Friday, March 23, 2007

MIRLN -- Misc. IT Related Legal News [4-24 March 2007; v10.04]

**************Introductory Note**********************

MIRLN (Misc. IT Related Legal News) is a free product of the American Bar Association’s Cyberspace Law Committee and Dickinson Wright PLLC. Dickinson Wright’s IT & Security Law practice group is described at

Members of the ABA Cyberspace Law Committee automatically receive MIRLN postings (about every third week); members can manage their subscriptions at (find the “Listserves” box; MIRLN comes through the CLCC-MEMS listserve). Others who wish to be added to the MIRLN distribution list should send email to Vince Polley ( with the word “MIRLN” in the subject line, and similarly will be removed from the distribution list after sending email to Vince with the words “MIRLN REMOVAL” in the subject line.

Recent MIRLN editions are archived at and blogged at

**************End of Introductory Note***************

MICROSOFT HIT BY U.S. DOT BAN ON WINDOWS VISTA, EXPLORER 7, AND OFFICE 2007 (Information Week, 2 March 2007) -- Citing concerns over cost and compatibility, the top technology official at the federal Department of Transportation has placed a moratorium on all in-house computer upgrades to Microsoft’s new Windows Vista operating system, as well as Internet Explorer 7 and Office 2007, according to a memo obtained Friday by InformationWeek. In a memo to his staff, the DOT’s CIO Daniel Mintz says he has placed “an indefinite moratorium” on the upgrades as “there appears to be no compelling technical or business case for upgrading to these new Microsoft software products. Furthermore, there appears to be specific reasons not to upgrade.” Among the concerns cited by Mintz are compatibility with software applications currently in use at the department, the cost of an upgrade, and DOT’s move to a new headquarters in Washington later this year. “Microsoft Vista, Office 2007, and Internet Explorer [7] may be acquired for testing purposes only, though only on approval by the DOT chief information officer,” Mintz writes. The memo is dated Jan. 19. In an interview Friday, DOT chief technology officer Tim Schmidt confirmed that the ban is still in effect. “We’re analyzing different client software options and also integration issues,” says Schmidt. Among the options the Transportation Department is weighing as a possible alternative or complement to Windows Vista are Novell’s Suse Linux and, for a limited group of users, Apple’s Macintosh hardware and software, he says.

WOMAN ACCUSES YAHOO OF STEALING HER IMAGE (Wired, 2 March 2007) -- An Ohio woman is demanding $20 million from Yahoo for allegedly using a photo of her without her permission for a welcome e-mail sent to new users. According to a court complaint filed Tuesday with the U.S. District Court for the Northern District of Ohio, Shannon Stovall, a resident of Ohio’s Cuyahoga County, discovered upon signing up for Yahoo’s Web-based e-mail service last October that a picture taken of her appeared in a note sent to new users. The message, according to a printout attached to the court complaint, leads off with the headline “Hooray! Your first e-mail” and a photograph containing two women, one of which is purported to be Stovall. It goes on to give Yahoo Mail users tips on how to transfer address book contacts and customize the look of their messages. The complaint charges that the image has been sent to millions of users around the world without Stovall’s authorization, violating her right to privacy and right to publicity--that is, to control the commercial use of her identity. The allegations resemble a complaint lodged by New England Patriots quarterback Tom Brady against Yahoo in December. The star athlete accused the portal of using a photograph of him from the September 2006 issue of Sports Illustrated without his permission to promote its fantasy football league.

BBC SIGNS DEAL WITH YOUTUBE TO SHOW PROGRAM EXCERPTS (, 2 March 2007) -- The British Broadcasting Corp. began showing excerpts from its news and entertainment programs on the YouTube video-sharing Web site Friday, becoming the first international broadcaster to ink a major deal with the Google Inc.-owned portal. In an agreement that analysts described as a key step for both the BBC and YouTube, the British broadcaster is offering three branded channels on the site, including one showing up to 30 news clips a day. The deal gives the BBC access to millions more viewers and gives YouTube the credibility of the venerable British broadcaster. One of the new YouTube channels, ``BBC Worldwide,” will show clips from hit BBC programs including motor show ``Top Gear,” spy drama ``Spooks” and nature documentaries presented by David Attenborough. A second entertainment channel, simply called ``BBC,” will show clips like trailers and short features such as video diaries of actors on the popular ``Dr. Who” TV series or blogs from reporters working abroad. The third channel, ``BBC News,” will show snippets from the BBC’s commercially operated international news channel of the same name.

U.S. COPYRIGHT ROYALTY BOARD REJECTS WEBCASTERS, EMBRACES SOUNDEXCHANGE (Wired blog, 4 March 2007) -- On Friday, which is generally accepted in public relations circles as the best day of the week to release controversial news, the United States Copyright Royalty Board announced new royalty rates for webcasts, effective from 2006 to 2010. The board ignored the arguments of the International Webcasting Association and other webcasters, and apparently simply endorsed the proposal of the RIAA-associated SoundExchange royalty organization, which represents the major and some indie labels. The new rates force webcasters to pay for each song streamed to each user, and increase over the next few years as follows: 2006: $0.0008 to stream one song to one listener 2007: $.0011; 2008: $.0014; 2009: $.0018; 2010: $.0019. Those fees will add up quickly for larger webcasters; the Radio and Internet Newsletter (RAIN) calculates that, assuming that the average station plays 16 songs per hour, sites would have to pay “about 1.28 cents” per listener per hour using the 2006 rate, and would owe this retroactively, in addition to licensing fees going forward. RAIN’s math indicates that the rate would render Internet radio unsustainable, or at the very least, more ad-laden than terrestrial radio -- and that’s before the songwriters’ licenses are taken into account. Copyright Royalty Board report at ; from a Harvard blog: “In a move that recalls the Vogons’ decision to destroy Earth to clear the way for a highway bypass in space (from Douglas Adams’ Hitchhikers Guide to the Galaxy), the judges comprising the Copyright Royalty Board have decided to destroy the Internet radio industry so the Recording Industry won’t be inconvenienced by something it doesn’t know, like or understand.” NPR voices its objections, too: … and then

COPYRIGHT BOARD TO RECONSIDER HIGHER ROYALTIES FOR NET MUSIC (Bloomberg, 21 March 2007) -- The Library of Congress Copyright Royalty Board agreed to reconsider a decision to increase royalties for music played on the Internet after radio broadcasters complained the new prices were too high. The judges agreed to listen to arguments submitted by National Public Radio, commercial radio broadcasters, and college stations, the board said yesterday. NPR spokeswoman Andi Sporkin provided a copy of the board’s order.

OPEN CALL FROM THE PATENT OFFICE (Washington Post, 5 March 2007) -- The government is about to start opening up the process of reviewing patents to the modern font of wisdom: the Internet. The Patent and Trademark Office is starting a pilot project that will not only post patent applications on the Web and invite comments but also use a community rating system designed to push the most respected comments to the top of the file, for serious consideration by the agency’s examiners. A first for the federal government, the system resembles the one used by Wikipedia, the popular user-created online encyclopedia. “For the first time in history, it allows the patent-office examiners to open up their cubicles and get access to a whole world of technical experts,” said David J. Kappos, vice president and assistant general counsel at IBM.

MICROSOFT ATTACKS GOOGLE ON COPYRIGHT (Financial Times, 5 March 2007) -- Microsoft on Tuesday launches a fierce attack on Google over its “cavalier” approach to copyright, accusing the internet company of exploiting books, music, films and television programmes without permission. Tom Rubin, associate general counsel for Microsoft, will say in a speech in New York that while authors and publishers find it hard to cover costs, “companies that create no content of their own, and make money solely on the back of other people’s content, are raking in billions through advertising and initial public offerings”. Mr Rubin’s remarks, presaged in an article in Tuesday’s Financial Times, come as Google faces criticism and legal pressure from media companies over services allowing users to search online for books, films, television programmes and news. Viacom, the US media group, instructed YouTube, which Google owns, to remove 100,000 clips of copyright material. The Authors Guild and a group of publishers backed by the Association of American Publishers have separately sued Google for making digital copies of copyrighted books from libraries without permission. Mr Rubin will tell the AAP’s annual meeting that Google’s decision to take digital copies of all books in various library collections, unless publishers tell it not to, “systematically violates copyright, deprives authors and publishers of an important avenue for monetising their works and, in doing so, undermines incentives to create”. He will say Google is breaching copyright law because it has “bestowed upon itself the unilateral right to make entire copies of copyrighted books”. Google thinks it is acting legally because it publishes only “snippets” of copyrighted works unless it has the publisher’s permission. But Mr Rubin will say in Tuesday’s speech: “Google is saying to you and other copyright owners: ‘Trust us, you’re protected. We’ll keep the digital copies secure. We’ll only show snippets. We won’t harm you, we’ll promote you’. Lessig’s take on this:

TEXAS COUNTIES ILLEGALLY POSTING SOCIAL SECURITY NUMBERS ONLINE, AG SAYS (Computer World, 5 March 2007) -- Like dozens of county governments around the country, Fort Bend County in Texas has for the past several years been posting public records containing Social Security numbers on its Web site. The records are accessible to anyone in the world with an Internet connection and are routinely sold to list brokers, real estate companies and mortgage firms. On Feb. 23, Texas Attorney General Greg Abbott ruled that such disclosure of Social Security numbers in public documents is a violation of both state and federal privacy laws and is a criminal offense punishable by jail time and fines. The ruling followed an inquiry by Fort Bend’s district attorney in 2005 about how its county clerk was expected to deal with Social Security numbers when they were present in public records. Abbott’s ruling has caused an uproar among county and district clerks in the state who are panicked by the prospect of being held criminally liable for actions they say were carried out as part of their normal business. Many have shut down or severely restricted public access to court records and are seeking help from state legislators who have hastily introduced a House bill seeking to absolve clerks of criminal and civil liabilities for disclosing confidential information. Follow-up story from 12 March:

INTELLECTUAL PROPERTY VERDICTS EXCEED $1.3 BILLION IN 2006 (, 5 March 2007) -- Finisar Corp. employs dozens of Ph.D.-level scientists to create technology for its high-speed data communication components and testing business, but one of the company’s most lucrative inventions may be a patent outside of its core business that generated a court victory worth $117.3 million last year. In June 2006, the Sunnyvale, Calif.-based Finisar won a $78.9 million jury verdict in a patent infringement case against broadcast satellite company The DirecTV Group Inc. of El Segundo, Calif. Although appeals are in the works, fines are racking up, including a judge’s $25 million enhancement for willful infringement and $13.4 million for prejudgment interest, post-judgment interest and a compulsory license. Finisar Corp. v. DirecTV Group Inc., No. 05-00264 (E.D. Texas). Amid a worldwide market expansion for technology products, the Finisar case is one of a burgeoning number of blockbuster verdicts in intellectual property cases. These verdicts exceeded $1.3 billion in 2006, according to VerdictSearch, an affiliate of the National Law Journal, and our own research. There’s a direct correlation between intellectual property jury verdicts and the importance of the technology protected by the patent, said Eric Maschoff, a shareholder at Workman Nydegger of Salt Lake City, who served as Finisar’s lead patent prosecution counsel on the case. “Companies are looking more and more towards their intellectual property portfolio as an asset, and they’re exploiting that asset,” Maschoff said. Lawyers report that the sheer market size of high-technology products based on the patents in those portfolios can lead to massive infringement verdicts. Companies’ rising inclination to bring such cases to trial, and the emergence of high-tech courtrooms that enable the use of animation and other visual aids, also boost the possibility of gargantuan verdicts.

STUDY: IDENTITY THEFT KEEPS CLIMBING (Wired, 6 March 2007) -- The rate of identity theft-related fraud has risen sharply since 2003, a report from research firm Gartner suggests. Gartner’s study, released Tuesday, shows that from mid-2005 until mid-2006, about 15 million Americans were victims of fraud that stemmed from identity theft, an increase of more than 50 percent from the estimated 9.9 million in 2003. It should be noted that the 2003 statistics and the mid-2006 statistics came from two different sources--and hence, two different statistical methodologies. The original 9.9 million figure came from the Federal Trade Commission, whereas the 15 million statistic is Gartner’s own. For its study, Gartner surveyed 5,000 U.S. adults who use the Internet. The research firm found that identity theft victims are losing more money and getting less of it back. The average loss of funds in a case of identity theft was $3,257 in 2006, up from $1,408 in 2005. Additionally, the average loss in the opening of a fraudulent new account has more than doubled over that time, from $2,678 to $5,962.

FRANCE BANS CITIZEN JOURNALISTS FROM REPORTING VIOLENCE (IDG News Service, 6 March 2007) – The French Constitutional Council has approved a law that criminalizes the filming or broadcasting of acts of violence by people other than professional journalists. The law could lead to the imprisonment of eyewitnesses who film acts of police violence, or operators of Web sites publishing the images, one French civil liberties group warned on Tuesday. The council chose an unfortunate anniversary to publish its decision approving the law, which came exactly 16 years after Los Angeles police officers beating Rodney King were filmed by amateur videographer George Holliday on the night of March 3, 1991. The officers’ acquittal at the end on April 29, 1992 sparked riots in Los Angeles. If Holliday were to film a similar scene of violence in France today, he could end up in prison as a result of the new law, said Pascal Cohet, a spokesman for French online civil liberties group Odebi. [Mon Dieu!]

INTEL TACTICS QUESTIONED IN E-MAIL PURGE (Information Week, 6 March 2007) -- Whether Intel suffers severe legal consequences for failing to save all potential evidence in Advanced Micro Devices’ antitrust lawsuit against the chipmaker will depend in large part on whether Intel can convince a judge it followed best practices. Intel disclosed Monday that it failed save potentially relevant e-mail. It’s scheduled to join AMD Wednesday at a status hearing to discuss the issue before U.S. District Court Judge Joseph Farnan Jr. in Delaware. The hearing stems from a 2005 lawsuit in which AMD accused its rival of improper tactics to maintain its monopoly in the PC market. At least one expert said Tuesday that the procedures Intel put into place to avoid the destruction of internal e-mails appeared to be lacking. Of particular concern was Intel’s decision early in the process to make employees responsible for moving relevant e-mail to the hard drives of their computers to avoid having them purged automatically by the e-mail system. “They’re going to have a very hard time defending their process,” Robert Brownstone, law and technology director at the law firm Fenwick & West in San Francisco, said. Whether Intel can convince the judge that it took the proper steps to save evidence is pivotal to avoid dire legal consequences that could result in millions of dollars in fines. Worse, the judge could decide during the trial to instruct the jury that they should assume that the e-mails lost would have been detrimental to Intel’s defense. Such a move could play a role in swaying the jury toward AMD. [Editor: Making employees participate in record management programs is essential; while automation can do much, individual action remains necessary in all but the most rigid, centralized companies.]

