Saturday, May 28, 2011

MIRLN --- 8-28 May 2011 (v14.07)

NEWS | PODCASTS | RESOURCES | LOOKING BACK | NOTES

Subscribing to Software as a Service While Fulfilling the Duties of Confidentiality and Preservation of Client Property (North Carolina Bar Association, 21 April 2011; Proposed Formal Ethics Opinion No. 6) - Proposed opinion rules that a law firm may contract with a vendor of software as a service, provided the lawyer uses reasonable care to assure that the risks that confidential client information may be disclosed or lost are effectively minimized.

top

New FBI Documents Provide Details on Government's Surveillance Spyware (EFF, 29 April 2011) - EFF recently received documents from the FBI that reveal details about the depth of the agency's electronic surveillance capabilities and call into question the FBI's controversial effort to push Congress to expand the Communications Assistance to Law Enforcement Act ( CALEA ) for greater access to communications data. The documents we received were sent to us in response to a Freedom of Information Act (FOIA) request we filed back in 2007 after Wired reported on evidence that the FBI was able to use "secret spyware" to track the source of e-mailed bomb threats against a Washington state high school. The documents discuss a tool called a "web bug" or a "Computer and Internet Protocol Address Verifier" (CIPAV), which seems to have been in use since at least 2001. It's not clear from the documents how the FBI deploys the spyware, though Wired has reported that, in the Washington state case, the FBI may have sent a URL via MySpace's internal messaging, pointing to code that would install the spyware by exploiting a vulnerability in the user's browser. Although the documents discuss some problems with installing the tool in some cases, other documents note that the agency's Crypto Unit only needs 24-48 hours to prepare deployment. And once the tool is deployed, "it stay[s] persistent on the compromised computer and . . . every time the computer connects to the Internet, [FBI] will capture the information associated with the PRTT [ Pen Register/Trap & Trace Order ].

top

- and -

NSA Gathers 4x the Amount of Info than the Library of Congress, Daily (ReadWriteWeb, 11 May 2011) - The National Security Agency is the geekiest of the spy shops. The NSA is responsible for gathering and parsing information from around the world, usually electronic data. At ReadWriteWeb, we're no strangers to big data, in fact we're fans. But sometimes you come face to face with facts and figures that bring home how big "big" is. According to an article from the Baltimore Sun, in six hours, the NSA intercepts and stores as much information as you find in the whole of the Library of Congress.

top

- and -

FBI Fights to Protect ISPS that Snoop on Their Customers (The Register, 12 May 2011) - The FBI has finally come clean on the real reason it doesn't want to name phone and internet service providers that participate in a sweeping surveillance program that taps international communications without a warrant: Customers would get mad and dump or sue the providers. This rare piece of honesty came in a recently filed court declaration (PDF) from a top FBI official arguing why the agency shouldn't have to supply the names in response to a Freedom of Information request filed by the American Civil Liberties Union. "Specifically, these businesses would be substantially harmed if their customers knew that they were furnishing information to the FBI," David M. Hardy wrote. "The stigma of working with the FBI would cause customers to cancel the companies' services and file civil actions to prevent further disclosure of subscriber information. Therefore, the FBI has properly withheld this information." In his declaration, Hardy said names should also be kept confidential to prevent the service providers themselves from retaliating against the government. "For instance, given that these companies would pay a high price if it were known that they were providing information about their customers to the FBI, it is likely that companies, though lacking grounds to do so, would nevertheless avail themselves of legal options to resist cooperation," he wrote. "It is only with the understanding of complete confidentiality that full cooperation of such sources can be enlisted, and only through this confidence that these sources can be persuaded to continue to fully cooperate in providing valuable assistance in the future."

top

- and -

The Secret Sharer: Is Thomas Drake an Enemy of the State? (The New Yorker, Jane Mayer, 23 May 2011) -- On June 13th, a fifty-four-year-old former government employee named Thomas Drake is scheduled to appear in a courtroom in Baltimore, where he will face some of the gravest charges that can be brought against an American citizen. A former senior executive at the National Security Agency, the government's electronic-espionage service, he is accused, in essence, of being an enemy of the state. According to a ten-count indictment delivered against him in April, 2010, Drake violated the Espionage Act-the 1917 statute that was used to convict Aldrich Ames, the C.I.A. officer who, in the eighties and nineties, sold U.S. intelligence to the K.G.B., enabling the Kremlin to assassinate informants. In 2007, the indictment says, Drake willfully retained top-secret defense documents that he had sworn an oath to protect, sneaking them out of the intelligence agency's headquarters, at Fort Meade, Maryland, and taking them home, for the purpose of "unauthorized disclosure." The aim of this scheme, the indictment says, was to leak government secrets to an unnamed newspaper reporter, who is identifiable as Siobhan Gorman, of the Baltimore Sun. Gorman wrote a prize-winning series of articles for the Sun about financial waste, bureaucratic dysfunction, and dubious legal practices in N.S.A. counterterrorism programs. Drake is also charged with obstructing justice and lying to federal law-enforcement agents. If he is convicted on all counts, he could receive a prison term of thirty-five years. [Editor: Fascinating and disturbing at the same time. ThinThread sounds like a fantastic tool, now misapplied: "Binney, for his part, believes that the agency now stores copies of all e-mails transmitted in America, in case the government wants to retrieve the details later. In the past few years, the N.S.A. has built enormous electronic-storage facilities in Texas and Utah. Binney says that an N.S.A. e-mail database can be searched with "dictionary selection," in the manner of Google. After 9/11, he says, "General Hayden reassured everyone that the N.S.A. didn't put out dragnets, and that was true. It had no need-it was getting every fish in the sea." Binney considers himself a conservative, and, as an opponent of big government, he worries that the N.S.A.'s data-mining program is so extensive that it could help "create an Orwellian state." Whereas wiretap surveillance requires trained human operators, data mining is automated, meaning that the entire country can be watched. Conceivably, U.S. officials could "monitor the Tea Party, or reporters, whatever group or organization you want to target," he says. "It's exactly what the Founding Fathers never wanted." ]

top

Ponemon Releases Cloud Service Provider Study (Ponemon Institute, 2 May 2011) - Last week with CA Technologies we issued the results of a study of cloud service providers and their views on cloud security. There has been a lot of interest in this study. Readers have reviewed the results and responded with some very good questions and comments. In a nutshell, people - including us - were surprised by the results, which showed that cloud providers didn't put security as the No. 1 concern in providing their services. [Editor: Really? People were surprised at this?]

top

Sony's Insurers to Help Foot Bill for Data Breach (Reuters, 5 May 2011) - Sony is looking to its insurers to help pay for its massive data breach, an amount that one expert estimates could exceed $2 billion, but others said insurers may balk at ponying up that kind of money. "We have a variety of types of insurance that cover damages. Certain carriers have been put on notice," Sony Corp spokesman Dan Race told Reuters. Race declined to name the insurers or to say whether there was a cap on the size of any payout they would make to Sony. Sony has been under fire since hackers accessed personal data for more than 100 million of its online video game users. It has said it could not rule out that some 12.3 million credit card numbers had been obtained during the hacking. Sony noticed unauthorized activity on its network on April 19, and reported it to the U.S. Federal Bureau of Investigation on April 22. Some experts said Sony faces an uphill battle to get its insurers to pay for its damages from the cyber breach. They may try to blame Sony for negligence for failing to properly secure its data centers, said Dan Zeiler, a director of security and compliance for American Internet Services, a data center services provider.

top

- and -

PlayStation Network hack will cost Sony $170m (Computerworld, 23 May 2011) - Sony expects the hack of the PlayStation Network and will cost it ¥14 billion ($170 million) this financial year, it said Monday. Unknown hackers hit the network gaming service for PlayStation 3 consoles in April, penetrating the system and stealing personal information from the roughly 77 million accounts on the PlayStation Network and sister Qriocity service. A second attack was directed at the Sony Online Entertainment network used for PC gaming. Sony responded to the attacks by taking the systems offline. It called in several computer security companies to conduct forensic audits and rebuilt its security system. Users in many countries are being offered a year-long identity-theft protection program and free games. The cost estimate includes those actions and associated legal costs, said Masaru Kato, Sony's CFO, at a Tokyo news conference. "To date, we have not confirmed any misuse of personal information or credit cards," said Kato.

top

A Tool to Harvest iPhone Location Data (NYT Nick Bilton, 5 May 2011) - A lot people got upset about Apple collecting location data on iPads and iPhones. The company just issued an update to the devices' software in part to tamp down the reaction. But that data could be as useful to regular people as it is to Apple. Developers in The New York Times Company Research and Development Lab released a Web-based tool on Thursday that they hope will corral the location data Apple had been collecting and make it available to customers and researchers. The Times Company's Research Lab calls the project OpenPaths.cc, and describe it as a tool to "securely store, explore, and donate your iOS location data." People who participate in the project are asked to upload location information from their phone, which is then made anonymous and added to a database with the data from every other upload. People can then browse their own location data on an interactive map. At a later date researchers will be able request access to the collection of location uploads.

top

How To Subpoena Facebook and Other Social Media Services (Associates Mind, 5 May 2011) - As more people use social media for a variety of reasons, it only follows that data and information from social media sites are going to become a necessary component of litigation. The question is: how to properly obtain this information? Fortunately, the Electronic Frontier Foundation has already done that work for you with a Freedom of Information Act request to a half-dozen government agencies seeking their policies for using social networking sites for investigations, data-collection, and surveillance. During this process they have also obtained the Law Enforcement Guides to numerous social media and e-commerce websites.

The EFF also provides a nice spreadsheet ( PDF or XLS ) comparing all the law enforcement and privacy guidelines side-by-side. You can see the full list of social media guidelines on their site.

top

Google Loses Copyright Appeal Over Internet Links to Belgian Newspapers (Bloomberg, 6 May 2011) - Google Inc. (GOOG) lost an attempt to overturn a Belgian ruling that blocked it from publishing links to local newspapers on its online news service. The Court of Appeal in Brussels on May 5 upheld a 2007 lower court ruling that forced Google to remove links and snippets of articles from French- and German-language Belgian newspapers from Google.com and Google.be. Google, the owner of the world's most-used search engine, faced a 25,000-euro ($36,300) daily fine for any delay in implementing the judgment. Copiepresse, the group that filed the suit on behalf of the newspapers, said the snippets generated revenue for the search engines and that publishers should be paid for the content. The publications have a second suit pending in which they seek as much as 49.1 million Euros for the period in which their content was visible on Google News.

top

PC Rental Store Hid Secret Spy Hardware In Laptop, Suit Says (Channel Register, 6 May 2011) - A Wyoming couple has filed a federal lawsuit claiming a computer they purchased came with secret spying hardware that allowed the seller to monitor their every move. According to the complaint, Brian and Crystal Byrd first learned of the snoop device when they received a visit at home from a manager of the local Aaron's rent-to-own store falsely claiming they hadn't made required payments on their Dell Inspiron laptop. During the conversation, manager Christopher Mendoza said he had a photo of Mr. Byrd using the computer and as proof showed a picture that had been taken remotely using an off-the-shelf device called PC Rental Agent. "When Brian Byrd demanded that Mendoza explain how Mendoza had obtained an unauthorized photograph, Mendoza responded that he was not supposed to disclose that Aaron's had the photograph," the complaint, filed on Tuesday in US District Court in Pittsburgh, Pennsylvania, alleged.

top

World's Servers Process 9.57zb of Data a Year (Computerworld, 9 May 2011) - Researchers at the School of International Relations and Pacific Studies and the San Diego Supercomputer Center at the University of California, San Diego, estimate that the total is equivalent to a 5.6-billion-mile-high stack of books stretching from Earth to Neptune and back to Earth, repeated about 20 times. By 2024, business servers worldwide will annually process the digital equivalent of a stack of books extending more than 4.37 light-years to Alpha Centauri, according to a report compiled by the scientists. The report, titled " How Much Information?: 2010 Report on Enterprise Server Information ," was released at the SNW conference last month. Roger Bohn, one of the report's co-authors, compared the world's business servers to the underwater portion of an iceberg "that runs the world that we see.

top

PDF/A Is In Your Future - Get Used To It (Future Lawyer, 9 May 2011) - I know, just when you were getting used to saving documents as PDF files, and attaching them to emails, and scanning documents for sending; now, the Federal Court system is going to require the archival format for PDF files for efiling. Sooner or later, all court systems are going to be requiring this, so go to Rick Borstein's blog and educate yourself now. PDF/A is just a format for embedding all the fonts and other stuff needed to show the document now and in the future, exactly as it was filed. So, if someone wants to read your Complaint 30 years from now, it will look exactly as you filed it. Of course, if someone wants to read my pleadings 30 years from now, they will likely already be locked up in an Institution. Oh, well.

top

Lightening the Paper Load (NYT, 10 May 2011) - Conferences and trade shows seem to generate vast amounts of paperwork - booklets, programs, handouts, guides. But as increasing numbers of business travelers carry smartphones and tablets, organizers of these events are responding by developing mobile applications. Most bundle a scheduling tool, floor plan and maybe information about local restaurants or a social networking link on their apps. But a handful of organizers have begun to use apps to reduce or even replace the vast amounts of paper they once carried to events. Without so much paper to produce for conferences, planners said they were saving time and money. Not only that, business travelers do not need to carry around cumbersome and often heavy printed copies. While some producers have described their events as "paperless" for years - generally by distributing material via CD or directing attendees to download documents posted online - the growing popularity of tablets like Apple's iPad and the increasing sophistication of app software make it possible for travelers to be truly unencumbered without sacrificing convenience. David Holcombe, president and chief executive of an organization for online education professionals called the eLearning Guild, said the group has eliminated almost all the paperwork at their three annual conferences. "I've felt for some time we spent way too much money on materials, paper handouts, that sort of stuff," said Mr. Holcombe, who estimated that he would save $50,000 this year alone on printing costs. He said he still offered a paper program to attendees but it had been trimmed to around a dozen pages from 50, with the remainder of the material going onto the app. He says he now brings two fewer staff members to each event, since the burden of distributing hard copies has been eliminated. And his delegates have told him they love the convenience. "For us, it's a really huge customer service thing," he said. It helps that the attendees tend to be early technology adopters - about 40 percent brought iPads to the group's March conference. Participants can use the app content to help them decide which seminars to attend, and they can keep a virtual eye on what else is going on at the event even while sequestered in a classroom because of the app's real-time updates. "It stimulates engagement," Mr. Holcombe said. Greg Lohrentz, the chief operations officer of the trade association Meeting Professionals International, agreed that content-rich apps give event participants better access to information. "The tablet allows for that educational experience outside the room," he said. While participants are sitting in a classroom, they can scroll through updates and Twitter feeds to find out what else is going on in other sessions or on the trade show floor, he said. Jennifer Wilhelm, editor of digital media for the American Society for Training & Development, said she planned to offer an app that includes an iPad version for a conference in May that is expected to attract 8,000 people. The app will free her from the trouble and expense of printing handouts for three keynote speeches and roughly 200 education sessions, she said. Attendees will be able to follow along with a speaker's PowerPoint presentations, take notes and fill out worksheets all within the app. "Viewing the slides and seeing any materials where there might be a worksheet is going to be huge on a tablet," she said. At a smaller conference this year, Mrs. Wilhelm said roughly half the participants downloaded the mobile app.

top

Senators Want Cyberattacks To Be Disclosed (Mashable, 12 May 2011) - If a group of five senators have their way, the SEC will one day require companies to publicly disclose cyberattacks like the one that shut down Sony's Playstation Network for the past three weeks. The politicians, which include Senate Commerce Committee Chairman Jay Rockefeller and four other Democrats, sent a letter to the Securities and Exchange Commission asking it to create guidelines that would require companies to report major network attacks. In addition, they wrote, guidelines should require companies to explain details about intellectual property that may have been compromised during an attack and include vulnerability to cyberattacks in corporate risk disclosures. As Sony has demonstrated, a hacker attack can be devastating to a company's bottom line and potentially to its investors. One analyst told the WSJ last week that he estimated the April attack will cost Sony about $1.24 billion. Yet too few companies warn investors of cyber security risks. According to the WSJ, a 2009 study by insurance underwriter Hiscox Inc. found that 38% of Fortune 500 companies made a "significant oversight" by omitting risk of data-security breaches in their public filings.

top

Prosecutors Look to Social Media for Selecting Casey Anthony Jurors (ABA Journal, 16 May 2011) - Prosecutors trying Casey Anthony, a 25-year-old Florida woman charged with murdering her young daughter, were armed with Internet information during a special Saturday jury selection, checking out panel members' social media profiles during voir dire. According to the Associated Press, prosecutors in the high-profile case used a preemptory challenge to dismiss an individual who allegedly posted the jury instructions on his Facebook page. He also joked about writing a book, the AP reports. Another juror, who Tweeted about a fender bender, was also excused. "Cops in Florida are idiots and completely useless," was most likely the tweet that caught the government's attention. [Editor: when will prospective jurors try to avoid service by making similar posting, preemptively?]

top

Dentist Who Sued Yelp Must Pay Legal Fees (MediaPost, 17 May 2011) - A dentist who sued Yelp and two reviewers for a negative post has herself been ordered to pay almost $81,000 under a California law that protects people's right to discuss matters of public interest. The ruling, issued last week by Santa Clara Superior Court Judge Peter Kirwan, directs dentist Yvonne Wong to pay attorneys' fees and legal costs to Yelp, as well as Tai Jing and Jia Ma, parents of a 6-year-old patient of Wong's. The case dates to January of 2009, when Wong sued Yelp as well as Tai Jing, and his wife, Jia Ma, about a bad review on the site. Wong alleged that the couple wrote that their son was left lightheaded from laughing gas administered by Wong, and that he received a filling containing mercury. Wong said those statements libeled her and caused her emotional distress; she argued that the post implied that she had not informed Jing and his wife ahead of time that the filling would contain mercury. A California appellate court ruled last year that Yelp was entitled to dismissal under the state's anti-SLAPP (strategic lawsuit against public participation) statute, because the post furthered discussion on issues of public interest. The court wrote that the review concerned the controversy surrounding mercury in dental fillings, and therefore was subject to the anti-SLAPP law. Yelp was probably also immune from liability under the federal Communications Decency Act, which says that sites are not legally responsible for defamation by users. But that law, unlike California's anti-SLAPP statute, does not provide for defendants to recover legal fees.

top

ABA Launches Website to Help Military Families (ABA Journal, 17 May 2011) - The American Bar Association recently launched a new Website for military service members and their families that aims to provide information about a variety of legal issues. ABA Home Front features an information center, a directory of programs and a military pro bono center. Henry M. Dewoskin, a Clayton, Mo., lawyer who chairs the military committee of the Family Law Section, says that he and other volunteers worked with ABA staff to ensure information on the site was written clearly and could be easily understood by people who are not lawyers. "I hope it can be used as a resource for the public, and I also hope it's one of the first pages that they go to," said Dewoskin, a judge advocate general officer who currently serves as a major in the U.S. Army Reserve. The portal also includes information about the Servicemembers Civil Relief Act, which provides legal protections for active-duty military and their families.

top

Finding State Court Dockets Online - or Not (Robert Ambrogi, 17 May 2011) - If an online docket service offers access to a docket that isn't online, is it really an online service? That is but one of the philosophical questions you may ask yourself after reading The Existential Exercise of Finding State Court Materials Online , a post by Rachael Samberg at Legal Research Plus. Samberg conducted a mini-survey of the online availability of state superior court filings, looking at both commercial services such as CourtLink and CourtExpress and at courts' own websites. With regard to the commercial sites, her findings are well summed up in this one sentence: "What isn't available through commercial services significantly constrains research, but what hinders research even further is the inability to determine what isn't available." Even when something is advertised as "available," that doesn't mean it is available online. In some cases, Samberg writes, "they are 'available' only in the sense that one can make a request online (and pay additional money) to have a runner pull them from the court." As for court websites, they are all over the board when it comes to docket access. There is no clear rhyme or reason to why some courts offer docket access and some don't. Of those that do, the quality of available dockets varies dramatically and "navigational problems can leave you lost at sea."

top

University Of Michigan Library Kicks Off Project To Identify All The Orphan Works In Its Collection (Techdirt, 17 May 2011) - For years, we've seen attempts to create "orphan works" legislation to deal with a much bigger problem caused by the Copyright Act of 1976. Prior to that, when copyright required registration formalities, it was relatively easy to determine if something was covered by copyright and who likely controlled that copyright. After the 1976 Act went into effect, suddenly you had all sorts of works that were probably covered by copyright, but it wasn't always clear who had the copyright, and thus there was no real way to contact them. Many people concerned about this -- including many in the Copyright Office, who usually come down on the side of always ratcheting copyright up, rather than finding exceptions -- started pushing for an orphan works law, that would let people make use of works if they really couldn't find the original owner. Tragically, the photographer community spread a ton of misinformation about the orphan works proposals and scuttled the whole thing. 

Of course, there is the flipside to the argument, which is that if we made such a huge mess thanks to the 1976 Act, perhaps we should look at rolling back that Act, or at least rolling back the "automatic copyright" provisions. But, of course, our copyright masters never see the point in admitting they might have gotten something wrong. So, the best interim issue is an orphan works law. Of course, to get that actually through, one of the big questions is how big of an impact do orphan works really have. Along those lines, the University of Michigan Library is kicking off a new project to identify all the orphan works it has in its collection , which sounds like it could take quite some time. However, it would be nice to see some data on just how many works today are technically under copyright, but whose copyright holder is unknown or can't be found. Having some actual data might help shift the debate forward, rather than trekking over the same myths yet again.

top

Employer Sues Former Employee For Checking Facebook and Personal E-Mail and "Excessive Internet Usage" at Work (Volokh Conspiracy, 17 May 2011) - The Ninth Circuit recently ruled that an employee "exceeds authorized access" to his employer's computer when he violates the employer's Internet use restrictions: Given that federal law criminalizes exceeding authorized access, see 18 U.S.C. 1030(a)(2)(C), that would mean that every employee who surfs the Internet, checks Facebook, or logs in to personal e-mail from work is guilty of a federal crime if the employer's workplace Internet use policy prohibits it. But surely no employee would ever be subject to a CFAA action for that kind of innocuous conduct, right? Wrong, in light of Lee v. PMSI, Inc., 2011 WL 1742028 (M.D.Fla. 2011), handed down May 6. After Wendi Lee sued her former employer PMSI, Inc. for pregnancy discrimination, PMSI Inc. filed a counterclaim against Lee arguing that she had violated the CFAA because she engaged in "excessive internet usage" at work and "visit[ed] personal websites such as Facebook and monitor[ed] and [sent] personal email through her Verizon web mail account." District Judge Merryday concluded that such conduct does not exceed authorized access to the employer's computer in violation of the CFAA.

top

YouTube Matches Congress Members For Debates On New Town Hall Platform (Mashable, 18 May 2011) - YouTube is matching up members of Congress for debates on hot issues in a new channel launching on Wednesday. The channel, dubbed YouTube Town Hall, is filled with debates surrounding the budget, economy, energy, Afghanistan, education and healthcare. Initially topics were chosen by popularity on Google News and Google web search over the past year, but YouTube plans to accept questions from viewers in the future. Each debate features two members of Congress who explain their points of view on the given topic in videos made especially for the Town Hall channel. Sides are not necessarily drawn along party lines, and viewers only find out what party each debater belongs to (unless they recognize him or her, of course) after they choose which person's perspective they support. Those votes will be tallied and displayed on a leader board to show who is "winning" the debate. YouTube first started encouraging Congress members' content in January 2009, with the launch of The Senate Hub and The House Hub. YouTube Head of News and Politics Steve Grove estimates that at that time, about half of the members of Congress had YouTube channels. Now, well over 90% have them, and several presidential candidates - including President Obama - have used YouTube to launch their campaigns.

top

What They Are Really Typing (InsideHigherEd, 18 May 2011) - For years, researchers have conducted studies in hopes of answering whether having laptops in class undermines student learning. In the avalanche of literature, one can find data pointing each way. A 2006 study of 83 undergraduate psychology students suggested that having laptops in class distracts both the students who use them and their classmates. Several law professors have written triumphal papers documenting their own experiments banning laptops, which one of them complained had transformed his students from thoughtful, selective note-takers into "court reporters" reduced to mindlessly transcribing his lectures. And yet other papers have argued that laptop bans are reductive exercises that ignore the possibility that some students - maybe even a majority - might in fact benefit from being able to use computers in class if only professors would provide a modicum of discipline and direction. Still, there is one notable consistency that spans the literature on laptops in class: most researchers obtained their data by surveying students and professors. The authors of two recent studies of laptops and classroom learning decided that relying on student and professor testimony would not do. They decided instead to spy on students. In one study , a St. John's University law professor hired research assistants to peek over students' shoulders from the back of the lecture hall. In the other , a pair of University of Vermont business professors used computer spyware to monitor their students' browsing activities during lectures. The average student in the Vermont study cycled through a whopping 65 new, active windows per lecture, nearly two-thirds of which were classified as "distractive." (One student averaged 174 new windows per lecture.) But only one type of distractive application appeared to have any effect on how well students ended up doing on assessments: instant messaging. Students who frequently checked e-mail and surfed non-course-related sites did not appear to sweat for their sins on homework, quizzes, tests, or the final exam. High rates of instant-messaging activity, however, showed significant correlations with poor performances on all but one test during the semester.

top

Decreased Value of Consumer Personal Information Resulting from Security Breach Confers Standing in Personal Injury Suit (Proskauer, May 2011) - A plaintiff whose personal data was contained in a social network service online database copied by a hacker sufficiently alleged an injury-in-fact to support Article III standing, on the theory that the value of his personal information was diminished as a result of the breach, a district court ruled. The plaintiff alleged that the security breach was enabled by the defendant's storage of user passwords in unencrypted, "plain text" form, and its failure to secure the database where the passwords were stored against well-known security vulnerabilities. The court acknowledged that the plaintiff's claim was novel, and questioned his ability to prove his damages theory, but declined to dismiss the action, citing "a paucity of controlling authority regarding the legal sufficiency of plaintiff's damages theory," and the unsettled state of the law generally regarding the unauthorized disclosure of personal information via the Internet. Despite having held that the plaintiff alleged sufficient facts to establish Article III standing, the court dismissed several of the plaintiff's substantive claims for failure to plead the particularized elements of injury, including those under the California unfair competition law and the California Penal Code. Claridge v. Rockyou Inc. (N.D. Cal. Apr. 11, 2011) Opinion

top

Laboratory for Legal Scholarship (InsideHigherEd, 19 May 2011) - n the world of legal scholarship, Ross E. Davies is a serial entrepreneur. The George Mason University law professor was one of the founders of The Green Bag, which sought to make short, topical legal writing both cool and tenure-able. Since its founding in 1997, the journal has spawned progeny serious ( collections of "in chamber" opinions by Supreme Court justices), lighthearted ( bobblehead dolls and trading cards of same), and controversial (its own law school rankings). Because The Green Bag has sought to extend the boundaries of what counts as legal scholarship, and succeeded by many measures, it and Davies have become flames to which similarly entrepreneurial and intellectually curious legal scholars are often drawn with their own ideas -- " The Green Bag should do this," Davies says he is often told by purveyors of such ideas. While many things would seem to fit within the original journal's iconoclastic approach (the most recent issue included articles on Rhode Island's rules of evidence and correspondence revealing one lawyer's attempt to help a sixth-grade class win the rights to stage Roald Dahl's Charlie and the Chocolate Factory ), some of the ideas are distinctive enough in their content or form that they would take The Green Bag too far afield from its own mission, Davies says. But rather than turn its back on potential innovators, The Green Bag hopes to use its hard-earned influence and (modest) resources to incubate them, through the creation of a new entity, The Journal of Law. The publication is less a traditional journal itself, really, than a little holding company designed to nurture a series of would-be journals. In the introduction to the journal's first issue, Davies compares the new enterprise to a business school incubator for legal intellectuals, offering "friendly, small-scale, in-kind support for promising, unconventional ideas for which (a) there might be a market, but (b) there is not yet backing among established, deep-pocketed powers-that-be." While there are many law reviews (more than 200, by this count ), on many different topics, there is relatively little variation among them in form; the legal academy, Davies notes in the introduction, is generally uncomfortable with what he calls "funny-looking scholarship" -- content that does not hew to the conventional law review article format of tens of thousands of words of theory or analysis (with scores of footnotes), written under the byline of an established law professor or practitioner. The first issue offers a taste of the ways in which The Journal of Law will differ from traditional legal publications, offering three journals, each in its own way representing a break from standard law journal fare in their own ways.

top

Ten Ways General Counsel Can Avoid the Cover of the Wall Street Journal (Sharon Nelson, 19 May 2011) - Thanks to Rich Hall of Bridgeway Software for providing this informative guest post: "Ask anyone following the eDiscovery space and chances are they have seen their share of world-class legal departments, as well as the haphazard, hoping to elude judicial rebuke. Let's face it; there is nothing worse than seeing General Counsel (GC) on the front page of the Wall Street Journal. What typically places a General Counsel on the cover of the WSJ is not the glory of a significant matter but more about how a matter, significant or insignificant, was handled. The real shame is evident when an insignificant matter is laced with mistakes and/or when negligence could have, and should, have been easily avoided. History has shown that the best way to avoid judicial sanctions - and your name appearing in the WSJ - is to have a defensible legal hold process. To avoid a matter meltdown, General Counsel should consider these top ten tips when implementing a defensible legal hold process: * * *." [Editor - these are useful, comprehensive (albeit occasionally aspirational) suggestions for an ESI process management approach.]

top

Best Legal Department 2011 Winner: Google (Law.com, 19 May 2011) - Spend time with the energetic crew at Google Inc., and the word "disrupt" comes up a lot. Google's businesses tend to do that to the traditional marketplace, and Googlers (as they call themselves) make no apologies. In fact, they use the word with pride-sounding like 1960s protesters determined to shake the Establishment. The company's lawyers often find themselves in the thick of it-before, during, and after "disruptions." And you might expect them to sound a little upset, since they have to deal with the sometimes messy consequences. But they, too, seem to relish rattling the barricades. If this sounds like the enthusiasm of youth (and they are young), they also seem intent on building their own kind of law department. Googlers aren't enamored of received wisdom. Like children of the sixties, they prefer to test all the old shibboleths. And even the new ones. Many of their cases are cutting-edge. "Bleeding-edge," an in-house lawyer amends. They test the limits of laws perpetually lagging behind new technology. Can advertisers use trademarked terms in Google ads? Can Google scan and make available copyrighted but out-of-print books? Is the company liable if results of its search engine direct users to counterfeit or pirated products? These are just a few of the questions that courts-and Google's lawyers-have been grappling with. It's an exciting time to be Google's general counsel, says Kent Walker. They win a lot of cases that define the boundaries of the law. The biggest was the summary judgment last June in which a judge ruled that Google's YouTube was not liable for the posting of Viacom Inc.'s video clips. "We lose some," Walker adds, "as we did today," referring to the decision by another judge rejecting the Book Search settlement Google had reached with the Authors Guild and the Association of American Publishers. The ruling leaves years of legal work in limbo. The company has only been around for a dozen years, so the lawyers aren't exactly encumbered by tradition. They're trying to craft approaches of their own, says Walker, sitting in a conference room near his office-er, make that desk. There are no offices. The renovation of their building that Walker ordered last year for the law department was part of an "open style" in hierarchy and architecture. "We don't have an open-door policy," he explains. "We have a no-door policy." And they reach decisions by consensus, abetted by a multitude of inviting spaces where lawyers are encouraged to congregate-including a library reading room with a virtual fireplace. "Sometimes there's an advantage to having a scrum," says Walker, "where a whole group of people come together on these issues." And it's also-are you ready for this?-fun. [Editor: this last point-about the scrum-resonates strongly with me; during my time leading Knowledge Management efforts at Schlumberger we were cognizant of the need to casual-setting enabled conversation - at several companies the "library" has evolved to serve this purpose as a primary objective.]

top

Should a Firm Keep Its 'Crown Jewels' in the Vault, or Share Them with Clients? (ABA Journal, 23 May 2011) - Paul Lippe writes: "I [recently] presented, along with an in-house lawyer from British Telecom and others, on why firms were sharing more and more knowledge in order to collaborate with clients. Among the obvious reasons were demonstrating experience, getting business, training their younger folks, delivering service more efficiently, and catalyzing the firm's own efforts to be organized. But one audience member inevitably asked the question: 'Why should we give our crown jewels to clients?' The questioner is someone I know to be a very sophisticated fellow, and I was pretty sure he asked the question mostly as a strawman because he hears it from partners in the firm. But perhaps it is worth recounting again why firms benefit from collaborating with clients: * * *." [Editor: worthwhile summary of now 15-year-old knowledge management concerns, and realities. It's happening anyway, so get ahead of the curve, or out of the way. More here .]

top

Court Rules that ECPA Does Not Preempt State Law (Steptoe, 26 May 2011) - The U.S. District Court for the Northern District of California has held in Valentine v. NebuAd that the California Invasion of Privacy Act and California Computer Crime Law are not preempted by the federal Electronic Communications Privacy Act (ECPA). The court therefore refused to dismiss claims under those state statutes against NebuAd based on the company's tracking of Internet users' online activity in order to deliver targeted advertisements. The preemption issue is important to Internet service providers and other companies because many states' laws are more restrictive than ECPA when it comes to monitoring Internet activity and electronic communications. Most courts (with at least one exception) have held that ECPA does not preempt more restrictive state laws, meaning that providers who want to monitor Internet activity and communications have to comply not only with ECPA, but also 50 differing and often vague state laws that govern wiretapping and access to stored communications data.

top

Online Insurance Application Constitutes "Writing" for Purposes of Waiving Insurance Coverage for Medical Benefits--Barwick v. GEICO (Eric Goldman, 26 May 2011) - Although 47 states, the District of Columbia, Puerto Rico and the Virgin Islands have adopted the Uniform Electronic Transaction Act (UETA), we have had very few cases discussing or interpreting UETA. Here, we have a case where the court is asked whether a waiver in an online insurance application is a "writing" for purposes of a state insurance law that requires coverage waivers to be in writing. The facts are fairly simple. In 2009, a woman (who subsequently married the plaintiff) purchased automobile insurance coverage online at GEICO's website. In the online application, the woman rejected coverage for medical benefits as permitted under Arkansas law. The online form bore the woman's electronic signature. In a discovery deposition, the woman also acknowledged that she completed the form on the website, that she did not select the coverage for medical benefits, and that she signed the application electronically. The lower state court granted summary judgment to GEICO and dismissed the husband's claim for medical benefits. On appeal, the husband argued that the electronic application containing his wife's electronic signature did not meet the requirement that a rejection of coverage be "in writing" under the terms of Arkansas Code Annotated Section 23-89-203 (Repl. 2004). The husband argued that because a general statute does not apply when a specific one governs the subject matter, the insurance statute requirement that the waiver of coverage be "in writing", takes precedence over the more general provisions in the UETA. He also argued that pressing a computer button did not constitute a "writing" for purposes of waiving coverage. The Arkansas Supreme Court reviewed the history of UETA and noted that Arkansas had adopted UETA in 2001 to facilitate electronic transactions. The court found that the online application was an "electronic record" under UETA. The Court also found that there was no conflict between the insurance statute and UETA, and that the two provisions can be read "harmoniously" to mean that an electronic record can fulfill the requirement of written rejection for coverage. As a result, the Arkansas Supreme Court affirmed the lower court's grant of summary judgment to GEICO. The court's analysis is straightforward and correct. One would think that the legal issue is obvious, but there have been very few cases interpreting UETA to date (perhaps because the statute is so simple?). UETA was drafted so that the state legislators did not have to amend the numerous statutory requirements for "writings" in each statute. Instead, UETA provides a global approach that a record or signature may not be denied legal effect or enforceability solely because it is in electronic form, and a contract may not be denied legal effect or enforceability solely because an electronic record was used in its formation. But it's nice to now have a case to point to when a client questions the validity of online agreements. * * * Unlike the court in Colorado last year , the Arkansas Supreme court correctly determined that EUTA, and not the federal Electronics Signatures In Global and National Commerce Act (commonly known as "E-Sign"), applies to this case. [Editor: related Volokh Conspiracy story about Presidential "signatures" on legislation: What Does "Sign" Mean? (27 May 2011)]

top

NOTED PODCASTS

Social Media Strategic Planning (MIRLN podcast, 18 May 2011, 16 minutes) - Discussion of how to manage strategic design processes for social media implementation, with a focus on bar associations (but with lessons-learned from other kinds of enterprises), and how social media can implicate "knowledge management" processes.

top

- and -

Social Media Strategies for Bar Assns (KnowConnect slidecast, 11 May 2011, 80 minutes); at the ABA's Business Bar Leaders Conference, by Vince Polley, Elizabeth Derrico (ABA), and Catherine Sanders Reach (ABA). "The ABA has been a pioneer in the use of all forms of Social Media as an effective tool and resource for and by bar associations. We have assembled a panel of the leading experts on this subject who have guided the ABA in this area and have been instrumental in sharing the ABA's experience and success in using social media with leaders of state and local bar associations."

top

John Tehranian - Hearsay Culture Show (Stanford's Center for Internet & Society, 15 March 2011) - Interview with Prof. John Tehranian of Chapman University School of Law, author of Infringement Nation; contains some interesting ideas about fair use; Prof. Tehranian is an exceptionally clear speaker.

top

Brookings ECPA Event (Lawfare, 17 May 2011) - I [Benjamin Wittes] was delighted to host an excellent panel event today at Brookings on the future of the Electronic Communications Privacy Act. For ECPA nerds, the video below is well-worth watching, as it contains a very good discussion of the major issues in contention right now-specifically, cloud-stored communications content data and location data from cell phones. For ECPA neophytes who are interested in digital privacy issues, the video is also worth watching, in part because Orin Kerr's opening lecture is probably the best primer on the subject that you will ever seen or read and in part because the panel debate is very illuminating. The event opens with Orin's talk. The panel, which immediately follows the talk, includes Valerie Caproni, general counsel of the FBI, James Dempsey of the Center for Democracy and Technology, James Baker of the Justice Department, and Albert Gidari of Perkins Coie.

top

RESOURCES

Law Enforcement Use of Global Positioning (GPS) Devices to Monitor Motor Vehicles: Fourth Amendment Considerations (Congressional Research Service, 28 Feb 2011) - Summary: As technology continues to advance, what was once thought novel, even a luxury, quickly becomes commonplace, even a necessity. Global Positioning System (GPS) technology is one such example. Generally, GPS is a satellite-based technology that discloses the location of a given object. This technology is used in automobiles and cell phones to provide individual drivers with directional assistance. Just as individuals are finding increasing applications for GPS technology, state and federal governments are as well. State and federal law enforcement use various forms of GPS technology to obtain evidence in criminal investigations. For example, federal prosecutors have used information from cellular phone service providers that allows real-time tracking of the locations of customers' cellular phones. Title III of the Omnibus Crime Control and Safe Streets Act of 1958 (P.L. 90-351) regulates the interception of wire, oral, and electronic communications. As such, it does not regulate the use of GPS technology affixed to vehicles and is beyond the scope of this report. The increased reliance on GPS technology raises important societal and legal considerations. Some contend that law enforcement's use of such technology to track motor vehicles' movements provides for a safer society. Conversely, others have voiced concerns that GPS technology could be used to reveal information inherently private. Defendants on both the state and federal levels are raising Fourth Amendment constitutional challenges, asking the courts to require law enforcement to first obtain a warrant before using GPS technology. Subject to a few exceptions, the Fourth Amendment of the U.S. Constitution requires law enforcement to obtain a warrant before conducting a search or making a seizure. Courts continue to grapple with the specific issue of whether law enforcement's use of GPS technology constitutes a search or seizure, as well as the broader question of how the Constitution should address advancing technology in general. The Supreme Court has not directly addressed the issue of whether law enforcement's use of GPS technology in connection with motor vehicles falls within the Fourth Amendment's purview. Lower federal courts have relied on Supreme Court precedent to arrive at arguably varying conclusions. For example, several district and circuit courts of appeals have concluded that law enforcement's current use of GPS technology does not constitute a search, and is thus permissible, under the Constitution. To date, while the U.S. Supreme Court has not provprovided a definitive answer regarding law enforcement's use of GPS technology, state legislatures and courts have approached the issue in various ways. Some states have enacted laws requiring law enforcement to obtain a warrant before using GPS technology. Some state courts have resolved the question under their own constitutions. Although they have reached somewhat differing conclusions, other state courts have relied on Supreme Court precedent, such as United States v. Knotts, 460 U.S. 276 (1983), to derive an answer. This report discusses the basics of GPS technology, society's reliance on it, and some of the related legal and privacy implications. In addition, the report examines legislative and judicial responses on both federal and state levels.

top

LOOKING BACK

EARTHLINK REJECTS FBI'S REQUEST TO INSTALL CARNIVORE (SiliconValley.com, 18 September 2001) -- Less than 24 hours after last week's terrorist attacks on New York and Washington, FBI agents visited executives in EarthLink's Atlanta headquarters. The agents, subpoenas in hand, wanted EarthLink personnel to install the FBI's controversial tracking software -- called Carnivore -- on the networks the company uses to connect customers to the Internet. The agents were looking for electronic clues, trying to retrace suspected terrorists' steps in cyberspace. EarthLink, which last year battled the FBI in court to keep the "sniffing" software off its systems, said no. Instead, the Atlanta-based Internet service provider used its own technology to pull records the FBI wanted. http://www.siliconvalley.com/docs/news/tech/078338.htm

top

OHIO PANEL ANALYZES COMMERCIAL WEB SITES THAT LINK LAWYERS WITH PROSPECTIVE CLIENTS (BNA, 9 May 2001) -- Ohio lawyers may not participate in a commercial law-related Web site that provides them with clients if the arrangement entails prohibited payment for referrals or if the business is engaged in the unauthorized practice of law, the Ohio Supreme Court's ethics panel advised April 6 (Ohio Supreme Court Board of Commissioners on Grievances and Discipline, Op. 2001-2, 4/6/01). Exhorting lawyers to be "extremely cautious," the board listed several features that it identified as distinguishing permissible payments for legal advertising from impermissible rewards for referrals. It also urged lawyers to be alert to unauthorized practice whenever a law-related Web site offers services that go beyond providing legal forms to users. http://ipcenter.bna.com/ipcenter/1,1103,1_883,00.html

top

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)