Friday, May 01, 2009

MIRLN --- 12 April – 2 May 2009 (v12.06)

• Goldman Sachs Hires Law Firm to Shut Blogger’s Site
• NIST Issues Guidelines for E-Voting Machines
• Officials Say U.S. Wiretaps Exceeded Law
• Organized Crime Behind a Majority of Data Breaches
• Video Prank at Domino’s Taints Brand
• Ford Bets the Fiesta on Social Networking
• Fair Use Bolstered by Student-Cheating Detection Service
• U.N. Launches Library of World’s Knowledge
• HHS Releases Guidance on Securing Electronic Health Data
• Scholars Reject Obama’s Stance on Warrantless Cell-Phone Records
• Second Life Cracks Whip on Adult Content
• Digital Archives that Disappear
• Typical Lost or Stolen Laptop Costs Companies Nearly $50,000, Study Finds
o US Companies Still Underestimate Impact of Data Breaches, Says Hiscox Report
• Site Terms with Unilateral Right to Modify by One Party Declared Illusory, Unenforceable
• Employers Watching Workers Online Spurs Privacy Debate
o Facebook Surfing While Sick Costs Swiss Woman Job
• Wilson Sonsini Offers Free Document Assembly Tool
• Black’s Law Dictionary Now in iTunes
• Facebook Use Outstrips E-Mail
• Why Google Wants You to Google Yourself
• Corporate Blogs and ‘Tweets’ Must Keep SEC in Mind
• Report Reveals Why Lawyers Ok’d Chiquita Payments to Colombian Terrorists
• Analysis of Flickr Photos Could Lead to Online Travel Books
• FTC Publishes Report Surveying the Mobile Marketplace
• EU: Article 29 Working Party Adopts Opinion on New Standard Contractual Clauses
• Warner Music Issues DMCA Takedown on Larry Lessig Presentation
• Justice Dept. Opens Antitrust Inquiry into Google Books Deal
• Google Unveils New Tool to Dig for Public Data
• Fordham Law Class Collects Personal Info About Scalia; Supreme Ct. Justice is Steamed
• Wiped Out: Along With Jobs, Laid-Off Lose Photos, Email
• Pentagon Uses Facebook, Twitter to Spread Message
• MN Supreme Court Oks Breathalyzer Source Code Requests


**** NEWS ****

GOLDMAN SACHS HIRES LAW FIRM TO SHUT BLOGGER’S SITE (The Telegraph, 11 April 2009) - Goldman Sachs is attempting to shut down a dissident blogger who is extremely critical of the investment bank, its board members and its practices. The bank has instructed Wall Street law firm Chadbourne & Parke to pursue blogger Mike Morgan, warning him in a recent cease-and-desist letter that he may face legal action if he does not close down his website. Florida-based Mr Morgan began a blog entitled “Facts about Goldman Sachs” – the web address for which is – just a few weeks ago. In that time Mr Morgan, a registered investment adviser, has added a number of posts to the site, including one entitled “Does Goldman Sachs run the world?”. However, many of the posts relate to other Wall Street firms and issues. According to Chadbourne & Parke’s letter, dated April 8, the bank is rattled because the site “violates several of Goldman Sachs’ intellectual property rights” and also “implies a relationship” with the bank itself. Unsurprisingly for a man who has conjoined the bank’s name with the Number of the Beast – although he jokingly points out that 666 was also the S&P500’s bear-market bottom – Mr Morgan is unlikely to go down without a fight. He claims he has followed all legal requirements to own and operate the website – and that the header of the site clearly states that the content has not been approved by the bank.

NIST ISSUES GUIDELINES FOR E-VOTING MACHINES (TechWeb, 13 April 2009) - The National Institute of Standards and Technology has released a new draft of voluntary federal standards for electronic voting machines. NIST announced last week that it will take public comment on the new methods until July 1. Once the standards are adopted, state and local governments will decide whether their voting machine manufacturers will be required to meet the guidelines. Manufacturers currently use various proprietary laboratory testing techniques. NIST said that one transparent set of tests will improve government and voter confidence, while also giving manufacturers an improved understanding of how to ensure that their systems comply with federal standards. The current guidelines are known as VVSG 2005. The latest draft guidelines are called VVSG Next Iteration (VVSG-NI). They address hardware, usability, and security issues.§ion=News Guidelines here:

OFFICIALS SAY U.S. WIRETAPS EXCEEDED LAW (New York Times, 15 April 2009) - The National Security Agency intercepted private e-mail messages and phone calls of Americans in recent months on a scale that went beyond the broad legal limits established by Congress last year, government officials said in recent interviews. Several intelligence officials, as well as lawyers briefed about the matter, said the N.S.A. had been engaged in “overcollection” of domestic communications of Americans. They described the practice as significant and systemic, although one official said it was believed to have been unintentional. The legal and operational problems surrounding the N.S.A.’s surveillance activities have come under scrutiny from the Obama administration, Congressional intelligence committees and a secret national security court, said the intelligence officials, who spoke only on the condition of anonymity because N.S.A. activities are classified. Classified government briefings have been held in recent weeks in response to a brewing controversy that some officials worry could damage the credibility of legitimate intelligence-gathering efforts. The Justice Department, in response to inquiries from The New York Times, acknowledged Wednesday night that there had been problems with the N.S.A. surveillance operation, but said they had been resolved. [Editor: this is the story that also alluded to the interception of Re. Jane Harmon’s phone calls regarding the AIPAC prosecutions.]

ORGANIZED CRIME BEHIND A MAJORITY OF DATA BREACHES (Washington Post, 15 April 2009) - A string of data breaches orchestrated principally by a handful of organized cyber-crime gangs translated into the loss of hundreds of millions of consumer records last year, security experts say. The size and scope of the breaches, some of which have previously not been disclosed, illustrate the extent that organized cyber thieves are methodically targeting computer systems connected to the global financial network. Forensics investigators at Verizon Business, a firm hired by major companies to investigate breaches, responded to roughly 100 confirmed data breaches last year involving roughly 285 million consumer records. That staggering number -- nearly one breached record for every American -- exceeds the combined total breached from break-ins the company investigated from 2004 to 2007. In all, breaches at financial institutions were responsible for 93 percent of all such records compromised last year, Verizon reported. Unlike attacks studied between 2004 and 2007 -- which were characterized by hackers seeking out companies that used computer software and hardware that harbored known security flaws -- more than 90 percent of the records compromised in the breaches Verizon investigated in 2008 came from targeted attacks where the hackers carefully picked their targets first and then figured out a way to exploit them later. Bryan Sartin, director of investigative response at Verizon Business, said criminals in Eastern Europe played a major role in breaches throughout 2008. “About 50 percent of the confirmed breach cases we investigated shared perpetrators,” Sartin said. “Organized crime is playing a much larger part of the caseload we’re seeing. We’ve seen that both [the FBI] and the Secret Service have initiatives underway to go back through their cyber crime case histories over the past several years, to start tying together all of the common characteristics of the attacks to individuals, to really try and get a firm handle on the individuals responsible for these attacks.”

VIDEO PRANK AT DOMINO’S TAINTS BRAND (New York Times, 16 April 2009) - When two Domino’s Pizza employees filmed a prank in the restaurant’s kitchen, they decided to post it online. In a few days, thanks to the power of social media, they ended up with felony charges, more than a million disgusted viewers, and a major company facing a public relations crisis. In videos posted on YouTube and elsewhere this week, a Domino’s employee in Conover, N.C., prepared sandwiches for delivery while putting cheese up his nose, nasal mucus on the sandwiches, and violating other health-code standards while a fellow employee provided narration. The two were charged with delivering prohibited foods. By Wednesday afternoon, the video had been viewed more than a million times on YouTube. References to it were in five of the 12 results on the first page of Google search for “Dominos,” and discussions about Domino’s had spread throughout Twitter. As Domino’s is realizing, social media has the reach and speed to turn tiny incidents into marketing crises. In November, Motrin posted an ad suggesting that carrying babies in slings was a painful new fad. Unhappy mothers posted Twitter complaints about it, and bloggers followed; within days, Motrin had removed the ad and apologized. “We got blindsided by two idiots with a video camera and an awful idea,” said a Domino’s spokesman, Tim McIntyre, who added that the company was preparing a civil lawsuit. “Even people who’ve been with us as loyal customers for 10, 15, 20 years, people are second-guessing their relationship with Domino’s, and that’s not fair.” In just a few days, Domino’s reputation was damaged. The perception of its quality among consumers went from positive to negative since Monday, according to the research firm YouGov, which holds online surveys of about 1,000 consumers every day regarding hundreds of brands.

FORD BETS THE FIESTA ON SOCIAL NETWORKING (Wired, 17 April 2009) - Ford is betting the success of the Fiesta subcompact on the blogs, tweets and Facebook updates of 100 people who will live with the cars and share their experiences online. It’s a hell of a gamble, but if it pays off, Ford just might recast itself as a cool company with a great product -- no small feat for an American automaker. Ford wants to generate buzz for the Fiesta, which will bring Europe’s “small cars can be cool” ethos to America when it arrives next year. But rather than hand a bunch of them over to mainstream journalists, Ford broke with tradition by inviting dozens of 20-somethings to live with the car for six months and tell the world about it. “While were trying to build excitement and awareness for the vehicle with the Fiesta Movement campaign, there’s something bigger happening here,” Scott Monty, Ford’s social media boss, told “We’re also going to be building broader awareness of Ford.” Social networking sites sell everything from soda to singers these days, but the auto industry has been slow to catch on. It might seem like a big risk -- what if someone’s car craps out? But Ford, and the entire industry, for that matter, desperately needs to embrace the message it sends, said Ian Shafer, CEO of the marketing firm Deep Focus. Ford recently handed 100 Fiestas to 100 people selected from 4,000 applicants. These “agents” -- that’s what Ford calls them -- get to use the cars for six months in exchange for completing monthly “missions” with different themes. They’ll share their experiences through YouTube, Flickr, Facebook and Twitter accounts Ford created for the campaign.

FAIR USE BOLSTERED BY STUDENT-CHEATING DETECTION SERVICE (Wired, 17 April 2009) - A federal appeals court granted a boost to fair use advocates Friday when it ruled that an online cheating-detection service storing thousands of student essays did not violate the intellectual property rights of the essayists. Students who claimed breached their copyrights because it placed their works in its database brought the lawsuit. The site compares new essays submitted by teachers with a database of other essays to determine whether plagiarism was at work. The E-Commerce and Tech Law Blog eloquently provides the nuts and bolts of the decision by the 4th U.S. Circuit Court of Appeals: “The court stepped through the fair use analysis, dropping positive notes here (commercial uses can be fair uses), here (a use can be transformative ‘in function or purpose without altering or actually adding to the original work,’ citing Perfect 10 Inc. v. Inc.), and here (fact that used the entirety of the plaintiff’s work did not preclude finding of fair use). And it turned back a lot of other, small-bore challenges to the district court’s fair use finding.” Some 6,000 educational institutions in about 90 countries use the California-based cheating-detection service. and

U.N. LAUNCHES LIBRARY OF WORLD’S KNOWLEDGE (Washington Post, 21 April 2009) - A globe-spanning U.N. digital library seeking to display and explain the wealth of all human cultures has gone into operation on the Internet, serving up mankind’s accumulated knowledge in seven languages for students around the world. James H. Billington, the librarian of Congress who launched the project four years ago, said the ambition was to make available on an easy-to-navigate site, free for scholars and other curious people anywhere, a collection of primary documents and authoritative explanations from the planet’s leading libraries. The site ( has put up the Japanese work that is considered the first novel in history, for instance, along with the Aztecs’ first mention of the Christ child in the New World and the works of ancient Arab scholars piercing the mysteries of algebra, each entry flanked by learned commentary. “There are many one-of-a-kind documents,” Billington said in an interview. The World Digital Library, which officially will be inaugurated Tuesday at the Paris headquarters of UNESCO, the U.N. Educational, Scientific and Cultural Organization, has started small, with about 1,200 documents and their explanations from scholars in Arabic, Chinese, English, French, Portuguese, Spanish and Russian. But it is designed to accommodate an unlimited number of such texts, charts and illustrations from as many countries and libraries as want to contribute. “There is no limit,” Billington said. “Everybody is welcome.”

HHS RELEASES GUIDANCE ON SECURING ELECTRONIC HEALTH DATA (FCW, 20 April 2009) - To expand the use of electronic health records (EHRs), the Health and Human Services Department (HHS) has issued guidance on technologies and methods to protect personal electronic health care data. This 20-page guidance document released April 17 by HHS describes encryption and destruction as the means to protect personal health data by making the data “unusable, unreadable or indecipherable” to unauthorized individuals. Entities that comply with the guidance will not be subjected to upcoming breach notification provisions for unsecured data. “The specified technologies and methodologies, if used, create the functional equivalent of a safe harbor,” the document states. The guidelines were developed through a joint effort by the HHS Office for Civil Rights, Office of the National Coordinator for Health Information Technology, and the Centers for Medicare and Medicaid Services. This guidance is linked to two sets of breach notification regulations required by Congress as part of the economic stimulus law. HHS will release a breach notification regulation for hospitals, physicians, health plans, health providers and other covered entities under the Health Insurance Portability and Accountability Act of 1996. The Federal Trade Commission will release another breach regulation for vendors of personal health records and other non-HIPAA-covered entities. Guidance here:

SCHOLARS REJECT OBAMA’S STANCE ON WARRANTLESS CELL-PHONE RECORDS (Wired, 20 April 2009) - The Obama administration’s position that the government can force mobile carriers to hand over cellphone tower location information on their customers without a warrant is wrong, two legal scholars say. “Because CSLI acquisition is hidden, indiscriminate and intrusive, and because it reveals information over a period of time, it should be subject to the highest level of Fourth Amendment oversight (the same procedures used for wiretapping and video surveillance),” the scholars wrote late Friday. The scholars are Susan Freiwald, of the USF School of Law, and Peter Swire, of Ohio State University. Their words, published by the American Constitution Society, came a month after the Justice Department made its claim in a little-noticed case that the Fourth Amendment right to be free from unreasonable searches and seizures did not apply. Most Americans have or will carry a mobile phone in their lifespan, so the outcome could have wide-ranging privacy ramifications. Smartphones, like the iPhone, use cell-tower information to power geo-location applications like Google Maps. In a case pending before the 3rd U.S. Circuit Court of Appeals, the government maintains it can require federal judges to order mobile phone companies to release historical cell-tower information of a phone number without probable cause — the standard required for a search warrant. [Editor: apropos this, see “They Know Where You Are: Location Privacy In A Mobile World”, the podcast cited in MIRLN 12.05]

SECOND LIFE CRACKS WHIP ON ADULT CONTENT (CNET, 21 April 2009) - Virtual world Second Life has put in effect some new measures to keep adult content away from users who might not want to run into it. Or fly into it, as avatars might do. Later this year, parent company Linden Lab will create a standalone “continent” for adult content, and members who don’t purchase private “land” will be asked to migrate there if they wish to partake in adult-related activities. Second Life is an 18+ environment already, but stricter age verification policies will be put in place. You’ll need a “verified” account, either through credit card information or through Linden Labs’ filtering system, to get into the adult “continent.” Members will be asked to start flagging content as adults-only as part of a new content rating system, which will start to roll out in an update to the downloadable Second Life client that will be available next week. “The people that are on our mainland and in our estate, if they are going to engage with adult content, are being asked to do that in the adult content area,” said Cyn Skyberg, vice president of customer relations at Linden Lab. “Private land owners will be asked to tag their searches for adult-related listings so that it goes into the adult filter.” So what does this mean for Second Life, which was briefly a marketers’ paradise before swiftly falling from grace in the Silicon Valley pecking order? Well, it’ll help make it a friendlier environment for some of the new “residents” whom Linden Lab hopes to woo. The company is profitable, due largely in part to the sheer volume of virtual goods and transactions made on the platform by loyal users, and Linden Lab sees corporate and academic institutions as an area for future growth. [Editor: there’s a related symposium “Federal Consortium for Virtual Worlds: Imagine the Future” on 23-24 April 2009 at the National Defense University in D.C. streams/blogs/Tweets probably will be available here:; search Twitter for #FCVW09 tags]

DIGITAL ARCHIVES THAT DISAPPEAR (InsideHigherEd, 22 April 2009) - As digital archives have become more important and more popular, there are varying schools of thought among scholars about how best to guarantee that they will be around for good. Some think that the best possibility is for the creators of the archives -- people generally with some passion for the topic -- to keep control. Others favor acquisition, thinking that larger entities provide more security and resources for the long run. The fate of “Paper of Record,” a digital archive of early newspapers with a particularly strong collection of Mexican newspapers, may be cited in the years ahead as an example of the dangers of purchase by a large entity. Paper of Record was purchased (secretly) by Google in 2006, and shortly after Google took over management of the site, late last year, the archive disappeared from view. After weeks in which historians have complained to Google and others about the loss of their ability to work, the previous owner of the archive has received permission to bring the archive back for some period of time, and resumption of service could start as early next week. While the imminent return of the site will please scholars, many are worried about what the incident says about the availability and accessibility of key resources. Writing on the blog of the American Historical Association, Robert B. Townsend quoted the late Roy Rosenzweig, a George Mason University professor who was a pioneer in digital history, on the “fragility of evidence in the digital era.”

TYPICAL LOST OR STOLEN LAPTOP COSTS COMPANIES NEARLY $50,000, STUDY FINDS (, 22 April 2009) - A typical lost or stolen laptop costs employers $49,246, mostly due to the value of the missing intellectual property or other sensitive data, according to an Intel-commissioned study made public Wednesday. “It is the information age, and employees are carrying more information on their laptops than ever before,” according to an analysis done for Intel by the Michigan-based Ponemon Institute, which studies organizational data-management practices. “With each lost laptop there is the risk that sensitive data about customers, employees and business operations will end up in the wrong hands.” The five-month study examined 138 laptop-loss cases suffered over a recent 12-month period by 29 organizations, mostly businesses but also a few government agencies. It said laptops frequently are lost or stolen at airports, conferences and in taxis, rental cars and hotels. About 80 percent of the typical cost — or a little more than $39,000 — was attributed to what the report called a data breach, which can involve everything from hard-to-replace company information to data on individuals. Companies then often incur major expenses to prevent others from misusing the data. Lost intellectual property added nearly $5,000 more to the average cost. The rest of the estimated expense was associated with such things as investigative costs, lost productivity and replacing the laptop.

- and -

US COMPANIES STILL UNDERESTIMATE IMPACT OF DATA BREACHES, SAYS HISCOX REPORT (Hiscox, 22 April 2009) - Thirty-eight percent of Fortune 500 companies surveyed in a new report from Hiscox (LSE: HSX), the international specialist insurer, fail to acknowledge the threat of a data breach in the Risk Factors section of their SEC 10-K filing. Additionally, of the companies that do include the risk of a data breach in their 10-K, 26 percent fail to mention the consequential financial impact while a further 49 percent failed to identify the reputational impact. The research, which focused on the most recent 10-K filings of nearly 250 companies within the Fortune 500 in those industry sectors such as air travel, banking, healthcare, retail and utilities that would be expected to handle significant amounts of personal data, also found that:
• Less than half (48 percent) of the specialty retailers in the Fortune 500 mention privacy or data security in the Risk Factors section of their 10-K;
• while only 20 percent of companies in the gas and electric utilities sector make similar mention.
“Criminals today know that the real money is no longer to be found in bank safes but on company computers where access to one system could net the confidential information of millions of individuals, leading to fraud on a grand scale,” said Jim Whetstone, Senior Vice President, Hiscox. “Our research shows that corporate America appears to still be far more concerned with identifying the conventional risks such as fire and flood to their business and has not yet fully accepted the extensive financial and reputational damage that a data breach and loss of confidential information can cause.” “As cyber criminals become more adept at circumventing security technology and security breaches grow in scope and scale, it is key that US companies recognize the risk and do everything practical to protect sensitive company and customer information.”

SITE TERMS WITH UNILATERAL RIGHT TO MODIFY BY ONE PARTY DECLARED ILLUSORY, UNENFORCEABLE (BNA’s Internet Law News, 23 April 2009) - BNA’s Electronic Commerce & Law Report reports that the U.S. District Court for the Northern District of Texas has ruled that an online terms of use agreement that reserved to the Web site operator the right to unilaterally modify the agreement was an unenforceable “illusory contract.” With this view of the law in mind, the court denied the Web site’s motion to compel contractually required individual arbitration of the plaintiff’s privacy claims. Case name is Harris v. Blockbuster Inc. Decision here:

EMPLOYERS WATCHING WORKERS ONLINE SPURS PRIVACY DEBATE (Wall Street Journal, 23 April 2009) - By now, many employees are uncomfortably aware that their every keystroke at work, from email on office computers to text messages on company phones, can be monitored legally by their employers. What employees typically don’t expect is for the company to spy on them while on password-protected sites using nonwork computers. But even that privacy could be in jeopardy. A case brewing in federal court in New Jersey pits bosses against two employees who were complaining about their workplace on an invite-only discussion group on, a social-networking site owned by News Corp., publisher of The Wall Street Journal. The case tests whether a supervisor who managed to log into the forum -- and then fired employees who badmouthed supervisors and customers there -- had the right to do so. The case has some legal and privacy experts concerned that companies are intruding into areas that their employees had considered off limits. “The question is whether employees have a right to privacy in their non-work-created communications with each other. And I would think the answer is that they do,” said Floyd Abrams, a First Amendment expert and partner at Cahill Gordon & Reindel LLP in New York. The legal landscape is murky. For the most part, employers don’t need a reason to fire nonunion workers. But state laws in California, New York and Connecticut protect employees who engage in lawful, off-duty activities from being fired or disciplined, according to a report prepared by attorneys at the firm Proskauer Rose LLP. While private conversations might be covered under those laws, none of the statutes specifically addresses social networking or blogging. Thus, privacy advocates expect to see more of these legal challenges. [Editor: with this MIRLN I’m beginning to carry WSJ articles because there’s a free iPhone App that accesses WSJ content for-free; I use it to harvest URLs—like this one—which later can be used in a browser.]

- and -

FACEBOOK SURFING WHILE SICK COSTS SWISS WOMAN JOB (Reuters, 24 April 2009) - A Swiss insurance worker lost her job after surfing popular social network site Facebook while off sick, her employer said on Friday. The woman said she could not work in front of a computer as she needed to lie in the dark but was then seen to be active on Facebook, which insurer Nationale Suisse said in a statement had destroyed its trust in the employee. “This abuse of trust, rather than the activity on Facebook, led to the ending of the work contract,” it said. The unnamed woman told the 20 Minuten daily she had been surfing Facebook in bed on her iPhone and accused her employer of spying on her and other employees by sending a mysterious friend request which allows access to personal online activity.

WILSON SONSINI OFFERS FREE DOCUMENT ASSEMBLY TOOL (ABA Journal, 23 April 2009) - Palo Alto, Calif.-based Wilson Sonsini Goodrich & Rosati launched a free online tool that drafts term sheets—documents that outline the terms and conditions of a business contract—for preferred stock financing. According to Wilson Sonsini’s website, the tool is a modified version of one its lawyers use internally. Users answer a series of questions and then generate the term sheet, “which is intended to be useful in deal discussions between entrepreneurs and investors and in crafting a final, customized term sheet with the help of attorneys,” according to a firm statement. Legal bloggers can’t help but question whether a law firm will lose billables with a move like this one. “Where I’d have concerns are those situations in which other lawyers are using the tool, then billing their own clients for work they created for free,” Carolyn Elefant writes on Legal Blog Watch. But consultant and law professor Ken Adams writes on his blog, AdamsDrafting, that he thinks those who use the term sheet generator will be inclined to hire Wilson Sonsini, and points out that London-based Linklaters has offered a similar tool for a number of years. Commentary on the generator here:

BLACK’S LAW DICTIONARY NOW IN ITUNES (ABA Journal, 24 April 2009) - Adding to the ever-expanding toolbox for the wired lawyer who needs to work while on the go, West has launched a Black’s Law Dictionary in iTunes. This is the first iPhone/iPod Touch app for the legal publisher and features the most recent edition of the dictionary. “The idea that you can have a very full, elaborate, complex and richly-textured book like Black’s available at your fingertips is fantastic,” the dictionary’s editor Bryan A. Garner said in a statement. Before heading to the app store, be forewarned that the price is a bit steep compared to most of the freebies or less-than-a-dollar applications many are used to seeing. The Federal Rules of Evidence are available on The Law Pod app for 99 cents. And the U.S. Constitution is available in a number of apps for free or for a nominal price. So what’s West’s price for the Black’s Law Dictionary? $49.99. That’s still a break off the Amazon price for print, which is listed at more than $52 ($195 for a second edition reprint) and the digital version, which is going for $80.

FACEBOOK USE OUTSTRIPS E-MAIL (The Deal, 24 April 2009) - In the last year, people somehow found a way to spend 73% more time on Facebook Inc. and other social networking sites, if that were possible. The stat comes from Nielsen Co.’s The Global Online Media Landscape, released Wednesday. In February, Nielsen found, people used social network sites more than they used Web-based e-mail for the first time ever. Neilsen report here:

WHY GOOGLE WANTS YOU TO GOOGLE YOURSELF (Time, 25 April 2009) - The act of Googling oneself has become the digital age’s premiere guilty pleasure — an activity enjoyed by all and admitted by few. The phenomenon has even been the subject of scholarly research. Last year, a team of Swiss and Australian social scientists published a study concluding that the practice of self-Googling (or “ego-surfing,” as it’s sometimes called) can partly be traced to a rise in narcissism in society, but that it is also an attempt by people to identify and shape their personal online “brand.” The authors of the survey no doubt returned to their cubicles and Googled themselves to see if the study was posted online. The folks at Google are well aware that their site handles millions of vanity searches every day, and that users aren’t always thrilled about the results that pop up when they Google themselves. “The reason people search for themselves is that they’re curious about what other people see when they search for their name,” says Joe Kraus, Google’s director of product management. “One problem is they don’t have any control over the search results. Either they don’t like the search results, or what happens most of the time is, they’re not listed on the first page. If your name is Brian Jones and you’re not the deceased Rolling Stones guitarist, you don’t exist.” To give people a bit more control over search results, Google introduced a feature this week it calls a “Google profile,” which users can create so that a thumbnail of personal information appears at the bottom of U.S. name-query search pages. Once users create a Google profile, their name, occupation and location (and photo if they choose) appears in a box on the first page of the search results for their name. Next to the thumbnail info, there’s a link to a full Google profile page that in many ways resembles a Facebook page.,8599,1893965,00.html?xid=rss-topstories Profile page here:

CORPORATE BLOGS AND ‘TWEETS’ MUST KEEP SEC IN MIND (Wall Street Journal, 27 April 2009) - An eBay Inc. effort to broaden communication through the popular Twitter Web-messaging service highlights the hurdles facing corporate users of online social media. The online auctioneer launched a corporate blog in April 2008. Two months later, blogger Richard Brewer-Hay began “tweeting” -- posting updates on Twitter -- about Silicon Valley technology conferences, eBay’s quarterly earnings calls and other topics. The growing Twitter audience also attracted the attention of eBay’s lawyers, who last month required Mr. Brewer-Hay to include regulatory disclaimers with certain posts. Some followers think the tougher oversight is squelching Mr. Brewer-Hay’s spontaneous, informal style. His experience shows the tension that can arise as more companies tap social media to reach investors, customers and others. Eighty-one Fortune 500 companies sponsor public blogs, including Wal-Mart Stores Inc., Chevron Corp. and General Motors Corp., according to the Society for New Communications Research. Of those blogs, 23 link to corporate Twitter accounts. On Thursday, a Johnson & Johnson executive reported for the first time on the health-care giant’s annual meeting via Twitter, which allows users to post “tweets” of as many as 140 characters via text messages and the Web. Such efforts raise thorny questions. Blogs and tweets can run afoul of Securities and Exchange Commission regulations on corporate communications. But sanitizing such posts risks hurting credibility with online audiences. The SEC boasts its own Twitter account, and encourages companies to communicate to investors via the Web. In July, the commission said companies could disseminate certain information on the Web without issuing a news release. But even some tech-savvy companies remain wary. Intel Corp. in May will be among the first companies to allow shareholders to ask questions via the Web and vote online during its annual meeting. But the chip maker avoids blogs and Twitter for investor issues, because it fears violating SEC disclosure rules or inviting public criticism in a company-hosted forum, says Kevin Sellers, vice president of investor relations.

REPORT REVEALS WHY LAWYERS OK’D CHIQUITA PAYMENTS TO COLOMBIAN TERRORISTS (, 28 April 2009) - A new 269-page report by an independent special litigation committee reveals why Chiquita Brands International paid extortion money to Colombian terrorists for 15 years, reports the Cincinnati Business Courier. Cincinnati-based Chiquita, one of the world’s top banana producers, admitted in March 2007 that it had paid millions to several Colombian terrorist groups in order to protect its workers and business interests in the South American country. Chiquita subsequently paid $25 million to settle a Justice Department investigation into the payments, making the company the first in the U.S. to be convicted of financial dealings with designated terrorist organizations. Former Covington & Burling partner and current U.S. Attorney General Eric Holder Jr., was tapped by Chiquita to handle the Justice Department inquiry. The ensuing legal proceedings raised questions about the legal advice Chiquita had received about the payments from its outside counsel at Kirkland & Ellis and touched off a turf war between Main Justice’s criminal division and the U.S. attorney’s office for the District of Columbia over how the investigation should proceed. Since settling the criminal case, Chiquita has sought to clear itself of civil liability in consolidated litigation before U.S. district court judge Kenneth Marra in West Palm Beach, Fla. According to the Courier, a special litigation committee report was filed along with a motion to dismiss the shareholder litigation, a fairly common occurrence. The massive report delves into how the $10,000 payments that Chiquita doled out in the 1980s soon multiplied into multimillion dollar payments to right-wing paramilitaries and left-wing guerrillas a little more than a decade later. (The report also states that Chiquita chose to settle the Justice Department case rather than face as much as $180 million in potential litigation costs.) Report here:

ANALYSIS OF FLICKR PHOTOS COULD LEAD TO ONLINE TRAVEL BOOKS (, 28 April 2009) - Cornell scientists have downloaded and analyzed nearly 35 million Flickr photos taken by more than 300,000 photographers from around the globe, using a supercomputer at the Cornell Center for Advanced Computing (CAC). Their research, which was presented at the International World Wide Web Conference in Madrid, April 20-24, provides a new and practical way to automatically organize, label and summarize large-scale collections of digital images. The scalability of the method allows for mining information latent in very large sets of images, raising the intriguing possibility of an online travel guidebook that could automatically identify the best sites to visit on a vacation, as judged by the collective wisdom of the world’s photographers. The research also generated statistics on the world’s most photographed cities and landmarks, gleaned from the analysis of the multi-terabyte photo collection:
• The top 25 most photographed cities in the Flickr data are (in order): New York City, London, San Francisco, Paris, Los Angeles, Chicago, Washington, D.C., Seattle, Rome, Amsterdam, Boston, Barcelona, San Diego, Berlin, Las Vegas, Florence, Toronto, Milan, Vancouver, Madrid, Venice, Philadelphia, Austin, Dublin and Portland.
• The top seven most photographed landmarks are (in order): Eiffel Tower, Paris; Trafalgar Square, London; Tate Modern museum, London; Big Ben, London; Notre Dame, Paris; The Eye, London; and the Empire State Building, New York City. Interestingly, the Apple Store in midtown Manhattan was the fifth-most photographed place in New York City -- and the 28th-most photographed place in the world. The researchers developed techniques to identify places that people find interesting to photograph, showing results for thousands of locations at both city and landmark scales.

FTC PUBLISHES REPORT SURVEYING THE MOBILE MARKETPLACE (Hogan & Hartson, 28 April 2009) - On April 22, 2009, the Federal Trade Commission (FTC) issued a report on recent and upcoming developments in the mobile commerce market, summarizing discussions from nine public town hall sessions on topics ranging from mobile security and location-based services to best practices for billing, complaints, and customer dispute resolution. Although the report generally praised the innovation by participants in the mobile marketplace, the FTC noted three areas of potential concern and future regulation: 1) cost disclosures for mobile services, 2) unwanted or harmful mobile text messages, and 3) privacy challenges related to children’s use of smartphones to access the mobile web. The FTC also announced a plan to expedite its review of the Children’s Online Privacy Protection Rule to 2010, rather than 2015 as originally planned. In light of the FTC’s report, mobile service providers, equipment manufacturers, and application developers should review their policies to ensure compliance with industry best practices and should continue to monitor regulatory and legislative developments at both the state and federal levels.

EU: ARTICLE 29 WORKING PARTY ADOPTS OPINION ON NEW STANDARD CONTRACTUAL CLAUSES (Hunton & Williams, 28 April 2009) - On March 17, 2009, the Article 29 Working Party released Opinion 3/2009 on the Commission’s draft decision for standard contractual clauses (SCCs), which discusses proposed updates of the clauses allowing the transfer of personal data to sub-processors established in third-world countries, in light of increased global outsourcing practices. Opinion here:

WARNER MUSIC ISSUES DMCA TAKEDOWN ON LARRY LESSIG PRESENTATION (TechDirt, 28 April 2009) - If there were anyone out there to whom you would not want to send a random takedown notice for an online video, it would probably be Larry Lessig. Given that Lessig has become the public face for those who feel that copyright has been stretched too far, as well as being a founder of Stanford’s Fair Use Project, and who’s written multiple books on these issues, you would think (just maybe) that any copyright holder would at least think twice before sending a DMCA takedown on a Larry Lessig presentation. Apparently, you’d be wrong. Lessig has announced that Warner Music issued a DMCA takedown on one of Lessig’s own presentations, in which his use is almost certainly fair use. Lessig, of course, is a lawyer, and a big supporter of fair use, so it’s no surprise that he’s also said he’s going to be fighting this.

JUSTICE DEPT. OPENS ANTITRUST INQUIRY INTO GOOGLE BOOKS DEAL (New York Times, 29 April 2009) - The Justice Department has begun an inquiry into the antitrust implications of Google’s settlement with authors and publishers over its Google Book Search service, two people briefed on the matter said Tuesday. Lawyers for the Justice Department have been in conversations in recent weeks with various groups opposed to the settlement, including the Internet Archive and Consumer Watchdog. More recently, Justice Department lawyers notified the parties to the settlement, including Google, and representatives for the Association of American Publishers and the Authors Guild, that they were looking into various antitrust issues related to the far-reaching agreement. The inquiry does not necessarily mean that the department will oppose the settlement, which is subject to a court review. But it suggests that some of the concerns raised by critics, who say the settlement would unfairly give Google an exclusive license to profit from millions of books, have resonated with the Justice Department. The settlement, announced in October, gives Google the right to display the books online and to profit from them by selling access to individual texts and selling subscriptions to its entire collection to libraries and other institutions. Revenue would be shared among Google, authors and publishers. But critics say that Google alone would have a license that covers millions of so-called orphan books, whose authors cannot be found or whose rights holders are unknown. Some librarians fear that with no competition, Google will be free to raise prices for access to the collection.

GOOGLE UNVEILS NEW TOOL TO DIG FOR PUBLIC DATA (Washington Post, 29 April 2009) - Google launched a new search tool yesterday designed to help Web users find public data that is often buried in hard-to-navigate government Web sites. The tool, called Google Public Data, is the latest in the company’s efforts to make information from federal, state and local governments accessible to citizens. It’s a goal that many Washington public interest groups and government watchdogs share with President Obama, whose technology advisers are pushing to open up federal data to the public. The company plans to initially make available U.S. population and unemployment data from the Census Bureau and the Bureau of Labor Statistics, respectively. Other data sets, such as emissions statistics from the Environmental Protection Agency, will roll out in the coming months. Google’s Washington employees have spent the past two years visiting government agencies to urge them to make their Web sites, records and databases more searchable. The E-Government Act of 2002 required government agencies to make information more accessible electronically, but users have complained that many agencies do not organize their Web sites so they can be easily indexed by search engines. And some agencies, Google has said, embed codes in their sites that make certain pages invisible to search engines.

FORDHAM LAW CLASS COLLECTS PERSONAL INFO ABOUT SCALIA; SUPREME CT. JUSTICE IS STEAMED (ABA Journal, 29 April 2009) - Last year, when law professor Joel Reidenberg wanted to show his Fordham University class how readily private information is available on the Internet, he assigned a group project. It was collecting personal information from the Web about himself. This year, after U.S. Supreme Court Justice Antonin Scalia made public comments that seemingly may have questioned the need for more protection of private information, Reidenberg assigned the same project. Except this time Scalia was the subject, the prof explains to the ABA Journal in a telephone interview. His class turned in a 15-page dossier that included not only Scalia’s home address, home phone number and home value, but his food and movie preferences, his wife’s personal e-mail address and photos of his grandchildren, reports Above the Law. And, as Scalia himself made clear in a statement to Above the Law, he isn’t happy about the invasion of his privacy: “Professor Reidenberg’s exercise is an example of perfectly legal, abominably poor judgment. Since he was not teaching a course in judgment, I presume he felt no responsibility to display any,” the justice says, among other comments. In response, Reidenberg tells the ABA Journal that the information gathered by his class about Scalia was all “publicly available, for free,” and wasn’t posted on the Internet by the class or otherwise further publicized. He views the dossier-gathering about a public figure as a legitimate classroom exercise intended to spark discussion about privacy law, and says he and the class didn’t intend to offend Scalia. The availability of such information on the Web makes it possible for the government to conduct surveillance that otherwise would be much more difficult or even impossible to pursue through court orders and other official mechanisms, Reidenberg contends. And aggregation of various bits of information also can lead to more troubling use of the compiled information, he says. “When there are so few privacy protections for secondary use of personal information, that information can be used in many troubling ways,” he writes in an e-mail to the ABA Journal. “A class assignment that illustrates this point is not one of them. Indeed, the very fact that Justice Scalia found it objectionable and felt compelled to comment underscores the value and legitimacy of the exercise.”

WIPED OUT: ALONG WITH JOBS, LAID-OFF LOSE PHOTOS, EMAIL (Wall Street Journal, 30 April 2009) - Michele Wallace had worked for Medialink Worldwide Inc. for 18 years when the New York video-distribution company laid her off last May. When the company’s information-technology staff quickly shut down her computer and her BlackBerry, the senior vice president of client services lost family photos and every personal and business contact on her cellphone and computer. “I couldn’t even call my sister because I don’t know her number off the top of my head,” says Ms. Wallace, now a 47-year-old managing director at Mega Media Worldwide and living in Asbury Park, N.J. “I know you shouldn’t even have that stuff on the computer,” she says. But in the course of working 10- to 12-hour days for several years, “you don’t pay as much attention as to how much is personal on your computer.” She’s still piecing together her contacts on Facebook and LinkedIn. (Medialink did not return calls for comment.) As layoffs sweep across industries, employees’ personal information is winding up in the dustbin, as well. Most workers know better than to store personal files on their office computer. But employees who spend the majority of their time at the office often treat the company PC as their personal gadget, filling it with music, photos, personal contacts -- even using the computer’s calendar to track a child’s soccer schedule. That makes it all the more distressing when a newly laid-off worker learns that his digital belongings are company property.

PENTAGON USES FACEBOOK, TWITTER TO SPREAD MESSAGE (AP, 1 May 2009) - You don’t often hear a three-star general using the word “friend” as a verb. But for Lt. Gen. Benjamin Freakley and other Army brass, a new era has brought a new language — and new tools like online social networks Twitter and Facebook — for seeking out young recruits and spreading the military’s message. Freakley, who heads the Army command that oversees recruiting, says social networking sites offer another way to reach tomorrow’s soldiers. “They live in the virtual world,” Freakley said. He cited Facebook as a key component in targeting 18-to 24-year-olds. “You could friend your recruiter, and then he could talk to your friends.” Even Gen. Raymond Odierno, the top U.S. commander in Iraq, has a new Facebook page to answer questions about the mission in Iraq and spread the word about what the troops are accomplishing there. The Army isn’t the only branch of the military with Facebook friends or that has a following on Twitter. The Air Force has also established a Facebook page, Twitter feeds and a blog, while the Marine Corps is using various networking sites mainly for recruiting purposes. The Navy is “experimenting” with several forms of online media, and some of its commands are using Twitter, a spokesman said. Even the Coast Guard commandant regularly updates his Facebook status while traveling. The Army has also added to its Web site video games, a virtual recruiter and clips that answer commonly asked questions about life in uniform.

MN SUPREME COURT OKS BREATHALYZER SOURCE CODE REQUESTS (ArsTechnica, 1 May 2009) - The Minnesota Supreme Court has finally ruled on the contentious issue of giving drunk driving defendants access to the Intoxilyer 500EN source code. Defendants have repeatedly claimed that the devices are (or might be) flawed; since the machine's breath test results are one of the main bits of evidence against them, justice demands that they have the right to examine the device firmware for accuracy. The justices have agreed—but only for defendants who have a reason for looking. Fishing expeditions don't qualify. Two defendants, Dale Underdahl and Timothy Brunner, were both arrested on suspicion of drunk driving. Field breath tests using the Intoxilyzer 5000EN showed that both men had far more than the legal limit for alcohol in their systems, and they were subsequently charged. Both men demanded access to the Intoxilyzer source code, but with one key difference: Underdahl gave no reason for thinking that the code might contain errors, while Brunner turned in a memo and nine exhibits. Brunner's documents included testimony from a computer science prof and a report from a New Jersey court case showing "a variety of defects" in breath test source code. That proved to be a key difference for the Supreme Court, which noted that Underdahl "advanced no theories on how the source code" could help him. According to the majority of the justices, "even under a lenient showing requirement, Underdahl failed to make a showing that the source code may relate to his guilt or innocence." So—no source code for Underdahl. But Brunner's extra effort paid off. Because he provided the court with some reason for questioning the validity of the source code, the Supreme Court found that the code was discoverable in his case. The state is required to produce it, though this poses another problem: the device's maker, CMI, has long refused to turn over the code in such cases. (It claims "trade secrets" in the 50,000 lines of assembly language code that runs on the Intoxilyzer's Z80 microchips.) Ruling here:

SIFTABLES, THE TOY BLOCKS THAT THINK (TED Talk, by MIT’s David Merrill) – 7minute video demonstration of cookie-sized, computerized tiles you can stack and shuffle in your hands. These future-toys can do math, play music, and talk to their friends, too. Is this the next thing in hands-on learning?

**** RESOURCES ****
FACEBOOK ETHICS (Philadelphia Bar Association Opinion, March 2009) -- Lawyer can’t use a strawman to send a friend request to adverse witness, in a search for possibly-impeaching evidence on witness’ private Facebook page. Rationale: the friend-request is deceptive conduct.

COMMERCE WANTS TO CLOSE NTIS, PUT INFO ONLINE -- U.S. Commerce Secretary William Daley says he supports shutting down the nearly 50-year-old National Technical Information Service (NTIS) and transferring its extensive archives of government reports and documents to the Library of Congress. “This way, the American people can find the documents they want via search engines that currently exist - and the more powerful ones being created - and download them for free. We will propose legislation to Congress next month to achieve these ends,” says a Commerce Department statement. NTIS, which was charged with becoming self-funding during the Reagan administration, often charged what some felt were exorbitant prices for publicly funded information. “We think this is great news,” says a policy analyst at the Center for Democracy and Technology. “We think it shows that the Commerce Department is really looking at the Internet and realizes what it can mean for public access to government information.” (New York Times 17 Aug 99)

************** NOTES **********************
MIRLN (Misc. IT Related Legal News) is a free product for members of the American Bar Association’s Cyberspace Law Committee, et al., and is produced by KnowConnect PLLC.

Members of the ABA Cyberspace Law Committee automatically receive MIRLN postings (about every third week); members can manage their subscriptions at (find the “Listserves” box; MIRLN comes through the CLCC-MEMS listserve). Others who wish to be added to the MIRLN distribution list should send email to Vince Polley ( with the word “MIRLN” in the subject line, and similarly will be removed from the distribution list after sending email to Vince with the words “MIRLN REMOVAL” in the subject line.

Recent MIRLN issues are archived at

SOURCES (inter alia):
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School,
2. Edupage,
3. SANS Newsbites,
4. NewsScan and Innovation,
5. BNA’s Internet Law News,
6. Crypto-Gram,
7. McGuire Wood’s Technology & Business Articles of Note,
8. Steptoe & Johnson’s E-Commerce Law Week,
9. Eric Goldman’s Technology and Marketing Law Blog,
10. Readers’ submissions, and the editor’s discoveries.

This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.

No comments: