Saturday, November 28, 2009

MIRLN --- 8-28 November 2009 (v12.16)

• Leaked ACTA Internet Provisions: Three Strikes and a Global DMCA
• Federal Judge Calls Courtroom Tweets Banned Broadcasts Under Rule 53
• Consent Will be Required for Cookies in Europe
o French Senate Issues New Legislation to Amend Data Protection Act: Provisions Include Breach Notice Obligation and Consent for Use of Cookies
• Towards a “Privacy Privilege” to Oppose Discovery Requests?
• Sticks and Stones – More about Online Reputation Management
• Department of Interior Fails Cybersecurity Audit
o NIST Drafts Cybersecurity Guidance
• World Justice Project Rule of Law Index
• Ninth Circuit Ruling Leads to Spike in Class Actions Over Text Messages from Retailers
• Employers Win a Round in the Fight over whether Disloyal Employees are “Authorized” to Access Company Computers
• Two German Killers Demanding Anonymity Sue Wikipedia’s Parent
• W.Va. Supreme Court Opts for E-Mail Secrecy
• International Activists Launch New Website to Gather and Share Copyright Knowledge
• A Rush to Learn English by Cell
• Twitter and the Learning Technology Stream
• More Hackers Target Law Firms, Often ‘Spear Fishing’ in Spam E-Mail
• Goal of New ABA Website: All the Federal Decisions that are Fit to Print
o Bridging the Digital Divide: a New Vendor in Town? Google Scholar Now Includes Case Law
o Google Scholar Legal Opinion and Journal Search, ABA LTRC Free Full-Text Law Review/Law Journal Search
• Wow! Top Execs Say they are Influenced by Social Networks
• In-Q-Tel Invests in Cybersecurity Company
• DHS Critical Infrastructure Protection Website Launched
• India Establishes Broad Interception, Data Retention, Cyber Security, and Website Blocking Requirements
• Some Courts Raise Bar on Reading Employee Email
• 200 Web Sites Spread al-Qaida’s Message in English
• Military Video System is Like YouTube with Artillery
• Memento: Protocol-Based Time Travel for the Web
• A Look at Twitter’s Updated Privacy Policy
• Law Firm Invokes Privacy Laws in Suing Rival over Search Engine Keywords
• Levi’s is Paying Orrick a Flat Fee to Handle all but its IP Work
• Wikileaks Releases over Half a Million Pager Messages from 9/11
• Google Profiles turn into OpenIds


LEAKED ACTA INTERNET PROVISIONS: THREE STRIKES AND A GLOBAL DMCA (EFF, 9 Nov 2009) - Negotiations on the highly controversial Anti-Counterfeiting Trade Agreement (ACTA) began last week in Seoul, Korea. The closed negotiations focused on “enforcement in the digital environment.” Negotiators discussed the Internet provisions drafted by the US government. No text has been officially released, but as Professor Michael Geist and IDG are reporting, leaks have surfaced. The leaks confirm everything we have feared about the secret ACTA negotiations. The Internet provisions have nothing to do with addressing counterfeit products but are all aimed at imposing a set of copyright industry demands on the global Internet, including obligations on ISPs to adopt Three Strikes Internet disconnection policies and a global expansion of DMCA-style TPM laws. For the leaked commission memo:

FEDERAL JUDGE CALLS COURTROOM TWEETS BANNED BROADCASTS UNDER RULE 53 (ABA Journal, 9 Nov 2009) - A federal judge in Georgia has banned reporters from sending live-action tweets from his courtroom, saying that Twitter is a form of broadcasting and hence prohibited under Rule 53 of the Federal Rules of Criminal Procedure. But the ruling by U.S. District Judge Clay Land only extends as far as the courtroom door, suggests the Taking Liberties blog of CBS News: “All an intrepid spectator in Judge Clay Land’s courtroom apparently needs to do is write something inside the courtroom, and then step outside before pressing ‘send,’ “ the blog states. The Volokh Conspiracy provides a link to the judge’s four-page order (PDF), which was made last week in response to a request by a Columbus Ledger-Enquirer reporter to tweet about an upcoming trial.

CONSENT WILL BE REQUIRED FOR COOKIES IN EUROPE (, 9 Nov 2009) - A law that demands consent to internet cookies has been approved and will be in force across the EU within 18 months. It is so breathtakingly stupid that the normally law-abiding business may be tempted to bend the rules to breaking point. The fate of Europe’s cookie law became improbably entwined with a debate over file-sharing. To cut a long story short, it broke free. On 26th October, it was voted through by the Council of the EU. It cannot be stopped and awaits only the rubber-stamp formalities of signature and publication. The vote’s result was announced by way of a whisper. It featured at the tail end of an 18-page Council press release (PDF) that first had to address fishing quotas, train driving licences and a maritime treaty with China. I’m afraid we missed it. There was no attempt to bury this news – but the hushed tones of its reporting were consistent with the media attention it has received to date. There has been almost no fuss about this little law, despite the harm it could do to advertising, the lifeblood of online publishing. It also threatens to irritate all web users by appearing at every new destination like an over-zealous security guard. Here’s what’s coming. The now-finalised text says that a cookie can be stored on a user’s computer, or accessed from that computer, only if the user “has given his or her consent, having been provided with clear and comprehensive information”. An exception exists where the cookie is “strictly necessary” for the provision of a service “explicitly requested” by the user – so cookies can take a user from a product page to a checkout without the need for consent. Other cookies will require prior consent, though. So almost every site that carries advertising should be seeking its visitors’ consent to the serving of cookies. It also catches sites that count visitors – so if your site uses Google Analytics or WebTrends, you’re caught. You could seek consent with pop-ups, if you’re happy to ignore accessibility guidelines that discourage pop-ups – though users’ browsers may block pop-ups by default, which risks confusion. Or you could do it with a landing page that contains a load of information and some choices. The choices for users could be: * * * [Spotted by MIRLN reader Michael Fleming of Larkin Hoffman.]

- and -

FRENCH SENATE ISSUES NEW LEGISLATION TO AMEND DATA PROTECTION ACT: PROVISIONS INCLUDE BREACH NOTICE OBLIGATION AND CONSENT FOR USE OF COOKIES (Hunton & Williams, 17 Nov 2009) - On November 6, 2009, the French Senate proposed a new draft law to reinforce the right to privacy in the digital age (“Proposition de loi visant à garantir le droit à la vie privée à l’heure du numérique”) (the “Draft Law”). Following a Report on the same topic issued last spring, the Senate made concrete proposals with this Draft Law to amend the Data Protection Act. The Draft Law requires that data controllers provide information on their data processing activities to their data subjects in a clear, specific and easily accessible manner. The data subjects would be able to exercise their right of access more easily, including by email. The Draft Law also distinguishes between the data subject’s right to object to the use of his/her personal data for commercial purposes and his/her right to delete his personal data after it has been processed. The Draft Law also proposes an increase in the obligations of data controllers. Organizations with more than fifty employees that either access or process the personal data are required to appoint a data protection officer. In addition to his obligation to inform the data subjects about a data processing activity, a data controller would have to obtain a data subject’s consent to process data (including for the use of cookies), except if a legal exception applies. Data controllers would also have to implement stronger security measures to preserve the security and confidentiality of personal data. In particular, in case of a data security breach, a data controller would have to notify the French data protection authority (“CNIL”), which would then decide whether to inform the data subjects concerned by this breach. Finally, passage of the law would increase the CNIL’s enforcement authority. Fines imposed by the CNIL for violations of the law would be increased to a maximum €600,000 (instead of the current €300,000).

TOWARDS A “PRIVACY PRIVILEGE” TO OPPOSE DISCOVERY REQUESTS? (White & Case, 10 Nov 2009) - On July 23, 2009, the French Data Protection Authority [Commission nationale de l’informatique et des libertés (“CNIL”)] released its Deliberation No. 2009-474 concerning recommendations for the transfer of personal data in the context of discovery in US litigation (the “Recommendation”). This Recommendation must be taken into account by all parties that find themselves in the position of transferring documents or other information containing personal data from France to the United States in the discovery or litigation context. In the Recommendation, the CNIL, a governmental agency whose stated goal is in particular to protect individuals with regard to the processing of their personal data in France, has wrestled with the threats posed to personal data privacy by discovery requests served in US civil and commercial litigation. The Recommendation was issued in response to “an increase in the number of matters concerning the transfer of personal data to the United States, filed principally either by French subsidiaries of American companies or by French companies that have commercial ties with the United States, in the context of ‘Discovery’ proceedings before American courts.” For those familiar with the CNIL’s prior Recommendations and privacy-friendly positions, this one will not come as a complete surprise; nonetheless, the Recommendation represents an important new authoritative statement regarding the defense of privacy rights in the discovery context. (The Recommendation does not apply to US criminal litigation or the investigations by governmental agencies.)

STICKS AND STONES – MORE ABOUT ONLINE REPUTATION MANAGEMENT (ABA’s LTRC, 10 Nov 2009) - When people are searching for information they are most likely to be using Google. According to Experian Hitwise, a global online competitive intelligence service, Google accounted for 71.08 percent of all U.S. searches conducted in September 2009. Therefore, Google’s Reputation Management Advice carries considerable weight. A lawyer’s reputation is his or her stock in trade; making this topic particularly relevant to the legal profession. Following is a collection of resources for lawyers regarding online reputation management: * * *

DEPARTMENT OF INTERIOR FAILS CYBERSECURITY AUDIT (Information Week, 10 Nov 2009) - The Department of the Interior inspector general has issued a report that’s sharply critical of the agency’s cybersecurity performance, concluding that its efforts fall short of federal government requirements. The recently issued report points to broad problems at the agency, from a decentralized IT organization to “fragmented governance processes.” It says that the agency has “substantially under-qualified” cybersecurity personnel and that its IT leadership hasn’t been as involved in cybersecurity as it should be. “Personnel responsible for management of the IT programs are not accountable for results, and existing investments are not leveraged to their full potential,” the report says. Interior has budgeted $182 million for cybersecurity this year and has 677 employees and contractors devoted to information security and another 3,531 with “significant” responsibilities in that area. The Department of Interior has CIOs for each of its large bureaus, and those CIOs are supposed to have responsibility for their organizations’ IT and cybersecurity. However, the inspector general found that responsibilities were delegated to smaller offices, resulting in inefficiencies and higher costs. The report describes IT and cybersecurity governance at the department as being inefficient, wasteful, and lacking accountability. It says that Interior has been cited for similar problems in the past by the inspector general and by the Government Accountability Office, but that recommendations for fixing the situation haven’t been applied. [Editor: anybody remember Corbell v. Norton? Fiduciary duty to protect information security?]

- and -

NIST DRAFTS CYBERSECURITY GUIDANCE (Information Week, 23 Nov 2009) - Draft guidance from the National Institute of Standards and Technology issued last week, pushes government agencies to adopt a comprehensive, continuous approach to cybersecurity, tackling criticism that federal cybersecurity regulations have placed too much weight on periodic compliance audits. The guidance, encapsulated in a draft revision to NIST Special Publication 800-37, will likely be finalized early next year. While federal agencies aren’t required to follow all of its recommendations, NIST is officially charged with creating standards for compliance with the Federal Information Systems Management Act, (FISMA), which sets cybersecurity requirements in government, so this guidance should at the very least be influential. The new document puts more onus on applying risk management throughout the lifecycle of IT systems. “This is part of a larger strategy to try to do more on the front end of security as opposed to just on the back end,” says NIST’s Ron Ross, who is in charge of FISMA guidance at the agency. “We don’t think of security as a separate undertaking, but as a consideration we make in our normal lifecycle processes.” Special Publication 800-37 fleshes out six steps federal agencies should take to tackle cybersecurity: categorization, selection of controls, implementation, assessment, authorization, and continuous monitoring. It improves on earlier guidance by emphasizing making rigorous cybersecurity part and parcel of the deployment and operation of IT systems. The document breaks out its cybersecurity guidance in several steps.

WORLD JUSTICE PROJECT RULE OF LAW INDEX (BeSpacific, 11 Nov 2009) - “The Rule of Law Index is a new tool, created by the WJP [World Justice Project Rule], which measures countries’ adherence to the rule of law...The Rule of Law Index is the first index that examines the rule of law comprehensively. Other indices cover only aspects of the rule of law, such as human rights, commercial law, and corruption. Because the Index looks at the rule of law in practice and not solely as it exists on the books, the Index will be able to guide governments, civil society, NGOs and business leaders in targeting efforts to strengthen the rule of law.” Index materials here:

NINTH CIRCUIT RULING LEADS TO SPIKE IN CLASS ACTIONS OVER TEXT MESSAGES FROM RETAILERS (Pillsbury, 11 Nov 2009) - In Satterfield v. Simon & Schuster, Inc., 569 F.3d 946 (9th Cir. 2009), the Ninth Circuit held that unsolicited text messages to mobile phones sent by a retailer may constitute a “call” in violation of the Telephone Consumer Protection Act (the “TCPA”). This decision has sparked an increase in consumer class actions filed against retailers who send advertisements to consumers by text message.

EMPLOYERS WIN A ROUND IN THE FIGHT OVER WHETHER DISLOYAL EMPLOYEES ARE “AUTHORIZED” TO ACCESS COMPANY COMPUTERS (Steptoe & Johnson’s E-Commerce Law Week, 12 Nov 2009) - A federal court in Missouri has weighed in on whether a disloyal employee’s use of his employer’s computer system is acting “without authorization” or “exceed[ing] authorized access,” in violation of the Computer Fraud and Abuse Act. As we’ve previously reported, courts have split on the issue, with many courts (notably the Ninth Circuit) holding that an employee who is permitted to access the system is not acting “without authorization” or in excess of authorization even if he is accessing the system for an illegitimate purpose, such as taking proprietary information to give to a competing firm. The court in Missouri, however, followed the Seventh Circuit’s decision in International Airport Centers, L.L.C., v. Citrin, which held that an employee loses authorization to access company computers when he acts to benefit his own interests, and not those of the company.

TWO GERMAN KILLERS DEMANDING ANONYMITY SUE WIKIPEDIA’S PARENT (New York Times, 12 Nov 2009) - Wolfgang Werlé and Manfred Lauber became infamous for killing a German actor in 1990. Now they are suing to force Wikipedia to forget them. The legal fight pits German privacy law against the American First Amendment. German courts allow the suppression of a criminal’s name in news accounts once he has paid his debt to society, noted Alexander H. Stopp, the lawyer for the two men, who are now out of prison. Mr. Stopp has already successfully pressured German publications to remove the killers’ names from their online coverage. German editors of Wikipedia have scrubbed the names from the German-language version of the article about the victim, Walter Sedlmayr. Now Mr. Stopp, in suits in German courts, is demanding that the Wikimedia Foundation, the American organization that runs Wikipedia, do the same with the English-language version of the article. That has free-speech advocates quoting George Orwell. Floyd Abrams, a prominent First Amendment lawyer who has represented The New York Times, said every justice on the United States Supreme Court would agree that the Wikipedia article “is easily, comfortably protected by the First Amendment.” But Germany’s courts have come up with a different balance between the right to privacy and the public’s right to know, Mr. Abrams said, and “once you’re in the business of suppressing speech, the quest for more speech to suppress is endless.” The German law springs from a decision of Germany’s highest court in 1973, said Julian Höppner, a lawyer with the Berlin law firm JBB who has represented the Wikimedia Foundation, though not in this case. Publications generally comply with the law, Mr. Höppner said, by referring to “the perpetrator — or, Mr. L.” But with such a well-known case, he said, expunging the record “is difficult to accomplish — and, morally speaking, rightly so.”

W.VA. SUPREME COURT OPTS FOR E-MAIL SECRECY (AP, 12 Nov 2009) - The state Supreme Court has ruled that public officials and public employees can keep their personal e-mails secret. The court ruled 4-1 Thursday that none of the 13 e-mails between former Supreme Court Chief Justice Elliott “Spike” Maynard and Massey Energy Chief Executive Don Blankenship are public records. The Associated Press had sued to gain access to the correspondence last year, when Massey had several cases pending before the high court. Kanawha County Circuit Court Judge Duke Bloom ruled that five of the e-mails were public, but that eight were not. Bloom reasoned that the five e-mails were public records because they touched on Maynard’s ultimately unsuccessful campaign in the Democratic primary, in which he ran against two of the justices now sitting on the court. The five e-mails were released after that ruling. But the Supreme Court ruled that Bloom was wrong to release those e-mails, and sent the case back to his court. Justice Margaret Workman was the lone dissenter. In writing for the majority, Justice Robin Davis said “None of the e-mails’ contents involved the official duties, responsibilities or obligations of Justice Maynard as a duly elected member of the court.” Davis’ opinion says that 12 of the e-mails “simply provided URL links to privately operated Internet Web sites that carried news articles,” while the 13th was an “agenda for a meeting being held by a private organization.” This description is not accurate. Of the five e-mails released by Bloom’s order, two contained links not to news articles, but to pages on the Web site of a Huntington law firm, along with comments Maynard wrote about the firm. One e-mail mocked the firm’s advertisements as “unbelievable,” while another slammed the firm for claiming that a fire at Massey’s Aracoma Alma Mine No. 1 that killed two miners could have been prevented.

INTERNATIONAL ACTIVISTS LAUNCH NEW WEBSITE TO GATHER AND SHARE COPYRIGHT KNOWLEDGE (EFF, 13 Nov 2009) - The Electronic Frontier Foundation (EFF), Electronic Information for Libraries (, and other international copyright experts joined together today to launch Copyright Watch -- a public website created to centralize resources on national copyright laws at “Copyright laws are changing across the world, and it’s hard to keep track of these changes, even for those whose daily work is affected by them,” said Teresa Hackett, Program Manager at “A law that is passed in one nation can quickly be taken up by others, bilateral trade agreements, regional policy initiatives, or international treaties. With Copyright Watch, people can learn about the similarities and differences in national copyright laws, and they can use that information to more easily spot patterns and emerging trends.” Copyright Watch is the first comprehensive and up-to-date online repository of national copyright laws. To find links to national and regional copyright laws, users can choose a continent or search using a country name. The site will be updated over time to include proposed amendments to laws, as well as commentary and context from national copyright experts. Copyright Watch will help document how legislators around the world are coping with the challenges of new technology and new business models.

A RUSH TO LEARN ENGLISH BY CELL (Washington Post, 14 Nov 2009) - More than 300,000 people in Bangladesh, one of Asia’s poorest but fastest-growing economies, have rushed to sign up to learn English over their cellphones, threatening to swamp the service even before its official launch Thursday. The project, which costs users less than the price of a cup of tea for each three-minute lesson, is being run by the BBC World Service Trust, the international charity arm of the broadcaster. Part of a British government initiative to help develop English skills in Bangladesh, it marks the first time that cellphones have been used as an educational tool on this scale. Since cellphone services began in Bangladesh just over a decade ago, more than 50 million Bangladeshis have acquired phone connections, including many in remote rural areas. That far outnumbers the 4 million who have Internet access. English is increasingly seen as a key to economic mobility, especially as ever larger numbers of Bangladeshis go abroad to find work unavailable to them at home. An estimated 6.2 million Bangladeshis work overseas, and their nearly $10 billion in annual remittances represent the country’s second-largest source of foreign exchange. However, English is also important for securing jobs at home, where about 70 percent of employers look for workers with “communicative English.” Through its Janala service, the BBC offers 250 audio and text-message lessons at different levels -- from basic English conversation to grammar and comprehension of simple news stories. Each lesson is a three-minute phone call, costing about 4 cents.

TWITTER AND THE LEARNING TECHNOLOGY STREAM (InsideHigherEd, 15 Nov 2009) - Twitter is changing how I keep up with the educational technology world. I’m moving from relying on an RSS reader (I use Google Reader) to relying on Twitter subscriptions and hashtags. For the first time I’m wondering if Google should be worried about their core business model, as if my experience is any guide on how we use the Web to understand the world, may be moving away from search and more towards microblogging Twitter clients (I use Twhirl by Seesmic). At EDUCAUSE 09 Twitter was much debated (go watch the fabulous Campbell/Maas point/counterpoint) and extravagantly utilized for sharing and communication (see the #EDUCAUSE09 transcript). I’m pretty certain that Course Management Systems will start to build in Twitter capabilities and that hashtags will automatically be generated for each course. Tweeting will become a standard way for students and instructors to share information, thoughts and links around the course material. Many instructors will become comfortable incorporating and leveraging a Twitter-enabled backchannel to both in-class and out-of-class communication. Scanning the educational technology news stream via a Twitter client vs. relying on an RSS reader means that I look at content that has been recommended by a person. The learning technology community is small enough that I can pretty quickly begin to filter by reputation. If one person consistently links to material that I find useful and interesting then I’m more likely to click on her links. Rather then going to particular blogs, or presentations, or videos, or articles based on the title or site (as I do with an RSS reader), I go because of a colleague’s recommendation. This is a big change, and I’m still getting my head around this shift. My apologies for all those folks like Clay Shriky (and perhaps) you who understood (and blogged about) the implications of microblogging and social media a long time ago. I feel like I’m sort of coming late to this bandwagon. My conversion to information gathering by Twitter client has me wondering about the need to explore this method in course design, faculty training, and student information literacy.

MORE HACKERS TARGET LAW FIRMS, OFTEN ‘SPEAR FISHING’ IN SPAM E-MAIL (ABA Journal, 16 Nov 2009) - Computer hackers are targeting law firms as a potential motherlode of confidential information, often relying on “spear fishing” attacks in which personalized spam e-mail appears to come from a trusted individual. While the e-mail itself doesn’t pose a danger, clicking on a link within the e-mail can invite malicious software into the law firm’s computer system. The trend of focusing hack attacks on law firms began two years ago, according to a FBI advisory, but there has been a “noticeable increase” recently, reports the Associated Press. Law firms representing client corporations that are negotiating major international deals are particularly inviting targets. “Law firms have a tremendous concentration of really critical, private information,” says Bradford Bleier of the FBI’s cyber division. Hence, sneaking into their computer systems “is a really optimal way to obtain economic, personal and personal security-related information.” [The FBI advisory is here:; it was published by the FBI on November 1 entirely without fanfare, and only picked up by the AP after Mr. Bleier talked about it at an ABA meeting on November 13.]

GOAL OF NEW ABA WEBSITE: ALL THE FEDERAL DECISIONS THAT ARE FIT TO PRINT (ABA Journal, 17 Nov 2009) - Want to know more about a 9th Circuit opinion on the First Amendment rights of a citizen ejected from a city council meeting for giving a Nazi salute? Or the 5th Circuit opinion allowing a Halliburton employee to sue over her alleged rape in Iraq? You can find those opinions summarized on the new Media Alerts on Federal Courts of Appeals website. Students and professors at four law schools are choosing the opinions most likely to be of interest to journalists and the public for the pilot project, sponsored by the ABA Standing Committee on Federal Judicial Improvements. The website, which officially launches on Wednesday, now covers the U.S. Courts of Appeals for the 3rd, 5th and 9th Circuits. The plan is to add eventually all of the circuits. Judge M. Margaret McKeown of the 9th Circuit, a special adviser to the project, says the idea for the website grew out of some discussions between judges and journalists at a meeting at the First Amendment Center earlier this year. About 60,000 cases are filed every year in the federal courts of appeals, McKeown told the ABA Journal. “Most courts have very good websites, but there is a lot of information out there, so this provides a special niche,” she says. “There is a certain needle-in-the-haystack element for someone to go through them every day in every jurisdiction of interest to find cases.” “Our view is that fair and accurate reporting about the courts is important, both for the public and also in order to emphasize judicial independence,” says McKeown, whose three-year term as chair of the ABA Standing Committee on Federal Judicial Improvements ended in August. Law schools working on the project are the University of Texas School of Law, Temple University Beasley School of Law, the University of Arizona James E. Rogers College of Law, and the University of San Diego School of Law.

- and -

BRIDGING THE DIGITAL DIVIDE: A NEW VENDOR IN TOWN? GOOGLE SCHOLAR NOW INCLUDES CASE LAW (LLRX, 18 Nov 2009) - An unexpected salvo was fired in the battle to bring case law to the consumer today by none other than Web search giant, Google. The announcement that Google Scholar would now allow for precedent searches set the internet and legal world a buzz. With law firms still being battered by the struggling economy, Google’s move is opportune. Legal researchers are hungry for low cost alternatives to the industry’s major players. Just how Google’s new case offerings and functionality will stack up remains to be seen. Will it be a revolution in the world of case research or just another case of getting for what we pay (or don’t pay, as it may be)? Google is taking on the old adage that ignorance of the law is not a defense when running afoul of it. Its announcement clearly targeted the average person, promising to enable “people everywhere to find and read full text legal opinions from U.S. federal and state district, appellate and supreme courts.” What it may lack in the wide breadth of coverage we have come to expect from major vendors like Westlaw and Lexis, Google makes up for with the simple, popular, and widely-used power of its search engine. Folks who have never touched the other major vendors have almost certainly “googled” something. Thus, though new to the law scene, Google’s brand and familiarity could make it a formidable foe to the industry elite. Searching for case law on Google is simple and versatile. You can search by case name, topic, or even phrase (“separate but equal” is the example they use). All you need to do is go to Google Scholar ( and click the new radio button for “Legal opinions and journals”. It is just that easy. But what of the results? How do they compare to what we in the legal community are accustomed? A simple test of the new search might just surprise you. Take a case like Bowers v. Hardwick, for example - seminal, controversial, and heavily cited. Run it’s name through the Google Scholar search. What you get is almost overwhelming. Yes your search results will return the text of the decision. But that is not all. Decisions, in this case Bowers, can come with official citations and pagination. Key factors for anyone writing and citing to the case. The cases cited in the body of the decision, if Google has them, actually show up as clickable links. That should give the major vendors pause! But this is STILL not all Google Scholar has to offer. If there are legal journals that cite the case you have searched and Google has them, you will see them in your search. By clicking the “How Cited” link next to the case name on the results page, you can see how the document has been cited, where it has been cited, and other related cases. Searching for Bowers brings up a list of cases that have been seminal in the area of privacy rights, for example. Even the footnotes are clickable links! Suffice it to say that Google is on to something really good here.

- and -

GOOGLE SCHOLAR LEGAL OPINION AND JOURNAL SEARCH, ABA LTRC FREE FULL-TEXT LAW REVIEW/LAW JOURNAL SEARCH (ABA’s LTRC, 19 Nov 2009) - Google officially announced adding legal opinion and journal search features to Google Scholar this week, following the ABA Legal Technology Resource Center’s announcement of the release of a free full-text online law review/law journal search engine created using Google Custom Search. What are some differences between the two search engines? Google Scholar legal searches often return a large number of fee-based journal sites and cannot currently be limited to searching free sources only; the LTRC search engine is designed to search free full-text sites. Google Scholar legal searches often return a mix of legal opinions and journal articles and cannot currently be limited to searching journals only; the LTRC search engine is designed to search only law review, law journal, and related article sites. Google Scholar’s options for searching legal opinions are more developed than those for searching legal journals. Searches can be limited to legal opinions and by jurisdiction through the Google Scholar Advanced Search interface. The legal opinions linked to in the search results are free full-text and include pagination. Google Scholar includes a citator feature for legal opinions: clicking on a “How cited” link appearing next to an opinion in the search results leads to a page which displays text snippets from citing paragraphs in citing opinions (no editorial analysis such as treatment is given). “Cited by” and “Related documents” links display lists of citing and related opinions and articles. Information regarding coverage of Google Scholar’s legal opinion database can be found at under the heading “Which court opinions do you include?” For more legal opinion-related information on the web, also see the ABA Standing Committee on Federal Judicial Improvements’ new Media Alerts on Federal Courts of Appeals website, which features case summaries and information on selected Federal Courts of Appeals cases.

WOW! TOP EXECS SAY THEY ARE INFLUENCED BY SOCIAL NETWORKS (ZDnet, 18 Nov 2009) - This new research study from the Society for New Communications Research (SNCR) is important because it shows that company executives are influenced by their online networks. And the trend is growing. The influence on business decisions by online communities is at its highest in three years. The research was conducted by Don Bulmer from SAP and Vanessa DiMauro. Here are some key findings from this survey 365 business professionals:
Professional decision-making is becoming more social - enter the era of Social Media Peer Groups (SMPG)
• Traditional influence cycles are being disrupted by Social Media as decision makers utilize social networks to inform and validate decisions
• Professionals want to be collaborative in the decision-cycle but not be marketed or sold to online; however online marketing is a preferred activity by companies.
Professional networks are emerging as decision-support tools
• Decision-makers are broadening reach to gather information especially among active users
Professionals trust online information almost as much as information gotten from in-person
• Information obtained from offline networks still have highest levels of trust with slight advantage over online (offline: 92% - combined strongly/somewhat trust; online: 83% combined strongly/somewhat trust)
Reliance on web-based professional networks and online communities has increased significantly over the past 3 years
• Three quarters of respondents rely on professional networks to support business decisions
• Reliance has increased for essentially all respondents over the past three years
Social Media use patterns are not pre-determined by age or organizational affiliation
• Younger (20-35) and older professionals (55+) are more active users of social tools than middle aged professionals.
• There are more people collaborating outside their company wall than within their organizational intranet.

IN-Q-TEL INVESTS IN CYBERSECURITY COMPANY (Information Week, 18 Nov 2009) - The independent venture arm of the U.S. intelligence community, In-Q-Tel, has invested in cybersecurity company FireEye, the company announced Wednesday. In-Q-Tel and FireEye didn’t disclose terms of the agreement, or which intelligence agencies are particularly interested in the technology. However, in a release, they said that the investment “will extend FireEye’s cyber security product development and stealth malware technical capabilities to protect against cyber threats.” The intelligence community has a clear interest in cybersecurity investment. At a conference earlier this month, deputy secretary of defense William Lynn said that more than 100 foreign intelligence agencies are actively trying to hack into federal government systems. The NSA recently announced plans to build a $1.5 billion cybersecurity data center in Utah. California-based FireEye sells an out-of-band security appliance that monitors all inbound network traffic, employing a blend of signatures and heuristics to analyze traffic for evidence of suspicious behavior. After identifying suspicious traffic, the appliance captures and replays the traffic on virtual machines running in the appliance, which imitate real PCs. If those PCs are compromised, FireEye alerts administrators. By routing the traffic to a virtual machine, FireEye claims it is able to mitigate false positives. The virtual machines are invisible to the customer’s production network. FireEye claims that its products are especially useful for protection against zero-day malware attacks and botnets.

DHS CRITICAL INFRASTRUCTURE PROTECTION WEBSITE LAUNCHED (BeSpacific, 18 Nov 2009) - The nation’s critical infrastructure and key resources (CIKR) include systems and assets, whether physical or virtual, so vital to the United States that their incapacitation or destruction would have a debilitating impact on national security, national economic vitality, or public health and safety. Ensuring CIKR resiliency and protection is essential to our security and way of life. The Department’s Office of Infrastructure Protection leads the coordinated national effort to build resiliency and reduce and mitigate risk across the 18 CIKR Sectors, which include such key areas as food and water, energy, communications and transportation systems, and emergency services. Since the vast majority of the nation’s critical infrastructure is privately owned and operated, strong partnerships between government and private industry are essential to achieve these shared goals.” See also the new CIKR Resource Center, “which includes information about how to sign up for free Web-based seminars on the tools, trends, issues, and best practices for infrastructure protection and resilience; resources concerning potential vulnerabilities for chemical facilities; and details about the National Response Framework, which outlines guidance for all response partners to prepare for and provide a unified response to disasters and emergencies.” and

INDIA ESTABLISHES BROAD INTERCEPTION, DATA RETENTION, CYBER SECURITY, AND WEBSITE BLOCKING REQUIREMENTS (Steptoe & Johnson’s E-Commerce Law Week, 19 Nov 2009) - India’s Information Technology (Amendment) Act, 2008, came into effect at the end of last month, instituting significant new requirements governing the interception and decryption of communications, access to stored data, data retention, cyber security, and website blocking. The law also appears to authorize the government to restrict what encryption may be used in India. Regulations implementing many of these requirements have already been “notified,” while other key regulations remain to be issued. Communications providers and other companies that do business in India thus will have to satisfy burdensome new requirements, and may be faced with even more significant restrictions in the near future.

SOME COURTS RAISE BAR ON READING EMPLOYEE EMAIL (WSJ, 19 Nov 2009) -Big Brother is watching. That is the message corporations routinely send their employees about using email. But recent cases have shown that employees sometimes have more privacy rights than they might expect when it comes to the corporate email server. Legal experts say that courts in some instances are showing more consideration for employees who feel their employer has violated their privacy electronically. Driving the change in how these cases are treated is a growing national concern about privacy issues in the age of the Internet, where acquiring someone else’s personal and financial information is easier than ever. “Courts are more inclined to rule based on arguments presented to them that privacy issues need to be carefully considered,” said Katharine Parker, a lawyer at Proskauer Rose who specializes in employment issues. In past years, courts showed sympathy for corporations that monitored personal email accounts accessed over corporate computer networks. Generally, judges treated corporate computers, and anything on them, as company property. Now, courts are increasingly taking into account whether employers have explicitly described how email is monitored to their employees. That was what happened in a case earlier this year in New Jersey, when an appeals court ruled that an employee of a home health-care company had a reasonable expectation that email sent on a personal account wouldn’t be read. And last year, a federal appeals court in San Francisco came down on the side of employee privacy, ruling employers that contract with an outside business to transmit text messages can’t read them unless the worker agrees. The ruling came in a lawsuit filed by Ontario, Calif., police officers who sued after a wireless provider gave their department transcripts of an officer’s text messages in 2002. The case is on appeal to the U.S. Supreme Court. Lawyers for corporations argue that employers are entitled to take ownership of the keystrokes that occur on work property. In addition, employers fear productivity drops when workers spend too much time crafting personal email messages. [Spotted by MIRLN reader Mathew Lodge of Symantec.]

200 WEB SITES SPREAD AL-QAIDA’S MESSAGE IN ENGLISH (Washington Post, 20 Nov 2009) - Increasing numbers of English-language Web sites are spreading al-Qaida’s message to Muslims in the West. They translate writings and sermons once largely out of reach of English readers and often feature charismatic clerics like Anwar al-Awlaki, who exchanged dozens of e-mails with the Army psychiatrist accused of the Fort Hood shootings. “If you look at the most influential documents in terms of homegrown terrorism cases, it’s not training manuals on building bombs,” Kohlmann said. “The most influential documents are the ones that are written by theological advisers, some of whom are not even official al-Qaida members.” Most of the radical Islamic sites are not run or directed by al-Qaida, but they provide a powerful tool for recruiting sympathizers to its cause of jihad, or holy war, against the United States, experts who track the activity said. The number of English-language sites sympathetic to al-Qaida has risen from about 30 seven years ago to more than 200 recently, said Abdulmanam Almushawah, head of a Saudi government program called Assakeena, which works to combat militant Islamic Web sites. In contrast, Arabic-language radical sites have dropped to around 50, down from 1,000 seven years ago, because of efforts by governments around the world to shut them down, he said.

MILITARY VIDEO SYSTEM IS LIKE YOUTUBE WITH ARTILLERY (Wired, 20 Nov 2009) - Making footage shareable and searchable online has sparked a revolution in the cute animal, stupid human, and delicious tamale communities. New software just might mean a similar upgrade for military video intelligence: Think of it as a real-time YouTube with heavy artillery. The release of the new version has just been announced. The U.S. military’s Task Force ODIN demonstrated the effectiveness of combining the video inputs from networked drones, aircraft and helicopters. When a roadside bomb went off, the team could wind back the video to see who planted it — and where they went. ODIN allegedly assisted in the takedown of thousands of insurgents in Iraq; their counterparts are starting work in Afghanistan. The process of handling, archiving and then searching through a large number of video feeds is a challenging one. That’s one of the reasons why something like YouTube can be so helpful: Instead of having to search through a pile of videotapes, you can just type in a few keywords. Even better, you can search all your friends’ video collections and they can search yours. And this is where a system like adLib produced by EchoStorm Worldwide LLC comes in. It does the same sort of thing for the military by automatically archiving video feeds along with the associated telemetry data. For example, suppose you want to find out what happened at point X at 8:30 yesterday. You don’t even have to know which platforms were in the area at the time. “You can ask for video that matches a specific location using latitude and longitude or the MGRS (Military Grid Reference System) or by clicking and dragging on a map,” David Barton of EchoStorm told Danger Room.

MEMENTO: PROTOCOL-BASED TIME TRAVEL FOR THE WEB (ReadWriteWeb, 20 Nov 2009) - The Web constantly changes and evolves. That, of course, is what makes the Internet so exciting, but it also means that finding older versions of a website is hard. The current push towards the real-time web is making this problem even more apparent. Memento, a project based at Old Dominion University, wants to make it easier to access older versions of a web page without having to go to the Internet Archive. To do this, the project is using a relatively obscure feature of the hypertext transfer protocol (HTTP). The Memento project wants to give browsers a ‘time-travel’ mode. Currently, the only way to find these pages is the Wayback Machine. According to an interview with Memento’s Herbert Van de Sompel, the mission of this project is to make it far easier for users to find older pages without having to go through the hassle of putting the right URL into the Wayback Machine’s search engine. To do this, Van de Sompel and his colleagues are exploiting a feature in the HTTP content negotiation specs that allows them to add date-and-time negotiation to the standard negotiations that already happen whenever your browser connects to a web server. Instead of just asking for the current page, a Memento-enabled browser can also ask for an older version of that page. Some servers and content management systems already offer this feature and the Memento project has developed a demo that shows how this feature would look. According to Van de Sompel, it only takes four extra lines of codes in Apache to make this work.

A LOOK AT TWITTER’S UPDATED PRIVACY POLICY (Eric Goldman’s blog, 20 Nov 2009) - As noted on Twitter’s blog, Twitter refreshed its privacy policy yesterday. Given that virtually everything Twitter does is placed under the microscope, I’m sure the policy will be pored over in detail. (Here’s a link to the updated policy and a link to the old policy.) General thoughts on the policy: The policy is short, easy to understand, and in plain English. The thrust of the policy is that most users typically use Twitter to publicly disseminate information, and users should expect any of this information to be broadly disseminated. This includes dissemination by Twitter, third party applications, search engines, etc. To the extent you want to restrict use of this information, Twitter gives you the tools to do so in your profile settings. Much of what’s in the policy is very typical of what you would find in the privacy policy of any other website or social network. However, a few things are worth mentioning:
1. Geolocation: The policy provides that you can turn geolocation on and off, and if you have it turned on, your location information is obviously broadcast and also used by Twitter. Geolocation is opt-in and this makes sense.
2. Cookies: The policy also mentions that Twitter places cookies on your computer. Virtually all privacy policies contain this, since most websites use cookies. But for some reason this part of the privacy policy jumped out at me. I guess it’s a reminder of the tremendous advertising power that Twitter could wield. Everyone who uses Twitter expresses their preferences through Twitter, by clicking on links, using applications, and just through general usage. Most people probably do more, such as expressing their food, drink, entertainment, political, and other preferences. (Some more than others.) By being able to identify the computer of someone who expresses those preferences, Twitter can build a valuable network that would be useful to advertisers. I’m not only talking about advertising on (the web client), but also advertising on other websites or networks as well. This is pretty common in the industry, and subject to attack by privacy advocates, some of whom are pushing for an opt-in system for this type of tracking. Thus far Twitter has been free of advertising, but this is likely to change, as indicated by Twitter’s own statements. (See Scoble’s link below.)
3. Metadata: Interestingly, the policy also treats tweet metadata as public information (“information you are asking us to make public”). This seems to create some grey area between information which you broadcast and is truly public, and information which is available to Twitter (but not to your followers) from your use of Twitter. Robert Scoble has a post with comments from Twitter’s COO signaling Twitter’s turn to advertising and possible use of metadata in this context. I didn’t pick up on this at first, but I think this is significant.

LAW FIRM INVOKES PRIVACY LAWS IN SUING RIVAL OVER SEARCH ENGINE KEYWORDS (, 20 Nov 2009) - A lawsuit in Wisconsin is bringing a fresh challenge to the practice of paying for keywords on Google and other search engines to boost one company’s link over a rival’s. The practice has occasionally prompted a rival to file legal challenges alleging trademark infringement. Now a Wisconsin law firm is trying a new angle -- accusing its competitor of violating privacy laws. Habush Habush & Rottier is one of Wisconsin’s largest law firms, specializing in personal injury cases. But search for iterations of “Habush” and “Rottier” and a sponsored link for Cannon & Dunphy attorneys often shows up, just above the link for the Habush site. Habush alleges that Cannon paid for the keywords “Habush” and “Rottier,” in effect hijacking the names and reputation of Habush attorneys. Cannon acknowledged paying for the keywords but denied wrongdoing, saying it was following a clearly legal business strategy. The lawsuit was filed Thursday in Milwaukee, where Habush is headquartered. Cannon is based in nearby Brookfield. Habush based its lawsuit on a Wisconsin right-to-privacy statute that prohibits the use of any living person’s name for advertising purposes without the person’s consent. “We believe this is deceptive, confusing and misleading,” firm president Robert Habush said of Cannon’s strategy. “If Bill Cannon thinks this is a correct way to do business he needs to have his moral compass taken to the repair shop.” William Cannon, the founding partner of Cannon & Dunphy, said every business uses the same tactic to remind consumers of their choices. “This is equally available to Habush if he weren’t so cheap to bid on his own name,” Cannon said. One legal expert said it wasn’t clear how successful Habush’s lawsuit would be. Ryan Calo, a fellow at the Center for Internet and Society at Stanford Law School, said the statute seemingly was meant to protect people from having their names and images misused to suggest they endorse or represent something. That’s not the case here, he said.

LEVI’S IS PAYING ORRICK A FLAT FEE TO HANDLE ALL BUT ITS IP WORK (ABA Journal, 23 Nov 2009) - Orrick, Herrington & Sutcliffe is earning a flat fee to handle all of the legal work worldwide for Levi Strauss & Co., with just one exception. Levi’s is paying Orrick an annual fee in monthly increments for all but its brand protection work, the Recorder (sub. req.) reports. Townsend and Townsend and Crew is handling that aspect of Levi’s legal business. If work needs to be done where Orrick doesn’t have an office, it will hire an outside law firm at its own expense. The arrangement is unusual because it is so all-encompassing, according to Frederick Krebs, president of the Association of Corporate Counsel. “It is still news when a big firm and a big company do a significant amount of work or transactions in that way,” Krebs told the Recorder. Orrick wouldn’t disclose how much the Levi’s deal is worth, but the story calls the deal a “multimillion-dollar arrangement.” Twenty-five percent of revenue comes from alternative billing. Orrick partner Karen Johnson-McKewan worked out the details of the deal. “The core principle that we’re operating with here is that we’re trusting each other,” she told the Recorder. “We all are committed to doing whatever we can to make it work. We know there will be bits and pieces where it may not.”

WIKILEAKS RELEASES OVER HALF A MILLION PAGER MESSAGES FROM 9/11 (ReadWriteWeb, 25 Nov 2009) - Earlier this morning, Wikileaks began to post pager messages that were sent on September 11, 2001. According to Wikileaks, these messages were intercepted by an “organization which has been intercepting and archiving US national telecommunications since prior to 9/11.” Some of these messages are from officials in police and fire departments, though a large number of messages are also from businesses. Others are automated messages to engineers that were sent by computers about network and hardware issues. Wikileaks is posting these messages semi-live - in sync with the events of 9/11. It’s not clear how Wikileaks got this data or who intercepted these messages. This archive is likely to become an invaluable source for anybody who wants to study the events and the public’s reaction on this day. Chances are that conspiracy theorists are already wading through this data looking for an official page that authorized the destruction of Building 7. As is to be expected, the archive includes many Twitter-like messages like “Bush calls World Trade Center crashes apparent terrorist attack.” Others are internal messages from unknown businesses or government departments (“please due to the incidents taking place and with trying to close centers Please do not tie up aol today unless it is business. Thanks”) or personal message (“Things are getting worse....fear is rampid...please call me. HISD are advising to come get children etc.-sm”). This thread on Reddit highlights some of the most interesting (and often shocking) messages. We don’t know the nature of Wikileaks this source yet, so it’s only prudent to treat this data with some skepticism. Wikileaks, however, has a track record of releasing authentic information and it seems unlikely (but not impossible) that somebody would go through the trouble of writing 500,000 pager messages just to be featured on Wikileaks.

GOOGLE PROFILES TURN INTO OPENIDS (TechCrunch, 25 Nov 2009) - As part of its push to go more social, Google has been attempting to unify its various account profiles into one Google Profile. And now it’s more useful. Google’s Brad Fitzpatrick has just tweeted out that Google Profiles can now be used as OpenIDs. What this means is that you can sign into any site that accepts OpenID simply by using your Google Profile domain. Luckily, a few months ago Google started allowing these profiles to have vanity URLs, like /mgsiegler, instead of the previous /32090329039402903. Chris Messina, a huge proponent of the open web movement, has just sent out a picture of what signing in with OpenID via your Google Profile looks like.

**** RESOURCES ****
8 THINGS TO REMEMBER WHEN IMPLEMENTING AN E-MAIL POLICY (Digital Landfill, 12 Nov 2009) – [useful checklist and explication]: [Spotted by MIRLN-reader Claude Baudoin of Cebe KM and IT.]

**** FUN ****
WIFI BODY SCALE AUTO-TWEETS EACH TIME YOU STEP ON IT (Mashable, 10 Nov 2009) - This sounds like our worst nightmare, but a WiFi Body Scale has hit the market, and it’s designed to auto-tweet your every weigh-in along with the number of pounds you need to gain or lose to reach your goal. The enhanced $159.99 scale is available for purchase from the manufacturer’s website. Previously able to record weight data and track it via an iPhone app, the addition of auto-tweeting is apparently a motivational feature to keep you focused on your weight-loss (or gain) goals. Should this seemingly outlandish functionality appeal to you, you can configure your Twitter account for auto-posting on a per weigh-in, daily, weekly, or monthly basis after the initial Twitter activation process. The scale records your body weight, lean & fat mass (ouch), and body mass index, all of which is posted to your personal webpage and/or the iPhone application. [Editor: Clearly moves Web 2.0 into the TMI space.]

**** LOOKING BACK ****
FORMER VOLUNTEERS SUE AOL, SEEKING BACK PAY FOR WORK (New York Times, 26 May 1999) - Two former volunteers for America Online have filed a lawsuit in Federal Court in Manhattan in an attempt to obtain back wages, saying that they and thousands of other volunteers should have been compensated for their work. The plaintiffs, Kelly Hallisey of Nassau County and Brian Williams of Dallas, allege that AOL violated the Fair Labor Standards Act, a Federal law that mandates a minimum hourly wage for employees, by using volunteers to perform work for the on-line service. They and their lawyer, Leon Greenberg, said they were hoping other volunteers for the on-line service would join the suit, which was filed Monday. The amount of damages sought was not specified. The volunteers, called community leaders, perform a variety of tasks for the service, like moderating on-line discussions and overseeing other volunteers. [Editor: today, could the analogue be crowd-sourcing volunteers?]

**** NOTES ****
MIRLN (Misc. IT Related Legal News) is a free product for members of the American Bar Association’s Cyberspace Law Committee, et al., and is produced by KnowConnect PLLC. Members of the ABA Cyberspace Law Committee automatically receive MIRLN postings (about every third week); members can manage their subscriptions at (find the “Listserves” box; MIRLN comes through the CLCC-MEMS listserve). Others who wish to be added to the MIRLN distribution list should send email to Vince Polley ( with the word “MIRLN” in the subject line, and similarly will be removed from the distribution list after sending email to Vince with the words “MIRLN REMOVAL” in the subject line.

Recent MIRLN issues are archived at

SOURCES (inter alia):
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School,
2. Edupage,
3. SANS Newsbites,
4. NewsScan and Innovation,
5. BNA’s Internet Law News,
6. Crypto-Gram,
7. McGuire Wood’s Technology & Business Articles of Note,
8. Steptoe & Johnson’s E-Commerce Law Week,
9. Eric Goldman’s Technology and Marketing Law Blog,
10. Readers’ submissions, and the editor’s discoveries.

This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.

No comments: