived copies were not themselves statements susceptible to hearsay exclusion, since they merely showed what Polska had previously posted on its site. He also noted that, since Polska was seeking to suppress evidence of its own previous statements, the snapshots would not be barred even if they were hearsay. Over Polska’s objection, Judge Keys accepted an affidavit from an Internet Archive employee as sufficient to authenticate the snapshots for admissibility. http://cyberlaw.stanford.edu/packets/vol_2_no_3/002728.shtml

GOOGLE UNVEILS SERVICE FOR ACADEMICS (NewsFactor.com, 18 Nov 2004) -- Google has unveiled a new search service designed specifically for scientists and academic researchers. Currently in beta release, Google Scholar allows users to search specifically for scholarly literature, including peer-reviewed papers, books, technical reports, theses, abstracts and preprints. The resource spans a wide variety of academic disciplines, and includes a large number of professional societies and publishers, according to Google. The search tool also finds scholarly articles that are scattered across the Web. Unique to the Scholar service is a way to handle search of academic citations. The tool automatically analyzes and extracts citations and presents them as separate results, even if the documents they refer to are not online. This gives academics and researchers the ability to peruse citations of older articles that appear only in books or print-only publications. Because the site is in beta, it is likely that other additions and changes will be made as scholars use the service. Google has requested that users send in suggestions, questions and comments. In its information pages, Google notes that additions to its index will be forthcoming, and urges authors to contact their publishers and scholarly societies to expand the available content. http://story.news.yahoo.com/news?tmpl=story&cid=75&e=2&u=/nf/20041118/tc_nf/28510

PRIVACY LAW EXPERT RONALD L. PLESSER DIES (Washington Post, 21 Nov 2004) -- Ronald L. Plesser, 59, a leading authority on federal privacy law and information policy for the past three decades and a partner in the Washington office of the Piper Rudnick law firm, died of a heart attack Nov. 18 at Dulles International Airport. Mr. Plesser’s work on information policy helped set the evolving standards for privacy in an era of computer databases, new communication technologies and the Internet. He worked first with Ralph Nader’s Center for the Study of Responsive Law in the early 1970s, where he compiled a comprehensive catalogue of the shortcomings of the 1966 Freedom of Information Act. His work formed the basis for Congress’s 1974 overhaul of the statute, which made it easier for the public to gain access to government records. “He was without question one of the real pioneers in the privacy field,” said Marc Rotenberg of the Electronic Privacy Information Center, a public interest research center in Washington. Jerry Berman, president of the Center for Democracy and Technology, called Mr. Plesser “the expert at the table” who knew the law, the technology, the players and how to build consensus on privacy policies for cable subscribers, cell phone users and video renters. Mr. Plesser was past chairman of the Individual Rights and Responsibilities section of the American Bar Association. [Editor: A smart, engaging man. Our prayers go to Barbara and the family.] http://www.washingtonpost.com/wp-dyn/articles/A952-2004Nov20.html

****RESOURCES****
CYBERTIMES NAVIGATOR (New York Times resource) -- Stymied by the Internet’s choices? The recently updated Navigator is used by the newsroom of The Times for forays into the Web. http://tech.nytimes.com/top/news/technology/cybertimesnavigator/index.html

Happy Thanksgiving to our American readers!

SOURCES:
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School, http://cyber.law.harvard.edu.
2. Edupage, http://www.educause.edu/pub/edupage/edupage.html.
3. SANS Newsbites, sans@sans.org.
4. NewsScan and Innovation, http://www.newsscan.com.
5. Internet Law & Policy Forum, http://www.ilpf.org.
6. BNA’s Internet Law News, http://ecommercecenter.bna.com.
7. The Ifra Trend Report, http://www.ifra.com/website/ifra.nsf/html/ITR-HTML.
8. Crypto-Gram, http://www.schneier.com/crypto-gram.html.
9. David Evan’s “Internet and Computer News”, http://www.abanet.org/scripts/listcommands.jsp?parm=subscribe/at-internet
10. Readers’ submissions, and the editor’s discoveries.

**************Introductory Note**********************

MIRLN (Misc. IT Related Legal News) is a free product of the American Bar Association’s Cyberspace Law Committee. Please feel free to distribute this message.

Members of the ABA Cyberspace Law Committee automatically receive MIRLN postings (about every third week); members can manage their subscriptions at http://www.buslaw.org/cgi-bin/controlpanel.cgi?committee=CL320000 (click on “Settings” beside Members-Only Listserve Discussion). Others who wish to be added to the MIRLN distribution list should send email to Vince Polley with the word “MIRLN” in the subject line, and similarly will be removed from the distribution list after sending email to Vince with the words “MIRLN REMOVAL” in the subject line.

Recent MIRLN editions are archived at www.vip-law.com and in the public materials section of the Cyberspace Committee’s collaboration space at http://lawplace.metadot.com.

**************End of Introductory Note***************

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.