Saturday, August 23, 2008

MIRLN 2-23 August 2008 (v11.11)

**************Introductory Note**********************

MIRLN (Misc. IT Related Legal News) is a free product for members of the American Bar Association’s Cyberspace Law Committee, et al., and is produced by http://www.knowconnect.com.

Members of the ABA Cyberspace Law Committee automatically receive MIRLN postings (about every third week); members can manage their subscriptions at http://www.abanet.org/dch/committee.cfm?com=CL320000 (find the “Listserves” box; MIRLN comes through the CLCC-MEMS listserve). Others who wish to be added to the MIRLN distribution list should send email to Vince Polley (mailto:vpolley@knowconnect.com?subject=MIRLN) with the word “MIRLN” in the subject line, and similarly will be removed from the distribution list after sending email to Vince with the words “MIRLN REMOVAL” in the subject line.

Recent MIRLN issues are archived at www.knowconnect.com/mirln.

**************End of Introductory Note***************

CLARIFICATIONS SOUGHT ON DATA MINING (FCW, 24 July 2008) - Clarification is needed for the definition of data mining and the rules governing it, civil libertarians and academics said today. Several experts at a Homeland Security Department conference on implementing privacy protections in government data mining expressed concerns that the meaning of data mining was misunderstood, or had not been fully explained, thus leading to confusion or potential violations of privacy rights. In the legislation that established DHS, Congress required the department to “establish and utilize…a secure communications and information technology infrastructure, including data mining and other advanced analytical tools, in order to access, receive and analyze data.” However, according to some experts, there’s confusion over what constitutes data mining, causing misperceptions. Some experts were worried that the lack of an agreed-upon definition and specific rules governing different types of data mining, including the use of commercial data, increases the risk of privacy violations. “What’s important here is that we not reflexively say that data mining is bad…but we need to have in place the rules of the road here…about when data can be collected, how it can be used,” said Barry Steinhardt, director of the Technology and Liberty Project at the American Civil Liberties Union. “We have not really had that discussion about what the rules of the road are.” In its 2007 annual report to Congress on the department’s data mining activities, DHS’ privacy office said that “it is important to note that no consensus exists on what constitutes ‘data mining.” http://www.fcw.com/online/news/153267-1.html

OUTSOURCE YOUR CHORES — AND FEEL GOOD WHILE YOU’RE AT IT (New York Times, 30 July 2008) - Ted Moorhouse wants you to outsource your next Excel mail merge or graphic design chore — and in the process give students in developing countries the chance to improve their lives. Mr. Moorhouse’s new project, Serebra Connect, is an auction site for services. Buyers post a task and sellers bid to complete the job. It’s a similar model to the popular freelance marketplace Elance — but with a feel-good twist. Most of the people bidding on the jobs are students in developing countries who have taken a course from the Serebra Learning Corporation, the e-learning company where Mr. Moorhouse is chairman and chief executive. He started Serebra Connect in October to help these students use their new skills. Sample tasks posted on the site: creating a logo for a dental practice, translating e-books from Arabic to English and building a Web site with Flash. The average price is $200. It is free to post or bid on a task. The buyer sends the payment to Serebra to hold until the task is completed. Serebra then takes a 10 percent to 15 percent cut and sends the money to the seller via PayPal or MasterCard’s Payoneer. Sellers on the site are rated on a five-star scale based on reviews from buyers as well as how many Serebra courses they have completed. Serebra Connect is still tiny. It has 6,500 sellers: 4,000 in developing countries and the rest from the United States, Canada and Europe. Only 65 tasks have so far been completed and 40 more are in the queue. When a Madison, Wis., company posted a PowerPoint project that would have cost $2,000 in Madison, a woman in the Philippines offered to do it for $200, 10 times her $22-a-month pay as a teacher. Serebra itself posted a task to the site when it needed a new logo, after getting a local quote of $7,500. Someone in Mozambique designed it for $200, and Serebra was so happy with the finished product that the company is continuing to work with the designer. http://bits.blogs.nytimes.com/2008/07/30/outsource-your-chores-and-feel-good-while-youre-at-it/

LAWYERS TO NAME DEFENDANTS IN AUTOADMIT CASE (Yale Daily News, 31 July 2008) - Anonymous commenting may have just gotten a little less anonymous. With the help of a subpoena issued six months ago, attorneys for two Yale Law School students have succeeded in unmasking several anonymous users of the Web forum AutoAdmit whom the women are suing for defamation. Some of the defendants will finally be named when the students soon file an amended complaint, said their attorney, Stanford Law Professor Mark Lemley, who declined to comment further. While this development does not break any new legal ground, several experts interviewed said, it is one of the few, and certainly one of the highest-profile, examples of defamation lawsuits that have successfully pierced the veil of online anonymity. In 2005, sexually explicit and derogatory posts targeting three female Yale Law students appeared on AutoAdmit, an online community where law students can discuss law-school admissions and law-firm life. Two of the students, who remain unnamed in the suit, filed against the 39 authors of the allegedly defamatory posts. Since a federal judge in New Haven granted subpoenas of Internet service providers last January, several of those comments have been successfully traced through their electronic footprints. One of those authors was “AK47,” who, in 2007, posted that women with one of the Yale Law students’ names “should be raped” and said that he and that student were “gay lovers.” John Williams, a court-appointed lawyer who represented AK-47, whom he has never met and whose identity he does not know, said he was disappointed by the judge’s decision to sustain the subpoena, which he said went beyond where any other court has gone. http://www.yaledailynews.com/articles/view/24842

COMPANIES STRUGGLE TO PROTECT DATA (PW World, 3 August 2008) - A staggering 94 percent of companies admit that they are powerless to prevent confidential data from leaving their company by e-mail, according to a new study from Mimecast. The survey was carried out by Emedia on behalf of the e-mail management provider, and interviewed 125 IT managers in the United Kingdom. It found that only 6 percent of respondents were confident that anyone attempting to send confidential information by e-mail out of the organization, would be prevented from doing so. The study also showed that 32 percent of companies would not even be aware that confidential information had been leaked, and therefore would be unable to take steps to minimize the damage or track down the source of the information. However 62 percent said they would be able to retrospectively identify the e-mail leak once the information had been sent, but they did confess to being unable to prevent its disclosure. http://www.pcworld.com/article/149327/2008/08/.html?tk=rss_news

WHAT HAVE THEY GOT AGAINST OWLS? (Nat’l Law Journal, 4 August 2008) - This might be the best part of the Department of Justice’s report of its probe into its improper hiring practices: Jan Williams, who preceded Monica Goodling as the White House liaison to the department, was asked about the LexisNexis search string she and possibly others used to plumb the political leanings of potential hires. Williams denied ever using the “search string” herself, but her handing-the-reins-over e-mail to Goodling said: “This is the lexis nexis search string that I use for AG appointments.” The string, which summarizes (neatly if depressingly) our recent political history, reads as follows: [first name of a candidate] and pre/2 [last name of a candidate] w/7 bush or gore or republican! or democrat! or charg! or accus! or criticiz! or blam! or defend! or iran contra or clinton or spotted owl or florida recount or sex! or controvers! or racis! or fraud! or investigat! or bankrupt! or layoff! or downsiz! or PNTR or NAFTA or outsourc! or indict! or enron or kerry or iraq or wmd! or arrest! or intox! or fired or sex! or racis! or intox! or slur! or arrest! or fired or controvers! or abortion! or gay! or homosexual! or gun! or firearm! The report concluded, among other things, that Goodling and Williams violated federal law, that Williams lied to investigators, and that Goodling committed misconduct. http://www.law.com/jsp/nlj/PubArticleNLJ.jsp?id=1202423465060 [Editor: a search-string as an attribute… BTW, I’d fail this one, and I don’t know owls from awl.]

2ND CIRCUIT BACKS CABLEVISION’S REMOTE RECORDER AGAINST PROGRAMMERS’ LAWSUIT (Law.com, 5 August 2008) - Cablevision’s proposed remote storage digital video recorder system does not violate the Copyright Act, a federal appeals court ruled Monday. The 2nd U.S. Circuit Court of Appeals overturned a grant of summary judgment to film and TV producers who claimed Cablevision’s system would directly infringe their copyrights by making unauthorized reproductions and by engaging in public performances. Judges John M. Walker Jr., Robert D. Sack and Debra Ann Livingston decided the appeal in The Cartoon Network v. CSC Holdings Inc., 07-1480-cv. Walker wrote for the court. Unlike TiVo and other digital video recorder systems that are run through boxes attached to televisions, Cablevision’s remote storage system, RS-DVR, would allow customers without a set-top box to record programming on hard drives maintained by the company at a remote location. Programming copyright holders sued in the Southern District of New York, where Judge Denny Chin granted them summary judgment and enjoined Cablevision from operating the system unless it obtained the necessary licenses from content providers. Chin agreed with the plaintiffs that Cablevision would commit direct infringement by copying at two points in the process -- first by briefly storing data on what is called a primary ingest buffer and, second, by sending the programs onto its Arroyo Server hard disks. The judge also agreed that by transmitting the data from the hard disks to customers, who are armed only with a remote, the company would directly infringe on the copyright holders’ exclusive right of public performance. But the circuit was persuaded there was no copying because of the short time the data reside in the buffers. “Given that the data reside in no buffer for more than 1.2 seconds before being automatically overwritten ... . we believe that the copyrighted works here are not ‘embodied’ in the buffers for a period of more than transitory duration, and therefore are not ‘fixed’ in the buffers,” he said. The circuit then turned to the question of whether the data stored on the Arroyo Server hard disks triggered direct liability for Cablevision, with the key question being who is actually making the copy -- Cablevision or the consumer. Walker cautioned that the court’s holding “does not generally permit content delivery networks to avoid all copyright liability by making copies of each item of its content and associating one unique copy with each subscriber to the network, or by giving their subscribers the capacity to make their own individual copies. http://www.law.com/jsp/article.jsp?id=1202423528890

- and -

NEW MAGAZINE-SHARING SITE MAY VIOLATE COPYRIGHTS (AP, 15 August 2008) - The magazine industry, already facing a decline in newsstand sales and falling ad revenue, is being besieged by a new foe: digital piracy. A fledgling Web site called Mygazines.com encourages people to copy and upload popular magazines that are currently on newsstands. Visitors can read high-quality digital copies of dozens of current titles, including People, Men’s Health and The Economist, in their entirety. The site, with some 16,000 registered users as of Friday, is a “flagrant” violation of copyright laws, according to legal experts — but it is run by an offshore company of specious origin, making it difficult to shut down. “It’s pretty hard to see how it’s anything other than a straightforward set of copyright violations,” said Jeffrey Cunard, an intellectual property lawyer with Debevoise & Plimpton LLP in Washington. “There are entire magazines with no commentary, no criticism — clearly not a case of classic fair use.” The Mygazines site said in a July 29 press release announcing its launch that its copies are no different from magazines shared in a doctor’s office or salon. Cunard rejected that argument because the site makes available copies of paid-for content — not the actual product. “The first-sale doctrine says that once I buy a physical copy of something, I can do whatever I want with it — except copy it,” he said. Several magazine publishers said they are aware of the site and are considering legal action. “We take our intellectual property seriously and are considering appropriate action on this matter,” The Economist said in an e-mail statement. Dawn Bridges, a spokeswoman for Time Warner Inc.’s Time division, said the publisher of People, Sports Illustrated and other titles is investigating its options, including ways to have the site shut down. The challenge for the magazine publishers is that Mygazines’s domain name is registered in the Caribbean island nation of Anguilla, which is a British overseas territory, and thus outside of the jurisdiction of U.S. copyright law. Publishers could have recourse if the company uses servers physically in the United States. They also could sue the company in U.S. courts because content is available to Americans, but they would not be able to force Mygazines representatives to show up — nor collect any damages for any ruling made in absentia. Repeated attempts to contact representatives of Mygazines.com went unanswered. Registration records show the domain name is owned by “John Smith” of Salveo Ltd., based in The Valley, Anguilla. The address listed is a post office box, and the phone number rang unanswered. Registration companies require that domain buyers use their actual names and contact information, but the submitted information is rarely checked. http://news.yahoo.com/s/ap/20080815/ap_on_hi_te/magazines_online_piracy Related CNET story discussion: “There is a hitch in the case against Mygazines, however. Mygazines is registered in the Caribbean island of Anguilla and hosted in Sweden, by the notorious PRQ. The Stockholm-based PRQ is owned by the founders of BitTorrent tracker site Pirate Bay and is known for hosting other dubious sites. With its domain name registered abroad and its servers beyond U.S. borders as well, Mygazines seems to have slipped around the jurisdiction of U.S. copyright law. Even though publishers could pursue legal action against the site for material available in the U.S., there’d be no way to get representatives for the company to court or to collect damages.” - http://news.cnet.com/8301-13578_3-10018462-38.html

WHO CAN YOU SUE? CLICK HERE (Time, 6 August 2008) - As if there weren’t enough people out there suing each other, now a Florida attorney has come up with a way to make the process even easier. Beginning next month, anyone with access to the Internet should be able to log onto WhoCanISue.com. The new website plans to help consumers determine whether they actually have a case and help them find an attorney from a list of lawyers who advertise their expertise on the website. The attorneys will pay an annual fee of $1,000 to appear on the site, plus an additional amount of their own choosing that will determine how prominently they appear in the listings on the site. The website will vet the attorneys to make sure they are in good standing with their state bar associations. Curtis A. Wolfe, formerly general counsel for Fort Lauderdale-based private equity firm Ener1 Group and the founder of WhoCanISue.com, plans to unveil the new website in September. But he will begin signing up attorneys to advertise on the site when the American Bar Association convenes it annual meeting in New York City on Thursday. Wolfe’s website is not the first of its kind. His most direct competition includes SueEasy.com and LegalMatch.com, among others. But Wolfe says his service — which is free to the consumer — differs from the others in that he will provide real-time access to attorneys. After consumers answer a set of general questions about their grievances, they will be given some guidance about whether they might have a case worth pursuing; if they do, they will be immediately put in touch with an interested attorney. http://www.time.com/time/nation/article/0,8599,1829725,00.html

THIRD CIRCUIT REVIVES BREACH OF CONTRACT CLAIMS IN DATA BREACH CASE (Steptoe & Johnson’s E-Commerce Law Week, 7 August 2008) - Another decision last month by the Third Circuit held that two banks that issued Visa credit cards to consumers whose card information was compromised by a data breach at BJ’s Wholesale Club can pursue breach of contract claims against Fifth Third Bank, which processed BJ’s Visa transactions. The court reversed a district court decision that the two issuing banks were not third-party beneficiaries of an agreement between Visa and Fifth Third that required Fifth Third to ensure that BJ’s not retain cardholder information. However, the court also held that the “economic loss rule” barred the issuing banks’ negligence claims. While the Third Circuit’s rulings on the breach of contract claims mark a win for Sovereign and the Pennsylvania State Employees Credit Union, they will likely do little to improve other plaintiffs’ odds of recovering in similar cases involving credit and debit card information. As the court noted, the Visa Operating Regulations have been amended since the BJ’s breach to explicitly preclude third-party beneficiary claims. This revision to the Operating Regulations led a federal court in Massachusetts to rule in 2007 that a putative class of Visa card issuers could not claim third party beneficiary status in a case arising from the breach of credit card information stored by retailer The TJX Companies, Inc. http://www.steptoe.com/publications-5463.html Third Circuit opinion here: http://www.ca3.uscourts.gov/opinarch/063392p.pdf

OHIO OFFICIAL SUES E-VOTING VENDOR FOR LOST VOTES (Computerworld, 8 August 2008) - Ohio Secretary of State Jennifer Brunner has filed a lawsuit against an electronic-voting machine vendor, saying the vendor should pay damages for dropped votes in the state’s March primary election. E-voting machines from Premier Election Solutions, formerly known as Diebold Election Systems, dropped hundreds of votes in 11 Ohio counties during the primary election, as the machine’s memory cards were uploaded to vote-counting servers, Brunner’s office said. Officials in Brunner’s office later discovered the dropped votes in other counties after voting officials in Butler County discovered about 150 dropped votes, said Jeff Ortega, Brunner’s assistant director of communications. Brunner’s lawsuit, filed in Franklin County Common Pleas Court in Ohio on Wednesday, is a counter claim to an earlier lawsuit filed by Premier. In May, Premier filed a lawsuit against Brunner’s office and Cuyahoga County, Ohio, seeking a judgment that Premier did not violate any contracts or warranties. Brunner’s lawsuit accuses Premier of not fulfilling its contracts with election officials. The lawsuit also alleges breach of warranty and fraud. Premier e-voting machines are used in half of Ohio’s 88 counties. Butler County officials discovered the dropped votes in post-election checks. That set off a statewide investigation, which found dropped votes in 11 other counties, according to information from Brunner’s office. Butler County officials sent letters to Premier on April 4 and 9, seeking an explanation for the dropped votes, and on May 16, Premier issued a report, suggesting human error or conflicts with antivirus software were to blame. Brunner and Butler County officials have suggested that the May report and a follow-up issued by Premier lacked evidence that antivirus software caused the problems. A Premier report on May 29 suggested counties disable antivirus software on vote-tabulation servers, but the servers had been certified in Ohio with the antivirus software installed, Brunner said. In December, Brunner’s office issued a report questioning the security of touch-screen e-voting machines like those sold by Premier. Machines from Premier and two other vendors had “critical security failures,” the report said. http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112041&source=rss_topic17

US WARNS OLYMPIC TRAVELLERS ABOUT ELECTRONIC ESPIONAGE (VUnet, 11 August 2008) - In a strongly worded warning, the US government advised people visiting Beijing for the start of the Olympic Games that they should trust no-one with their electronic devices. The National Counterintelligence Executive warning was issued on Thursday and warns that while government officials and senior business executives are most at risk, no-one should consider themselves too small a target. “Security services and criminals can track your movements using your mobile phone or PDA and can turn on the microphone in your device even when you think it’s off. To prevent this, remove the battery,” the warning reads. “Security services and criminals can also insert malicious software into your device through any connection they control.” Travellers are advised to not take electronic devices into the country unless absolutely necessary. They should also assume that their hard drive has been copied if the device is examined by customs or in their hotel room if it is searched. It also warns about the use of USB thumb drives in China, saying they may have malware installed on them. Travellers are also advised to change all passwords immediately on their return home. http://www.vnunet.com/vnunet/news/2223619/warns-olympic-travellers-us-china Warning here: http://www.ncix.gov/publications/reports/traveltips.pdf

COURT DISMISSES L’OREAL CLAIMS AGAINST EBAY (Reuters, 12 August 2008) - A Belgian court on Tuesday dismissed all of the claims of cosmetics maker L’Oreal brought against eBay over the sale of fake fragrances and cosmetic products on online auction sites, eBay said in a statement. L’Oreal started legal action in France, Belgium, Germany, Britain and Spain in September 2007, alleging the online auctioneer did not do enough to combat the sale of counterfeits. None of the other courts have ruled on the case yet. The Belgian court ruled that eBay was not obliged to take action to fight counterfeiting, but eBay spokeswoman Sravanthi Agrawal stressed that the company cooperated with rights owners to tackle the sale of fake goods. She added that the company clamped down on all cases of counterfeiting notified to it by the firms concerned, even though it did not have a legal obligation to do so. L’Oreal said in a statement it would appeal against the decision. http://uk.news.yahoo.com/rtrs/20080812/tot-uk-belgium-loreal-ebay-566e283.html

MINNESOTA COURT SAYS KEYWORD ADVERTISING IS TM USE IN COMMERCE--HYSITRON V. MTS (Eric Goldman blog, 11 August 2008) - Hysitron Inc. v. MTS Systems Corp., 2008 WL 3161969 (D. Minn. Aug. 1, 2008). In a brief and pedestrian opinion, another court outside the Second Circuit said that buying a trademarked keyword is “use in commerce” under the Lanham Act even if the trademark doesn’t appear in the ad copy. The court says: “This Court adopts the majority view that using a trademark to generate advertising constitutes a “use in commerce” under the Lanham Act. This approach adheres to the plain meaning of the Lanham Act’s definition of “use in commerce.” The language used in the definition suggests that a “use in commerce” is not limited to affixing another’s mark to one’s own goods but also encompasses any use of another’s mark to advertise or sell one’s own goods and services.” The court is right about the majority vote, but it’s hardly a strong majority. According to my count, the vote was 7-to-6 before this ruling. However, all 6 no votes are in the 2d Circuit, so geographically there is a stronger basis to characterize the rule as the majority rule. The court also denied the defense SJ motion because more discovery is required to determine consumer confusion. http://blog.ericgoldman.org/archives/2008/08/minnesota_court.htm

WEB PRIVACY ON THE RADAR IN CONGRESS (New York Times, 11 August 2008) - Here are some things Internet users can discover about Kiyoshi Martinez, a 24-year-old man from Mokena, Ill., from some of his recent posts online. He watched “The Colbert Report” on Tuesday night, he likes the musician Lenlow and he received bottles of olive oil and vinegar for his birthday. Mr. Martinez has Facebook and LinkedIn pages, a Twitter account and a Web site that includes his résumé. So it is surprising to learn that Mr. Martinez, an aide in the Illinois Senate, is also vigilant about his privacy online. “I’m pretty aware of the fact that anything you do on the Internet pretty much should just be considered public,” Mr. Martinez said. While he knows that companies are collecting his data and often tracking his online habits so they can show him more relevant ads, he said, he would like to see more transparency “about what the company intends to do with your data and your information.” Those same questions of data collection and privacy policies are attracting the attention of Congress, too. There is no broad privacy legislation governing advertising on the Internet. And even some in the government admit that they do not have a clear grasp of what companies are able to do with the wealth of data now available to them. http://www.nytimes.com/2008/08/11/technology/11privacy.html?_r=1&ref=technology&oref=slogin

AIR FORCE SUSPENDS ‘CYBER COMMAND’ PROGRAM (Information Week, 13 August 2008) - Putting on hold a major cyberwarfare initiative less than two months before it was scheduled to become operational, the Pentagon this week said it is delaying and reviewing the future of the Air Force’s controversial “Cyber Command” program. Provisionally created last year to coordinate and initiate the defense of U.S. military computer networks and to launch offensive attacks on enemy IT systems, the Cyber Command has been based at Barksdale Air Force Base in Louisiana. The command’s Web site says its mission is “To secure our nation by employing world-class cyberspace capabilities to control cyberspace, create integrated global effects, and deliver sovereign options.” The Army, Navy, and Air Force have been engaged in a tug-of-war over the leadership role in the U.S. military’s cyberwarfare initiatives. The Navy has created both the Network Warfare Command and the Space and Naval Warfare Systems Center to develop technology and policies for confronting adversaries in cyberspace. The Defense Advanced Research Projects Agency, or DARPA, has also announced plans to develop a “National Cyber Range,” a virtual network environment for cyberwar simulation. In March, the U.S. Department of Homeland Security hosted Cyber Storm II, a networking war game involving about 40 private-sector companies including Cisco, Juniper Networks, and Dow Chemical. The exercise came shortly after the Pentagon reported that China’s People’s Liberation Army was intent on expanding its capabilities for cyberwarfare. Reports from the Caucasus indicate that the Russian began its assault on neighboring Georgia with a cyberattack intended to disable the smaller country’s computer networks. http://www.informationweek.com/news/security/government/showArticle.jhtml?articleID=210003721&cid=RSSfeed_IWK_News

FREE LICENSES UPHELD (Lessig Blog, 13 August 2008) - So for non-lawgeeks, this won’t seem important. But trust me, this is huge. I am very proud to report today that the Court of Appeals for the Federal Circuit (THE “IP” court in the US) has upheld a free (ok, they call them “open source”) copyright license, explicitly pointing to the work of Creative Commons and others. (The specific license at issue was the Artistic License.) This is a very important victory, and I am very very happy that the Stanford Center for Internet and Society played a key role in securing it. In non-technical terms, the Court has held that free licenses such as the CC licenses set conditions (rather than covenants) on the use of copyrighted work. When you violate the condition, the license disappears, meaning you’re simply a copyright infringer. This is the theory of the GPL and all CC licenses. Put precisely, whether or not they are also contracts, they are copyright licenses which expire if you fail to abide by the terms of the license. Important clarity and certainty by a critically important US Court. http://lessig.org/blog/2008/08/huge_and_important_news_free_l.html and http://www.nytimes.com/2008/08/14/technology/14commons.html Opinion here: http://www.cafc.uscourts.gov/opinions/08-1001.pdf

COURT RULES SENDING EMAILS TO FORUM SATISFIES JURISDICTION TEST (BNA’s Internet Law News, 14 August 2008) - BNA’s Electronic Commerce & Law Report reports that an Idaho federal court has ruled that sending over 100 e-mails to individuals known to be located in Idaho is enough to satisfy the due process “purposeful availment” requirement for finding jurisdiction there. The court said that Idaho jurisdiction was proper over an individual accused of intentionally sending bulk e-mails to Idaho residents when the sender knew of the recipients’ location, and when the harm the recipients suffered was directly related to the e-mails. Case name is Melaleuca v. Hansen.

COURTS JUST CAN’T AGREE ON WHEN EMPLOYEE ACCESS TO COMPUTER IS “AUTHORIZED” UNDER CFAA (Steptoe & Johnson’s E-Commerce Law Week, 14 August 2008) - Courts continue to disagree over whether an employee violates the Computer Fraud and Abuse Act (CFAA) when he accesses a company computer with authorization but then steals information for some nefarious purpose. In Black & Decker (US), Inc. v. Smith, a federal court in Tennessee ruled that a disloyal employee who allegedly copied confidential Black & Decker (B&D) information before being terminated did not access this information “without authorization” or “exceed” his authorized access within the meaning of the CFAA, since he was permitted access to the information while employed. But, in Mintel International Group, Ltd. v. Neergheen, a federal court in Illinois held that an employee might have “exceeded authorized access” by sending confidential information from his workplace computer to his personal email address before leaving the company. http://www.steptoe.com/publications-5479.html

AT&T MULLS WATCHING YOU SURF (New York Times, 14 August 2008) - AT&T is “carefully considering” monitoring the Web-surfing activities of customers who use its Internet service, the company said in a letter in response to an inquiry from the House Committee on Energy and Commerce. While the company said it hadn’t tested such a system for monitoring display advertising viewing habits or committed to a particular technology, it expressed much more interest in the approach than the other big Internet providers who also responded to the committee’s letter. AT&T did however promise that if it does decide to start tracking its customers online, it will “do so the right way.” In particular, the advertising system will require customers to affirmatively agree to have their surfing monitored. This sort of “opt-in” approach is preferred by privacy experts to the “opt-out” method, practiced by most ad targeting companies today, which records the behavior of anyone who doesn’t explicitly ask to not to be tracked. http://bits.blogs.nytimes.com/2008/08/14/att-wants-to-watch-you-read-ads/

- and -

VERIZON: WE NEED FREEDOM TO DELAY P2P TRAFFIC WHEN NECESSARY (ArsTechnica, 21 August 2008) - There has “always been a requirement for network management,” said Verizon CTO Richard Lynch Tuesday at the Progress & Freedom Foundation’s annual Aspen conference on tech policy, even in the analog age. In the wake of the FCC’s recent Comcast decision, debates over “network management” have escaped the engineers’ offices and now take place even among skeptical consumers who worry about what such management will do to their Internet connections. Lynch laid out Verizon’s view on the matter: time-sensitive packets like VoIP should be prioritized over less-sensitive packets like P2P, but the company remains committed to “deliver any and all data requested by our customers.” Thanks to its fiber-to-the-home commitment, Verizon doesn’t face the same congestion issues that plague many cable operators. While current cable networks may share a single uplink between several hundred homes, Verizon’s fiber nodes serve an average of only 32 homes—and the uplink has more bandwidth to begin with. Verizon can currently offer 50Mbps symmetric connections, with 100Mbps connections already in trials, and it can add capacity on lit fiber simply by turning on additional wavelengths. But Lynch rejects the idea that the only acceptable form of network management is none at all—that is, that Verizon and other ISPs should all commit to delivering all packets, all the time, with zero delay. http://arstechnica.com/news.ars/post/20080821-verizon-we-need-freedom-to-delay-p2p-traffic-when-necessary.html

FEC ELATES STRANGE BEDFELLOWS WITH POLITICAL BLOGGING RULING (ArsTechnica, 15 August 2008) - The arch-conservative Heritage Foundation and a pro–Barack Obama blogger found common cause for celebration this week when the Federal Election Commission ruled that former Iowa Democratic Party Chairman Gordon Fischer, author of Iowa True Blue, is not subject to campaign finance restrictions, however partisan his posts. The FEC has repeatedly held that ordinary bloggers are subject to the “media exemption” that permits journalists and editorial writers to support or oppose candidates without tallying their expenses as campaign contributions. But late last year, Hillary Clinton supporter Kirk Tofte nevertheless filed a complaint against Fischer, arguing that his site was no longer a mere political blog, but a “direct arm of the Obama for President campaign.” The FEC rejected Tofte’s argument wholesale, noting that there was no hard evidence of coordination, but that even if there had been, Fischer’s speech would remain protected. Paid ads run by a campaign are still covered, of course, but it would be difficult to do online journalism if bloggers were barred from contacting campaigns or quoting their materials. http://arstechnica.com/news.ars/post/20080815-fec-elates-strange-bedfellows-with-political-blogging-ruling.html

SEC PROVIDES GUIDANCE REGARDING USE OF COMPANY WEBSITES TO DISCLOSE INFORMATION FOR INVESTORS (Duane Morris advisory, 15 August 2008) - The Securities and Exchange Commission (the “SEC”) has published an interpretive release, Commission Guidance on the Use of Company Web Sites, Release No. 34-58288 (the “Release”), providing guidance to companies and issuers of securities on the use of company websites to disclose information to investors. The Release, which became effective August 7, 2008, is intended to encourage companies to develop their websites in compliance with the federal securities laws so that such websites can serve as effective analytical tools for investors by being a vital source of information about a company’s business, financial condition and operations. The Release is intended to provide guidance to those companies that are utilizing websites to supplement their required SEC filings. Since the adoption of the Securities Act of 1933 and the Securities Exchange Act of 1934 (the “Exchange Act”), the foundation of securities regulation in the United States has rested upon timely disclosure of relevant information to investors and the securities markets. Historically, companies have disclosed information to investors and the markets by mailing reports to stockholders, filing periodic reports with the SEC and issuing press releases. As technology has advanced, the Internet, the SEC’s Electronic Data Gathering, Analysis and Retrieval (“EDGAR”) system, and electronic communications have modernized the disclosure system. More and more investors are turning to the Internet and company websites as their main source of information before making investment decisions. The Release provides guidance to companies posting information on their websites, including (1) when information posted on their website is considered “public” for purposes of the “fair disclosure” requirements of Regulation FD; (2) the application of the antifraud provisions of the federal securities laws to information posted on company websites; (3) the types of controls and procedures advisable with respect to posting information; and (4) the appropriate format of the information presented on the website. Full Duane Morris analysis here: http://www.duanemorris.com/alerts/alert2948.html; SEC Release here: http://www.sec.gov/rules/interp/2008/34-58288.pdf ; Earlier MIRLN post on the subject here: http://www.knowconnect.com/mirln/article/mirln_13_july_2_august_2008_v1110/]

WOMAN CAN SUE OVER YOUTUBE CLIP DE-POSTING (SF Gate, 20 August 2008) - In a victory for small-time music copiers over the entertainment industry, a federal judge ruled Wednesday that copyright holders can’t order one of their songs removed from the Web without first checking to see if the excerpt was so small and innocuous that it was legal. The ruling by U.S. District Judge Jeremy Fogel of San Jose was the first in the nation to require the owner of the rights to a creative work to consider whether an online copy was a “fair use” - a small or insignificant replication that couldn’t have affected the market for the original - before ordering the Web host to take it down. A 1998 federal law authorized copyright holders to issue takedown orders whenever they see an unauthorized version of their work on the Internet without having to sue and prove a case of infringement. Some advocates of Internet users’ rights - including the Electronic Frontier Foundation, which represented the individual user in this case - contend the procedure has been abused. The case dates from February 2007, when Stephanie Lenz, a writer and editor from Gallitzin, Pa., made a video of her 13-month-old son cavorting to Prince’s song “Let’s Go Crazy” and posted the 29-second clip on YouTube. Four months later, Universal Music Corp., which owns the rights to the song, ordered YouTube to remove the video and nearly 200 others involving Prince compositions. Lenz, exercising her rights under the same 1998 law, notified YouTube several weeks later that her video was legal and ordered it restored. YouTube complied after waiting two weeks, as required by law, to see whether Universal would sue Lenz for infringement. Lenz then sued Universal in Northern California, YouTube’s home district, for her costs, claiming the music company had acted in bad faith by ordering removal of a video that - she contended - was obviously a fair use of the song and had no commercial value. http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/08/20/BAU412FKRL.DTL Earlier MIRLN post on the subject here: http://www.knowconnect.com/mirln/article/mirln_13_july_2_august_2008_v1110/ ; Eric Goldman has an analysis of this case here: http://blog.ericgoldman.org/archives/2008/08/fair_use_its_th.htm

BAIDU CACHE OFFERS MORE EVIDENCE OF UNDERAGE CHINESE GYMNASTS (ArsTechnica, 20 August 2008) - One of the controversies that’s been swirling around the Chinese Olympic Games since they began is the age of several of China’s gymnasts. According to Chinese officials (and, of course, official passports and ID cards), both He Kexin and Jiang Yuyuan are 16, and therefore old enough to compete in the Olympic Games. Unfortunately for China, there’s a growing body of evidence pointing in the opposite direction, including online evidence a gumshoe hacker discovered lurking in the cache of Baidu, China’s equivalent of Google. If these allegations prove true, it would scarcely be the first time China has lied about the age of an athlete. In 2000—three years after the minimum qualifying age for Olympic Gymnastic competition was raised to 16—Chinese gymnast Yang Yun won a bronze medal for her performance on the uneven bars. Yang’s passport showed her as 16 years old at the time, but the gymnast herself later admitted on Chinese national television that she and her coaches had lied about her age, and that she had been just 14 at the time. There’s also evidence that Chinese gymnast Li Ya was just 13 when she competed at the World Championships in Anaheim back in 2003. A story that ran Beijing Evening News on December 2, 2007, reported that He Kexin was 13, while the New York Times turned up evidence in other Chinese papers that cited her age as 14, with a birth date of January 1, 1994. Currently, He’s passport lists her date of birth as January 1, 1992. Similarly, Jiang Yuyuan’s own national identification card lists her birth date as October 1, 1993. Now, new information gathered from Baidu’s cache further confirms these allegations. Over at Stryde Hax, the anonymous author describes his search for official information on He Kexin’s real birth date. Google, rather suspiciously, has been scrubbed clean—searching the engine’s cache reveals references to He Kexin, but He’s name and data have been removed. As for Baidu, the main search function returns only government-approved data—a spreadsheet that purports to show information on Kexin has also been deleted—but checking the engine’s cache proves that a copy of the document is still preserved. He Kexin’s age, as listed in the preserved copy of an official Chinese document? 14. http://arstechnica.com/news.ars/post/20080820-evidence-of-age-fraud-mounts-china-insists-gymnasts-are-16.html Washington Post calls it cheating and credits the caching discovery: http://www.washingtonpost.com/wp-dyn/content/article/2008/08/22/AR2008082201782.html?nav=rss_email/components

FRENCH HIGH COURT UPHOLDS MONITORING OF EMPLOYEE’S INTERNET USE (Steptoe & Johnson’s E-Commerce Law Week, 21 August 2008) - French workers recently lost their cherished right to work only 35 hours per week. And as a result of a recent ruling by France’s highest court, they may have to spend those hours actually working rather than playing solitaire online. Last month, the Cour de Cassation Chamber Sociale ruled that employers can monitor their employees’ workplace Internet use. Past rulings had suggested that an employer may not access information that an employee stored on his or her workplace computer and clearly marked as personal, unless the employee is present and consents to the search. However, in Franck L. v. Entreprise Martin, the court ruled that an employer may generally access an employee’s computer hard drive without the employee’s knowledge or presence for the purpose of monitoring the employee’s Internet use. The court reasoned that any websites accessed using a workplace computer during business hours are “presumed to be of a professional character,” and that employers may therefore review records of the employee’s Internet use without the employee present. Accordingly, it upheld defendant Entreprise Martin’s firing of former IT manager Franck L., who was let go after Entreprise Martin’s review of his web browsing revealed that he had spent large amounts of work time browsing non-work-related websites. http://www.steptoe.com/publications-5488.html

COURT SAYS EBAY IS A CRIMINAL ENTERPRISE. SERIOUSLY. (Steptoe & Johnson’s E-Commerce Law Week, 21 August 2008) - A federal court in California recently held that eBay’s allegedly false statements about the safety of its “Live Auction” service can support a claim against the company under section 1962(c) of the Racketeer Influenced and Corrupt Organizations Act (RICO), a statute originally designed to go after organized crime. Although the case involves a civil suit, the court’s ruling in Mazur v. eBay Inc. amounts to a remarkable statement that eBay’s description of its auction service constitutes criminal behavior. While the Federal Trade Commission has brought actions for “unfair” or “deceptive” acts in commerce against companies whose actual privacy practices did not live up to their stated policies, allowing RICO actions to be brought on the basis of similar misstatements is a giant leap -- and could have enormous negative ramifications for websites. http://www.steptoe.com/publications-5488.html Opinion here: http://www.steptoe.com/assets/attachments/3504.pdf

**** NOTED PODCASTS ****
CLOUD COMPUTING AND THE PRIVACY OF REMOTELY STORED INFORMATION (State of the Net West 2008; Santa Clara University podcast, 67 minutes; 11 August 2008) -- Panelists including SalesForce.com’s David Schellhase discuss the extant legal framework implicated by some cloud computing applications. File is named “Third Panel and Closing.MP3” and resides here: http://deimos.apple.com/WebObjects/Core.woa/Browse/scu.edu.1423301783.01423301792.1623272573?i=1912410655 Related 6 minute NPR broadcast on 21 August is here: http://www.npr.org/templates/story/story.php?storyId=93841182

DON’T TALK TO THE POLICE (Prof. James Duane, 31 May 2008; 27 minute video podcast) - recommended by Bruce Schneier: “This is an engaging and fascinating video presentation by Professor James Duane of the Regent University School of Law, explaining why -- in a criminal matter -- you should never, ever, ever talk to the police or any other government agent. It doesn’t matter if you’re guilty or innocent, if you have an alibi or not -- it isn’t possible for anything you say to help you, and it’s very possible that innocuous things you say will hurt you. Definitely worth half an hour of your time. http://video.google.com/videoplay?docid=-4097602514885833865 And this is a video of Virginia Beach Police Department Officer George Bruch, who basically says that Duane is right. http://video.google.com/videoplay?docid=6014022229458915912&q=&hl=en“. Editor: Entertaining; his demonstration is convincing, and he doesn’t even touch on the old “it’s the lie that’ll get you, especially with a federal agent.” His closing Justice Jackson quote is telling. The police officer’s presentation also is good.]

SOURCES (inter alia):
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School, http://cyber.law.harvard.edu.
2. Edupage, http://www.educause.edu/pub/edupage/edupage.html.
3. SANS Newsbites, sans@sans.org.
4. NewsScan and Innovation, http://www.newsscan.com.
5. BNA’s Internet Law News, http://ecommercecenter.bna.com.
6. Crypto-Gram, http://www.schneier.com/crypto-gram.html.
7. McGuire Wood’s Technology & Business Articles of Note, http://tinyurl.com/ywsusp
8. Steptoe & Johnson’s E-Commerce Law Week, www.steptoe.com
9. Readers’ submissions, and the editor’s discoveries.

This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.

Saturday, August 02, 2008

MIRLN: 13 July-2 August 2008 (v11.10)

**************Introductory Note**********************

MIRLN (Misc. IT Related Legal News) is a free product for members of the American Bar Association’s Cyberspace Law Committee, et al., and is produced by www.KnowConnect.com.

Members of the ABA Cyberspace Law Committee automatically receive MIRLN postings (about every third week); members can manage their subscriptions at http://www.abanet.org/dch/committee.cfm?com=CL320000 (find the “Listserves” box; MIRLN comes through the CLCC-MEMS listserve). Others who wish to be added to the MIRLN distribution list should send email to Vince Polley (mailto:vpolley@knowconnect.com?subject=MIRLN) with the word “MIRLN” in the subject line, and similarly will be removed from the distribution list after sending email to Vince with the words “MIRLN REMOVAL” in the subject line.

Recent MIRLN issues are archived at www.knowconnect.com/mirln.

**************End of Introductory Note***************

**** UPCOMING EVENT - INTERNET GOVERNANCE ****
At the ABA Annual Meeting New York City, the Cyberspace Law Committee of the Section of Business Law is sponsoring a high-level program entitled, “The Internet — How It is Governed Today and How it May Be Governed Tomorrow: A VIP Panel Discusses the Internet Governance Forum of the United Nations and the Global Debate About the Control and Future of the Internet.” The panelists will be Paul Twomey, President & CEO of ICANN, Richard Beaird, Senior Deputy U.S. Coordinator, Information and Communications Policy, U.S. Department of State, Bill Graham, Strategic Global Engagement, ISOC, and Markus Kummer, Executive Coordinator of the Internet Governance Forum. The Program will take place on Saturday, August 9, 2008 from 10:30 am-12:30 pm at the Section’s headquarters hotel, the Grand Hyatt Hotel on Park Avenue (109 East 42nd Street), in the Juilliard & Uris Rooms on the Conference Level. More info, and related governance resources: http://www.abanet.org/dch/committee.cfm?com=CL320061. Other Cyberspace Committee activities in NYC are here: http://www.abanet.org/dch/committee.cfm?com=CL320000 (see “Committee News”)

**** MIRLN NEWS ****
EBAY BEATS TIFFANY IN COURT CASE OVER TRADEMARKS (SiliconValley.com, 14 July 2008) - EBay scored an important victory in court today, as a federal judge said companies such as jeweler Tiffany & Co. are responsible for policing their trademarks online, not auction platforms like eBay. Tiffany had sued San Jose-based eBay over the sale of counterfeit jewelry on eBay’s sites. U.S. District Judge Richard J. Sullivan in New York said in today’s ruling that eBay can’t be held liable for trademark infringement “based solely on their generalized knowledge that trademark infringement might be occurring on their Web sites.” Sullivan’s ruling came in response to a lawsuit filed in 2004, in which the jeweler alleged that most items listed on eBay as genuine Tiffany products were fakes. The company said it had asked eBay to remove counterfeit listings, but the sales continued. EBay spokeswoman Nichola Sharpe said today that the ruling “confirms that that eBay acted reasonably and has adequate procedures in place to effectively address counterfeiting.” A Tiffany spokeswoman did not immediately return a call for comment. The Tiffany ruling was a welcome twist for eBay, which recently lost a different case stemming from counterfeit luxury goods. Last month, a French court ordered eBay to pay more than $61 million to LVMH Moet Hennessy Louis Vuitton SA, which complained it was hurt by sale of knockoff bags, perfume and clothes. EBay is appealing that ruling. EBay says it spends tens of millions each year to combat counterfeiting. It runs a program that lets companies review listings and inform eBay of those they believe are for fake goods. The company also suspends and blocks users who have been found selling or are suspected of selling fake goods on eBay. http://www.siliconvalley.com/news/ci_9877656?nclick_check=1

PRINTER DOTS RAISE PRIVACY CONCERNS (USA Today, 14 July 2008) - The affordability and growing popularity of color laser printers is raising concerns among civil liberties advocates that your privacy may not be worth the paper you’re printing on. More manufacturers are outfitting greater numbers of laser printers with technology that leaves microscopic yellow dots on each printed page to identify the printer’s serial number — and ultimately, you, says the San Francisco-based Electronic Frontier Foundation, one of the leading watchdogs of electronic privacy. The technology has been around for years, but the declining price of laser printers and the increasing number of models with this feature is causing renewed concerns. The dots, invisible to the naked eye, can be seen using a blue LED light and are used by authorities such as the Secret Service to investigate counterfeit bills made with laser printers, says Lorelei Pagano, director of the Central Bank Counterfeit Deterrence Group. Privacy advocates worry that the little-known technology could ensnare political dissidents, whistle-blowers or anyone who prints materials that authorities want to track. The dots tell authorities the serial number of a printer that made a document. In some cases, it also tells the time and date it was printed, Pagano says. “The Secret Service is the only U.S. body that has the ability to decode the information,” she says. [Editor: this is not true -- see http://w2.eff.org/Privacy/printers/docucolor] http://www.usatoday.com/tech/news/surveillance/2008-07-13-printer_N.htm

LAWYERS IN YOUTUBE LAWSUIT REACH USER PRIVACY DEAL (Reuters, 15 July 2008) - Defendants and plaintiffs in two related copyright infringement lawsuits against YouTube have reached a deal to protect the privacy of millions of YouTube watchers during evidence discovery, a spokesman for Google Inc said on Monday. Earlier in July, a New York federal judge ordered Google to turn over YouTube user data to Viacom Inc and other plaintiffs to help them to prepare a confidential study of what they argue are vast piracy violations on the video-sharing site. Google said it had now agreed to provide plaintiffs’ attorneys for Viacom and a class action group led by the Football Association of England a version of a massive viewership database that blanks out YouTube username and Internet address data that could be used to identify individual video watchers. “We have reached agreement with Viacom and the class action group,” Google spokesman Ricardo Reyes said. “They have agreed to let us anonymize YouTube user data,” he said. http://www.businessinsurance.com/cgi-bin/news.pl?newsId=13442

U.K. BUSINESSES BAN IM OVER SECURITY CONCERN (Computer World, 15 July 2008) - Nearly three-quarters of U.K. businesses have banned the use of instant messaging (IM) citing security concerns, reports IM supplier ProcessOne. The research noted that 88% of IT directors were concerned about the security risks created by employees using Windows Live Messenger, Yahoo Messenger and other IM services, with 56% citing the loss of sensitive business information as a primary concern. Despite this, only 12% of those surveyed said that their company kept an audit trail of IM messages sent by employees using free public IM software. The research also shows that 74% of those surveyed think IM could provide valuable collaboration benefits to their organization. According to ProcessOne, the research indicates that currently security fears are overriding the opportunity that U.K. businesses have to increase collaboration and business productivity. http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9110159&source=rss_news10

GERMANY MONITORING ‘PROBLEMATIC’ GOOGLE EARTH STREET SCANNING (SiliconValley.com, 16 July 2008) - German data-protection agencies have started to monitor street scanning by Google as it seeks to build three-dimensional city pictures for its Google Earth application. The Federal Commissioner for Data Protection, a Bonn-based agency, said Google’s activities in filming German streets are “problematic” though federal and state data-protection agents have yet to find a legal basis to stop filming that’s carried out by cameras mounted on vehicles. “From a privacy viewpoint, we don’t welcome this activity,” Federal Commission spokesman Dietmar Mueller said Tuesday. “Yet we have no legal instance to challenge it - anyone can walk along a street with a camera.” Google plans to create a three-dimensional image database of Frankfurt, Berlin and Munich to add to 40 U.S. cities already logged by the company. http://www.siliconvalley.com/news/ci_9895987 [Editor: “problematic”?]

- but -

GOOGLE STREET VIEW IS APPROVED FOR THE U.K. (CNET, 31 July 2008) - Google Street View has been given approval to drive on the other side of the street on the other side of the pond. The company’s controversial photo-mapping tool has gotten the green light from the U.K.’s privacy watchdog group. Street View uses special vehicles with panoramic cameras to snap pictures of streets. It then uses the digital images as part of its online mapping service, so that people can see what locations look like. Privacy groups in the U.K. have criticized the tool, saying it could violate privacy and data protection laws. These privacy advocates have been worried that people or other identifying markers, such as vehicle license plates, could be used to identify and track individuals in the Google pictures. But the Information Commissioner’s Office (ICO), an independent agency in the U.K. that is charged with helping protect personal information, said it is “satisfied” that Google has enough safeguards in the tool to prevent it from harming anyone’s privacy, the BBC reported Thursday. Specifically, the ICO said in a statement that it believes safeguards such as blurring faces and license plates on cars is enough to allay fears about breaching privacy. http://news.cnet.com/8301-1023_3-10003556-93.html

LAWMAKERS PROBE WEB TRACKING (Washington Post, 17 July 2008) - An Internet provider based in Kansas used a monitoring technology earlier this year to track sites visited by its users, apparently without directly notifying them, according to a congressional panel investigating the action. Embarq, which serves 1.3 million Internet customers in 18 states, including Virginia, acknowledged that it used “deep packet inspection” technology provided by the Silicon Valley firm NebuAd to direct targeted advertising to users. Some lawmakers and others question whether such actions violate users’ rights to keep their Internet behavior to themselves. The House Energy and Commerce subcommittee on telecommunications and the Internet will take up the subject at a hearing today. “Surreptitiously tracking individual users’ Internet activity cuts to the heart of consumer privacy,” said Rep. Edward J. Markey (D-Mass.), the panel’s chairman. “Embarq’s apparent use of this technology without directly notifying affected customers that their activity was being tracked, collected and analyzed raises serious privacy red flags.” Federal wiretap laws generally require consumers to consent to the collection and use of their communications. There has been ongoing debate over whether the technology’s use for behavioral targeting violates these laws. http://www.washingtonpost.com/wp-dyn/content/article/2008/07/16/AR2008071602378.html

SWEDES CALL ON HUMAN RIGHTS COURT TO REVIEW SNOOP LAW (The Register, 17 July 2008) - A Swedish organisation headed by lawyers and university professors has lodged a complaint this week with the European Court of Human Rights over Sweden’s controversial new snoop law. Last month, the Swedish parliament approved a law that will grant Sweden’s intelligence agency National Defence Radio Establishment sweeping powers to eavesdrop on all international phone calls and emails in a move to combat terror plots. The independent Centrum för Rättvisa (CFR) or Justice Center believes the bill violates the European Convention on Human Rights, which guarantees citizens the right to privacy and the ability to hold authorities to account. “There is a massive public interest in resolving the issue of whether the FRA Act is compatible with the demands of the European Convention. The Act basically means that everyone, not only Swedish citizens, risks having their electronic communication monitored by the Swedish state,” Clarence Crafoord, Chief legal counsel at CFR, said in a statement. Denmark, Finland and Norway last week also voiced concerns about the new law in Sweden. Danish citizens’ rights group TI-Politisk Forening demanded “an end to the Swedes’ surveillance of the world’s internet traffic”. In Norway, the national telecom agency said it will look into the new law. Finnish-Swedish telecoms operator TeliaSonera has already moved its servers from Sweden to Finland and Google is considering a similar move, according to a letter published by the heads of eight leading mobile phone service providers in the Dagens Nyheter newspaper. Google’s global privacy counsel Peter Fleischer had already condemned the new law. In the past Google was forced to censor its search services in China in order to gain greater access to China’s fast-growing market and is keen to avoid a repeat. Russian telecom operators have drawn up plans to re-route data and call traffic to avoid Swedish eavesdropping, according to Swedish news site The Local. Many protesters believe the real reason for the law is so Swedish intelligence can monitor data traffic to and from Russia. http://www.theregister.co.uk/2008/07/17/echr_swedish_wiretap_law_review/

ON THE WATERBOARD (Vanity Fair, 18 July 2008) - How does it feel to be “aggressively interrogated”? Christopher Hitchens found out for himself, submitting to a brutal waterboarding session in an effort to understand the human cost of America’s use of harsh tactics at Guantánamo and elsewhere. VF.com has the footage. http://www.vanityfair.com/politics/features/video/2008/hitchens_video200808 [Short video; astonishing, sobering, and frightening]

MOM FIGHTS MUSIC GIANT (SiliconValley.com, 19 July 2008) - For Pennsylvania mom Stephanie Lenz, a closely watched copyright showdown in San Jose federal court is a simple matter of standing up to powerful music moguls and petulant pop stars. Lenz, whose case reached a critical stage Friday, finds herself at the heart of an epic copyright fight over Universal Music’s attempt to force her to take down a YouTube video of her toddler learning to walk with the Prince song “Let’s Go Crazy” blaring in the background. Calling it a “case of first impression,” U.S. District Judge Jeremy Fogel on Friday considered Universal’s attempt to dismiss Lenz’s lawsuit, which maintains the media giant and Prince are abusing a 10-year-old copyright law intended to curtail movie and music thievery on the Web. Lenz is seeking unspecified damages and a court finding that she did not violate Universal’s copyrights with the YouTube video. Fogel dismissed a previous version of Lenz’s lawsuit, but her lawyers filed a revised complaint that recasts the case as a test of what copyright holders must consider before sending out takedown letters. Electronic Frontier Foundation lawyers urged the judge to keep the case alive, arguing that companies such as Universal have an obligation to investigate and evaluate a video such as Lenz’s before firing off the threatening letters. “It’s a tiny, blurry little home movie,” said Corynne McSherry, the foundation’s attorney on the case. Lenz and her legal team depict the video as a “fair use” of the Prince song. But Universal attorneys insist the company had the legal right to send the letter in Lenz’s case, and that it would be unfair to artists and media companies to force them to undertake lengthy inquiries before asserting copyright violations. http://www.siliconvalley.com/news/ci_9932068

BANK BACK ON HOOK FOR DATA THEFT AT BJ’S WHOLESALE (Information Week, 21 July 2008) - A federal appeals court last week reversed a lower court’s order that credit card processor Fifth Third Bancorp did not have to pay for new credit cards for some cardholders whose data was stolen during a 2004 hacking incident at BJ’s Wholesale Club. In ruling, the United States Court of Appeal upheld a challenge to the lower court’s decision brought by the Pennsylvania State Employees Credit Union. Fifth Third provided credit card processing services to BJ’s. PSECU, which issues Visa credit cards to its members, said it was forced to spend $100,000 canceling and reissuing more than 235,000 cards after the breach, and sought damages against Fifth Third. However, a U.S. District Court judge in Pennsylvania dismissed the claim two years ago. In its initial complaint, PSECU argued that Fifth Third bore some liability for the data breach because it failed to properly train the retailer’s staff in proper security procedures. http://www.informationweek.com/shared/printableArticle.jhtml?articleID=209400073

AMERICAN AIRLINES AND GOOGLE SETTLE LAWSUIT (Washington Post, 21 July 2008) - American Airlines has dropped its lawsuit against Google Inc. over its search engine directing some users to advertisements for the airline’s competitors. American sued the search giant last year seeking unspecified damages for trademark infringement. Last week, a federal district court judge in Fort Worth dismissed the lawsuit. Each side agreed to pay its own legal fees, and American recovered nothing from Google, according to an order signed by Judge John McBryde. Spokesmen for Fort Worth-based American, a unit of AMR Corp., and Google said in identical statements that they were pleased to “resolve these claims on mutually satisfactory terms.” American was upset that when Google users entered search terms such as AAdvantage, the trademark name of its frequent-flier program, the results included Web sites that had no connection to American. The airline said the results could confuse consumers and divert customers from its own Web site. Google compared its policy to grocery stores that give shoppers a coupon for Minute Maid orange juice if they buy Tropicana, or magazines that publish a Ford ad on the page opposite from a story about Chevrolets. “Of course they are seeking to ‘hijack’ or ‘divert’ consumers who have indicated an interest in their competitors’ products,” Google lawyers wrote in a motion seeking to dismiss the lawsuit. As long as the companies don’t falsely identify a product or service, it’s legal, they said. http://www.washingtonpost.com/wp-dyn/content/article/2008/07/21/AR2008072102149.html

BIG UK FIRM BANS BLACKBERRYS FOR ATTORNEYS ON VACATION (ABA Journal, 22 July 2008) - Apparently seeking to help associates maintain a better work/life balance, one of London’s major “magic circle” law firms has banned attorneys from using their BlackBerrys while on vacation. But the recent edict by Linklaters, which applies both to partners and to associates, hasn’t been received with unqualified agreement, reports the Lawyer. One partner is quoted saying, “‘Total communication blackouts couldn’t work, as you could be working on a major deal while someone’s on holiday and they need to be contactable.” http://www.abajournal.com/weekly/big_uk_firm_bans_blackberrys_for_attorneys_on_vacation

MYSPACE JUMPS ON OPENID BANDWAGON AS A PROVIDER (Ars Technica, 23 July 2008) - MySpace announced this morning that it has joined the OpenID alliance as a provider, freeing millions of MySpace logins to be used across other OpenID-compatible websites. MySpace hopes that, by adopting OpenID, it will help users avoid having to sign up for handfuls of web accounts with different logins and passwords, although users of other OpenID logins won’t be able to use them with MySpace just yet. OpenID is a movement aimed at establishing a safe, secure, and standards-based single sign-on framework for use across the Internet. The initiative allows people to sign in and access multiple websites with a single username. Unlike certain earlier initiatives such as Microsoft’s Passport, however, OpenID does not store all end-user information in a single centralized data server. An OpenID user with a Yahoo account, for example, could enter his OpenID (JohnDoe@yahoo.com) at any web site where the authentication standard is supported. JohnDoe would then be redirected to a secure Yahoo server and asked to enter his Yahoo login and password. The tricky part is that websites that are part of the OpenID initiative are either providers or relying parties, or both, and the decision is entirely up to each site. An OpenID login and password created at MySpace (a provider only) can’t be used at Yahoo (another provider only), but OpenIDs from both MySpace and Yahoo could be used at Plaxo (a relying party). MySpace’s senior VP of technology, Jim Benedetto, told Reuters that that it would “consider” also becoming a relying party in the future. http://arstechnica.com/news.ars/post/20080723-myspace-joins-the-openid-bandwagon-as-a-provider.html

UK PARENTS TO BE PUNISHED FOR CHILDREN’S NET PIRACY (TimesOnline, 24 July 2008) - Parents whose children download music and films illegally will be blacklisted and have their internet access curbed under government reforms to fight online piracy. Households that ignore warnings will be subjected to online surveillance and their internet speeds will be reduced, making it very difficult for them to download large files. The measures, the first of their kind in the world, will be announced today by Baroness Vadera, who brokered the deal between internet service providers and Ofcom, the telecoms body. About 6.5 million Britons are thought to have downloaded music illegally last year. It has been estimated that illegal downloads will cost the music industry alone £1 billion over the next five years. Many parents do not realise that their children are using the internet to download files illegally. Britain’s six biggest service providers - BT, Virgin Media, Orange, Tiscali, BSkyB and Carphone Warehouse - have signed up to the scheme. In return, the Government has abandoned a controversial proposal to disconnect broadband services for users who had been caught out three times. http://technology.timesonline.co.uk/tol/news/tech_and_web/article4387283.ece

WHAT’S THE DIFFERENCE BETWEEN A “DISC” AND A “DISK”? (Apple, 25 July 2008) - They’re pronounced the same, but, technically speaking, there is a distinct difference between a disc and a disk. A disc refers to optical media, such as an audio CD, CD-ROM, DVD-ROM, DVD-RAM, or DVD-Video disc. Some discs are read-only (ROM), others allow you to burn content (write files) to the disc once (such as a CD-R or DVD-R, unless you do a multisession burn), and some can be erased and rewritten over many times (such as CD-RW, DVD-RW, and DVD-RAM discs). All discs are removable, meaning when you unmount or eject the disc from your desktop or Finder, it physically comes out of your computer. A disk refers to magnetic media, such as a floppy disk or the disk in your computer’s hard drive, an external hard drive, and even iPod. Disks are always rewritable unless intentionally locked or write-protected. You can easily partition a disk into several smaller volumes, too. Although both discs and disks are circular, disks are usually sealed inside a metal or plastic casing (often, a disk and its enclosing mechanism are collectively known as a “hard drive”). http://support.apple.com/kb/HT2300

U.S. WARNS TRAVELERS THAT FOREIGN GOVERNMENTS MAY SPY ON THEIR MOBILE DEVICES (Steptoe & Johnson’s E-Commerce Law Week, 27 July 2008) - The U.S. Department of Homeland Security (DHS) has warned U.S. citizens traveling abroad that information they carry on laptops, cell phones, and PDAs could be secretly intercepted by foreign governments. DHS reports that these governments “routinely target” electronic devices and media, noting that “corporate and government leaders are most at risk because of the potentially useful information that they carry.” The warning provides advice on security precautions travelers can take to minimize the risk to sensitive information, including the use of encryption. The release of the warning comes as U.S. officials are reportedly weighing the benefits of advising travelers to China of the heightened risk that their mobile devices may be subject to secret searches against the potential costs of offending an essential economic partner. (Senator Sam Brownback (R-CO) felt no such ambivalence, warning this week that Chinese authorities have ordered hotels to spy on their guests’ Internet activities.) The DHS advice, while well taken, has a tinge of irony, since U.S. border and customs agents (a part of DHS) have also been examining incoming travelers’ mobile devices and copying information, as we have recently reported. http://www.steptoe.com/publications-5454.html

- so, on the other hand -

TRAVELERS’ LAPTOPS MAY BE DETAINED AT BORDER (Washington Post, 1 August 2008) - Federal agents may take a traveler’s laptop computer or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement. “The policies . . . are truly alarming,” said Sen. Russell Feingold (D-Wis.), who is probing the government’s border search practices. He said he intends to introduce legislation soon that would require reasonable suspicion for border searches, as well as prohibit profiling on race, religion or national origin. DHS officials said the newly disclosed policies -- which apply to anyone entering the country, including U.S. citizens -- are reasonable and necessary to prevent terrorism. Officials said such procedures have long been in place but were disclosed last month because of public interest in the matter. The policies cover “any device capable of storing information in digital or analog form,” including hard drives, flash drives, cellphones, iPods, pagers, beepers, and video and audio tapes. They also cover “all papers and other written documentation,” including books, pamphlets and “written materials commonly referred to as ‘pocket trash’ or ‘pocket litter.’” Reasonable measures must be taken to protect business information and attorney-client privileged material, the policies say, but there is no specific mention of the handling of personal data such as medical and financial records. http://www.washingtonpost.com/wp-dyn/content/article/2008/08/01/AR2008080103030.html?hpid%3Dtopnews%E2%8A%82=AR

U.S. TO PILOT INTERNET TRAVEL IDEA (The Globe and Mail, 28 July 2008) - The United States will launch a pilot scheme on Friday which will require travellers covered by its visa waiver program to get prior Internet authorization before boarding flights to America. U.S. officials outlining the Electronic System for Travel Authorization (ESTA) denied it would amount to reintroduction of visas — a concern voiced in the European Union — even though fees might be charged for the process in future. “The ESTA is not a visa,” Jackie Bednarz, attaché for the U.S. Department of Homeland Security, told a news briefing in Brussels on Monday. “It’s very different in our minds.” She said a two-month pilot program for the system would be launched on Aug. 1. It will formally start on Oct. 1 and electronic authorization will be a requirement for all citizens covered by the visa waiver program from Jan. 12. The system will require travellers to complete an online application form via the website https://esta.cbp.dhs.gov answering questions they must currently respond to on paper forms aboard flights or ships bound for the United States. These include whether a passenger has a communicable disease, a physical or mental disorder, or abuses drugs, or has been convicted of certain criminal offences, or been involved in espionage, terrorism or genocide. A spokesman for the European Commission, the executive body of the 27-nation European Union, said it would have to assess whether the program is tantamount to a visa once the new regulations are formally published. While U.S. authorities recommended applications be submitted 72 hours before travel, in most cases authorization — required to enable a passenger to check in — would be virtually instantaneous and valid for two years for multiple journeys. http://www.theglobeandmail.com/servlet/story/RTGAM.20080728.wgttravel0728/BNStory/Technology/?page=rss&id=RTGAM.20080728.wgttravel0728

NASA AND INTERNET ARCHIVE LAUNCH HISTORICAL ONLINE LIBRARY OF IMAGES, VIDEO, AUDIO (beSpacific blog, 29 July 2008) - NASA Images is a service of Internet Archive, a non-profit library, to offer public access to NASA’s images, videos and audio collections. NASA Images is constantly growing with the addition of current media from NASA as well as newly digitized media from the archives of the NASA Centers. The goal of NASA Images is to increase our understanding of the earth, our solar system and the universe beyond in order to benefit humanity.” http://www.bespacific.com/mt/archives/018921.html NASA Images at http://www.nasaimages.org/

SEC ADOPTS NEW “CORPORATE USE OF WEBSITE” GUIDANCE (CorporateCounsel.net, 31 July 2008) - Yesterday, the SEC adopted updated interpretive guidance regarding how companies can use their websites. Based on comments made during the open Commission meeting and the press release, we know the SEC’s guidance is principles-based that relies on a facts-and-circumstances analysis and is divided into four parts as follows:
1. Reg FD Guidance - How information posted on a company’s site can be considered “public” and provides guidance to help companies comply with Regulation FD. The upcoming release contains factors to help determine whether online information is considered “public” so that subsequent communications would not constitute disclosure of material non-public information, including whether:
(i) a company site is a recognized channel of distribution
(ii) online information is considered broadly disseminated
(iii) information has been posted for a sufficiently long period of time so that it has been absorbed by investors
In addition, the release addresses when disclosure of information on a site is considered adequate to make such information “public” for purposes of the alternative public disclosure prong of Regulation FD (the default prong is furnishing a Form 8-K). At the open Commission meeting, it was predicted that fewer Form 8-Ks will be filed under this guidance.
2. How Liability Standards Work Online - What the liability framework is for electronic disclosure, including how companies can provide access to archived data without it being considered reissued or republished; how companies can link to third party information; appropriate use of summary information; how antifraud provisions apply to statements made by the company in blogs and electronic shareholder forums, and more.
3. No Disclosure Controls Necessary for Website - How information posted on company sites would not be subject to rules relating to disclosure controls and procedures (unless the information is the type to satisfy a ‘34 Act obligation). This information remains subject to Rule 10b-5 liability.
4. Printer-Friendly Functionality Not Required - How information need not satisfy a “printer-friendly” standard, unless other rules explicitly require it. http://www.thecorporatecounsel.net/blog/archive/001807.html

CHINA TO LIMIT WEB ACCESS DURING OLYMPIC GAMES (New York Times, 31 July 2008) - The International Olympic Committee failed to press China to allow fully unfettered access to the Internet for the thousands of journalists arriving here to cover the Olympics, despite promising repeatedly that the foreign news media could “report freely” during the Games, Olympic officials acknowledged Wednesday. Since the Olympic Village press center opened Friday, reporters have been unable to access scores of Web pages — among them those that discuss Tibetan issues, Taiwanese independence, the violent crackdown on the protests in Tiananmen Square and the Web sites of Amnesty International, the BBC’s Chinese-language news, Radio Free Asia and several Hong Kong newspapers known for their freewheeling political discourse. The restrictions, which closely resemble the blocks that China places on the Internet for its citizens, undermine sweeping claims by Jacques Rogge, the International Olympic Committee president, that China had agreed to provide full Web access for foreign news media during the Games. Mr. Rogge has long argued that one of the main benefits of awarding the Games to Beijing was that the event would make China more open. http://www.nytimes.com/2008/07/31/sports/olympics/31china.html?_r=1&oref=slogin

- and -

PENALTY FOR CHINA QUAKE PHOTOS REPORTED (New York Times, 31 July 2008) - A school employee in Sichuan Province has been ordered to a labor camp for a year for taking photographs of schools that collapsed in the powerful May 12 earthquake and posting them on the Internet, a human rights group reported Wednesday. The worker, Liu Shaokun, 54, was detained at Guanghan Middle School on June 25, according to the group, Human Rights in China, which is based in New York. Family members informed the group that Mr. Liu had posted the photographs online; that has not been independently verified. The order against Mr. Liu, for “re-education through labor,” is an extrajudicial punishment that does not require a trial. http://www.nytimes.com/2008/07/31/world/asia/31quake.html?scp=1&sq=%22penalty%20for%20china%20quake%20photos%22&st=cse

DON’T WANT TO TALK? NEW SERVICE SELLS MISSED CALLS (New York Times, 2 August 2008) - When Alexis Gorman, 26, wanted to tell a man she had been dating that the courtship was over, she felt sending a Dear John text message was too impersonal. But she worried that if she called the man, she would face an awkward conversation or a confrontation. So she found a middle ground. She broke it off in a voice mail message, using new technology that allowed her to jump directly to the suitor’s voice mail, without ever having to talk to the man — or risk his actually answering the phone. The technology, called Slydial, lets callers dial a mobile phone but avoid an unwanted conversation — or unwanted intimacy — on the other end. The incoming call goes undetected by the recipient, who simply receives the traditional blinking light or ping that indicates that a voice mail message has been received. Ms. Gorman used a test version of Slydial that has been available for months. But since the finished product was unveiled to the public last week, more than 200,000 people have used the service, which is supported by advertisers like McDonald’s. The concept may sound antithetical to a digital era defined by ubiquitous communication and interactivity, but Slydial turns out to be only the latest in a breed of new technologies that fit squarely into an emerging paradox: tools that let users avoid direct communication. Technologies like e-mailing and blogging give the communicator the power to choose the time and manner of expression. Now, some academics, text messagers and creators of technologies say a trend has emerged: We are constantly just missing one another — on purpose. An array of recent innovations by other companies has encouraged the use of technology to deceive. One development, for instance, allows the employee who is running late to add background noises resembling heavy traffic to a mobile phone call. Another service places an automated call at a predetermined time so that the recipient can be extricated from a situation (a work meeting, or bad date) under the auspices of taking the “urgent” call.
http://www.nytimes.com/2008/08/02/us/02sly.html?_r=1&hp=&adxnnl=1&oref=slogin&adxnnlx=1217678496-vS7kBvL4E1aw9pbGM0De/A

F.C.C. VOTE SETS PRECEDENT ON UNFETTERED WEB USAGE (New York Times, 2 August 2008) - The Federal Communications Commission formally voted Friday to uphold the complaint against Comcast, the nation’s largest cable company, saying that it had illegally inhibited users of its high-speed Internet service from using popular file-sharing software. The decision, which imposes no fine, requires Comcast to end such blocking this year. Kevin J. Martin, the commission’s chairman, said the order was meant to set a precedent that Internet providers, and indeed all communications companies, could not keep customers from using their networks the way they see fit unless there is a good reason. “We are preserving the open character of the Internet,” Mr. Martin said in an interview after the 3-to-2 vote. “We are saying that network operators can’t block people from getting access to any content and any applications.” The case also highlights the broader issue of whether new legislation is needed to force Internet providers to treat all uses of their networks equally, a concept called network neutrality. Some have urged legislation to make sure that big Internet companies do not discriminate against small companies or those that compete with their video or telephone services. Analysts said they expected Comcast to appeal the decision. Curiously, representatives from other telecommunications companies praised the decision, even though they objected to the commission meddling in how they manage their networks. They said they would prefer such rulings to legislation from Congress, which has discussed enshrining net neutrality principles in the law. Jim Cicconi, senior executive vice president for external and legislative affairs for AT&T, said in a statement, “Regardless of how one views the merits of the complaint against Comcast, the F.C.C. today has shown that its national Internet policies work, and that they are more than sufficient for handling any net neutrality concerns that may arise.” http://www.nytimes.com/2008/08/02/technology/02fcc.html?ref=business

**** PODCASTS ****
A MIRLN subscriber has pointed me at HOMOPHILY, ANTI-RECOMMENDATION, AND DRIVEWAY MOMENTS (Jon Udell, 16 July 2008) - “The folks at National Public Radio love to create driveway moments: You’re driving along, listening to a story on NPR. Suddenly, you find yourself at your destination, so riveted to a piece that you sit in your idling car to hear it all the way through. That’s a Driveway Moment. The podcasting counterpart, for me, is the Ashuelot Moment. I’m jogging along the Ashuelot River, and I’m so riveted to a piece that I take a longer route so my run won’t end before the story does.” http://blog.jonudell.net/2008/07/16/homophily-anti-recommendation-and-driveway-moments/ [Editor: I’m trying several of the podcasts mentioned in this story, and will report on my experiences in later MIRLN issues.]

**** RESOURCES ****
HOW THE WEB WAS WON (Vanity Fair, July 2008) - Fifty years ago, in response to the surprise Soviet launch of Sputnik, the U.S. military set up the Advanced Research Projects Agency. It would become the cradle of connectivity, spawning the era of Google and YouTube, of Amazon and Facebook, of the Drudge Report and the Obama campaign. Each breakthrough—network protocols, hypertext, the World Wide Web, the browser—inspired another as narrow-tied engineers, long-haired hackers, and other visionaries built the foundations for a world-changing technology. Keenan Mayo and Peter Newcomb let the people who made it happen tell the story. Millions of words—multiplied and sent forth by the technology itself—have been written on the world-changing significance of the Internet, for good or ill, and the point hardly needs belaboring. Surprisingly, few books have been written that cover the full history of the Internet, from progenitors such as Vannevar Bush and J. C. R. Licklider up through the entrepreneurial age of our own times. Not many people recall that the first impetus for what became the technology of the Internet had its origins in Cold War theorizing about nuclear warfare. To observe this year’s twin anniversaries, Vanity Fair set out to do something that has never been done: to compile an oral history, speaking with scores of people involved in every stage of the Internet’s development, from the 1950s onward. From more than 100 hours of interviews we have distilled and edited their words into a concise narrative of the past half-century—a history of the Internet in the words of the people who made it. http://www.vanityfair.com/culture/features/2008/07/internet200807 [Editor: as you might imagine, this is a long read.]

SOURCES (inter alia):
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School, http://cyber.law.harvard.edu.
2. Edupage, http://www.educause.edu/pub/edupage/edupage.html.
3. SANS Newsbites, sans@sans.org.
4. NewsScan and Innovation, http://www.newsscan.com.
5. BNA’s Internet Law News, http://ecommercecenter.bna.com.
6. Crypto-Gram, http://www.schneier.com/crypto-gram.html.
7. McGuire Wood’s Technology & Business Articles of Note, http://tinyurl.com/ywsusp
8. Steptoe & Johnson’s E-Commerce Law Week, www.steptoe.com
9. Readers’ submissions, and the editor’s discoveries.

This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.