MIRLN --- 1-21 September 2013 (v16.13) --- by Vince Polley and KnowConnect PLLC (supplemented by related Tweets: @vpolley #mirln)
NEWS | LOOKING BACK | NOTES
- A win for opinion: Sixth Circuit tackles website top-ten lists
- At Library of Congress, changes are afoot in technology as well as in physical space
- UK Banks' resilience to cyber crime to be tested by government
- Yelp gets another anti-SLAPP victory in lawsuit over consumer review
- Paper book owners can soon pick up e-book versions at heavy discount
- U. of Wisconsin-Madison lets students pick names
- NSA foils much encryption
- The NSA is sharing data with Israel. Before filtering out Americans' information.
- NSA spying jumps the shark in new YouTube video
- What happens in social media stays in social media
- Did you murder someone? Don't tell your lawyer over email
- Yelp sues law firm for posting fake reviews
- Should GCs be on the board? GCs say yes
- 10 yrs later, DHS still plagued with cybersecurity, critical infrastructure problems
- Court rejects Google appeal in Street View lawsuit
- Fifth Circuit finds economic loss doctrine doesn't bar breach suit
- Cybersecurity: 36 questions every director should ask
- Can your iPhone thumbprint be used against you?
- Dropbox takes a peek at files
- Enterprises find some valuable (and kinda awesome) uses for employees' smartphones
- BYOD: bring your own (legal) difficulties
- DC lawyer pursues suit to unmask authors who changed her Wikipedia page
- Finding lawyers on Twitter: two directories fall out of date but a third is very cool
- Risk monitoring a key component of social media strategies
- Court gives a victory to Pandora over licensing streaming music
A win for opinion: Sixth Circuit tackles website top-ten lists (Harvard's Digital Media Law Project, 29 Aug 2013) - As our friends at the Harvard Law School Cyberlaw Clinic have reported , on Wednesday, the U.S. Court of Appeals for the Sixth Circuit issued a decision that placing a particular hotel at the top of an online list of the "Dirtiest Hotels in America" was protected under the First Amendment and Article I, Section 19 of the of Tennessee Constitution as a statement of opinion. The Sixth Circuit's decision is a triumph for consumer ratings websites and their ability to build upon the data submitted by their users. However, the Court's articulation of the doctrine of opinion arguably underestimates the potential value of that same information. The case, Seaton v. TripAdvisor LLC , arose after online travel website TripAdvisor published its "2011 Dirtiest Hotels" list based upon hotel cleanliness ratings provided by the site's users. #1 on the list was the Grand Resort Hotel and Convention Center in Pigeon Forge, Tennessee, owned by plaintiff Kenneth Seaton. Seaton sued, claiming that TripAdvisor's rankings were false because they did not accurately reflect the underlying user data. TripAdvisor in turn argued that the list constituted a statement of opinion that could not be proven true or false, because the rankings on the list and the concept of the "dirtiest" hotel were inherently subjective. A federal district court in Tennessee dismissed Seaton's claims, and Seaton appealed. Effectively, Seaton was challenging the methodology by which TripAdvisor reached its conclusions based on data collected from its users. And while TripAdvisor's top-ten list was a more fanciful form of research than that undertaken in scholarly circles (well, mostly ), TripAdvisor's analysis of crowdsourced data to reach systemic conclusions echoes important techniques for academic research and data journalism . Allowing debates over methodology to devolve into defamation claims could substantially chill the advancement of research on important but sensitive issues. In fact, the law provides substantial protection for the publication of conclusions based upon gathered data, under the doctrine of opinion.
At Library of Congress, changes are afoot in technology as well as in physical space (Washington Post, 29 August 2013) - The Library of Congress no longer needs the computer room that visitors once used to search its electronic card catalogue. These days the entire library has a wireless Internet connection, so workers this summer put a collection of old microfilm machines in that room instead. Meanwhile, the library's old-school physical catalogues, the kind filled with carefully penned index cards, have long since been relegated to cool basement hallways where schoolchildren marvel at their obscurity. "I told them, 'Before Google, this is what we used to do,' " said Fenella France, the library's chief of preservation research. "They had never seen [card catalogues] before. Then I was teaching children another day, and I said, 'Let's go clockwise,' and they just looked at me. I said, 'Oh, no. Didn't you learn analog?'" As libraries adapt to an increasingly networked and digital world, leading institutions are rethinking their use of physical spaces as well. At the Library of Congress, that means consolidating multiple reading rooms and making the experience of in-person researching more like the kind of one-stop shop we've come to expect online, a controversial plan that's still being debated. At the same time, planners are trying to make online presentations feel more intuitive by designing collections of photos and navigation tools on the library's Web site so that they operate like Facebook, Amazon.com and other popular sites. Digital and physical changes play off one another. For the first time in 40 years, a small team is also reinventing the way the library catalogues resources, developing a system that's designed to become the new global standard. Elsewhere in the library, staffers are creating the institution's first holistic online strategy of the Internet age and restructuring its stable of Web sites.
UK Banks' resilience to cyber crime to be tested by government (The Telegraph, 31 August 2013) - A joint team at the Treasury and the Bank of England is currently benchmarking lenders on the basis of the ability of their IT systems to defend themselves against concerted attempts to steal customer information or funds. They are also looking at "denial of service" attacks. Treasury sources said the so-called "cyber stress tests" were becoming as important as the more high-profile capital strength exercises regularly conducted by regulators, with banks considered to have weak defences being ordered to strengthen their security. The current benchmarking is being compiled from information gathered during an industry-wide cyber attack exercise conducted last year. A follow-up drill is planned for later this year. Andrew Haldane, director of financial stability at the Bank of England, warned in June that cyber attacks were now a greater risk to the banking system than the eurozone debt crisis. Mr Haldane told MPs that he had recently met five of Britain's biggest banks and that four had said that cyber attacks were had become the greatest threat to their businesses. He added that the fifth bank had recently upgraded cyber attacks as one of its key risks.
Yelp gets another anti-SLAPP victory in lawsuit over consumer review (Eric Goldman, 2 Sept 2013) - The plaintiff, who is also a lawyer (and surely you recall how I feel about lawyer-plaintiffs), has repeatedly written about this case online focusing on different facts, but I'm only going to address what the court says. The court says Bernath sued Yelp for a review written by a user, Tabitha J. In a very brief opinion, the court says Yelp is protected by Oregon's anti-SLAPP law because (1) the review concerns a matter of public interest, and (2) Bernath can't win against Yelp due to 47 USC 230. This should mean that Bernath will have to write a check to Yelp for its legal defense.
Yelp has won anti-SLAPP rulings before (see, e.g., Demetriades v. Yelp ), so this case doesn't really break any new ground. Still, the case offers another data point of how 47 USC 230 and anti-SLAPP laws mutually reinforce each other in the efforts to curb unmeritorious lawsuits over third party content. Bernath v. Tabitha J. , 1305-06167 (Ore. Cir. Ct. Aug. 26, 2013)
Paper book owners can soon pick up e-book versions at heavy discount (ArsTechnica, 3 Sept 2013) - Amazon announced a new program Tuesday that will allow owners of physical books to buy their Kindle counterparts at significantly discounted rates. The system, called Kindle Matchbook, lets users pick up the e-book version for $2.99 or less. The only snag is that the book must have been bought from Amazon. The publisher must choose to "enroll" a book in the program; once it's there, it will cost paper book owners $2.99, $1.99, $0.99, or will be free, depending on the publisher's whim. If the publisher isn't on board, you'll still have to pay full price for the e-book counterpart. Per the press release, the paper book order must be present in the buyer's Amazon purchase history in order for the book to be eligible for the Matchbook program. The launch date for Matchbook will be sometime in October.
U. of Wisconsin-Madison lets students pick names (InsideHigherEd, 4 Sept 2013) - The University of Wisconsin at Madison is this year for the first time letting all students pick the first and middle names they wish to appear on most university records, such as directories, The Wisconsin State Journal reported. Students will have the option of blocking their legal name from appearing in registration lists and other places. The policy is designed to make the university more inclusive, letting students who prefer not to use names for any number of reasons avoid them, officials said. (Legal names will still be used on transcripts, payroll records and for financial aid.) The LGBT Campus Center encouraged the development of the new policy. Some transgender students prefer not to use their legal names, which may be associated with a gender that doesn't reflect their identity.
NSA foils much encryption (NYT, 5 Sept 2013) - The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents. The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show. [ Polley: this is big news, and hints at much, much more. E.g., " Vast amounts of encrypted data which have up till now been discarded are now exploitable " and " [The NSA] covertly introduced weaknesses into the encryption standards followed by hardware and software developers around the world ".]
- and -
The NSA is sharing data with Israel. Before filtering out Americans' information. (Washington Post, 11 Sept 2013) - In the months since Edward Snowden's classified document leaks, the Obama administration has repeatedly assured Americans that the National Security Agency does not intentionally collect information about U.S. citizens. The government has also said that when data are collected "inadvertently," because an American is in contact with a foreign target, the data are protected by strict "minimization procedures" that prevent the information from being misused. New documents from Snowden reported by the Guardian on Wednesday appear to contradict those claims. They reveal that the NSA has been sharing raw intelligence information with the Israeli government without first filtering it for data on the communications of American citizens. Israel receives data that "includes, but is not limited to, unevaluated and unminimized transcripts, gists, facsimiles, telex, voice and Digital Network Intelligence metadata and content." * * * What's also noteworthy is that the memo allows Israeli intelligence to retain data they identify as belonging to Americans for up to a year. The United States merely requests that they consult the NSA's special liaison adviser at the time they discover such data. But "any data that is either to or from an official of the US government " is supposed to be destroyed as soon as it is recognized.
- and -
NSA spying jumps the shark in new YouTube video (GigaOM, 20 Sept 2013) - Revelations about America's spy programs, in which the NSA vacuums up troves of phone and social media data, have led to outrage, despair or simply fatigue. But now someone has introduced a bit of fun into the parade of grim news about security hacks and secret courts . The Shorts Show Productions ("Brooklyn's Worst Sketch Comedy") has put out an NSA-themed video set to the tune of summer hit "Blurred Lines." It features a President Obama character urging everyone to log-on and an NSA agent crooning reassurance about "Murica, we're the good guys!" Oh, and some prancing terrorists and an Edward Snowden cameo. Video here . [ Polley : very funny. Also note that "Blurred Lines" also can be read as "Blur Red Lines".]
What happens in social media stays in social media (Steptoe, 5 Sept 2013) - Nevada has joined the club of states that bar employers from requiring or requesting that current or prospective employees provide access to their personal social media accounts. Twelve other states (Arkansas, California, Colorado, Delaware, Illinois, Maryland, Michigan, New Mexico, Oregon, Utah, Washington, and, most recently, New Jersey) have placed similar restrictions on employers. Comparable legislation is pending in at least 35 other states. Importantly, Nevada's A.B. 181 does not affect an employer's right to comply with "any rule of a self-regulatory organization." Securities firms affected by rules promulgated by the Financial Industry Regulatory Authority (FINRA) have sought exemptions from social media laws to ensure that they can comply with FINRA'S rules, which may affect social media accounts. The Nevada law takes effect on October 1, 2013.
Did you murder someone? Don't tell your lawyer over email (The Verge, 6 Sept 2013) - When the Snowden leaks first revealed the depths of the NSA's spying capabilities, most eyes were on Gmail and Outlook.com. But for lawyers, there was a bigger worry: Dropbox. The profession has embraced the tool wholeheartedly as a way to share confidential documents among teams, but when documents showed Dropbox as an upcoming PRISM partner, the privacy reckoning was immediate. As one lawyer wrote, "With an unfettered pipe to all of the major data houses, lawyers have to question how safe their client data is." Dropbox has repeatedly denied that it participates in backend data-sharing, but not everyone is convinced - and the problem is only getting bigger as the tools of the modern office move online. Confidential communications between lawyers and clients is a crucial feature of American law, but attorney-client privilege could be waived if the information is shared with a third party. The biggest example is Gmail, which has already put forth its data-mining in court as a form of third-party sharing . Usually if you share an email with someone who isn't your client, it's enough to waive attorney-client privilege - so why do email-scanning services like Gmail get a pass? Gmail is officially off-limits for confidential medical information , since doctors can't sign individual contracts with Google as required by the HIPAA privacy law. The usual answer for lawyers, laid out in a 2008 ethics opinion by the New York State Bar Association, is that providers are "agents" of the email owner, akin to a paralegal working in a lawyers office. (A lawyer can use a human translator for private testimony, for instance, as long as there's a reasonable effort to ensure the translator maintains confidentiality.) But as UNC law professor Anne Klinefelter points out, Google has changed their privacy policy seven times since then, and it's unclear whether the opinion still holds. The norms are changing fast, and it's dangerous to assume they're always in line with a lawyer's ethical obligations. "Bar associations are really struggling with, what is reasonable?" Klinefelter says. "Should lawyers have to use Tor?" Providers are trying to fight back against that scenario, but they can only do so much. Box.com recently unveiled a doctor-targeted storage service with certifications to prove it's compliant with HIPAA and doctor-patient confidentiality, and the company has made similar moves to protect legal and corporate confidences. But there's one necessary hole, and it's the same one that makes PRISM possible. If services get a subpoena or a FISA warrant, they're bound by law to comply - and after the leaks, we know those warrants are far from rare. Even if the result isn't admissible in court, it could be leaked to a different agency, and if a client is likely to be the target of a federal investigation, protecting them means keeping the documents safe. As a result, lawyers, doctors, and other professionals who rely on confidentiality are left to balance privacy with convenience, with their professional ethics at stake. Right now, the default is to pretend for legal purposes that cloud tools provide better privacy than they really do, writing off Gmail's data scanners and the NSA's backdoors as minor details. But bar associations seem to be embracing that default without the attention or expertise necessary to really engage with the ever-changing limitations of the cloud. "We need something that's not a one-off, that's an ongoing best practices source that everyone can look to," Klinefelter says. "These things are a moving target, and you have to revisit them all the time."
Yelp sues law firm for posting fake reviews (TechDirt, 9 Sept 2013) - Fake reviews online are something many people have just come to expect. Just recently we discussed an example of where it was obvious there were a ton of fake reviews on Amazon.com. Many sites that include user reviews work pretty hard to scrub the obviously fake ones, but it appears Yelp has taken that to a new level, deciding to sue a law firm for posting fake reviews . It should be noted that this same law firm, McMillan Group, previously had sued Yelp, claiming that it had been "coerced" into buying ads to get favorable reviews, so you could argue that there's a reason this particular firm was targeted. But, either way, it raises some fairly interesting legal questions. Specifically, Yelp is arguing that when McMillan employees created fake accounts in order to post bogus positive reviews for their own firm, they violated the terms of service of the site. Thankfully, (unlike Craigslist ), Yelp doesn't try to argue that violating the TOS is a CFAA violation. Instead, the lawsuit focuses on some specific charges including breach of contract, intentional interference with contractual relations, unfair competition and false advertising. The filing details, rather comprehensively, how over a period of a few months, it appears that employees at the firm created accounts and immediately posted positive reviews of the firm, sometimes claiming things that are unlikely to be true.
Should GCs be on the board? GCs say yes (Corporate Counsel, 10 Sept 2013) - Most general counsel believe that having a lawyer sit on a company's board of directors improves corporate governance and encourages less corporate risk-taking, according to a new study. "The General Counsel Excellence Report 2013" [PDF] , released Monday, also found that one in five general counsel surveyed aspired to sit on the boards of companies, either their own or others'. Of those responding, only nine percent actually sit on their company's board. The survey found the GC's leadership role often increases during emergencies. If a crisis occurred, the general counsel was in charge in 16 percent of companies polled, while the CEO was in charge in 52 percent. However, the general counsel was very involved (37 percent) or involved (53 percent) in helping with crisis management planning. Some 60 percent said the GC works with the company's communications department all the time. But on "strategic" communications, such as during a crisis, that number jumps to 83 percent.
10 yrs later, DHS still plagued with cybersecurity, critical infrastructure problems (ComputerWorld, 11 Sept 2013) - Today marks 12 years after the 9/11 terrorist attacks; it's been a decade since 22 government agencies were combined into the Department of Homeland Security in response to those attacks. "DHS has spent more than $35 billion on homeland security grants, but cannot measure whether we are safer from terrorist attacks," according to Republican Senator Tom Coburn. This morning, the U.S. Senate Homeland Security and Governmental Affairs Committee held a hearing about "The Department of Homeland Security at 10 Years: Examining Challenges and Achievements and Addressing Emerging Threats." Ultimately, this is the agency responsible for our critical infrastructure that is often critically vulnerable to cyber attacks. Although many DHS areas were discussed during the senate panel, I thought you might be interested in tidibts from four testimonies about DHS and cybersecurity.
Court rejects Google appeal in Street View lawsuit (Computerworld, 11 Sept 2013) - A U.S. appeals court upheld a district court decision that Google's collection of data from unencrypted Wi-Fi networks under its Street View program is not exempt from federal wiretap laws. Google's data collection does not qualify for the exemption [because] data transmitted over a Wi-Fi network is not an electronic communication that is readily accessible to the general public, the U.S. Court of Appeals for the Ninth Circuit ruled Tuesday, giving a go-ahead to a privacy lawsuit against Google. Wi-Fi transmissions are not readily accessible to the general public because most of the general public lacks the expertise to intercept and decode payload data transmitted over a Wi-Fi network, Judge Jay S. Bybee wrote in the opinion. "Even if it is commonplace for members of the general public to connect to a neighbor's unencrypted Wi-Fi network, members of the general public do not typically mistakenly intercept, store, and decode data transmitted by other devices on the network." [ Polley : seems wrong to me; just because most members of the general public don't have short-wave radios doesn't mean that people to listen to them are breaking US law. See also Google's WiFi sniffing might break wiretap law, appeals court rules (Wired, 10 Sept 2013) - * * * Ironically, the Federal Communications Commission last year cleared Google of wrongdoing in connection to it secretly intercepting Americans' data on unencrypted Wi-Fi routers. The commission concluded that no wiretapping laws were violated when the search giant's Street View mapping cars eavesdropped on open Wi-Fi networks across America. The FCC said that, between 2008 and 2010, "Google's Street View cars collected names, addresses, telephone numbers, URL's, passwords, e-mail, text messages, medical records, video and audio files, and other information from internet users in the United States."]
Fifth Circuit finds economic loss doctrine doesn't bar breach suit (Steptoe, 12 Sept 2013) - The U.S. Court of Appeals for the Fifth Circuit has held, in Lone Star National Bank, N.A., et al., v. Heartland Payment Systems Inc., that banks that suffered economic losses as a result of a data breach may bring a negligence claim, at least under New Jersey's tort law. In many states, the economic loss doctrine usually precludes negligence claims where the only loss alleged is economic rather than some personal injury or harm to property, absent some "special relationship" between the parties. Accordingly, many courts dealing with data breach cases have held that this doctrine bars plaintiffs' negligence claims. The Fifth Circuit found that New Jersey's version of the economic loss doctrine, at least, allows negligence cases even where the losses are purely economic, as long as one or more factors are present. This decision is especially significant for financial institutions that want to recover costs inflicted by data breaches of third-party processors with which the financial institutions have no contractual relationships.
Cybersecurity: 36 questions every director should ask (Sheppard Mullin, 12 Sept 2013) - Cyber security, data loss, hacking and schemes to steal personal information and assets electronically are all over the news daily. Companies are the primary targets of these actions since they accumulate information, store it and use it for their internal efforts, for their clients and in interacting with the world outside. In an effort to prevent problems before they arise, and to be in the best possible posture should their company become a victim of these damaging events, below is a list of questions that general counsel, senior management and corporate directors should be asking of themselves and their companies * * *
Can your iPhone thumbprint be used against you? (12 Sept 2013) - Unlocking your iPhone with a fingerprint is convenient. But it could backfire if you end up in trouble with the law, warn some privacy experts. Courts have given mixed messages about whether Americans are protected from being forced to divulge passwords or decrypt information for law enforcement officials. Civil liberties advocates argue defendants shouldn't have to unlock their own computers for the cops. The logic: Under the Fifth Amendment, Police can't force you to self-incriminate by testifying, or divulging something in your mind. It's unclear if that same protection applies if the password is your fingerprint. "A fingerprint is entitled to less constitutional protection than a password known in your mind," said Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation in San Francisco. "If police arrest you and ask you for a password, you could refuse and they'd be hard pressed to force you to divulge the password." Of course, police already collect fingerprints after booking a suspect. And the Supreme Court has also held that police don't need a search warrant to collect fingerprints. It isn't hard to imagine police also forcing a suspect to put his thumb on his iPhone to take a look inside, said Brian Hayden Pascal, a research fellow at the University of California Hastings Law School's Institute for Innovation Law.
Dropbox takes a peek at files (InfoWorld, 13 Sept 2013) - Dropbox takes a peek at some kinds of uploaded files. That's normal, the Web storage service says. The disclosure comes after a test of the service found that several ".doc" files were opened after being uploaded to Dropbox. Dropbox's behavior was detected using HoneyDocs, a new Web-based service that creates a log showing when and where a document was opened, according to a blog post at WNC InfoSec. The experiment involved uploading to Dropbox ".zip" HoneyDocs folders with embedded ".doc" files. HoneyDocs lets users set up a "sting," or a notification that is sent by SMS or email when a file has been viewed. Where the file has been viewed from is plotted on a map. The callback, or as HoneyDocs calls it a "buzz," is an HTTP Get request with a unique identifiers assigned to a sting. The data on when and where the file has been opened is sent over SSL port 443, according to HoneyDocs. WNC InfoSec wrote the first buzz came back within 10 minutes after a file was uploaded with the IP address of an Amazon EC2 instance in Seattle. Dropbox uses Amazon's cloud infrastructure. Of the submitted files, only ".doc" files had been opened, WNC Infosec wrote. HoneyDocs also pulled information on the type of application which accessed the document, which in this case was the open-source productivity suite LibreOffice. Despite the strange behavior, the explanation is straightforward. What WNC InfoSec picked up on using HoneyDocs is automated backend processing that Dropbox does on certain kinds of files. Dropbox allows users to see previews of some kinds of documents, included ".doc" ones, but it must build a preview of those documents, according to a Dropbox spokeswoman. To do that, the document must be opened. According to Dropbox's website, users can open Word, PowerPoint, PDF and text files from directly within their browser, which saves them from needing certain software programs installed on their computer. Still, the behavior may make some people nervous. Security experts generally recommend that for stronger privacy, users should encrypt documents before transmitting those files to Web-based storage providers.
Enterprises find some valuable (and kinda awesome) uses for employees' smartphones (GigaOM, 15 Sept 2013) - Most business uses of BYOD are really really boring. Employees demanded - and companies embraced - Bring Your Own Device policies because workers wanted to use their iPhones instead of a company BlackBerry. But it turns out employees do the exact same work functions on their own devices that they used to do on their BlackBerrys: email, calendar and contacts. Only now are enterprises realizing some of the incredible ways they can benefit from the smartphones in their workers' pockets. Why the lag in innovation? A couple of reasons. First, BYOD happened very quickly. The concept was rarely discussed before 2011. But, by the end of this year, 83 percent of companies will have a formal policy allowing BYOD. Second, enterprises have struggled to find talented in-house mobile dev teams, slowing down the actual app development process. Third, the ROI case was harder to make for internal tools - how much value is a corporation going to get by developing or buying an app for 500 employees? But that attitude is changing, primarily because enterprises are beginning to identify valuable new ways to benefit from employees' iPhones and Android handsets. The following cases are illustrative:
- Standard Bank of South Africa use workers' smartphones to open bank accounts in remote areas for people who previously had no access to a bank branch to open an account.
- Mitsubishi Electric has a really impressive augmented reality app for its repair contractors, which provides step-by-step maintenance instructions , saving time and reducing likelihood of error.
- Restaurant chain Tony Roma now slaps QR codes all around its kitchens as part of its employee training programs . The codes link to how-to videos for employees' smartphones, walking them through company procedures for particular pieces of equipment.
- and -
BYOD: bring your own (legal) difficulties (Corporate Counsel, 20 Sept 2013) - Accessing company data via a mobile device like a smartphone or tablet has become the norm for employees around the globe. However, "bring your own device " (BYOD) policies pose numerous legal pitfalls, according to "Avoiding BYOD Legal Issues," a new whitepaper released by Route1, a digital security and identity management solutions company. The report focuses on the perils of combining personal and enterprise data on employee devices-though convenient and possibly cost-effective, it's a practice that can be a major problem because most device software has trouble telling the difference between personal and professional information. The complications over BYOD are exacerbated, according to Route1, by a lack of clear legal standards and regulations around the practice, and by the possibility that accessing an employee's data might expose information about genetic, health, or disability information, which is protected by federal law. Michael McGuire, shareholder and chief information security officer at labor and employment firm Littler Mendelson , which has authored its own report on BYOD [PDF] , told CorpCounsel.com that there is a lack of case law in the BYOD area, but there have been plenty of complaints by employees over privacy and employer access. McGuire noted that not all companies have sufficient policy in place to cover BYOD issues-a conclusion supported by Corporate Counsel 's "2013 In-House Tech Survey "-and those that do should focus on training their IT departments on what do to do in the event of a data wipe or when an employee leaves the organization.
DC lawyer pursues suit to unmask authors who changed her Wikipedia page (ABA Journal, 16 Sept 2013) - A Washington, D.C., lawyer is pursuing a defamation lawsuit that seeks to unmask two anonymous writers who edited her Wikipedia page. Lawyer Susan Burke claims the Wikipedia editors wrongly linked her civil suit against Blackwater Inc. with a judge's decision to dismiss a prosecution against the company's security guards, the National Law Journal (sub. req.) reports. The two editors are identified only as Zujua and CapBasics359. Zujua fought Burke's Wikipedia subpoena and is appealing a lower court's refusal to quash. The District of Columbia Court of Appeals has postponed a Sept. 19 hearing to get additional briefing from the parties, according to The BLT: The Blog of Legal Times. Zujua argues the appeal is allowed under Washington's law barring strategic lawsuits against public participation. Additional briefing will be on the merits of the judge's refusal to quash the subpoena. The identity of CapBasics359 is still unknown, although Burke's lawyers know he logged in at a Starbucks in California, the NLJ says. Zujua is represented by Christopher Hajec of The Center for Individual Rights. "We view this as having the effect of chilling the free speech rights of other Wikipedia editors who will hesitate to edit on matters of public concern for fear of being sued if they make a mistake," he told the NLJ.
Finding lawyers on Twitter: two directories fall out of date but a third is very cool (Robert Ambrogi, 18 Sept 2013) - * * * [ Polley : skipping intro about the out-of-date ones] * * * Meanwhile, a different type of directory for finding lawyers on Twitter - as well as for gaining insight into your own network of followers - is Twtrland . Unlike the directories above, Twtrland is not exclusively a lawyer directory, but it does let you explore Twitter by various categories of skills and expertise, with "legal" as one of those categories. Search "legal" to get a list of the tweeters who Twtrland ranks as most influential. Refine your search by location to find the most influential legal tweeters within, say, the U.K. or New York. Refine your search further by gender or by adding skills. Twtrland is also unique in its profiles of Twitter users. Its developers say that they created it in order to help people decide whether to follow someone. To do this, it analyzes a person's Twitter activity to create a visual depiction of the person's "social footprint." * * * You can drill down through some of these stats to find more granular information about a person's (or your own) followers. For example, I can see who among my followers is from the U.K., and then further refine my U.K. followers by skills or other facets.
Risk monitoring a key component of social media strategies (InsideCounsel, 18 Sept 2013) - One of the most famous commercials of the 1970s explained to us that, if we told two friends about Faberge Organics shampoo, they would tell two friends and so on and so on. It indicated the power of social interaction, demonstrating on-screen how, after a short while, hundreds and then thousands of people would know about the benefits of wheat germ, oil and honey shampoo. In the era of social media, the adage has changed. "You tweet to all your followers, and they'll tweet to all of their followers and so on and so on." Then, rather than spreading your message by powers of two, consumers suddenly have the ability to inform tens or hundreds of thousands of people within seconds. They can easily spread the positive word about your delightful products… or they can propagate bad news through the same channels. One company that learned this lesson the hard way is Chobani, a popular Greek yogurt brand - and the favorite of spokesperson John Stamos. On Aug. 26, Chobani issued a "voluntary withdrawal" of its products from store shelves, after learning of a problem with mold in its yogurt. Once upon a time, that sort of event would have flown under the radar. Stores would have removed the product and perhaps employees would have "told two friends" about it. But instead, Chobani learned a tough lesson about how social media empowers consumers to disseminate their opinions, and how companies must keep this risk in mind when developing social media strategies. At first, the negative social media posts came in at a trickle, but momentum grew toward Labor Day weekend. The Wall Street Journal reported that one tweet, on Aug. 30, came from a supermarket worker who had seen a Chobani recall. At the time, the company had only issued the voluntary withdrawal - an important distinction when dealing with the Food and Drug Administration but one that is lost on the average person. It is possible that this negative conversation (Chobani tried to engage the tweeter, perhaps making matters worse) spurred the company to issue the formal recall. Either way, Chobani soon became inundated with social media comments and phone calls, eventually training staff to help with the response effort. As the first major crisis encountered by the eight year old company, it was caught unaware, lacking risk managers to monitor social media feeds and properly trained agents who could deal with the negative response. It's a hard lesson to learn - harder than any that John Stamos doled out as Uncle Jesse on Full House - but it is a story that can help other companies in the future. Businesses, no matter what the size, should keep a close eye on social media outlets, assessing the risks and rewards and making business savvy decisions. After all, when people ask you to explain social media messages, it's not okay to say "It's all Greek to me."
Court gives a victory to Pandora over licensing streaming music (NYT, 18 Sept 2013) - Pandora Media won a battle in its continuing war with the music industry over royalties when a federal judge ruled on Tuesday that the American Society of Composers, Authors and Publishers, which represents thousands of members, cannot prevent Pandora from licensing all the songs in its catalog. The ruling , by Judge Denise L. Cote of United States District Court in Manhattan, is a blow to music publishers, who have tried to get the best royalty rates for digital music by limiting the extent that performing rights societies like Ascap and Broadcast Music Incorporated represent their songs. The ruling could also hurt the societies themselves if they are perceived as preventing the publishers from getting higher rates. Two years ago, the industry's biggest publishers began withdrawing digital rights to their music from Ascap and BMI, forcing companies like Pandora to negotiate directly for a license to stream the music. Sony/ATV, the world's largest publisher, has said it received a 25 percent higher rate by licensing its songs to Pandora directly. Pandora argued in a motion for summary judgment that allowing publishers to withdraw their digital rights violated Ascap's longtime consent decree, which says that the organization must license its songs to any service that asks. The judge agreed, saying that Ascap must make all the songs in its catalog available to Pandora through 2015, when its current licensing terms with Internet radio provider expire. If Ascap licenses a song for some purposes, the judge ruled, it must for others - like streaming - as well.
LOOKING BACK - MIRLN TEN YEARS AGO
(note: link-rot has affected about 50% of these original URLs)
Microsoft Offers Free E-Book Downloads (CNET, 2 July 2003) -- In a move aimed at bolstering the use of its Microsoft Reader program, the software giant announced on Wednesday that it would offer free downloads of e-book bestsellers over a 20-week period. Although Microsoft has launched similar promotions in the past to boost users' familiarity with Reader and attempt to snag market share from Adobe's omnipresent Acrobat software, the new promotion is the largest in scope and duration that the company has offered, Microsoft eReading group product manager Cliff Guren said. "Customers are satisfied with the reading experience once they engage with it, but we wanted to build awareness of e-books and Microsoft Reader. We want to expose more people to this," Guren said. Microsoft Reader debuted in August 2000 and has since received 6 million downloads. The company released Microsoft Reader 2.0 a year ago, along with an online catalog of e-book titles available for the software. As part of the five-month promotion, users can download three e-books a week from Microsoft's Web site via a Pocket PC, a Tablet PC, a laptop or a desktop. A Short History of Nearly Everything by Bill Bryson, The Joy Luck Club by Amy Tan, and Fear Itself by Walter Mosley are among the titles offered.
World Drowning in Oceans Of Data (BBC, 31 Oct 2003) -- Growing net, computer and phone use is driving a huge rise in the amount of information people generate and use. US researchers estimate that every year 800MB of information is produced for every person on the planet. Their study found that information stored on paper, film, magnetic and optical disks has doubled since 1999. Paper is still proving popular though. The amount of information stored in books, journals and other documents has grown 43% in three years. The researchers from the University of California, Berkeley, last carried out a study of how much information was being generated and where it was kept three years ago, based on data from 1999. The most recent study has revealed that every year since then the amount of information generated has grown about 30%. But these percentages belie the vast mountains of information involved. Most new information is captured on computer hard disks Study authors Prof Peter Lyman and colleagues found that in 2002 alone about five exabytes of new information was generated by the worlds print, film, magnetic and optical storage systems. By comparison the US Library of Congress print collection, comprising 19 million books and 56 million manuscripts, equates to about 10 terabytes of information. It would take 500,000 Libraries of Congress to equal five exabytes. But even this figure is dwarfed by the gargantuan amount of information flowing through electronic channels such as the telephone, radio, television and internet. In 2002 the study estimates that 18 exabytes of new information flowed through these channels. The vast majority of this, 98%, was in the form of person-to-person phone calls. It also found that most of the information transmitted via radio and TV is not new information, the vast majority are repeats. Of the 320 million hours of radio shows only 70 million hours are actually original shows. On TV only 31 million hours of the total 123 million hours of broadcast programmes count as new information. Prof Lyman said he was surprised that paper was still proving popular as a storage medium but put its resilience down to the fact that a lot of the information generated on computer is printed out. One area that is gradually losing out to digital media is film. Prof Lyman said the increasing popularity of digital cameras and cameras was driving people away from the older format. In the years since the last study, the amount of images captured on film has declined by 9%. The study also revealed an image of the average amount of time people spend with different sorts of media. It showed that the average American adult spends 16.17 hours on the phone a month, listens to 90 hours of radio and watches 131 hours of TV. The 53% of the US population that uses the net spends more than 25 hours online a month at home and more than 74 hours on the net at work. The researchers point out that this means we are accessing information media 46% of the time.
NOTES
MIRLN (Misc. IT Related Legal News) is a free e-newsletter published every three weeks by Vince Polley at KnowConnect PLLC. You can subscribe to the MIRLN distribution list by sending email to Vince Polley ( mailto:vpolley@knowconnect.com?subject=MIRLN ) with the word "MIRLN" in the subject line. Unsubscribe by sending email to Vince with the words "MIRLN REMOVAL" in the subject line.
Recent MIRLN issues are archived at www.knowconnect.com/mirln . Get supplemental information through Twitter: http://twitter.com/vpolley #mirln.
SOURCES (inter alia):
1. The Filter, a publication of the Berkman Center for Internet & Society at Harvard Law School, http://cyber.law.harvard.edu
2. InsideHigherEd - http://www.insidehighered.com/
3. SANS Newsbites, sans@sans.org
4. NewsScan and Innovation, http://www.newsscan.com
5. Aon's Technology & Professional Risks Newsletter
6. Crypto-Gram, http://www.schneier.com/crypto-gram.html
7. McGuire Wood's Technology & Business Articles of Note
8. Steptoe & Johnson's E-Commerce Law Week
9. Eric Goldman's Technology and Marketing Law Blog, http://blog.ericgoldman.org/
10. The Benton Foundation's Communications Headlines
11. Readers' submissions, and the editor's discoveries
This work is licensed under the Creative Commons Attribution-Share Alike 3.0 United States License. To view a copy of this license, visit or send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.
PRIVACY NOTICE: Addresses and other personal information provided during the subscription process will be kept confidential, and will not be used for any other purpose. top
No comments:
Post a Comment