Thursday, November 10, 2011
Cyber-Terror: Still Nothing to See Here
Cybersecurity is a hot policy / legal topic at the moment: the SEC recently issued guidance on cybersecurity reporting, defense contractors suffered a spear-phishing attack, the Office of the National Counterintelligence Executive issued a report on cyber-espionage, and Brazilian ISPs fell victim to DNS poisoning. (The last highlights a problem with E-PARASITE and PROTECT IP: if they inadvertently encourage Americans to use foreign DNS providers, they may worsen cybersecurity problems.) Cybersecurity is a moniker that covers a host of problems, from identity theft to denial of service attacks to theft of trade secrets. The challenges are real, and there are many of them. That's why it is disheartening to see otherwise knowledgeable experts focusing on chimerical targets.
For example, Eugene Kaspersky stated at the London Cyber Conference that "we are close, very close, to cyber terrorism. Perhaps already the criminals have sold their skills to the terrorists - and then...oh, God." FBI executive assistant director Shawn Henry said that attacks could "paralyze cities" and that "ultimately, people could die." Do these claims hold up? What, exactly, is it that cyber-terrorists are going to do? Engage in identity theft? Steal U.S. intellectual property? Those are somewhat worrisome, but where is the "terror" part? Terrorists support malevolent activities with all sorts of crimes. But that's "support," not "terror." Hysterics like Richard Clarke spout nonsense about shutting down air traffic control systems or blowing up power plants, but there is precisely zero evidence that even nation-states can do this sort of thing, let alone small, non-state actors. The "oh, God" part of Kaspersky's comment is a standard rhetorical trope in the apocalyptic discussions of cybersecurity. (I knock these down in Conundrum, coming out shortly in Minnesota Law Review.) And paralyzing a city isn't too hard: snowstorms do it routinely. The question is how likely such threats are to materialize, and whether the proposed answers (Henry thinks we should build a new, more secure Internet) make any sense.
There are at least two plausible reasons why otherwise rational people spout lurid doomsday scenarios instead of focusing on the mundane, technical, and challenging problems of networked information stores. First, and most cynically, they can make money from doing so. Kaspersky runs an Internet security company; Clarke is a cybersecurity consultant; former NSA director Mike McConnell works for a law firm that sells cybersecurity services to the government. I think there's something to this, but I'm not ready to accuse these people of being venal. I think a more likely explanation flows from Paul Ohm's Myth of the Superuser: many of these experts have seen what truly talented hackers can do, given sufficient time, resources, and information. They then extrapolate to a world where such skills are commonplace, and unrestrained by ethics, social pressures, or sheer rational actor deterrence. Combine that with the chance to peddle one's own wares, or books, to address the problems, and you get the sum of all fears. Cognitive bias matters.
The sky, though, is not falling. Melodrama won't help - in fact, it distracts us from the things we need to do: to create redundancy, to test recovery scenarios, to deploy more secure software, and to encourage a culture of testing (the classic "hacking"). We are not going to deploy a new Internet. We are not going to force everyone to get an Internet driver's license. Most cybersecurity improvements are going to be gradual and unremarkable, rather than involving Bruce Willis and an F-35. Or, to quote Frank Drebin, "Nothing to see here, please disperse!" Cross-posted at Info/Law.
Saturday, November 05, 2011
The House of Representatives is considering the disturbingly-named E-PARASITE Act. The bill, which is intended to curb copyright infringment on-line, is similar to the Senate's PROTECT IP Act, but much much worse. It's as though George Lucas came out with the director's cut of "The Phantom Menace," but added in another half-hour of Jar Jar Binks.
As with PROTECT IP, the provisions allowing the Attorney General to obtain a court order to block sites that engage in criminal copyright violations are, in theory, less objectionable. But they're quite problematic in their particulars. Let me give three examples.
First, the orders not only block access through ISPs, but also require search engines to de-list objectionable sites. That not only places a burden on Google, Bing, and other search sites, but it "vaporizes" (to use George Orwell's term) the targeted sites until they can prove they're licit. That has things exactly backwards: the government must prove that material is unlawful before restraining it. This aspect of the order is likely constitutionally infirm.
Second, the bill attacks circumvention as well: MAFIAAFire and its ilk become unlawful immediately. Filtering creep is inevitable: you have to target circumvention, and the scope of circumvention targeted widens with time. Proxy services like Anonymizer are likely next.
Finally, commentators have noted that the bill relies on DNS blocking, but they're actually underestimating its impact. The legislation says ISPs must take "technically feasible and reasonable measures designed to prevent access by its subscribers located within the United States" to Web sites targeted under the bill, "including measures designed to prevent the domain name of the foreign infringing site (or portion thereof) from resolvingto that domain name's Internet protocol address." The definitional section of the bill says that "including" does not mean "limited to." In other words, if an ISP can engage in technically feasible, reasonable IP address blocking or URL blocking - which is increasingly possible with providers who employ deep packet inspection - it must do so. The bill, in other words, targets more than the DNS.
On the plus side, the bill does provide notice to users (the AG must specify text to display when users try to access the site), and it allows for amended orders to deal with the whack-a-mole problem of illegal content evading restrictions by changing domain names or Web hosting providers.
The private action section of the bill is extremely problematic. Under its provisions, YouTube is clearly unlawful, and neither advertising or payment providers would be able to transact business with it. The content industry doesn't like YouTube - see the Viacom litigation - but it's plainly a powerful and important innovation. This part of E-PARASITE targets sites "dedicated to the theft of U.S. property." (Side note: sorry, it's not theft. This is a rhetorical trope in the IP wars, but IP infringement simply is not the same as theft. Theft deals with rivalrous goods. In addition, physical property rights do not expire with time. If this is theft, why aren't copyright and patent expirations a regulatory taking? Why not just call it "property terrorism"?)
So, what defines such a site? It is:
- "primarily designed or operated for the purpose of, has only limited purpose or use other than, or is marketed by its operator or another acting in concert with that operator for use in, offering goods or services in a manner that engages in, enables, or facilitates" violations of the Copyright Act, Title I of the Digital Millennium Copyright Act, or anti-counterfeiting laws; or,
- "is taking, or has taken, deliberate actions to avoid confirming a high probability of the use of the U.S.-directed site to carry out the acts that constitute a violation" of those laws; or,
- the owner "operates the U.S.-directed site with the object of promoting, or has promoted, its use to carry out acts that constitute a violation" of those laws.
That is an extraordinarily broad ambit. Would buying keywords, for example, that mention a popular brand constitute a violation? And how do we know what a site is "primarily designed for"? YouTube seems to have limited purpose or use other than facilitating copyright infringement. Heck, if the VCR were a Web site, it'd be unlawful, too.
The bill purports to establish a DMCA-like regime for such sites: the IP owner provides notice, and the site's owner can challenge via counter-notification. But the defaults matter here, a lot: payment providers and advertisers must cease doing business with such sites unless the site owner counter-notifies, and even then, the IP owner can obtain an injunction to the same effect. Moreover, to counter-notify, a site owner must concede jurisdiction, which foreign sites will undoubtedly be reluctant to do. (Litigating in the U.S. is expensive, and the courts tend to be friendly towards local IP owners. See, for example, Judge Crotty's slipshod opinion in the Rojadirecta case.)
I've argued in a new paper that using direct, open, and transparent methods to censor the Internet is preferable to our current system of "soft" censorship via domain name seizures and backdoor arm-twisting of private firms, but E-PARASITE shows that it's entirely possible for hard censorship to be badly designed. The major problem is that it outsources censorship decisions to private companies. Prior restraint is an incredibly powerful tool, and we need the accountability that derives from having elected officials make these decisions. Private firms have one-sided incentives, as we've seen with DMCA take-downs.
In short, the private action measures make it remarkably easy for IP owners to cut off funding for sites to which they object. These include Torrent tracker sites, on-line video sites, sites that host mash-ups, and so forth. The procedural provisions tilt the table strongly towards IP owners, including by establishing very short time periods by which advertisers and payment providers have to comply. Money matters: WikiLeaks is going under because of exactly these sort of tactics.
America is getting into the Internet censorship business. We started down this path to deal with pornographic and obscene content; our focus has shifted to intellectual property. I've argued that this is because IP legislation draws lower First Amendment scrutiny than other speech restrictions, and interest groups are taking advantage of that loophole. It's strange to me that Congress would damage innovation on the Internet - only the most powerful communications medium since words on paper - to protect movies and music, which are relatively small-scale in the U.S. economy. But, as always with IP, the political economy matters.
I predict that a bill like PROTECT IP or E-PARASITE will become law. Then, we'll fight out again what the First Amendment means on the Internet, and then the myth of America's free speech exceptionalism on-line will likely be dead.
Cross-posted at Info/Law.
Posted by Derek Bambauer on November 5, 2011 at 05:06 PM in Civil Procedure, Constitutional thoughts, Culture, Current Affairs, First Amendment, Information and Technology, Intellectual Property, Law and Politics, Music, Property, Web/Tech | Permalink | Comments (2) | TrackBack
Thursday, November 03, 2011
Why Don't We Do It In the Road?
In that White Album gem, "Why Don't We Do It In the Road?", Paul McCartney insinuated that whatever "it" was wouldn't matter because "no one will be watching us." The feeling of being watched can change the way in which one engages in an activity. Often, perceiving one's own behavior clearly is an essential step in changing that behavior.
I've thought about this lately as I've tried to become more productive in my writing, and I'm drawn to resources that help me externalize my monitoring procress. There are various commitment mechanisms out there, which I've lumped roughly into three groups. Some are designed to make me more conscious of my own obligation to write. Other mechanisms are designed to bring outsiders on board, inviting /forcing me to give an account of my productivity or lack thereof to others. And some, like StickK, combine the second with the means to penalize me if I fail to perform.
Should I need tricks to write? Perhaps not, but even with the best of intentions, it's easy to get waylaid by the administrative and educational requirements of the job. Commitment mechanisms help me remember why I want to fill those precious moments of downtime with writing. Below the fold I'll discuss some methods I've tried in that first category, and problems that make them less than optimal for my purposes. Feel free to include your suggestions and experiences here, as well. Also note that over at Concurring Opinions, Kaimipono Wenger has started the first annual National Article Finishing Month, a commitment mechanism I have not yet tried (but just might). In subsequent posts, I'll tackle socializing techniques and my love / hate relationship with StickK.
Perhaps like many of you, I find the Internet to be a two-edged sword. While I can be more productive because so many resources are at my fingertips, I also waste too much time surfing the webs. I've tried commitment mechanisms that shut down the internet, but have so far found them lacking. I've tried Freedom, which kills the entire internet for a designated period of time. That's helpful to an extent, although I store my documents on Dropbox, so my work moves with me from home to office without the need to keep track of a usb drive. While Dropbox should automatically synch once Freedom stops running, I've found that hasn't been as smooth as I hoped. This in turn makes me hesitant to rely on Freedom.
What makes me even more hesitant to use Freedom is that I have to reboot my computer to get back to the internet every other time I use it. If you are not saving your work to the cloud, you may see that as a feature and not a bug.
I turned next to StayFocusd, a Chrome App that allows me to pick and choose websites to block. Stay Focusd reminds me when I'm out of free browsing time with a pop-up that dominates the screen, with a mild scold, like "Shouldn't you be working?" If you are the type to use multiple browsers for different purposes, however, Stay Focusd is only a Firefox window away from being relatively ineffectual.
The self-monitoring tool I've liked the best so far is Write or Die. You set the amount of time you want to write, the words you propose to generate, and you start writing. As I set it, if you stop typing for more than 10 seconds, the program makes irritating noises (babies crying, horns honking, etc.) until you start typing again. Write or Die is great for plowing through a first draft quickly, but is less effective if the goal is to refine text. This is part because the interface gives you bare bones text. I'm too cheap to download the product, which has more bells and whistles than the free online version (like the ability to italicize text). In addition, in the time it takes to think about the line I'm rewriting, the babies begin to howl again.
So, what commitment mechanisms do you use when you don't feel like writing?
Wednesday, October 26, 2011
How Baseball Made Me a PirateMajor League Baseball has made me a pirate, with no regrets. Nick Ross, on Australia's ABC, makes "The Case for Piracy." His article argues that piracy often results, essentially, from market failure: customers are willing to pay content owners for access to material, and the content owners refuse - because they can't be bothered to serve that market or geography, because they are trying to force consumers onto another platform, or because they are trying to leverage interest in, say, Premier League matches as a means of getting cable customers to buy the Golf Network. The music industry made exactly these mistakes before the combination of Napster and iTunes forced them into better behavior: MusicNow and Pressplay were expensive disasters, loaded with DRM restrictions and focused on preventing any possible re-use of content rather than delivering actual value. TV content owners are now making the same mistake. Take, for example, MLB. I tried to purchase a plan to watch the baseball playoffs on mlb.com - I don't own a TV, and it's a bit awkward to hang out at the local pub for 3 hours. MLB didn't make it obvious how to do this. Eventually, I clicked a plan that indicated it would allow me to watch the entire postseason for $19.99, and gladly put in my credit card number. My mistake. It turns out that option is apparently for non-U.S. customers. I learned this the hard way when I tried to watch an ALDS game, only to get... nothing. No content, except an ad that tried to get me to buy an additional plan. That's right, for my $19.99, I receive literally nothing of value. When I e-mailed MLB Customer Service to try to get a refund, here's the answer I received: "Dear Valued Subscriber: Your request for a refund in connection with your 2011 MLB.TV Postseason Package subscription has been denied in accordance with the terms of your purchase." Apparently the terms allow fraud. Naturally, I'm going to dispute the charge with my credit card company. But here's the thing: I love baseball. I would gladly pay MLB to watch the postseason on-line. And yet there's no way to do so, legally. In fact, apparently the only people who can are folks outside the U.S. And if you try to give them your money anyway, they'll take it, and then tell you how valued you are. But you're not. So, I'm finding ways to watch MLB anyway. If you have suggestions or tips, offer 'em in the comments - there must be a Rojadirecta for baseball. And next season, when I want to watch the Red Sox, that's the medium I'll use - not MLB's Extra Innings. MLB has turned me into a pirate, with no regrets.Cross-posted at Info/Law.
Posted by Derek Bambauer on October 26, 2011 at 07:48 PM in Criminal Law, Culture, Information and Technology, Intellectual Property, International Law, Music, Odd World, Sports, Television, Web/Tech | Permalink | Comments (34) | TrackBack
Thursday, October 20, 2011
Policing Copyright Infringement on the Net
Mark Lemley has a smart editorial up at Law.com on the hearings at the Second Circuit Court of Appeals in Viacom v. YouTube. The question is, formally, one of interpreting Title II of the Digital Millennium Copyright Act (17 U.S.C. 512), and determining whether YouTube meets the statutory requirements for immunity from liability. But this is really a fight about how much on-line service providers must do to police, or protect against, copyright infringement. Mark, and the district court in the case, think that Congress answered this question rather clearly: services such as YouTube need to respond promptly to notifications of claimed infringement, and to avoid business models where they profit directly from infringement. The fact that a site attracts infringing content (which YouTube indubitably does) can't wipe out the safe harbor, because then the DMCA would be a nullity. It may be that the burden of policing copyrights should fall more heavily on services such as YouTube than it currently does. But, if that's the case, Viacom should be lobbying Congress, not the Second Circuit. I predict a clean win for YouTube.
Monday, October 17, 2011
The Myth of Cyberterror
UPI's article on cyberterrorism helpfully states the obvious: there's no such thing. This is in sharp contrast to the rhetoric in cybersecurity discussions, which highlights purported threats from terrorists to the power grid, the transportation system, and even the ability to play Space Invaders using the lights of skyscrapers. It's all quite entertaining, except for 2 problems: 1) perception frequently drives policy, and 2) all of these risks are chimerical. Yes, non-state actors are capable of defacing Web sites and even launching denial of service attacks, but that's a far cry from train bombings or shootings in hotels.
The response from some quarters is that, while terrorists do not currently have the capability to execute devastating cyberattacks, they will at some point, and so we should act now. I find this unsatisfying. Law rarely imposes large current costs, such as changing how the Internet's core protocols run, to address remote risks of uncertain (but low) incidence and uncertain magnitude. In 2009, nearly 31,000 people died in highway car crashes, but we don't require people to drive tanks. (And, few people choose to do so, except for Hummer employees.)
Why, then, the continued focus on cyberterror? I think there are four reasons. First, terror is the policy issue of the moment: connecting to it both focuses people's attention and draws funding. Second, we're in an age of rapid and constant technological change, which always produces some level of associated fear. Few of us understand how BGP works, or why its lack of built-in authentication creates risk, and we are afraid of the unknown. Third, terror attacks are like shark attacks. We are afraid of dying in highly gory or horrific fashion, rather than basing our worries on actual incidence of harm (compare our fear of terrorists versus our fear of bad drivers, and then look at the underlying number of fatalities in each category). Lastly, cybersecurity is a battleground not merely for machines but for money. Federal agencies, defense contractors, and software companies all hold a stake in concentrating attention on cyber-risks and offering their wares as a means of remediating them.
So what should we do at this point? For cyberterror, the answer is "nothing," or at least nothing that we wouldn't do anyway. Preventing cyberattacks by terrorists, nation states, and spies all involve the same things, as I argue in Conundrum. But: this approach gets called "naive" with some regularity, so I'd be interested in your take...
Posted by Derek Bambauer on October 17, 2011 at 04:43 PM in Criminal Law, Current Affairs, Information and Technology, International Law, Law and Politics, Science, Web/Tech | Permalink | Comments (7) | TrackBack
Friday, October 14, 2011
Behind the Scenes of Six Strikes
Wired has a story on the cozy relationship between content industries and the Obama administration, which resulted in the deployment of the new "six strikes" plan to combat on-line copyright infringement. Internet security and privacy researcher Chris Soghoian obtained e-mail communication between administration officials and industry via a Freedom of Information Act (FoIA) request. (Disclosure: Jonathan Askin and I represent Chris in his appeal regarding this FoIA request.) The e-mails demonstrate vividly what everyone suspected: Hollywood - in the form of the music and movie industries - has an administration eager to be helpful, including by pressuring ISPs. Stay tuned.
Posted by Derek Bambauer on October 14, 2011 at 11:10 AM in Blogging, Culture, Current Affairs, Film, Information and Technology, Intellectual Property, Judicial Process, Law and Politics, Music, Web/Tech | Permalink | Comments (0) | TrackBack
Thursday, October 13, 2011
The Pirates' Code
There have been a number of attempts to alter consumer norms about copyright infringement (especially those of teenagers). The MPAA has its campaigns; the BSA has its ferret; and now New York City has a crowdsourced initiative to design a new public service announcement. At first blush, the plan looks smart: rather than have studio executives try to figure out what will appeal to kids (Sorcerer's Apprentice, anyone?), leave it to the kids themselves.
On further inspection, though, the plan seems a bit shaky. First, it's not actually a NYC campaign: the Bloomberg administration is sockpuppeting for NBC Universal. Second, why is the City even spending scarce taxpayer funds on this? Copyright enforcement is primarily private, although the Obama administration is lending a helping hand. Third, is this the most effective tactic? It seems more efficient to go after the street vendors who sell bootleg DVDs, for example - I can buy a Blockbuster Video store's worth of movies just by walking out the front door of my office.
Yogi Berra (or was it Niels Bohr?) said that the hardest thing to predict is the future. And the hardest thing about norms is changing them. Larry Lessig's New Chicago framework not only points to the power of norms regulation (along the lines of Bob Ellickson), but suggests that norms are effectively free - no one has to pay to enforce them. This makes them attractive as a means of regulation. The problem, though, is that norms tend to be resistant to overt efforts to shift them. Think of how long it took to change norms around smoking - a practice proven to kill you - and you'll appreciate the scope of the challenge. The Bloomberg administration should save its resources for moving snow this winter...
Monday, October 10, 2011
Spying, Skynet, and Cybersecurity
The drones used by the U.S. Air Force have been infected by malware - reportedly, a program that logs the commands transmitted from the pilots' computers at a base in Nevada to the drones flying over Iraq and Afghanistan. This has led to comparisons to Skynet, particularly since the Terminators' network was supposed to become self-aware in April. While I think we don't yet need to stock up on robot-sniffing dogs, the malware situation is worrisome, for three reasons.
First, the military is aware of the virus's presence, but is reportedly unable to prevent it from re-installing itself even after they clean off the computers' drives. Wired reports that re-building the computers is time-consuming. That's undoubtedly true, but cyber-threats are an increasing part of warfare, and they'll soon be ubiquitous. I've argued that resilience is a critical component of cybersecurity. The Department of Defense needs to assume that their systems will be compromised - because they will - and to plan for recovery. Prevention is impossible; remediation is vital.
Second, the malware took hold despite the air gap between the drones' network and the public Internet. The idea of separate, isolated networks is a very attractive one in security, but it's false comfort. In a world where flash drives are ubiquitous, where iPods can store files, and where one can download sensitive data onto a Lady Gaga CD, information will inevitably cross the gap. Separation may be sensible as one security measure, but it is not a panacea.
Lastly, the Air Force is the branch of the armed forces currently in the lead in terms of cyberspace and cybersecurity initiatives. If they can't solve this problem, do we want them taking the lead on this new dimension of the battlefield?
It's not clear how seriously the drones' network has been compromised - security breaches have occurred before. But cybersecurity is difficult. We saw the first true cyberweapon in Stuxnet, which damaged Iran's nuclear centrifuges and set back its uranium enrichment program. That program too looked benign, on first inspection. Let's hope the program here is closer to Kyle Reese than a T-1000.
Tuesday, October 04, 2011
America Censors the Internet
If you're an on-line poker player, a fan of the Premier League, or someone who'd like to visit Cuba, you probably already know this. Most people, though, aren't aware that America censors the Internet. Lawyers tend to believe that a pair of Supreme Court cases, Reno v. ACLU (1997) and Ashcroft v. ACLU (2004), permanently interred government censorship of the Net in the U.S. Not so.
In a new paper, Orwell's Armchair (forthcoming in the University of Chicago Law Review), I argue that government censors retain a potent set of tools to block disfavored on-line content, from using unrelated laws (like civil forfeiture statutes) as a pretext to paying intermediaries to filter to pressuring private actors into blocking. These methods are not only indirect, they are less legitimate than overt, transparent regulation of Internet content. In the piece, I analyze the constraints that exist to check such soft censorship, and find that they are weak at best. So, I argue, if we're going to censor the Internet, let's be clear about it: the paper concludes by proposing elements of a prior restraint statute for on-line content that could both operate legitimately and survive constitutional scrutiny.
Jerry Brito of George Mason University's Mercatus Center kindly interviewed me about the issues the article raises for his Surprisingly Free podcast. It's worth a listen, even though my voice is surprisingly annoying.
Cross-posted at Info/Law.
Posted by Derek Bambauer on October 4, 2011 at 06:14 PM in Civil Procedure, Constitutional thoughts, Current Affairs, First Amendment, Information and Technology, Intellectual Property, Law and Politics, Web/Tech | Permalink | Comments (3) | TrackBack
Sunday, October 02, 2011
What Commons Have in Common
Thanks to Dan and the Prawfs crew for having me! Blogging here is a nice distraction from the Red Sox late-season collapse.
Last week, NYU Law School hosted Convening Cultural Commons, a two-day workshop intended to accelerate the work on information commons begun by Carol Rose, Elinor Ostrom, and Mike Madison / Kathy Strandburg / Brett Frischmann. All four of the above were presented as case studies (by Dave Fagundes, Sonali Shah, Charles Schweik, and Mike Madison, respectively). Elinor Ostrom gave the keynote address, and sat in on most of the presentations. It's exciting stuff: Mike, Kathy, and Brett have worked hard to adapt Ostrom's Institutional Analysis and Development framework to analysis of information commons such as Wikipedia, the Associated Press, and jambands. Yet, there was one looming issue that the conferees couldn't resolve: what, exactly, is a commons?
The short answer is: no one knows. Ostrom's work counsels a bottom-up, accretive way to answer this question. Over time, with enough case studies, the boundaries of what constitutes a "commons" become clear. So, the conventional answer, and one supported by a lot of folks at the NYU conference, is to go forth and, in the spirit of Clifford Geertz, engage in collection and thick description of things that look like, or might be, commons.
As an outsider to the field, I think that's a mistake.What commons research in law (and allied disciplines) needs is some theories of the middle range. There is no Platonic or canonical commons out there. Instead, there are a number of dimensions along which a particular set of information can be measured, and which make it more or less "commons-like." Let me suggest a few as food for thought:
- Barriers to access - some information, like Wikipedia, is available to all comers; other data, like pooled patents, are only available to members of the club. The lower the barriers to access, the more commons-like a resource is.
- State role in management - government may be involved in managing resources directly (for example, data in the National Practitioner Data Bank), indirectly (for example, via intellectual property laws), or not at all. I think a resource is more commons-like as it is less managed by the state.
- Ability to privatize - information resources are more and less subject to privatization. Information in the public domain, such as Shakespeare's plays, cannot be privatized - no one can assert rights over them (at least, not under American copyright law). Some information commons protected by IP law cannot be privatized, such as software developed under the GPL, and some can be, such as software developed under the Apache License. The greater the ability to privatize, I'd argue, the less commons-like.
- Depletability - classic commons resources (such as fisheries or grazing land) are subject to depletion. Information resources can be depleted, though depletion here may come more in the form of congestion, as Yochai Benkler argues. Internet infrastructure is somewhat subject to depletion, while ideas or prices are not. The greater the risk of depletion,the less commons-like.
Finally, why do we care about the commons? I think that commons studies are a reaction to the IP wars: they are a form of resistance to IP maximalism. By showing that information commons are not only ubiquitous, but vital to innovation and even a market economy, legal scholars can offer a principled means of arguing against ever-increasing IP rights. That makes studying these resources - and, hopefully, putting forward testable theories about what are and are not attributes of a commons - vital to enlightened policymaking.
(Cross-posted to Info/Law.)
Friday, July 29, 2011
A Plan for Forking Wikipedia to Provide a Reliable Secondary Source on Law
Recently Wikipedia rolled out a feedback feature (example at right) that allows readers to rate the page they are looking at. You can give the page a score from one to five in each of four categories: Trustworthy, Objective, Complete, and Well-written. Then, there's an optional box you can check that says "I am highly knowledgeable about this topic."
This may be good for flagging pages that need work. But, of course, Wikipedia's trustworthiness problem is not going to be solved by anonymous users, self-declared to be "highly knowledgeable," deeming articles to be trustworthy.
I do think, however, that if you forked Wikipedia to create a version with an authenticated expert editorship, then the ratings could evolve Wikipedia content into being a credible source. In fact, I think it could work well for articles on law.
"Forking," for software developers, means taking an open-source project and spliting off a version that is then developed separately. The open-source license specifically allows you to do this. Forking a project is not always productive, but I think it could be useful in creating an encyclopedia-type reference about the law that is both trustworthy and freely available.
There's a real need for such material in the legal sphere. Right now, there seems to be an accessibility/credibility trade off with secondary sources of legal information: Wikipedia is accessible, but not credible. Traditional binder sets are credible, but not very accessible – using them is generally either expensive (in terms of subscriptions fees) or burdensome (via a trip to the nearest law library).
If, however, you could take Wikipedia and apply credibility on top of it, you would have a secondary source that is both credible and accessible.
Imagine grabbing all the Wikipedia pages about law – which at this point are generally very well developed – and then, while continuing to make them viewable to the public, locking them so that only authenticated lawyers and law students could edit them. These expert editors could then correct errors where they find them. Where they don't find errors, they could click a box indicating trustworthiness. As time went on, pages would have errors weeded out, and trustworthiness scores would accumulate.
Trustworthiness ratings on pages editable only by experts would relieve the need for internal citations. Right now, the Wikipedia community pushes hard for citations in articles. Citations are important in the Wikipedia context because of the lack of credentials on the part of the writers. But if pages were only editable by authenticated lawyers, then cumulative positive ratings would make pages more reliable even without citations.
Admittedly, a forked version of Wikipedia edited by lawyers and law students would not replace the big binder sets. The depth of the material, at least as it stands now, is too limited. Wikipedia, even if reliable, wouldn't help a trust-and-estates lawyer with trust and estates. But if it were imbued with trustworthiness, Wikipedia content does have enough depth to be useful for lawyers orienting themselves to an unfamiliar field of law. Likewise, it has enough detail for non-lawyers who are looking to gain a general understanding of some specific doctrinal topic.
So, what do you think? It would be fairly easy to put together from a technical perspective, but would it be worthwhile? Do you think people with legal knowledge would contribute by removing errors and scoring pages? Or would a forked law wiki sit fallow? (I do notice there are lots of lawyers participating actively on Quora, crafting very good answers to individual questions.)
Maybe it would work in other fields aside from law, as well. It does seem to me, though, that law is a particularly good subject for forking.
Friday, July 22, 2011
JSTOR: What is it Good For?
Information-liberation guru and alleged hacktivist Aaron Swartz is facing 35 years in prison on a federal indictment [PDF] for breaking into MIT's systems and downloading more than four million academic articles from JSTOR. So, I can't help but see Stuart Buck's point that his doing so wasn't a good idea.
But is JSTOR a good idea?
JSTOR is a non-profit organization that digitizes scholarship and makes it available online – for a fee. JSTOR was launched by the philanthropic Andrew W. Mellon Foundation in 1995 to serve the public interest. But it seems to me that today, JSTOR may be more mischievous than munificent.
For instance, on JSTOR I found a 1907 article called "Criminal Appeal in England" published in the Journal of the Society of Comparative Legislation. I was offered the opportunity to view this 11-page antique for the dear price of $34.00. And this is despite the fact that my university is a JSTOR "participating institution," and despite the fact that this article is so old, it is no longer subject to copyright.
What's more, by paying $34.00, I would take on some rather severe limitations under JSTOR's terms of service. I could not, for instance, turn around and make this public-domain article available from my own website.
You might ask, why can't JSTOR just make this stuff available for free? After all, JSTOR says its mission is "supporting scholarly work and access to knowledge around the world."
Why indeed, especially considering I CAN GET THE ENTIRE 475-PAGE JOURNAL VOLUME FOR FREE FROM THE INTERNET ARCHIVE and GOOGLE BOOKS. (That includes not just "Criminal Appeal in England," but also such scintilators as "The Late Lord Davey" by the Right Honourable Lord Macnaghten. All for the low, low price of FREE.)
And it's not just old, public domain articles. Current scholarship is increasingly being offered for free from journals' own websites as soon as it is printed. Not to mention the quickly accreting mass of articles on free-access sites SSRN and the Arxiv.
Maybe JSTOR seemed like a good idea when it was launched 16 years ago. But today, if other organizations are doing for free what JSTOR is charging for, then perhaps JSTOR should be dismantled or substantially reworked. JSTOR in a big enterprise, and I am not familar with all of its parts. It may be that JSTOR provides important services that otherwise wouldn't be available. I don't know. But I do know that, at least with part of its collection, JSTOR is playing rope-a-dope, hoping to shake money out of chumps too unlucky to know they could have gotten the same wares for nothing if they just had clicked elsewhere.
JSTOR should act now to make as much of its database free as it can, including all public domain materials and all copyrighted materials for which the requisite permissions can be obtained. It seems to me that the only reason JSTOR would not do so at this point is because JSTOR has become so entrenched that it's more interested in self-perpetuation than public good. And if that's the case, JSTOR may constitute a continuing menace to the preservation of scholarship and access to it – the very things it was founded to promote.
Monday, June 20, 2011
Last night I finally got around to watching the academy award winning documentary "Inside Job." I had been planning to watch it for some time, but somehow ended up finding other things to watch instead. I enjoyed it and found it to be very interesting, but I imagine that readers of prawfs might be split on its merits. A good number of professors (primarily business/economics ) get skewered pretty well in the interviews.
Here are some of my favorite quotes from the movie:
Andrew Sheng: Why should a financial engineer be paid four times to 100 times more than a real engineer? A real engineer build bridges. A financial engineer build dreams. And, you know, when those dreams turn out to be nightmares, other people pay for it
Michael Capuano: You come to us today telling us "We're sorry. We won't do it again. Trust us". Well i have some people in my constituency that actually robbed some of your banks, and they say the same thing.
(My paraphrase) "As I recall I was revising a textbook." (You'll have to watch the movie for context on this one)
Posted by Jeff Yates on June 20, 2011 at 03:09 PM in Corporate, Criminal Law, Culture, Current Affairs, Film, First Amendment, Information and Technology, Law and Politics | Permalink | Comments (1) | TrackBack
Monday, June 13, 2011
Who would be your graduation speaker ...
if you could have anyone do it? Here's Conan O'Brien giving the commencement address at Dartmouth:
Thursday, April 28, 2011
When the Right Interpretation of the Law is a Scary One (CFAA Edition)
A divided 9th Circuit panel decided U.S. v. Nosal today. The case initially looks like a simple employee trade secret theft case, but the Court's interpretation of the Computer Fraud and Abuse Act has potentially far reaching ramifications. Here's the thing - the court (in my view) reached the right ruling with the right statutory interpretation. However, that interpretation could possibly make many people liable under the CFAA that probably shouldn't be.
I discuss more below.Here are the basic facts: Nosal is charged with conspiracy to violate the CFAA, 18 U.S.C. 1030 because he conspired with employees at his former employer. Those employees accessed a database to obtain secret information that Nosal allegedly used in a competing business. Importantly, those employees had full access rights to that database. They didn't hack, steal a password, rummage around, or anything else. They just logged on and copied information. Those employees had agreements that said they would not use the information for purposes other than their employment. I suspect that the agreement would not have even been necessary if it were reasonably clear that the information was trade secret, but that's an issue for another post.
The provision at issue is 1030(a)(4), which outlaws: "knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value...."
The district court dismissed the indictment, ruling that the employees could not have exceeded authorization. The court relied on a prior case, called LVRC HoldingsLLC v. Brekka, to rule that the employees could not have exceeded authorized access because database access was within their employment. According to the lower court, one can only exceed authorization if one wanders into an area where there is no authorized access. The appellate panel talks about drive letters. If the employees could access the F: drive, but not the G: drive, then any data taken from the F: drive for any purpose could not exceed authorized access, but gathering data from the G: drive would exceed because the employees were not supposed to go there. By analogy here, there could be no exceeded authority because the database was part of the employee access rights.
The Ninth Circuit panel disagreed. It starts with the definition in 1030(e)(6):
the term “exceeds authorized access” means to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter
The Court focuses on the "so" term. It argues that "so" would be superfluous under the district court's reading. After all, exceeding authorized access means you must have had the right to be there in the first place. To limit this to different areas of the database doesn't work, since the statute plainly outlaws access to the computer when such access is then used to obtain information that the accessor is not entitled to obtain.
The problem with this reading, of course, is that the employees arguable were entitled to obtain the information. Not so, says the Court - and this is where the trade secret angle comes in. The employees were decidedly (or at least allegedly) not entitled to access the information if the purpose was to leak it to Nosal.
How does the court deal with LVRC? It appears that the two cases are consistent:
1. LVRC says that "without authorization" requires no access at all to a drive, not exceeded authorization (there are some parts of the statute with require no authorization, and some where exceeded authorization is enough).
2. LVRC makes clear that where employers set access policies and communicate them, then employees may be deemed to have acted without authorization.
3. LVRC envisions exactly the result in this case:
Section 1030(e)(6) provides: "the term `exceeds authorized access' means to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter." 18 U.S.C. § 1030(e)(6). As this definition makes clear, an individual who is authorized to use a computer for certain purposes but goes beyond those limitations is considered by the CFAA as someone who has "exceed[ed] authorized access." On the other hand, a person who uses a computer "without authorization" has no rights, limited or otherwise, to access the computer in question.
Of course, it is not this easy. LVRC had a footnote:
On appeal, LVRC argues only that Brekka was "without authorization" to access LVRC's computer and documents. To the extent LVRC implicitly argues that Brekka's emailing of documents to himself and to his wife violated §§ 1030(a)(2) and (4) because the document transfer "exceed[ed] authorized access," such an argument also fails. As stated by the district court, it is undisputed that Brekka was entitled to obtain the documents at issue. Moreover, nothing in the CFAA suggests that a defendant's authorization to obtain information stored in a company computer is "exceeded" if the defendant breaches a state law duty of loyalty to an employer, and we decline to read such a meaning into the statute for the reasons explained above. Accordingly, Brekka did not "obtain or alter information in the computer that the accesser is not entitled so to obtain or alter," see 18 U.S.C. § 1030(e)(6), and therefore did not "exceed[ ] authorized access" for purposes of §§ 1030(a)(2) and (4).
This footnote seems directly contrary to the outome in Nosal. It is also an example of something I tell my cyberlaw students - make every argument you can! How could LVRC not have made the exceeded authorization argument directly on appeal? Surely that issue merited more than a footnote.
The court doesn't deal with this footnote, but instead makes some factual distinctions that work for me. First, in LVRC the defendant had unfettered access with no clear rules about the data. Second, in this case there is a clear trade secret misappropriation, whereas in LVRC the allegation was a nebulous "breach of duty" argument without any real showing that the email accessed would be competitively used against LVRC.
Maybe it is because of my background in trade secret law, and I suspect that I may be in the minority among my cyberlaw colleagues, because I think this was the right interpretation and the right outcome. Exceeding authorized access has no meaning if it does not apply in this case. To me, at least, this was a textbook case of access that starts authorized, but becomes unauthorized as soone as the nefarious purpose for the access is revealed.
And now the scary part
That said, this is still scary - but the problem is with the law, not the court's ruling. Why is it scary?
First, employees who look where they shouldn't could now be considered a criminal under the CFAA, so long as they are looking at material they know they shouldn't be accessing.
Second, this is not necessarily limited to employees. Anyone using a website who starts using information from it in a way that the web operator clearly does not desire could theoretically be criminally liable.
Now that's scary.
The Nosal court tries to explain this away by saying that fraudulent intent and obtaining something of value are required under 1030(a)(4). True enough, but that's not the only subsection in the CFAA. Section 1030(a)(2), for example, outlaws simply obtaining information. Sure, the penalties may not be as severe, but it is still barred.
So, how do we reconcile this case with common sense? Are all web users now criminals if they lie about their age or otherwise commit minor violations? I doubt it.
First, I think there must be some independent wrongful action associated with the action - a tort that common folk would understand to be wrongful. In this case, trade secret misappropriation was clear. LVRC v. Brekka went the other way because it was not at all clear the action was independently wrongful and thus something the employer would never authorize. I tend to think that browsewrap agreements on websites won't cut it.
Second, the wrongful action has to be tied somehow to the unauthorized access. In other words, lying about your age shouldn't affect access rights generally, but lying about your age might very well be a problem if the reason you did so was to prey on young children. I'll leave others to debate how this might apply to the Lori Drew case. The recent case of MDY v. Blizzard makes this connection for the Digital Millenium Copyright Act, and it seems like a reasonable one under the CFAA as well.
The CFAA scares me, and it should scare you, too. But its not as scary as many make it out to be - at least I hope not.
Friday, April 15, 2011
Liberate Transcripts from Vacuum Tubes
I've looked at approximately 1.3 bazillion college transcripts this year as a member of my law school's Admissions Committee. Along the way, I've developed some strong opinions about how they should be formatted. Here are my thoughts:
Use modern computers to generate your transcripts. Most transcripts look like they've been spit out of a midcentury computer packed with vacuum tubes, back when computer memory was so expensive it was conserved on a byte-by-byte basis. Well, that's no longer the case. Let clarity and legibility flourish.
Write transcripts with an external audience in mind. A lot of transcripts look like internal record keeping, a sort of cryptic log book. Format them so that they are readily accessible and meaningful to an outsider.
Spell out the full names of courses. And use lowercase letters appropriately. Don't put "SEM INT INT POL TH LIT WR REQ." Instead, write "Seminar: Introducing International Politics Through Literature (taken to fulfill writing requirement)."
Skip the weird abbreviations in place of grades. If someone withdrew from a course, just put "withdrew," not "Q," "W," WD," or whatever. If the course is in progress, put "in progress," not "IP," "Z," or some other symbol. If someone earned a pass in a non-graded course, say "Pass" or at least use a "P". If you stick a "CR" on someone's transcript, you're just putting a "C" in the grade spot. It makes me look twice, and then it causes me to wonder why this person had to take Beginning Archery to get a bachelors degree.
Put the degree earned, and honors, if any, in a prominent box on the upper right of the the first page of the transcript. Some schools do this, and it is very helpful. There's no reason anyone should have to hunt for this information.
Format the transcript with portrait orientation, not landscape. In other words, the 8.5-inch sides of the paper should be along the top and bottom. That's how everything else in an admissions file is formatted. That's how résumés and recommendation letters are formatted. Follow suit.
Put all relevant information on the front of the transcript. Putting explanatory information on the back creates a headache when things are copied. And then, just reproduce the relevant information. There is no reason for explanatory information to include the crazy grading system the university used during the 1973-1974 academic year if the student didn't go to school then. If you use a post vacuum-tube computer, you can personalize that information and put it on the front of the last page of the transcript, making it easy to use and digest.
Friday, April 01, 2011
New ABA Accreditation Rule 304(g) and the Outsourcing of Legal Education
One thing that I always thought was great about being a law professor was that ours was a job that was basically guaranteed not to be outsourced. So I was shocked by today's news that the ABA Section of Legal Education and Admissions to the Bar voted to approve Standard 304(g):
"A program of instruction may be completed through exclusively online instruction."
I called up a Section member who is an acquaintance of mine, Avril Sutela, and I asked her if this meant that a law school could be located outside the United States, and she said that as long as the school meets the other accreditation standards, there was nothing to prevent that. She actually told me that Accenture Education - a division of the global outsourcing company Accenture – has already initiated conversations about beginning the approval process for an ABA-accredited school located overseas with an online instructional program.
I understand the strong economic arguments for trade liberalization, and I couldn't blame law students for considering alternative educational opportunities that could radically lower their tuition bills, but, nonetheless, I have misgivings.
I feel like this happened without the kind of considered, deep thinking that the topic deserved. It also makes me think that if the AALS were in charge of law school accreditation, this never would have happened.
It's great to be back on PrawfsBlawg! Thanks to Dan and the gang for having me. And Happy April 1st.
Monday, March 28, 2011
Presence makes the heart grow fonder?
Making my way through Edward Glaeser's thrilling new book, Triumph of the City: How Our Greatest Invention Makes Us Richer, Smarter, Greener, Healthier, and Happier (Penguin 2011). Glaeser points us to 19th century English economist, Wm. Stanley Jevons, whose noted the paradox that efficiency improvements lead to more, rather than less, consumption (fuel efficient cars end up consuming more gas, and the like). In a neat twist, Glaesar applies insight to info technology, noting as a "complementarity corollary" that greater improvements in info technology increase demand for face-to-face contact.
This seems intriguingly true at the level of ordinary academic conferences and meetings. Rise of SSRN and easy access to recently published research generates enthusiasm to get together (*every AALS now brings invites to blogger happy hours, for instance). More interesting to me is whether and to what extent this corollary extends to intra-faculty interactions. Is there anything to the much-remarked fear that info technology will crowd out faculty socialization and face-to-face exchange of ideas, information, and other spillover benefits associated with density? My anecdotal sense is that the opposite is true. As Jevins-Glaesar hypothesis, peer-to-peer interactions have grown as better info technology, and ready access to eclectic, extensive research "has made the world more information intensive, which in turn has made knowledge more valuable than ever, and that has increased the value of learning from other people in cities" (Gleaser at 38). Substitute faculties for cities, and I believe the insight is right on.
One can be Panglossian about this picture, of course. Info overload competes with schmoozing and adventitious collegiality. But, still and all, my impression is that both the quality and calibre of faculty discussion in workshops and other informal settings and also the breadth of conversations over professional matters has been steadily improving.
A testable hypothesis is that is at least loosely related to the following: There is more awareness of what our colleagues are up as a result of these human interactions and, therefore, more citations to faculty working in the same areas (supposing, perhaps implausibly, that one can control for the "sucking up" phenomenon).
Thursday, March 24, 2011
Google Takes One on the Chin
Unless you’ve been living under a rock for the past five years, you’ve heard about Google Book Search, an online database that Google is filling by scanning books from the collections of multiple academic libraries. Google partnered up with the libraries for access to their collections, concluding that it didn’t need to ask permission from copyright owners to copy the books or make them available online (with restrictions at Google’s discretion). Author and publisher groups brought a class action law suit, and Google sat down with the plaintiffs to hammer out a settlement agreement. The agreement, as presented to Judge Chin, then of the Southern District of New York, not only proposed to settle claims of prior copyright infringement, but also set up future business relationship between Google and copyright owners, using an opt-out mechanism instead of securing a license.
Judge Chin, sitting by designation as a newly appointed Second Circuit judge, issued an opinion Tuesday denying the motion to approve the settlement agreement. While the opinion does not rule on the merits of Google’s fair use defense, some of the court’s language suggests it would cast a skeptical eye on Google’s behavior in a case on the merits. Judge Chin used words like “blatant” to describe Google’s copying activity, and quoted hostile language from objectors to the settlement, who called the opt-out strategy “a shortcut” and “a calculated disregard of authors’ rights.”
I disagree that there was calculated disregard of authors’ rights. The way many scholars have viewed the case, it was a close call whether Google could copy whole books and place them in an online database for search (and eventual commercialization). Google took a calculated risk, under a standard view of fair use analysis, and one that could still pay dividends if the case gets litigated. I don’t think Google's fair use argument is a close call at all, but not for the standard reasons.In a paper now available for consideration by your local law review editorial board, I argue that built into the Copyright Act are the seeds of a limited right of first online publication. Historically, the right of first publication protected the ability of the copyright owner to decide when to bring a work to market, and the right was strong enough to trump an otherwise reasonable fair use defense. A right of first online publication would thus dispose of (or at least weigh heavily against) a fair use defense raised to excuse the unauthorized dissemination of a work online—even those works previously disseminated in a more restricted format.
Courts and scholars tend to treat publication as a “one-bite” right, exhausted once the work was released in any format. A reexamination of its history indicates instead that the right of first publication often protected successive market entries. Where courts perceived a significant difference in scope and exposure to risk between a limited initial publication and more expansive subsequent publication, the right of first publication protected that subsequent entry.
In addition to the historical analysis, networks theory sheds light on the difference in scope between print and online publication. The dissemination of print books occurs in a conserved spread: while the physical embodiment of the content moves from point to point, the total number of copies in the network remains stable allowing the owner to correctly assess the risks inherent with market entry. Online dissemination occurs as nonconserved spread: any holder of a digital copy can instantly disseminate it to any point online while retaining the original. The differences are significant enough that print dissemination should not be held to exhaust or abandon the right of first online dissemination.
Copyright law will likely need to adapt to multiple format changes over the effective life of a copyrighted work. Recognizing the right of first publication as a rule governing transitions into new formats will provide courts, copyright owners, and technology innovators with firm rules allowing the copyright owner to decide if and when to adopt a new technology. Intra-format fair use is an important part of the bargain between copyright owners and society. We should be solicitous of intra-format fair use, but much less solicitous on inter-format fair use, particularly in those cases where unauthorized use imports the work into a previously unexploited format, and the new format is significantly broader in scope.
There are close fair use calls in disputes over unauthorized use of copyrighted works. Google’s opt-out copyright strategy, for books never before made available online, was no close call at all.
Wednesday, March 16, 2011
Public Forum 2.0
If you are interested in social media and/or the First Amendment, you might be interested in the article I just posted on ssrn. The abstract is below, and the link is here.
Abstract: Social media have the potential to revolutionize discourse between American citizens and their governments. At present, however, the U.S. Supreme Court's public forum jurisprudence frustrates rather than fosters that potential. This article navigates the notoriously complex body of public forum doctrine to provide guidance for those who must develop or administer government-sponsored social media or adjudicate First Amendment questions concerning them. Next, the article marks out a new path for public forum doctrine that will allow it to realize the potential of Web 2.0 technologies to enhance democratic discourse between the governors and the governed. Along the way, this article diagnoses critical doctrinal and conceptual flaws that block this path. Relying on insights gleaned from communications theory, the article critiques the linear model underlying public forum jurisprudence and offers an alternative. This alternative model will enable courts to adapt First Amendment doctrines to social media forums in ways that further public discourse. Applying the model, the article contends that courts should presume government actors have created public forums whenever they establish interactive social media sites. Nevertheless, to encourage forum creation, governments must retain some power to filter their social media sites to remove profane, defamatory, or abusive speech targeted at private individuals. Although some will contend that ceding editorial control is no more necessary in social media than in physical forums, the characteristic "disorders" of online discourse, and particularly the prevalence of anonymous speech, justify taking this path.
Posted by Lyrissa Lidsky on March 16, 2011 at 04:20 PM in Article Spotlight, Constitutional thoughts, First Amendment, Information and Technology, Lyrissa Lidsky, Web/Tech | Permalink | Comments (0) | TrackBack
Sunday, February 06, 2011
Stanford Law Review as Ebook: Kindle, Nook and iPad
My friend and co-blogger Alan Childress's venture, Quid Pro Books, has helped the Stanford Law Review become the first general law review to publish in an ebook version. Volume 63, Issue 1 is now available for Kindle, Nook, and in the Apple iTunes store. See more details at Legal Profession Blog.
Quid Pro Books also re-releases out of print classics in print and ebook formats. I was delighted to connect Alan with Susan Neiman, who republished her account of Berlin in the years before the fall of the Wall, Slow Fire: Jewish Notes from Berlin.
For more information, follow the above link to Quid Pro's website.
Monday, January 31, 2011
A Small-Town, Social-Media Parable
My co-author Daniel Friedel and I just finished a book chapter for a book called Social Media: Usage and Impact (Hana Noor Al-Deen & John Allen Hendricks, eds., Lexington Books, 2011). In the course of writing the chapter, I came across Moreno v. Hanford Sentinel, Inc., 172 Cal. App. 4th 1125 (Cal. App. 2009), a case I had somehow missed when it came out. The Moreno case is a cautionary tale about the dangers of engaging in undue self-revelation online, but that is not the only reason I find it fascinating. I find it fascinating because I grew up in a small, remote town, and I am acutely aware of the social dynamics that underlie the case.
Here are the facts. While Cynthia Moreno was a college student at Berkeley, she visited her hometown of Coalinga, California. Moreno subsequently published on her MySpace page a very negative “Ode to Coalinga,” in which she stated, among other things, that “the older I get, the more I reliaze that I despise Coalinga.” (1128) The principal of Coalinga High School obtained the Ode and forwarded it to a local reporter. After publication of the Ode in the local newspaper, Cynthia Moreno’s family received death threats, and a shot was fired at their home. They were forced to move away from Coalinga, abandoning a 20-year-old business. (1129). They sued the principal and the local newspaper for invasion of privacy and intentional infliction of emotional distress. The trial court dismissed the case against the newspaper under a California's antil-slapp statute. The Moreno family did not appeal the ruling regarding the newspaper, but they did appeal the trial court’s dismissal of their claims against the principal for invasion of privacy and for intentional infliction of emotional distress. (1129).
With regard to the privacy claim, the California appellate court held that the revelations concerning the Ode simply were not "private" once Cynthia Moreno posted them on MySpace, “a hugely popular internet site.” (1130). The Court found, in essence, that Cynthia had waived any reasonable expectation of privacy through her "affirmative act." (1130). It was immaterial to the court that few viewers actually accessed Moreno’s MySpace page. By posting it, she opened her thoughts to “the public at large,” and “[h]er potential audience was vast” regardless of the size of the actual one. As Cynthia learned to her sorrow, there is no privacy invasion when information shared with a seemingly “friendly” audience is repeated to a hostile one. (1130). [Query, however, whether this could lead to a false light claim in the right circumstances.] Although the court dismissed Cynthia's privacy claim, the court held open the possibility that a claim for intentional infliction of emotional distress could succeed. (1128).
The Moreno case sends a mixed message about legitimate use of information shared in "public" social media. On one hand, the information is not private. On the other, republication can still lead to liability if done for the purpose of inflicting emotional distress on another in a manner that jurors might subsequently deem “outrageous.” At first blush and maybe at second, too, this latter holding regarding intentional infliction (the court left its reasoning unpublished) seems inadequately protective of speech. After all, the principal was merely republishing lawfully obtained truthful and non-private information, arguably about a matter of local significance. The principal had no "special relationship" (protective, custodial, etc.) with Cynthia Moreno that might have imposed on him a duty to give special regard to her interests or emotional well-being. It seems from the facts, however,that Cynthia's younger (minor) sister might have been attending the high school of which the defendant was principal, which perhaps could make his actions more "outrageous." Moreover, how much solicitude should be given to a defendant such as the principal if his intent in publishing the statement was to ensure the ostracization of Cynthia and her family, or even if he acted with reckless disregard that those consequence would result? Of course, the statement need not have been published in a newspaper in order to produce a similar result. In a town of fewer than 20,000 residents, the gossip mill very well might have ensured that the information got to those most likely to be interested in it. Moreover, if the principal could foresee harm to Cynthia through the gossip mill, arguably so could Cynthia (even if the scope and exact manner in which those harms would occur were unforeseeable). After all, she did grow up there and should have known, even at 18 years old or especially at 18 years old, how vicious the repercussions might be if her Ode got out. I feel great empathy for Cynthia, but I do worry about the free speech implications of giving a tort remedy based on the repetition of lawfully obtained, truthful, non-private information, even when done with bad motives.
Wednesday, December 15, 2010
The Patent System as an Enforcer of Intensive Parenting
Thanks to Dan and the other permanent bloggers on PrafwsBlawg for having me back. Recently, I have been studying the ways in which the law enforces Intensive Parenting. In an article titled Over-Parenting my co-author Zvi Triger and I show that parenting has changed over the last two decades. The contemporary parent is is on a constant quest to obtain updated knowledge of best child rearing practices and use this information actively to cultivate her child and monitor all aspects of the child’s life. In the article we highlight the drawbacks of Intensive Parenting and caution against its incroporation into the law.
Yet, Intensive Parenting is not merely about social norms. The intensive parent uses a vast array of technologies to cultivate, monitor and remain informed. Technology companies cater to the norms of Intensive Parenting and reinforces them by producing technologies that facilitate Intensive Parenting.
This fall, Apple received a patent for a technology that enables parents to control the text messages their children send and receive. Parents can use the technology in different ways. One way is to prevent children from sending or receiving objectionable text messages. But, control can take more subtle forms. For example, the patent abstract states the technology could require that a child learning Spanish will text a certain number of Spanish words per day.
As we know, children today text hundreds of messages a day. It seems, in fact, that texting has at least partly replaced conversations. In generations that preceeded texting, parents did not filter their children's conversations from objectionable messages nor could they enforce the practice of Spanish away from the class or home. Yet, parents driven by Intensive Parenting norms to regulate and monitor every aspect of their child's life can now control their children's social conversations away from home.
I am often asked - so what does the law have to do with Intensive Parenting? In our article, we show some ways in which the law purposefully endorses and enforces intensive parenting norms. Here, however, we have an unexpected and unintentional enforcer of Intensive Parenting - The Patent Office. The Patent Office has awarded Apple a patent and through this action indirectly enforced Intensive Parenting.
How does the award of a patent to a parental texting control technology enforce Intensive Parenting? First, the goal of awarding a patent is to encourage innovation that promotes progress. In this instance, the award of a patent encourages innovation in parental control technologies. Secondly, although the patent system does not employ moral criteria in deciding which inventions warrant a patent, it does have an expressive value. For many in the general public, the grant of a patent endorses an invention as a good and useful invention. Hence. by granting a patent to an invention that lets parents control an important part of their children's social life, the patent system effectively promotes intensive parenting norms.
Monday, November 29, 2010
Using Smokescreens and Spoofing to Undermine Wikileaks
The leaked diplomatic cables story already been much discussed and will be discussed further elsewhere. As a privacy law scholar, my starting point is to think of this problem as a data security issue and then wonder how Pfc. Bradley Manning evidently obtained access to such a large cache of highly sensitive information. I suspect that some (but not all) of that story will be told in the coming months. The government's failure to better safeguard sensitive national security information against someone in Manning's position is a genuine scandal, one that ought to prompt careful investigations into what went wrong and rapid data security improvements.
That said, we have seen from analyzing commercial data security breaches that breaches will inevitably occur. To that end, it may make sense for the government to supplement heightened data security measures by regularly leaking false (but plausible) intelligence to Wikileaks. The current controversy has generated great attention because the information exposed on Wikileaks is believe to be genuine. But if disclosures to Wikileaks are frequent and sorting between true and false leaks is difficult, then the damage resulting from inevitable disclosures of true information would be reduced. It might even make sense for the government to announce publicly that it will be leaking lots of false diplomatic cables going forward so that foreign governments are not unnerved by what they read on Wikileaks and in the press.
A version of this strategy - called spoofing - was used effectively by the recording industry to make illicit peer-to-peer file swapping less attractive.If users couldn't distinguish between real Kanye West mp3 files and garbled noises on Limewire, then they might get frustrated enough to switch to iTunes. Applications that fostered the swapping of unlicensed p2p files tried to combat spoofing through file rating systems, but these were also subject to gaming by spoofers. Similarly, a spoofing approach to national security leaks might lower the reliability of Wikileaks information enough to get people to stop paying so much attention to the content that is posted there. Recall the little boy who cried wolf too many times. Wikileaks could invest in trying to sort between legitimate and phony leaks, but doing so would be costly and time-consuming, and it might bring more of Wikileaks's contacts with the Bradley Mannings of the world into the open.
One question that arises is whether the government is doing this already. Corporations evidently engage in such behavior with some regularity. Indeed, using misdirection strategies against competitors may be part of the "reasonable precautions" that a firm ought to engage in to guard its trade secrets. Are there instances of the government leaking false documents to Wikileaks? If the government isn't engaging in those strategies, should it start doing so?
UPDATE: Not-so-great minds think alike.
Saturday, November 27, 2010
Wam! Bam! Thank you ma'am!
Michael Robertson, the CEO who brought us MP3.com at the turn of the 21st century, is back again with two services: MP3Tunes and Sideload. MP3.com ostensibly allowed users to listen to CDs stored on MP3.com servers if they could establish to MP3.com's satisfaction that they owned the original CD. MP3.com lost a fight in the Southern District of New York, with the court concluding that MP3.com was not engaging in (arguably) protectable "space shifting" by storing subscribers' CDs, but instead "re-playing for the subscribers converted versions of the recordings it copied, without authorization." Judge Rakoff concluded that this was not fair use, and the legal fallout led to MP3.com's merger with Verizon.
Robertson's new storage service, MP3Tunes, allows customers to store audio files "in the cloud," not unlike Dropbox or other cloud storage services. Digital files uploaded to an MP3Tunes locker can be replayed by the locker owner in a variety of ways. Viewed in isolation, MP3Tunes simply stores subscribers' CDs. The recent decision in Cartoon Network v. Cablevision would suggest that the Second Circuit, at least, is sympathetic to the notion that where a business provides a service and consumers push the buttons that copy protected expression, the service providers are not directly liable. Thus, if online storage by consumers is protectable private use (a possibility the court in MP3.com acknowledged), MP3Tunes is unobjectionable as a service enabling that storage.
Sideload is an associated service that changes the way MP3Tunes works. The Sideload program lists the material available in the lockers of other users of MP3Tunes and allows you to stream those songs and download them into your own locker. In other words, if I load David Bowie's* "Suffragette City" into my MP3Tunes locker, Sideload will help you find it, and you can make a copy from my copy. As I understand the services, other people can then make a copy of your copy of Suffragette City. If one accepts as a baseline that consumers are taking their personal stock of legally purchased CDs and MP3s, loading digital files into MP3Tunes lockers, and other consumers are locating those files and copying them through Sideload for free, then the service sounds suspiciously like Napster-esque "file sharing," and unlike arguably protectable "space shifting." Robertson makes an interesting factual claim in its motion for summary judgment that, if true, might alter the way we think about this particular case, even if Sideload is part of the package.Robertson asserts that record lables like EMI distribute music files for free on the internet with the intent (in the words of EMI's Senior VP for Digital Marketing) that the songs should become "viral...giving fans the ability to disseminate to other fans, to spread like a virus." Not every song is marketed as a free (and hopefully viral) release, but many are. EMI and the other labels want to hold MP3Tunes accountable for distinguishing between them. MP3Tunes instead hopes to rely on Section 512(c) of the DMCA, which immunizes online service providers that store material online at the direction of users, so long as the service provider takes down unauthorized content once it is brought to the attention of the service provider by the copyright holder. MP3Tunes argues (reasonably, I think) that if EMI has flooded the market with free content, EMI is the party best positioned to distinguish between viral content and content that wasn't supposed to get out for free. Thus, if MP3Tunes timely removes any content flagged by record labels, then EMI should be able to get what it wants by flagging "traditional" content for removal, allowing MP3Tunes to remove flagged content while enabling the distribution of free content. Thus, even assuming that Sideload lets other MP3Tunes customers copy "Suffragette City" from my locker, the question we should ask is whether EMI authorized its viral release.
I am a skeptical of Robertson's factual claims, because it seems that many artists have use free streaming content "distributed" through social networking systems like Facebook or Twitter, and less on the distribution of actual copies. Still, to the extent the claim is accurate, it seems entirely within reason for Robertson to offer a service that allows consumers to find and share authorized "viral" downloads.
* Bowie is an EMI artist, whose seminal album, The Rise and Fall of Ziggy Stardust and the Spiders from Mars, was just released in the UK on a commemorative stamp.
Tuesday, October 19, 2010
Perhaps my title is a bit inflammatory but I'll leave it up there until we provoke some response from the powers that be at our friendly neighborhood SSRN headquarters.
FYI - Apparently SSRN's terms of service now include a nonexclusive
license to edit and translate articles posted there, among other
assorted privileges. I wasn't notified of the change (which happened
last year) and I didn't find it today after a cursory examination of
Sent: Tuesday, October 19, 2010 3:55 PM
Subject: [CyberProf] SSRN discretionary terms of us
Thanks, XXX! The terms "edit" and "translate" are not acceptable to
me. The former, granting a right to edit, could effectuate a stealth
waiver of the moral right of integrity. I could tell horror stories
about editing done without giving authors the chance to check and veto
the edits. The latter, granting a right to translate -- well, there's an
old Italian proverb: Traduttore, traditore! Translator, traitor! I've my
doubts about being bound by terms I didn't see on submission. So when
did the SSRN slip these weasel words -- "edit" and "translate" -- into
the mix? XXX
On 10/19/2010 11:58 AM, email@example.com wrote:
> Re: [CyberProf] FW: SSRN Announces Forthcoming "Purchase Bound Hard
> Copy" option for Free PDF documents in SSRN eLibrary
> Tue, 19 Oct 2010 14:58:10 -0400
> An enterprising member of my faculty just found this. It seems we've
> been had. Perhaps I will now take all my content down; it's available
> on my own site anyway and this pisses me off. - XXX
> from the authors page. Not limited to electronic reproduction:
> License to SSEP
> Users grant SSEP a limited, non-exclusive, worldwide, royalty free,
> revocable license to all contributed content to perform the Services.
> By posting or contributing content using these Services, you are
> granting SSEP a non-exclusive, royalty-free, perpetual, and worldwide
> license to use your content in connection with the operation of the
> Services, including, without limitation, the license rights to copy,
> distribute, transmit, publicly display, publicly perform, reproduce,
> edit, translate and reformat your digital and non-digital content,
> and/or to incorporate it into a collective work.
> . . . .
> SSEP reserves the right to change, at any time, at our sole
> discretion, the Terms under which these Services are offered. You are
> responsible for regularly reviewing these Terms. Your continued use of
> the Services constitutes your agreement to all such Terms.
Thursday, September 23, 2010
The Centenarian Who Wasn’t, NASA v. Nelson, and the Constitutional Right to Information Privacy
Approximately thirty years ago, Sogen Kato became involved in an argument with his relatives, and then retreated into his bedroom to sleep. He never came out. Evidently none of the family members who shared his apartment went in to disturb him. This past July, after Kato ostensibly became Tokyo’s oldest living man, Japanese government officials sought to contact him to congratulate him on his longevity. After being given the run-around by his nervous relatives as to his availability, government officials eventually showed up at Kato’s apartment and discovered his mummified remains in the bedroom. His reprehensible relatives, who collected more than $100,000 in pension benefits in Kato’s name during his “lifetime,” are in very hot water.
The constitutional right to information privacy is the law’s equivalent of Sogen Kato. It has been thirty-three years since the Supreme Court hinted that such a right exists under the Constitution, and the Court has been as silent as Kato in the interim about this subject. The lower courts have had much more to say, with most circuit courts holding definitively that the Constitution protects a right to informational privacy and developing multi-part tests to determine when it has been infringed. The D.C. Circuit has expressed skepticism about whether the constitutional right lives on, and the Sixth Circuit has held that until the Supreme Court says otherwise, the constitutional right to information privacy is dead. On October 5, the U.S. Supreme Court is going to be opening the bedroom door, and considering oral argument in its first constitutional right to information privacy case in a generation, NASA v. Nelson.
In Nelson the Court will take up the issue of whether the constitutional right to information privacy prohibits the Jet Propulsion Laboratories (JPL) from asking open-ended questions about whether longtime JPL employees have done anything that might reflect negatively on their ability to continue performing their jobs. My view of Nelson, which I develop at much greater length in Reunifying Privacy Law (forthcoming in the California Law Review), is that the Court ought to hold in Nelson that there is no such thing as a constitutional right to information privacy. My primary basis for concluding that the constitutional right ought to simply go away is that the constitutional right to information privacy is largely redundant with privacy tort law. Because the Solicitor General decided not to argue that the Supreme Court should follow the Sixth Circuit’s approach, the briefs in Nelson have largely ignored the question of what happens if the Court holds that this constitutional right should disappear. But it would be very fruitful for the Justices to ask counsel hard questions along these lines next month. The answer in Nelson itself appears to be that abolition of the constitutional claim would leave the plaintiffs with robust remedies under tort law.
Let us begin with some case background on Nelson. The plaintiffs represent a class of JPL scientists, engineers, and administrators who are classified by NASA as “low risk” employees because their jobs “do not involve policymaking, major program responsibility, public safety, duties demanding a significant degree of public trust, or access to financial records with significant risk of causing damage or realizing personal gain.” Under new federal regulations, even longtime JPL employees were to be subjected to background checks in which government agents would ask employees, their references, their prior employers, and their landlords questions about whether they had used drugs or undergone treatment or counseling for drug addiction in the last year; whether they had used abusive language, been involved in personality conflicts, developed mental, emotional, psychological, or psychiatric issues, or had engaged in sex acts that might subject them to blackmail. In addition, third parties would be asked whether they knew anything, good or bad, about the JPL employees that would be relevant to their ability to work for the government.
The district court denied the plaintiff’s request for an injunction, but the Ninth Circuit reversed with respect to the government’s inquiries about drug treatment (as opposed to drug use) and open-ended “investigation[s] of the most private aspects of class members’ lives.” While the court held that the government’s inquiries into its employees’ backgrounds were legitimate, it applied intermediate scrutiny and held that the government’s investigations were not narrowly tailored to further these legitimate interests.
It turns out that the harms alleged by the plaintiffs in Nelson were remediable under tort law. California, where the JPL is located, is somewhat unique in that privacy tort law has largely merged with state constitutional privacy law. The California Constitution has a privacy clause that lacks a state action requirement. If you look at the state constitutional cases, you see results largely consistent with the Ninth Circuit’s ruling in Nelson. For example, in 1986 the California Supreme Court held in Long Beach City Employees Association v. City of Long Beach that requiring public employees to submit to polygraph testing in order to investigate a specific crime violated the employees’ privacy rights under the state constitution. Similarly, another 1991 intermediate appellate court case, Soroka v. Dayton Hudson Corporation, held that Target’s use of a psychological profiling device that required job applicants to answer questions about their religious beliefs and sexual orientation, violated the applicants’ rights under the state Constitution. Such acts, which violate the state constitution, almost certainly qualify as tortious intrusions upon seclusion under California tort law as well. A suit by Nelson against JPL thus would be able to proceed via the Federal Torts Claims Act, which waives sovereign immunity in cases involving tortious invasions of privacy. So held the Ninth Circuit in a 2000 case called Nurse v. United States.
If a winning tort claim exists, is there any reason why the law should recognize a redundant constitutional claim as well? Perhaps. We can imagine circumstances where having overlapping causes of action are desirable. If a police officer clubs a political dissident to prevent him from making an unpopular speech, it is a tort as well as a First Amendment violation. But most First Amendment violations will not be torts. By contrast, for reasons I explore here virtually all infringements of the constitutional right to information privacy will be either tortious intrusions upon seclusion or tortious public disclosures of private facts. As it happens, the common law courts have developed a sensible framework for deciding whether an invasion of privacy amounts to a tort. The applicable frameworks for deciding whether the government’s conduct violates the constitutional right to information privacy are by no means sensible. Courts commonly apply a seven-factor test, the overlap of the seven factors results in inevitable double-counting, and the results that emerge under the framework are very difficult to predict ex ante.
To be sure, the constitutional right to information privacy is not completely redundant. There are some jurisdictions outside California where suing the state for tortious invasions of privacy is impossible because of sovereign immunity or the weakness of state tort law protections. But the desire to fill these occasional gaps in the law, or an interest in helping plaintiffs recover attorney’s fees, hardly justifies the development of a convoluted body of constitutional law. Rather, the jurisdictions at issue should simply consider whether they ought to change their state tort claims acts and substantive tort provisions to deal with serious injuries that might otherwise go unremedied.
For more reading on NASA v. Nelson, see Dan Solove’s posts here (arguing that the Court should recognize a constitutional right to information privacy), and here (addressing the merits), as well as Eugene Volokh’s discussion of the implications of the Ninth Circuit’s holding here.
Cross Posted at the University of Chicago Law School Blog
Monday, September 13, 2010
Why Governments Use Social Media and Why They Should
Lately, I've been exploring whether public forum doctrine may impede desirable governmental uses of interactive social media. As part of that project, I'm examining both government incentives to use social media and citizen interests implicated by government social media use.
Governments must speak in order to govern. Governments speak to educate and to inculcate democratic values, to shape behavior and norms. Governments seek to persuade, manipulate, coerce, nudge, wheedle, and imprecate. They tell citizens to say no to drugs, to vote, to return the census, to get flu shots, to pay taxes, to wear seat belts, and to volunteer. Indeed, effective government communication is essential to effective policy implementation. Without the acquiescence of the governed, it is almost impossible for a democratic government to perform its roles and functions, and acquiescence is secured through communications. Traditionally, government has spoken through mass media using advertisements and position pages, interviews and pamphlets, public art and press conferences. Now, however, the government has begun to convey its message through emails, websites, Facebook pages, tweets, and text messages. Here’s why.
Access to citizens. The government has a host of practical reasons for using “new media” for communications with citizens. Willie Sutton was reported to have said that he robbed banks because “that’s where the money is,” and governments turn to social media because that’s where the citizens are. However, sheer audience size is only part of the picture.
Access to Desirable Audiences or Constituencies. Audience demographics are also important. The audience of citizens that the government reaches via social media is likely different than the audience that the government reaches via traditional mass media, and these differences may make the audience especially desirable for government communication purposes. MySpace users, for example, skew younger than citizens who attend city commission meetings or watch the network news, making MySpace a better platform for informing college freshmen about the benefits of the meningitis vaccine. In addition, government may wish to reach social media audiences because they are more likely to be politically engaged than their fellow citizens. It is not far-fetched to presume that the same initiative that leads social media users to seek out government information online may lead them to other types of political engagement.
Community-Building and Political Engagement. Government actors have not been slow to appreciate that social media is not just a tool for communication but a tool for community-building and engagement. Social media create social relationships, and they may help mobilize citizens from different walks of life and strata of society. Social media may even help humanize government by giving citizens the sense that their voices are being heard by those in power, thereby defusing social tensions.
Crowdsourcing and improved governance. The sense of community that is sometimes fostered by social media may ultimately improve not only the relationships between governors and the governed, but also the processes and outcomes of governance. Social media can serve many of the functions of town hall meetings without the expense or the geographic or time constraints. Indeed, social media can be used not just to create communities of citizens, but even communities of “experts,” who can share their knowledge to improve the decisions made by government actors.
Speed, Economy, and Elimination of Intermediaries. All social media, whether interactive or not, have the advantages of allowing government speakers to quickly and cheaply introduce messages into the public information stream without having to rely on intermediaries. Social media are ideal for communicating during emergencies because government can issue messages to citizens with rapid speed. Moreover, social media create a direct line of communication between governor and governed. Social media decrease government reliance on the traditional mass media to relay (and potentially distort) government messages. In an age when citizens are highly skeptical of the mainstream media, often for good reason, eliminating their role in the communication process is tremendously beneficial to government actors, though of course it creates an avenue for disseminating propaganda.
Responsiveness. In order to maintain legitimacy, democratic governments must appear to be responsive to the needs of citizens. Interactive social media allow governments to gather information from citizens, to listen to their needs and interests, and to respond directly to them quickly and efficiently. Indeed, the desire to appear responsive to the needs of citizens is a key impetus behind government use of social media.
Luckily, government social media use, even when motivated by pure self-interest, often benefits citizens. Citizens have an interest in receiving government information quickly, cheaply, and without distortion. They also have a strong interest in having governments that are responsive to their needs and interests. However, it is also worth considering how government use of social media fosters the First Amendment interests of citizens. I use the word “interests” rather than rights because the Supreme Court has never explicitly interpreted First Amendment doctrine to require governments to enable citizens’ exercise of First Amendment freedoms. That said, the effect of public forum doctrine is to create, in the words of Cass Sunstein, “a right of speakers’ access, both to places and to people." Public forum doctrine acts as a government subsidy for speech. The government must hold open traditional forums such as streets and parks for the benefit of speakers who would otherwise lack the resources to reach a mass audience. Yet, the Supreme Court has been oddly reluctant to extend this understanding to places that have not been open to the public since “ancient times.”
Social media forums, and especially government sponsored ones, have the potential to advance the First Amendment values of free speech, free association, and the petitioning of government for redress of grievances. With regard to speech and association, social media bring citizens together across boundaries of space and time that often separate them in the offline world. But government sponsored social media provide speakers with a particularly valuable commodity. Just as governments use social media to reach desirable audiences, citizens can use these same social media outlets to address audiences that would otherwise be difficult or impossible to reach. A citizen may seek out the U.S. Coast Guard’s Facebook page, for example, in order to register a complaint about its handling of British Petroleum’s oil spill in the Gulf of Mexico. Although the same citizen would be free to set up his own Facebook page to complain about the Coast Guard’s clean-up efforts, the government sponsored Facebook page provides him access to a receptive audience that likely already knows something about the Coast Guard and cares about its performance.
Not only can the Coast Guard sponsored page provide speakers a unique and valuable platform to reach interested fellow citizens, but it can also increase the likelihood that speakers and audience can unite to engage in political action. Again, audience members who seek information on government sponsored sites may be especially interested in the government policy discussed at that site, and thus more likely than others to engage in action to change or improve the program. In the Coast Guard example, a citizen might use the government sponsored page to invite fellow citizens to take collective action, such as attending a rally or volunteering to assist with clean up of polluted beaches. No other online forum is likely to reach quite as interested an audience, nor foster political association, as effectively as the government sponsored one. Thus, it is incumbent as a matter of public policy to encourage government to open social media as forums for communications to, by, and with citizens.
Perhaps the most compelling argument supporting government creation of social media forums is that they give meaning to the often neglected constitutional right of citizens to petition government for redress of grievances. In his new book on the Petition Clause, Professor Ronald Krotoszynski explains that “at its core, the Petition Clause stands for the proposition that government, and those who work for it, must be accessible and responsive to the people.” Even if governments create interactive social media sites only to create the appearance that they are responsive, citizens can still use them to demand actual responses, as the First Amendment entitles them to do. Indeed, the use of social media may create pressure for government to be responsive to citizen demands. This feature of social media forums makes them distinctive from streets and parks, which may sometimes be used to protest government practices and policies in ways that demand action, but do not provide a direct conduit to the government officials in charge of those practices and policies. Although the right to petition is doctrinally underdeveloped, it plays an important role not played by the rights of speech or association. The Petition Clause guarantees not just a right to speak, but a right to speak to those empowered to take action in response. It therefore helps guarantee governmental accountability to the electorate, which is the essence of democratic self-governance.
Thursday, August 12, 2010
Where are we now with copyrights?I'm wondering if, post-tenure, I should stop being willing to assign my copyrights to the law reviews/university presses, etc, and just insist that they publish it under a creative commons license or, more traditionally, that I hold the copyright and they can have the relevant licenses and warranties, and if they don't like it, I'll publish elsewhere. Do you guys make a fuss about this stuff? Is it worth it? Practically, I feel like it makes little to zero difference in my life since I don't think "breaches" of the typical author-publisher agreements occur and if they do, I doubt they are enforced. (Has anyone had that experience or heard of it happening?)
That said, I don't see the rationale for giving someone else my copyright for zero compensation -- I'd sooner give it to the public domain... And why is it that the law reviews managed to reduce their work load with respect to shorter articles, but they and the academic presses haven't fully yielded to open-access or more authorial control? Would there be a solution if law schools or universities said they were committed to open-access and that the only scholarship considered for tenure/raises, etc would be that which is published a) where the author retains copyright and/or b) the publication occurs under creative commons-type licensing scheme?
One thing is true: increasingly authors with good academic presses have been able to negotiate rights to give away their book for free electronically for noncommercial purposes. I think Zittrain, Benkler and Solove were able to do this. And Ethan and Jennifer and I were fortunate to do that too, and so very soon we will be putting Privilege or Punish on the web for free. I hope you consider assigning it to your classes or perhaps more helpfully, using it (gratis) as a leveler for a wobbly table nearby.
Monday, July 26, 2010
Pentagon Papers II?: Wikileaks and Information Control in the Internet Era
Wikileaks.org obtained and released six years worth of Pentagon reports on the progress of the war in Afghanistan, and today stories based on the leaked information appear in the New York Times, the Guardian, and Der Spiegel. It is impossible to read of this new "leaks" case without thinking of the 1971 Pentagon Papers case, when Daniel Ellsberg released documents, specifically a 47-volume government report, concerning U.S. involvement in the war in Vietnam to the New York Times and the Washington Post. When the New York Times began publishing stories based on the leaked documents, the Justice Department went to the courts to seek an injunction against further publication; in the meantime, the Washington Post began publishing materials from the Pentagon Papers, and the Justice Department again sought an injuction. This ultimately triggered a showdown in the United States Supreme Court, which issued an opinion only five days after the crisis began. Although every member of the Court wrote a separate opinion in the Pentagon Papers case (New York Times Co. v. U.S., 403 U.S. 713 (1971)), the brief per curiam issued by the Court sent a clear signal that the Executive Branch cannot use injunctions against the media to prevent leaks of embarrassing documents simply by invoking national security justifications. Today, however, the legal lesson of Pentagon Papers regarding injunctions is almost beside the point.
It is technology, even more than law, that makes it nearly futile to pursue injunctions against publication of leaked documents today. Consider two "modern" cases involving attempts to enjoin publication of leaked documents on Wikileaks.
In the first, a federal judge learned the hard way the difficulties associated with the granting an injunction against the disclosure of allegedly commercial secrets on Wikileaks. Someone posted on Wikileaks confidential documents allegedly showing that Julius Baer Bank and Trust, based in the Cayman Islands, engaged in hiding assets, laundering money, and evading taxes. The bank filed suit in federal district court in San Francisco against Wikileaks.org and Dynadot, the site‘s domain registrar, seeking to shut down the site. The judge issued a temporary restraining order forbidding further distribution of the documents. Dynadot, a company that leases domain names to website operators for a fee, agreed to the entry of an injunction requiring it to disable the Wikileaks website. News of the order shutting down the website set off a furor on the Internet and among mainstream media. As part of its plan to avoid legal interference, Wikileaks maintained mirror sites in Belgium, Germany, and the Christmas Islands registered with companies other than Dynadot, and those were beyond the court‘s jurisdiction. Fans of Wikileaks used the Internet to widely publicize the addresses of those sites and the fact that the material remained available there. Lawyers for public interest groups, Internet watchdogs, and mainstream news organizations filed motions to intervene or appear as amicus curiae. They argued that the order was akin to closing down a newspaper, and that there was no precedent in prior restraint jurisprudence for shutting down an entire outlet because of one item it published. After just three weeks, the judge rescinded the order. See Bank Julius Baer & Co. Ltd v. Wikileaks, 535 F.Supp.2d 980, 36 Med. L. Rptr.12 1473 (N.D.Cal.2008). The judge ended up concluding that the injunction had exactly the opposite effect as was intended. The private, stolen material was transmitted over the internet via mirror websites which are maintained in different countries all over the world. Further, the press generated by this Court‘s action increased public attention to the fact that such information was readily accessible online. The judge also noted that he probably lacked subject matter jurisdiction because diversity jurisdiction does not extend to suits between aliens. The bank was organized in Switzerland and based in the Cayman Islands. A lawyer who appeared on behalf of Wikileaks said the domain name was owned by an Australian citizen who lives in Kenya.
In 2009, a British judge enjoined The Guardian newspaper from publishing leaked documents regarding an oil spill involving a multinational corporation. See Noam Cohen, Twitter and a Newspaper Untie a Gag Order, N.Y. Times, Oct. 19, 2009. The judge also ordered the newspaper not to reveal the existence of the injunction. Despite the injunction, Wikileaks obtained and published the documents. As a result, a member of Parliament questioned the Prime Minister about the documents. The Guardian ran an article about the parliament member‘s question, noting that it was barred from identifying him. Readers picked up the story and began using social media such as Twitter to distribute it widely. Finally, under the glare of public scrutiny that resulted, the multinational corporation at the center of the controversy agreed to release the documents that were the subject of the injunction.
Wednesday, July 21, 2010
Direct to Consumer Genetic Testing - The Need for Early Filtering of Genetic Information
Genetic testing for adult onset diseases used to be mainly a medical service. In most cases a person who had a certain genetic disease that was prevalent in her family would go to test fo see if she carries the genetic mutation. For example, a woman who had several cases of breast cancer in her family would test for the breast cancer genetic mutation BRCA1/BRCA2 to see is she carries the mutation and has a high probability of getting the disease. But, the proliferation of direct to consumer genetic testing changes the nature of the service to a consumer service. Companies like 23andme and Pathway Genomics (who was planning to start selling its kits in Walgreens) offer consumers the option to buy packages of tests (ranging from 25 to over a 100 conditions). Consumers often buy the tests to satisfy their curiosity or they may even receive them as a gift. People purchasing the testing packages usually do not consult a medical professional when deciding to undergo the tests and receives the results alone by accessing a website.
Yesterday I spoke before the FDA, which is considering regulating direct to consumer genetic testing. My presentation was based on a symposium piece I am working on. I argued for the need for a medical professional to guide people throughout the process and advise them not just on the interpretation of the results but also earlier in the process to determine what genetic information they actually want to have.
Interpreting the results of genetic tests is not easy. Unlike other over the counter tests, like a pregnancy test, which gives a clear positive or negative result, genetic tests are about probabilities. Even a person who tests positive for a certain mutation may still not get sick depending on other non-genetic factors. People have a hard time understanding the results of genetic tests and for that reason there have been many calls to require the guidance of a medical professional for the delivery of the results.
But I believe focusing on the interpretation of the results is only half the issue. It is important to have professional guidance also at the outset to determine what tests to undergo. A medical professional should guide individuals and tailor the panel of tests to the individual who desires to test. Why is that? Well, first of all, some people, if they get a chance to give it some thought, may not want to know all their genetic information. For example, a person may prefer not to know that he is likely to get Alzheimer's at a young age. Secondly, not all genetic information is made equal. Some genetic tests do not convey that much useful information. For example, a positive result in some tests may only demonstrate a slightly higher likelihood of getting the disease than the probability in the general population. Eliminating such tests at the outset will facilitate the interpretation of the results. It would be possible to focus on the truly important positive results at the end of the process.
To achieve all this it is important for the law to require the guidance of a medical professional who is not a representative of the genetic testing company. A medical professional working for the genetic testing company may have good knowledge of the tests, but could have an interest in having the consumer purchase as many tests as possible. This could place him in a conflict of interest with the consumer who could be best off by purchasing a more limited panel of tests tailored specifically for him.
Thursday, July 15, 2010
Why Giving Up on Sperm and Egg Donor Anonymity May not be as Good as it Sounds?
Use of sperm and egg donations is common practice in the United States. Couples or individuals who have trouble conceiving or lack a partner resort to use of donor eggs or sperm. The donors are usually young, often college or medical students. Many donate for financial reasons and some for altruistic reasons. But the one thing many of them share is the lack of a desire to form future ties with the born offspring. Thus, unsurprisingly, a strong norm of anonymity has prevailed. Most children born of sperm or egg donations are not told they are conceived through such a donation. And even more importantly the donors are guaranteed anonymity and thereby protection from future contact from the conceived offspring.
But all of this is changing now. Eleven jurisdictions worldwide including: Sweden, Austria, Switzerland, the Netherlands, Norway, the United Kingdom, New Zealand, Finland and three Australian states have prohibited donor anonymity. In these jurisdictions a child can find out who is the person who donated the egg or sperm that lead to his conception. In the United States the anonymity norm still prevails. Yet, important voices, including Professor Naomi Cahn, in her new book: Test Tube Families, call for adopting the prohibition on anonymity in the United States. The main argument for prohibiting anonymity is the conceived children's need for the genetic information in order to develop their identities.
Advocates of prohibiting donor anonymity realize that prohibiting donor anonymity can deplete sperm and egg resources as fewer individuals will be willing to donate. But, they argue that the effects are only short-term and in the long-term donations are unaffected. I decided to dig deeper into the empirical data in three representative jurisdictions in which anonymity was prohibited: Sweden, Victoria (an Australian state) and the United Kingdom. The overall picture emerging from the empirical data reported in my study revealed a disconcerting scenario of dire shortages in sperm and egg supplies accompanied by long wait-lists. Faced with acute shortages the fertility industry in these jurisdictions tried to recruit older donors who tend to be less inhibited by the disclosure requirement. Yet, this strategy did not fill the gap for sperm. As for eggs it could not be effective because eggs donated by younger women are more likely to result in a successful pregnancy. As a result, individuals and couples pained by infertility are increasingly engaging in fertility tourism to countries in which anonymity is not prohibited. I believe that the picture emerging from these three jurisdictions points to the need for great caution in adopting a prohibition on donor anonymity in the United States.
More on the FCC's indecency ban
The following is by my colleague Hannibal Travis, who writes on telecom law.
The FCC warns broadcasters that it is illegal to program indecent programming or profane language during certain hours, and that a fine or loss of the station’s license may be imposed as a result. But it refuses to define indecency in clear terms, which violates the principle of the rule of law and, as the Second Circuit held, the First Amendment. As Howard points out, the Supreme Court upheld the FCC's fleeting expletives policy last year, in a decision that may well result in CBS being fined $550,000 for the Janet Jackson partial nudity charge arising out of the 2004 Super Bowl. Justice Scalia maintained that the policy was needed to prevent the coarsening of the culture. The majority invited the Second Circuit to review the case for First Amendment violations, and the Second Circuit's ruling was the result. The Second Circuit's opinion tracks the analysis of the swing justices in the controlling opinion in FCC v. Pacifica Foundation, which said that the FCC's regulation of indecency may not amount to roving censorship or the banning of isolated swear words. Four justices dissented last year and argued that the FCC’s rule would chill the coverage of local public events on live television. Even Justice Thomas, though in the majority, attacked the opinion of the Court for relying on cases explaining that the FCC may constitutionally regulate television content for decency and political balance, in part because it allocates scarce frequencies to private operators, while excluding non-owners of FCC licenses from broadcasting altogether.
Thus, the implications of the decision seem significant enough for the Supreme Court to take the case. The result may be difficult to predict, in that a majority voted last year to find the FCC's policy basically reasonable (or at least not arbitrary), while remanding for a free speech analysis. Justice Thomas, part of the five-justice majority, strongly suggested that the FCC’s policy is unconstitutional. So if this decision is appealed and decided, he and the four justices who voted that the FCC's fleeting expletive policy violated the First Amendment as explained in Pacifica may strike down the policy and mandate a more liberal rule permitting expletives or occasional indecency on over-the-air television.That being said, media regulation today is a much more complex tapestry than the media coverage on this case would suggest. Past racial and ethnic discrimination in the allocation of FCC licenses, mergers and acquisitions , ownership regulation, intellectual property, advertiser contracts, and expectations, coordination of similar editorial and journalistic standards across media organizations, and negotiations with governments over security threats likely play a much greater role in shaping public debate than indecency or fleeting expletives rules.
The Court may take the opportunity to undertake a historical analysis of the freedom to speak indecently as of the era in which the Constitution was ratified. Nearly 40 years ago, Justices Douglas and Brennan argued that the First Amendment was a product of a licentious time in which offensive publications proliferated. Other justices, of course, will catalogue draconian obscenity and indecency laws enacted in Congress and the states from the eighteenth century until today. Much of that history also reflects anti-homosexual persecution of the type rejected by the Court in Romer v. Evans and Lawrence v. Texas. Elizabeth Glazer of Hofstra's law school has written a foundational paper on how the present framework of obscenity and indecency regulation cannot withstand scrutiny under the principles of individual autonomy and respect for privacy set forth in those cases. If the fleeting expletives policy makes it to the Supreme Court on constitutional grounds, it may be a good opportunity to revisit that framework in light of the original understanding and evolving conceptions of freedom and dignity. Perhaps even the broader jurisprudential question will be raised, whether the theory or the practice of the founders and ratifiers of the constitution controls when defining the outer boundaries of our civil rights.
Friday, July 09, 2010
July Guest Blogger - Gaia Bernstein
Thank you to Dan and the other permanent bloggers at PrawfsBlawg for having me back. I am primarily interested and have written on the social adoption processes of new technologies. I hope to spend my time here this month discussing some legal and policy developments related to the use of new technologies.
One issue I would like to discuss involves direct to consumer genetic testing. Direct to consumer genetic testing enables a consumer to purchase a genetic testing kit for a couple of hundred dollars and test for multiple conditions, without ever seeing a medical professional. This summer, after Walgreens announced a plan to to sell direct to consumer genetic testing in its stores, both the FDA and Congress have finally taken steps to regulate direct to consumer genetic testing. As I am currently immersed in writing a symposium paper on this topic I would like to address these proposals.
In addition, I would like to look at a growing international regulatory trend, which prohibits anonymity for sperm and egg donors. Naomi Cahn, in her new book, Test Tube Families, proposes to adopt this policy in the U.S and I would like to react to this proposal and examine some empirical data I have collected, which shows the impact of prohibiting anonymity on the availability of donor sperm and eggs and use of donor dependent reproductive technology.
Finally, in a recent paper, titled Over-Parenting, my co-author Zvi Triger and I, describe current parenting norms as Intensive Parenting. Intensive parents are constantly involved in cultivating and monitoring their children, We show that parents use new technologies, including the cellular phone, nanny cams, the Internet and GPS tracking systems to intensively parent their children. In the paper we show several ways in which the law enforces intensive parenting and warn against the incorporation of current norms of intensive parenting into the law. Here, I would like to examine some new legal developments particularly in the regulation of schools that are in effect enforcing intensive parenting.
Wednesday, June 23, 2010
Federal Law Should Require Online Availability of Instruction Manuals
Congratulations on your purchase of a new consumer product! IMPORTANT: RETAIN THIS INSTRUCTION MANUAL FOR FUTURE REFERENCE.
Here is a proposal for a new federal law. It's pro-consumer, pro-safety, and pro-environment. The operative provision would be this:
All commercial manufacturers of consumer products that are sold with instructions, manuals or other such documentation shall permanently label such products with a URL web address where consumers may download copies of the documentation. The Federal Trade Commission shall have the authority to promulgate regulations under this Act and to bring enforcement actions.
This statute would be especially timely for me: I am moving offices. In the photo below, you can see just a small sample of the flotsam product documentation I've come across. Having consumers file and save instruction manuals is absurdly out of date. In fact, only the mythical hero consumer would file and retain a lifetime's worth product documentation. But thanks to the internet, there's a meaningful way to keep product documentation organized and readily available.
The law I'm proposing would unclutter offices and homes. On an individual level, that would be a substantial convenience. But considered cumulatively over several years and millions of consumers, the economic benefit in productivity gained and time saved time would be significant — more than enough to make a law worthwhile. Online availability would also save trees, reducing the need for the paper and cardboard used in filing, storing and sometimes copying the instructions.
It could also save lives. A recent baby car seat I bought includes a pocket within the seat-back for inserting and retaining the instruction manual. This is fantastic, since missing instructions can lead to a failure to properly install the car seat, which is a serious danger. Having documentation for all products available online would extend this kind of safety factor to tens of thousands of other products.
Tuesday, June 22, 2010
I just watched a wonderful movie about software patents: Patent Absurdity (Luca Lucarini 2010). It's freely downloadable, and I heartily recommend showing it if you teach Intellectual Property or Patent Law. The best thing about it is, it's pitched at the perfect level for law students. It's not dumbed down, but it's also not so technical that you need to be a full-fledged patent lawyer to enjoy it. And with a 29-minute runtime, I'm planning on showing it in-class. It puts an astonishing amount of material out there very quickly, giving you a feel for a ton of doctrine, industry practice, and historical context. (My favorite part is the Cold War nostalgia graphic depicting the software superpowers' patent arms race, which then explodes into patent-litigation armageddon.)
Another great patent movie is Flash of Genius (Universal 2008). A feature-length film, it's better for a homework assignment or for showing on an optional movie night. As general-audience fare, it's light on doctrine, but it's filled with insight into the idea of the heroic inventor in American culture. It also provides a compelling portrait of the draining nature of the courts and the litigation process.
I should note that patents and movies share an important historical intersection. Many people credit Edison's patents on motion picture technology, and the desire of nascent film studios to stay away from Edison's East Coast business operations, as a key factor in the development of Hollywood and Southern California entertainment industry.
Tuesday, June 08, 2010
Blog Law Blog - My New Blog
I have started a new blog: Blog Law Blog.
It is a blog about the law of blogs. Hence, "Blog Law Blog."
There is a long tradition of law blogs - i.e., blogs chasing the law. But Blog Law Blog is about the opposite transaction - the law pursuing the blogs.
People are getting sued, of course. People are also going to jail. One guy in California got his home raided by a special police joint-task force after he blogged about a mobile phone found in a bar. And a judge recused himself over a blog incident.
There are many areas of substantive law involved. The law of blogging implicates copyright law, defamation law, FTC regulation, journalist shield laws, the First Amendment, and many other doctrinal fields.
I believe that Blog Law Blog is the only blog out there specifically dedicated to the law of blogging. If you know of another, please tell me.
I've been publishing a post every weekday since late April. It turns out there's a lot of blog law to blog about. I hope many of you will find it worthwhile.
Wednesday, April 21, 2010
What Animal Cruelty Videos May Tell Us About Teen Sexting
While researching a recent article on the increasing penalties associated with possession of child pornography, I kept coming across references to teen sexting. (The term “sexting” refers to “the act of sending sexually explicit messages or photographs electronically, primarily between mobile phones.”) As commentors on PrawfsBlawg and elsewhere have noted, there have been a number of reports that local prosecutors are using child pornography laws — which carry very hefty penalties — to go after teens who are creating, receiving, or forwarding sext-messages.
In response, several legislatures have proposed (and in some cases enacted) legislation that removes sexting from the category of child pornography and provides for lesser criminal penalties. I’ve been mulling over both the charging decisions of local prosecutors, as well as these legislative decisions, and I think that I might write about this topic over the summer. My thoughts are still in a relatively early stage, and so I’d love to get input from fellow Prawfs readers on what I’ve come up with. In particular, I’m interested in your thoughts about how some language from yesterday’s opinion in the Stevens animal cruelty video case may affect the constitutional status of sexting.
First, Stevens seems to suggest that teen sexting, unlike child pornography, may be protected by the First Amendment. The opinion contains the following description of Ferber — the case that initially held that child pornography is not protected by the First Amendment:
When we have identified categories of speech as fully outside the protection of the First Amendment, it has not been on the basis of a simple cost-benefit analysis. In Ferber, for example, we classified child pornography as such a category, 458 U. S. at 763. We noted that the State of New York had a compelling interest in protecting children from abuse, and that the value of using children in these works (as opposed to simulated conduct or adult actors) was de minimis. Id. at 756–757, 762. But our decision did not rest on this “balance of competing interests” alone. Id. at 764. We made clear that Ferber presented a special case: The market for child pornography was “intrinsically related” to the underlying abuse, and was therefore “an integral part of the production of such materials, an activity illegal throughout the Nation.” Id. at 759, 761. As we noted, “‘[i]t rarely has been suggested that the constitutional freedom for speech and press extends its immunity to speech or writing used as an integral part of conduct in violation of a valid criminal statute.’” Id. at 761–762. Ferber thus grounded its analysis in a previously recognized, long-established category of unprotected speech, and our subsequent decisions have shared this understanding.
As I read this language, the Court is explaining that child pornography falls outside of First Amendment protection, not because the government interests outweighed the individual interests at stake, but rather because images of child pornography are the product of child exploitation or sexual abuse — an argument that the Court made (at least implicitly) in Ashcroft when striking down the federal ban on virtual child pornography. Because children cannot consent to sexual activity, all sexually explicit pictures of children are considered non-consensual, and thus any sexually explicit image of a child is necessarily a product of child sex exploitation/abuse.
In contrast to the prototypical image of child pornography — i.e., an image taken by an adult of a child — teen sexting is not the product of child sex exploitation or abuse. That is because it is an image that the teen takes of him or herself, and his or her ability to consent to engage in sexually explicit conduct with an adult (even if it is just the taking of pictures) is irrelevant. [I am, of course, leaving to one side a teen who takes such a picture of him- or herself because of pressure from peers — the analysis in that case might be different.] We might argue that the teen ought not have taken the picture, and if the teen is under the age of consent in his or her jurisdiction perhaps they have no affirmative right to sexual autonomy that would include taking such a picture; however, assuming no involvement by adults in the production of the image, then I simply don’t see how the image can be considered a product of child sex exploitation or abuse. In short, I don’t see how prosecutors can charge teen sexting under child pornography laws.
Second, the Stevens opinion seems to cast some doubt on whether legislatures can outlaw sexting at all if the person who is taking the images of him- or herself is above the age of consent. Section III.B of the opinion contains the Court’s explanation about how the statute’s prohibition on depictions of animal cruelty includes many images of lawful activity. In particular, the opinion focuses on the fact that the statute outlaws possession of an image if the activity portrayed is illegal in the state where the image is possessed, even if the activity portrayed was legal in the jurisdiction when the image was created. Ultimately, the opinion doesn’t hold that an image is protected by the First Amendment so long as the activity portrayed was legal at the time the image was produced; however it does describe such images as “presumptively protected by the First Amendment” and characterizes prosecutions for the possession of those images as “presumptively impermissible applications” of the statute.
It seems to me that if a state’s age of consent law authorizes a sixteen year old to consent to sexual activity, then the ability to take sexually suggestive pictures of herself is a lesser included version of that right to sexual autonomy. And, arguing by analog to the Stevens opinion, sexting images are “presumptively protected by the First Amendment,” and thus ought not be subject to any criminal penalties, even if those penalties are not as severe as those associated with child pornography charges. If I am correct about this argument by analogy to Stevens, then perhaps the federal statute defining child pornography as including images of any person under the age of 18 needs to be re-thought, since the most U.S. states set their age of consent at 16 or 17.
Now, I’m sure that there are a number of issues that I am missing with this analysis. For example, teenagers may not have the same rights of expression or sexual autonomy as adults, age of consent laws notwithstanding, and thus their First Amendment rights to create and possess these pictures may not receive the same protection. Or perhaps because these images are being sent via the internet or wireless networks, there may be some other hook that allows government regulation. In any event, I find the topic really interesting and if anyone is will to share their thoughts or impressions either in the comments thread or via email, I’d really appreciate it.
Friday, April 02, 2010
"Hot News" Misappropriation: Implications for Bloggers? for Bloomberg News?
What happens when the interests of newsgatherers and news aggregators collide? That was the issue before District Court Judge Denise Cote last month in Barclays Capital Inc. v. Theflyonthewall.com (S.D.N.Y., 3/18/10), and the opinion in the case arguably has negative (dare I say ominous?) implications for bloggers and for anyone who republishes truthful information about a matter of public concern, even if that information has already leaked into the public domain.
The plaintiffs in the case were the financial services firms Barclays Capital, Merrill Lynch, and Morgan Stanley. They sued Theflyonthewall.com (Fly) for misappropriation and copyright infringement for redistributing their stock analysts' investment recommendations "through unauthorized channels of electronic distribution." Fly is an Internet subscription service that aggregates and distributes "relevant, market-moving financial news and information." Fly often obtained research reports and recommendations via leaks from plaintiffs' employees or clients. Fly would then quickly distribute the recommendations before the New York Stock Exchange opened, thereby undercutting the plaintiffs' abilities to profit from their reports.
After a bench trial, District Judge Cote entered judgment against Fly for copyright infringement, and awarded statutory damages, a permanent injunction against direct copying and republication of the reports, and attorneys' fees for the portion of the litigation expenses associated with pursuing the copyright infringement claim. She also held that Fly had engaged in "hot-news misappropriation" when it redistributed the recommendations from the plaintiffs firms' investment reports before the opening of the New York Stock Exchange and crafted a "time-delay" injunction requiring Fly to delay future distributions for a specified period after the firms released their reports to remedy the problem.[Full details below.]
The theory of "hot news" misappropriation stems from International News Service v. Associated Press, 248 U.S. 215 (1918), in which the Supreme Court held, under federal common law, that "hot" news is "quasi-property." That case involved a claim by the Associated Press against a competing news service that was obtaining and then redistributing on the West Coast AP battlefront news releases during World War I. The Court's decision reflects the notion that "time is property", or as my colleague Michael Wolf puts it, the decision protects the "money value of time" as opposed to the "time value of money." It also protects the "labor value" that AP invested in newsgathering, at least for a limited time. The "hot news" misappropriation doctrine was criticized by no lesser lights than Justice Brandeis and later Judge Learned Hand. In fact, Justice Brandeis wrote in dissent in INS v. AP that "the general rule of law is that the noblest of human productions--knowledge, truths ascertained, conceptions,and ideas--become, after voluntary communication to others, free as the air to common use." Despite the pedigree of its critics, the hot news misappropriation tort nonetheless caught on.
Indeed, Judge Cote relied on a Second Circuit decision, National Basketball Ass'n v. Motorola, Inc., 105 F.3d 841 (2d Cir. 1997), to define the contours of the tort. There, the NBA sued the maker of a hand-held pager that provided real-time information about basketball games. The Second Circuit held that a "narrow" hot news misappropriation claim could survive preemption by the federal Copyright Act when "extra elements" were present. The extra elements are: "(i) a plaintiff generates or gathers information at a cost; (ii) the information is time-sensitive; (iii) a defendants use of the information constitutes free riding on plaintiff's efforts; (iv) the defendant is in direct competition with a product or service offered by the plaintiffs; and (v) the ability of other parties to free-ride on the efforts of the plaintiff or others would so reduce the incentive to produce the product or service that its existence or quality would be substantially threatened."
Applying this test, Judge Cote held that Fly had misappropriated the research reports of the financial services firms when it distributed them to its subscribers before the opening of the New York Stock Exchange. Judge Cote wrote: "Fly's core business is its free-riding off the sustained, costly efforts by the Firms and other investment institutions to generate equity research that is highly valued by investors. Fly does no equity research of its own, nor does it undertake any original reporting or analysis . . . [Fly's] only cost is the cost of locating and lifting the Recommendations and then entering a few keystrokes into its newsfeed software. Although Fly does attribute each of the Recommendations to its originating firm, if anything, the attributions underscore its pilfering."
Alarmingly, Judge Cote absolutely rejected the argument that Fly had a right to redistribute truthful information that had already made its way into the public domain. "[I]t is not a defense to misappropriation that a Recommendation is already in the public domain by the time Fly reports it." The judge found it of no moment that the "actors in the marketplace repeat news of Recommendations to their friends and colleagues, such that the word inevitably gets out. Rather, it is that Fly is exploiting its self-described 'hefty relationships with people in the know' to gather information from the rumor mill and run a profitable business dedicated, in large part, to systematically gathering and selling the Firms' Recommendations to investors."
Judge Cote also found that the plaintiffs were in direct competition with Fly even though they were not themselves in the news business. As to the final factor of the NBA test--whether the plaintiffs would have a reduced incentive to invest in research--Judge Cote found that the plaintiffs' investments in research had diminished because Fly and other news services had published their leaked recommendations. Significantly, and quite interestingly, Judge Cote found that the "unauthorized redistribution of [analyst] Recommendations" was a "major contributor to the decline in resources that each Firm devotes to equity research." (emphasis mine) To be fair, the judge did concede that there were other factors in play during this time that might have affected analyst staff and budgets. She observes, for example, that "[s]ince 2008, the world has experienced an economic cataclysm." Still, it is richly ironic that these firms are concerned about protecting the "integrity" of their equity research.
In crafting a remedy for Fly's misappropriation, Judge Cote took into account "public policy considerations" but made no mention of the First Amendment. Specifically, she observed that the production of equity research "is a valuable social good" that will be "underproduced unless the Firms can achieve an economic return on their investment." She also noted that there is an "important" public interest in "'unrestrained access to information', particularly when the information is heavily fact-based." She therefore enjoined Fly from unauthorized redistribution of Plaintiffs' research recommendations released when the market is closed "until one half-hour after the opening of the New York Stock Exchange or 10 a.m., whichever is later." She enjoined Fly from publishing recommendations issued when the market is open until two hours after their release by the Plaintiffs.
From a media lawyer's perspective, there are compelling interests on both sides of the case. On one hand,the newsgatherers and content generators wish to turn a profit (and stay in business), and their ability to do so is threatened by online news aggregators. On the other, this case involves a prior restraint preventing republication of newsworthy information, even if that information has already entered the public domain. It also involves the imposition of tort liability for the publication of lawfully obtained truthful information. Given this conflict, surely the district judge should have at least considered how to reconcile her decision with First Amendment cases like Near v. Minnesota, Florida Star v BJF, and Bartnicki v. Vopper. Fly evidently plans to appeal the district court decision, so perhaps the appellate court will do a better job of reconciling the conflicts present in this case.
Posted by Lyrissa Lidsky on April 2, 2010 at 04:18 PM in Blogging, Constitutional thoughts, Corporate, First Amendment, Information and Technology, Intellectual Property, Torts, Web/Tech | Permalink | Comments (3) | TrackBack
Sunday, January 03, 2010
Whither law firm prestige?
With the economic and law market downturn we are hearing a lot about shifts in the legal market paradigm - the end of the billable hour, changes in associate recruitment and training, etc.. I recently came to find out about a web entity that made me thing about potential changes in the way clients choose and manage their law firms. Traditionally, firm prestige has been very important in attracting clients, however as with many business situations it has historically been driven by word of mouth and other fairly informal measures of the quality of past work. In the information age we inhabit, many traditional paths to acclaim and reputation have been either supplanted or at least augmented by more direct and systemic measurements of perceived quality.
For instance, consider Tripadvisor and similar hotel rating programs. They provide a good bit richer information than the traditional star rating, word of mouth, or travel book recommendations. Prior guests post numerical ratings on a number of dimensions, provide specific comments on their experience, and can even upload photos of their room and the rest of the hotel. In similar vein, professors now are subjected to online ratings for their classes. How long will it be before clients come to primarily use similar services to inform their choice among law firms? Granted, I am pretty sure that the NLJ 250 probably won't be displaced by small local firms completely. Further, there are the M-H peer review rankings to consider.
Still, I am curious as to whether firms will be able to fend off these type of evaluation systems that have, at least to some degree, come to drive markets in other areas. Further, might clients also take note of sealed bid proposal systems that have become popular in e-commerce (similar to traditional construction firm practices) in deciding which law firm will represent them? Now, back to that web entity I had alluded to previously - Elance.com. This site allows clients seeking expertise (including legal expertise) to evaluate potential contractors with rich evaluation data and it incorporates a bid system for hiring. Is this the future of law firm hiring? Whither traditional notions and pathways of law firm prestige? I'm guessing that it's unlikely that such a system would largely supplant traditional firm prestige, but I would not be surprised if certain aspects of such a system became increasingly utilized in the law market. Below is a short video explaining how Elance works - rest assured, I have no stake in their success; it just started me thinking on these matters.
Friday, December 11, 2009
Dear Judge: No Glory Days For You
If you're a judge with a Facebook page...and if any of your old high school friends are lawyers...and if they may appear before you...then no "friend"ing on Facebook to relive those high school days of youthful prowess. At least according to Florida's Judicial Ethics Advisory Committee, because "[t]he Committee believes that listing lawyers who may appear before the judge as 'friends' on a judge's social networking page reasonably conveys to others the impression that these lawyer 'friends' are in a special position to influence the judge." So stay away from the Boss. You'll just get depressed. Learned about this development from the NYT today, which indicates that the opinion is merely advisory, and quotes ethics guru Stephen Gillers from NYU as saying that this goes too far. Because, I'm sure, it's disrespectful to the Boss.
Posted by Fabio Arcila on December 11, 2009 at 11:38 AM in Civil Procedure, Culture, Current Affairs, First Amendment, Information and Technology, Judicial Process, Web/Tech | Permalink | Comments (0) | TrackBack
Friday, October 16, 2009
Missing in Action: Innovation
America used technological innovation to attain victory in World War II and the Cold War. Why haven't we done the same with the wars in Iraq and Afghanistan?
Jet engines, nuclear weapons, satellites and stealth planes all were born of an innovative frenzy unleashed in our drive to beat the Axis and the Soviet Union. You might think a similar technological surge might have occurred following the attacks of September 11, 2001.
It didn't happen.
Since 9/11, we have seen the debut of the iPod; we have sent unmanned rovers to explore Mars, and we have perfected vitamin-sized capsules with tiny cameras and lights that we can swallow to investigate our intestines. Toyota has even started selling cars that parallel park themselves.
Yet we have invented almost nothing to fight Islamist extremists. I find that utterly mystifying.
For the duration of the Iraq War, the U.S. Army has been tinkering with small robots capable of heading into combat with a machine gun or a sniper rifle while remotely operated from a mile away. That sounds like something that should be a game changer. But sadly, the only significant use of these machines has been for IED disposal. The combat-ready versions have languished in a seemingly endless process of evaluation.
A deployment of three of the combat-ready SWORD robots in 2008 ended with the Army withdrawing funding. The contractor is now trying to win back the Army with an enhanced version that can carry more payload and can do double duty with a manipulator arm for bomb disposal.
By now, we should have been sending whole armies of remote-controlled machines into insurgent-filled neighborhoods. What's our excuse? It cannot be that the technology is not feasible. That is just question begging. In a country rife with genius and research money, why haven't we made it feasible?
The paltry wartime innovation that has actually occurred since 2001 speaks more to opportunities lost than accomplishments achieved.
For instance, the most prominent technological advance employed in the wars in Afghanistan and Iraq is, without a doubt, the Predator drone aircraft. Indeed, the Predator would be a laudable example of wartime cleverness but for one thing: It started flying in 1995.
Can you imagine what we could have made by now if we had kicked it into high gear after 9/11?
Perhaps the best example of a real wartime innovation in recent years is the MRAP – the Mine Resistant Ambush Protected utility vehicle. But ultimately, the MRAP is better example of sloth than success. Built with a v-shaped hull to deflect the blast of buried explosives, the MRAP showed a clear capacity to save soldiers' lives. Yet after years of ignoring pleas from commanders in the field, the Pentagon only made large-scale manufacture of the MRAP a priority in 2007. In 2008, in part thanks to the MRAPs, casualties from roadside bombs have dropped 88 percent.
During World War II, the U.S. rushed newly designed bombers into the sky and manufactured them at the rate of a squadron a day. If we had put forth even a fraction of that effort with projects like the MRAP, we could have saved hundreds if not thousands of lives in Iraq. What is more, the increased effectiveness of our troops over those years in Iraq would have meant greater security for Iraqi civilians and consequently far less bloodshed among noncombatant Iraqi citizens.
Despite the opportunities lost, it is not too late for military innovation to win, end, and prevent wars in the Middle East. The war in Iraq, though it has receded from recent headlines, is far from over. The situation for NATO troops in Afghanistan is, of course, growing worse. And Mahmoud Ahmadinejad is pushing Iran to be able to threaten Israel and other countries with nuclear weapons.
Whatever leadership failure or bureaucratic tangle is responsible for our current torpor, we should not tolerate it. To win wars and keep the peace, we must come back to doing what America has long done best: Invent.
Tuesday, June 23, 2009
There’s been lots of Apple news over the past few days: Steve Jobs [probably] had a liver transplant a few months ago, at least according to the Wall Street Journal. Apple has sold more than a million of its newest Iphone within the first three days of making it available. And Apple stock is selling in the middle of its 52-week range.
Closer to home, I’m about to use my PC to click and order a MacBook. Although the Mac v. PC topic has been explored before on Prawfsblawg, I want to return to The Laptop Dilemma (with apologies to Michael Pollan’s The Omnivore’s Dilemma). I’m caught in the Mac v. PC wars Perhaps I’ve been captured (I’m certainly enraptured) by almost all of the ads in the almost 8 minute youtube video: Hello, I’m a Mac. And I’m a PC. I love the ones where the PC is sick, but the Mac remains healthy; where the PC and Mac each talk about the cool things they can do (the PC has a calculator!); and where the two of them see a therapist to discuss their differences. So I’m probably going to use my educators’ discount, get a free Ipod Touch (not an Itouch, the indignant Apple salesperson informed me), and join the MacWorld. But I’ll get Microsoft’s Office installed on my new laptop. That way, I can keep my fingers and keyboard in both worlds, and continue to interface with my work environment, in which I still need to open WordPerfect documents (apparently, Apple’s Pages can’t open WordPerfect documents yet).
Please let me know what you think. It’s not too late to stop me, or to encourage me to pass go!
Thursday, April 09, 2009
Self-Archive Your Scholarship
Scholarly articles should be freely available on the internet – downloadable, without charge, at a click. And legal scholars should see that this happens for their articles.
Let’s face it. As academics, we are in an enviable position. Others pay us to engage in scholarship – largely to write law-review articles. Our efforts are funded by tuition-paying students, alumni benefactors, and in many cases, the taxpaying public. It seems to me that the least we owe in return is making our scholarly articles available to everyone who wants to see them.
I would go so far as to say that I think there is something of an ethical obligation to do this.
Take you, for instance. You just finished the perfect law-review article:
The International Intersection of Intellectual Property and Constitutional Liberties in the Sports and Entertainment Industries: Implications for Race, Gender, the Environment, and Animal Rights
You’ve finally achieved your life-goal of being able to hit “select all” on the ExpressO article-submission service. Now, are you really going to keep your carefully crafted masterpiece from the 99% of humanity that doesn’t have Westlaw, Lexis/Nexis, or a subscription to the Transnational Journal of Winter Sports Law?
If there is some good to be served by law professors writing scholarly articles, then that good is furthered by posting articles publicly. And if, as some argue, law professors are only out to obfuscate, confuse, and annoy, then those goals are necessarily furthered by public posting as well.
It turns out that I am not the only person who feels that it is important to make the fruits of research accessible. There is something of a movement specifically along the lines of what I am talking about. It’s called self-archiving. Yet it appears to be far more popular in the sciences than in the legal academy. I hope that changes.
Now wait a minute, you say. There is a potential copyright issue here, right?
Yes, there might be, if you signed over the copyright or certain exclusive rights to your publisher. But many law reviews are now putting a self-archiving right in their standard author agreements. And my sense is that most of those who don’t are open to the idea if asked. So if you are in the midst of law-review submissions right now, I urge you to try to secure the right to self-archive your work. And for articles you have already published without retaining the right to self-archive, why not e-mail the law review and ask for permission now. The worst they can say is no. And they will probably say yes.
Then, put your articles up on your webpage where people can get at them.
Friday, March 06, 2009
Can Punitive Damages Law Inform the Copyright Infringement Litigation?
I'm just now getting a chance to listen to UCLA prawf Doug Lichtman's really cool podcast on the relationship between punitive damages law and the copyright infringement litigation. I haven't gotten to the point yet where my voice pops up, which is all for good since I often cringe at the playback of my recorded voice. Here's the summary of the podcast, which is part of Doug's ongoing IP Colloquium series:
Joel Tenenbaum looks a lot like every other defendant who has been accused by the music industry of illegally sharing copyrighted work online, but with one key difference: his defense attorney is Harvard Law School Professor Charlie Nesson, and Nesson is out to turn his case into a public referendum not only on the music industry's efforts to enforce copyright through these direct-infringer suits, but also on the copyright rules that make the industry litigation possible.
In this program, we engage Nesson's key arguments, focusing especially on Nesson's claim that copyright law's statutory damages regime runs afoul of constitutional protections against excessive and/or arbitrary civil damages awards.
Guests include Professor Nesson himself; Steven Marks, General Counsel for the Recording Industry Association of America; and three of the leading academic experts on punitive damages: New York University Professor Catherine Sharkey, Florida State Professor Dan Markel, and George Washington University Professor Thomas Colby. UCLA Law Professor Doug Lichtman moderates.
Posted by Dan Markel on March 6, 2009 at 10:34 AM in Culture, Current Affairs, Dan Markel, Information and Technology, Intellectual Property, Retributive Damages | Permalink | Comments (0) | TrackBack
Monday, September 29, 2008
"Freedom of Memory Today"
Someday, we may be able to pharmaceutically dampen or erase traumatic memories from the recent past. Such technologies raise many interesting legal and ethical questions. On occasion, though, questions about memory erasure already arise. In this four-page article in the journal Neuroethics, I discuss a real-life case of intentional memory erasure and some of the issues it raises. The case reveals why the contours of our "freedom of memory"--our limited bundle of rights to control our own memories and be free of outside control--already warrant some attention.
Friday, September 19, 2008
"Yippee! You Can't See Me, But I Can You": Pink Floyd and Public Video Surveillance
I visited London for the first time in 2003 and like, any self-respecting Pink Floyd fan, immediately set out on a pilgrimage to the site of the long-vanished UFO Club, where the band first achieved cult status. It was quite hard to find, in part, because unlike concert venues such as TT the Bear’s in Cambridge, The Metro in Chicago, or CBGB’s (may it rest in peace) in New York, the UFO Club was not a particular place but rather a periodic experience that took place every Friday night in what was, during the rest of the week, an Irish dancehall (kind of like a Jewish Reconstructionist congregation that borrows space in a Unitarian Church for services each Friday evening). The Wikipedia article that identifies the UFO Club’s exact whereabouts was not yet posted, and the only site on the Web I could find that purported to give its specific address on Tottenham Court Road was filled with misspellings and suspicious factual claims. But it was my only lead, so I followed it, and found myself on a quiet block with only a closed movie theater and a closed camera store, on which I wandered back and forth trying to establish the exact location on which Pink Floyd once played “Interstellar Overdrive” (in the video footage of the UFO Club performance that I’ve included above).
All of which brings me to public video surveillance: As I wandered back and forth examining the closed movie theater and the closed camera store, I noticed there was a video camera above the street that was moving back and forth with me, apparently observing my behavior which, to someone who was unaware of my loyalty to Pink Floyd or the poor-quality information in my head about the UFO Club’s former location, probably seemed crazy, or an attempt to case for the camera store or movie theater for a robbery.
London is covered with such video cameras – according to one estimate, at least 500,000 of them. American cities, such as Washington, DC, Chicago, and New York, are installing similar video surveillance systems in their streets, parks and public transportation systems. One reason for this massive proliferation of cameras is the greater concern that people, and the law enforcement agencies charged with protecting them, feel about terrorism in the wake of the 9/11 attacks. Cities also want to use cameras to more effectively tackle crime, and to more closely monitor events where there is a need for crowd control. So far, Congress and other legislative bodies have placed few hurdles in the way of such camera systems, and the General Accounting Office and others have decided that these systems likely raise no constitutional issues under the Fourth Amendment’s bar on unreasonable searches so long as the cameras only observe what happens in public space and do not capture video of the insides of homes, offices or other private spaces. Others argue that since the government would not have to get a warrant (or satisfy any other Fourth Amendment requirement) to put a police officer on every block, it shouldn’t be under any more constitutional restriction when it tries to cover much of the same ground with the more technologically-advanced method of installing cameras over each block.
But that argument misses something. While installing camera systems is like putting a police officer on each block, it is also **unlike** doing so – in what may be constitutionally significant ways. Electronic eyes can capture much more detail than a person’s unaided observations – especially when they are equipped with powerful zoom capacities and can be connected to computers that can store and analyze massive amounts of information. The police officer on each block will not remember every face he or she sees. He won’t be able to capture a record of every detail about our behavior for later analysis. A powerful enough camera system might be able to do so.
Nor is it the case that what people do in the open is, by virtue of its happening in public space, automatically free of any “reasonable expectation of privacy.” I can’t pretend that I felt my privacy was invaded when I was watched in London: I didn’t reveal much about myself when I walked back and forth on that London block, and would not have worried much even if the camera operator had been able to infer something about my musical tastes. But there are other times we can hardly avoid revealing hints about sensitive personal matters in public – when, for example, we enter a psychiatrist’s office or other medical facility from a public street, pause to write down the time and location of an Alcoholics Anonymous meeting announced on a kiosk, or go for job interviews in hopes of changing our career path (and under the assumption that are current employers aren’t at all likely to be nearby). So it should not be shocking that, in a survey Christopher Slobogin reports on in explaining why public video surveillance should be a constitutional matter, the survey subjects judged CCTV surveillance to be quite intrusive – and more intrusive than some law enforcement techniques that the courts have classified as searches under the Fourth Amendment. And as Daniel Solove has argued, the slogan the British government used to drum up support for England’s enormous video surveillance system – “You’ve Got Nothing to Fear if You’ve Got Nothing to Hide” – doesn’t really do justice to our considered judgments about privacy rights: “The key misunderstanding is that the nothing to hide argument views privacy in a particular way – as a form of secrecy, as the right to hide things. But there are many types of harm involved beyond exposing one’s secrets to government.” Even if the government is unlikely to care about our medical appointments or job interviews, life might be more a lot more uncomfortable, and a lot less free, for us if officials keep video records of such events – records that might one day be the target of FOIA requests by others, discovery requests in private litigation (as has happened to electronic highway records sought in divorce proceedings) or might be inadvertently placed on sites where interested people or businesses can find and search them.
There’s also another reason that city wide video surveillance might raise constitutional concerns that don’t arise for old-fashioned police observation in public space: Where a new surveillance technology erases long-standing practical constraints, the only way to keep government in check may be to substitute legal constraints. Judges and lawyers have sometimes appeared to rely on similar logic about the interchangeability of practical and legal constraints when arguing that we **don’t need** the Constitution to protect us from ubiquitous use of police roadblocks or “dog sniff” vehicle checks, because practical constraints already provide assurance that police aren’t going to waste valuable resources manning unnecessary roadblocks or use drug-sniffing dogs on every driver. In Illinois v. Lidster, Justice Breyer noted that permitting the checkpoint program in that case wouldn’t lead “unreasonable proliferation of police checkpoints” because “[p]ractical considerations--namely, limited police resources and community hostility to related traffic tie-ups--seem likely to inhibit any such proliferation.” (540 U.S. 519. 526 (2004)). The same point was made by an amicus brief in Illinois v. Caballes, which pointed out that practical limitations “prevent law enforcement from training enough qualified handlers and dogs to allow a substantial proliferation of the use of canines.” (Brief of Amici Curiae The Illinois Association of Chiefs of Police and The Major Cities Chiefs Association in Support of Petitioner in Illinois v. Caballes, 543 U.S. 405 (2005)). But, of course, these practical restraints disappear when officials obtain technology that allows them to conduct the same kind of surveillance at a much lower cost – for example, by using an electronic “dog on a chip” or wasps instead of trained dogs to investigate vehicles for drugs or other contraband. High-tech video surveillance systems can overcome the practical limits on ubiquitous visual surveillance in much the same way.
So what’s to be done about this? One proposal I think won’t work is to simply dismantle the camera systems – or adopt a rule that flatly prohibits their use (or comes close to doing so). While today’s camera systems are still of limited use in battling crime and terrorism, it’s hard to think that this will remain the case as the technology improves. Although the British government could not use London’s camera system to stop the subway terrorist attacks that occurred in 2005, for example, video footage was valuable in tracking down the suspects. And being able to solve crimes of that sort helps prevent similar attacks in the future. Rather than insist on preventing use or installation of such camera systems, those who wish to safeguard Fourth Amendment privacy protections (and other relevant constitutional provisions) do better to accept their existence, and then think about how the Constitution, or yet to be enacted statutes, should constrain the way they are used or designed. Fortunately, while courts have not chimed in (and are unlikely to do so soon), legislators and agencies are already doing some thinking about this. The Department of Homeland Security’s Privacy Office, for example, recently held an illuminating workshop on video surveillance technology, its use by law enforcement, and the legal or administrative rules that should govern it.
On a more general level, impressive technological changes like those accompanying the spread of city-wide camera systems underscore the need to periodically examine how to preserve familiar constitutional principles in new social and technological landscapes. When government can, thanks to new camera technology, suddenly gather and compile extensive private information about us from our activities in public space, then the old rule of thumb – that surveillance of our public activities violates no “reasonable expectation of privacy” simply because those acts happen in the open, where anyone can observe them – no longer works to protect the underlying principles behind Fourth Amendment privacy protection. Rather, we need to set aside that rule of thumb, go back to first principles, and then engage in something akin to the kind of “translation” of these principles that Lawrence Lessig has written about with respect to other constitutional questions. It shouldn’t surprise us too much that we may need to revisit and rethink elements of the Supreme Court’s “reasonable expectation of privacy” test for what counts as a Fourth Amendment search. A lot has happened in the 41 years since the Supreme Court issued the decision in United States v. Katz, where that test was first introduced back in 1967 – the same year, incidentally, that Pink Floyd released its first album, The Piper at the Gates of Dawn, and made a name for itself at the UFO Club.
Wednesday, September 17, 2008
Mind Games and Privacy Risks
In case you missed it in the Neuroethics & Law blog earlier this year : A company called Emotiv is getting ready to roll out a video game that you control with your mind. As a recent CNN article describes it:
“The Emotive EPOC headset – the first Brain Computer Interface (BCI) device for the gaming market . . . detects and processes real time brain activity patterns (small voltage changes in the brain caused by the firing of neurons) using a device that measures electrical activity in the brain. In total, it picks up over 30 different expressions, emotions, or actions.”
Other companies offer (or intend to offer) similar technology: NeuroSky offers a series of devices that can convert states of attention, meditation, or other mental states associated with specific brainwave patterns into commands for computers, robots, appliances, or whatever the user wishes to control. Other products of this kind include OCZ’s “neural impulse actuator” and Brain Actuated Technologies, Inc’s “cyberlink headband” and “brainfingers” technology (The YouTube video I’ve attempted to embed above provides a demonstration of the headband).
This is all really intriguing – and I can’t wait to see whether we use this technology to retool law school exams -- or perhaps even oral arguments in the Supreme Court – so that they take the form of video games, where you can zap monster-shaped questions and challenges to your client’s claims by conjuring up brilliant arguments inside your mind’s eye.
On a more serious note, though, I wonder whether this technology raises more serious privacy concerns than are raised by archived Google searches and recorded Web use. That’s not to say every record we produce by mental effort must remain hidden from public view. When our minds directly generate only the same kind of conscious action that once required an intermediate muscle movement, a mind-controlled video game doesn’t seem to compromise privacy any more than the old-fashioned type of Web-based video game would (If it makes sense to call any such game “old fashioned.”). We probably don’t reveal much more about ourselves when we fire a virtual laser gun with a brainwave pattern than we do when our mind directs our hand to press a button to zap a virtual gun. But as the CNN article notes, the EPOC headset not only picks up brain activity associated with muscle movements, but also emotions – and perhaps emotional (or other mental) activity you’re not fully aware of as you experience it. Put this dimension of video games’ future together with another trend – the increasing trend of gamers to seek entertainment in on-line interactive games generated by computer servers far beyond their homes – and you have a recipe for what could be a serious privacy problem: a world where every one who plays a Web-based video game, or issues mental commands in other Web-based activities, can do so only by sharing unconscious feelings or other states of mind with the outside world, and perhaps offer them for recording and archiving.
To be sure, it would not be entirely unprecedented for us to find our privacy threatened by technology that recorded evidence of unconscious thoughts or feelings: Experts analyzing a surreptitiously recorded conversation might infer things about our emotional state from our tone of voice. A public video camera on the street might capture facial expressions, patterns of movements, or other behaviors that betray feelings or mental states that we’re not even aware of. But I somehow find it more unnerving that technology is emerging that officials, businesses, or busy bodies might use (perhaps inaccurately or dishonestly) to read and record mental states even of those who stay stone-faced and silent.
That doesn’t mean I think there’s anything inherently bad about this technology – or about its use on the Web or other electronic environments. On the contrary, apart from providing us with new forms of entertainment, such technology can give some disabled individuals the power to control computers with mental signals that they can’t control with their hands. It provides individuals with biofeedback devices they can use to improve concentration or control stress. And it might also be a boon for those of us who are curious about what kind of electrical brain activity corresponds to specific experiences, thoughts, or feelings. (It would be fascinating, for example, to see a record – even a relatively crude one – of what brain activity patterns were generated during an intense nightmare or other dream).
What would be bad, however, is a world where – thanks to our near constant-connection to the Internet – we can only get the benefits of these new “neurotechnology killer apps” (as Adam Kolber has aptly described them) by sharing private feeling states with the rest of the world. At a minimum, then, I think we should be thinking about how we can reap the benefits of these (and similar) technologies with minimal costs to privacy. One excellent starting point for such thinking is Neil Richard’s forthcoming Texas Law Review article, Intellectual Privacy, which I had the pleasure of commenting on at a recent conference. As the article notes, since “we have come to rely on computers and other electronic technologies to live our personal and professional lives . . . ”, we find ourselves generating “a record of our intellectual activities -- a close proxy for our thoughts –- in unprecedented ways and to an unprecedented degree.” This need to leave a trail of intellectual records behind makes us vulnerable not just to garden-variety intrusions into our privacy, but to intrusions into our First Amendment freedom of thought. And while the article focuses on the threats of this sort that exist here and now – the record we leave when we enter Google search terms or link from Web site to Web site – our freedom of thought may be even more vulnerable in a world where we leave behind not only records of our intellectual choices, but snapshots of unfiltered emotional and other mental states. Thus, I think Neil is right that we have to tackle (with more clarity and vigor than we have before) the challenge of building robust intellectual privacy protections into our legal regime and perhaps also into the design of new technologies.
Thursday, August 28, 2008
Io v. Veoh: Harmful to YouTube?
Yesterday's decision in Io Group, Inc. v. Veoh Networks, Inc. is generally being hailed around the blogosphere as a win, or at least a bit of good news, for YouTube in its ongoing infringement fight against Viacom. See the L.A. Times, CNet, Wired, Silicon Alley Insider, Techdirt, TechCrunch. Certainly Google is trumpeting the case as a win.
The piece of the decision most commenters are focusing on is the holding that Veoh's automated reformatting of uploaded materials does not create copies for which Veoh is responsible. That's clearly a good precedent for ISPs that process uploaded content somehow (and follows on the heels of the Second Circuit's similar decision in the Cablevision case).
But there's a key component of the decision that is not at all helpful to YouTube.
The Io court specifically noted that Veoh was able to invoke the DMCA safe harbor, shielding it from liability, because "there is no indication that Veoh has failed to police its system to the fullest extent permitted by its architecture." (Slip op. at 29.) Among those policing efforts was Veoh's practice of using "digital fingerprint technology" to "prevent[ ] the some infringing content from ever being uploaded again." But as I've said before, I believe the real driver behind Viacom's suit to be its claim that YouTube has filtering technology that it refuses to use to police Viacom's content. From Paragraph 7 of the Viacom First Amended Complaint:
Moreover, YouTube has deliberately withheld the application of available copyright protection measures in order to coerce rights holders to grant it licenses on favorable terms. YouTube’s chief executive and cofounder Chad Hurley was quoted in the New York Times on February 3, 2007, as saying that YouTube has agreed to use filtering technology “to identify and possibly remove copyrighted material,” but only after YouTube obtains a license from the copyright owner.... Those who refuse to be coerced are subjected to continuing infringement.
So Viacom's claim is that YouTube is not policing its system to the fullest extent permitted by its architecture, and in fact is holding some tools back as a bargaining chip. To the extent Io and other decisions are holding that, to preserve its DMCA immunity, an ISP has to police its system to the best of its abilities, YouTube may be in trouble (assuming Viacom's facts are accurate).
It's important to note that in the Io decision, the implicit requirement to police the system comes up in the context of discussing vicarious liability, which is not immunized under the DMCA safe harbor. And vicarious liability has two prongs to it, (1) the "right and ability to supervise the infringing activity" and (2) a "direct financial interest" in those activities. The Io court's discussion of policing occurred in the context of addressing the first prong. The second prong would still need to be demonstrated, and that would likely require a showing that, e.g., YouTube's ability to sell ads was somehow enhanced by the infringing content. Maybe that would succeed, maybe it wouldn't.
But I think the same "duty to police" theory may apply under the core of the safe harbor itself, Section 512(c)(1)(A)(ii). Section 512(c)(1) was not at issue in Io because Io never actually even sent a takedown notice; after spotting infringing files on Veoh's site, it decided to proceed directly to an infringement complaint. (Is this another case of, perhaps, some pre-1998 law school grads being a menace?) Section 512(c)(1) says that, in order to keep its immunity, an ISP hosting infringing content must do a few things, one of which is "act[ ] expeditiously to remove, or disable access to, [infringing] material" if it becomes "aware of facts or circumstances from which infringing activity is apparent." Congress called this a "red flag" provision in the legislative history; an ISP cannot simply ignore red flags indicating infringement and wait for the takedown notices to flow in, if it wants to preserve its immunity.
Does choosing not to use a filter that would screen out additional copies of a work cited in a takedown notice constitute ignoring a red flag? Io suggests that the answer may be yes, and if so, YouTube may be in trouble.