Saturday, October 25, 2008

MIRLN -- 5-25 October 2008 (v11.14)

**************Introductory Note**********************

MIRLN (Misc. IT Related Legal News) is a free product for members of the American Bar Association’s Cyberspace Law Committee, et al., and is produced by KnowConnect PLLC.

Members of the ABA Cyberspace Law Committee automatically receive MIRLN postings (about every third week); members can manage their subscriptions at http://www.abanet.org/dch/committee.cfm?com=CL320000 (find the “Listserves” box; MIRLN comes through the CLCC-MEMS listserve). Others who wish to be added to the MIRLN distribution list should send email to Vince Polley (mailto:vpolley@knowconnect.com?subject=MIRLN) with the word “MIRLN” in the subject line, and similarly will be removed from the distribution list after sending email to Vince with the words “MIRLN REMOVAL” in the subject line.

Recent MIRLN issues are archived at www.knowconnect.com/mirln.

**************End of Introductory Note***************

**** ELECTION NOTES ****
Yesterday’s New York Times Editorial begins with: “Hyperbole is the currency of presidential campaigns, but this year the nation’s future truly hangs in the balance.” Of course your vote is important. AARP has produced a short video, which you can tailor for your own audience: http://aarpvote08.com/?d=VmluY2UgUG9sbGV5.

US ELECTION MAPS (going back to the year 1789): http://www.270towin.com/

VIDEOING YOUR VOTE (Harvard’s Citizen Media Law Project; 4 minutes YouTube): http://www.youtube.com/watch?v=DKhTNNXJIJQ Reference materials at http://www.citmedialaw.org/legal-guide/documenting-your-vote

**** START OF MIRLN NEWS ****
FBI Creates Knowledge Wiki (FCW, 26 Sept 2008) - The FBI is testing a new collaborative internal Web site, or wiki, called Bureaupedia that officials say will enable users to create an encyclopedia of lessons learned, best practices and subject-matter expertise. Officials see Bureaupedia as a knowledge management tool that will let agents and analysts share their experiences to ensure that their accumulated insight remains after they retire. The project is a collaborative effort between FBI’s chief knowledge officer and chief technology officer. “An agent that retires after 30 years leaves with all of that — what we call a tacit knowledge — everything leaves with him,” said Zalmai Azmi, FBI’s chief information officer, who will be retiring in October. That includes “best practices, things that he did differently, things that he wishes he had done differently.” The FBI’s new wiki uses the same open-source software as Wikipedia, and after the test period is complete, the agency will launch it on the FBI’s secure intranet, FBINet. Azmi said Bureaupedia gives the FBI a platform for capturing knowledge and information that otherwise might not be available. The information will be useful for the next administration and available through Bureaupedia, he said. An FBI spokesman said Bureaupedia will also let users link to articles in Intellipedia, the Office of the Director of National Intelligence’s wiki for the intelligence community. “The bureau has a lot of information,” Azmi said. “We have petabytes of data. Bringing all of that [onto] what we call an information grid so we can easily search is our goal for the future.” http://www.fcw.com/online/news/153926-1.html

CALIFORNIA MAKES IT A CRIME TO ‘SKIM’ RFID TAGS (ComputerWorld, 2 Oct 2008) - This week, California became the second state to enact a law making it illegal to steal data from radio frequency identification (RFID) cards. The law sets a penalty that includes a maximum fine of $1,500 and up to a year in prison for someone convicted of surreptitiously reading information from an RFID card. The California bill makes exceptions for certain emergency situations, such as permitting a health care worker to scan someone’s RFID-enabled health card in order to help the person. Also, police officers would be allowed to view information on an RFID card with a warrant. Earlier this year, Washington became the first state to pass a law against the theft of RFID data. Washington’s law makes it a class C felony to steal data from an RFID card specifically for the purpose of fraud, identity theft or other illegal purposes. If convicted under the law, a person could receive up to five years in prison and be fined as much as $10,000. http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9116133&source=rss_news

CONGRESSMEN FINALLY ALLOWED ON YOUTUBE (CNET, 3 Oct 2008) - Members of Congress can finally use Web sites like YouTube, after committees in both the House and Senate adopted new rules allowing members to post content outside of the .gov domain, as long as it is for official purposes. The House Rules Committee approved the change for the House of Representatives on Thursday, while the Senate Rules and Administration Committee adopted the new rules on September 19. “In addition to their official (house.gov) Web site, a member may maintain another Web site(s), channel(s) or otherwise post material on third-party Web sites,” the new House rules read. They also allow members to provide links to or embed outside content on their official sites, provided they include an exit notice indicating the visitor is leaving the House. The Senate rules also allow for links to be added to official sites. They allow senators to use any third-party site of their choice, but the senators will have an “approved list” of sites for reference. House Speaker Nancy Pelosi (D-Calif.) called the change “a significant step forward toward bringing House rules into the multimedia age and allowing for members to effectively communicate with their constituents online.” Many members of Congress have, in spite of the rules, already been posting content to YouTube. http://news.cnet.com/8301-13578_3-10058034-38.html

HOLLYWOOD SWOOPS ON PLAYSCHOOLS (Times of London, 5 Oct 2008) - Playschools have been given an unexpected lesson on copyright law after a company representing Hollywood studios demanded that each child pay a fee of €3 plus 17.5% Vat per year to watch DVDs in their playgroup. The Motion Picture Licensing Company (MPLC), which collects royalties on behalf of companies such as Walt Disney, Universal and 20th Century Fox, wrote to 2,500 playschools last month warning that it is illegal to show copyrighted DVDs in public without the correct license. The letter was sent with the approval of the Irish Preschool Play Association (IPPA), which represents the schools and their 50,000 children. The MPLC had wanted €10, plus Vat per year for each child, but the IPPA negotiated for the lower fee. Despite the reduction, playschool managers have reacted angrily to the offer of an “umbrella license” which “gives you access to 1000s of films”. “To be honest, when I got the letter with the IPPA newsletter I laughed and binned it,” said Paula Doran, manager of Kiddies Korner, a community playschool in Shankill, south Dublin. “If we brought in something like that the parents would have to pick up the costs. But I don’t like the way they went about it — once you signed up they’d automatically take money out of your account every year.” http://www.timesonline.co.uk/tol/news/world/ireland/article4882658.ece

US NATIONAL SECURITY AGENCY RELEASES SECURE SOFTWARE PROJECT TO OPEN SOURCE COMMUNITY (EarthTimes, 6 Oct 2008) - The development of highly secure, low defect software will be dramatically helped by the release of the Tokeneer research project to the open source community by the US National Security Agency (NSA). The project materials, including requirements, security target, specifications, designs, source code, and proofs are now available at www.adacore.com/tokeneer. The Tokeneer project was commissioned by the NSA from UK-based Praxis High Integrity Systems as a demonstrator of high-assurance software engineering. Developed using Praxis’ Correctness by Construction (CbyC) methodology it uses the SPARK Ada language and AdaCore’s GNAT Pro environment. The project has demonstrated how to meet or exceed Evaluation Assurance Level (EAL) 5 in the Common Criteria thus demonstrating a path towards the highest levels of security assurance. The unprecedented release of the project into the open source community aims to demonstrate how highly secure software can be developed cost-effectively, improving industrial practice and providing a starting point for teaching and academic research. Originally showcased in a conference paper in 2006, it has the long-term aim of improving the development practices of NSA’s contractors. Tokeneer was created as a fixed-price project, taking just 260 person days to create nearly 10,000 lines of high-assurance code, achieving lower development costs than traditional methods per line of code. http://www.earthtimes.org/articles/show/us-national-security-agency-releases,567377.shtml

REPORT: DATA BREACHES EXPOSE ABOUT 30M RECORDS IN ‘08 (Washington Post, 6 Oct 2008) - U.S. corporations, governments and universities reported a record 516 consumer data breaches in the first nine months of this year, incidents prompted chiefly by hackers and employee theft, according to a report released today by a nonprofit group that works to prevent fraud. The Identity Theft Resource Center, of San Diego, found that this year’s data breach tally has easily eclipsed 2007’s 446 incidents. At an average of 57 caches of consumer data reported lost or stolen each month, U.S. organizations are on track to divulge at least 680 breaches by the end of 2008. About 80 percent of the breaches involved digital records, while the remainder stemmed from the loss, theft or exposure of paper-based records. A description of each incident is available in the Identity Theft Resource Center ‘s 2008 Breach List. Some 30 million records on consumers have been exposed so far this year. But experts say that figure almost certainly masks a much larger problem, as there is currently no federal requirement for organizations that experience a data breach or loss to acknowledge precisely how many consumers nationwide may have been affected. http://voices.washingtonpost.com/securityfix/2008/10/516_data_breaches_in_2008_expo.html

E-TEXTBOOKS FOR ALL (InsideHigherEd, 7 Oct 2008) - Many observers, both in academe and in the publishing industry, believe it’s only a matter of time before electronic textbooks become the norm in college. Some campuses in particular may already be getting a glimpse of the future through partnerships with individual publishers or with consortiums. Such deals tend to offer students a choice in addition to their current options in the hope that they’ll opt for the cheaper alternative. In contrast to that model, and through a partnership with the publisher John Wiley & Sons, an experiment soon to be underway at the University of Texas at Austin will shift certain classes entirely to e-textbooks. Beginning next semester, for the initial pilot phase of one to two years, the university will cover the electronic materials for the approximately 1,000 students enrolled in a handful of courses in largely quantitative subjects such as biochemistry and accounting. By purchasing in bulk on a subscription model, the university initially hoped for a “per student per book” cost of $25 to $45. (Wiley hasn’t publicized a final price range, so it’s unclear whether it will be that low.) The idea of the “beta test,” as the university dubs it, is to see how students and faculty respond to e-textbooks and to decide whether they could be deployed on a larger scale. http://www.insidehighered.com/news/2008/10/07/ut

SEVENTH CIRCUIT RULES THAT WARRANTS FOR ELECTRONICALLY STORED COMMUNICATIONS ARE VALID NATIONWIDE (Steptoe & Johnson’s E-Commerce Law Week, 9 Oct 2008) - The Seventh Circuit recently ruled that the broader territorial jurisdiction rules that apply to warrants for the disclosure of stored communications under the Electronic Communications Privacy Act (ECPA) override the territorial restrictions on search warrants established in the Federal Rules of Criminal Procedure. In United States v. Berkos, the court found that ECPA section 2703(a) permits a court with jurisdiction over an offense to issue a search warrant for the disclosure, in any jurisdiction, of electronic communications held in storage by a communication provider for 180 days or less -- despite the fact that Federal Rule of Criminal Procedure 41(b) authorizes search warrants only for property “within the district.” The Seventh Circuit therefore upheld a district court’s ruling that a search warrant issued by a Judge in Illinois, where an investigation into the defendant’s failure to pay child support was ongoing, was valid in Texas, where it was served on a company that hosted the defendant’s websites. Given the clear language of section 2703 and the fact that at least one other federal court has reached a similar conclusion, the Seventh Circuit’s ruling is unsurprising. Nonetheless, communications providers should be aware that they can expect to be served with warrants for stored communications from any federal court in the country. http://www.steptoe.com/publications-5616.html Ruling here: http://www.steptoe.com/attachment.html/3556/527d.pdf

CT RULES SEARCH ENGINE CACHING NOT INFRINGING WHEN SITE FAILS TO OPT-OUT (BNA’s Internet Law News, 10 Oct 2008) - BNA’s Electronic Commerce & Law Report reports that a federal court in Pennsylvania has ruled that a copyright owner who makes his works freely available online and who does not opt out of search engine caching cannot successfully argue that search engines directly infringed his copyright by displaying cached copies. The court said that a copyright owner who chose not to opt out of caching had impliedly licensed search engines to create caches. Case name is Parker v. Yahoo! Inc.

BUSH SIGNS CONTROVERSIAL ANTI-PIRACY LAW (Washington Post, 13 Oct 2008) - President George W. Bush signed into law on Monday a controversial bill that would stiffen penalties for movie and music piracy at the federal level. The law creates an intellectual property czar who will report directly to the president on how to better protect copyrights both domestically and internationally. The Justice Department had argued that the creation of this position would undermine its authority. The law also toughens criminal laws against piracy and counterfeiting, although critics have argued that the measure goes too far and risks punishing people who have not infringed. The Recording Industry Association of America and Motion Picture Association of America backed the bill, as did the U.S. Chamber of Commerce. Richard Esguerra, spokesman for the Electronic Frontier Foundation, said he was relieved to see lawmakers had stripped out a measure to have the Justice Department file civil lawsuits against pirates, which would have made the attorneys “pro bono personal lawyers for the content industry.” http://www.washingtonpost.com/wp-dyn/content/article/2008/10/13/AR2008101301551.html

GERMAN COURT: GOOGLE IMAGE THUMBNAILS INFRINGE ON COPYRIGHT (ArsTechnica, 13 Oct 2008) - As much as people complain about the challenges of balancing copyrights and fair use in the US, overseas courts have been happy to provide examples that remind us that some aspects of US copyright law are actually fairly liberal. The latest such reminder comes courtesy of a case in Germany that revisits an issue that appears settled in the US: the right of image search services to create thumbnails from copyrighted works to display with the search results. The German courts have now determined that this is not OK in Germany, where Google has just lost two copyright suits over image thumbnails. This is not the first tussle of this sort that Google has been involved with. The company had initially lost a copyright case based on its creation of thumbnails from porn site Perfect 10, but ultimately prevailed on appeal in that case. Although the appeal did not clarify all the legal issues, it did determine that the creation of thumbnails fell within the exceptions granted by US copyright law for transformative use. http://arstechnica.com/news.ars/post/20081013-german-court-google-image-thumbnails-infringe-on-copyright.html Google appeals: http://www.siliconvalley.com/news/ci_10736872

OPENOFFICE.ORG LAUNCHES FIRST NATIVE MAC OS X SUITE (Computer World, 14 Oct 2008) - OpenOffice.org yesterday released the first version of its open-source application suite written for Mac OS. OpenOffice.org issued a beta of its flagship suite five months ago, but yesterday’s release marked the first final code from the open-source project that doesn’t require Mac users to install X11, a Unix windowing environment. The new OpenOffice.org 3.0 only runs on Intel-based Macs; systems powered by the older PowerPC processors can download and run an older 2.x edition that requires X11. OpenOffice.org 3.0 includes a slew of new features and improvements to the suite’s word processing, spreadsheet, presentation and database applications. Other enhancements and additions include support for the new file formats that debuted in Microsoft Office 2007 and Microsoft Office for Mac 2008. OpenOffice.org is one of the few rivals of Microsoft Corp.’s market-leading suite, Microsoft Office. The current Mac version, Office 2008 for Mac, starts at $149. Apple Inc. also sells a suite, dubbed iWork ‘08, that offers a word processor, spreadsheet and presentation maker. iWork retails for $79 for a single-user license, $99 for a five-license family pack. http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9117144&source=rss_news

MASSACHUSETTS FORCES BUSINESSES TO IMPLEMENT SWEEPING INFORMATION SECURITY MEASURES BY JANUARY 1, 2009 (Duane Morris Client Alert, 14 Oct 2008) - The Commonwealth of Massachusetts recently adopted regulations requiring all businesses that own, license, store or maintain personal information about a resident of Massachusetts to adopt a comprehensive, written information security program. The security program must include a computer security system that encrypts all records and files containing personal information, including all employee and consumer information. http://www.duanemorris.com/alerts/alert3005.html

EXCEL ERROR LEAVES BARCLAYS WITH MORE LEHMAN ASSETS THAN IT BARGAINED FOR (ComputerWorld, 14 Oct 2008) - A reformatting error in an Excel spreadsheet has cropped up in the largest bankruptcy case in U.S. history, prompting a legal motion by Barclays Capital Inc. to amend its deal to buy some of the assets of Lehman Brothers Holdings Inc. The law firm representing Barclays filed the motion on Friday in U.S. Bankruptcy Court for the Southern District of New York, seeking to exclude 179 Lehman contracts that it said were mistakenly included in the asset purchase agreement. The firm — Cleary Gottlieb Steen & Hamilton LLP — said in the motion that one of its first-year law associates had unknowingly added the contracts when reformatting a spreadsheet in Excel. According to the motion, Barclays sent the spreadsheet containing the list of contracts to Cleary Gottlieb at 7:48 p.m. EDT on Sept. 18. The spreadsheet — which contained almost 1,000 rows of data with a total of more than 24,000 individual cells — needed to be reformatted and converted into a PDF file so it could be posted on the bankruptcy court’s Web site before midnight. At 11:37 p.m., Cleary Gottlieb sent the converted file to the court, the motion said. However, contracts that had been marked as “hidden” in the spreadsheet when it was received by the law firm were added to the purchase offer during the reformatting process, according to the motion. Those contracts weren’t supposed to be part of the deal; they also were marked with an “N” for “No” in the original version of the spreadsheet, Cleary Gottlieb said in the motion. http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9117143&source=NLT_PM&nlid=8 Clear y Gottlieb motion here: http://abovethelaw.com/Barclays%20Relief%20Motion.pdf

THE MET OPERA WILL OFFER PERFORMANCES ON THE WEB (New York Times, 14 Oct 2008) - In the Metropolitan Opera’s relentless quest to exploit all media, the company next Wednesday will start making many video and audio broadcasts available for Internet streaming on demand. Met Player, as the service is called, will be available through the Met’s Web site, metopera.org. At its inauguration, on the 125th anniversary of the Met’s first show, users will be able to choose from 13 high-definition video performances, 37 standard video recordings and 120 audio broadcasts dating to 1937. The company said it planned to add performances regularly, drawing on its vast historical archives and its continuing high-definition broadcasts. The catalog features classics like a “Lucia di Lammermoor” performance with Joan Sutherland and one with Maria Callas; a “Walküre” with Birgit Nilsson as Brünnhilde; a “Trovatore” with Leontyne Price and Franco Corelli; and a “Carmen” with Rosa Ponselle, in one of her rare full-length recorded performances. More recently, there are the “Tristan und Isolde” with Deborah Voigt and Robert Dean Smith, conducted by James Levine, and “I Puritani” with Anna Netrebko, each in high definition. For $3.99 or $4.99 per streamed opera, users will have a six-hour window in which to listen to or watch a production, once it has started. A monthly subscription for $14.99 brings unlimited streaming, while a yearly subscription costs $149.99. The technical demands are relatively substantial for the high-definition videos and what the Met calls “optimal” performance: a broadband connection, naturally, as well as a fast processor (2.0 GHz Dual Core) and one gigabyte of RAM. Computers less than two years old are recommended. http://www.nytimes.com/2008/10/15/arts/music/15met.html?_r=2&partner=rssuserland&emc=rss&oref=slogin&oref=slogin

YOUTUBE, PBS URGE PEOPLE TO RECORD VOTING (SiliconValley.com, 15 Oct 2008) - If voters see problems on Election Day, YouTube and PBS want them to whip out their video cameras and throw the footage onto a new Web site for documenting voters’ experiences on Nov. 4. But the organizations also have a stern warning for overzealous would-be documentarians: Be careful of state laws about filming in or near polling places or you might wind up tossed out or in handcuffs. PBS and YouTube, Mountain View, Calif.-based Google Inc.’s popular free video-sharing site, have rolled out a new channel on YouTube for cataloguing the short videos voters are encouraged to make about their own experiences or others’ in casting their ballots. The “Video Your Vote” site encourages voters to “document the energy and excitement, as well as any problems you may see” and upload videos between 30 seconds and three minutes long. The site also has links to PBS programs on YouTube and interviews with election experts. Some problems people are encouraged to look out for include excessively long lines, glitches with voting machines or “overly aggressive” voter identification procedures. The site also links to documents from the Citizen Media Law Project outlining problems that might come from trying to record the voting process. For example, Florida, Georgia and Michigan prohibit photos and recording equipment in polling places, while in some other states the law is unclear, according to the group. Other laws restrict activities outside the polling place in designated “buffer zones,” which are typically 100 feet from the entrance or interior voting area. http://www.siliconvalley.com/news/ci_10728274?nclick_check=1

FBI TARGETS RISE IN CYBERCRIME FROM U.S. AND ABROAD (CNET, 15 Oct 2008) - The threat of cybersecurity attacks are on the rise from organized crime, terrorists, and foreign governments, an FBI official warned on Wednesday. There are a “couple dozen” countries interested in breaching U.S. networks, said Shawn Henry, assistant director of the FBI cyber division, though he declined to list any specific countries. The attempted attacks on U.S. networks are “increasingly sophisticated” and “the amount of information that has been stolen is significant,” Henry said. In particular, the use of botnets continues to increase, he said, while companies have lost tens of millions of dollars from “pump and dump” schemes in which criminals buy and sell stocks with other people’s account information harvested online. “A lot of the financial loss we see (due to) organized (crime) has increased because of the greater sense of money to be made, the awareness of the access to a greater rewards,” Henry said. http://news.cnet.com/8301-13578_3-10067330-38.html

NEW PCI DATA SECURITY STANDARD MANDATES STRONGER WIRELESS SECURITY (Steptoe & Johnson’s E-Commerce Law Week, 16 Oct 2008) - The Payment Card Industry (PCI) Security Standards Council released version 1.2 of its Data Security Standard (DSS) on October 1. As we have previously reported, the DSS requires all participating “merchants, banks, [and] POS [point of sale] vendors” -- as well as their service providers and other contractors -- to implement six sets of security requirements: build and maintain a secure network, protect card holder data, maintain a vulnerability management program, implement strong access control measures, regularly monitor and test networks, and maintain an information security policy. The new version of the DSS requires covered entities to ensure that “wireless networks transmitting cardholder data or connected to the cardholder data environment ... use industry best practices (for example, IEEE 802.11i) to implement strong encryption for authentication and transmission.” It also bars covered entities from using WEP security to protect wireless networks after June 30, 2010. In addition to enhancing security for wireless networks, version 1.2 provides standard “attestation of compliance” forms for merchants and service providers and clarifies many existing requirements and procedures. http://www.steptoe.com/publications-5664.html [Editor: How could WEP possibly satisfy a best-practice standard today, much less through June 2010?]

E-DECEPTIVE CAMPAIGN PRACTICES TECHNOLOGY REPORT RELEASED (BeSpacific.com, 20 Oct 2008) - “EPIC’s voting project releases the first report on the technology of deceptive campaign practices. Deceptive campaigns are attempts to misdirect voters regarding the voting process for public elections. Deceptive campaign activity can be false statements about polling times, date of the election, or voter identification rules. The EPIC report reviews the potential for abuse of Internet technology in an election context, and makes recommendations on steps that could be taken by Election Protection, Election Administrators, and voters to protect the integrity of the upcoming election. A legal and policy companion of the report was simultaneously released by Common Cause and the Lawyers Committee for Civil Rights Under Law. For more information, see EPIC’s Voting Privacy page and Voting Project.” http://www.bespacific.com/mt/archives/019596.html EPIC report at http://votingintegrity.org/pdf/edeceptive_report.pdf

AMERICAN AIRLINES SUES YAHOO OVER SEARCH TERMS (Washington Post, 21 Oct 2008) - American Airlines is suing Yahoo Inc. for trademark infringement, a case similar to one that the nation’s largest airline settled this summer against Google Inc. The airline complains that when computer users enter American’s trademark terms such as AAdvantage, the name of its frequent-flier program, in a search they can be directed to competitors who pay Yahoo for the traffic. American filed its lawsuit last week in U.S. District court in Fort Worth for unspecified damages, legal costs and money to run a “corrective” advertising campaign. Kelley Benander of Yahoo said, “We have confidence in our trademark policies and are prepared to defend them in court.” Yahoo’s policy allows advertisers to use the trademark terms of others only if it refers to the trademark “without creating a likelihood of consumer confusion.” American, a unit of Fort Worth-based AMR Corp., reached a confidential settlement of a similar lawsuit against Google this summer, also in federal court in Fort Worth. Each side agreed to pay its own legal fees, and American got nothing from Google. But Google searches for “American Airlines” or “AAdvantage” no longer produce paid ads along the right side of the portal screen. Google had prevailed in previous lawsuits filed by other companies over their paid search advertising practices using trademark terms. http://www.washingtonpost.com/wp-dyn/content/article/2008/10/21/AR2008102101649.html?sub=AR Eric Goldman’s commentary on this: http://blog.ericgoldman.org/archives/2008/10/american_airlin_2.htm

DUTCH YOUTHS CONVICTED OF VIRTUAL THEFT (Washington Post, 21 Oct 2008) - A Dutch court has convicted two youths of theft for stealing virtual items in a computer game and sentenced them to community service. Only a handful of such cases have been heard in the world, and they have reached varying conclusions about the legal status of “virtual goods.” The Leeuwarden District Court says the culprits, 15 and 14 years old, coerced a 13-year-old boy into transferring a “virtual amulet and a virtual mask” from the online adventure game RuneScape to their game accounts. “These virtual goods are goods (under Dutch law), so this is theft,” the court said Tuesday in a summary of its ruling. http://www.washingtonpost.com/wp-dyn/content/article/2008/10/21/AR2008102101209.html

- and -

ONLINE DIVORCEE JAILED AFTER KILLING VIRTUAL HUBBY (AP, 23 Oct 2008) - A 43-year-old Japanese woman whose sudden divorce in a virtual game world made her so angry that she killed her online husband’s digital persona has been arrested on suspicion of hacking, police said Thursday. The woman, who is jailed on suspicion of illegally accessing a computer and manipulating electronic data, used his identification and password to log onto popular interactive game “Maple Story” to carry out the virtual murder in mid-May, a police official in northern Sapporo said on condition of anonymity, citing department policy. The woman had not plotted any revenge in the real world, the official said. She has not yet been formally charged, but if convicted could face a prison term of up to five years or a fine up to $5,000. Players in “Maple Story” raise and manipulate digital images called “avatars” that represent themselves, while engaging in relationships, social activities and fighting against monsters and other obstacles. The woman used login information she got from the 33-year-old office worker when their characters were happily married, and killed the character. The man complained to police when he discovered that his beloved online avatar was dead. http://www.washingtonpost.com/wp-dyn/content/article/2008/10/23/AR2008102301184.html

COMPUTER KEYBOARDS BETRAY USERS’ KEYSTROKES TO RADIO EAVESDROPPERS (Information Week, 21 Oct 2008) - Two Swiss security researchers from the Security and Cryptography Laboratory at the Ecole Polytechnique Federale De Lausanne have published a video demonstrating how the electronic emanations from wired computer keyboards can be deciphered to reveal the user’s keystrokes. Using a laptop connected to a PS/2 keyboard, one of the researchers in the video typed the words, “Trust No One,” in a nod to fans of The X-Files. The video then shows a program receiving data from an eavesdropping antenna and then converting that data into the typed words. “We found four different ways (including the Kuhn attack) to fully or partially recover keystrokes from wired keyboards at a distance up to 20 meters, even through walls,” explain Martin Vuagnoux and Sylvain Pasini in an online post. The Kuhn attack refers to a computer security research paper published in 1998 by Markus G. Kuhn and Ross J. Anderson that describes the threat of a “Tempest virus” that “can attack computers not connected to any communication lines and situated in rooms from which the removal of storage media is prohibited.” http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=211300294&cid=RSSfeed_IWK_News

LEGAL P2P USES GROWING 10X FASTER THAN ILLEGAL ONES (ArsTechnica, 22 Oct 2008) - P2P is “starting to see a lot more legitimate uses,” says Frank Dickson of MultiMedia Intelligence. He’s talking about his company’s new report on P2P growth that projects a 400 percent increase in such Internet traffic over the next five years. But more surprising than the growth rate, which has been in decline now for some time, is the fact that it’s P2P’s lawful uses that are seeing the biggest growth. For small content providers, especially companies involved in video, paying for a content delivery network can eat up a significant chunk of revenue. Done right, P2P distribution can save valuable cash for these providers, which is why Dickson sees P2P’s lawful uses growing 10 times faster than its illicit uses. Some of this is no doubt due to the “law of small numbers”; P2P’s legal uses (transferring Linux ISO files, etc.) have always been dwarfed by its usefulness as a distribution mechanism for music and now video content. Thus, when legal applications begin to boom, it’s much easier for them to rack up big percentage numbers. ISPs aren’t necessarily crazy about this shifting of the video burden from company servers (or CDNs) onto a network of decentralized users, since this can strain the network, especially when it comes to upload links. But it’s not as though P2P is the only system straining ISP networks; as users hunger for their Hulu and their YouTube, streaming video has begun to consume shockingly high amounts of bandwidth, too—though almost totally downstream. http://arstechnica.com/news.ars/post/20081022-forecast-legal-p2p-uses-growing-10x-faster-than-illegal-ones.html

**** RESOURCES ****
PODCASTING LEGAL GUIDE (Wiki resource): The purpose of this Guide is to provide you with a general roadmap of some of the legal issues specific to podcasting. EFF has produced a very practical and helpful guide for issues related to blogging generally (http://www.eff.org/bloggers/). This Guide is not intended to duplicate efforts by EFF, and in many cases refers you to that guide for where crossover issues are addressed. Our goal is to complement EFF’s Bloggers FAQ and address some of the standalone issues that are of primary relevance to podcasters, as opposed to bloggers. http://wiki.creativecommons.org/Podcasting_Legal_Guide

**** NOTED PODCASTS ****
TECHNOLOGY’S POTENTIAL TO RESHAPE BUSINESS (Nicholas Carr and Chris Meyer, IT Conversations, 26 June 2008) – Very interesting assessment of how emerging processing hubs, connected by ubiquitous communications, might collapse organizational barriers. The discussion of P&G’s “Connect & Develop” initiative and the InnoCentive experience is fascinating; especially the finding that ideas that arise from outside and organization generally have 200% the ROI of internal ideas. The implications for breaking down barriers give real meat to the bare-bones references to “Web 2.0”, and offer a glimpse of what Google’s 12-year strategic vision might be. Two Stars; 63 minutes. http://itc.conversationsnetwork.org/shows/detail3443.html [Editor: re the InnoCentive reference, you might find interesting a LongNow Foundation podcast by Peter Diamandis on long-term X-Prizes: http://fora.tv/media/rss/Long_Now_Podcasts/podcast-2008-09-12-diamandis.mp3]

ENTERPRISE SOCIAL SOFTWARE (Christian Gray, Craig Honick; IT Conversations; 14 April 2008) – Very interesting discussion of current uses (and likely expansion) of various “social networking” tools in companies, and the knowledge-management/productivity implications. Discusses how tools (e.g., wikis, instant messaging, twitter, SecondLife, podcasts, blogging) can affect productivity and effect collaboration. Discusses inward-facing uses of these tools (e.g., within the enterprise’s firewall) and outward-facing uses (e.g., facilitating the emergence of customers’ communities). Discusses how some implementations may occur informally (e.g., using no-cost software within a department), and how such efforts may run afoul of company policies (e.g., on IP protection). Two Stars; 48 minutes. http://itc.conversationsnetwork.org/shows/detail3612.html

SOURCES (inter alia):
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School, http://cyber.law.harvard.edu.
2. Edupage, http://www.educause.edu/pub/edupage/edupage.html.
3. SANS Newsbites, sans@sans.org.
4. NewsScan and Innovation, http://www.newsscan.com.
5. BNA’s Internet Law News, http://ecommercecenter.bna.com.
6. Crypto-Gram, http://www.schneier.com/crypto-gram.html.
7. McGuire Wood’s Technology & Business Articles of Note, http://tinyurl.com/ywsusp
8. Steptoe & Johnson’s E-Commerce Law Week, www.steptoe.com
9. Eric Goldman’s Technology and Marketing Law Blog, http://blog.ericgoldman.org/.
10. Readers’ submissions, and the editor’s discoveries.

This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/us/ or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

PRIVACY NOTICE: E-mail addresses of individuals who subscribe to this periodic e-newsletter by sending email to Vince Polley with “MIRLN” in the subject line are kept by Vince Polley; this listing will not be provided to any other persons.

No comments: