Saturday, June 03, 2017

MIRLN --- 14 May – 3 June 2017 (v20.08)

MIRLN --- 14 May - 3 June 2017 (v20.08) --- by Vince Polley and KnowConnect PLLC (supplemented by related Tweets: @vpolley #mirln)



Tor books launching "Tor Labs", a new serialized fiction podcast imprint (TOR, 1 May 2017) - Tor Books, a leading global publisher of science fiction and fantasy, announced today that it is launching TOR LABS, a new imprint emphasizing experimental approaches to genre publishing, beginning with original dramatic podcasts. Helmed by Senior Editor Marco Palmieri and Editor Jennifer Gunnels, Tor Labs will debut this summer with Steal the Stars , a science fiction audio drama which will be produced in partnership with Gideon Media and written by Mac Rogers, the award-winning writer of the global hit podcast thrillers, The Message and LifeAfter . * * * Steal the Stars is a noir science fiction thriller in 14 episodes, airing weekly from August 2 - November 1, 2017, and available worldwide on all major podcast distributors through the Macmillan Podcast Network. It will be followed immediately by a novelization of the entire serial from Tor Books, as well as an ads-free audio book of the podcast from Macmillan Audio. [ Polley : emphasis supplied; not sure how this'll work.] top

6th Circuit nominee wrote more than 400 blog posts under pseudonym; should they sink his nomination? (ABA Journal, 2 May 2017) - The blogger who identified himself as "G. Morris" on the blog Elephants in the Bluegrass was actually John K. Bush, a partner and co-chair of the litigation department at Bingham Greenebaum Doll in Louisville, Kentucky. Bush disclosed his blogging in a Senate Judiciary Committee questionnaire after he was nominated to the Cincinnati-based 6th U.S. Circuit Court of Appeals earlier this month, BuzzFeed News reports. Bush wrote more than 400 blog posts from 2007 to 2016 on the blog founded by his wife, lawyer Bridget Bush, according to BuzzFeed. In his blog posts. Bush called for repeal and replacement of the Affordable Care Act, opposed public financing of political campaigns, and wrote that the two greatest tragedies in the United States were slavery and abortion. He also called U.S. Sen. Ted Cruz a sore loser. The Alliance for Justice calls Bush's blog posts "inflammatory and, often, offensive" in a post at its Justice Watch blog. The blog asserts that Bush's posts raise serious concerns about whether Bush will be able to approach the issues with an open mind, and they should disqualify him for a seat on the federal bench. "While Bush pontificates on a broad swath of issues," Justice Watch says, "one common theme runs throughout his writings: Bush displays a remarkable contempt for any issue he deems liberal or progressive." top

Hackers face $8.9 million fine for law firm breaches (Dark Reading, 9 May 2017) - Three Chinese stock traders were ordered to pay $8.9 million in fines and penalties for hacking into two law firms and stealing information on upcoming mergers and acquisitions and then leveraging the information to trade stocks. A federal court in New York ordered Iat Hong, Bo Zheng, and Hung Chin to pay fines, as well as Hong's mother Sou Cheng Lai who held a bank account where the proceeds from the stock sales were kept, according to a copy of the judgment posted by SC Media. The three hackers installed malware on the law firms' computer networks, enabling them to view emails on mergers and acquisitions in which the firms were involved. With the information, the attackers purchased stock in at least three public companies prior to their merger announcements, according to the Securities and Exchange Commission (SEC), which filed the lawsuit against the hackers . The hackers shelled out roughly $7.5 million within a month's time to buy shares in Altera prior to its 2015 acquisition by Intel. The defendants also snapped up shares in Borderfree before its 2015 buyout by Pitney Bowes, and also acquired shares in InterMune before its 2014 merger deal with Roche, according to the SEC. With these transactions, the trio racked up nearly $3 million in illegal profits, the SEC stated. top

- and -

Breaches can crater companies' stock by 5% (Dark Reading, 15 May 2017) - Public companies that suffer a breach get hit with a double whammy of not only dealing with the attack but also face the prospect of their stock price falling an average of 5% on the day of the breach, according to a survey by the Ponemon Institute and commissioned by Centrify. The study looked at a survey of 1,331 security and IT employees, senior level marketers and corporate communications professionals and consumers. Some 31% of customers affected by a public firm's breach dropped their relationship with the company post-breach, resulting in a 7% customer churn rate. Meanwhile, companies with an inadequate security posture encountered as much as a 7% stock drop on the day of the breach, and 120 days after the attack the stock did not regain its previous level before the breach. Companies with a high security posture only encountered up to a 3% stock drop and were able to regain and move to higher levels 120 days after the attack. Only 20% of CMOs and 5% of IT professionals indicate they would be concerned about the impact of a breach on the company's stock price. Read more about the survey here . top

- and -

Cyberattacks once again roil Hollywood, but can anything be done about it? (LA times, 23 May 2017) - Like most large corporations, major Hollywood studios are fond of outsourcing. From coming attraction trailers that are designed to draw audiences into cinemas to eye-popping 3-D visual effects that burst off the screen, studios routinely farm out large chunks of work to vendors around the globe who compete to provide lowest-cost solutions. And therein lies a big cybersecurity problem, according to experts. Hackers increasingly are targeting these vendors to pilfer movies and TV series prior to their releases. The cyberthieves are betting - correctly in some cases - that lax network security at these vendors will allow easy access to content that they can hold hostage for a ransom. That was the case with two recent cyberattacks aimed at Walt Disney Co. and Netflix. The streaming company said that the hack of the TV series "Orange I s the New Black" occurred at a production vendor that works with other TV studios. While details of the Disney attack are murky, Chief Executive Bob Iger told employees last week that hackers claimed to have stolen a movie and are threatening to release it in segments until their demands for ransom were met. The hack involved the new "Pirates of the Caribbean" sequel set for release Friday and occurred at a post-production facility located outside the studio, according to people familiar with the matter who were not authorized to speak about it. * * * The Netflix attack was claimed by a hacker known as the Dark Overlord, which offered its signature "business proposal," as it calls it, to several healthcare and financial firms after claiming access to their confidential files. Episodes from the new season of "Orange Is the New Black" were uploaded after the company refused to pay the ransom. It remains unclear whether Disney has paid the ransom to the hackers who claimed to seize its upcoming summer blockbuster "Pirates of the Caribbean: Dead Men Tell No Tales." So far, it does not appear that the film has been distributed online. Experts in cybersecurity say that studios need to better manage the network security of third-party companies, many of which are small firms that don't have the resources to defend against sophisticated attacks. Those companies often have temporary employees working on individual projects. The studios "need to have visibility into the info ecosystems of their partners. They need to look at what their partners' networks are like," said Alexander Heid, chief research officer at Security Scorecard, a New York-based network security firm that rates and monitors third-party vendors. He said hackers often use phishing techniques to infiltrate systems but are increasingly taking advantage of password re-use - when people use the same password across multiple accounts. top

- and -

Top-five critical security controls to consider for corporate counsel evaluations (InsideCounsel, 23 May 2017) - Corporations consider many different factors when deciding whether to hire a law firm. Fees, clients, industry knowledge and capabilities have always been important aspects of the hiring process. Security wasn't usually a major factor, and law firms used to fly under the radar when it came to questions about keeping client data secure. That has all changed. Now, law firm security breaches regularly make headlines . Large and respected firms have been "weak links" for malicious exploitation, and their clients can pay the price with publicly exposed information about cases, strategies, acquisitions, intellectual property and more. Corporate counsel, and the C-suite to which they report, are becoming increasingly mindful of this risk. They are starting to demand that their outside counsel adhere to strict security protocols and undergo in-depth evaluations. One way law firms can address clients' security concerns is to apply Critical Security Controls. These controls are established by the Center for Internet Security (CIS) and are designed to be a "concise, prioritized set of cyber practices created to stop today's most pervasive and dangerous cyber attacks," according to the organization. Experts from around the world are called on to develop, refine and validate the controls. In order to prepare for any grilling by corporate legal departments, here are the top-five CIS controls law firms should consider. By anticipating these questions and preparing to address concerns, firms will offer a secure relationship with corporate clients and score a competitive advantage. * * * top

- and -

UK cyber chief says directors are devolving responsibility for hacks (The Telegraph, 25 May 2017) - GCHQ has demanded that directors start taking charge of cyber security, warning that they are "devolving responsibility" for protecting businesses from hackers. Ciaran Martin, the head of the agency's National Cyber Security Centre (NCSC), said it is unacceptable for boards to plead ignorance about the threat from cyber attacks. It comes after this month's debilitating "WannaCry" ransomware outbreak , which caused chaos in the NHS and brought operations at factories and train stations to a halt. "Our business leaders need to stop saying that cyber security is too complicated - and stop devolving responsibility," Mr Martin said at The Telegraph Cyber Security conference. "Boards must start to treat cyber threats with the same level of critical importance as they do financial or legal issues. It needs to be unthinkable that a board member would say that cyber issues are too complex for them to make judgements about." top

HP issues fix for 'keylogger' found on several laptop models (ZDnet, 12 May 2017) - An audio driver installed in several HP laptops contains a keylogger-type feature that records every keystroke entered into the computer into a log file, according to a security researcher. Swiss security firm Modzero said in a security advisory Thursday that the keylogger activity was discovered in the Conexant HD audio driver package (version and earlier), found on dozens of HP business and enterprise laptop models, including HP Elitebook, ProBook, and ZBook models -- including the latest Folio G1 laptop. Anyone (or malware) with local access to the user's files on an affected computer, could obtain passwords, visited web addresses, private messages, and other sensitive information. HP has since rolled out patches to remove the keylogger, which will also delete the log file containing the keystrokes. HP vice-president Mike Nash said on a call after-hours on Thursday that a fix is available on Windows Update and for newer 2016 and later affected models, with 2015 models receiving patches Friday. He added that the keylogger-type feature was mistakenly added to the driver's production code and was never meant to be rolled out to end-user devices. The pre-installed audio driver installs a driver located in the Windows system folder, which is scheduled to start every time the user logs in. Modzero describes the application as a crude way to check to see if a hotkey was pressed by monitoring "all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkey." The application then logs each keystroke into an unencrypted log file stored in the user's home directory. The log file is overwritten every time the user logs in. In the case that a log file doesn't exist, Modzero says that the driver's API can allow malware to "silently capture sensitive data by capturing the user's keystrokes." top

Cord cutting is surging with 58% of US cord cutters cancelling pay-tv in the past two years (TeleCompetitor, 12 May 2017) - Over half of U.S. cord cutters (51.8%) canceled their pay-TV service subscriptions in 2015 and 2016, according to new market research TDG (The Diffusion Group). One-third did so last year, TDG said. TDG predicted that high prices and the growing popularity of on-demand OTT (Over the Top) video service alternatives would fuel a rapid rise in cord cutting and come to haunt cable, satellite, and telco pay-TV providers nearly a decade ago, TDG co-founder and principal Michael Greeson pointed out. The shift also would be accompanied by declining ARPU (average revenue per user) among existing video subscribers, TDG forecast. Having attained mainstream market status, the wide-scale availability of OTT video alternatives, such as Netflix and Amazon Prime, continues to prod viewers to reassess the value, and need, for cable and other legacy pay-TV services, Greeson continues. "Spending $70+/month for service that provides 2X value seems odd when you can pay $10/month for a service with 1X value," he notes. top

The US standards office wants to do away with periodic password changes (Quartz, 12 May 2017) - New guidelines from the US National Institute of Standards and Technology (NIST), expected to be released this summer, suggest that periodic password changes are no longer necessary. The report also recommends changes to several other password policies that have become antiquated in the modern computing environment: (a) Allow at least 64 characters in length to support the use of passphrases; (b) Encourage users to make memorized secrets as lengthy as they want, using any characters they like (including spaces), thus aiding memorization; (c) Do not impose other composition rules (e.g. mixtures of different character types) on memorized secrets. * * * The NIST just finished taking comments on its guidelines from the public, which it's now publicly reviewing on GitHub. The new standards will initially apply only to government agencies and contractors, but many organizations in the private sector tend to follow the agency's lead on security standards. With any luck, you too may soon stop seeing that annoying password-change pop-up on your work computer. top

Under Trump, inconvenient data is being sidelined (WaPo, 14 May 2017) - The Trump administration has removed or tucked away a wide variety of information that until recently was provided to the public, limiting access, for instance, to disclosures about workplace violations, energy efficiency and animal-welfare abuses. Some of the information relates to enforcement actions taken by federal agencies against companies and other employers. By lessening access, the administration is sheltering them from the kind of "naming and shaming" that federal officials previously used to influence company behavior, according to digital experts, activists and former Obama administration officials. The Occupational Safety and Health Administration, for instance, has dramatically scaled back on publicizing its fines against firms. And the Agriculture Department has taken ­offline animal-welfare enforcement records, including abuses in dog breeding operations and horse farms that alter the gait of horses through the controversial practice of "soring" the animals' legs. In other cases, the administration appears to be dimming the prior spotlight on the background and conduct of top officials. The administration no longer publishes online the ethics waivers granted to appointees who would otherwise be barred from joining the government because of recent lobbying activities. Nor is the White House releasing logs of its visitors, making it difficult for the public to keep track of who is stopping by to see President Trump's inner circle. The administration has also removed websites and other material supporting Obama-era policies that the White House no longer embraces. Gone, for instance, is a White House Web page that refugees fleeing Syria and other embattled nations. top

Here's how Facebook knows who you meet in real life (Vocativ, 16 May 2017) - A couple months ago a friend and I went to Colombia for vacation. While we were at the beach one day, we met a group of people and spent several hours hanging out with them. We never exchanged phone numbers or email addresses, we didn't share much information about ourselves other than our names and where we lived, and we didn't connect on social media. I didn't even have my phone on me at the time. However, when I got back to New York and checked Facebook, I saw that two of the people we met popped up in my "People You May Know" recommendations. Weird, I thought. Actually, it's creepy. Is Facebook tracking my every step? Facebook's brand is based on the community it creates, and its mission is to connect everybody in the world. So it only makes sense that the platform frequently suggests new friends for users to add to their networks. But in the past, the company's suggestions for connecting users have raised some eyebrows. For example, take the story about a psychiatrist who claimed her patients were popping up on her list of suggested friends (and on each other's lists) after visiting her office, which is obviously problematic for medical privacy reasons. The psychiatrist is far from the only Facebook user to discover mysterious friend suggestions - for years there have been stories of people who go on dates, attend parties or browse through a book store only to see people they interacted with in person pop up in their Facebook at a later date. None of these connections are coincidences, of course. So how does it happen? * * * top

- and -

Google can now track your offline purchases (Extreme Tech, 24 May 2017) - Google runs the world's largest and most profitable online ad network, but the lion's share of ad dollars still go to TV. The search giant is looking to change that by associating online ads with purchases in the real world - your purchases. Google has partnered with companies responsible for tracking purchase data, which gives it access to about 70 percent of all US credit and debit card transactions . This all comes off as a little creepy, but Google is adamant that it's not creepy at all. Right now, Google and other online advertisers lack the data to draw a strong connection between online ads and purchases in real life. Google has the tools to track what you buy online, assuming you remain logged into your account and choose to share your browsing data. Offline, Google can do little more than track your location to guess at what you're buying and peek at data from Android Pay. Google's hope is that offline purchase data will confirm that the ads you see online do, in fact, influence what you buy in real life. That could tempt companies to increase ad spending online, which would be a windfall for Google. This new wealth of data from brick-and-mortar merchants will allow Google to associate your real life purchases with the ads it shows you online. For instance, if you clicked on an ad while searching for a new camera, but didn't buy anything, the advertiser would conclude the ad didn't work. However, what if you went to the advertiser's physical store and bought it? That's potentially even more valuable to the advertiser, but Google needs a way to connect those two actions. Google says it anonymizes the data it uses to identify users in ad tracking by converting all personal information to a string of characters. Neither Google nor third-parties can connect that value to a real person. So, technically all an advertiser knows is that unique ID saw an ad online and then showed up in a store to buy something. The only difference now is that your unique ID will be popping up in real life. If you're still getting the heebie-jeebies from this, Google does include ample privacy tools to limit what data it can collect and use. Swing by your Google Dashboard and log in with your account. You can turn off ad personalization and use your activity controls to stop Google from collecting data from searches, location, and more. Keep in mind, many Google services will be less useful if you turn these features off. Alternatively, you can simply stay logged out of Google unless you specifically need to access your account. top

Blockchain technology and insurance (Hunton & Williams, 17 May 2017) - Many commentators have predicted that the use of blockchain technology will greatly expand in the coming years. They envision uses in all types of business, including the healthcare sector, financial services arena, and supply chains. * * * In January, Accenture and McLagan released a report finding that blockchain may "reduce infrastructure costs for eight of the world's ten largest investment banks by an average of 30 percent, translating to $8 billion to $12 billing in annual cost savings for those banks." Earlier this year, Accenture teamed up with BP, BNY Mellon, Intel, JP Morgan, Microsoft, Thomson Reuters, and UBS, among others, to form an alliance to works towards putting blockchain to use for businesses. While blockchain is said to increase security, the technology is not without its risks. See Hunton's article regarding blockchain and security risks, which can be found here . In 2015, Interpol said that hackers could use blockchain to transfer malware to computers. In 2013, a blockchain in the Mt. Gox Bitcoin exchange, which was handling 70% of all bitcoin transactions, suffered a glitch resulting in Bitcoin temporarily shedding a quarter of its value. Thus, companies should consider how their insurance policies and particularly how their cyber insurance policies can protect them against risks arising out of the use of blockchain technology. To take one example, one insurer's policy form provides coverage for the "failure or violation of the security of a Computer System," and defines "Computer System" to include "'cloud computing'" and other hosted resources operated by a third party service provider . . . ." It is not clear whether the insurer would consider blockchain technology to fall within this definition, particularly because blockchains are peer-to-peer networks not operated by a third-party. top

Feds are using Stingray cell-trackers to find undocumented immigrants (The Verge, 19 May 2017) - As Immigration and Customs Enforcement steps up its deportation efforts, the agency is turning to a controversial surveillance device. According to a report by The Detroit News , local agents recently used a cell-site simulator (also known as a Stingray) to locate a Salvadorean restaurant worker, tracing his cell-phone signal to a home in the Detroit metro area. It's one of the first cases of ICE using Stingrays under the Trump administration, raising new questions about the federal use of the device for civil immigration enforcement. Typically used to locate devices tied to a specific phone number, cell-site simulators have been the subject of significant controversy in recent years. The devices work by mimicking the signal of a cell tower, then collecting information from every device that attempts to connect. As a result, they can disrupt cell service in areas where they are used, and often collect vast amounts of information from non-targeted phones. Use of the devices is widespread within law enforcement, but remained secret for many years. The devices were only made public after a protracted legal appeal resulting from a fraud case . Among other projects, the US Marshals service deployed the devices from small, low-flying planes as a way of locating a single fugitive in a dense urban area. The Department of Homeland Security (which includes ICE) operates at least 124 Stingray devices, according to a congressional report last year . In 2015, DHS issued an agency-wide policy requiring a search warrant to deploy the devices. ICE has arrested 41,300 people for deportation since Trump's inauguration, according to recently released statistics . More than 10,000 of those people had no criminal conviction, a sign of the agency's new focus on available targets rather than criminal offenders. top

Why the US government open sources its code (Slashdot, 21 May 2017) - He's been the White House technology advisor since 2015, and this month Alvand Salehi delivered a keynote address at OSCON about the U.S. government's commitment to open source software. An anonymous reader quotes The Federal Source Code Policy, released in August 2016, was the first U.S. government policy to support open source across the government... All new custom source code developed by or for the federal government must be available to all other federal agencies for sharing and reuse; and at least 20% of new government custom-developed code must be released to the public as open source . It also established as a platform for access to government-developed open source code and a way for other developers to participate. Before this policy was released, agencies were spending a lot of money to redevelop software already in use by other government agencies. This initiative is expected to save the government millions of dollars in wasteful and duplicative spending on software development. Because of this, Salehi said, open source is not a partisan issue, and " is here to stay." Another benefit: Releasing open source code allows the government to benefit from the brainpower of developers across the country to improve their code. points potential contributors to their code repository on GitHub . top

Vermont DMV caught using illegal facial recognition program (Vocativ, 24 May 2017) - The Vermont Department of Motor Vehicles has been caught using facial recognition software - despite a state law preventing it. Documents obtained by the American Civil Liberties Union of Vermont describe such a program, which uses software to compare the DMV's database of names and driver's license photos with information with state and federal law enforcement. Vermont state law , however, specifically states that "The Department of Motor Vehicles shall not implement any procedures or processes… that involve the use of biometric identifiers." The program, the ACLU says, invites state and federal agencies to submit photographs of persons of interest to the Vermont DMV, which it compares against its database of some 2.6 million photos and shares potential matches. Since 2012, the agency has run at least 126 such searches on behalf of local police, the State Department, FBI, and Immigrations and Customs Enforcement. Vermonters are hardly alone in being unwitting entrants in a facial recognition database. Due to law enforcement information sharing practices, half of all U.S. citizens' photographs - whether from a driver's license, state ID, or passport - are in some sort of police database, according to a 2016 Georgetown University study. top

Sanborn fire insurance maps now online (Library of Congress, 25 May 2017) - The Library of Congress has placed online nearly 25,000 Sanborn Fire Insurance Maps, which depict the structure and use of buildings in U.S. cities and towns. Maps will be added monthly until 2020, for a total of approximately 500,000. The online collection now features maps published prior to 1900. The states available include Arizona, Arkansas, Colorado, Delaware, Iowa, Kentucky, Louisiana, Michigan, Nebraska, Nevada, North Dakota, South Dakota, Vermont, Wisconsin and Wyoming. Alaska is also online, with maps published through the early 1960s. By 2020, all the states will be online, showing maps from the late 1880s through the early 1960s. In collaboration with the Library's Geography and Map Division, Historical Information Gatherers digitized the Sanborn Fire Insurance Maps during a 16-month period at the Library of Congress. The Library is in the process of adding metadata and placing the digitized, public-domain maps on its website. The Sanborn Fire Insurance Maps are a valuable resource for genealogists, historians, urban planners, teachers or anyone with a personal connection to a community, street or building. The maps depict more than 12,000 American towns and cities. They show the size, shape and construction materials of dwellings, commercial buildings, factories and other structures. They indicate both the names and width of streets, and show property boundaries and how individual buildings were used. House and block numbers are identified. They also show the location of water mains, fire alarm boxes and fire hydrants. In the 19th century, specialized maps were originally prepared for the exclusive use of fire insurance companies and underwriters. Those companies needed accurate, current and detailed information about the properties they were insuring. The Sanborn Map Company was created around 1866 in the United States in response to this need and began publishing and registering maps for copyright. The Library of Congress acquired the maps through copyright deposit, and the collection grew to 700,000 individual sheets. The insurance industry eventually phased out use of the maps and Sanborn stopped producing updates in the late 1970s. The Library's Geography and Map Division is among the world's largest map collections, holding some six million cartographic items in various languages dating from the 14th century to the present. Some of its most important collections are available online at . Further information about the Geography and Map Division can be found at . top

Man fined by Swiss court for 'liking' defamatory comments on Facebook (The Guardian, 30 May 2017) - A Swiss court has fined a man for "liking" defamatory comments on Facebook , in what is believed to be the first case of its kind. According to a statement from the Zurich district court, the 45-year-old defendant accused an animal rights activist, Erwin Kessler, of racism and antisemitism and hit the "like" button under several comments from third parties about Kessler that were deemed inflammatory. The comments were made in 2015 during heated discussions on a range of Facebook groups about which animal welfare groups should be permitted to take part in a vegan street festival, the Swiss daily Tages Anzeiger reported. Kessler sued more than a dozen people who took part in those exchanges, a lawyer for one of the defendants, Amr Abdelaziz, said. Several people have already been convicted in the case, mainly for comments they made. It appears the man convicted on Monday was the first to be sanctioned merely for "liking" comments made by others. The court said it did not matter that the comments had not originated from the defendant, whose name was not given. By clicking the like button, "the defendant clearly endorsed the unseemly content and made it his own," the court statement said. top

Pagefreezer provides court-admissible on-demand website and social media evidence (Lawyerist, 30 May 2017) - It is getting more and more important for attorneys to be able to collect social media and website evidence in a format that can be used in litigation. Many types of cases-employment, personal injury, online harassment-can turn on social media posts. Attorneys are faced with a problem: how can they prove something appeared on a website or social media account on a certain day or time when the content of those pages changes constantly? Enter PageFreezer Legal . PageFreezer Legal makes it very simple to collect website and social media evidence in a format that is admissible in court proceedings. Attorneys can just visit and type the link of the webpage or social media account they need to capture. PageFreezer Legal then provides, within one business day, time-stamped and digitally signed screen captures in PDF format. The report also includes the HTML source code, including metadata, and a full collection report. A notarized affidavit is also available. Once collected, the information can easily be imported into most eDiscovery programs. top

Parents have no right to dead child's Facebook account, German court says (Reuters, 31 May 2017) - A German court rejected a mother's demand on Wednesday that Facebook grant her access to her deceased daughter's account. In the ruling, which overturned a lower court's decision, the Berlin appeals court said the right to private telecommunications extended to electronic communication that was meant only for the eyes of certain people. Privacy remains a sensitive issue in Germany due to extensive surveillance by Communist East Germany's Stasi secret police and by the Nazi era Gestapo. Memories of espionage were stirred anew by Edward Snowden's 2013 revelations of prying by the United States. In the Facebook case, the mother of a 15-year-old who was hit and killed by a subway train in Berlin in 2012 had sought access to her daughter's account to search for clues as to whether the girl had committed suicide. Facebook had refused access to the account, which had been memorialized, meaning it was effectively locked and served as a message board for friends and family to share memories. A regional court in Berlin had ruled in favor of the mother in late 2015, saying that the daughter's contract with Facebook passed to her parents according to German laws on inheritance. The appeals court said on Wednesday that the right to private telecommunications outweighed the right to inheritance, and that the parents' obligation to protect their daughter's rights expired with her death. top

Flight delay? Get reimbursed with this clever app (Mashable, 31 May 2017) - When it launched in 2013, AirHelp made a simple promise: Report your flight disasters to the company's customer service agents, and they'll litigate against airlines on your behalf. You don't have to pay a penny-unless they manage to get you a settlement. And when they do, the service takes a 25 percent cut. Simple. On Tuesday, the three-year-old company is taking its next step toward seamless airline compensation with an expansion of its namesake app. Offered free on the iTunes and Android Play stores, the app used to require that travelers fill out a short survey and provide a description of their issue to initiate a claim; now, travelers can simply scan an image of their boarding pass and let AirHelp take care of the rest. With the information from your boarding pass stored in the AirHelp system, the company can track your flight for delays, cancelations, and overbooking so claims can get rolling before you pick up the phone. "Before we came along, people didn't know about their rights at all," said AirHelp Chief Executive Officer Henrik Zillmer. "Most people don't know the law-and even if they did, they might not know what they're entitled to. It's actually very complicated, and that's why we exist." Now, roughly one in three Europeans is aware of air passenger rights, according to Zillmer. "We still have a huge educational learning curve ahead of us." To date, AirHelp has processed claims for 2 million air passengers for a total compensation of $195 million. (Zillmer said the average payout runs from $500 to $600, often divided among multiple family members flying together and filing a joint claim.) The boarding pass scanner, he said, will make it easier to help more people more efficiently. "Now we can instantly tell you how the laws are applied in your circumstance and what the airline owes you in your situation," said Zillmer of the feature, saying it takes just two or three seconds to file a claim. Though the process was never terribly cumbersome, he says that every additional survey question prompts drop off, and automatic tracking means passengers will get pop-up notifications when they're eligible for compensation. All they have to do is give AirHelp permission-with one tap-to go after their case. "It's like AAA for air passengers," joked Zillmer. So what are you entitled to? If you're flying into, out of, or within Europe-or on a Europe-based carrier-chances are you're entitled to more than you think. In those cases, travelers are entitled to as much as 600 euros ($670) for flight delays, depending on the length of the delay and the travel distance. Regulations in the U.S. are less generous towards passengers. Domestic travelers aren't subject to compensation for traditional flight delays-but tarmac delays and involuntary boarding denials (which happen when your flight is oversold and you're forced to give up your seat) can warrant a payout of up to $1,350. So do lost, delayed, or damaged luggage claims-for which AirHelp can secure up to $1,220 in reparations. The catch, said Zillmer, is that you need receipts to show the value of what was inside your luggage if anything has gone missing. Elsewhere, legislation varies. But AirHelp, which offered support only for European flights at its inception, can now handle claims in more than 30 countries around the world-and in 15 languages. (The company breaks down regional differences in clear terms here .) top

BC's small claims disputes go online today (CBC, 1 June 2017) - British Columbians will be able to resolve their small claims disputes on or under $5,000 through an online tribunal starting today . According to the tribunal, the digital project is a first in Canada where small claims disputes will be filed, negotiated and resolved almost exclusively online. Telephone and mail services will be available for anyone without Internet access. Shannon Salter, the chair of the Civil Resolution Tribunal, says she hopes the online system will be faster than the current system and increase access to justice. Salter says the online system will also have a "solution explorer" to begin the process which is free for anyone use. "[There are] basic, plain language questions and answers to give you free legal information about your claim as well as things like template letters you can use to try and resolve it yourself," she said. top


Made with Creative Commons (Slashdot, 28 May 2017) - ChristianVillum writes: Creative Commons staff-members Sarah Hinchliff Pearson and Paul Stacey have now published Made With Creative Commons , the awaited book they successfully funded on Kickstarter in 2015 . "Made With Creative Commons is a book about sharing," explains the book's description. "It is about sharing textbooks, music, data, art, and more. People, organizations, and businesses all over the world are sharing their work using Creative Commons licenses because they want to encourage the public to reuse their works, to copy them, to modify them... But if they are giving their work away to the public for free, how do they make money? "This is the question this book sets out to answer. There are 24 in-depth examples of different ways to sustain what you do when you share your work. And there are lessons, about how to make money but also about what sharing really looks like -- why we do it and what it can bring to the economy and the world. Full of practical advice and inspiring stories, Made with Creative Commons is a book that will show you what it really means to share." There's free versions in PDF, ePub, and MOBI formats for downloading from the Creative Commons site, and there's also an edit-able version on Google Docs. A small Danish non-profit publisher named Ctrl+Alt+Delete Books is also publishing print copies of the book under a Creative Commons license "to ensure easy sharing," and is making the book available on Amazon or through the publisher's own web site . top


(note: link-rot has affected about 50% of these original URLs)

Feds give web access to lobbying records (NBC, 1 June 2007) -- The Justice Department has launched a searchable online database that tracks the activities of foreign governments and companies lobbying the U.S. government. Previously, people seeking this information had to phone the Justice Department or visit its office in person to get public disclosure documents, which representatives of foreign entities are required to provide under the Foreign Agents Registration Act, or FARA. Passed in 1938, FARA requires all individuals acting as agents of foreign entities in a political or quasi-political capacity to disclose their relationship, activities, receipts and payments supporting the activities. Under a federal law enacted in 1995, Congress also requires lobbyists working for American companies, associations and other entities to disclose activities that could influence members of the executive and legislative branches. Those public documents are available online through a Senate Web site. The new Justice Department site,, also provides links to lobbying statutes, semiannual reports to Congress and access to registration forms for filing purposes. "This Web site is a significant step in the effort to ensure transparency in the world of foreign-influenced lobbying," Kenneth L. Wainstein, assistant attorney general for national security, said in a statement. The agency said some documents are still unavailable online due to potential privacy issues. However, they can still be accessed at the FARA public office. top

Legal departments tell firms: Get on the tech train (, 21 Feb 2007) -- When Aon Corp. slashed its outside counsel roster from about 400 to 23 law firms in 2005, it quizzed the firms about their tech offerings. "We asked them about extranets, e-billing and litigation management," says David Cambria, director of legal operations at the Chicago-based insurance giant. But Cambria says that he didn't really care whether firms had all of those products. He had another agenda: "I wanted to know if [the firms] were playing in the same pool as me," says Cambria. When they crafted the tech section of their request for proposal, Cambria and his colleagues started from the assumption that all the firms they were interviewing had experienced, capable lawyers. But "we wanted to take it to a higher level, and the most successful firms were the ones that told us how they'd help us do what we do better, with technology," he says. What's changed? Traditionally a cost center, legal departments have come under increasing pressure to keep costs down at the same time that they're struggling to keep their technology current. "General counsel are being held to budgets," says Woods Abbott, senior manager of legal operations-corporate at Raytheon Co. This year's survey, our fourth in which we queried the technology heads of Fortune 500 corporations, shows that in many respects, law departments have had a technical awakening, and finally are getting the goodies everyone else in corporate America takes for granted. top


MIRLN (Misc. IT Related Legal News) is a free e-newsletter published every three weeks by Vince Polley at KnowConnect PLLC. You can subscribe to the MIRLN distribution list by sending email to Vince Polley ( ) with the word "MIRLN" in the subject line. Unsubscribe by sending email to Vince with the words "MIRLN REMOVAL" in the subject line.

Recent MIRLN issues are archived at . Get supplemental information through Twitter: #mirln.

SOURCES (inter alia):

1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School,

2. InsideHigherEd -

3. SANS Newsbites,

4. Aon's Technology & Professional Risks Newsletter

5. Crypto-Gram,

6. Eric Goldman's Technology and Marketing Law Blog,

7. The Benton Foundation's Communications Headlines

8. Gate15 Situational Update Notifications,

9. Readers' submissions, and the editor's discoveries

This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

PRIVACY NOTICE: Addresses and other personal information provided during the subscription process will be kept confidential, and will not be used for any other purpose. top

No comments: