MIRLN --- 22 January – 11 February 2012 (v15.02)
MIRLN --- 22 January - 11 February 2012 (v15.02) --- by Vince Polley and KnowConnect PLLC (supplemented by related Tweets: http://twitter.com/vpolley #mirln)
- SEC Stresses Importance of Social Media Guidelines and Compliance
- Opinion Recap: The Public Domain Shrinks
- Antipiracy Case Sends Shivers Through Some Legitimate Storage Sites
- Supreme Court Rules Attaching GPS Device to Car Is a Search; Case Is “Big Loss” for U.S.
- Judge: Americans Can Be Forced to Decrypt Their Laptops
- Cameras May Open Up the Board Room to Hackers
- Do You Need a Cyberumbrella?
- Department of Justice Misdirection on Cloud Computing and Privacy
- NIST Issues Public Cloud Computing Guidance
- Reding’s “Right To Be Forgotten” Bill Polarises Euro Biz World
- Final Phase of Mass. Data Protection Law Kicks in March 1
- Federal Judges Wary of Facebook, Twitter, Google+ Impact on Juries
- States Allow Voting Via Cloud For Citizens Overseas
- Similar, But Not Copied, Image Found to Breach Copyright
- ABA Should Pause Before Backing Digital-Only Laws
- Protecting Access One Entry at a Time: An Update on the National Inventory of Legal Materials
- ABA Supports Uniform Law for Online Publication of Court Decisions and Laws
- Facebook After Death: What Should the Law Say?
- US Cybersecurity Efforts Trigger Privacy Concerns
- Using Wikileaks To Figure Out What the Government “Redacts”
- China-Based Hackers Target Law Firms to Get Secret Deal Data
- Do You Like Online Privacy? You May Be a Terrorist
- Hacked Companies Still Not Telling Investors
- Defining Fair Use
- Copyright Lawsuit Targets Owners of Non-Secure Wireless Networks
- WunderMap Shows Weather From the Past & Future
- NLRB Issues Second Report on Use of Social Media in the Workplace
- A License to Link? Lowe’s Has One
- The Intersection of Federal Copyright Law and State Public Record Law
- Groupons for Lawyers Gain Traction with Ethics Committees
- In re Google
SEC Stresses Importance of Social Media Guidelines and Compliance (SearchCompliance, 16 Jan 2012) - The Securities and Exchange Commission (SEC) is emphasizing the importance of enterprise-wide social media guidelines and compliance, soon after the agency charged an investment adviser with offering fictitious securities through social media sites. Earlier this month, the SEC’s Division of Enforcement alleges that Anthony Fields, of Lyons, Ill., offered more than $500 billion in fictitious securities through various social media websites, including professional networking site LinkedIn. Fields provided false and misleading information concerning his assets, failed to maintain required books and records and did not implement adequate compliance policies and procedures, according to the SEC. “Fraudsters are quick to adapt to new technologies to exploit them for unlawful purposes,” said Robert B. Kaplan, co-chief of the SEC enforcement division’s Asset Management Unit, in a statement announcing the charges. ‘social media is no exception, and today’s enforcement action reflects our determination to pursue fraudulent activity on new and evolving platforms.” Shortly after charging Fields, the SEC released a risk alert titled “ Investment Adviser Use of Social Media .” The alert reviews concerns that may arise from social media use, and offers suggestions for complying with the antifraud, compliance and recordkeeping provisions of federal security laws. The alert further notes that firms should consider how to implement new social media guidelines , or revisit their existing programs as technology evolves. Stephen Marsh, founder and CEO of electronic communications archiving provider Smarsh Inc. , said between the risk alert and the charges against Fields, the SEC is sending a clear message: Registered investment advisors (RIAs) need to extend their recordkeeping initiatives to social media and consider the complexities of social networks when crafting and enforcing social media guidelines.
Opinion Recap: The Public Domain Shrinks (SCOTIS blog, 18 Jan 2012) - In a historic ruling on Congress’s power to give authors and composers monopoly power over their creations, the Supreme Court on Wednesday broadly upheld the national legislature’s authority to withdraw works from the public domain and put them back under a copyright shield. While the ruling at several points stressed that it was a narrow embrace of Congress’s authority simply to harmonize U.S. law with the practice of other nations, the decision’s treatment of works that had entered the public domain in the U.S. produced a far more sweeping outcome. No one, the Court said flatly, obtains any personal right under the Constitution to copy or perform a work just because it has come out from under earlier copyright protection, so no one can object if copyright is later restored. Any legal rights that exist belong only to the author or composer, the ruling said. If anyone wants to resume the use or performance of a work after it regains copyright, they must pay for the privilege, the decision made clear. The 6-2 decision (with Justice Elena Kagan not taking part) came in the case of Golan, et al., v. Holder (docket 10-545), involving a wide-ranging constitutional challenge to a federal law passed in 1994 to implement global agreements worked out in trade negotiations - the so-called Uruguay Round Agreement. The challenge, however, failed on all points: the law does not violate the Constitution’s Copyright Clause, it does not violate the First Amendment rights of anyone who previously had free access to creative works, and it does not deviate from any long-standing historical practice or perception, according to the decision. Justice Ruth Bader Ginsburg wrote the majority opinion. Justice Stephen G. Breyer dissented, joined by Justice Samuel A. Alito, Jr. The main opinion relied very heavily upon a prior opinion written by Ginsburg - the Court’s 2003 decision in Eldred v. Ashcroft , upholding Congress’s power to lengthen the terms of copyrights while they were still in force. The new case was different, involving the grant of copyright to works never protected previously under U.S. law, and thus not previously restricted on use or performance in this country. The Court majority, however, insisted that the guiding constitutional principles were not different.
Antipiracy Case Sends Shivers Through Some Legitimate Storage Sites (NYT, 20 Jan 2012) - If Megaupload is guilty, then who among its brethren is innocent? On Thursday, federal authorities shut the Web site of Megaupload, a file-sharing service, and accused its operators of copyright infringement and running a vast “Mega Conspiracy.” They could face 20 years in prison. But Megaupload was not the only such service on the Web. Many companies have crowded into the online storage market recently, most of them aimed at consumers and businesses that want convenient ways to get big data files out of their teeming in-boxes, off their devices and into the cloud - perhaps so that friends or co-workers can download them. They include MediaFire, RapidShare, YouSendIt, Dropbox and Box.net . And there are similar services from Amazon, Google and Microsoft. All of these market themselves as legitimate ways to store content online. But they are inherently ideal for anyone looking to illegitimately upload and share copyrighted video and audio files. Most companies rarely, if ever, inspect individual files to see if the material they store on behalf of users violates copyrights, unless they are notified by someone claiming infringement. “The goal of the Megaupload indictment is to push and prod other companies to take copyright infringement more seriously,” said Orin S. Kerr, a law professor at George Washington University. Federal prosecutors seem to have thrown the book at Megaupload. The indictment asserts that the company’s business model depended on people violating copyright and that it gave them incentives to do so, while charging subscription fees for watching video and placing ads in front of material it did not own. When asked to remove copyrighted works, the indictment says, Megaupload at best removed a particular version but left copies elsewhere in its system. [Editor: see also Seven Lessons from SOPA/PIPA/Megaupload and Four Proposals on Where We Go From Here (TechPresident, Yochai Benkler, 25 Jan 2012); see also Berkman’s 6 February analysis of the complaint here .]
Supreme Court Rules Attaching GPS Device to Car Is a Search; Case Is “Big Loss” for U.S. (ABA Journal, 23 Jan 2012) - The U.S. Supreme Court has ruled for a drug defendant who argued that police should have obtained a warrant before attaching a GPS device to his car to monitor his movements. Justice Antonin Scalia wrote the opinion for a court that was unanimous in its finding that the police conduct was a search within the meaning of the Fourth Amendment. SCOTUSblog initially called the decision “a big loss for the federal government.” The case, United States v. Jones, is an appeal by Antoine Jones, who was convicted of conspiracy to distribute cocaine after police installed a GPS device on his Jeep Grand Cherokee. Scalia’s opinion was joined in full by Chief Justice John G. Roberts Jr. and Justices Anthony M. Kennedy, Clarence Thomas and Sonia Sotomayor. “It is important to be clear about what occurred in this case,” Scalia said. “The government physically occupied private property for the purpose of obtaining information. We have no doubt that such a physical intrusion would have been considered a ‘search” within the meaning of the Fourth Amendment when it was adopted.” Scalia said Fourth Amendment jurisprudence was tied to the common law tort of trespass, at least until the latter half of the 20th century. The justices disagreed over analysis and whose interpretation offered a broader or more flexible interpretation of the Fourth Amendment. Justice Sonia Sotomayor wrote a concurring opinion embracing both Scalia’s analysis and a privacy-expectation test espoused by Justice Samuel A. Alito Jr. and three justices in the court’s liberal wing. Sotomayor wrote that a search occurs “at a minimum” when the government physically intrudes on a constitutionally protected area. Even in the absence of a trespass, she said, the Fourth Amendment is implicated when there is a violation of a suspect’s reasonable expectation of privacy. The American Civil Liberties Union applauded the decision in a press release. It includes this quote from ACLU legal director Steven Shapiro: “Today’s decision is an important victory for privacy. While this case turned on the fact that the government physically placed a GPS device on the defendant’s car, the implications are much broader. A majority of the court acknowledged that advancing technology, like cell phone tracking, gives the government unprecedented ability to collect, store and analyze an enormous amount of information about our private lives. Today’s decision suggests that the court is prepared to address that problem. Congress needs to address the problem as well.” Alito endorsed the reasonable-expectation-of-privacy test in an opinion concurring in the judgment. He took issue with Scalia’s analysis, accusing him of relying on the tort law of trespass as it existed in the 18th century. Alito’s opinion was joined by Justices Ruth Bader Ginsburg, Stephen G. Breyer and Elena Kagan. “If longterm monitoring can be accomplished without committing a technical trespass-suppose, for example, that the federal government required or persuaded auto manufacturers to include a GPS tracking device in every car-the court’s theory would provide no protection,” Alito wrote. Scalia responded to Alito and criticized his reliance on Katz v. United States, which found a Fourth Amendment violation when police attached a listening device to the outside of a phone booth. “The concurrence begins by accusing us of applying “18th-century tort law,” “ Scalia wrote. “That is a distortion. What we apply is an 18th-century guarantee against unreasonable searches, which we believe must provide at a minimum the degree of protection it afforded when it was adopted. The concurrence does not share that belief. It would apply exclusively Katz’s reasonable-expectation-of-privacy test, even when that eliminates rights that previously existed.” [Thorough analysis by Prof Dan Solove here .]
Judge: Americans Can Be Forced to Decrypt Their Laptops (CNET, 23 Jan 2012) - American citizens can be ordered to decrypt their PGP-scrambled hard drives for police to peruse for incriminating files, a federal judge in Colorado ruled today in what could become a precedent-setting case. Judge Robert Blackburn ordered a Peyton, Colo., woman to decrypt the hard drive of a Toshiba laptop computer no later than February 21--or face the consequences including contempt of court. Blackburn, a George W. Bush appointee, ruled that the Fifth Amendment posed no barrier to his decryption order. The Fifth Amendment says that nobody may be “compelled in any criminal case to be a witness against himself,” which has become known as the right to avoid self-incrimination. “I find and conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer,” Blackburn wrote in a 10-page opinion today. He said the All Writs Act, which dates back to 1789 and has been used to require telephone companies to aid in surveillance, could be invoked in forcing decryption of hard drives as well. Today’s ruling from Blackburn sided with the U.S. Department of Justice, which argued, as CNET reported last summer, that Americans” Fifth Amendment right to remain silent doesn’t apply to their encryption passphrases. While the U.S. Supreme Court has not confronted the topic, a handful of lower courts have. In March 2010, a federal judge in Michigan ruled that Thomas Kirschner, facing charges of receiving child pornography, would not have to give up his password. That’s “protecting his invocation of his Fifth Amendment privilege against compelled self-incrimination,” the court ruled ( PDF ). A year earlier, a Vermont federal judge concluded that Sebastien Boucher, who a border guard claims had child porn on his Alienware laptop, did not have a Fifth Amendment right to keep the files encrypted. Boucher eventually complied and was convicted. Prosecutors in this case have stressed that they don’t actually require the passphrase itself, and today’s order appears to permit Fricosu to type it in and unlock the files without anyone looking over her shoulder. They say they want only the decrypted data and are not demanding “the password to the drive, either orally or in written form.” The question of whether a criminal defendant can be legally compelled to cough up his encryption passphrase remains an unsettled one, with law review articles for at least the last 15 years arguing the merits of either approach. (A U.S. Justice Department attorney wrote an article in 1996, for instance, titled “Compelled Production of Plaintext and Keys.") Much of the discussion has been about what analogy comes closest. Prosecutors tend to view PGP passphrases as akin to someone possessing a key to a safe filled with incriminating documents. That person can, in general, be legally compelled to hand over the key. Other examples include the U.S. Supreme Court saying that defendants can be forced to provide fingerprints, blood samples, or voice recordings. [Orin Kerr blogs on The Volokh Conspiracy: “Based on a quick read of the opinion, the legal analysis in the Fricosu opinion is not a model of clarity. But it strikes me as a replay of the district court decision in Boucher: The Court ends up ordering the defendant to decrypt the hard drive, but only because the court made a factual finding that in this specific case, the government already knew the information that could be incriminating - and as a result, was a “foregone conclusion” that dissipated the Fifth Amendment privilege. If I’m reading Fricosu correctly, the Court is not saying that there is no Fifth Amendment privilege against being forced to divulge a password. Rather, the Court is saying that the Fifth Amendment privilege can’t be asserted in a specific case where it is known based on the facts of the case that the computer belongs to the suspect and the suspect knows the password. Because the only incriminating message of being forced to decrypt the password - that the suspect has control over the computer - is already known, it is a “foregone conclusion” and the Fifth Amendment privilege cannot block the government’s application."]
Cameras May Open Up the Board Room to Hackers (NYT, 23 Jan 2012) - One afternoon this month, a hacker took a tour of a dozen conference rooms around the globe via equipment that most every company has in those rooms; videoconferencing equipment. With the move of a mouse, he steered a camera around each room, occasionally zooming in with such precision that he could discern grooves in the wood and paint flecks on the wall. In one room, he zoomed out through a window, across a parking lot and into shrubbery some 50 yards away where a small animal could be seen burrowing underneath a bush. With such equipment, the hacker could have easily eavesdropped on privileged attorney-client conversations or read trade secrets on a report lying on the conference room table. In this case, the hacker was HD Moore, a chief security officer at Rapid7, a Boston based company that looks for security holes in computer systems that are used in devices like toaster ovens and Mars landing equipment. His latest find: videoconferencing equipment is often left vulnerable to hackers. Businesses collectively spend billions of dollars each year beefing up security on their computer systems and employee laptops. They agonize over the confidential information that employees send to their Gmail and Dropbox accounts and store on their iPads and smartphones. But rarely do they give much thought to the ease with which anyone can penetrate a videoconference room where their most guarded trade secrets are openly discussed. Two months ago, Mr. Moore wrote a computer program that scanned the Internet for videoconference systems that were outside the firewall and configured to automatically answer calls. In less than two hours, he had scanned 3 percent of the Internet. In that sliver, he discovered 5,000 wide-open conference rooms at law firms, pharmaceutical companies, oil refineries, universities and medical centers. He stumbled into a lawyer-inmate meeting room at a prison, an operating room at a university medical center, and a venture capital pitch meeting where a company’s financials were being projected on a screen.
Do You Need a Cyberumbrella? (Computerworld, 24 Jan 2012) - If your company were hit with a cyberattack today, would it be able to foot the bill? The entire bill, including costs from regulatory fines, potential lawsuits, damage to your organizations” brand, and hardware and software repair, recovery and protection? It’s a question worth careful consideration, given that the price of cyberattacks is rising at an alarming rate. The second annual Cost of Cyber Crime study , released last August by the Ponemon Institute, reported that the median annualized cost of cybercrime for a company is $5.9 million—a 56% increase from the 2010 median figure. A growing number of insurance companies are offering policies that provide protection in the event of data breaches and other malicious hacks. But they’re having some difficulty making many sales—in part because the cost of premiums can be staggering. Lawyers and information security leaders say many executives mistakenly believe that standard corporate insurance policies or general liability policies cover losses related to hacking, or that their cyberpolicies, if they have them, will cover all costs related to a breach. Most of the time, they won’t. A February 2011 paper by Forrester Research analyst Khalid Kark indicates that many companies are still trying to understand the basics of these policies, which are offered by such carriers as ACE USA, Chubb, The Hartford and St. Paul Travelers Cos. The most common questions revolve around what types of polices are out there, what they cover, how to select the right policy and whether such insurance is even needed. IT leaders are particularly likely to get confused, because tech execs have not traditionally made decisions about corporate insurance. Likewise, the risk management and legal teams that typically do make insurance decisions have not customarily sought out their IT counterparts for advice.
Department of Justice Misdirection on Cloud Computing and Privacy (EFF, 24 Jan 2012) - Does using cloud computing services based in the United States create a risk of US law enforcement access to people’s data? The US Department of Justice (DOJ) seems to be trying to placate international concern by saying one thing in international fora; but it says something quite different in the US courts. On January 18, a senior Justice Department official tried to reassure companies and people around the world that hosting their data in the United States creates no increased privacy risk for them from the US government. Deputy Assistant Attorney General Bruce Swartz noted: “Cloud computing has important advantages to consumers (but) doesn’t present any issues that have not always been present. Certainly not regarding Internet service issues, but even before that.” Apparently, the DOJ is reacting to decisions by foreign entities to drop US-based services due to concerns about US government access, including British company BAE dropping Microsoft Office 365 and the Dutch government’s hesitation about allowing its contractors to use US-based cloud services. In the past, Denmark and Canada have also voiced their concerns about the level of protection the United States can provide to their citizens” data. EU public tenders of cloud services are also avoiding US cloud services for the same reasons. European-based companies, which have to comply with EU data protection law, see this opportunity as a competitive advantage, as do Australian cloud services . Yet the DOJ’s reassurances ring hollow. While the DOJ may spin its position one way to try to appease foreign audiences, its actual position is quite clear where it really matters: in US courts when it is trying to access subscriber information held by US-based cloud computing services. Indeed, the DOJ’s position in its court filings is that very little, if any, privacy protection is available against US government access to the records of users of US-based cloud computing services. EFF’s recent high-profile case involving DOJ access to Twitter customer records as part of the Wikileaks investigation demonstrates this. There, the DOJ has been unequivocal that cloud users have no right to challenge government access to the tremendous amount of “non-content” information held by these systems—their location, their contacts, their communications patterns and more. In November 2011, the court agreed , holding that the Twitter users could not challenge the request for their information under the Stored Communications Act or under the constitution, chiefly on the grounds that having “given” their IP address and other information to Twitter in the US, they had no further privacy interest . The DOJ also stated that it has strong doubts about whether foreign users of US-based cloud services had any constitutional privacy rights at all. In fact, Deputy Assistant Attorney General Swartz doesn’t really say anything different. He says only that the issues predate the Internet.
NIST Issues Public Cloud Computing Guidance (GovInfoSecurity, 25 Jan 2012) - Users - not providers - have ultimate responsibility for the security and privacy of data stored on the public cloud, new guidance from the National Institute of Standards and Technology says. Guidance coauthor and NIST Computer Scientist Tim Grance says public cloud computing is a viable choice for many applications and services for enterprises to consider. “However,” Grance says, “accountability for security and privacy in public cloud deployments cannot be delegated to a cloud provider and remains an obligation for the organization to fulfill.” NIST Special Publication 800-144 : Guidelines on Security and Privacy in Public Cloud Computing provides an overview of the security and privacy challenges facing public cloud computing. It presents recommendations that organizations should consider when outsourcing data, applications and infrastructure to a public cloud. When NIST issued a draft of the guidance last winter (see New NIST Guidance Tackles Public Cloud Security), Grance said safeguarding data in a public cloud isn’t much different from other types of IT security. “It’s the same advice we give for almost any deployment of IT because it is still the right thing to do,” he said. “Take out the word “cloud computing” and put in any major technology. You always want to carefully plan for security and privacy before you do those things rather than after you do them.” NIST wrote SP 800-144 for system managers, executives and information officers making decisions about cloud computing initiatives; security professional responsible for IT security; IT program managers concerned with security and privacy measures for cloud computing; system and network administrators; and users of public cloud computing services. The publication also provides a detailed list of Federal Information Processing Standards and NIST special publications that provide materials particularly relevant to cloud computing and are recommended to be used in conjunction with the guidance.
Reding’s “Right To Be Forgotten” Bill Polarises Euro Biz World (The Register, 25 Jan 2012) - EU Justice Commissioner Viviane Reding will imminently table a draft bill that will - if passed in Parliament - require internet firms to be upfront about the user data they hold. The proposal has already been slammed by many businesses in the UK, where opposition to the draft regulation has been particularly fierce. Reding’s “right to be forgotten” on the internet plan forms part of a huge legislative overhaul of Europe’s 1995 data protection law, which the commissioner has labelled as outdated. EU observers, businesses and politicos agree with her that the current legislation is in desperate need of a rewrite, but Reding’s draft proposal has drawn fire from many. “The old adage of “Be careful what you wish for” is apt in relation to the proposed rewrite of data protection laws. Companies have been struggling with unharmonised regulation across Europe for years, but the Commission’s focus on the rights of the individual has resulted in some ideas that are widely seen as unworkable or which will lead to significant costs,” said Jane Finlayson-Brown, a partner in Allen & Overy’s data protection team. She said the draft bill contains ‘several draconian new requirements” that could prove “impossible to enforce”. “The new “right to be forgotten” is particularly contentious,” Finlayson-Brown added. “While attractive to users of social networks, it will apply generally and will require many organisations to re-engineer business processes and technologies.
Final Phase of Mass. Data Protection Law Kicks in March 1 (Computerworld, 25 Jan 2012) - All companies storing personal data on Massachusetts residents have just over a month to ensure that their contractors, suppliers, technology providers and other third parties comply with a provision of a state data breach law that went into effect in March 2010. The law ( download PDF ) is designed to ensure that companies holding data on Massachusetts residents have certain security controls in place . Over the past two years, most of the provisions of the bill have already gone into effect. The last one, which deals with third-party compliance, takes effect on March 1. After that date, all companies with personal data on Massachusetts residents will be required to have specific language in third-party contracts that obligates their vendors to employ reasonable measures for protecting personal information.
Federal Judges Wary of Facebook, Twitter, Google+ Impact on Juries (Network World, 25 Jan 2012) - The impact of social media such as Twitter, Facebook and Google+ and others on federal juries is a concern that judges are frequently taking steps to curb. According to a study 94% of the 508 federal judges who responded said they have specifically barred jurors from any case-connected use of social media. The Federal Judicial Center was asked by a committee of the policy-making Judicial Conference of the United States to survey all 952 federal judges, of whom 53% responded on the issue. “The most common strategy is incorporating social media use into jury instructions - either the model jury instruction provided by (the Conference’s Committee on Court Administration and Case Management) or judges” own personal jury instructions,” the report said. “Also common are the practice of reminding jurors on a regular basis not to use social media to communicate during trial or deliberations, explaining the reasons behind the ban on social media, and confiscating electronic devices in the courtroom.” Some of the findings from the study included: * * * [Editor: pretty interesting results.]
- and -
See No Evil: Study Says Judges Don’t Find Jurors Using Social Media (CMLP, 6 Feb 2012) - The Federal Judicial Center has released a study which concludes that “detected social media use by jurors is infrequent, and that most judges have taken steps to ensure jurors do not use social media in the courtroom,” and implies that juror use of the Internet and social media during trial is not a growing problem. Alison Frankel of Thompson-Reuters is skeptical about this conclusion, and I agree with her. The FJC report was based on a survey e-mailed to all active and senior federal judges in October 2011. Of the 952 judges who received the survey, 508 responded - a response rate of 53 percent - from all 94 federal districts. Of the 508 judges who responded, only 30 (six percent) said that they had experienced jurors using social media during trials and deliberations. Most (23 judges) had seen this during trial, rather than deliberations (12 judges), and judges reported seeing such activity more often in criminal cases (22 judges) than in civil cases (five judges). Three judges had experience with jurors using social media during both criminal and civil cases. Only two had experienced this in more than two cases of either type. And it seems dubious that the usage judges observed is all the usage there is, given how widespread Internet use is among the larger community from which jurors are drawn. According to the Pew Internet and American Life Project , overall 78 percent of adults use the Internet. (There are, however, some variations on usage based on age and education level.) About 77 percent of adults do so on a daily basis. If a jury pool is representative of the adult population, it certainly includes these daily Internet users. The fact that only two of the judges in the survey discovered the social media use on their own shows that such activity is hard to detect, both inside the courthouse and - especially - outside of it.
States Allow Voting Via Cloud For Citizens Overseas (Information Week, 25 Jan 2012) - Several states are using an online balloting website based on Microsoft’s cloud-computing platform to allow U.S. voters living overseas to cast their votes via the Web in 2012 primary elections. LiveBallot, based on Microsoft’s Windows Azure cloud infrastructure, has already allowed more than 1,200 voters from Florida living in 40 countries around the world to access their ballots for a Jan. 31 election, according to Microsoft. In addition to Florida, Virginia and California will use the system for their primaries, and Washington state will use it for its caucus. However, only in Virginia will all voting jurisdictions be covered by the system; the other states only will provide access to certain voting areas, according to Microsoft. The system allows voters registered to vote in primaries who live overseas to have access to ballots 45 days before the election. From that time until the election, they can cast their ballot electronically, or print out the ballot and mail it or fax it, depending on the state’s election rules.
Similar, But Not Copied, Image Found to Breach Copyright (DPreview.com, 25 Jan 2012) - Amateur Photographer magazine has published an interesting story about a copyright infringement case of similar, but not directly copied, images. The issue of copyright is thorny, contentious and often misunderstood but this case sheds some light on the current attitude of courts in the UK. Despite significant differences between the two images (there was no implication that the second image was a duplicate of the first), the court found that the second image copied substantially from the “intellectual creation” of the first (that is the elements that can be protected by copyright in the original image, including a consideration of the composition, lighting and processing of the image). Meanwhile, Jane Lambert - a barrister specialising in intellectual property law - has written an excellent blog post on the case , in which she concludes “although I follow the logic I feel very uneasy at Judge Birss’s decision in Temple Island. It seems to come very close to protecting copyright in an idea as opposed to expression.” [Editor: the two pictures in question are here ; seems like a clearly wrong decision - unless you make Louboutin shoes. TechDirt story here . UK Court’s decision here .]
ABA Should Pause Before Backing Digital-Only Laws (Wisconsin Law Journal, 26 Jan 2012) - The American Bar Association in February will be asked to endorse a proposed uniform law aiming at new standards for state government websites that host legal materials. The Uniform Laws Commission is proposing the Uniform Electronic Legal Materials Act in answer to a trend, still in its infancy, of shuttering public printers and posting laws only online. But shifting an entire system of laws to online-only postings puts our legal system at risk. UELMA attempts a first step in the long journey ahead to use the Internet with the same confidence entrusted to the printing press. But, like the Internet, the proposal is not ready to bear the burden. The Internet is an unreliable partner unless it is managed properly. Its chief flaw is the appearance of being cheap to use, when the truth is that keeping documents authentic, available and findable costs money. The prefatory note to UELMA states the nut of the problem: “Many years of experience allow us to determine when we can trust the integrity of a printed document. It stands to reason, therefore, that before state governments can transition fully into the electronic legal information environment, they must develop procedures to ensure the trustworthiness of their…information.” True enough. The question is not whether legal materials can be published online, but rather how much security, authentication, updating and archiving a state must develop and maintain before it can trust the Internet as “official publisher.” UELMA acknowledges that for digital records to replace print, a user must be assured of authenticity. An attorney or court must be able to trust the online version of a case or statute is the current, true and accurate version. UELMA’s explanatory notes suggest that digital signatures, such as those used by the Government Printing Office, would endow a digital document with trustworthiness. But it does not require digital signatures or their equivalents. UELMA leaves it to a state to pick a standard. It advises in notes, but does not require, that a baseline version should be kept for comparisons in case the system fails. It does not say the baseline must be in print or how a challenger might find it. UELMA takes the same approach to archiving. It acknowledges that archived versions of laws are essential to jurisprudence when, for example, a lawsuit is governed by an older statute superseded by later acts. But UELMA leaves it to the state to decide how much archiving is adequate.
- and -
Protecting Access One Entry at a Time: An Update on the National Inventory of Legal Materials (Cornell, 1 Feb 2012) - In the fall of 2009, the American Association of Law Libraries (AALL) put out a call for volunteers to participate in our new state working groups to support one of AALL’s top policy priorities: promoting the need for authentication and preservation of digital legal resources. It is AALL policy that the public have no-fee, permanent public access to authentic online legal information. In addition, AALL believes that government information, including the text of all primary legal materials, must be in the public domain and available without restriction. The response to our call was overwhelming, with volunteers from all 50 states and the District of Columbia expressing interest in participating. In late 2009, AALL’s then-Director of Government Relations Mary Alice Baish met twice with Law Librarian of Congress Roberta Shaffer and Carl Malamud of Public.Resource.org to discuss Law.gov and Malamud’s idea for a national inventory of legal materials. The inventory would include legal materials from all three branches of government. Mary Alice volunteered our working groups to lead the ambitious effort to contribute to the groundbreaking national inventory. AALL would use this data to update AALL’s 2003 “ State-by-State Report on Permanent Public Access to Electronic Government Information “ and the 2007 “ State-by-State Report on Authentication of Online Legal Resources “ and 2009-2010 updates , which revealed that a significant number of state online legal resources are considered to be “official” but that few are authenticating. It would also help the Law Library of Congress, which owns the Law.gov domain name, with their own ambitious projects. In July 2011, AALL’s Digital Access to Legal Information Committee formed a subcommittee that is charged with reviewing the national inventory data collected by the state working groups. Subcommittee members have been reviewing the raw data as entered by the working group volunteers in their state inventories. They will soon focus their attention on developing a report that will also act as an updated version of AALL’s State-by-State Report on Authentication of Online Legal Resources . The report, to be issued later this year, will once again support what law librarians have known for years: there are widespread issues with access to legal resources and there is an imminent need to prevent a trend of eliminating print resources in favor of electronic resources without the proper safeguards in place. It will also include information on: the official status of legal resources; whether states are providing for authentication, permanent public access, and/or preservation of online legal resources; any use restrictions or copyright claims by the state; and whether a universal (public domain) citation format has been adopted by any courts in the state.
- and -
ABA Supports Uniform Law for Online Publication of Court Decisions and Laws (ABA Journal, 6 Feb 2012) - The ABA House of Delegates has approved a resolution supporting the Uniform Electronic Legal Material Act governing the authentication and preservation of laws, court decisions and other legal materials published online. Resolution 102B supporting the model law was approved on a voice vote, though a significant number of delegates voted nay. Speaking in favor of the model law was former ABA executive director Robert Stein, the immediate past president of the National Conference of Commissioners on Uniform State Laws. Stein said the act, promulgated by NCCUSL last year, does not address specifics of technology to be used because it is always evolving. States enacting the model law would designate a publisher that would look at best practices in other jurisdictions before deciding on the methods that would be used. “What effect does this have on the so-called digital divide?” Stein asked. “I would submit that this doesn’t exacerbate that problem but may in fact diminish it.” The model law provides that states should offer public access to online legal materials, he said. “We think this promotes public access.” Former ABA President Talbot ‘sandy” D’Alemberte spoke in opposition. He said “guts” of the uniform act ‘simply don’t establish standards.” He also criticized a reciprocity provision that requires recognition of online materials authenticated by other states.
Facebook After Death: What Should the Law Say? (Mashable, 26 Jan 2012) - When you die, your social media presence lives on. But should it? Lawmakers and lawyers are tackling the question of what should happen to your digital life after death. The Uniform Law Commission recently approved a study committee on fiduciary power and authority to access digital property and online accounts during incapacity and after death. Uniform laws are created when there is little current legislation for states to follow. Gene Hennig, one of Minnesota’s commissioners on uniform state laws, offered the proposal. “Fiduciaries need clear powers to act on behalf of the individuals in the digital world” after death, he said. He estimates the uniform law process will take three years or more and will let estates gain access to the dead person’s online property with ease - while also allowing you to have a say in how you want your digital assets to be handled after death. Former Oklahoma Rep. Ryan Kiesel was one of the first to realize the need for legislation. The dead are leaving behind valuable virtual property that needs tending to in the same way physical property is passed on, Kiesel said. Only five states - Oklahoma, Idaho, Rhode Island, Indiana and Connecticut - have created laws governing digital asset management after death. In 2005, Connecticut was the first to establish a digital assets law. The statute is a little dusty - it references an “electronic mail account” and makes no reference to blogs, online bank accounts, payment accounts, photo sharing accounts or Facebook and other social accounts.
US Cybersecurity Efforts Trigger Privacy Concerns (AP, 27 Jan 2012) - The federal government’s plan to expand computer security protections into critical parts of private industry is raising concerns that the move will threaten Americans” civil liberties. In a report for release Friday, The Constitution Project warns that as the Obama administration partners more with the energy, financial, communications and health care industries to monitor and protect networks, sensitive personal information of people who work for or communicate with those companies could be improperly or inadvertently disclosed. While the government may have good intentions, it “runs the risk of establishing a program akin to wiretapping all network users” communications,” the nonpartisan legal think tank says. The Associated Press obtained a copy of the report in advance. The Constitution Project report recommends that officials limit the amount and nature of personal information shared between the public and private sectors. And it calls for strict oversight of the cyber programs by Congress and independent audits, to ensure that privacy rights have not been violated.
Using Wikileaks To Figure Out What the Government “Redacts” (TechDirt, 30 Jan 2012) - We’ve talked in the past about the ridiculousness of the US government pretending that the State Department cables that were leaked via Wikileaks are still confidential. The reasoning , obviously, is that they’re afraid that declaring anything that’s become public is no longer confidential is that it creates incentives to leak more documents. But the actual situation is simply absurd. Documents that everyone can see easily and publicly… live in this world, a world where anyone in government has to pretend that they’re still secret and confidential. There have even been cases where officials have gotten into trouble for using information from a “public” document, because they’re supposed to create this fiction that it’s not. Still, there is one way in which this has actually turned out to be enlightening. A few months ago, the ACLU filed some Freedom of Information Act (FOIA) requests to the State Department on some issues, getting some of the very same documents that were leaked via Wikileaks. Except… the kind that came with the FOIA had redactions. The Wikileaks documents, for the most part, do not. That created an interesting opportunity for Ben Wizner at the ACLU. He could now compare and contrast the two version of the document, to see just what the government is redacting , and figure out if they’re redacting it for legitimate reasons… or just to do things like avoid embarrassment. The ACLU then set up a special page allowing people to compare multiple versions of documents with just a simple mouseover. This came out a few months ago, but I didn’t get a chance to write it up until now. It’s pretty enlightening to see just what makes the censor’s cut, and (not surprisingly) raises significant questions about the government’s temptation to simply excise stuff they don’t like, rather than information that there are valid reasons to keep hidden.
China-Based Hackers Target Law Firms to Get Secret Deal Data (Bloomberg, 1 Feb 2012) - China-based hackers looking to derail the $40 billion acquisition of the world’s largest potash producer by an Australian mining giant zeroed in on offices on Toronto’s Bay Street, home of the Canadian law firms handling the deal. Over a few months beginning in September 2010, the hackers rifled one secure computer network after the next, eventually hitting seven different law firms as well as Canada’s Finance Ministry and the Treasury Board, according to Daniel Tobok, president of Toronto-based Digital Wyzdom. His cyber security company was hired by the law firms to assist in the probe. The investigation linked the intrusions to a Chinese effort to scuttle the takeover of Potash Corp. of Saskatchewan Inc. by BHP Billiton Ltd. as part of the global competition for natural resources, Tobok said. Such stolen data can be worth tens of millions of dollars and give the party who possesses it an unfair advantage in deal negotiations, he said. Though the deal eventually fell apart for unrelated reasons, the incident illustrates the vulnerability of law firms. They are increasingly threatened with a loss of client business if they can’t show improved security as such attacks continue to escalate. Stephen Surdu, vice president of professional services at Mandiant Corp., a cybersecurity firm that tracks industrial espionage, compared the risk of hacking in the mergers and acquisition arena to gambling. “You’re playing poker, and there’s a mirror over the other guy’s shoulder,” Surdu said. “As financial institutions in New York City and the world become stronger, a hacker can hit a law firm and it’s a much, much easier quarry,” said Mary Galligan, head of the cyber division in the New York City office of the U.S. Federal Bureau of Investigation. Galligan’s unit convened a meeting with the top 200 law firms in New York City last November to deal with the rising number of law firm intrusions. Over snacks in a large meeting room, the FBI issued a warning to the lawyers: Hackers see attorneys as a back door to the valuable data of their corporate clients. “We told them they need a diagram of their network; they need to know how computer logs are kept,” Galligan said of the meeting. ‘some were really well prepared; others didn’t know what we were talking about.”
Do You Like Online Privacy? You May Be a Terrorist (Public Intelligence, 1 Feb 2012) - A flyer designed by the FBI and the Department of Justice to promote suspicious activity reporting in internet cafes lists basic tools used for online privacy as potential signs of terrorist activity. The document, part of a program called “Communities Against Terrorism”, lists the use of “anonymizers, portals, or other means to shield IP address” as a sign that a person could be engaged in or supporting terrorist activity. The use of encryption is also listed as a suspicious activity along with steganography, the practice of using ‘software to hide encrypted data in digital photos” or other media. In fact, the flyer recommends that anyone “overly concerned about privacy” or attempting to ‘shield the screen from view of others” should be considered suspicious and potentially engaged in terrorist activities. The “Potential Indicators of Terrorist Activities” contained in the flyer are not to be construed alone as a sign of terrorist activity and the document notes that “just because someone’s speech, actions, beliefs, appearance, or way of life is different; it does not mean that he or she is suspicious.” However, many of the activities described in the document are basic practices of any individual concerned with security or privacy online. The use of PGP, VPNs, Tor or any of the many other technologies for anonymity and privacy online are directly targeted by the flyer, which is distributed to businesses in an effort to promote the reporting of these activities. [Editor: Guilty, on all counts.]
Hacked Companies Still Not Telling Investors (Reuters, 2 Feb 2012) - At least a half-dozen major U.S. companies whose computers have been infiltrated by cyber criminals or international spies have not admitted to the incidents despite new guidance from securities regulators urging such disclosures. Top U.S. cybersecurity officials believe corporate hacking is widespread, and the Securities and Exchange Commission issued a lengthy “guidance” document on October 13 outlining how and when publicly traded companies should report hacking incidents and cybersecurity risk. But with one full quarter having elapsed since the SEC request, some major companies that are known to have had significant digital security breaches have said nothing about the incidents in their regulatory filings. Defense contractor Lockheed Martin Corp, for example, said last May that it had fended off a ‘significant and tenacious” cyber attack on its networks. But Lockheed’s most recent 10-Q quarterly filing, like its filing for the period that included the attack, does not even list hacking as a generic risk, let alone state that it has been targeted. A Reuters review of more than 2,000 filings since the SEC guidance found some companies, including Internet infrastructure company VeriSign Inc and credit card and debit card transaction processor VeriFone Systems Inc, revealed significant new information about hacking incidents. Yet the vast majority of companies addressing the issue only used new boilerplate language to describe a general risk. Some hacking victims did not even do that. “It’s completely confusing to me why companies aren’t reporting cyber risks” if only to avoid SEC enforcement or private lawsuits, said Jacob Olcott, former counsel for the Senate Commerce committee. The chair of that committee, John D. Rockefeller, urged the SEC to act last year. Stewart Baker, a corporate attorney and former assistant secretary of the Department of Homeland Security, said the SEC guidance was detailed enough that companies that know they have been hacked will “have to work pretty hard not to disclose something about the scope and risk of the intrusion.” [See also “ Companies Worry About SEC’s Advice To Disclose Cyberthreats ” (San Jose Mercury News, 26 Jan 2012)]
Defining Fair Use (InsideHigherEd, 6 Feb 2012) - When it comes to the boundaries between exempted “fair use” of copyrighted materials and unlawful infringement, academic libraries spent 2011 in a defensive crouch. Last May, a trio of academic publishers, with backing from the Association of American Publishers (AAP), laid out in court documents what they believe to be the limitations of fair use in the context of library e-reserves. Then, in September, the Authors Guild sued a group of research libraries over its attempts to build a shared repository holding digital copies of their collections. Now the libraries” own trade group is going on offense - not with a lawsuit, but with a formal set of guidelines that it hopes will help libraries be more confident and less fearful of crossing ordinary copyright thresholds under the auspices of fair use. The Association of Research Libraries (ARL) has released a “Code of Best Practices in Fair Use for Academic and Research Libraries” - a 32-page document, based on interviews with dozens of librarians, outlining the principles and limitations it believes are relevant to eight common scenarios. The guidelines also recommend additional actions libraries can take to insulate themselves against legal challenges. “The code isn’t really a response or an antidote to any particular lawsuit or group of plaintiffs…. We focused on the eight situations in the code because they are important to libraries; the fact that litigation was happening was in the background, but we focused on the general issues, not the cases,” wrote Brandon Butler, the director of public policy initiatives for ARL, in an e-mail.
Copyright Lawsuit Targets Owners of Non-Secure Wireless Networks (ComputerWorld, 6 Feb 2012) - A federal lawsuit filed in Massachusetts could test the question of whether individuals who leave their wireless networks unsecured can be held liable if someone uses the network to illegally download copyrighted content. The lawsuit was filed by Liberty Media Holdings LLC, a San Diego producer of adult content. The company has accused more than 50 Massachusetts people, both named and unnamed, of using BitTorrent file-sharing technology to illegally download and share a gay porn movie. According to the compliant, the illegal downloads and sharing were traced to IP addresses belonging to the individuals named in the compliant and to several John Does. The complaint alleges that each of the defendants either was directly responsible for downloading and sharing the movie or contributed to the piracy through their negligence. Even if the defendants did not directly download the movies, they had control over the Internet access used for copyright infringement purposes, the lawsuit noted. “Defendants failed to adequately secure their Internet access, whether accessible only through their computer when physically connected to an Internet router or accessible to many computers by use of a wireless router,” Liberty Media claimed. “Defendants” negligent actions allowed others to unlawfully copy and share Plaintiff’s copyrighted Motion Picture, proximately causing financial harm to Plaintiff and unlawfully interfering with Plaintiff’s exclusive rights in the Motion Picture.” The lawsuit seeks either actual or statutory damages from each of the defendants. Marvin Cable, a Northampton, Mass.-based attorney for two of the defendants in the case, said, “this negligence theory is a novel one,” both in Massachusetts and around the country. He predicted that Liberty Media will have a hard time making its argument, because there is no case law or statutory basis for the negligence claims. If the company were to prevail, the case could have broad implications for those who provide free Internet access in places such as libraries, cafes, airports and schools, Cable said. [Editor: I maintain a second, open WiFi network for visitors, neighbors, and drive-bys. I do it intentionally; negligence isn’t involved.]
WunderMap Shows Weather From the Past & Future (ReadWriteWeb, 6 Feb 2012) - Weather Underground’s interactive WunderMap now enables users to go back and forth in time. WunderMap overlays a Google map with all kinds of weather information, including temperatures, radar, webcams, ski reports, dedicated services for fires, tornadoes, hurricanes and more. The map now displays a clock icon that lets users scroll through the past and future to view historical and forecast data. Most data go back to around 2000. It can also display forecasts for several days ahead. It’s amazing to go back to historic storms and watch them happen all over again. [Look at New Orleans, starting at 14:00 on 28 August 2005, and step thru it hour-by-hour.]
NLRB Issues Second Report on Use of Social Media in the Workplace (Blank Rome, 7 Feb 2012) - National Labor Relations Board ("NLRB") Acting General Counsel Lafe E. Solomon recently issued a second report reviewing fourteen NLRB decisions involving employee use of social media and online communications. The report supplements a prior report issued last year by the NLRB. A summary of the prior NLRB report can be found here . In the summarized decisions, the NLRB continued its practice of distinguishing between employees who use social media to engage in concerted activity such as discussing terms and conditions of employment and employees who use social media to simply express personal gripes or rants about their employers. Employees in the former group were found to be protected by the National Labor Relations Act ("NLRA"), whereas employees in the latter group were not protected by the statute. The NLRB report also provides guidance for employers drafting social media policies. In one decision cited in the report, the NLRB rejected as overbroad a social media policy that barred “defamatory” or “disparaging” online postings about an employer or its employees. The NLRB explained that such “defamatory” postings could include statutorily protected criticism of the employer’s labor policy or treatment of its employees. By contrast, the NLRB upheld a policy that barred postings containing statements that were slanderous, threatening, or harassing in violation of the employer’s workplace policies against harassment and discrimination.
A License to Link? Lowe’s Has One (Ars Technica, 7 Feb 2012) - In the course of building a large framed mirror last month-a process which cemented my belief that doing pro-quality wood staining is a black art best left to necromancers-I visited the website for hardware giant Lowe’s . While exploring the site, I came across something peculiar: a short Lowe’s “customer care” statement on how other website operators can link to Lowe’s . I know what you’re thinking: “there are instructions for this?” Indeed there are; Lowe’s has actually drafted three separate legal agreements to cover the practice. Two cover situations in which the linking site might use Lowe’s images and marks, and for which some kind of license deal makes more sense. The third says only, “If you’re linking to Lowes.com, but not using our mark(s)/logo(s) on your site, download the Version A link agreement.” I downloaded it as instructed. The Version A link agreement (PDF) is a two-page document granting “a non-assignable, non-exclusive, royalty-free license solely to create a hypertext link between Licensee’s Internet website, http://www.____________________, and any page of Lowe’s Internet website (http://www.lowes.com) ("the Link"), subject to the following terms and conditions.” The website desiring this “license to link” is supposed to fill in this form and then fax-faxing is the only option-it in to Lowe’s and wait for permission. Assuming that permission is granted, the new licensee has the right to create his link, with certain caveats. It all seemed so odd that I contacted Lowe’s public relations department and asked if it was the company’s position that people need to obtain such a license in order to link to Lowes.com. And if so, what legal basis stood behind this position? “Managing link agreements is part of protecting our brand,” is the polite reply I received. “The process we have in place to handle links to lowes.com is a business decision.” [Editor: See “ Looking Back ” below - same silliness ten years ago at NPR.]
The Intersection of Federal Copyright Law and State Public Record Law (Media Law Prof Blog, 8 Feb 2012) - Susan B. Wainscott, San Jose State University, School of Library & Information Science, has published Public or Protected by Copyright: How Federal Copyright Law and State Public Record Law Intersect . Here is the abstract: “While United States copyright law precludes copyright protection for works produced by the federal government, state and local government agencies may claim copyright on their works. All government agencies may acquire copyrights from third parties, and with permission include copyrighted materials within their works. State and local governments must balance these copyrights with the requirements of their state’s public records law. Agency staff may mistakenly try to protect an agency copyright that does not in fact exist. Agency staff may also mistakenly believe that the agency’s copyright is waived once a record has been distributed or unwittingly contribute to infringement of copyright held by a third party by providing public record copies to the public. This paper explores the following question: Do state and local governments risk losing their copyright or risk contributory infringement of copyright by providing public records to the public?”
Groupons for Lawyers Gain Traction with Ethics Committees (Lawyerist.com, 8 Feb 2012) - Lawyers can use daily deal sites, like Groupon, in North Carolina, South Carolina, and New York, according to ethics opinions in those states. New York was the third state to issue an opinion addressing the potential conflict between Groupon, which takes a percentage of every transaction, and rules prohibiting fee sharing or paid referrals. The three opinions agree in most respects, but there is a clear break over how to handle the money earned from these “daily deal” coupon websites. Both North Carolina and South Carolina specifically address the use of funds before representation, and agree that those funds must be placed in a trust account. New York does not address the issue, but it stands to reason that because the fee has not yet been earned, it would be improper for a lawyer in any state to place it directly in the firm account. Where New York sets itself apart is on the issue of expired coupons. Presumably, like any coupon purchased from a daily deal site, the coupon for legal services would eventually expire. In such an event, the New York opinion holds that “the lawyer is entitled to treat the advance payment received as an earned retainer for being available to perform the offered service in the given time frame.” That being said, if the lawyer cannot represent the client due to a conflict, an inability to render the services, or because the client discharges the lawyer, the lawyer must give the client a full refund. All three states agree on the importance of sufficient disclaimers. As South Carolina points out: Rule 7.1 expressly provides that an attorney must ensure that the communication does not contain any false, misleading, deceptive or unfair information about the lawyer or her services. But North Carolina goes even further. In North Carolina, attorneys must include certain disclosures in their daily deal advertisements.
In re Google (Patently-O, 8 Feb 2012) - Earlier this week, the Federal Circuit denied a petition for a writ of mandamus sought by Google in a dispute with Oracle. The petition sought to prevent Oracle from using a juicy email on the ground that the email was privileged. The email was sent from a Google engineer to Google’s VP in charge of its Android operating platform, as well as Google’s senior counsel and another engineer. The email itself is reproduced in the court’s opinion; it relates to an investigation of alternatives to Java that Google was considering. Google included the final version of the email on its privilege log, but produced “autosaves” of the email as it was being drafted. After Oracle referenced the substance of the email at a hearing, Google asked Oracle to return all versions of the email, citing privilege. Oracle complied, but moved to compel. The district court subsequently held that the email was not protected under the attorney-client privilege or the work-product doctrine. Although the court’s affirmance of the district court’s refusal to protect this communication under the attorney-client privilege is fact-specific (and nonprecedential), the opinion nevertheless provides a useful short primer on attorney-client privilege issues in the context of activities performed at the behest of an in-house counsel. The opinion also illuminates one of the consequences of the dump-and-recall approach that patent litigation is trending towards: if Google had carefully reviewed all of its document before they were produced, it likely would not have produced autosaves of this email. Instead, they would likely have ended up as a few lines among an untold number of nearly anonymous entries on a privilege log. Indeed, if even Google cannot avoid the inadvertent production of documents it intended to shield via its privilege log, it is questionable that anyone can - especially as document volumes continue to grow. (But perhaps search technologies will improve as well). Case is here .
“How Money Corrupts Congress and a Plan to Stop It” (Larry Lessig at the Long Now Foundation, 17 Jan 2012; 90 minutes) - Larry Lessig gave a rousing performance for the 100th Seminar About Long-Term Thinking. In a lawyerly fashion he laid out evidence of a new type of corruption that is disrupting the American republic, and he offered a remedy for that corruption. Lessig has a very distinctive visual style of using slides that punctuates, word for word, the clear logic of his argument. [Editor: extremely well-done explication of systemic, structural factors that have inevitably led to the current mess, independent of per-se corruption, venality, or bad-intention. I highly recommend this.]
Before The Movie Begins (The New Yorker, 6 Feb 2011) - Please note that the use of any recording equipment to capture this film is strictly forbidden, including: camcorders, cameras, cell phones, charcoal, ink, paint (oil or water-based), and the human brain. On leaving the theatre, you will be assaulted by baseball-bat-wielding ushers, who will pummel your skull until you forget what you have seen. Any remaining memories are yours to keep and enjoy, provided you do not discuss them with others or make them available via mankind’s collective unconscious. In addition, your experience of this film may not be remixed in any form; dreams involving any of its characters must adhere strictly to the film’s actual plotline and running time, and must also comply with copyright laws in your state or territory. Any sexual fantasies based on it may not exceed the film’s M.P.A.A. rating. This film is licensed only for public exhibition in first-run theatres, and is not to be screened in schools, on oil rigs, or in prisons. If you are watching it in a school, on an oil rig, or in a prison, you must immediately drop out, throw yourself off the edge and swim to safety, or plan an elaborate escape with the help of a ragtag team of charming criminals, most of whom were wrongly accused, and all of whom wish to become productive members of society. The rights to the story of your escape immediately become the property of the makers of this film, in any and all forms of expression now extant or to be invented in the future, throughout the universe and three feet beyond, just for good measure. If you wish to opt out of any of the above terms and conditions, you must now walk up to the screen and check one or more of the following boxes with an indelible black Magic Marker * * *
LOOKING BACK - MIRLN TEN YEARS AGO
PUBLIC PROTESTS NPR LINK POLICY (Wired, 20 June 2002)—When huge, nameless, faceless corporations try to impose “linking policies” upon webmasters who want to point to the company’s site, people usually react in a predictable way. They get mad, they spitefully put up dozens of policy-violating links, and they bemoan, once more, the fact that some folks still don’t understand that if you don’t want to be linked you shouldn’t be on the Web. The reaction was much the same on Wednesday, when webloggers discovered that yet another huge organization is trying to lay down rigid linking guidelines—only this time the huge organization is National Public Radio, the ad-free, member-supported radio network that often paints itself as the antithesis of all things big and corporate. On a form on its website, NPR says that “linking to or framing of any material on this site without the prior written consent of NPR is prohibited.” People who’d like to link to NPR can do so easily by filling out the online form—it asks for a linker’s name, e-mail address, physical address, phone number, information about the linking site, how long the link will remain on the site, the “proposed wording of the link and accompanying text,” the U.S. state in which the linking site is incorporated and if it’s a commercial site. These requirements aren’t new. According to the date on the page, the permission form was last updated in March. But the page became the talk of the blogs on Wednesday, a day after Cory Doctorow posted up a link to the permission form on BoingBoing, his blog. “No matter how deep or shallow your link is, NPR requires you to fill in this form,” Doctorow wrote on the site, links included. Doctorow also called NPR’s policy “brutally stupid” and he compared the nonprofit organization’s actions to those of KPMG, the multinational tax and audit firm that informed a handful of webmasters last year that they needed a “formal agreement” to link to the company’s site. http://www.wired.com/news/business/0,1367,53355,00.html
WEB SITE FLOUTS LINKING BANS (CNET News.com, 21 August 2002)—Want David Sorkin to link to your Web site? Just ask him not to. Sorkin, associate professor of law at The John Marshall Law School in Chicago, is the man behind Don’t Link to Us, a Web site that exists merely to flout what it terms ‘stupid linking policies.” Sorkin’s site was launched in reaction to recent legal decisions in which courts upheld Web site terms and conditions that prohibited or restricted links. It links to sites that attempt to impose substantial restrictions on other sites that link to them. “I created my Dontlink.com site in part as a reaction to Newsbooster and similar cases,” Sorkin wrote in an e-mail interview. “But I’ve really focused more on sites that don’t seem to have any plausible reason for wanting to restrict links--in other words, that are doing so out of mere ignorance.” In last month’s Newsbooster case, a Danish court ruled that the Newsbooster Web site could not link to stories within 28 associated Danish news sites. Once Sorkin started looking more closely at the Web’s various link restrictions, he said he was surprised to find not merely curbs on so-called deep links (to pages beyond a site’s home page) or links to pages that incorporated a trademark, but outright bans on linking to a site altogether. Courts worldwide have grappled with the issue of whether a site can prohibit links to its pages, and the issue is nearly as old as the mainstream commercial Web itself. In addition to the Danish court decision, the Scottish courts grappled with the issue in 1997, though that case was settled out of court. In the United States, link-busting litigants have included Hollywood and Ticketmaster. Sites with linking bans Sorkin has flouted include those of the International Trademark Association, the American Cancer Society, the City of Colorado Springs, Gay Wired, Texas Instruments, Shell Oil, the Washington Post, Disney, Motorola, the Chicago Sun Times, the Chicago Tribune, National Public Radio, Carfax, Matsushita, Autodesk, the Smithsonian Institution’s Hirshhorn Museum and Sculpture Garden, Michigan.gov and Law.com. http://news.com.com/2100-1023-954612.html?tag=fd_top