ASTRONAUT E-MAILS RAISE ACCEPTABLE USE ISSUES (NewsFactor, 7 March 2007) -- The recent release of documents collected during the investigation of the NASA astronaut love triangle are a stark reminder that even in the most disciplined work environment, e-mails can wreak havoc. Shuttle astronaut Lisa Nowak, 43, is charged with attempted kidnapping and burglary with assault. The charges stem from Nowak’s 900-mile trip from Houston to Orlando to confront Air Force Captain Colleen Shipman, 30, a woman now dating Nowak’s former boyfriend and fellow shuttle astronaut Navy Cmdr. William Oefelein, 41. Police believe that Nowak’s decision to travel to Orlando might have been triggered by her discovery of romantic e-mails exchanged by Shipman and Oefelein. Nowak had a key to Oefelein’s apartment, and used it to gain access to his apartment and computer during Super Bowl weekend, when Oefelein and Shipman were traveling. According to NASA Public Affairs Officer John Yembrick, the space agency creates two e-mail accounts for each shuttle crew member, one for work and one for personal communications, and the agency “does its best to ensure that personal e-mail is private.” The police records indicate that both Oefelein and Shipman used Yahoo for their private correspondence. However, as is typical in workplaces around the country, the private messages still traveled through NASA computers. As a result, even private astronaut e-mails are subject to the terms and conditions of the Policy on Use of NASA Information Technology Resources (JSCA 01-060), which was last revised by the agency in September 2001. In addition to prohibiting the use of government I.T. resources for games and chain letters, the NASA policy also bars “the creation, download, viewing, storage, copying, or transmission of ... sexually explicit or sexually oriented materials.”

HARSH WORDS DIE HARD ON THE WEB - LAW STUDENTS FEEL LASTING EFFECTS OF ANONYMOUS ATTACKS (Washington Post. 7 March 2007) -- She graduated Phi Beta Kappa, has published in top legal journals and completed internships at leading institutions in her field. So when the Yale law student interviewed with 16 firms for a job this summer, she was concerned that she had only four call-backs. She was stunned when she had zero offers. Though it is difficult to prove a direct link, the woman thinks she is a victim of a new form of reputation-maligning: online postings with offensive content and personal attacks that can be stored forever and are easily accessible through a Google search. The woman and two others interviewed by The Washington Post learned from friends that they were the subject of derogatory chats on a widely read message board on AutoAdmit, run by a third-year law student at the University of Pennsylvania and a 23-year-old insurance agent. The women spoke on the condition of anonymity because they feared retribution online. The law-school board, one of several message boards on AutoAdmit, bills itself as “the most prestigious law school admissions discussion board in the world.” It contains many useful insights on schools and firms. But there are also hundreds of chats posted by anonymous users that feature derisive statements about women, gays, blacks, Asians and Jews. In scores of messages, the users disparage individuals by name or other personally identifying information. Some of the messages included false claims about sexual activity and diseases. To the targets’ dismay, the comments bubble up through the Internet into the public domain via Google’s powerful search engine. The students’ tales reflect the pitfalls of popular social-networking sites and highlight how social and technological changes lead to new clashes between free speech and privacy. The chats are also a window into the character of a segment of students at leading law schools. Penn officials said they have known about the site and the complaints for two years but have no legal grounds to act against it. The site is not operated with school resources.

C-SPAN ALTERS COPYRIGHT OVER PELOSI FLAP (Washington Post, 7 March 2007) -- It turns out that Republicans were right: House Speaker Nancy Pelosi did violate C-SPAN’s copyright by using its televised footage on her blog promoting Democrats. Officials for the cable TV network that provides daily gavel-to-gavel coverage of House and Senate proceedings at first said the blog was in violation, then announced it wasn’t. On Wednesday, they said that it was but that they’re changing their policy so that it won’t be in the future. The new copyright policy will allow non-commercial Internet users to share and post C-SPAN video as long as they attribute it to the public service channel. “Given our background and our history, an open approach is the most consistent with our mission,” said Rob Kennedy, C-SPAN’s president. “We are now saying under the new policy that that will be OK, for her or any blogger or citizen journalist” to post C-SPAN video online.

VA TO CONTROL, RESTRICT USE OF MOBILE STORAGE DEVICES (GCN, 7 March 2007) -- In the next month, the Veterans Affairs Department will let employees plug into its network only those mobile storage devices issued by the CIO’s office. Robert Howard, VA CIO, yesterday said while his office already mandated these mobile devices, known as thumb drives, be encrypted, he is taking security a step further. He is requiring employees to apply and demonstrate a need for a thumb drive, and have their supervisor sign off on that need before the CIO’s office will issue the thumb drive. Howard is going even farther by issuing only 1G and 2G thumb drives and not allowing anything larger onto the network unless he approves it. “This effort is to drive down the use of thumb drives,” he said after his speech at the Information Processing Interagency Conference sponsored by the Government Information Technology Executive Conference. “This will help us eliminate future problems by shutting down an easy way to take data out of the office.” The mobile storage devices also must be certified under the National Institute of Standards and Technology’s Federal Information Processing Standard 140-2, he added.

CHINA CRACKS DOWN ON ‘VIRTUAL CURRENCY’ TO STOP ILLEGAL USES (, 7 March 2007) -- Regulators have ordered Chinese Web sites to limit the use of ``virtual money” after concerns that the online credits might be used for money laundering or illicit trade. The order governing credits sold by Web sites to customers to pay for online games and other services comes amid a campaign to tighten official control over China’s online industry. The most popular Chinese online credits are ``QQ coins” issued by the Web site, which has 220 million registered users. A man who answered the phone Wednesday in Tencent’s publicity office refused to say how many of the credits it has sold. Financial experts cited by Chinese media said the growing popularity of ``QQ coins” could complicate the government’s ability to control the flow of real currency, and the central bank has issued a warning about the use of virtual money. News reports in January said customers are using online credits to gamble, pay for phone-sex services and to shop online. Authorities said they were looking into whether the credits were being used as a way to launder money. Regulators told Web sites to bar the use of credits for buying goods or other unauthorized purposes, according to the order, issued jointly by several ministries. It was sent to Internet companies last month and publicized by state media this week.

FANTASY LIFE, REAL LAW (ABA Journal, 8 March 2007) -- Beathan Vale was concerned about his local court system, which had only one judge. As a member of the Confederation of Democratic Simulators, he took an active role in the development of his local government in the community of Neufreistadt. Ideally, Vale believed the community’s judicial branch should be modeled to resemble the U.S. Supreme Court. But its lone judge, an English barrister and fellow confederation member named Ashcroft Burnham, favored an English common-law approach. Burnham also got to personally select the court’s new appointees, and the lack of oversight didn’t sit well with Vale. Ultimately Vale prevailed. Neufreistadt rejected Burnham’s court scheme—and the idea that partici­pation be limited to lawyers. Both men meet on a regular basis to discuss—and often debate—the direction of Neufreistadt’s legal system. Yet they have never actually seen each other in person. That’s because Neufreistadt isn’t an actual town, and Vale and Burnham aren’t real people. While they do exist, they do so within the realm of virtual reality, in an expansive cyberworld called Second Life. [There’s more, including discussion about a SecondLife visit by real-world Judge Posner, and about tax and copyright implications. The ABA’s Cyberspace Law Committee has launched a working group looking at SecondLife legal issues.]

CT RULES THAT SEARCH ENGINES HAVE RIGHT TO REJECT ADS (BNA’s Internet Law News, 8 March 2007) -- BNA’s Electronic Commerce & Law Report reports that a federal court in Delaware has ruled that a search-based advertising service may refuse to carry ads that would make it an unwilling mouthpiece for speech it deems objectionable. Just as newspapers have the right to reject content that goes against their editorial discretion, so too do search engines, Judge Joseph Farnan concluded. The court granted motions by Google Inc. and Microsoft Corp. seeking to dismiss the complaint for failure to state a claim. Case name is Langdon v. Google Inc.

THAT EMAIL YOU JUST FORWARDED MAY BE COPYRIGHTED (Steptoe & Johnson’s E-Commerce Law Week, 8 March 2007) -- One of the blessings -- and curses -- of email is how easy it is to forward information you receive to someone else you think might be interested in it. But did you ever stop to consider that the act of forwarding that email might constitute copyright infringement? According to a recent ruling by a British court, it just might. The England and Wales High Court held that a short business letter between executives of affiliated companies was “an original literary work” protected by copyright, and that when a person in a commercial dispute with the companies got hold of that letter and circulated it, he committed copyright infringement. While the letter in question was of the “snail mail” variety, the court’s reasoning would appear to apply to email as well. The ruling comes just days after a U.S. court ruled that sharing a single-user subscription to an online database could impinge upon the database owner’s copyright (and violate U.S. computer crime and privacy laws). Together, these decisions suggest that people may want to exercise caution before forwarding confidential emails or sharing access to a restricted web site. British ruling at

SWEDEN EYES MONITORING E-MAIL, CELLPHONE CALLS (Globe & Mail, 8 March 2007) -- Sweden’s government presented a contentious plan Thursday to allow a defense intelligence agency to monitor - without a court order - e-mail traffic and phone calls crossing the nation’s borders. The government insists only a fraction of the electronic communications will be affected, but critics worry the program, designed to combat terrorism and other threats to national security, is too far-reaching. Their concerns resemble criticism of a U.S. surveillance program launched in 2001 that monitors international phone calls and e-mails to or from the United States involving people suspected by the government of having terrorist links. The Swedish proposal, which needs parliamentary approval, would give the National Defence Radio Establishment a green-light to use so-called data mining software to search for sensitive keywords in all phone and e-mail communication passing through cables or wires across the country’s borders.

ALL MICROSOFT UPDATES PHONE HOME (Heise Security, 8 March 2007) -- Possibly as a reaction to heise Security’s report that Windows Genuine Advantage Notification sends back data to Redmond even when users choose to terminate its installation, a Microsoft developer using the pseudonym alexkoc has now posted an entry in the WGA blog. There he reveals that every update that flows through Windows Update at the very least informs Microsoft about whether the installation was successful or not. In the Privacy Statement of Windows Update Microsoft grants itself fairly far-reaching rights. Thus the information collected by the Redmond-based behemoth includes the computer make and model, version information for the operating system, browser, and any other Microsoft software for which updates might be available, Plug&Play ID numbers of hardware devices, region and language setting, Globally Unique Identifier (GUID), Product ID and Product Key, BIOS name, revision number, and revision date. By way of justifying Microsoft’s approach, alexkoc writes that the EULA, likewise presented by the WGA installer, also covered the relaying of such information. Microsoft’s privacy statement (from the update installer) at:

PATENT OFFICE CLAIMS FILESHARING A THREAT TO USER PRIVACY, NATIONAL SECURITY (ArsTechnica, 8 March 2007) -- The United States Patent Office (USPTO) released a report (PDF) this week that outlines potential privacy and security threats created by common peer-to-peer (P2P) filesharing programs like Limewire and Bearshare. The report describes several P2P software features that allegedly lead to inadvertent distribution of sensitive files and information. Citing concerns for user privacy and national security, the report insists that the mechanisms responsible for instances of inadvertent sharing should be studied in greater detail. Specifically, the report addresses “search-wizard” features, which can scan the contents of a user’s hard drive in order to automatically select folders to share on P2P networks, “partial-uninstall” features, which cause programs to remember which folders are shared even after the program has been removed and installed again, and “coerced-sharing” features, which cause programs to share downloaded files by default. The report argues that these features are designed to compel users to share files without the knowledge or consent of the user even in cases where the features can be disabled or can only be enabled by user intervention. Furthermore, the report claims that P2P programs do not sufficiently disclose the potential for inadvertent redistribution. So how do filesharing applications constitute a threat to national security? According to the report, P2P filesharing software could “compromise national security because government employees using these programs would inadvertently share files containing sensitive or classified data.” The report cites a 2005 study conducted by the Department of Homeland Security, claims that “there are documented incidents of P2P file sharing where Department of Defense sensitive documents have been found on non-US computers with no protection against hostile intelligence.” Does filesharing threaten to clog the tubes with classified documents? It may be that the government’s lax computer security standards deserve more blame than P2P programs with lousy default settings. USPTO report at

JUDGE TOSSES MORGAN STANLEY SUIT THAT FEATURED EMBARRASSING E-MAILS (Advisen, 10 March 2007) -- A judge has dismissed all but one count of a sensational lawsuit against Morgan Stanley in which a former technology manager claimed he was fired for uncovering a series of embarrassing e-mails that cast doubt on the ethics and judgment of senior managers at the bank. In ruling on the suit, U.S. District Court Judge Thomas Griesa said the plaintiff, Arthur Riel, was not wrongfully dismissed in part because Morgan Stanley house rules forbidding retaliation against whistleblowers are not legally binding. “This is not a contractual promise on the part of Morgan Stanley,” Griesa wrote. Riel, a former IT employee who managed Morgan Stanley’s e-mail archive, said he was fired for uncovering the e-mails while performing his duties. Some of the e-mails entered as evidence in the case showed Morgan Stanley chief technology officer Guy Chiarello currying favor with IT vendors to obtain premium sports tickets and lavish junkets. They also showed Morgan Stanley execs pressuring the firm’s IT department to buy from vendors from whom they hoped to win investment banking business. In a ruling handed down in mid-February, Griesa dismissed seven of the eight causes of action that Riel filed against Morgan Stanley, most of them related to his termination. The remaining cause of action, an allegation of breach of contract, was left standing by Griesa. Morgan Stanley may not have heard the last from Riel, however. Records in U.S. District Court for Southern New York show that he has filed an amended complaint that contains many of his original allegations.

F.B.I. HEAD ADMITS MISTAKES IN USE OF SECURITY ACT (New York Times, 10 March 2007) -- Bipartisan outrage erupted on Friday on Capitol Hill as Robert S. Mueller III, the F.B.I. director, conceded that the bureau had improperly used the USA Patriot Act to obtain information about people and businesses. Mr. Mueller embraced responsibility for the lapses, detailed in a report by the inspector general of the Justice Department, and promised to do everything he could to avoid repeating them. But his apologies failed to defuse the anger of lawmakers in both parties. “How could this happen?” Mr. Mueller asked rhetorically in a briefing at the headquarters of the Federal Bureau of Investigation. “Who is to be held accountable? And the answer to that is I am to be held accountable.” The report found many instances when national security letters, which allow the bureau to obtain records from telephone companies, Internet service providers, banks, credit companies and other businesses without a judge’s approval, were improperly, and sometimes illegally, used. Moreover, record keeping was so slipshod, the report found, that the actual number of national security letters exercised was often understated when the bureau reported on them to Congress, as required. The repercussions were felt far beyond Mr. Mueller’s office. Democratic lawmakers, newly in control of Congress, promised hearings on the problems. Several Republicans expressed anger and dismay, as well. -- and -- A REVIEW OF THE FEDERAL BUREAU OF INVESTIGATION’S USE OF NATIONAL SECURITY LETTERS (FBI’S Office of Inspector General, March 2007)

STUDY: MOST FEDERAL AGENCIES FAIL TO USE WEB FOR ACCESS TO RECORDS (, 12 March 2007) -- Federal agencies have dragged their feet on implementing 10-year-old law that requires them to use the Internet to make government documents easily available, a new study says. The result is the public is blocked from easier access to information, the report says, and the cost of answering information requests is driven up. The study by the National Security Archive, for official release on Monday, found widespread failure among federal agencies to follow the Electronic Freedom of Information Act amendments that took effect in 1997. The changes constituted some of the most significant modernizations of the original 40-year-old law that first guaranteed citizens the right to government information. ``Federal agencies are flunking the online test and keeping us in the dark,” said Thomas Blanton, director of the independent, non-governmental Washington-based research institute. The study was funded by the John S. and James L. Knight Foundation, which focuses on journalism. The archive’s review of all 91 federal agencies with chief FOIA officers, along with 58 components of agencies (like the Air Force within the Department of Defense) that handle more than 500 documents a year, found:
-- Just 22 percent of federal agencies and components fully followed the law and posted on the Web all the required categories of documents (agency opinions and orders; frequently requested records; policy statements; staff guidance).
-- Just over one-third of agencies and components provided an index of their records, as required, to help locate documents.
-- Only a quarter of agencies and components provided online forms for submitting FOIA requests.
Many of the record-related Web links that do exist are wrong or missing. One FOIA fax number actually rang in the maternity ward of a military base hospital, Blanton said. A few agencies bucked the trend and showed the benefits of using the Internet, particularly the Education Department and the National Aeronautics and Space Administration, the study found.

POWER OF THE INTERNET USED IN A GUANTANAMO BAY CASE (, 12 March 2007) -- The power of the Internet, most people would agree, is awesome, but has it done what the federal courts may no longer have jurisdiction to do -- helped to free a possibly innocent man held at Guantanamo Bay? The Department of Defense on Feb. 24 informed the Office of Federal Public Defender in Portland, Ore., that three of its detainee clients were now “eligible for transfer,” or are eligible to leave the island prison. One of those three is Adel Hamad, a native of Sudan declared an enemy combatant by the U.S. government whose life and legal case formed the centerpiece of what one Internet expert describes as a “visionary” video filmed and posted on YouTube by his lawyers in the Federal Public Defender’s Office. Steve Wax, head of the Portland office, said he “would only be speculating” about any impact that the video may have had on the Department of Defense’s decision. Its notice, he said, does not make clear what exactly will happen to his clients. “It’s just too early to say,” said Wa. x”We are attempting to determine what the next steps are to get our clients home as quickly as possible.” The Department of Defense did not return a phone call seeking comment on the case. When the YouTube video of Hamad was posted, Wax expressed the hope “that if enough people in positions to make decisions see the information about Mr. Hamad and they hear from other people in the country or around the world questions or expressions of concern, one of them may look again at his situation.”

HUNT ON EBAY FOR AUSTRALIAN TAX DODGERS (Australian IT, 13 March 2007) -- EBAY has handed over the personal and financial details of hundreds of its top sellers to the Australian Taxation Office. The ATO has asked for the details of eBay sellers with an annual turnover of more than $50,000. The request is understood to be part of an ATO audit to determine if sellers are avoiding GST, and could affect up to 1000 customers. EBay Australia managing director Simon Smith said the ATO had requested data for the period July 1, 2003, to June 30 last year. The request was made a month ago and sellers were informed by email yesterday. At least one seller is known to have gone into liquidation this year after a related ATO probe. EBay provided to the ATO information including members’ contact names, seller user names, phone numbers, duration of membership and monthly sales turnover for the periods in question. Mr Smith said the data had been provided in compliance with eBay’s privacy policy. One seller whose data had been requested by the ATO told The Australian the audit would help rid eBay of unscrupulous sellers. Donna Kelly, who operates online clothing store Bonditopsellers, said that by not claiming GST on sales, some sellers were undercutting more legitimate operators.,7204,21371941%5E15306%5E%5Enbv%5E,00.html

FORGET HACKERS; COMPANIES RESPONSIBLE FOR MOST DATA BREACHES, STUDY SAYS (Computerworld, 14 March 2007) -- In the five minutes it might take to read this article, about 672 electronic records containing confidential information will be compromised. By year’s end, more than 72 million records with Social Security numbers, credit card numbers, birth dates and other personal data will have been exposed. That rate is about 200,000 more records per month than last year. And the main culprit is not the oft-vilified rogue hacker, but corporate America, according to a new study by the University of Washington, Seattle. That conclusion is based on a review of 550 security breaches reported in major U.S. news media outlets from 1980 to 2006. The goal of the study was to examine the role of organizational behavior in privacy violations. It showed that internal foul-ups such as putting personally identifiable information accidentally online, missing equipment, lost backup tapes or other administrative errors were responsible for 61% of the incidents. In contrast, just 31% of the incidents were perpetrated by external hackers; 9% had unspecified causes.

WHOSETUBE? VIACOM SUES GOOGLE OVER VIDEO CLIPS (New York Times, 14 March 2007) -- Since it bought YouTube last October, Google has been chasing deals that would give it the right to put mainstream video programming on the site. Just a few weeks ago, Google’s chief executive, Eric E. Schmidt, seemed confident that this courtship of old-line media companies would prove fruitful. Now Google has hit a wall. Viacom, the parent company of MTV, Nickelodeon and Comedy Central, filed a wide-ranging lawsuit against Google on Tuesday, accusing it of “massive copyright infringement.” Viacom said it was seeking more than $1 billion in damages and an injunction prohibiting Google and YouTube from committing further infringement. Citing the $1.65 billion that Google paid for YouTube, the complaint said that “YouTube deliberately built up a library of infringing works to draw traffic to the YouTube site, enabling it to gain a commanding market share, earn significant revenues and increase its enterprise value.” The complaint was filed in United States District Court in New York. Google said it was still reviewing the lawsuit but repeated past assertions that copyright law shields it from liability for clips posted by its users. Complaint at

-- and --

DMCA ABUSER APOLOGIZES FOR TAKEDOWN CAMPAIGN (EFF, 14 March 2007) -- Michael Crook, the man behind a string of meritless online copyright complaints, has agreed to withdraw those complaints, take a copyright law course, and apologize for interfering with the free speech rights of his targets. The agreement settles a lawsuit against Crook filed by the Electronic Frontier Foundation (EFF) on behalf of Jeff Diehl, the editor of the Internet magazine 10 Zen Monkeys. Diehl was forced to modify an article posted about Crook’s behavior in a fake sex-ad scheme after Crook sent baseless Digital Millennium Copyright Act (DMCA) takedown notices, claiming to be the copyright holder of an image used in the story. In fact, the image was from a Fox News program and legally used as part of commentary on Crook. But Crook repeated his claims and then attempted to use the same process to get the image removed from other websites reporting on his takedown campaign. “Crook’s legal threats interfered with legitimate debate about his controversial online behavior,” said EFF Staff Attorney Jason Schultz. “Public figures must not be allowed to use bogus copyright claims to squelch speech.” In addition to withdrawing current complaints against Diehl and every other target of his takedown campaign and taking a copyright law course, Crook has also agreed to limit any future DMCA notices to works authored or photographed by himself or his wife, or where the copyright was specifically assigned to him. All future notices must also include a link to EFF information on his case, as well as the settlement agreement. Crook has also recorded a video statement to apologize and publicize the dangers of abusing copyright law. “We’re pleased that Crook has taken responsibility for his egregious behavior,” said EFF Staff Attorney Corynne McSherry. “Hopefully, this will set a precedent to prevent future abuse of the law by those who dislike online news-reporting and criticism.” The settlement with Michael Crook is part of EFF’s ongoing campaign to protect online free speech from the chilling effects of bogus intellectual property claims. EFF recently filed suit against the man who claims to have created the popular line dance “The Electric Slide” for misusing copyright law to remove an online documentary video that included footage of people trying to do the dance.

GOOGLE AIMS TO BOLSTER PRIVACY OF WEB SURFER DATA (Reuters, 15 March 2007) -- Google Inc., faced with a mountain of data on its users’ Web search habits, is taking steps to bolster consumer privacy protections in coming months, the company said late on Wednesday. The world’s leading provider of Web search said it is taking steps to anonymize, or obscure details, after 18 to 24 months on the surfing habits of tens of millions of Web users that could potentially be used to identify individuals. The Mountain View, California-based company collects information on Web searches, such as the keyword queries, Internet addresses and “cookies” used by Web sites and advertisers, to track Web surfing habits. “Previously, we kept this data for as long as it was useful,” Google officials said in statement to be made public on Thursday but provided to reporters on Wednesday. “Unless we’re legally required to retain log data for longer, we will anonymize our server logs after a limited period of time.” Google plans to implement the policy within the next year, it said. In order to keep Google search as easy and convenient to Web surfers as they repeatedly return to Google’s search site, the company said it is necessary to keep limited personal details that tie a user to a computer so that Google’s computers can tailor the search to the user’s interests. In promising to make these mounds of personal data anonymous after a period of up to two years, the company is responding to fears expressed by privacy advocates and some government regulators in the United States and Europe at the privacy dangers if such data were ever publicly exposed. Google also said it was taking additional steps to design privacy protections into Google products. These include an “off the record” feature in its Google Talk instant message system making it easier for users to temporarily disable the automatic archiving of conversations, and a “pause” feature in its Google Desktop software, which scours the contents of a user’s computer to make it easier to search for documents or other information. Google cautioned that data retention laws in some national or regional jurisdictions could obligate Google to retain Web server logs at some point in the future.

COURT: BERTELSMANN DOESN’T HAVE TO DISCLOSE COMMUNICATIONS IN NAPSTER SUIT (, 15 March 2007) -- A federal appeals court said Wednesday that a major European media company does not have to disclose its lawyers’ private communications in connection with a $50 million loan to Napster in 2001. The ruling is part of an ongoing lawsuit by major record companies against German-based Bertelsmann AG. Universal Music Group, EMI Group PLC and others allege Bertelsmann did more than just write checks to Napster in a bid to gain a financial interest in Napster and change it into a law-abiding service. The record companies’ lawsuit claims Bertelsmann is liable for copyright infringement because it invested in a company that was openly allowing copyright infringement. Napster allowed users to browse each other’s MP3 music collections stored on their computers and pluck liberally from them, sharing and swapping 24 hours a day for free. The original Napster went off-line in 2001 after a series of court rulings. The record companies then sued Bertelsmann, and among other things wanted to see the company lawyers’ internal accounts about the loan, arguing that Bertelsmann took control of Napster and directed the infringing activities. On Wednesday, the 9th U.S. Circuit Court of Appeals overturned a lower court judge who ordered the documents to be turned over as part of the ongoing lawsuit. Attorney-client privilege can be punctured if attorneys aided in a crime or fraud, but the appeals court found that the evidence did not support a so-called ``crime-fraud exception” to the privilege.

SERVICE PROVIDERS’ CDA SHIELD WITHSTANDS TWO NEW ATTACKS (Steptoe & Johnson’s E-Commerce Law Week, 15 March 2007) -- Plaintiffs’ search for chinks in websites’ Communications Decency Act (CDA) armor continues. Section 230(c)(1) of the CDA has been interpreted as giving websites and other “provider[s] or user[s] of an interactive computer service” broad immunity from suits that “treat[]” them as the “publisher or speaker of any information provided by another information content provider.” Some plaintiffs have tried to pierce, or circumvent, this shield by focusing on websites’ operational policies and practices as distinct from their “editorial” functions. But two courts recently recently rejected this novel theory. In Universal Communication Systems, Inc. v. Lycos, Inc., the First Circuit turned away plaintiffs’ contention that “the construct and operation of Lycos’s web sites contributed to the proliferation of misinformation,” finding that Lycos’ choice of “registration process” and “link structure” was “an editorial decision” protected by Section 230. And in Doe v. MySpace, Inc., a federal court in Texas found that plaintiffs’ suit was “based on MySpace’s editorial acts,” not its alleged “negligent failure to take reasonable safety measures to keep young children off of its site,” and therefore granted the social networking site’s motion to dismiss. These rulings suggest that even if a website’s use policies or technical features permit the posting of inaccurate and harmful information, website operators should still be able to claim CDA immunity for content posted by third parties. Universal case at; Doe case at

COLORADO WOMAN SUES TO HOLD WEB CRAWLERS TO CONTRACTS (Information Week, 16 March 2007) -- Computers can enter into contracts on behalf of people. The Uniform Electronic Transactions Act (UETA) says that a “contract may be formed by the interaction of electronic agents of the parties, even if no individual was aware of or reviewed the electronic agents’ actions or the resulting terms and agreements.” This presumes a prior agreement to do business electronically. So what constitutes such an agreement? The Internet Archive, which spiders the Internet to copy Web sites for posterity (unless site owners opt out), is being sued by Colorado resident and Web site owner Suzanne Shell for conversion, civil theft, breach of contract, and violations of the Racketeering Influence and Corrupt Organizations act and the Colorado Organized Crime Control Act. Shell’s site states, “IF YOU COPY OR DISTRIBUTE ANYTHING ON THIS WEB SITE, YOU ARE ENTERING INTO A CONTRACT,” at the bottom of the main page, and refers readers to a more detailed copyright notice and agreement. Her suit asserts that the Internet Archive’s programmatic visitation of her site constitutes acceptance of her terms, despite the obvious inability of a Web crawler to understand those terms and the absence of a robots.txt file to warn crawlers away. A court ruling last month granted the Internet Archive’s motion to dismiss the charges, except for the breach of contract claim. In a post on law professor Eric Goldman’s Technology & Marketing Law blog, attorney John Ottaviani, a partner at Edwards & Angell in Providence, R.I., says the issue is “whether there was ‘an adequate notice of the existence of the terms’ and a ‘meaningful opportunity to review’ the terms.”

UW WARNS MUSIC SHARERS (Badger Herald, 19 March 2007) -- The University of Wisconsin went against the national trends Friday by warning students about its policy regarding illegal file sharing but refusing to forward settlement letters to violators from the Recording Industry Association of America. According to Brian Rust, communications manager for the UW Division of Information Technology, the university sent an e-mail reminding students of the “appropriate use guidelines” for downloading to protect them from what could amount to thousands of dollars in out-of-court settlements. “These settlement letters are an attempt to short circuit the legal process to rely on universities to be their legal agent,” Rust said. “It basically says, you are illegally downloading and/or sharing information; and before we take legal action, you can remedy this situation and pay for the music or movies that you’ve downloaded.” Rust said DoIT receives about 10 to 20 cease-and-desist notices per day, which they are obligated to forward to their users. The notices are only warnings, Rust added, but the settlement letters brought on by the Recording Industry Association of America are more of a threat. The settlements are usually around $700 per instance, but could be as much as $3,500, according to Rust. “So you can imagine some people have probably come to that website with their credit card and paid it,” Rust said. “We do not want to be a party to that; we are not the legal agent for the recording agency, nor do we aspire to (be).”

HERDING THE MOB (Wired, March 2007) -- John and Nina Swanson run a business selling vintage postcards on eBay. To keep customers happy, the Swansons reply to buyers promptly and ship on time. This policy is reflected in their eBay feedback score — a rating based on responses to prior transactions. Positive comments are scored as one point. Neutral and negative remarks are recorded as zero and negative one, respectively. The Swansons have a score of over 2,000. Six years ago, University of Michigan information studies professor Paul Resnick asked the couple to participate in an experiment. Resnick wanted the Swansons to continue selling postcards through their established profile, but also to offer the same goods and services through seven fake identities. Initially these bogus profiles would have no reputation; later they would be given negative scores. The Swansons agreed. After 470 auctions, Resnick found that the Swansons’ main account, with its high customer rating, earned an average of 8.1 percent more per transaction than the fakes. It was the first hard proof that a feedback score — a number generated by a collection of unrelated people — carries quantifiable real-world value. “What we’re seeing here is a new kind of trust,” Resnick says. “It’s a kind of impersonal trust geared to situations with lots of interactions among strangers.” In other words, the crowd matters. Today we harness the masses for everything from choosing the next pop star on American Idol to perfecting open source software and assembling Wikipedia articles. But perhaps the most widespread and vital uses for group input online are in scoring systems. In addition to eBay feedback, these are the customer ratings that and Yahoo Shopping post with product reviews. They’re the feedback scores that Netflix tallies to help subscribers decide which movies to order. And they’re the up-or-down votes that sites like Digg and Reddit (part of the Wired Media Group, which also includes WIRED magazine) rely on to determine which stories to feed Web surfers. But as rating systems have become more popular — and, as Resnick shows, valuable — there has been what some would say is a predictable response: the emergence of scammers, spammers, and thieves bent on manipulating the mob. Call it crowdhacking.

SOFTWARE PROVIDER LIABLE FOR UNAUTHORIZED PRACTICE OF LAW IN NINTH CIRCUIT (, March 2007) -- Legal software vendors beware! The Ninth Circuit recently held that a seller of web-based bankruptcy software qualified as a bankruptcy petition preparer and, as such, engaged in fraud and the unauthorized practice of the law. Any provider of software that claims to “know the law” and offers automated form selection should examine this decision closely to make sure their activities are within legal boundaries. The suit, Frankfort Digital Services v. Kistler (In re: Reynoso), arose out of a bankruptcy proceeding, during which the petitioner paid to use browser-based software that prepared his bankruptcy petition based on information he provided. The product’s web site explained that the software would choose which bankruptcy exemptions to apply for and remove any need for the petitioner to individually select which schedule to use for the various pieces of information involved. During the first meeting with the petitioner’s creditors, the Chapter 7 trustee noticed mistakes, learned about the software and filed an adversary action against the software vendor alleging violations of 11 U.S.C. section 110. This action added to the list of section 110 proceedings against the software vendor, which had already run afoul of several other Chapter 7 trustees. The bankruptcy court held that collateral estoppel prevented the vendor from challenging its status as a “bankruptcy petition preparer engaged in the unauthorized practice of law,” since a previous case had gone against the vendor on this point. The Bankruptcy Appellate Panel of the 9th Circuit agreed with the bankruptcy court and affirmed based on issue preclusion. The regular Ninth Circuit panel decided to address the merits of the case, however, after accepting defendant’s argument that the website had changed since the previous case was decided. The court found that the vendor indeed qualified as a bankruptcy petition preparer, which was the first time that the Ninth Circuit had determined that a software-provider could qualify as such. Since bankruptcy petition preparers are, by definition, not attorneys, the court’s next step was to examine California law to determine whether the vendor engaged in the unauthorized practice of the law. Case at

BIG SISTER CLINTON (2.0) (New York Times, 19 March 2007) -- Wondering what this presidential campaign might look like in the world of “Web 2.0” social networking sites? We have our answer: The buzz-generating Internet ad featuring Senator Hillary Rodham Clinton as a scary Big Brother figure, conducting her presidential campaign “conversation” on a giant screen to drone-like humans. The ad, a near-copy of an Apple spot for Macintosh in 1984, has drawn more than 438,00 viewers on YouTube in the last two weeks, (and linked by hundreds of blogs), showing the potential reach of such guerilla ad campaigns. It ends with a female athlete (who seems to be wearing an iPod) smashing the screen image of Mrs. Clinton’s face with a hammer. Then these words appear — “On January 14th the Democratic primary will begin. And you’ll see why 2008 isn’t going to be like ‘1984′” — followed by the closing text, Mr. Obama’s camp has disavowed responsibility for the ad, although there are links to it on community pages on Mr. Obama’s Web site. (And, it was apparently mashed by a 59-year-old with the YouTube username ParkRidge47; Mrs. Clinton was born in 1947 and grew up in Park Ridge, Ill., by the way.) A spokesman for Mrs. Clinton had no comment. YouTube clip at; creator unmasked:,0,1775351.story?coll=ny-uspolitics-headlines

CYBERSQUATTING COMPLAINTS RISE 25 PERCENT, U.N. SAYS (, 21 March 2007) -- The U.N. copyright agency that arbitrates more than half the world’s ``cybersquatting” cases saw a 25 percent increase in complaints last year. The World Intellectual Property Organization received 1,823 complaints in 2006 alleging abusive registrations of trademarks as Internet domain names. The growing number of professional domain name dealers who use computer software that automatically registers expired domain names or temporarily registers them without paying charges, is of concern to trademark owners, WIPO said. Since 1999, WIPO has decided in favor of the complainant in 84 percent of all cases.

INSURANCE COMPANY REFUSES TO COVER LAW FIRM’S BLOG (Computerworld, 22 March 2007) -- A law firm in New Jersey has temporarily halted plans to launch a blog because its insurance company would not cover the blog under an existing malpractice insurance policy. James Paone, a partner at Lomurro, Davison, Eastman and Munoz in Freehold, N.J., said that the firm’s insurer -- The Chubb Corp. -- said several weeks ago that it would not add the blog to the existing policy. “We were in the process of beginning to set up a blog, having internal discussions about what areas of law would be the subjects,” he said. “We wanted to cover the first base, which is [Chubb’s] coverage. Our insurance carrier said [a blog] is not a risk they were interested in insuring. The entire discussion stopped.” Paone said his firm contacted Chubb to ask about insurance coverage in case someone tried to sue it over content in the blog. Now, the law firm is in the process of setting up a meeting with Chubb “so we can understand what their rationale is for saying they weren’t interested in covering that kind of risk,” Paone said. Chubb did not immediately respond to a request for comment.

CT RULES ADVERTISER CAN BE VICARIOUSLY LIABLE UNDER CAN-SPAM (BNA’s Internet Law News, 22 March 2007) -- BNA’s Electronic Commerce & Law Report reports that a federal court in Arizona has ruled that an advertiser can be held vicariously liable for a marketing partner’s CAN-SPAM Act violations if the advertiser had the ability to control the actions of the partner and it knew, or should have known, that the partner was violating the law. Case name is United States v. Cyberheat Inc.

NET PORN BAN FACES ANOTHER LEGAL SETBACK (CNET, 22 March 2007) -- Congress’ efforts to muzzle pornography on the Web were dealt another serious setback on Thursday, when a federal judge ruled a 1998 law was unconstitutional and violated Americans’ First Amendment rights. U.S. District Judge Lowell Reed in Philadelphia permanently barred prosecutors from enforcing the Child Online Protection Act, or COPA, saying it was overly broad and would undoubtedly “chill a substantial amount of constitutionally protected speech for adults.” The lawsuit was filed by the American Civil Liberties Union. Even though politicians enacted COPA nearly a decade ago as part of an early wave of Internet censorship efforts, the courts have kept it on ice and it has never actually been enforced. The law makes it a crime for commercial Web sites to make “harmful to minors” material publicly available, with violators fined up to $50,000 and imprisoned for up to six months. Because of an odd legal twist, COPA has been bouncing around the legal system without a final resolution. The law already has been reviewed by the U.S. Supreme Court once--which agreed with a temporary ban on enforcement--but the justices said they wanted more information about the current state of filtering technology and stopped short of a definitive ruling on its constitutionality. Reed’s 84-page opinion (PDF) appears to be intended to provide ample grounds for the Supreme Court to strike down the law for good. The opinion includes a detailed review of the current state of filtering technology and concludes the programs are “fairly easy to install” and are “more effective than ever before.” Decision at

METADATA MINEFIELD (ABA Journal, 23 March 2007) -- One of the first things Vincent Polley does after receiving a document from op­posing counsel is look for metadata, the hidden information embedded in computer files. “When I get a document, I take a look for a couple of things, like who it was written by and the number of revisions it went through,” says Polley, who practices information technology law at Dickinson Wright in Bloomfield Hills, Mich., and serves on the council of the ABA Section of Business Law. “You can learn a lot about what someone is sending you that you can’t see by just looking at a document.” The potential value of metadata is hard to ignore. The Pentagon, the British government and a number of public figures were all embarrassed when metadata revealed that their public statements were at odds with private communications. Drug giant Merck was found to have altered data about its drug Vioxx through metadata mining, which helped plaintiffs in a lawsuit argue that the company had been deceptive about the drug’s safety. To Polley’s thinking, a lawyer is being remiss if he or she doesn’t look at metadata. But is snooping for hidden data in electronic documents from the other side also unethical, or at least a bit unseemly? While views on that question are divided, the ABA recently weighed in with an ethics opinion concluding that metadata is essentially fair game. The ABA Model Rules of Professional Conduct “do not contain any specific prohibition against a lawyer’s reviewing and using embedded information in electronic documents,” states the Standing Committee on Eth­ics and Professional Responsibility in Formal Opinion 06-442 (Aug. 5, 2006). The Model Rules serve as the basis for most state ethics codes for lawyers. Of the handful of states that have tackled the metadata issue so far, at least two have taken positions at odds with the ABA opinion. An opinion issued in 2001 by the New York State Bar Committee on Professional Ethics prohibits attorneys from using computer tech­nology to “surreptitiously obtain privileged or otherwise confidential information” of an opposing party. (Opinion 749, issued Dec. 14, 2001.) The opinion cites New York’s equivalent to ABA Model Rule 8.4, which prohibits a lawyer from engaging in conduct “involving dishonesty, fraud, deceit or misrepresentation” or that is “prejudicial to the administration of justice.” The ABA’s ethics committee concluded that Model Rule 8.4 does not apply to a lawyer’s use of information that was received inadvertently.


FTC UNVEILS PRACTICAL SUGGESTIONS FOR BUSINESSES ON SAFEGUARDING PERSONAL INFORMATION (FTC, 8 March 2007) -- The Federal Trade Commission is offering a new guide for businesses with practical suggestions on safeguarding sensitive data. The 24-page brochure can help businesses of all sizes protect their customers’ and employees’ personal information. FTC Chairman Deborah Platt Majoras unveiled the guide today at the Privacy Summit of the International Association of Privacy Professionals in Washington, DC, where she received the Privacy Leadership Award on behalf of the agency. “Information security cannot be an afterthought for businesses,” said Majoras. “Consumers expect and deserve to have their sensitive personal information kept secure.” Guide at

HOW TO SURF ANONYMOUSLY WITHOUT A TRACE (ComputerWorld, 12 March 2007) -- The punchline to an old cartoon is “On the Internet, nobody knows you’re a dog,” but these days, that’s no longer true. It’s easier than ever for the government, Web sites and private businesses to track exactly what you do online, know where you’ve visited, and build up comprehensive profiles about your likes, dislikes and private habits. And with the federal government increasingly demanding online records from sites such as Google and others, your online privacy is even more endangered. But you don’t need to be a victim. There are things you can do to keep your surfing habits anonymous and protect your online privacy. So read on to find out how to keep your privacy to yourself when you use the Internet, without spending a penny. [Editor: My source for this article is a leading IT expert, who also wrote “I tried the test (at It was revealing, not to overload the word.”]

ARE YOU ON THE NO FLY LIST, TOO? (The Huffington Post, 2 March 2007) -- A few years after the Department of Homeland Security developed its No Fly List and No Fly Watch or “Selectee” List, the Washington Post and San Francisco Chronicle reported the screening system was based on an algorithmic software known as Sounde. xA crude, antiquated algorithm developed in 1918 to analyze U.S. Census data, Soundex is based on the English language and, as a result, has a few deficiencies when it comes to trying to match Arabic names. Soundex works, generally, by removing vowels from names and then assigning numerical values to the remaining consonants. This has been the basis for the Computer Assisted Passenger Pre-Screening System (CAPPS) and it is horrendously inadequate and matches far too many names. To see just how poorly Soundex performs, visit and type in your name to assess your chances of being on the No Fly or Watch List. This is the only known publicly available site for checking your name against potential terrorist identities and databases.

1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School,
2. Edupage,
3. SANS Newsbites,
4. NewsScan and Innovation,
5. Internet Law & Policy Forum,
6. BNA’s Internet Law News,
7. Crypto-Gram,
8. McGuire Wood’s Technology & Business Articles of Note,
9. Steptoe & Johnson’s E-Commerce Law Week,
10. Readers’ submissions, and the editor’s discoveries.

This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.

No comments: