Wednesday, August 15, 2012

Free Speech Rights in Social Media for College Students: Tatro v. U. of Minn.

I've been working on putting together a comprehensive list of social media cases with a First Amendment angle, and I recently came across the fascinating case of Tatro v. University of Minnesota, 816 N.W.2d 509 (Mn. 2012), which the Minnesota Suprem Court decided at the end of June.  In case you missed reading this case in June, as I did, here's a summary.

The University of Minnesota sanctioned Tatro, a junior in its mortuary science program, by giving her a failing grade in her anatomy lab and forcing her to undergo a psychiatric evaluation because she posted “violent fantasy” (pretty tame stuff, really) and “satiric” comments about her human cadaver on Facebook.  Posting or "blogging" about her cadaver violated the University’s “Anatomy Bequest Program” policies, the Mortuary Science Student Code of Professional Conduct, and the rules of her anatomy course. She appealed the University’s imposition of sanctions on her speech through a writ of certiorari. The Minnesota court of appeals affirmed the constitutionality of the sanctions, and the Minnesota Supreme Court granted further review and also affirmed, basing its decision on the unique nature of the professional program in which the student was enrolled. 

The Minnesota Supreme Court treated the case as one of first impression, noting that the constitutional standard governing “a university’s imposition of disciplinary sanctions for a student’s Facebook posts that violate[ ] academic program rules” is “unsettled.” Although the court of appeals had resolved the case by applying  Tinker v. Des Moines Inc. Comm. Sch.the Minnesota Supreme Court held this standard  to be inappropriate because Tatro was disciplined not for the disruptiveness of her post but for its lack of “respect, discretion, and confidentiality in connection with work on human cadavers.” The Court instead determined that the appropriate standard was whether the university had “impose[d] sanctions for Facebook posts that violate academic program rules that are narrowly tailored and directly related to established professional conduct standards.” (The Court did not cite any particular Supreme Court precedent as the basis for this standard).  Applying this new standard, the Court concluded “that dignity and respect for the human cadaver constitutes an established professional conduct standard for mortuary science professionals.”  Having previously noted that the asserted purpose of the University’s rules was to “educate students” about their ethical duties in the funeral service profession and “maintain the viability of the Anatomy Bequest Program,” the Court found the academic program rules to be narrowly tailored even though they completely barred (!) blogging about cadaver dissection or the anatomy lab.  Tatro clearly violated these rules by giving her a “cadaver a name derived from a comedy film” and engaging in “widespread dissemination” of her comments, first through Facebook and later through the news media.  Consequently, punishing her for violating them did not abridge her First Amendment rights. 

This case raises some interesting issues, which I'd explore in more detail if I weren't staring down the barrel of multiple deadlines.  Some obvious questions raised are as follows: Is a standard proscribing "disrespect" unconstitutionally vague? How can a complete ban be narrowly tailored?  (Can't help thinking of Atul Gawande's writing in this context.)  Why doesn't ordering a psychiatric evaluation for "unprofessional" speech violate the First Amendment? (The Court didn't address whether the speech constituted a "true threat.")

As a media law professor, I noted with interest that my fellow media law professor Raleigh H. Levine, from William Mitchell College of Law, was an amicus in the case for the ACLU, along with Teresa Nelson.

Posted by Lyrissa Lidsky on August 15, 2012 at 09:23 PM in Blogging, Constitutional thoughts, First Amendment, Lyrissa Lidsky, Web/Tech, Weblogs | Permalink | Comments (4) | TrackBack

Friday, August 03, 2012

The Ethics of Practice in the Cloud

Some helpful tips here from the ABA Annual Meeting on this cutting-edge practice issue. I had looked forward to improved mobile access to my work documents in Apple's iCloud service, including my federal appeals, after I upgraded to the Mountain Lion OS. But according to this piece, I may need to consider another cloud service option. Maybe I shouldn't uninstall Dropbox just yet.  Time to research the cloud a little more closely!

Posted by Brooks Holland on August 3, 2012 at 11:06 AM in Web/Tech | Permalink | Comments (0) | TrackBack

Wednesday, July 18, 2012

Legal Education in the Digital Age

Legal Education in the Digital Age

With the latest news of U-Va. joining a consortium of schools  promoting online education, it seems only a matter of time before law schools will have to confront the possibility of much larger chunks of the educational experience moving into the virtual world.  Along with Law 2.0 by David I.C. Thomson, there is now Legal Education in the Digital Age, edited by Ed Rubin at Vanderbilt.  The book is primarily about the development of digital course materials for law school classes, with chapters by Ed Rubin, John Palfrey, Peggy Cooper Davis, and Larry Cunningham, among others.  The book comes out of a conference hosted by Ron Collins and David Skover at Seattle U.  My contribution follows up on my thoughts about the open source production of course materials, which I have previously written about here and here.  You can get the book from Cambridge UP here, or at Amazon in hardcover or on Kindle.

One question from the conference was: innovation is coming, but where will it come from?  Some possibilities:

  • Law professors
  • Law schools and universities
  • Legal publishers
  • Outside publishers
  • Tech companies such as Amazon or Apple
  • SSRN and BePress
  • Some combination(s) of these

I think we all agree that significant change is coming down the pike.  But what it ultimately will look like is still very much up in the air.  What role will law professors play?

Posted by Matt Bodie on July 18, 2012 at 05:24 PM in Books, Information and Technology, Life of Law Schools, Web/Tech | Permalink | Comments (8) | TrackBack

Tuesday, July 03, 2012

How Not to Criminalize Cyberbullying

My co-author Andrea Pinzon Garcia and I just posted our essay, How Not to Criminalize Cyberbullying, on ssrn.  In our essay, we provide a sustained constitutional critique of the growing body of laws criminalizing cyberbullying. These laws typically proceed by either modernizing existing harassment and stalking laws or crafting new criminal offenses. Both paths are beset with First Amendment perils, which our essay illustrates through 'case studies' of selected legislative efforts. Though sympathetic to the aims of these new laws, we contend that reflexive criminalization in response to tragic cyberbullying incidents has led law-makers to conflate cyberbullying as a social problem with cyberbullying as a criminal problem, leading to pernicious consequences. The legislative zeal to eradicate cyberbullying potentially produces disproportionate punishment of common childhood wrongdoing. Furthermore, statutes criminalizing cyberbullying are especially prone to overreaching in ways that offend the First Amendment, resulting in suppression of constitutionally protected speech, misdirection of prosecutorial resources, misallocation of taxpayer funds to pass and defend such laws, and the blocking of more effective legal reforms. Our essay attempts to give legislators the First Amendment guidance they need to distinguish the types
of cyberbullying that must be addressed by education, socialization, and stigmatization from those that can be remedied with censorship and criminalization.
To see the abstract or paper, please click here or here

 

 

Posted by Lyrissa Lidsky on July 3, 2012 at 03:44 PM in Article Spotlight, Constitutional thoughts, Criminal Law, Current Affairs, First Amendment, Information and Technology, Lyrissa Lidsky, Web/Tech | Permalink | Comments (0) | TrackBack

Saturday, June 09, 2012

Cyberbullying News: Parts of Missouri's Cyberharassment Law Unconstitutional

In 2006, Missouri teen Megan Meier committed suicide after being "cyberbullied" on MySpace by Lori Drew, a former friend's 49-year-old mom. Megan's suicide in response to Drew's cruel online hoax galvanized national attention around the problem of cyberbullying and prompted widespread calls for legal reforms. Missouri, naturally, was one of the first states to respond.  There, state legislators modernized and updated their existing cyberharassment and cyberstalking laws in an attempt to cover conduct such as that that led to Megan's suicide.  A week and a half ago, the Missouri Supreme Court dealt a setback to Missouri's efforts to combat cyberbullying by striking down a portion of the amended harassment law , and its decision may contain lessons for those pushing new legislation to criminalize bullying.    

Notably, Missouri v. Vaughn, the Missouri Supreme Court's decision striking down portions of the law under the First Amendment, did not involve cyberharassment.  Instead, it involved a defendant who repeatedly telephoned his ex-wife, leading prosecutors to charge him under  subdivision (5) of Mo. Rev. State 565.090.1 for ""knowingly mak[ing] repeated unwanted communication to another person," and under subdivision (6) for "[w]ithout good cause engag[ing] in an[ ] act with the purpose to frighten, intimidate, or cause emotional distress to another person, [which does in fact] cause such person to be frightened, intimidated, or emtionally distressed, and such person's response to the act is one of a person of average sensibility considering the age of such person."    

The court held that section 565.090.1(5) was constitutionally overbroad, despite the State's proffer of a narrowing construction that would have made the statute applicable only when the defendant's communications were repeated, unwanted, and targeted at a "particularized person," whatever that means. The court held that "[e]ven with the State's suggested constructions, subdivision (5) still criminalizes any person who knowingly communicates more than once with another individual who does not want to receive the communications."  The court gave examples illustrating subdivision (5)'s overbreadth, noting that it would apply to peaceful picketers or teachers calling on students once asked to stop. The court also found that the statute stretched well beyond what might be justified by the protection of residential privacy or "captive audience" members. The court therefore "severed" and struck subdivision (5) from the statute.

The court, by contrast, upheld subdividision (6) by reading it narrowly to address only fighting words and finding that prohibition of speech made "without good cause" was not vague. Section 565.090.1(6) makes it a crime to "[w]ithout good cause engage[ ] in any other act with the purpose to frighten, intimidate, or cause emotional distress to another person, cause such person to be frightened, intimidated, or emotionally distressed, and such person's response to the act is one of a person of average sensibilities considering the age of the person."  The court found that the legislature's exclusion of "the sorts of acts for which there could be good cause" meant that it only applied to expressive conduct that was intended to and actually did provoke "immediate substantial fright, intimidation, or emotional distress." (emphasis in original)  Though the reasoning is opaque [I'm being generous], the court seemed to believe that the "legislature's intent" underlying the good cause requirement transformed the statutory provision into one that only addressed "unprotected fighting words." Specifically, the court stated: "because the exercise of constitutionally protected acts clearly constitutes 'good cause,' the restriction of the statute to unprotected fighting words comports with the legislature's intent."

Separately, the court found that subdivision (6) was not vague. According to the court, there is a "common understanding" regarding what would "frighten, intimidate, or cause emotional distress" to a reasonable person. More dubiously, the court asserted that the "good cause" language of the statute would give a citizen adequate notice of what expression was unprotected by the statute as well as adequately constrain law enforcement discretion.  Relying on prior case law, the court stated: "'Good cause' in subdivision (6) means 'a cause that would motivate a reasonable person of like age under the circumstances under which the act occurred." Although earlier in the opinion, the court seemed to equate "good cause" with "protected by the First Amendment," here the court seemed to be using a standard legal definition of good cause, meaning done with justifiable motive. Regardless, court's determination that the "good cause" language is not vague is certainly contestable. 

Although the court upheld subdivision (6), the victory is probably a pyrrhic one for advocates of broad laws to address bullying behaviors.  The court apparently saved the constitutionality of subdivision (6) by adopting a ridiculously strained interpretation of it; under this interpretation, it only covers fighting words--those "which by their very utterance inflict injury or tend to incite an immediate breach of peace"--as defined by the Supreme Court in its 1942 decision in Chaplinsky v. New Hampshire.  It is worth noting that the Supreme Court has not upheld a conviction for the utterance of fighting words in the seventy years since it decided Chaplinsky. Moreover, as Rodney Smolla has noted, there is a "strong body of law expressly limiting the fighting words doctrine to face-to-face confrontations likely to provoke immediate violence."  In other words, the Missouri Supreme Court's interpretation of subdivision (6) makes it difficult to use as a tool for addressing cyberharassment, since it is unlikely to trigger immediate violence in the manner envisioned by Chaplinsky.

There are no doubt more conclusions to be drawn from Missouri v. Vaughn, and I hope to draw them in an article that my co-author Andrea Pinzon Garcia and I are rushing to complete. That article is currently called Coming to Terms with Cyberbullying as Crime, though the title is subject to change. Look for a link to it here or on SSRN before the end of the month.

 

Posted by Lyrissa Lidsky on June 9, 2012 at 04:29 PM in Constitutional thoughts, Criminal Law, First Amendment, Lyrissa Lidsky, Web/Tech | Permalink | Comments (1) | TrackBack

Thursday, June 07, 2012

The Virtual Honesty Box

As a fan of comic book art, I'm often thrilled to encounter areas where copyright or trademark law and comic books intersect. As is the case in other media, the current business models of comic book publishers and creators has been threatened by the ability of consumers to access their work online without paying for it. Many comic publishers are worried about easy migration of content from paying digital consumers to non-paying digital consumers. Of course, scans of comics have been making their way around the internet on, or sometimes before, a given comic's onsale date for some time now. As in other industries, publishers have dabbled with DRM, and publishers have enbraced different (and somewhat incompatible) methods for providing consumers with authorized content. Publishers' choices sometimes lead to problems with vendors and customers, as I discuss a bit below.

While services like Comixology offer a wide selection of content from most major comics publishers, they are missing chunks of both the DC Comics and Marvel Comics catalogues. DC entered a deal to distribute 100 of its graphic novels (think multi-issue collections of comic books) exclusively via Kindle. Marvel Comics subsequently struck a deal to offer "the largest selection of Marvel graphic novels on any device" to users of the Nook. 

Sometimes exclusive deals leave a bad taste in the mouths of other intermediaries. DCs graphic novels were pulled from Barnes & Noble shelves because the purveyor of the Nook was miffed. Independent publisher Top Shelf is an outlier, offering its books through every interface and intermediary it can. But to date, most publishers are trying to make digital work as a complement to, and not a replacement for, print.

Consumers are sometimes frustrated by a content-owner's choice to restrict access, so much so that they feel justified engaging in "piracy." (Here I define "piracy" as acquiring content through unauthorized channels, which will almost always mean without paying the content owner.) Some comics providers respond with completely open access. Mark Waid, for example, started Thrillbent Comics with the idea of embracing digital as digital, and in a manner similar to Cory Doctorow, embracing "piracy" as something that could drive consumers back to his authorized site, even if they didn't pay for the content originally.

I recently ran across another approach from comic creators Leah Moore and John Reppion. Like Mark Waid, Moore and Reppion have accepted, if not embraced, the fact that they cannot control the flow of their work through unauthorized channels, but they still assert a hope, if not a right, that they can make money from the sales of their work. To that end, they introduced a virtual "honesty box," named after the clever means of collecting cash from customers without monitoring the transaction. In essence, Moore and Reppion invite fans who may have consumed their work without paying for it to even up the karmic scales. This response strikes me as both clever and disheartening.

I'll admit my attraction to perhaps outmoded content-delivery systems -- I also have unduly fond memories of the 8-track cassette -- but I'm disheartened to hear that Moore and Reppion could have made roughly $5,500 more working minimum wage jobs last year. Perhaps this means that they should be doing something else, if they can't figure out a better way to monetize their creativity in this new environment. Eric Johnson, for one, has argued that we likely don't need legal or technological interventions for authors like Moore and Reppion in part because there are enough creative amateurs to fill the gap. The money in comics today may not be in comics at all, but in licensing movies derived from those comics. See, e.g., Avengers, the.

I hope Mark Waid is right, and that "piracy" is simply another form of marketing that will eventually pay greater dividends for authors than fighting piracy. And perhaps Moore and Reppion should embrace "piracy" and hope that the popularity of their work leads to a development deal from a major film studio. Personally, I might miss the days when comics were something other than a transparent attempt to land a movie deal.

As for the honesty box itself? Radiohead abandoned the idea with its most recent release, King of Limbs, after the name-your-price model adopted for the release of In Rainbows had arguably disappointing results: according to one report, 60% of consumers paid nothing for the album. I can't seen Moore and Reppion doing much better, but maybe if 40% of "pirates" kick in a little something into the virtual honesty box, that will be enough to keep Moore and Reppion from taking some minimum wage job where their talents may go to waste.

Posted by Jake Linford on June 7, 2012 at 09:00 AM in Books, Film, First Amendment, Information and Technology, Intellectual Property, Music, Property, Web/Tech | Permalink | Comments (3) | TrackBack

Thursday, May 31, 2012

A Coasean Look at Commercial Skipping...

Readers may have seen that DISH has sued the networks for declaratory relief (and was promptly cross-sued) over some new digital video recorder (DVR) functionality. The full set of issues is complex, so I want to focus on a single issue: commercials skipping. The new DVR automatically removes commercials when playing back some recorded programs. Another company tried this many years ago, but was brow-beaten into submission by content owners. Not so for DISH. In this post, I will try to take a look at the dispute from a fresh angle.

Many think that commercial skipping implicates derivative work rights (that is, transformation of a copyrighted work). I don't think so. The content is created separately from the commercials, and different commercials are broadcast in different parts of the country. The whole package is probably a compiliation of several works, but that compilation is unlikely to be registered with the copyright office as a single work. Also, copying the work of only one author in the compilation is just copying of the subset, not creating a derivative work of the whole.

So, if it is not a derivative work, what rights are at stake? I believe that it is the right to copy in the first place in a stored DVR file. This activity is so ubiquitous that we might not think of it as copying, but it is. The Copyright Act says that the content author has the right to decide whether you store a copy on your disk drive, absent some exception.

And there is an exception - namely fair use. In the famous Sony v. Universal Studios case, the Court held that "time shifting" is a fair use by viewers, and thus sellers of the VCR were not helping users infringe. Had the Court held otherwise, the VCR would have been enjoined as an agent of infringement, just like Grokster was.

I realize that this result is hard to imagine, but Sony was 5-4, and the initial vote had been in favor of finding infringement. Folks can debate whether Sony intended to include commercial skipping or not. At the time, remote controls were rare, so skipping a recorded commercial meant getting off the couch. It wasn't much of an issue. Even now, advertisers tolerate the fact that people usually fast forward through commercials, and viewers have always left the TV to go to the bathroom or kitchen (hopefully not at the same time!). 

But commercial skipping is potentially different, because there is zero chance that someone will stop to watch a catchy commercial or see the name of a movie in the black bar above the trailer as it zooms by. I don't intend to resolve that debate here. A primary reason I am skipping the debate is that fair use tends to be a circular enterprise. Whether a use is fair depends on whether it reduces the market possibilities for the owner. The problem is, the owner only has market possibilities if we say they do. For some things, we may not want them to have a market because we want to preserve free use. Thus, we allow copying via a DVR and VCR, even if content owners say they would like to charge for that right.

Knowing when we should allow the content owner to exploit the market and when we should allow users to take away a market in the name of fair use is the hard part. For this reason, I want to look at the issue through the lens of the Coase Theorem. Coase's idea, at its simplest, is that if parties can bargain (which I'll discuss below), then it does not matter with whom we vest the initial rights. The parties will eventually get to the outcome that makes each person best off given the options, and the only difference is who pays.

One example is smoking in the dorm room. Let's say that one person smokes and the other does not. Regardless of which roommate you give the right to, you will get the same amount of smoking in the room. The only difference will be who pays. If the smoker has the right to smoke, then the non-smoker will either pay the smoker to stop or will leave during smoking (or will negotiate a schedule). If you give the non-smoker the right to a smoke-free room, then the smoker will pay to smoke in the room, will smoke elswhere, or the parties will negotiate a schedule. Assuming non-strategic bargaining (hold-ups) and adequate resources, the same result will ensue because the parties will get to the level where the combination of their activities and their money make them the happiest. The key is to separate the analysis from normative views about smoking to determine who pays.

Now, let's apply this to the DVR context. If we give the right to skip commercials to the user, then several things might happen. Advertisers will advertise less or pay less for advertising slots. Indeed, I suspect that one reason why ads for the Super Bowl are so expensive, even in a down economy, is that not only are there a lot of viewers, but that those viewers are watching live and not able to skip commercials. In response, broadcasters will create less content, create cheaper content, or figure out other ways to make money (e.g. charging more for view on demand or DVDs). Refusing to broadcast unless users pay a fee is unlikely based on current laws. In short, if users want more and better content, they will have to go elsewhere to get it - paying for more channels on cable or satellite, paying for video on demand, etc. Or, they will just have less to watch.

If we give the right to stop commercial skipping to the broadcaster, then we would expect broadcasters will broadcast the mix they have in the past. Viewers will pay for the right to commercial skip. This can be done as it is now, through video on demand services like Netflix, but that's not the only model. Many broadcasters allow for downloading via the satellite or cable provider, which allows the content owner to disable fast forwarding. Fewer commercials, but you have to watch them. Or, in the future, users could pay a higher fee to the broadcaster for the right to skip commercials, and this fee would be passed on to content owners.

These two scenarios illustrate a key limit to the Coase Theorem. To get to the single efficient solution, transactions costs must be low. This means that the parties must be able to bargain cheaply, and there must be no costs or benefits that are being left out of the transaction (what we call externalities). Transactions costs are why we have to be careful about allocating pollution rights. The factory could pay a neighborhood for the right to pollute, but there are costs imposed on those not party to the transaction. Similarly, a neighborhood could pay a factory not to pollute, but difficulty coordinating many people is a transaction cost that keeps such deals from happening.

I think that transactions costs are high in one direction in the commercial skipping scenario, but not as much in the other. If the network has the right to stop skipping, there are low cost ways that content aggregators (satellite and cable) can facilitate user rights to commercial skip - through video on demand, surcharges, and whatnot. This apparatus is already largely in place, and there is at least some competition among content owners (some get DVDs out soon, some don't for example).

If, on the other hand, we vest the skipping right with users, then the ability for content owners to pay (essentially share their advertising revenues) with users is lower if they want to enter into such a transaction. Such a payment could be achieved, though, through reduced user fees for those who disable channel skipping. Even there, though, dividing among all content owners might be difficult.

Normatively, this feels a bit yucky. It seems wrong that consumers should pay more to content providers for the right to automate something they already have the right to do - skip commercials. However, we have to separate the normative from the transactional analysis - for this mind experiment, at least.

Commercials are a key part of how shows get made, and good shows really do go away if there aren't enough eyeballs on the commercials. Thus, we want there to be an efficient transaction that allows for metered advertising and content in a way that both users and networks get the benefit of whatever bargain they are willing to make.

There are a couple of other relevant factors that imply to me that the most efficient allocation of this right is with the network:

1. DISH only allows skipping after 1AM on the day the show is recorded. This no doubt militates in favor of fair use, because most people watch shows on the day they are recorded (or so I've read, I could be wrong). However, it also shows that the time at which the function kicks in can be moved, and thus negotiated and even differentiated among customers that pay different amounts. Some might want free viewing with no skipping, some might pay a large premium for immediate skipping. If we give the user the right to skip whenever, it is unlikely that broadcasters can pay users not to skip, and this means they are stuck in a world with maximum skipping - which kills negotiation to an efficient middle.

2. The skipping is only available for broadcast tv primetime recordings - not for recordings on "cable" channels, where providers must pay for content.  Thus, there appears to already be a payment structure in practice - DISH is allowing for skipping on some networks and not others, which implies that the structure for efficient payments are already in place. If, for example, DISH skipped commercials on TNT, then TNT would charge DISH more to carry content. The networks may not have that option due to "must carry" rules. I suspect this is precisely why DISH skips for broadcasters - because it can without paying.  In order to allow for bargaining however, given that networks can't charge more for DISH to carry content is to vest the right with networks and let the market take over.

These are my gut thoughts from an efficiency standpoint. Others may think of ways to allow for bargaining to happen by vesting rights with users. As a user, I would be happy to hear such ideas.

This is my last post for the month - time flies! Thanks to Prawfs again for having me, and I look forward to guest blogging in the future. As a reminder, I regularly blog at Madisonian.

Posted by Michael Risch on May 31, 2012 at 08:05 PM in Information and Technology, Intellectual Property, Legal Theory, Television, Web/Tech | Permalink | Comments (7) | TrackBack

Friday, May 11, 2012

App Enables Users to File Complaints of Airport Profiling

Following the terrorist attacks of September 11, 2001, Muslims and those perceived to be Muslim in the United States have been subjected to public and private acts of discrimination and hate violence.  Sikhs -- members of a distinct monotheistic religion founded in 15th century India -- have suffered the "disproportionate brunt" of this post-9/11 backlash.  There generally are two reasons for this.  The first concerns appearance: Sikh males wear turbans and beards, and this visual similiarity to Osama bin Laden and his associates made Sikhs an accessible and superficial target for post-9/11 emotion and scrutiny.  The second relates to ignorance: many Americans are unaware of Sikhism and of Sikh identity in particular. 

Accordingly, after 9/11, Sikhs in the United States have been murdered, stabbed, assaulted, and harassed; they also have faced discrimination in various contexts, including airports, the physical space where post-9/11 sensitivities are likely and understandably most acute.  The Sikh Coalition, an organization founded in the hours after 9/11 to advocate on behalf of Sikh-Americans, reported that 64% of Sikh-Americans felt that they had been singled-out for additional screening in airports and, at one major airport (San Francisco International), nearly 100% of turbaned Sikhs received additional screening. (A t-shirt, modeled here by Sikh actor Waris Ahluwalia and created by a Sikh-owned company, makes light of this phenomenon.)

In response to such "airport profiling," the Sikh Coalition announced the launch of a new app (Apple, Android), which "allows users to report instances of airport profiling [to the Transportation Security Administration (TSA)] in real time."  The Coalition states that the app, called "FlyRights," is the "first mobile app to combat racial profiling."  The TSA has indicated that grievances sent to the agency by way of the app will be treated as official complaints

News of the app's release has generated significant press coverage.  For example, the New York Times, ABC, Washington Post, and CNN picked up the app's announcement.  (Unfortunately, multiple outlets could not resist the predictable line, 'Profiled at the airport? There’s an app for that.')  Wade Henderson, president and CEO of The Leadership Conference on Civil and Human Rights and The Leadership Conference Education Fund, tweeted, "#FlyRights is a vanguard in civil and human rights."

It will be interesting to see whether this app will increase TSA accountability, quell profiling in the airport setting, and, more broadly, trigger other technological advances in the civil rights arena.

 

Posted by Dawinder "Dave" S. Sidhu on May 11, 2012 at 08:32 AM in Information and Technology, Religion, Travel, Web/Tech | Permalink | Comments (0) | TrackBack

Monday, May 07, 2012

Oracle v. Google - Round I jury verdict (or not)

The jury came back today with its verdict in round one of the epic trial between two giants: Oracle v. Google. This first phase was for copyright infringement. In many ways, this was a run of the mill case, but the stakes are something we haven't seen in a technology copyright trial in quite some time.

Here's the short story of what happened, as far as I can gather.

1. Google needed an application platform for its Android phones. This platform allows software developers to write programs (or "apps" in mobile device lingo) that will run on the phone.

2. Google decided that Sun's (now Oracle's) Java was the best way to go.

3. Google didn't want to pay Sun for a license to a "virtual machine" that would run on Android phones.

4. Google developed its own virtual machine that is compatible with the Java programming language. To do so, Google had to make "APIs" that were compatible with Java. These APIs are essentially modules that provide functionality on the phone based on a keywords (instructions) from a Java language computer program. For example, if I want to display "Hello World" on the phone screen, I need only call print("Hello World"). The API module has a bunch of hidden functionality that takes "Hello World" and sends it out to the display on the screen - manipulating memory, manipulating the display, etc.

5. The key dispute is just how much of the Java source code was copied, if any to create the Google version. 

The jury today held the following:

1. One small routine (9 lines) was copied directly - line for line. The court said no damages for this, but this finding will be relevant later

2. Google copied the "structure, sequence, and organization" of 37 Java API modules. I'll discuss what this means later.

3. There was no finding on whether the copying was fair use - the jury deadlocked.

4. Google did not copy any "documentation" including comments in the source code.

5. Google was not fooled into thinking it had a license from Sun.

To understand any of this, one must understand the levels of abstraction in computer code. Some options are as follows:

A. Line by line copying of the entire source code. 

B. Line by line paraphrasing of the source code (changing variable names, for example, but otherwise idential lines).

C. Copying of the structure, sequence and organization of the source code - deciding what functions to include or not, creative ways to implement them, creative ways to solve problems, creative ways to name and structure variables, etc.  (The creativity can't be based on functionality)

D. Copying of the functionality, but not the stucture, sequence and organization - you usually find this with reverse engineering or independent development

E. Copying of just the names of functions with similar functionality - the structure and sequence is the same, but only as far as the names go (like print, save, etc.). The Court ruled already that this is not protected.

F. Completely different functionality, including different structure, sequence, organization, names, and functionality.

Obviously F was out if Google wanted to maintain compatibility with the Java programming language (which is not copyrightable). 

So, Google set up what is often called a "cleanroom." The idea is not new - AMD famously set up a cleanroom to develop copyrighted aspects of its x86 compatible microprocessors back in the early 1990's. Like Google now (according to the jury), AMD famously failed to keep its cleanroom clean.

Here's how a cleanroom works. One group develops a specification of functionality for each of the API function names (which are, remember, not protected - people are allowed to make compatible programs using the same names, like print and save). Ideally, you do this through reverse engineering, but arguably it can be done by reading copyrighted specifications/manuals, and extracting the functionality. Quite frankly, you could probably use the original documentation as well, but it does not appear as "clean" when you do so.

Then, a second group takes the "pure functionality" description, and writes its own implementation. If it is done properly, you find no overlapping source code or comments, and no overlapping structure, sequence and organization. If there happens to be similar structure, sequence and organization, then the cleanroom still wins, because that similarity must have been dictated by functionality. After all, the whole point of the cleanroom is that the people writing the software could not copy because they did not have the original to copy from.

So, where did it all go wrong? There were a few smoking guns that the jury might have latched on to:

1. Google had some emails early on that said there was no way to duplicate the functionality, and thus Google should just take a license.

2. Some of the code (specifically, the 9 lines) were copied directly. While not big in itself, it makes one wonder how clean the team was.

3. The head of development noted in an email that it was a problem for the cleanroom people to have had Sun experience, but some apparently did.

4.  Oracle's expert testified (I believe) that some of the similarities were not based on functionality, or were so close as to have been copied. Google's expert, of course, said the opposite, and the jury made its choice. It probably didn't help Google that Oracle's expert came from hometown Stanford, while Google's came from far-away Duke.

So, the jury may have just discounted the Google cleanroom story, and believed Oracle's. And that's what it found. As someone who litigated many copyight cases between competing companies, this is not a shocking outcome. This issue will not doubt bring the copyright v. functionality issue to the forefront (as it did in Lotus v. Borland and Intel v. AMD), this stuff is bread and butter for most technology copyright lawyers. It's almost always factually determined. Only the scope of this case is different in my book - everything else looks like many cases I've litigated (and a couple that I've tried).

So, what happens now in the copyright phase?  (A trial on patent infringement started today.) Judge Alsup has two important decisions to make.

First, the court has to decide what to do with the fair use ruling. Many say that a mistrial is warranted since fair use is a question of fact and the jury deadlocked. I'm not so sure. The facts on fair use are not really disputed here - only the legal interpretation of them; my experience is that courts are more than willing to make a ruling one way or the other when copying is clear (as the jury now says it is). I don't know what the court will do, but my gut says no fair use here.  My experience is that failed cleanrooms fail fair use - it means that what was copied was more than pure functionality, and it is for commercial use with market substitution. The only real basis for fair use is that the material copied was pure functionality, and that's the next inquiry.

Second, the court must determine whether the structure, sequence, and organization of these APIs can be copyrightable, or whether they are pure functionality. I don't know the answer to that question. It will depend in large part on:

a. whether the structure, etc., copied was at a high level (e.g. structure of functions) or at a low level (e.g. line by line and function by function);

b. the volume of copied (something like 11,000 lines is at issue);

c. the credibility of the experts in testifying to how much of structure that is similar is functionally based.  On a related note, the folks over at groklaw think for the most part think this is not copyrightable. They have had tremendous coverage of this case.

I've been on both sides of this argument, and I've seen it go both ways, so I don't have any predictions. I do look forward to seeing the outcome, though. It has been a while since I've written about copyright law and computer software; this case makes me want to rejoin the fray.

Posted by Michael Risch on May 7, 2012 at 08:07 PM in Information and Technology, Intellectual Property, Web/Tech | Permalink | Comments (1) | TrackBack

Thursday, March 22, 2012

Wired, and Threatened

I have a short op-ed on how technology provides both power and peril for journalists over at JURIST. Here's the lede:
Journalists have never been more empowered, or more threatened. Information technology offers journalists potent tools to gather, report and disseminate information — from satellite phones to pocket video cameras to social networks. Technological advances have democratized reporting... Technology creates risks along with capabilities however... [and] The arms race of information technology is not one-sided.

Posted by Derek Bambauer on March 22, 2012 at 02:11 PM in Current Affairs, First Amendment, Information and Technology, International Law, Web/Tech | Permalink | Comments (0) | TrackBack

Wednesday, February 08, 2012

Criminalizing Cyberbullying and the Problem of CyberOverbreadth

In the past few years, reports have attributed at least fourteen teen suicides to cyberbullying. Phoebe Prince of Massachusetts, Jamey Rodemeyer of New York, Megan Meier of Missouri, and Seth Walsh of California are just some of the children who have taken their own lives after being harassed online and off.

These tragic stories are a testament to the serious psychological harm that sometimes results from cyberbullying, defined by the National Conference of State Legislatures as the "willful and repeated use of cell phones, computers, and other electronic communications devices to harass and threaten others." Even when victims survive cyberbullying, they can suffer psychological harms that last a lifetime. Moreover, an emerging consensus suggests that cyberbullying is reaching epidemic proportions, though reliable statistics on the phenomenon are hard to come by. Who, then, could contest that the social problem of cyberbullying merits a legal response?

In fact, a majority of states already have legislation addressing electronic harassment in some form, and fourteen have legislation that explicitly uses the term cyberbullying. (Source: here.) What's more, cyber-bullying legislation has been introduced in six more states: Georgia, Illinois, Kentucky, Maine, Nebraska, and New York. A key problem with much of this legislation, however, is that legislators have often conflated the legal definition of cyberbullying with the social definition. Though understandable, this tendency may ultimately produce legislation that is unconstitutional and therefore ineffective at remedying the real harms of cyberbullying.

Consider, for instance, a new law proposed just last month by New York State Senator Jeff Klein (D- Bronx) and Congressman Bill Scarborough. Like previous cyberbullying proposals, the New York bill was triggered by tragedy. The proposed legislation cites its justification as the death of 14-year-old Jamey Rodemeyer, who committed suicide after being bullied about his sexuality. Newspaper accounts also attribute the impetus for the legislation to the death of Amanda Cummings, a 15 year old New York teen who committed suicide by stepping in front of a bus after she was allegedly bullied at school and online. In light of these terrible tragedies, it is easy to see why New York legislators would want to take a symbolic stand against cyberbullying and join the ranks of states taking action against it.

The proposed legislation (S6132-2011) begins modestly enough by "modernizing" pre-existing New York law criminalizing stalking and harassment. Specifically, the new law amends various statutes to make clear that harassment and stalking can be committed by electronic as well as physical means. More ambitiously, the new law increases penalties for cyberbullying of "children under the age of 21," and broadly defines the activity that qualifies for criminalization under the act. The law links cyberbullying with stalking, stating that "a person is guilty of stalking in the third degree when he or she intentionally, and for no legitimate purpose, engages in a course of conduct directing electronic communication at a child [ ], and knows or reasonably should know that such conduct: (a) causes reasonable fear of material harm to the physical health, safety or property of such child; or (b) causes material harm to the physical health, emotional health, safety or property of such child." (emphasis mine) Even a single communication to multiple recipients about (and not necessarily to) a child can constitute a "course of conduct" under the statute.

Like the sponsors of this legislation, I deplore cyber-viciousness of all varieties, but I also condemn the tendency of legislators to offer well intentioned but sloppily drafted and constitutionally suspect proposals to solve pressing social problems. In this instance, the legislation opts for a broad definition of cyberbullying based on legislators' desires to appear responsive to the cyberbullying problem. The broad statutory definition (and perhaps resorting to criminalization rather than other remedies) creates positive publicity for legislators, but broad legal definitions that encompass speech and expressive activities are almost always constitutionally overbroad under the First Amendment.

Again, consider the New York proposal. The mens rea element of the offensive requires only that a defendant "reasonably should know" that "material harm to the . . . emotional health" of his target will result, and it is not even clear what constitutes "material harm." Seemingly, therefore, the proposed statute could be used to prosecute teen girls gossiping electronically from their bedrooms about another teen's attire or appearance. Likewise, the statute could arguably criminalize a Facebook posting by a 20-year-old college student casting aspersions on his ex-girlfriend. In both instances, the target of the speech almost certainly would be "materially" hurt and offended upon learning of it, and the speakers likely should reasonably know such harm would occur. Just as clearly, however, criminal punishment of "adolescent cruelty," which was a stated justification of the legislation, is an unconstitutional infringement on freedom of expression.

Certainly the drafters of the legislation may be correct in asserting that "[w]ith the use of cell phones and social networking sites, adolescent cruelty has been amplified and shifted from school yards and hallways to the Internet, where a nasty, profanity-laced comment, complete with an embarrassing photo, can be viewed by a potentially limited [sic] number of people, both known and unknown." They may also be correct to assert that prosecutors need new tools to deal with a "new breed of bully." Neither assertion, however, justifies ignoring the constraints of First Amendment law in drafting a legislative response. To do so potentially misdirects prosecutorial resources, misallocates taxpayer money that must be devoted to passsing and later defending an unconstitutional law, and block the path toward legal reforms that would address cyberbullying more effectively.

With regard to criminal law, a meaningful response to cyberbullying--one that furthers the objectives of deterrence and punishment of wrongful behavior--would be precise and specific in defining the targeted conduct. A meaningful response would carefully navigate the shoals of the First Amendment's protection of speech, acknowledging that some terrible behavior committed through speech must be curtailed through educating, socializing, and stigmatizing perpetrators rather than criminalizing and censoring their speech.

Legislators may find it difficult to address all the First Amendment ramifications of criminalizing cyberbullying, partly because the term itself potentially obscures analysis. Cyberbullying is an umbrella term that covers a wide variety of behaviors, including threats, stalking, harassment, eavesdropping, spoofing (impersonation), libel, invasion of privacy, fighting words, rumor-mongering, name-calling, and social exclusion. The First Amendment constraints on criminalizing the speech behavior involved in cyberbullying depends on which category of speech behavior is involved. Some of these behaviors, such as issuing "true threats" to harm another person or taunting them with "fighting words," lie outside the protection of the First Amendment. (See Virginia v. Black and Chaplinsky v. New Hampshire; but see R.A.V and my extended analysis here.). Some other behaviors that may cause deep emotional harm, such as name-calling, are just as clearly protected by the First Amendment in most contexts. (Compare, e.g., Cohen v. California with FCC v. Pacifica).

But context matters profoundly in determining the scope of First Amendment protection of speech. Speech in schools and workplaces can be regulated in ways that speech in public spaces cannot (See, e.g., Bethel School Dist. No. 403 v. Fraser). Even within schools, the speech of younger minors can be regulated in ways that speech of older minors cannot (Cf. Hazelwood with Joyner v. Whiting (4th Cir)) , and speech that is part of the school curriculum can be regulated in ways that political speech cannot. (Compare, e.g., Tinker with Hazelwood). Outside the school setting, speech on matters of public concern receives far more First Amendment protection than speech dealing with other matters, even when such speech causes tremendous emotional upset. (See Snyder v. Phelps). But speech targeted at children likely can be regulated in ways that speech targeted at adults cannot, given the high and possibly compelling state interest in protecting the well-being of at least younger minors. (But see Brown v. Ent. Merchants Ass'n). Finally, even though a single instance of offensive speech may be protected by the First Amendment, the same speech repeated enough times might become conduct subject to criminalization without exceeding constitutional constraints. (See Pacifica and the lower court cases cited here).

Any attempt to use criminal law to address the social phenomenon should probably start with the jurisprudential question of which aspects of cyberbullying are best addressed by criminal law, which are best addressed by other bodies of law, and which are best left to non-legal control. Once that question is answered, criminalization of cyberbullying should proceed by identifying the various forms cyberbullying can take and then researching the specific First Amendment constraints, if any, on criminalizing that form of behavior or speech. This approach should lead legislators to criminalize only particularly problematic forms of narrowly defined cyberbullying, such as . While introducing narrow legislation of this sort may not be as satisfying as criminalizing "adolescent cruelty," it is far more likely to withstand constitutional scrutiny and become a meaningful tool to combat serious harms.

Proposals to criminalize cyberbullying often seem to proceed from the notion that we will know it when we see it. In fact, most of us probably will: we all recognize the social problem of cyberbullying, defined as engaging in electronic communication that transgresses social norms and inflicts emotional distress on its targets. But criminal law cannot be used to punish every social transgression, especially when many of those transgressions are committed through speech, a substantial portion of which may be protected by the First Amendment.

[FYI: This blog post is the underpinning of a talk I'm giving at the Missouri Law Review's Symposium on Cyberbullying later in the week, and a greatly expanded and probably significantly changed version will ultimately appear in the Missouri Law Review, so I'd particularly appreciate comments. In the article, I expect to create a more detailed First Amendment guide for conscientious lawmakers seeking to regulate cyberbullying. I am especially excited about the symposium because it includes mental health researchers and experts as well as law professors. Participants include Barry McDonald (Pepperdine), Ari Waldman (Cal. Western), John Palfrey (Berkman Center at HLS), Melissa Holt (B.U.), Mark Small (Clemson), Philip Rodkin (U. Ill.), Susan P. Limber (Clemson), Daniel Weddle (UMKC), and Joew Laramie (consultant/former direction of Missouri A.G. Internet Crimes Against Children Taskforce).]

Posted by Lyrissa Lidsky on February 8, 2012 at 08:37 AM in Constitutional thoughts, Criminal Law, Current Affairs, First Amendment, Information and Technology, Lyrissa Lidsky, Web/Tech | Permalink | Comments (8) | TrackBack

Monday, December 19, 2011

Breaking the Net

Mark Lemley, David Post, and Dave Levine have an excellent article in the Stanford Law Review Online, Don't Break the Internet. It explains why proposed legislation, such as SOPA and PROTECT IP, is so badly-designed and pernicious. It's not quite clear what is happening with SOPA, but it appears to be scheduled for mark-up this week. SOPA has, ironically, generated some highly thoughtful writing and commentary - I recently read pieces by Marvin Ammori, Zach Carter, Rebecca MacKinnon / Ivan Sigal, and Rob Fischer.

There are two additional, disturbing developments. First, the public choice problems that Jessica Litman identifies with copyright legislation more generally are manifestly evident in SOPA: Rep. Lamar Smith, the SOPA sponsor, gets more campaign donations from the TV / movie / music industries than any other source. He's not the only one. These bills are rent-seeking by politically powerful industries; those campaign donations are hardly altruistic. The 99% - the people who use the Internet - don't get a seat at the bargaining table when these bills are drafted, negotiated, and pushed forward. 

Second, representatives such as Mel Watt and Maxine Waters have not only admitted to ignorance about how the Internet works, but have been proud of that fact. They've been dismissive of technical experts such as Vint Cerf - he's only the father of TCP/IP - and folks such as Steve King of Iowa can't even be bothered to pay attention to debate over the bill. I don't mind that our Congresspeople are not knowledgeable about every subject they must consider - there are simply too many - but I am both concerned and offended that legislators like Watt and Waters are proud of being fools. This is what breeds inattention to serious cybersecurity problems while lawmakers freak out over terrorists on Twitter. (If I could have one wish for Christmas, it would be that every terrorist would use Twitter. The number of Navy SEALs following them would be... sizeable.) It is worrisome when our lawmakers not only don't know how their proposals will affect the most important communications platform in human history, but overtly don't care. Ignorance is not bliss, it is embarrassment.

Cross-posted at Info/Law.

Posted by Derek Bambauer on December 19, 2011 at 01:49 PM in Blogging, Constitutional thoughts, Corporate, Current Affairs, Film, First Amendment, Information and Technology, Intellectual Property, Law and Politics, Music, Property, Television, Web/Tech | Permalink | Comments (1) | TrackBack

Wednesday, December 14, 2011

Six Things Wrong with SOPA

America is moving to censor the Internet. The PROTECT IP and Stop Online Piracy Acts have received considerable attention in the legal and tech world; SOPA's markup in the House occurs tomorrow. I'm not opposed to blacklisting Internet sites on principle; however, I think that thoughtful procedural protections are vital to doing so in a legitimate way. Let me offer six things that are wrong with SOPA and PROTECT IP: they harm cybersecurity, are wildly overbroad and vague, enable unconstitutional prior restraint, undercut American credibility on Internet freedom, damage a well-working system for online infringement, and lack any empirical justification whatsoever. And, let me address briefly Floyd Abrams's letter in support of PROTECT IP, as it is frequently adverted to by supporters of the legislation. (The one-word summary: "sellout." The longer summary: The PROTECT IP letter will be to Abrams' career what the Transformersmovie was to that of Orson Welles.)

  1. Cybersecurity - the bills make cybersecurity worse. The most significant risk is that they impede - in fact, they'd prevent - the deployment of DNSSEC, which is vitally important to reducing phishing, man-in-the-middle attacks, and similar threats. Technical experts are unanimous on this - see, for example, Sandia National Laboratories, or Steve CrockerPaul Vixie / Dan Kaminsky et al. Idiots, like the MPAA's Michael O'Leary, disagree, and simply assert that "the codes change." (This is what I call "magic elf" thinking: we can just get magic elves to change the Internet to solve all of our problems. Congress does this, too, as when it includes imaginary age-verifying technologies in Internet legislation.) Both bills would mandate that ISPs redirect users away from targeted sites, to government warning notices such as those employed in domain name seizure cases. But, this is exactly what DNSSEC seeks to prevent - it ensures that the only content returned in response to a request for a Web site is that authorized by the site's owner. There are similar problems with IP-based redirection, as Pakistan's inadvertent hijacking of YouTube demonstrated. It is ironic that at a time when the Obama administration has designated cybersecurity as a major priority, Congress is prepared to adopt legislation that makes the Net markedly less secure.
  2. Wildly overbroad and vague- the legislation (particularly SOPA) is a blunderbuss, not a scalpel. Sites eligible for censoring include those:
    •  
      • primarily designed or operated for copyright infringement, trademark infringement, or DMCA § 1201 infringement
      • with a limited purpose or use other than such infringement
      • that facilitate or enable such infringement
      • that promote their use to engage in infringement
      • that take deliberate actions to avoid confirming high probability of such use

    If Flickr, Dropbox, and YouTube were located overseas, they would plainly qualify. Targeting sites that "facilitate or enable" infringement is particularly worrisome - this charge can be brought against a huge range of sites, such as proxy services or anonymizers. User-generated content sites are clearly dead. And the vagueness inherent in these terms means two things: a wave of litigation as courts try to sort out what the terminology means, and a chilling of innovation by tech startups.

  3. Unconstitutional prior restraint - the legislation engages in unconstitutional prior restraint. On filing an action, the Attorney General can obtain an injunction that mandates blocking of a site, or the cutoff of advertising and financial services to it - before the site's owner has had a chance to answer, or even appear. This is exactly backwards: the Constitution teaches that the government cannot censor speech until it has made the necessary showing, in an adversarial proceeding - typically under strict scrutiny. Even under the more relaxed, intermediate scrutiny that characterizes review of IP law, censorship based solely on the government's say-so is forbidden. The prior restraint problem is worsened as the bills target the entire site via its domain name, rather than focusing on individualized infringing content, as the DMCA does. Finally, SOPA's mandatory notice-and-takedown procedure is entirely one-sided: it requires intermediaries to cease doing business with alleged infringers, but does not create any counter-notification akin to Section 512(g) of the DMCA. The bills tilt the table towards censorship. They're unconstitutional, although it may well take long and expensive litigation to demonstrate that.
  4. Undercuts America's moral legitimacy - there is an irreconciliable tension between these bills and the position of the Obama administration - especially Secretary of State Hillary Clinton - on Internet freedom. States such as Iran also mandate blocking of unlawful content; that's why Iran blocked our "virtual embassy" there. America surrenders the rhetorical and moral advantage when it, too, censors on-line content with minimal process. SOPA goes one step farther: it permits injunctions against technologies that circumvent blocking - such as those funded by the State Department. This is fine with SOPA adherents; the MPAA's Chris Dodd is a fan of Chinese-style censorship. But it ought to worry the rest of us, who have a stake in uncensored Internet communication.
  5. Undercuts DMCA - the notice-and-takedown provisions of the DMCA are reasonably well-working. They're predictable, they scale for both discovering infringing content and removing it, and they enable innovation, such as both YouTube itself and YouTube's system of monetizing potentially infringing content. The bills shift the burden of enforcement from IP owners - which is where it has traditionally rested, and where it belongs - onto intermediaries. SOPA in particular increases the burden, since sites must respond within 5 days of a notification of claimed infringement, with no exception for holidays or weekends. The content industries do not like the DMCA. That is no evidence at all that it is not functioning well.
  6. No empirical evidence - put simply, there is no empirical data suggesting these bills are necessary. The content industries routinely throw around made-up numbers, but they have been frequently debunked. How important are losses from foreign sites that are beyond the reach of standard infringement litigation, versus losses from domestic P2P networks, physical infringement, and the like? Data from places like Switzerland suggests that losses are, at best, minimal. If Hollywood wants America to censor the Internet, it needs to make a convincing case based on actual data, and not moronic analogies to stealing things off trucks. The bills, at their core, are rent-seeking: they would rewrite the law and alter fundamentally Internet free expression to benefit relatively small yet politically powerful industries. (It's no shock two key Congressional aides who worked on the legislation have taken jobs in Hollywood - they're just following Mitch Glazier, Dan Glickman, and Chris Dodd through the revolving door.) The bills are likely to impede innovation by the far larger information technology industry, and indeed to drive some economic activity in IT offshore.

The bills are bad policy and bad law. And yet I expect one of them to pass and be signed into law. Lastly, the Abrams letter: Noted First Amendment attorney Floyd Abrams wrote a letter in favor of PROTECT IP. Abrams's letter is long, but surprisingly thin on substantive legal analysis of PROTECT IP's provisions. It looks like advocacy, but in reality, it is Abrams selling his (fading) reputation as a First Amendment defender to Hollywood. The letter rehearses standard copyright and First Amendment doctrine, and then tries to portray PROTECT IP as a bill firmly in line with First Amendment jurisprudence. It isn't, as Marvin Ammori and Larry Tribe note, and Abrams embarrasses himself by pretending otherwise. Having the government target Internet sites for pre-emptive censorship, and permitting them to do so before a hearing on the merits, is extraordinary. It is error-prone - look at Dajaz1 and mooo.com. And it runs afoul of not only traditional First Amendment doctrine, but in particular the current Court's heightened protection of speech in a wave of cases last term. Injunctions affecting speech are different in character than injunctions affecting other things, such as conduct, and even the cases that Abrams cites (such as Universal City Studios v. Corley) acknowledge this. According to Abrams, the constitutionality of PROTECT IP is an easy call. That's only true if you're Hollywood's sockpuppet. Thoughtful analysis is far harder.

Cross-posted at Info/Law.

Posted by Derek Bambauer on December 14, 2011 at 09:07 PM in Constitutional thoughts, Culture, Current Affairs, Film, First Amendment, Information and Technology, Intellectual Property, Law and Politics, Music, Property, Web/Tech | Permalink | Comments (1) | TrackBack

Tuesday, December 06, 2011

Revisiting the Scary CFAA

Last April, I blogged about the Nosal case, which led to the scary result that just about any breach of contract on the internet can potentially be a criminal access to a protected computer. I discuss the case in extensive detail in that post, so I won't repeat it here. The gist is that employees who had access to a server in their ordinary course of work were held to have exceeded their authorization when they accessed that same server with the intent of funneling information out to a competitive ex-employee. The scary extension is that anyone breaching a contract with a web provider might then be considered to be accessing the web server in excess of authorization, and therefore committing a crime.

I'm happy to report that Nosal is now being reheard in the Ninth Circuit. I'm hopeful that the court will do something to rein in the case.

I think most of my colleagues agree with me that the broad interpretation of the statute is a scary one. Where some depart, though, is on the interpretive question. As you'll see in the comments to my last post, there is some disagreement about how to interpret the statute and whether it is void for vagueness. I want to address some of the continuing disagreement after the jump.

I think there are three ways to look at Nosal:

    1. The ruling was right, and the extension to all web users is fine (ouch);

    2. The ruling was right as to the Nosal parties, but should not be extended to all web users; and

    3. The ruling was not right as to the Nosal parties, and also wrong as to all web users.

I believe where I diverge from many of my cyberlaw colleagues is that I fall into group two. I hope to explain why, and perhaps suggest a way forward. Note that I'm not a con law guy, and I'm not a crim law guy, but I am a internet statute guy, so I call the statutory interpretation like I see it.

I want to focus on the notion of authorization. The statute at issue, the Computer Fraud and Abuse Act (or CFAA)  outlaws obtaining information from networked computers if one "intentionally accesses a computer without authorization or exceeds authorized access."

Orin Kerr, a leader in this area, wrote a great post yesterday that did two things. First, it rejected tort based tresspass rules like implied consent as too vague for a criminal statute. On this, I agree. Second, it defined "authorization" with respect to other criminal law treatment of consent. In short, the idea is if you consent to access in the first place, then doing bad things in violation of the promises made is does not mean lack of consent to access. On this, I agree as well.

But here's the rub: the statute says "without authorization or exceeds authorized access." And this second phrase has to mean something. The goal, for me at least, is that it covers the Nosal case but not the broad range of activity on the internet. Professor Kerr, I suspect, would say that the only way to do that is for it to be vague, and if so, then the statute must be vague.

I'm OK with the court going that way, but here's my problem with the argument. The statute isn't necessarily vague. Let's say that the scary broad interpretation fron Nosal means that every breach of contract is now a criminal act on the web. That's not vague. Breach a contract, then you're liable; there's no wondering whether you have committed a crime or not. 

Of course, the contract might be vague, but that's a factual issue that can be litigated. It is not unheard of to have a crime based on failure to live up to an agreement to do something. A dispute about what the agreement was is not the same as being vague. Does that mean I like it? No. Does that mean it's crazy overbroad? Yes. Does that mean everyone's at risk and someone should do something about this nutty statute? Absolutely.

Now, here is where some vagueness comes in - only some breaches lead to exceeded access, and some don't. How are we to decide which is which? The argument Professor Kerr takes on is tying it to trespass, and I agree that doesn't work.

So, I return to my suggestion from several months ago - we should look to the terms of authorization of access to see whether they have been exceeded. This means that if you are an employee who accesses information for a purpose you know is not authorized, then you are exceeding authorization. It also means that if the terms of service on a website say explicitly that you must be truthful about your age or you are not authorized to access the site, then you are unauthorized. And that's not always an unreasonable access limitation.  If there were a kids only website that excluded adults, I might well want to criminalize access obtained by people lying about their age. That doesn't mean all access terms are reasonable, but I'm not troubled by that from a statutory interpretation standpoint.

I'm sure one can attack this as vague - it won't always be clear when a term is tied to authorization. But then again, if it is not a clear term of authorization, the state shouldn't be able to prove that authorization was exceeded. This does mean that snoops all over and people who don't read web site terms (me included) are at risk for violating terms of access we never saw or agreed to. I don't like that part of the law, and it should be changed. I'm fine with making it more limiting in ways that Professor Kerr and others have suggested.

But I don't know that it is invalid as vague - there are lots of things that may be illegal that people don't even know are on the books. Terms of service, at least, people have at least some chance of knowing and choose not to. That doesn't mean it isn't scary, because I don't see behavior (including my own) changing anytime soon.

Posted by Michael Risch on December 6, 2011 at 05:18 PM in Information and Technology, Web/Tech | Permalink | Comments (8) | TrackBack

Sunday, November 27, 2011

Threading the Needle

Imagine that Ron Wyden fails: either PROTECT IP or SoPA / E-PARASITE passes and is signed into law by President Obama. Advocacy groups such as the EFF would launch an immediate constitutional challenge to the bill’s censorship mandates. I believe the outcome of such litigation is far less certain than either side believes. American censorship legislation would keep lots of lawyers employed (always a good thing in a down economy), and might generate some useful First Amendment jurisprudence. Let me sketch three areas of uncertainty that the courts would have to resolve, and that improve the odds that such a bill would survive.

First, how high is the constitutional barrier to the legislation? Both bills look like systems of prior restraint, which loads the government with a “heavy presumption” against their constitutionality . The Supreme Court’s jurisprudence in the two most relevant prior cases, Reno v. ACLU and Ashcroft v. ACLU, applied strict scrutiny: laws must serve a compelling government interest, and be narrowly tailored to that interest. This looks bad for the state, but wait: we’re dealing with laws regulating intellectual property, and such laws draw intermediate scrutiny at most. This is what I call the IP loophole in the First Amendment. Copyright law, for example, enjoys more lenient treatment under free speech examination because the law has built-in safeguards such as fair use, the idea-expression dichotomy, and the (ever-lengthening) limited term of rights.

Moreover, it’s not certain that the bills even regulate speech. Here, I mean “speech” in its First Amendment sense, not the colloquial one. Burning one’s draft card at a protest seems like speech to most of us – the anti-war message is embodied within the act – but the Supreme Court views it as conduct. And conduct can be regulated so long as the government meets the minimal strictures of rational review. The two bills focus on domain name filtering – they impede users from reaching certain on-line material, but formally limit only the conversion of domain name to IP address by an Internet service provider. (I’m skipping over the requirement that search engines de-list such sites, which is a much clearer case of regulating speech.) DNS lookups seem akin to conduct, although the Court’s precedent in this area is hardly a model of lucidity. (Burning the American flag = speech; burning a draft card = conduct. QED.) Other courts have struggled, most notably in the context of the anti-circumvention provisions of the Digital Millennium Copyright Act, to categorize domain names as speech or not-speech, and thus far have found a kind of Hegelian duality to them. That suggests an intermediate level of scrutiny, which would resonate with the IP loophole analysis above.

Second, who has standing? It seems that our plaintiffs would need to find a site that conceded it met the definition of a site “dedicated to the theft of U.S. property.” That seems hard to do until filtering begins – at which point whatever ills the legislation creates will have materialized. (It might also expose the site to suits from affected IP owners.) Perhaps Internet service providers could bring a challenge based on either third-party standing (on behalf of their users, if we think users’ rights are implicated, or the foreign sites) or their own speech interests. However, I think it’s unlikely that users would have standing, particularly given the somewhat dilute harm of being unable to reach material on allegedly infringing sites. And, as described above, it’s not clear that ISPs have a speech interest at all: domain name services simply may be conduct. 

Finally, how can we distinguish E-PARASITE or PROTECT IP from similar legislation that passes constitutional muster? Section 1201 of the DMCA, for example, permits liability to be imposed not only on those who make tools for circumventing access controls available, but even on those who knowingly link to such tools on-line. The government can limit distribution of encryption technology – at least as object code – overseas, by treating it as a munition. And thus far, the federal government has been able to seize domain names under civil forfeiture provisions, with nary a quibble from the federal courts.

To be plain: I think both bills are terrible legislation. They’re certain to damage America’s technology innovation industries, which are the crown jewels of our economy and our future competitiveness. They turn over censorship decisions to private actors with no interest whatsoever in countervailing values such as free expression or, indeed, anything other than their own profit margins. And their procedural protections are utterly inadequate – in my view. But I think it is possible that these bills may thread the constitutional needle, particularly given the one-way ratchet of copyright protection before the federal courts. The decision in Ashcroft, for instance, found that end user filtering was a narrower alternative than the Children’s Online Protection Act. But end user filtering doesn’t work when the person installing the software is not a parent concerned about on-line filth, but one eager to download infringing movies. And that means that legislation may escape narrowness analysis as well. As I wrote in Orwell’s Armchair:

focusing only on content that is clearly unlawful – such as child pornography, obscenity, or intellectual property infringement – has constitutional benefits that can help a statute survive. These categories of material do not count as “speech” for First Amendment analysis, and hence the government need not satisfy strict scrutiny in attacking them. Recent bills seem to show that legislators have learned this lesson – the PROTECT IP Act, for example, targets only those Web sites with “no significant use other than engaging in, enabling, or facilitating” IP infringement. Banning only unprotected material could move censorial legislation past overbreadth objections.

So: the outcome of any litigation is not only highly uncertain, but more uncertain than free speech advocates believe. Please paint a more hopeful story for me, and tell me why I’m wrong.

Cross-posted at Info/Law.

 

Posted by Derek Bambauer on November 27, 2011 at 08:37 PM in Civil Procedure, Constitutional thoughts, Current Affairs, First Amendment, Information and Technology, Intellectual Property, Law and Politics, Web/Tech | Permalink | Comments (0) | TrackBack

Monday, November 21, 2011

How Not To Secure the Net

In the wake of credible allegations of hacking of a water utility, including physical damage, attention has turned to software security weaknesses. One might think that we'd want independent experts - call them whistleblowers, busticati, or hackers - out there testing, and reporting, important software bugs. But it turns out that overblown cease-and-desist letters still rule the day for software companies. Fortunately, when software vendor Carrier IQ attempted to misstate IP law to silence security researcher Trevor Eckhart, the EFF took up his cause. But this brings to mind three problems.

First, unfortunately, EFF doesn't scale. We need a larger-scale effort to represent threatened researchers. I've been thinking about how we might accomplish this, and would invite comments on the topic.

Second, IP law's strict liability, significant penalties, and increasing criminalization can create significant chilling effects for valuable security research. This is why Oliver Day and I propose a shield against IP claims for researchers who follow the responsible disclosure model.

Finally, vendors really need to have their general counsel run these efforts past outside counsel who know IP. Carrier IQ's C&D reads like a high school student did some basic Wikipedia research on copyright law and then ran the resulting letter through Google Translate (English to Lawyer). If this is the aptitude that Carrier IQ brings to IP, they'd better not be counting on their IP portfolio for their market cap.

When IP law suppresses valuable research, it demonstrates, in Oliver's words, that lawyers have hacked East Coast Code in a way it was not designed for. Props to EFF for hacking back.

Cross-posted at Info/Law.

Posted by Derek Bambauer on November 21, 2011 at 09:33 PM in Corporate, Current Affairs, First Amendment, Information and Technology, Intellectual Property, Science, Web/Tech | Permalink | Comments (2) | TrackBack

Friday, November 18, 2011

A Soap Impression of His Wife

As I previewed earlier this week, I want to talk about the copyright implications for 3D printers. A 3D printer is a device that can reproduce a 3-dimensional object by spraying layers of plastic, metal, or ceramic into a given shape. (I imagine the process smelling like those Mold-a-Rama plastic souvenir vending machines prevalent in many museums, a thought simultaneously nostalgic and sickening). Apparently, early adopters are already purchasing the first generation of 3D printers, and there are websites like Thingiverse where you can find plans for items you can print in your home, like these Tardis salt shakers.*

Tardis salt shakers

Perhaps unsurprisingly, there can be copyright implications. A recent NY Times blog post correctly notes that the 3D printer is primarily suited to reproduce what § 101 of the Copyright Act calls "useful articles," physical objects that have "an intrinsic utilitarian function," and which, by definition, receive no copyright protection...except when they do. 

 A useful article can include elements that are protectable as a "pictorial, graphic, [or] sculptural work." The elements are protectable to the extent "the pictorial, graphic, or sculptural features...can be identified separately from, and are capable of existing independently of, the utilitarian aspects of the article." There are half a dozen tests courts have employed to determine whether protectable features can be separated from utilitarian aspects. Courts have rejected copyright protection for mannequin torsos and the ubiquitous ribbon bike rack, but granted it for belt buckles with ornamental elements that were not a necessary part of a functioning belt.

Carol Vaquero 1


Print out a "functional" mannequin torso (or post your plans for it on the internet) and you should have no trouble. Post a schematic for the Vaquero belt buckle, and you may well be violating the copyright protection in the sculptural elements. But even that can be convoluted. The case law is mixed on how to think about 2D works derived from 3Dworks, and vice versa. A substantially similar 3D work can infringe a 2D graphic or pictorial work (Ideal Toy Corp. v. Kenner Prods. Div., 443 F. Supp. 291 (S.D.N.Y. 1977)), but constructing a building without permission from protectable architectural plans was not infringement, prior to a recent revision to the Copyright Act. Likewise, adrawing of a utilitarian item might be protectable as a drawing, but does not grant the copyright holder the right to control the manufacture of the item.

And if consumers are infringing, there is a significant risk that the manufacturer of the 3D printer could be vicariously or contributorily liable for that infringement. The famous Sony decision, which insulated the distribution of devices capable of commercially significant noninfringing uses, even if they could also be used for copyright infringement, has been narrowed both by recent Grokster filesharing decision and by the DMCA anticircumvention provisions. The easy, but unsatisfying takeaway is that 3D printers will keep copyright lawyers employed for years to come.

Back to the Tardis shakers, for a moment: the individual who posted them to the Thingiverse noted that the shaker "is derivative of thingiverse.com/thing:1528 and thingiverse.com/thing:12278", a Tardis sculpture and the lid of bottle, respectively. I found this striking for two reasons. First, it suggests a custom of attribution on thingiverse, but I don't yet have a sense for whether it's widespread. Second, if either of those first things are protectable as copyrighted works, (which seems more likely for the Tardis sculpture, and less so for the lid) then the Tardis salt shaker may be an unauthorized, and infringing, derivative work, and the decision to offer attribution perhaps unwise in retrospect.

* The TARDIS is the preferred means of locomotion of Doctor Who, the titular character of the long-running BBC science fiction program. It's a time machine / space ship disguised as a 1960s-era London police call box. The shape of the TARDIS, in its distinctive blue color, is protected by three registered trademarks in the UK.

 

Posted by Jake Linford on November 18, 2011 at 09:00 AM in Information and Technology, Intellectual Property, Television, Web/Tech | Permalink | Comments (0) | TrackBack

Thursday, November 17, 2011

Choosing Censorship

Yesterday, the House of Representatives held hearings on the Stop Online Piracy Act (it's being called SOPA, but I like E-PARASITE tons better). There's been a lot of good coverage in the media and on the blogs. Jason Mazzone had a great piece in TorrentFreak about SOPA, and see also stories about how the bill would re-write the DMCA, about Google's perspective, and about the Global Network Initiative's perspective.

My interest is in the public choice aspect of the hearings, and indeed the legislation. The tech sector dwarfs the movie and music industries economically - heck, the video game industry is bigger. Why, then, do we propose to censor the Internet to protect Hollywood's business model? I think there are two answers. First, these particular content industries are politically astute. They've effectively lobbied Congress for decades; Larry Lessig and Bill Patry among others have documented Jack Valenti's persuasive powers. They have more lobbyists and donate more money than companies like Google, Yahoo, and Facebook, which are neophytes at this game. 

Second, they have a simpler story: property rights good, theft bad. The AFL-CIO representative who testified said that "the First Amendment does not protect stealing goods off trucks." That is perfectly true, and of course perfectly irrelevant. (More accurately: it is idiotic, but the AFL-CIO is a useful idiot for pro-SOPA forces.) The anti-SOPA forces can wheel to a simple argument themselves - censorship is bad - but that's somewhat misleading, too. The more complicated, and accurate, arguments are that SOPA lacks sufficient procedural safeguards; that it will break DNSSEC, one of the most important cybersecurity moves in a decade; that it fatally undermines our ability to advocate credibly for Internet freedom in countries like China and Burma; and that IP infringement is not always harmful and not always undesirable. But those arguments don't fit on a bumper sticker or the lede in a news story.

I am interested in how we decide on censorship because I'm not an absolutist: I believe that censorship - prior restraint - can have a legitimate role in a democracy. But everything depends on the processes by which we arrive at decisions about what to censor, and how. Jessica Litman powerfully documents the tilted table of IP legislation in Digital Copyright. Her story is being replayed now with the debates over SOPA and PROTECT IP: we're rushing into decisions about censoring the most important and innovative medium in history to protect a few small, politically powerful interest groups. That's unwise. And the irony is that a completely undemocratic move - Ron Wyden's hold, and threatened filibuster, in the Senate - is the only thing that may force us into more fulsome consideration of this measure. I am having to think hard about my confidence in process as legitimating censorship.

Cross-posted at Info/Law.

Posted by Derek Bambauer on November 17, 2011 at 09:15 PM in Constitutional thoughts, Corporate, Culture, Current Affairs, Deliberation and voices, First Amendment, Information and Technology, Intellectual Property, Music, Property, Web/Tech | Permalink | Comments (9) | TrackBack

Tuesday, November 15, 2011

You Say You Want a Revolution

Two potentially revolutionary "disruptive technologies" were back in the news this week. The first is ReDigi, a marketplace for the sale of used "legally downloaded digital music." For over 100 years, copyright law has included a first sale doctrine, which says I can transfer "lawfully made" copy* (a material object in which a copyrighted work is fixed) by sale or other means, without permission of the copyright owner. The case law is codified at 17 U.S.C. § 109.

ReDigi says its marketplace falls squarely within the first sale limitation on the copyright owner's right to distribute, because it verifies that copies are "from a legitimate source," and it deletes the original from all the seller's devices. The Recording Industry Association of America has objected to ReDigi's characterization of the fair use claim on two primary grounds,** as seen in this cease and desist letter.

First, as ReDigi describes its technology, it makes a copy for the buyer, and deletes the original copy from the computer of the seller. The RIAA finds fault with the copying. Section 109 insulates against liability for unauthorized redistribution of a work, but not for making an unauthorized copy of a work. Second, the RIAA is unpersuaded there are ReDigi can guarantee that sellers are selling "lawfully made" digital files. ReDigi's initial response can be found here

At a first cut, ReDigi might find it difficult to ever satisfy the RIAA that it was only allowing the resale of lawfully made digital files. Whether it can satisfy a court is another matter. It might be easier for an authorized vendor, like iTunes or Kindle, to mark legitimate copies going forward, but probably not to detect prior infringement.

Still, verifying legitimate copies may be easier than shoehorning the "copy and delete" business model into the language of § 109. Deleting the original and moving a copy seems in line with the spirit of the law, but not its letter. Should that matter? ReDigi attempts to position itself as close as technologically possible to the framework spelled out in the statute, but that's a framework designed to handle the sale of physical objects that embody copyrightable works.

This is not the only area where complying with statutory requirements can tie businesses in knots. Courts have consistently struggled with how to think about digital files. In London-Sire Records v. Does, the court had to puzzle out whether a digital file can be a material object and thus a copy* distributed in violation of § 106(3). The policy question is easy to articulate, if reasonable minds still differ about the answer: is the sale and distribution of digital files something we want the copyright owner to control or not?

As a statutory matter, the court in London-Sire concluded that material didn't mean material in its sense as "a tangible object with a certain heft," but instead "as a medium in which a copyrighted work can be 'fixed.'" This definition is, of course, driven by the statute: copyright subsists once an original work of authorship is fixed in a tangible medium of expression from which it can be reproduced, and the Second Circuit has recently held in the Cablevision case that a work must also be fixed -- embodied in a copy or phonorecord for a period of more than transitory duration -- for infringement to occur. Policy intuitions may be clear, but fitting the solution in the statutory language sometimes is not. And a business model designed to fit existing statutory safe harbors might do things that appear otherwise nonsensical, like Cablevision's decision to keep individual copies of digital videos recorded by consumers on its servers, to avoid copyright liability.

Potentially even more disruptive is the 3D printer, prototypes of which already exist in the wild, and which I will talk more about tomorrow.

* Technically, a digital audio file is a phonorecord, and not a copy, but that's a distinction without a difference here.

** The RIAA also claims that ReDigi violates the exclusive right of public performance by playing 30 second samples of members' songs on its website, but that's not a first sale issue.

Posted by Jake Linford on November 15, 2011 at 04:22 PM in Information and Technology, Intellectual Property, Music, Web/Tech | Permalink | Comments (1) | TrackBack

Thursday, November 10, 2011

Cyber-Terror: Still Nothing to See Here

Cybersecurity is a hot policy / legal topic at the moment: the SEC recently issued guidance on cybersecurity reporting, defense contractors suffered a spear-phishing attack, the Office of the National Counterintelligence Executive issued a report on cyber-espionage, and Brazilian ISPs fell victim to DNS poisoning. (The last highlights a problem with E-PARASITE and PROTECT IP: if they inadvertently encourage Americans to use foreign DNS providers, they may worsen cybersecurity problems.) Cybersecurity is a moniker that covers a host of problems, from identity theft to denial of service attacks to theft of trade secrets. The challenges are real, and there are many of them. That's why it is disheartening to see otherwise knowledgeable experts focusing on chimerical targets.

For example, Eugene Kaspersky stated at the London Cyber Conference that "we are close, very close, to cyber terrorism. Perhaps already the criminals have sold their skills to the terrorists - and then...oh, God." FBI executive assistant director Shawn Henry said that attacks could "paralyze cities" and that "ultimately, people could die." Do these claims hold up? What, exactly, is it that cyber-terrorists are going to do? Engage in identity theft? Steal U.S. intellectual property? Those are somewhat worrisome, but where is the "terror" part? Terrorists support malevolent activities with all sorts of crimes. But that's "support," not "terror." Hysterics like Richard Clarke spout nonsense about shutting down air traffic control systems or blowing up power plants, but there is precisely zero evidence that even nation-states can do this sort of thing, let alone small, non-state actors. The "oh, God" part of Kaspersky's comment is a standard rhetorical trope in the apocalyptic discussions of cybersecurity. (I knock these down in Conundrum, coming out shortly in Minnesota Law Review.) And paralyzing a city isn't too hard: snowstorms do it routinely. The question is how likely such threats are to materialize, and whether the proposed answers (Henry thinks we should build a new, more secure Internet) make any sense.

There are at least two plausible reasons why otherwise rational people spout lurid doomsday scenarios instead of focusing on the mundane, technical, and challenging problems of networked information stores. First, and most cynically, they can make money from doing so. Kaspersky runs an Internet security company; Clarke is a cybersecurity consultant; former NSA director Mike McConnell works for a law firm that sells cybersecurity services to the government. I think there's something to this, but I'm not ready to accuse these people of being venal. I think a more likely explanation flows from Paul Ohm's Myth of the Superuser: many of these experts have seen what truly talented hackers can do, given sufficient time, resources, and information. They then extrapolate to a world where such skills are commonplace, and unrestrained by ethics, social pressures, or sheer rational actor deterrence. Combine that with the chance to peddle one's own wares, or books, to address the problems, and you get the sum of all fears. Cognitive bias matters.

The sky, though, is not falling. Melodrama won't help - in fact, it distracts us from the things we need to do: to create redundancy, to test recovery scenarios, to deploy more secure software, and to encourage a culture of testing (the classic "hacking"). We are not going to deploy a new Internet. We are not going to force everyone to get an Internet driver's license. Most cybersecurity improvements are going to be gradual and unremarkable, rather than involving Bruce Willis and an F-35. Or, to quote Frank Drebin, "Nothing to see here, please disperse!" Cross-posted at Info/Law.

Posted by Derek Bambauer on November 10, 2011 at 03:53 PM in Criminal Law, Current Affairs, Information and Technology, International Law, Web/Tech | Permalink | Comments (1) | TrackBack

Tuesday, November 08, 2011

Incendiary Speech and Social Media: An Essay

A draft of my essay, Incendiary Speech and Social Media, is now available on ssrn.  The abstract is below:

Incidents illustrating the incendiary capacity of social media have rekindled concerns about the "mismatch" between existing doctrinal categories and new types of dangerous speech. This Essay examines two such incidents, one in which an offensive tweet and YouTube video led a hostile audience to riot and murder, and the other in which a blogger urged his nameless, faceless audience to murder federal judges. One incident resulted in liability for the speaker, even though no violence occurred; the other did not lead to liability for the speaker even though at least thirty people died as a result of his words. An examination of both incidents reveals flaws in existing First Amendment doctrines. In particular, this examination raises questions about whether underlying assumptions made by current doctrine concerning how audiences respond to incitement, threats, or fighting words are confounded by the new reality social media create.

Posted by Lyrissa Lidsky on November 8, 2011 at 10:35 AM in Article Spotlight, Constitutional thoughts, Criminal Law, First Amendment, Lyrissa Lidsky, Web/Tech | Permalink | Comments (3) | TrackBack

Saturday, November 05, 2011

De-lousing E-PARASITE

The House of Representatives is considering the disturbingly-named E-PARASITE Act. The bill, which is intended to curb copyright infringment on-line, is similar to the Senate's PROTECT IP Act, but much much worse. It's as though George Lucas came out with the director's cut of "The Phantom Menace," but added in another half-hour of Jar Jar Binks

As with PROTECT IP, the provisions allowing the Attorney General to obtain a court order to block sites that engage in criminal copyright violations are, in theory, less objectionable. But they're quite problematic in their particulars. Let me give three examples.

First, the orders not only block access through ISPs, but also require search engines to de-list objectionable sites. That not only places a burden on Google, Bing, and other search sites, but it "vaporizes" (to use George Orwell's term) the targeted sites until they can prove they're licit. That has things exactly backwards: the government must prove that material is unlawful before restraining it. This aspect of the order is likely constitutionally infirm.

Second, the bill attacks circumvention as well: MAFIAAFire and its ilk become unlawful immediately. Filtering creep is inevitable: you have to target circumvention, and the scope of circumvention targeted widens with time. Proxy services like Anonymizer are likely next.

Finally, commentators have noted that the bill relies on DNS blocking, but they're actually underestimating its impact. The legislation says ISPs must take "technically feasible and reasonable measures designed to prevent access by its subscribers located within the United States" to Web sites targeted under the bill, "including measures designed to prevent the domain name of the foreign infringing site (or portion thereof) from resolvingto that domain name's Internet protocol address." The definitional section of the bill says that "including" does not mean "limited to." In other words, if an ISP can engage in technically feasible, reasonable IP address blocking or URL blocking - which is increasingly possible with providers who employ deep packet inspection - it must do so. The bill, in other words, targets more than the DNS.

On the plus side, the bill does provide notice to users (the AG must specify text to display when users try to access the site), and it allows for amended orders to deal with the whack-a-mole problem of illegal content evading restrictions by changing domain names or Web hosting providers.

The private action section of the bill is extremely problematic. Under its provisions, YouTube is clearly unlawful, and neither advertising or payment providers would be able to transact business with it. The content industry doesn't like YouTube - see the Viacom litigation - but it's plainly a powerful and important innovation. This part of E-PARASITE targets sites "dedicated to the theft of U.S. property." (Side note: sorry, it's not theft. This is a rhetorical trope in the IP wars, but IP infringement simply is not the same as theft. Theft deals with rivalrous goods. In addition, physical property rights do not expire with time. If this is theft, why aren't copyright and patent expirations a regulatory taking? Why not just call it "property terrorism"?)

So, what defines such a site? It is:

  1. "primarily designed or operated for the purpose of, has only limited purpose or use other than, or is marketed by its operator or another acting in concert with that operator for use in, offering goods or services in a manner that engages in, enables, or facilitates" violations of the Copyright Act, Title I of the Digital Millennium Copyright Act, or anti-counterfeiting laws; or,
  2. "is taking, or has taken, deliberate actions to avoid confirming a high probability of the use of the U.S.-directed site to carry out the acts that constitute a violation" of those laws; or, 
  3. the owner "operates the U.S.-directed site with the object of promoting, or has promoted, its use to carry out acts that constitute a violation" of those laws.

That is an extraordinarily broad ambit. Would buying keywords, for example, that mention a popular brand constitute a violation? And how do we know what a site is "primarily designed for"? YouTube seems to have limited purpose or use other than facilitating copyright infringement. Heck, if the VCR were a Web site, it'd be unlawful, too. 

The bill purports to establish a DMCA-like regime for such sites: the IP owner provides notice, and the site's owner can challenge via counter-notification. But the defaults matter here, a lot: payment providers and advertisers must cease doing business with such sites unless the site owner counter-notifies, and even then, the IP owner can obtain an injunction to the same effect. Moreover, to counter-notify, a site owner must concede jurisdiction, which foreign sites will undoubtedly be reluctant to do. (Litigating in the U.S. is expensive, and the courts tend to be friendly towards local IP owners. See, for example, Judge Crotty's slipshod opinion in the Rojadirecta case.)

I've argued in a new paper that using direct, open, and transparent methods to censor the Internet is preferable to our current system of "soft" censorship via domain name seizures and backdoor arm-twisting of private firms, but E-PARASITE shows that it's entirely possible for hard censorship to be badly designed. The major problem is that it outsources censorship decisions to private companies. Prior restraint is an incredibly powerful tool, and we need the accountability that derives from having elected officials make these decisions. Private firms have one-sided incentives, as we've seen with DMCA take-downs

In short, the private action measures make it remarkably easy for IP owners to cut off funding for sites to which they object. These include Torrent tracker sites, on-line video sites, sites that host mash-ups, and so forth. The procedural provisions tilt the table strongly towards IP owners, including by establishing very short time periods by which advertisers and payment providers have to comply. Money matters: WikiLeaks is going under because of exactly these sort of tactics. 

America is getting into the Internet censorship business. We started down this path to deal with pornographic and obscene content; our focus has shifted to intellectual property. I've argued that this is because IP legislation draws lower First Amendment scrutiny than other speech restrictions, and interest groups are taking advantage of that loophole. It's strange to me that Congress would damage innovation on the Internet - only the most powerful communications medium since words on paper - to protect movies and music, which are relatively small-scale in the U.S. economy. But, as always with IP, the political economy matters. 

I predict that a bill like PROTECT IP or E-PARASITE will become law. Then, we'll fight out again what the First Amendment means on the Internet, and then the myth of America's free speech exceptionalism on-line will likely be dead.

Cross-posted at Info/Law.

Posted by Derek Bambauer on November 5, 2011 at 05:06 PM in Civil Procedure, Constitutional thoughts, Culture, Current Affairs, First Amendment, Information and Technology, Intellectual Property, Law and Politics, Music, Property, Web/Tech | Permalink | Comments (4) | TrackBack

Thursday, November 03, 2011

Why Don't We Do It In the Road?

In that White Album gem, "Why Don't We Do It In the Road?", Paul McCartney insinuated that whatever "it" was wouldn't matter because "no one will be watching us." The feeling of being watched can change the way in which one engages in an activity. Often, perceiving one's own behavior clearly is an essential step in changing that behavior.  

I've thought about this lately as I've tried to become more productive in my writing, and I'm drawn to resources that help me externalize my monitoring procress. There are various commitment mechanisms out there, which I've lumped roughly into three groups. Some are designed to make me more conscious of my own obligation to write. Other mechanisms are designed to bring outsiders on board, inviting /forcing me to give an account of my productivity or lack thereof to others. And some, like StickK, combine the second with the means to penalize me if I fail to perform.

Should I need tricks to write? Perhaps not, but even with the best of intentions, it's easy to get waylaid by the administrative and educational requirements of the job. Commitment mechanisms help me remember why I want to fill those precious moments of downtime with writing. Below the fold I'll discuss some methods I've tried in that first category, and problems that make them less than optimal for my purposes. Feel free to include your suggestions and experiences here, as well. Also note that over at Concurring Opinions, Kaimipono Wenger has started the first annual National Article Finishing Month, a commitment mechanism I have not yet tried (but just might). In subsequent posts, I'll tackle socializing techniques and my love / hate relationship with StickK.

Perhaps like many of you, I find the Internet to be a two-edged sword. While I can be more productive because so many resources are at my fingertips, I also waste too much time surfing the webs. I've tried commitment mechanisms that shut down the internet, but have so far found them lacking. I've tried Freedom, which kills the entire internet for a designated period of time. That's helpful to an extent, although I store my documents on Dropbox, so my work moves with me from home to office without the need to keep track of a usb drive. While Dropbox should automatically synch once Freedom stops running, I've found that hasn't been as smooth as I hoped. This in turn makes me hesitant to rely on Freedom.

What makes me even more hesitant to use Freedom is that I have to reboot my computer to get back to the internet every other time I use it. If you are not saving your work to the cloud, you may see that as a feature and not a bug.

I turned next to StayFocusd, a Chrome App that allows me to pick and choose websites to block. Stay Focusd reminds me when I'm out of free browsing time with a pop-up that dominates the screen, with a mild scold, like "Shouldn't you be working?" If you are the type to use multiple browsers for different purposes, however, Stay Focusd is only a Firefox window away from being relatively ineffectual.

The self-monitoring tool I've liked the best so far is Write or Die. You set the amount of time you want to write, the words you propose to generate, and you start writing. As I set it, if you stop typing for more than 10 seconds, the program makes irritating noises (babies crying, horns honking, etc.) until you start typing again. Write or Die is great for plowing through a first draft quickly, but is less effective if the goal is to refine text. This is part because the interface gives you bare bones text. I'm too cheap to download the product, which has more bells and whistles than the free online version (like the ability to italicize text). In addition, in the time it takes to think about the line I'm rewriting, the babies begin to howl again. 

So, what commitment mechanisms do you use when you don't feel like writing?

 

Posted by Jake Linford on November 3, 2011 at 09:00 AM in Information and Technology, Life of Law Schools, Web/Tech | Permalink | Comments (0) | TrackBack

Wednesday, October 26, 2011

How Baseball Made Me a Pirate

Major League Baseball has made me a pirate, with no regrets.

Nick Ross, on Australia's ABC, makes "The Case for Piracy." His article argues that piracy often results, essentially, from market failure: customers are willing to pay content owners for access to material, and the content owners refuse - because they can't be bothered to serve that market or geography, because they are trying to force consumers onto another platform, or because they are trying to leverage interest in, say, Premier League matches as a means of getting cable customers to buy the Golf Network. The music industry made exactly these mistakes before the combination of Napster and iTunes forced them into better behavior: MusicNow and Pressplay were expensive disasters, loaded with DRM restrictions and focused on preventing any possible re-use of content rather than delivering actual value. TV content owners are now making the same mistake.

Take, for example, MLB. I tried to purchase a plan to watch the baseball playoffs on mlb.com - I don't own a TV, and it's a bit awkward to hang out at the local pub for 3 hours. MLB didn't make it obvious how to do this. Eventually, I clicked a plan that indicated it would allow me to watch the entire postseason for $19.99, and gladly put in my credit card number.

My mistake. It turns out that option is apparently for non-U.S. customers. I learned this the hard way when I tried to watch an ALDS game, only to get... nothing. No content, except an ad that tried to get me to buy an additional plan. That's right, for my $19.99, I receive literally nothing of value. When I e-mailed MLB Customer Service to try to get a refund, here's the answer I received: "Dear Valued Subscriber: Your request for a refund in connection with your 2011 MLB.TV Postseason Package subscription has been denied in accordance with the terms of your purchase." Apparently the terms allow fraud.

Naturally, I'm going to dispute the charge with my credit card company. But here's the thing: I love baseball. I would gladly pay MLB to watch the postseason on-line. And yet there's no way to do so, legally. In fact, apparently the only people who can are folks outside the U.S. And if you try to give them your money anyway, they'll take it, and then tell you how valued you are. But you're not.

So, I'm finding ways to watch MLB anyway. If you have suggestions or tips, offer 'em in the comments - there must be a Rojadirecta for baseball. And next season, when I want to watch the Red Sox, that's the medium I'll use - not MLB's Extra Innings. MLB has turned me into a pirate, with no regrets.

Cross-posted at Info/Law.

Posted by Derek Bambauer on October 26, 2011 at 07:48 PM in Criminal Law, Culture, Information and Technology, Intellectual Property, International Law, Music, Odd World, Sports, Television, Web/Tech | Permalink | Comments (34) | TrackBack

Thursday, October 20, 2011

Policing Copyright Infringement on the Net

Mark Lemley has a smart editorial up at Law.com on the hearings at the Second Circuit Court of Appeals in Viacom v. YouTube. The question is, formally, one of interpreting Title II of the Digital Millennium Copyright Act (17 U.S.C. 512), and determining whether YouTube meets the statutory requirements for immunity from liability. But this is really a fight about how much on-line service providers must do to police, or protect against, copyright infringement. Mark, and the district court in the case, think that Congress answered this question rather clearly: services such as YouTube need to respond promptly to notifications of claimed infringement, and to avoid business models where they profit directly from infringement. The fact that a site attracts infringing content (which YouTube indubitably does) can't wipe out the safe harbor, because then the DMCA would be a nullity. It may be that the burden of policing copyrights should fall more heavily on services such as YouTube than it currently does. But, if that's the case, Viacom should be lobbying Congress, not the Second Circuit. I predict a clean win for YouTube.

Posted by Derek Bambauer on October 20, 2011 at 05:52 PM in Corporate, Current Affairs, Information and Technology, Intellectual Property, Music, Web/Tech | Permalink | Comments (0) | TrackBack

Monday, October 17, 2011

The Myth of Cyberterror

UPI's article on cyberterrorism helpfully states the obvious: there's no such thing. This is in sharp contrast to the rhetoric in cybersecurity discussions, which highlights purported threats from terrorists to the power grid, the transportation system, and even the ability to play Space Invaders using the lights of skyscrapers. It's all quite entertaining, except for 2 problems: 1) perception frequently drives policy, and 2) all of these risks are chimerical. Yes, non-state actors are capable of defacing Web sites and even launching denial of service attacks, but that's a far cry from train bombings or shootings in hotels

The response from some quarters is that, while terrorists do not currently have the capability to execute devastating cyberattacks, they will at some point, and so we should act now. I find this unsatisfying. Law rarely imposes large current costs, such as changing how the Internet's core protocols run, to address remote risks of uncertain (but low) incidence and uncertain magnitude. In 2009, nearly 31,000 people died in highway car crashes, but we don't require people to drive tanks. (And, few people choose to do so, except for Hummer employees.)

Why, then, the continued focus on cyberterror? I think there are four reasons. First, terror is the policy issue of the moment: connecting to it both focuses people's attention and draws funding. Second, we're in an age of rapid and constant technological change, which always produces some level of associated fear. Few of us understand how BGP works, or why its lack of built-in authentication creates risk, and we are afraid of the unknown. Third, terror attacks are like shark attacks. We are afraid of dying in highly gory or horrific fashion, rather than basing our worries on actual incidence of harm (compare our fear of terrorists versus our fear of bad drivers, and then look at the underlying number of fatalities in each category). Lastly, cybersecurity is a battleground not merely for machines but for money. Federal agencies, defense contractors, and software companies all hold a stake in concentrating attention on cyber-risks and offering their wares as a means of remediating them.

So what should we do at this point? For cyberterror, the answer is "nothing," or at least nothing that we wouldn't do anyway. Preventing cyberattacks by terrorists, nation states, and spies all involve the same things, as I argue in Conundrum. But: this approach gets called "naive" with some regularity, so I'd be interested in your take...

Posted by Derek Bambauer on October 17, 2011 at 04:43 PM in Criminal Law, Current Affairs, Information and Technology, International Law, Law and Politics, Science, Web/Tech | Permalink | Comments (7) | TrackBack

Friday, October 14, 2011

Behind the Scenes of Six Strikes

Wired has a story on the cozy relationship between content industries and the Obama administration, which resulted in the deployment of the new "six strikes" plan to combat on-line copyright infringement. Internet security and privacy researcher Chris Soghoian obtained e-mail communication between administration officials and industry via a Freedom of Information Act (FoIA) request. (Disclosure: Jonathan Askin and I represent Chris in his appeal regarding this FoIA request.) The e-mails demonstrate vividly what everyone suspected: Hollywood - in the form of the music and movie industries - has an administration eager to be helpful, including by pressuring ISPs. Stay tuned.

Posted by Derek Bambauer on October 14, 2011 at 11:10 AM in Blogging, Culture, Current Affairs, Film, Information and Technology, Intellectual Property, Judicial Process, Law and Politics, Music, Web/Tech | Permalink | Comments (0) | TrackBack

Thursday, October 13, 2011

The Pirates' Code

There have been a number of attempts to alter consumer norms about copyright infringement (especially those of teenagers). The MPAA has its campaigns; the BSA has its ferret; and now New York City has a crowdsourced initiative to design a new public service announcement. At first blush, the plan looks smart: rather than have studio executives try to figure out what will appeal to kids (Sorcerer's Apprentice, anyone?), leave it to the kids themselves.

On further inspection, though, the plan seems a bit shaky. First, it's not actually a NYC campaign: the Bloomberg administration is sockpuppeting for NBC Universal. Second, why is the City even spending scarce taxpayer funds on this? Copyright enforcement is primarily private, although the Obama administration is lending a helping hand. Third, is this the most effective tactic? It seems more efficient to go after the street vendors who sell bootleg DVDs, for example - I can buy a Blockbuster Video store's worth of movies just by walking out the front door of my office. 

Yogi Berra (or was it Niels Bohr?) said that the hardest thing to predict is the future. And the hardest thing about norms is changing them. Larry Lessig's New Chicago framework not only points to the power of norms regulation (along the lines of Bob Ellickson), but suggests that norms are effectively free - no one has to pay to enforce them. This makes them attractive as a means of regulation. The problem, though, is that norms tend to be resistant to overt efforts to shift them. Think of how long it took to change norms around smoking - a practice proven to kill you - and you'll appreciate the scope of the challenge. The Bloomberg administration should save its resources for moving snow this winter...

Posted by Derek Bambauer on October 13, 2011 at 06:52 PM in Film, Information and Technology, Intellectual Property, Music, Property, Television, Web/Tech | Permalink | Comments (5) | TrackBack

Monday, October 10, 2011

Spying, Skynet, and Cybersecurity

The drones used by the U.S. Air Force have been infected by malware - reportedly, a program that logs the commands transmitted from the pilots' computers at a base in Nevada to the drones flying over Iraq and Afghanistan. This has led to comparisons to Skynet, particularly since the Terminators' network was supposed to become self-aware in April. While I think we don't yet need to stock up on robot-sniffing dogs, the malware situation is worrisome, for three reasons.

First, the military is aware of the virus's presence, but is reportedly unable to prevent it from re-installing itself even after they clean off the computers' drives. Wired reports that re-building the computers is time-consuming. That's undoubtedly true, but cyber-threats are an increasing part of warfare, and they'll soon be ubiquitous. I've argued that resilience is a critical component of cybersecurity. The Department of Defense needs to assume that their systems will be compromised - because they will - and to plan for recovery. Prevention is impossible; remediation is vital.

Second, the malware took hold despite the air gap between the drones' network and the public Internet. The idea of separate, isolated networks is a very attractive one in security, but it's false comfort. In a world where flash drives are ubiquitous, where iPods can store files, and where one can download sensitive data onto a Lady Gaga CD, information will inevitably cross the gap. Separation may be sensible as one security measure, but it is not a panacea.

Lastly, the Air Force is the branch of the armed forces currently in the lead in terms of cyberspace and cybersecurity initiatives. If they can't solve this problem, do we want them taking the lead on this new dimension of the battlefield?

It's not clear how seriously the drones' network has been compromised - security breaches have occurred before. But cybersecurity is difficult. We saw the first true cyberweapon in Stuxnet, which damaged Iran's nuclear centrifuges and set back its uranium enrichment program. That program too looked benign, on first inspection. Let's hope the program here is closer to Kyle Reese than a T-1000.

Posted by Derek Bambauer on October 10, 2011 at 05:55 PM in Information and Technology, International Law, Web/Tech | Permalink | Comments (2) | TrackBack

Tuesday, October 04, 2011

America Censors the Internet

If you're an on-line poker player, a fan of the Premier League, or someone who'd like to visit Cuba, you probably already know this. Most people, though, aren't aware that America censors the Internet. Lawyers tend to believe that a pair of Supreme Court cases, Reno v. ACLU (1997) and Ashcroft v. ACLU (2004), permanently interred government censorship of the Net in the U.S. Not so.

In a new paper, Orwell's Armchair (forthcoming in the University of Chicago Law Review), I argue that government censors retain a potent set of tools to block disfavored on-line content, from using unrelated laws (like civil forfeiture statutes) as a pretext to paying intermediaries to filter to pressuring private actors into blocking. These methods are not only indirect, they are less legitimate than overt, transparent regulation of Internet content. In the piece, I analyze the constraints that exist to check such soft censorship, and find that they are weak at best. So, I argue, if we're going to censor the Internet, let's be clear about it: the paper concludes by proposing elements of a prior restraint statute for on-line content that could both operate legitimately and survive constitutional scrutiny. 

Jerry Brito of George Mason University's Mercatus Center kindly interviewed me about the issues the article raises for his Surprisingly Free podcast. It's worth a listen, even though my voice is surprisingly annoying.

Cross-posted at Info/Law.

Posted by Derek Bambauer on October 4, 2011 at 06:14 PM in Civil Procedure, Constitutional thoughts, Current Affairs, First Amendment, Information and Technology, Intellectual Property, Law and Politics, Web/Tech | Permalink | Comments (3) | TrackBack

Friday, July 29, 2011

A Plan for Forking Wikipedia to Provide a Reliable Secondary Source on Law

Wikipedia_rate_this_page

Recently Wikipedia rolled out a feedback feature (example at right) that allows readers to rate the page they are looking at. You can give the page a score from one to five in each of four categories: Trustworthy, Objective, Complete, and Well-written. Then, there's an optional box you can check that says "I am highly knowledgeable about this topic."

This may be good for flagging pages that need work. But, of course, Wikipedia's trustworthiness problem is not going to be solved by anonymous users, self-declared to be "highly knowledgeable," deeming articles to be trustworthy.

I do think, however, that if you forked Wikipedia to create a version with an authenticated expert editorship, then the ratings could evolve Wikipedia content into being a credible source. In fact, I think it could work well for articles on law.

"Forking," for software developers, means taking an open-source project and spliting off a version that is then developed separately. The open-source license specifically allows you to do this. Forking a project is not always productive, but I think it could be useful in creating an encyclopedia-type reference about the law that is both trustworthy and freely available.

There's a real need for such material in the legal sphere. Right now, there seems to be an accessibility/credibility trade off with secondary sources of legal information: Wikipedia is accessible, but not credible. Traditional binder sets are credible, but not very accessible – using them is generally either expensive (in terms of subscriptions fees) or burdensome (via a trip to the nearest law library).

If, however, you could take Wikipedia and apply credibility on top of it, you would have a secondary source that is both credible and accessible.

Imagine grabbing all the Wikipedia pages about law – which at this point are generally very well developed – and then, while continuing to make them viewable to the public, locking them so that only authenticated lawyers and law students could edit them. These expert editors could then correct errors where they find them. Where they don't find errors, they could click a box indicating trustworthiness. As time went on, pages would have errors weeded out, and trustworthiness scores would accumulate.

Trustworthiness ratings on pages editable only by experts would relieve the need for internal citations. Right now, the Wikipedia community pushes hard for citations in articles. Citations are important in the Wikipedia context because of the lack of credentials on the part of the writers. But if pages were only editable by authenticated lawyers, then cumulative positive ratings would make pages more reliable even without citations.

Admittedly, a forked version of Wikipedia edited by lawyers and law students would not replace the big binder sets. The depth of the material, at least as it stands now, is too limited. Wikipedia, even if reliable, wouldn't help a trust-and-estates lawyer with trust and estates. But if it were imbued with trustworthiness, Wikipedia content does have enough depth to be useful for lawyers orienting themselves to an unfamiliar field of law. Likewise, it has enough detail for non-lawyers who are looking to gain a general understanding of some specific doctrinal topic. 

So, what do you think? It would be fairly easy to put together from a technical perspective, but would it be worthwhile? Do you think people with legal knowledge would contribute by removing errors and scoring pages? Or would a forked law wiki sit fallow? (I do notice there are lots of lawyers participating actively on Quora, crafting very good answers to individual questions.)

Maybe it would work in other fields aside from law, as well. It does seem to me, though, that law is a particularly good subject for forking.

Posted by Eric E. Johnson on July 29, 2011 at 05:55 PM in Information and Technology, Intellectual Property, Web/Tech | Permalink | Comments (4) | TrackBack

Tuesday, July 26, 2011

NPR's Take on Patents: Politicizing Litigation

I absolutely adore the NPR program This American Life.  I wait for the new episode every weekend.  I laugh.  I cry.  I congratulate myself for donating to WBEZ Chicago.  But I must say that I was disappointed by this week's episode, When Patents Attack.  Perhaps disappointed is the wrong word, but definitely puzzled.

The episode was reported by Laura Sydell and Alex Blumberg who is also a co-host of Planet Money -- an NPR podcast I like so much that I have assigned several episodes to my International Business Transactions students.  The hour-long episode is devoted to the evils of patent trolls and the destructive litigation that they bring.  

Now, I'm not an IP attorney, so I'll try to steer clear of commenting on the story from a patents perspective.  But what I found interesting about the reporting was the political take.  The reporters begin and end from an unapologetic stance that patent litigation is destructive (and believe me, there is no love for lawyers in this story).  They are entirely dismissive of the idea that patents in the high-tech world promote and protect innovation.  This is a perfectly reasonable position to take -- I've seen it done plenty in scholarly commentary and the mainstream press.  I've also seen the opposing position defended.  

What bothered me was the very hostile take on litigation.

 The talking points about meritless litigation and nuisance lawsuits could have been taken word for word from the tort reform lobby.  If this had been a story about the ability of plaintiffs to stand on their rights to sue big corporations for just about anything else (antitrust, employment discrimination, personal injury, consumer rights), my guess is that it would have been a story about how bad, bad corporate defendants work to keep plaintiffs out of court.  

I was also unimpressed by the tone of the reporting.  Sydell and Blumberg purported to uncover a massive chain of shady deals and holding companies, which appeared to me to just be normal ways of conducting transactions, not a reason to indict (or approve)  the underlying asset being transferred.  They also cited statistics such as "80% of software engineers surveyed believe that the patent system hinders innovation rather than promotes it."  But this doesn't prove much -- it simply reflects what software engineers believe, and tells us nothing about how they actually behave.  Good economists and social scientists can answer that question with much better data.  The use of such figures again harkens back to the talking points of the tort reform folks who will tell you that surveys of judges and lawyers reveal massive discovery abuse.  In fact, studies of actual discovery practices show a very different picture.  For those interested in more about these facts, Linda Mullenix has several great articles about this.

Finally, the story didn't do much in the way of discussing the issues of ex ante or ex post patent enforcement.  They mention the number of redundant patents and hammer home the idea of a litigation-heavy environment, but did very little to explore the idea that the U.S. has made a regulatory choice to have a relatively relaxed patent approval regime reliant on ex post private enforcement.  Would an approach which requires vigorous and expensive prosecution of patents ex ante have more or less of a chill on innovation?  We would never know from this story that this is even a question that one should ask about a regulatory and adjudicatory system.  

It is an interesting topic and an interesting story, but falls short of some of the better reporting that I expect from the TAL and Planet Money teams.  It also reinforces that pursuit of a political agenda or conclusion in one arena (high tech innovation) might not suit your tastes in another, namely larger issues of court access, litigant behavior, agency design, and regulatory enforcement.

(cross-posted at Civ Pro prawfs blog).

Posted by Robin Effron on July 26, 2011 at 01:12 AM in Civil Procedure, Intellectual Property, Web/Tech | Permalink | Comments (7) | TrackBack

Friday, July 22, 2011

JSTOR: What is it Good For?

JSTOR logo and Aaron Swartz
Swartz is facing 35 years behind bars for allegedly cracking JSTOR. (Photo: Demand Progress)

Information-liberation guru and alleged hacktivist Aaron Swartz is facing 35 years in prison on a federal indictment [PDF] for breaking into MIT's systems and downloading more than four million academic articles from JSTOR. So, I can't help but see Stuart Buck's point that his doing so wasn't a good idea.

But is JSTOR a good idea?

JSTOR is a non-profit organization that digitizes scholarship and makes it available online – for a fee. JSTOR was launched by the philanthropic Andrew W. Mellon Foundation in 1995 to serve the public interest. But it seems to me that today, JSTOR may be more mischievous than munificent.

For instance, on JSTOR I found a 1907 article called "Criminal Appeal in England" published in the Journal of the Society of Comparative Legislation. I was offered the opportunity to view this 11-page antique for the dear price of $34.00. And this is despite the fact that my university is a JSTOR "participating institution," and despite the fact that this article is so old, it is no longer subject to copyright.

What's more, by paying $34.00, I would take on some rather severe limitations under JSTOR's terms of service. I could not, for instance, turn around and make this public-domain article available from my own website.

You might ask, why can't JSTOR just make this stuff available for free? After all, JSTOR says its mission is "supporting scholarly work and access to knowledge around the world."

Why indeed, especially considering I CAN GET THE ENTIRE 475-PAGE JOURNAL VOLUME FOR FREE FROM THE INTERNET ARCHIVE and GOOGLE BOOKS. (That includes not just "Criminal Appeal in England," but also such scintilators as "The Late Lord Davey" by the Right Honourable Lord Macnaghten. All for the low, low price of FREE.)

And it's not just old, public domain articles. Current scholarship is increasingly being offered for free from journals' own websites as soon as it is printed. Not to mention the quickly accreting mass of articles on free-access sites SSRN and the Arxiv.

Maybe JSTOR seemed like a good idea when it was launched 16 years ago. But today, if other organizations are doing for free what JSTOR is charging for, then perhaps JSTOR should be dismantled or substantially reworked. JSTOR in a big enterprise, and I am not familar with all of its parts. It may be that JSTOR provides important services that otherwise wouldn't be available. I don't know. But I do know that, at least with part of its collection, JSTOR is playing rope-a-dope, hoping to shake money out of chumps too unlucky to know they could have gotten the same wares for nothing if they just had clicked elsewhere.

JSTOR should act now to make as much of its database free as it can, including all public domain materials and all copyrighted materials for which the requisite permissions can be obtained. It seems to me that the only reason JSTOR would not do so at this point is because JSTOR has become so entrenched that it's more interested in self-perpetuation than public good. And if that's the case, JSTOR may constitute a continuing menace to the preservation of scholarship and access to it – the very things it was founded to promote.

Posted by Eric E. Johnson on July 22, 2011 at 05:32 PM in Information and Technology, Web/Tech | Permalink | Comments (6) | TrackBack

Wednesday, June 22, 2011

Feedback loops - applications?

A recent Wired article "Harnessing the Power of Feedback Loops" tells the story of how such mechanisms can be used in a variety of ways to affect human behavior - to essentially get us to 'do the right thing'. Here's an explanation of how they work from the article:

A feedback loop involves four distinct stages. First comes the data: A behavior must be measured, captured, and stored. This is the evidence stage. Second, the information must be relayed to the individual, not in the raw-data form in which it was captured but in a context that makes it emotionally resonant. This is the relevance stage. But even compelling information is useless if we don’t know what to make of it, so we need a third stage: consequence. The information must illuminate one or more paths ahead. And finally, the fourth stage: action. There must be a clear moment when the individual can recalibrate a behavior, make a choice, and act. Then that action is measured, and the feedback loop can run once more, every action stimulating new behaviors that inch us closer to our goals.

A number of examples are provided, the most prominent being feedback loop signs that tell you how fast you're driving next to the posted speed limit. This reminds me of theories of athletic coaching that I've read about - how good coaches use low-key constant correction advice to get their players to change their performance in real time (or close to it). Apparently, now is the time for feedback loop devices as a public policy method, as the costs of one of the primary means of providing feedback loops - sensor technology - continues to sink.

While not all feedback loop applications require sensors, the rise of such technology should perhaps give us pause to consider how such mechanisms might be used in a wide number of settings. For instance, can it be used effectively in teaching (perhaps, not too different from coaching)? I occasinally use real time quizzes via powerpoint, but I never really thought of it as a feedback loop although I imgaine that there are similarities.

But, what about legal applications? Can we use it for more than just speeding? Will such mechanisms make us more likely to obey the law? Why do they work in the first place? Well, here's what the article said on that point:

So feedback loops work. Why? Why does putting our own data in front of us somehow compel us to act? In part, it’s that feedback taps into something core to the human experience, even to our biological origins. Like any organism, humans are self-regulating creatures, with a multitude of systems working to achieve homeostasis. Evolution itself, after all, is a feedback loop, albeit one so elongated as to be imperceptible by an individual. Feedback loops are how we learn, whether we call it trial and error or course correction. In so many areas of life, we succeed when we have some sense of where we stand and some evaluation of our progress. Indeed, we tend to crave this sort of information; it’s something we viscerally want to know, good or bad. As Stanford’s Bandura put it, “People are proactive, aspiring organisms.” Feedback taps into those aspirations.

With all of this in mind, I invite readers to suggest potential applications :-)

[H/T Tim Ferriss]

Posted by Jeff Yates on June 22, 2011 at 08:43 AM in Article Spotlight, Criminal Law, Culture, Law and Politics, Science, Sports, Teaching Law, Web/Tech | Permalink | Comments (1) | TrackBack

Wednesday, May 04, 2011

Twitter and the Lawprof

This past August, while attending the IP Scholars Conference in Berkeley, I decided to start a work-related Twitter account (I already had a personal Twitter account but kept it locked and very separate from my professional life).  I imagined that it would be a useful way to keep in touch with colleagues, post brief comments about issues related to my work, provide quick updates about work I was doing and conferences I was attending, and communicate with students about class.  It’s been about one full school year since I started operating the account, and below the fold I explore how my experience with Twitter has been so far, and proffer a few thoughts for how this social media platform might be used effectively by lawprofs.

My first thought in starting a Twitter account was that it would be a helpful, although not exclusive, way to provide students with information about class, and I’ve found this to be the case.  I often post last-minute changes to office hours, reminders about assignments and events, and quick notes about updates to the syllabus, and to the extent that students are following my Twitter feed (about which more below), I think this has been a Paret0-optimal move, as the L&E folks are fond of saying.  To give just one example, last semester, I ended up coming in on a Sunday during reading period, and tweeted that I’d be in the office for a few hours in case students wanted to come by to ask questions, and several students did. 

I could have achieved this with an email, of course, but the advantage of Twitter is that it’s less invasive.  I don’t want to crowd already-jammed student inboxes with the kind of quick notes and reminders that I often tweet about.

Interestingly (to me, at least), I did get some skepticism from students about the Twitter account.  While many students are on Twitter, not all of them are, and the ones that weren’t seemed worried that they could miss crucial information about class if they didn’t start an account and follow me.  One student even made his first tweet, “I’m only doing this because my professor said I had to follow him on Twitter.”  This would be concerning if it were not just a misunderstanding.  Of course, I never said any such thing, and explained very carefully that I left my account public because I wanted to make sure people could follow it without having to start a Twitter account themselves merely by going to twitter.com/dave_fagundes.  So I think the objection that not all students actively operate Twitter accounts is unconcerning, all in all, though it has caused me to be careful not to post any crucial information exclusively on Twitter (but also to, e.g., TWEN) in order to make sure there’s no disparity in who receives it.

Also interestingly (again, to me, obv), many students seemed to find it hilarious that a law professor would be on Twitter.  On a number of occasions in class, I mentioned that I posted something to Twitter, and they’d titter (and yeah, that-there rhyme was intentional), and this would amuse me.  I asked a few students about this, and they explained that they perceived Twitter as un-serious, so that having an account seemed incongruous with the gravitas of the legal profession (my re-phrasing, of course).  One student even mentioned this in an eval, saying “Twitter is for athletes and rappers, not law professors!”  This objection also seems to me insubstantial.  Twitter is clearly not just for celebrities, as its multiplicity of users attests.  This kind of formal objection often arises in the context of new media.  Back in the 90s, many people thought the entire internet was just for nerds who wanted to talk about Star Trek.  My sense is that categorical objections about who should use any new medium typically reflect the objector’s lack of vision and understanding rather than a meaningful substantive concern.

I also thought Twitter would be a good way to stay in dialogue with colleagues, and this has turned out to be true as well, at least to the extent that these colleagues are on Twitter.  Twitter has proved a good way to post a quick update saying, for example, “I’m at thus-and-such conference.”  I used Twitter to thank Ann Bartow for her comments on my roller derby IP norms paper at JSIP, and to thank Chris Sprigman for writing a feature (with Kal Raustiala) about that paper on Freakonomics

All of these functions can, of course, be achieved on Facebook via status updates, but I have a slight preference for Twitter, which may be more a result of path dependence than anything else.  Also, I tend to post slightly longer, more involved status updates on Facebook rather than quick notes and updates (probably a personal idiosyncrasy, since many other people seem to use Facebook status updates for just that purpose).  And of course, Twitter reaches a different audience—it’s anyone who chooses to follow you, as opposed to just those you allow to follow you on Facebook.

I’ve also found Twitter to be a great source of quick updates on current news items related to my field, since I follow relevant feeds like SCOTUSblog and StanfordCIS.  Twitter is how I found out that the U.S. had killed Osama Bin Laden (and where I heard the first hundred people say “Donald Trump isn’t going to believe it until he sees Bin Laden’s long-form death certificate”).  It’s also where I first saw that certiorari had been granted in Golan v. Holder.

I’ve been more reluctant to use Twitter as a platform for expressing substantive opinions, simply because it’s hard to say anything of substance in 140 characters.  Some lawprofs make a valiant effort at tweeting substantively (and yes I'm aware that "tweeting substantively" may be an oxymoron, and in any event certainly sounds like it should be one), such as Larry Lessig and Adam Winkler.  Even so, I think the best one can do on Twitter is to express a simple idea (“I dis/agree with this case”), and that attempts to actually explain or substantiate that opinion are impossible in the allowed space.  So while I’ve seen people try to get into substantive debates on Twitter, I’m usually underwhelmed by this, and they seem more like simplified sniping matches rather than anything of real substance or value.

So at the end of my first year using a professional Twitter account, I’d rate the experience a qualified success, and I’ll conclude with five thoughts for lawprofs who may be interested in starting a Twitter account of their own:

1.  Maintaining a good Twitter feed requires constant, though not incessant, attention.  If you want the account to be taken seriously as a source of information, it’s probably necessary to post at least every several days, and probably more often.  But it’s possible to overdo it by posting so many tweets that they tend to overwhelm your followers’ feeds.

2.  It may be a good idea to operate separate accounts, one for colleagues and one for students (or just one or the other accounts).  I’m planning on doing this next year, largely so my colleagues don’t have to be subjected to countless tweets about changes to assignments and additional office hours.

3.  At least until Twitter becomes ubiquitous (if it ever does), it’s probably necessary to have the account unlocked, at least if you want it to be a source of information for students.  Not every student has a Twitter account, and if yours is locked, they’ll have to start an account themselves to follow your feed.  By contrast, if you leave it open, they can just go to your publicly available Twitter page website, and this is no more onerous (and in fact easier) than visiting TWEN.

4.  Related, Twitter can be a nice complement to course websites such as TWEN.  I often post tweets to notify my students that new information (recent .ppt slides, revised syllabus) is available on TWEN.  This is not something I’d want to send an email about, but does seem appropriate in the relatively less invasive context of a tweet.

5.  Use conventions are fascinating and tricky.  Negotiating the 140 character limit while still making a coherent point is challenging, and I realize style is not substance, but I still can’t quite bring myself to post in full-on Twitterspeak (e.g., “u” for “you,” etc.).  I’m all for trying to use new media in creative ways, but in this respect, anyway, I’m old-fashioned.  

Those are the results of my (still ongoing) Twitter experiment.  What are others’ thoughts on how lawprofs might use Twitter to productive scholarly or pedagogical ends?

Posted by Dave_Fagundes on May 4, 2011 at 09:00 AM in Web/Tech | Permalink | Comments (5) | TrackBack

Wednesday, March 16, 2011

Public Forum 2.0

If you are interested in social media and/or the First Amendment, you might be interested in the article I just posted on ssrn.  The abstract is below, and the link is here.

Abstract: Social media have the potential to revolutionize discourse between American citizens and their governments. At present, however, the U.S. Supreme Court's public forum jurisprudence frustrates rather than fosters that potential. This article navigates the notoriously complex body of public forum doctrine to provide guidance for those who must develop or administer government-sponsored social media or adjudicate First Amendment questions concerning them. Next, the article marks out a new path for public forum doctrine that will allow it to realize the potential of Web 2.0 technologies to enhance democratic discourse between the governors and the governed. Along the way, this article diagnoses critical doctrinal and conceptual flaws that block this path. Relying on insights gleaned from communications theory, the article critiques the linear model underlying public forum jurisprudence and offers an alternative. This alternative model will enable courts to adapt First Amendment doctrines to social media forums in ways that further public discourse. Applying the model, the article contends that courts should presume government actors have created public forums whenever they establish interactive social media sites. Nevertheless, to encourage forum creation, governments must retain some power to filter their social media sites to remove profane, defamatory, or abusive speech targeted at private individuals. Although some will contend that ceding editorial control is no more necessary in social media than in physical forums, the characteristic "disorders" of online discourse, and particularly the prevalence of anonymous speech, justify taking this path.

Posted by Lyrissa Lidsky on March 16, 2011 at 04:20 PM in Article Spotlight, Constitutional thoughts, First Amendment, Information and Technology, Lyrissa Lidsky, Web/Tech | Permalink | Comments (0) | TrackBack

Saturday, February 05, 2011

A Libel Proof Defendant? Courtney Love's Twitter Defamation

The Twitter defamation suit against celebrity Courtney Love , ostensibly the first of its kind, is set for trial next Wednesday (February 9, 2011) in California.  The suit arose after Love got into a tangle with the Boudoir Queen, a fashion designer also known as  Dawn Simorangkir.  Simorangkir accepted some of Love's clothing to "transform" into designer dresses, but Love was unsatisfied with the end product and refused to pay. To add insult to injury, Love posted allegedly defamatory statements about the Boudoir Queen on Twitter, MySpace, and Etsy.com.

Love tweeted, inartfully, that “ police are morethan ecstatic to pick [Simorangkir] up she has a history of dealing cocaine, lost all custody of her child, assault and burglary.” [The errors are Love's.] (Complaint ¶ 24(b)). Love also wrote, “so goodbye asswipe nasty lying hosebag thief,” as well as “… my clothes my WARDROBE! oi vey don’t fuck with my wradrobe or you willend up in a circle of sorched earth hunted til your dead.” Love made similar statements on feedback forums on MySpace and Etsy.com. At the time Love's tweet went online, she had an estimated 40,000 Twitter followers.

In response to Love’s “feedback,” the Boudoir Queen sued for libel. Love’s attorneys responded to the complaint by claiming that Love was merely warning others about “Simorangkir’s pattern of criminal and bad faith conduct” (Defendant Love's Special Motion to Strike). Love’s attorneys argued that Love acted in the “public interest” by using social media to warn others of her experiences. The California court, however, denied Love's motion to strike and found that the dispute involved not an issue of public interest but rather “a discrete private dispute between Love and Simorangkir.” The court also rejected the argument that the defamatory statements concerned matters of public interest simply because Love is a celebrity, since “under that theory, no celebrity could ever be found liable for defamation."

Besides being the first Twitter-based defamation suit to reach trial, Love’s suit poses some intriguing legal issues. As a result of our society’s commitment to free speech, a speaker cannot be held liable for expressing her opinion. Opinion, however, is a legal term of art, and refers to statements that are unverifiable or cannot be interpreted as stating actual facts about the plaintiff. Hyperbole, for example, is not actionable as defamation. In a 140-character tweet, however, the speaker has little chance to clarify her meaning and provide relevant context that might establish her tweet as hyperbole.  In Love’s case, she is well known for her “over the top” behavior in general, perhaps indicating her followers on Twitter might expect the kind of hyperbole that is clearly present in her tweets. Of course there is no such thing legally as a libel-proof defendant (nor should there be), but this case does make one question whether any reasonable person could possibly give credence to anything she said, factual sounding or not.  Love provided a series of tweets that may have alerted some audience members to the context of her dispute with the Boudoir Queen, but it is an open question whether the tweets should be read together to establish the “context” supporting her statement that the Boudoir Queen was a “lying hosebag thief.” Certainly Love’s accusations of criminality seem to indicate that she has undisclosed (and potentially false) factual information, which certainly makes it harder (or likely impossible) for her to shield her statements under the mantle of opinion. Moreover, there is an argument that a defamatory statement in a single tweet (not the issue here, admittedly) should be treated like defamation in a headline that is refuted by an accompanying article not likely to be seen by most reasonable readers of the headline.  Regardless of what happens if the Love case actually goes to trial on Wednesday, the saga is instructive about the perils of assuming that one can vent one’s frustrations about another in social media without legal repercussions.

Posted by Lyrissa Lidsky on February 5, 2011 at 06:27 PM in First Amendment, Lyrissa Lidsky, Torts, Web/Tech | Permalink | Comments (6) | TrackBack

Monday, January 31, 2011

A Small-Town, Social-Media Parable

    My co-author Daniel Friedel and I  just finished a book chapter for a book called Social Media: Usage and Impact (Hana Noor Al-Deen & John Allen Hendricks, eds., Lexington Books, 2011). In the course of writing the chapter, I came across Moreno v. Hanford Sentinel, Inc., 172 Cal. App. 4th 1125 (Cal. App. 2009), a case I had somehow missed when it came out. The Moreno case is a cautionary tale about the dangers of engaging in undue self-revelation online, but that is not the only reason I find it fascinating.  I find it fascinating because I grew up in a small, remote town, and I am acutely aware of the social dynamics that underlie the case.

    Here are the facts. While Cynthia Moreno was a college student at Berkeley, she visited her hometown of Coalinga, California. Moreno subsequently published on her MySpace page a very negative “Ode to Coalinga,” in which she stated, among other things, that “the older I get, the more I reliaze that I despise Coalinga.” (1128) The principal of Coalinga High School obtained the Ode and forwarded it to a local reporter. After publication of the Ode in the local newspaper, Cynthia Moreno’s family received death threats, and a shot was fired at their home. They were forced to move away from Coalinga, abandoning a 20-year-old business. (1129). They sued the principal and the local newspaper for invasion of privacy and intentional infliction of emotional distress. The trial court dismissed the case against the newspaper under a California's antil-slapp  statute. The Moreno family did not appeal the ruling regarding the newspaper, but they did appeal the trial court’s dismissal of their claims against the principal for invasion of privacy and for intentional infliction of emotional distress. (1129).

    With regard to the privacy claim, the California appellate court held that the revelations concerning the Ode simply were not "private" once Cynthia Moreno posted them on MySpace, “a hugely popular internet site.” (1130). The Court found, in essence, that Cynthia had waived any reasonable expectation of privacy through her "affirmative act." (1130). It was immaterial to the court that few viewers actually accessed Moreno’s MySpace page. By posting it, she opened her thoughts to “the public at large,” and “[h]er potential audience was vast” regardless of the size of the actual one. As Cynthia learned to her sorrow, there is no privacy invasion when information shared with a seemingly “friendly” audience is repeated to a hostile one. (1130). [Query, however, whether this could lead to a false light claim in the right circumstances.]  Although the court dismissed Cynthia's privacy claim, the court held open the possibility that a claim for intentional infliction of emotional distress could succeed. (1128). 

    The Moreno case sends a mixed message about legitimate use of information shared in "public" social media. On one hand, the information is not private. On the other, republication can still lead to liability if done for the purpose of inflicting emotional distress on another in a manner that jurors might subsequently deem “outrageous.”  At first blush and maybe at  second, too, this latter holding regarding intentional infliction (the court left its reasoning unpublished) seems inadequately protective of speech.  After all, the principal was merely republishing lawfully obtained truthful and non-private information, arguably about a matter of local significance.  The principal had no "special relationship" (protective, custodial, etc.) with Cynthia Moreno that might have imposed on him a duty to give special regard to her interests or emotional well-being.  It seems from the facts, however,that Cynthia's younger (minor) sister might have been attending the high school of  which the defendant was principal, which perhaps could make his actions more "outrageous." Moreover,  how much solicitude should be given to a defendant such as the principal if his intent in publishing the statement was to ensure the ostracization of Cynthia and her family, or even if he acted with reckless disregard that those consequence would result? Of course, the statement need not have been published in a newspaper in order to produce a similar result.  In a town of fewer than 20,000 residents, the gossip mill very well might have ensured that the information got to those most likely to be interested in it. Moreover, if the principal could foresee harm to Cynthia through the gossip mill, arguably so could Cynthia (even if the scope and exact manner in which those harms would occur were unforeseeable). After all, she did grow up there and should have known, even at 18 years old or especially at 18 years old, how vicious the repercussions might be if her Ode got out.  I feel great empathy for Cynthia, but I do worry about the free speech implications of giving a tort remedy based on the repetition of lawfully obtained, truthful, non-private information, even when done with bad motives.

Posted by Lyrissa Lidsky on January 31, 2011 at 12:06 PM in First Amendment, Information and Technology, Lyrissa Lidsky, Torts, Web/Tech | Permalink | Comments (0) | TrackBack

Friday, December 10, 2010

Wikileaks and TMI: A Scholar's Perspective

I've been feeling guilty for not blogging about Wikileaks after the release of diplomatic cables (see my earlier post here).  The problem is that the story is so rapidly evolving, and I've been so busy (it is, after all, THAT time of year), that I didn't want to weigh in and just duplicate the thoughts of others or sound off in a way that betrayed a lack of understanding of all the factual nuances of the case.  I'll just have to content myself with providing a link to  Daniel Drezner's piece in The Chronicle of Higher Education, which deals with some aspects of the brouhaha I've also been thinking (but not writing) about.  I've been thinking about how journalists cope with the sudden dumping of thousands of pages of disjointed information (which, despite its volume, may not really be "ALL" of the information).  What happens when you have too much information, rather than not enough?  Does it make the role of a learned intermediary sorting through thousands of pages of raw data and putting them in context more important rather than less?  Are journalists equipped to perform this role?

Drezner's piece recognizes the problem of  TMI from a historian's perspective and worries about getting "caught out" by a document release that suddenly casts a different light on the intent of policymakers than one could glean from the events themselves.  Drezner also considers what the Wikileaks controversy means for the future of government secrecy.  He frets that government will significantly tighten the clamps information in the future in response to the controversy.  On this point, I suspect his fears are misplaced.   The Wikileaks controversy reveals that even if the government wishes to exercise more control over information in the future, it simply can't.  [Admittedly, though, I still fail to see how Bradley Manning had access to so much information, apparently without much oversight (assuming those are the facts).]   

Posted by Lyrissa Lidsky on December 10, 2010 at 10:29 PM in Blogging, Current Affairs, First Amendment, Lyrissa Lidsky, Web/Tech | Permalink | Comments (0) | TrackBack

Thursday, December 02, 2010

WikiLeaks, Sex Tapes, and Information Valuation Theory

The recent WikiLeaks disclosures have been in the news lately, and leaked photos and tapes of naked celebrities always seem to be in the news. I want to focus on a small sliver of the pie: how should we think about the value of the leaked information/documents/pictures, and the value of keeping it all secret.

There are many normative theories for the protection of trade secrets. One of them (the best one, I argue), is that trade secret laws are there to encourage less protection of secrets. The idea is that without the remedy provided by trade secret laws, companies will overprotect their information in ways that are inefficient. Thus, the law is there to make sure that companies only expend reasonable precautions to protect information, and if the secrets are lost, then they can obtain a remedy to compensate.

A negative corollary of this theory is that where remedies are insufficient then we will see much more protection of the secrets. Anecdotal evidence supports this. Consider the protection of the formula for Coke, or the thickness of the walls of the Pentagon as examples.

What, then, should we make of the value of WikiLeaks and sex tapes?  Let's start with sex tapes. Conventional wisdom holds that many who make illicit photos do so knowing that the publicity, even "bad" publicity of a sex tape can help boost careers. Indeed, many believe that the celebrities themselves were behind such leaks, despite mock protests.  

If true, this supports the general theory. Celebrities don't see much harm in the release of these tapes, and thus don't go to great lengths to protect them. 

But what of WikiLeaks? After all, these are sensitive government documents, right? Doesn't the government view these as ultra-secret? I wonder about that. First of all, the purported leaker is a an army private working in a field office. If true, how is it that ultra-sensitive documents are so easily accessed and copied by a relatively young soldier working in a field office? I wouldn't expect national secrets whose disclosure would leave no recourse to be so easily available.

Of course, this is not to say that leaks never happen. Spying goes on. But compare, for example, the Valerie Plame leak by Scooter Libby. That information, also of apparent national security, was protected all the way up to the Chief of Staff to the Vice President. I also suspect that Libby would not have known it but for rules that require the executive to get certain information (not that such rules are a bad thing). If it were up to the departments in charge, I suspect that critical information would not be shared so widely.

The conclusion is that this information, for the most part, is just not that valuable, despite protestations to the contrary. Embarrassing, perhaps, but not really valuable. Viewed this way, the documents are the equivalent of government sex tapes. Supporting that theory are recent statements by Robert Gates (h/t Dan Filler): 

Let me just offer some perspective as somebody who’s been at this a long time....Now, I’ve heard the impact of these releases on our foreign policy described as a meltdown, as a game-changer, and so on. I think those descriptions are fairly significantly overwrought. The fact is, governments deal with the United States because it’s in their interest, not because they like us, not because they trust us, and not because they believe we can keep secrets....Is this embarrassing? Yes. Is it awkward? Yes. Consequences for U.S. foreign policy? I think fairly modest.

Of course, Gates could just be downplaying the cost to the U.S., but what he says goes against what others in our government are saying.

Note that my take is agnostic about whether WikiLeaks disclosures (or sex tape publications, for that matter) are right or wrong, or good or bad.  I do think, however, that the ease with which information is obtained and distributed says something about how the owner values it.

To be sure, you can blame sex tapes on celebrities who aren't smart enough to protect their tapes. Even so, a celebrity really worried about the potential costs of a release, will not make one, or will lock it in a safe - consider all the celebrities who do not have scandalous photos leaked. Further, how often do you see celebrity cell phone numbers published - even those with leaked photos and tapes? Somehow, these folks are able to protect that information. Finally, diplomatic cables are not sex tapes, and the government is not a ditzy celebrity. These folks know how to protect information, and how that information is protected can be quite telling.

Posted by Michael Risch on December 2, 2010 at 12:07 PM in Current Affairs, Intellectual Property, Legal Theory, Web/Tech | Permalink | Comments (1) | TrackBack

Monday, November 29, 2010

Using Smokescreens and Spoofing to Undermine Wikileaks

The leaked diplomatic cables story already been much discussed and will be discussed further elsewhere.  As a privacy law scholar, my starting point is to think of this problem as a data security issue and then wonder how Pfc. Bradley Manning evidently obtained access to such a large cache of highly sensitive information.  I suspect that some (but not all) of that story will be told in the coming months.  The government's failure to better safeguard sensitive national security information against someone in Manning's position is a genuine scandal, one that ought to prompt careful investigations into what went wrong and rapid data security improvements.

That said, we have seen from analyzing commercial data security breaches that breaches will inevitably occur.  To that end, it may make sense for the government to supplement heightened data security measures by regularly leaking false (but plausible) intelligence to Wikileaks.  The current controversy has generated great attention because the information exposed on Wikileaks is believe to be genuine.  But if disclosures to Wikileaks are frequent and sorting between true and false leaks is difficult, then the damage resulting from inevitable disclosures of true information would be reduced.  It might even make sense for the government to announce publicly that it will be leaking lots of false diplomatic cables going forward so that foreign governments are not unnerved by what they read on Wikileaks and in the press. 

A version of this strategy - called spoofing - was used effectively by the recording industry to make illicit peer-to-peer file swapping less attractive. 

If users couldn't distinguish between real Kanye West mp3 files and garbled noises on Limewire, then they might get frustrated enough to switch to iTunes.  Applications that fostered the swapping of unlicensed p2p files tried to combat spoofing through file rating systems, but these were also subject to gaming by spoofers.  Similarly, a spoofing approach to national security leaks might lower the reliability of Wikileaks information enough to get people to stop paying so much attention to the content that is posted there.  Recall the little boy who cried wolf too many times.  Wikileaks could invest in trying to sort between legitimate and phony leaks, but doing so would be costly and time-consuming, and it might bring more of Wikileaks's contacts with the Bradley Mannings of the world into the open.

One question that arises is whether the government is doing this already.  Corporations evidently engage in such behavior with some regularity.  Indeed, using misdirection strategies against competitors may be part of the "reasonable precautions" that a firm ought to engage in to guard its trade secrets.  Are there instances of the government leaking false documents to Wikileaks?  If the government isn't engaging in those strategies, should it start doing so?

UPDATE: Not-so-great minds think alike.

Posted by Lior Strahilevitz on November 29, 2010 at 05:13 PM in First Amendment, Information and Technology, Web/Tech | Permalink | Comments (3) | TrackBack

Saturday, November 27, 2010

Wam! Bam! Thank you ma'am!

Michael Robertson, the CEO who brought us MP3.com at the turn of the 21st century, is back again with two services: MP3Tunes and Sideload. MP3.com ostensibly allowed users to listen to CDs stored on MP3.com servers if they could establish to MP3.com's satisfaction that they owned the original CD. MP3.com lost a fight in the Southern District of New York, with the court concluding that MP3.com was not engaging in (arguably) protectable "space shifting" by storing subscribers' CDs, but instead "re-playing for the subscribers converted versions of the recordings it copied, without authorization." Judge Rakoff concluded that this was not fair use, and the legal fallout led to MP3.com's merger with Verizon.

Robertson's new storage service, MP3Tunes, allows customers to store audio files "in the cloud," not unlike Dropbox or other cloud storage services. Digital files uploaded to an MP3Tunes locker can be replayed by the locker owner in a variety of ways. Viewed in isolation, MP3Tunes simply stores subscribers' CDs. The recent decision in Cartoon Network v. Cablevision would suggest that the Second Circuit, at least, is sympathetic to the notion that where a business provides a service and consumers push the buttons that copy protected expression, the service providers are not directly liable. Thus, if online storage by consumers is protectable private use (a possibility the court in MP3.com acknowledged), MP3Tunes is unobjectionable as a service enabling that storage.

Sideload is an associated service that changes the way MP3Tunes works. The Sideload program lists the material available in the lockers of other users of MP3Tunes and allows you to stream those songs and download them into your own locker.  In other words, if I load David Bowie's* "Suffragette City" into my MP3Tunes locker, Sideload will help you find it, and you can make a copy from my copy. As I understand the services, other people can then make a copy of your copy of Suffragette City. If one accepts as a baseline that consumers are taking their personal stock of legally purchased CDs and MP3s, loading digital files into MP3Tunes lockers, and other consumers are locating those files and copying them through Sideload for free, then the service sounds suspiciously like Napster-esque "file sharing," and unlike arguably protectable "space shifting." Robertson makes an interesting factual claim in its motion for summary judgment that, if true, might alter the way we think about this particular case, even if Sideload is part of the package.

Robertson asserts that record lables like EMI distribute music files for free on the internet with the intent (in the words of EMI's Senior VP for Digital Marketing) that the songs should become "viral...giving fans the ability to disseminate to other fans, to spread like a virus." Not every song is marketed as a free (and hopefully viral) release, but many are. EMI and the other labels want to hold MP3Tunes accountable for distinguishing between them. MP3Tunes instead hopes to rely on Section 512(c) of the DMCA, which immunizes online service providers that store material online at the direction of users, so long as the service provider takes down unauthorized content once it is brought to the attention of the service provider by the copyright holder. MP3Tunes argues (reasonably, I think) that if EMI has flooded the market with free content, EMI is the party best positioned to distinguish between viral content and content that wasn't supposed to get out for free. Thus, if MP3Tunes timely removes any content flagged by record labels, then EMI should be able to get what it wants by flagging "traditional" content for removal, allowing MP3Tunes to remove flagged content while enabling the distribution of free content. Thus, even assuming that Sideload lets other MP3Tunes customers copy "Suffragette City" from my locker, the question we should ask is whether EMI authorized its viral release.

I am a skeptical of Robertson's factual claims, because it seems that many artists have use free streaming content "distributed" through social networking systems like Facebook or Twitter, and less on the distribution of actual copies.  Still, to the extent the claim is accurate, it seems entirely within reason for Robertson to offer a service that allows consumers to find and share authorized "viral" downloads.

* Bowie is an EMI artist, whose seminal album, The Rise and Fall of Ziggy Stardust and the Spiders from Mars, was just released in the UK on a commemorative stamp.

Posted by Jake Linford on November 27, 2010 at 02:26 PM in Culture, Information and Technology, Intellectual Property, Music, Web/Tech | Permalink | Comments (1) | TrackBack

Wednesday, November 17, 2010

Obviousness and Cumulative Innovation

I've been spending time recently (way too much time, I think) participating in prior art searching for ArticleOnePartners, a company that pays its bounty hunters advisors prizes if they find prior art that invalidates certain patents. The company, in turn, uses the gathered research to license to patent defendants. The prizes used to be huge ($50,000 or so), but are now moderately big ($5K to $15K for the most part). 

It's no mystery why I do it: I want to win some money. I haven't won a big prize yet, but I've got a couple "studies" that I am optimistic about. Even without winning, the endeavor has been extremely helpful in developing my understanding about innovation, obviousness, and prior art. That's what I want to write about below the fold.

The story begins with conventional wisdom. Whenever a high profile patent is asserted, the media reports the claims in only the most general terms, like "the patentee claims to have invented hyperlinking." People reading the article immediately protest that surely this inventor could not have invented something so a) important or b) broad.

The reality is that few patent claims actually read like they are depicted in the media. First, they are usually much narrower than the media reports. For example, the "hyperlinking" patent was really a much narrower claim about hidden data that points to blocks of memory retrieved from a single central computer using a keypad. It's possible, of course, that clicking a link using a mouse (where the URL is not really hidden memory) to obtain a web page from a variety of servers would infringe by the doctrine of equivalents, but it's not clear. The technology in the patent describes no way to communicate with more than one server. (Of course, the owner sued Prodigy, who may have connected users to a single server).

Second, such claims, though usually narrower than reported, are also usually filed much earlier than people think. The hyperlinking patent, for example, was originally filed in 1976. If someone really did invent hyperlinking in 1976, my view is give them the patent - they were years ahead of their time.

This is where Article One Partners comes in. The company knows that it is difficult to find evidence that even narrow claims were not new when the patent application was filed early. It only takes one document or product to invalidate a patent claim, but only if that one piece of prior art includes every element of the patent claim. Further, because we often don't know when the claim was invented, we can only be sure to invalidate the claim if the prior art is dated one year or more before the patent filing date. This makes information very difficult to find. Thus, Article One Partners enlists others to find that prior art with money as a reward for a successful search.

My searches have opened a frustrating but fascinating window into the nature of innovation. As I look at each patent under review, I almost always think, "No way they invented that." (Sometimes, it really does seem like the patent was a pioneer.)  However, when I start digging, I find many instances that are close, but are not the same. Every time I think I've found the silver bullet, I review the patent claim and it includes some small detail that makes the invention different than what came before.

While "close, but no cigar" is not putting money in my pockets, it is helping me better understand innovation and obviousness. In just about every case (there are a few where I think I have found the silver bullet), you can see technology developing, with many companies racing to add the next feature, each building on the other. The most fascinating process to me is a claim for data storage in web pages. This is technology that every HTML form programmer takes for granted today - you put a variable name  and value into your dynamic web page so that it remembers what you've typed in when you load the next page. This method is so basic that it is part of every manual on HTML programming: "Authors may create controls that are not rendered but whose values are submitted with a form. Authors generally use this control type to store information between client/server exchanges that would otherwise be lost due to the stateless nature of HTTP..."

While hidden fields are basic now, they weren't basic in December of 1993, the cutoff date to invalidate this patent. While I think I have found invalidating prior art, the method was certainly not a standard. Instead, it was in the process of being invented by others at exactly the time of the cutoff. I found fascinating discussions among those who invented the HTTP protocol about how to store information between pages, and I found draft standard documents that were published two days before the cutoff.

This, I think is the most fascinating part of the experience. We talk now about "crowdsourcing" as if it were new, but a lot of innovation has come about through crowded fields with many fingers in the pie. The innovation process that was artificially cut off in my search reached the identical solution in the patent soon thereafter (if not before).

My final point is that this innovation process affects how we should think about obviousness. Where the crowd is close and quickly moving, it seems that many of these inventions should be considered obvious. Obviousness is how one determines whether a close, but not identical, piece of prior art invalidates a patent. Patent law has an obviousness factor called "simultaneous invention," and I've come to believe that the factor is woefully underused. In some cases the patentee may make a leap away from the crowd, but I am finding that for many of these patents, the inventor won the patent only because he or she was the first to the patent office and it was difficult to find out how others were doing the same thing. 

I am convinced that as search engines digitize and index more of the world's information, more patents will be invalidated as obvious. I am surely not the first person to be convinced of this, but I have now seen first hand how difficult it is to find do in practice.

Posted by Michael Risch on November 17, 2010 at 10:50 AM in Intellectual Property, Web/Tech | Permalink | Comments (5) | TrackBack

Saturday, October 23, 2010

Wikileaks, Genies, and Bottles

Julian Assange, founder of WikiLeaks, is at it again.  First he released 77, 000 secret government documents from the war in Afghanistan, and he has now released 391, 832 field reports from Iraq. 

The New York Times profile of Assange gives some indication of his motive.  He apparently believes his disclosures may curb what he sees as dangerous aggression by the U.S.   More significantly, he is a  (former, alleged) computer hacker who apparently believes in disclosure at all costs, even if the costs are human lives. 

Assange apparently feels a kinship with Daniel Ellsberg, but Assange's disclosures are far more dangerous and potentially deadly than Ellsberg's were during the Vietnam War.  The Pentagon Papers purloined by Ellsberg--the original documents, that is--were filtered through real journalists and editors at the Washington Post and the New York Times.   These "intermediaries" exercised judgment about what should be revealed and what shouldn't based on some consideration of the safety of American military personnel and whether the disclosures truly served the public interest.  Apparently no such editorial judgment is at work behind the Wikileaks disclosures.  Assange is determined to disclose, devil take the consequences, and the Internet gives him the power to release the 391, 932 documents in an instant to the entire world.

In the U.S., I fear that the Wikileaks incident may doom passage of the federal shield bill (the Free Flow of Information Act).  The shield bill, which contains a broad exception to protect national security,  gives reporters limited protection from being forced to reveal the identities of confidential sources in response to federal subpoenas.  It had passed the House and the Senate Judiciary Commitee, when it stalled over the definition of "journalists" entitled to its protection--thanks in significant  part to Wikileaks' original release of Afghan war documents.  This second release by Wikileaks probably spells an end to any desire legislators may have to limit the discretion of the Executive Branch in pursuing leakers of any stripe. 

If anything, the Wikileaks controversy ought to illustrate the important role played by the institutional or so-called "mainstream" media and ought to give Congress more confidence in adopting a narrow definition of "journalists" entitled to the protections of the shield law.  The released documents appear to contain information suggesting governmental abuses of power in the conduct of the war in Iraq.  This information is of vital public interest, and had the documents been leaked to a responsible news outlet, it would no doubt have analyzed, organized, and assembled the information to focus primarily on the items of public interest while minimizing the risks to our troops, our allies, and our national interests.  The fact that the institutional media  have no protection from federal supoenas may in fact have  helped convince the person who leaked the documents to give them to an alleged computer hacker based offshore rather than a responsible outlet such as the Wall Street Journal or the New York Times.  Even if the mainsteam media are flawed, they still have institutional checks and balances and mechanisms for enforcing institutional norms that "non-mainstream" media lack.  The important role the Fourth Estate plays in democracy deserves protection even if it means Congress must draw messy lines excluding others who are occasionally capable of playing that same role. 

Posted by Lyrissa Lidsky on October 23, 2010 at 08:14 PM in Current Affairs, First Amendment, Lyrissa Lidsky, Web/Tech | Permalink | Comments (10) | TrackBack

Monday, September 13, 2010

Why Governments Use Social Media and Why They Should

Lately, I've been exploring whether public forum doctrine may impede desirable governmental uses of interactive social media.   As part of that project, I'm examining both government incentives to use social media and citizen interests implicated by government social media use.  

Governments must speak in order to govern.  Governments speak to educate and to inculcate democratic values, to shape behavior and norms.  Governments seek to persuade, manipulate, coerce, nudge, wheedle, and imprecate.  They tell citizens to say no to drugs, to vote, to return the census, to get flu shots, to pay taxes, to wear seat belts, and to volunteer.  Indeed, effective government communication is essential to effective policy implementation.  Without the acquiescence of the governed, it is almost impossible for a democratic government to perform its roles and functions, and acquiescence is secured through communications. Traditionally, government has spoken through mass media using advertisements and position pages, interviews and pamphlets, public art and press conferences.  Now, however, the government has begun to convey its message through emails, websites, Facebook pages, tweets, and text messages.  Here’s why. 

Access to citizens.  The government has a host of practical reasons for using “new media” for communications with citizens.  Willie Sutton was reported to have said that he robbed banks because “that’s where the money is,” and governments turn to social media because that’s where the citizens are.  However, sheer audience size is only part of the picture. 

Access to Desirable Audiences or Constituencies.  Audience demographics are also important.  The audience of citizens that the government reaches via social media is likely different than the audience that the government reaches via traditional mass media, and these differences may make the audience especially desirable for government communication purposes.  MySpace users, for example, skew younger than citizens who attend city commission meetings or watch the network news, making MySpace a better platform for informing college freshmen about the benefits of the meningitis vaccine.   In addition, government may wish to reach social media audiences because they are more likely to be politically engaged than their fellow citizens. It is not far-fetched to presume that the same initiative that leads social media users to seek out government information online may lead them to other types of political engagement. 

Community-Building and Political Engagement.  Government actors have not been slow to appreciate that social media is not just a tool for communication but a tool for community-building and engagement.  Social media create social relationships, and they may help mobilize citizens from different walks of life and strata of society.  Social media may even help humanize government by giving citizens the sense that their voices are being heard by those in power, thereby defusing social tensions.

Crowdsourcing and improved governance.  The sense of community that is sometimes fostered by social media may ultimately improve not only the relationships between governors and the governed, but also the processes and outcomes of governance.  Social media can serve many of the functions of town hall meetings without the expense or the geographic or time constraints.  Indeed, social media can be used not just to create communities of citizens, but even communities of “experts,” who can share their knowledge to improve the decisions made by government actors. 

Speed, Economy, and Elimination of Intermediaries.  All social media, whether interactive or not, have the advantages of allowing government speakers to quickly and cheaply introduce messages into the public information stream without having to rely on intermediaries.  Social media are ideal for communicating during emergencies because government can issue messages to citizens with rapid speed.  Moreover, social media create a direct line of communication between governor and governed.  Social media decrease government reliance on the traditional mass media to relay (and potentially distort) government messages.  In an age when citizens are highly skeptical of the mainstream media, often for good reason, eliminating their role in the communication process is tremendously beneficial to government actors, though of course it creates an avenue for disseminating propaganda.

Responsiveness.  In order to maintain legitimacy, democratic governments must appear to be responsive to the needs of citizens.  Interactive social media allow governments to gather information from citizens, to listen to their needs and interests, and to respond directly to them quickly and efficiently.  Indeed, the desire to appear responsive to the needs of citizens is a key impetus behind government use of social media.

Luckily, government social media use, even when motivated by pure self-interest, often benefits citizens.  Citizens have an interest in receiving government information quickly, cheaply, and without distortion.  They also have a strong interest in having governments that are responsive to their needs and interests.  However, it is also worth considering how government use of social media fosters the First Amendment interests of citizens.  I use the word “interests” rather than rights because the Supreme Court has never explicitly interpreted First Amendment doctrine to require governments to enable citizens’ exercise of First Amendment freedoms.  That said, the effect of public forum doctrine is to create, in the words of Cass Sunstein, “a right of speakers’ access, both to places and to people."  Public forum doctrine acts as a government subsidy for speech.  The government must hold open traditional forums such as streets and parks for the benefit of speakers who would otherwise lack the resources to reach a mass audience.   Yet, the Supreme Court has been oddly reluctant to extend this understanding to places that have not been open to the public since “ancient times.”

Social media forums, and especially government sponsored ones, have the potential to advance the First Amendment values of free speech, free association, and the petitioning of government for redress of grievances.  With regard to speech and association, social media bring citizens together across boundaries of space and time that often separate them in the offline world.  But government sponsored social media provide speakers with a particularly valuable commodity.  Just as governments use social media to reach desirable audiences, citizens can use these same social media outlets to address audiences that would otherwise be difficult or impossible to reach.  A citizen may seek out the U.S. Coast Guard’s Facebook page, for example, in order to register a complaint about its handling of British Petroleum’s oil spill in the Gulf of Mexico.  Although the same citizen would be free to set up his own Facebook page to complain about the Coast Guard’s clean-up efforts, the government sponsored Facebook page provides him access to a receptive audience that likely already knows something about the Coast Guard and cares about its performance.

Not only can the Coast Guard sponsored page provide speakers a unique and valuable platform to reach interested fellow citizens, but it can also increase the likelihood that speakers and audience can unite to engage in political action.  Again, audience members who seek information on government sponsored sites may be especially interested in the government policy discussed at that site, and thus more likely than others to engage in action to change or improve the program.  In the Coast Guard example, a citizen might use the government sponsored page to invite fellow citizens to take collective action, such as attending a rally or volunteering to assist with clean up of polluted beaches.  No other online forum is likely to reach quite as interested an audience, nor foster political association, as effectively as the government sponsored one.  Thus, it is incumbent as a matter of public policy to encourage government to open social media as forums for communications to, by, and with citizens. 

Perhaps the most compelling argument supporting government creation of social media forums is that they give meaning to the often neglected constitutional right of citizens to petition government for redress of grievances.  In his new book on the Petition Clause, Professor Ronald Krotoszynski explains that “at its core, the Petition Clause stands for the proposition that government, and those who work for it, must be accessible and responsive to the people.”  Even if governments create interactive social media sites only to create the appearance that they are responsive, citizens can still use them to demand actual responses, as the First Amendment entitles them to do.  Indeed, the use of social media may create pressure for government to be responsive to citizen demands.  This feature of social media forums makes them distinctive from streets and parks, which may sometimes be used to protest government practices and policies in ways that demand action, but do not provide a direct conduit to the government officials in charge of those practices and policies. Although the right to petition is doctrinally underdeveloped, it plays an important role not played by the rights of speech or association.  The Petition Clause guarantees not just a right to speak, but a right to speak to those empowered to take action in response.  It therefore helps guarantee governmental accountability to the electorate, which is the essence of democratic self-governance. 

 

 

Posted by Lyrissa Lidsky on September 13, 2010 at 09:19 AM in Constitutional thoughts, First Amendment, Information and Technology, Lyrissa Lidsky, Web/Tech | Permalink | Comments (2) | TrackBack

Wednesday, August 25, 2010

Policing Decorum in the Limited Public (Social Media) Forum

I have been researching the circumstances under which government sponsored social media  sites should be treated as limited public forums.  One issue I’ve been examining is whether a government actor who creates, say, a Facebook page that is set up to be a limited public forum constitutionally may police “decorum” within the forum by eliminating speech “flagged” as profanity or hateful or defamatory speech.  Here’s my answer. 

The constitutional limits on the government’s attempts to preserve orderly and civil discourse within limited public forums are not entirely clear.  For example, the Supreme Court has never addressed directly the scope of the government’s authority to police decorum in the limited public forum (although it has done so in the context of schools and public broadcasting, and arguably has addressed the issue indirectly in Southeastern Promotions v. Conrad).  The Supreme Court announced, in the celebrated case of Cohen v. California, that the proper remedy for an audience member offended by a the use of the word “fuck” on a jacket was to avert his or her eyes, the Court never addressed the constitutional standard applicable in nonpublic forum or a limited public forum whose purpose arguably could be thwarted by profane speech. Presumably, though, the government’s attempts to regulate decorum in the limited public forum should be evaluated as an attempt to preserve the forum for its intended purpose, and should therefore be judged by whether they are reasonable and viewpoint neutral.  Application of this test, however, should be responsive to the nature or context of the forum.

Lower courts that have addressed the issue in the somewhat analogous contexts of city council and planning commission meetings have struggled to balance the government’s interest in preserving civility in the limited public forum with the interests of speakers in addressing government actors in the manner of their choosing.  However, most circuit courts that have addressed the issue have given deference to government actors attempting to preserve order and decorum.  An instructive example is the Ninth Circuit Court of Appeals decision in White v. City of Norwalk, 900 F.2d 1421 (9th Cir. 1990). That case dealt with the constitutionality of a city’s “rules of decorum” for city council meetings, which forbade “personal, impertinent, slanderous or profane” remarks that “disrupt[ed], disturb[ed] or otherwise impede[d] the orderly conduct of of [city council] meeting[s]”  The Ninth Circuit noted that “a City Council meeting is  . . . a governmental process with a governmental purpose,” and the court therefore gave the city council a great deal of leeway in regulating decorum, going so far as to say that the city “certainly may stop [a speaker] if his speech becomes irrelevant or repetitious.”  Indeed, the court stated that in the context of city council meetings, a speaker may be deemed disruptive simply by “speaking too long, being unduly repetitious, or by extended discussion of irrelevancies.”  The court strongly tipped the balance in favor of allowing the council to “accomplish[ ] its business in a reasonably efficient manner,” giving short shrift to the rights of speakers to address the forum in the manner of their choosing.   

 

The Fourth Circuit was similarly deferential to government interests in Steinburg v. Chesterfield County Planning Commission, 527 F.3d 385.  That case involved a citizen who had been stopped from speaking at a planning commission meeting because his remarks were allegedly off topic and contained (very mild) “personal attacks” against the commissioners for not paying attention.  Because the county planning commission meeting at issue was classified as a limited public forum, the Fourth Circuit evaluated the county commission’s policy against personal attacks only for reasonableness and viewpoint neutrality.  The court concluded that “a governmental entity such as the Commission is justified in limiting its meetings to discussion of specified agenda items and in imposing reasonable restrictions to preserve the civility and decorum necessary to further the forum’s purpose of conducting public business.”   The court therefore upheld the county’s “content-neutral policy against personal attacks” against a facial challenge because it promoted the “legitimate public interest . . . of decorum and order.” The Sixth Circuit Court of Appeals sounded a less deferential note in Leonard v. Robinson, 477 F.3d 347 (2007), when it reversed summary judgment in favor of a police officer who arrested a citizen “solely for uttering ‘God damn’” while speaking at a township board meeting.  However, Robinson differs from the cases discussed above because the police officer arrested the speaker even though the public official conducting the meeting had not ruled that he was out of order or in any way disrupting government proceedings.  Nonetheless, the Sixth Circuit clearly had a different view of the potential disruptiveness of profanity than its sister circuits.  Citing Cohen v. California, the court asserted that prohibiting the speaker from “coupling an expletive to his politicial speech is clearly unconstitutional.”  

 This question about how much deference to give government actors in regulating profane or “abusive” speech in online forums is particularly pressing research suggests that computer mediated communications are more likely than those in the “real world” to become profane or abusive, particularly when speakers believe they are anonymous.  Thus, it might be argued that government has more pressing interests in regulating profane and abusive speech in the online contexts than in others simply because the prevalence of such speech may hinder the use of a government sponsored social media site as a forum for public discourse.  Moreover, the government can help to ensure that its regulation of such speech is not a cloak for censorship by setting up filtering programs that operate “neutrally” once put into place.  And some social media sites, such as Facebook, conduct their own monitoring and filtering of profane and abusive speech, thereby largely eliminating in government role in censoring to eliminate such commentary.  Despite these persuasive arguments, however, public discussion that takes place on a social media site is fundamentally different from public discussion in a city council meeting.  The user of the online forum ordinarily must take some kind of affirmative step to seek out comments by fellow users; even once a user decides to read the comments, she can easily scroll past the ones that appear to be offensive.  Thus, the “captive audience” problem is present to a lesser degree than in a physical forum like a city council meeting.  In addition, a profane or abusive speaker in an online forum poses little danger of disrupting a government process or impairing its efficiency.  Thus, there is arguably little justification for deferring to government attempts to protect the sensibilities of citizens who come to its social media site. 

 

 

Posted by Lyrissa Lidsky on August 25, 2010 at 02:28 PM in First Amendment, Lyrissa Lidsky, Web/Tech | Permalink | Comments (3) | TrackBack

Thursday, July 15, 2010

More on the FCC's indecency ban

The following is by my colleague Hannibal Travis, who writes on telecom law.

The FCC warns broadcasters that it is illegal to program indecent programming or profane language during certain hours, and that a fine or loss of the station’s license may be imposed as a result.  But it refuses to define indecency in clear terms, which violates the principle of the rule of law and, as the Second Circuit held, the First Amendment.  As Howard points out, the Supreme Court upheld the FCC's fleeting expletives policy last year, in a decision that may well result in CBS being fined $550,000 for the Janet Jackson partial nudity charge arising out of the 2004 Super Bowl.  Justice Scalia maintained that the policy was needed to prevent the coarsening of the culture.  The majority invited the Second Circuit to review the case for First Amendment violations, and the Second Circuit's ruling was the result.  The Second Circuit's opinion tracks the analysis of the swing justices in the controlling opinion in FCC v. Pacifica Foundation, which said that the FCC's regulation of indecency may not amount to roving censorship or the banning of isolated swear words.  Four justices dissented last year and argued that the FCC’s rule would chill the coverage of local public events on live television.  Even Justice Thomas, though in the majority, attacked the opinion of the Court for relying on cases explaining that the FCC may constitutionally regulate television content for decency and political balance, in part because it allocates scarce frequencies to private operators, while excluding non-owners of FCC licenses from broadcasting altogether.

Thus, the implications of the decision seem significant enough for the Supreme Court to take the case.  The result may be difficult to predict, in that a majority voted last year to find the FCC's policy basically reasonable (or at least not arbitrary), while remanding for a free speech analysis.  Justice Thomas, part of the five-justice majority, strongly suggested that the FCC’s policy is unconstitutional.  So if this decision is appealed and decided, he and the four justices who voted that the FCC's fleeting expletive policy violated the First Amendment as explained in Pacifica may strike down the policy and mandate a more liberal rule permitting expletives or occasional indecency on over-the-air television. 

That being said, media regulation today is a much more complex tapestry than the media coverage on this case would suggest.  Past racial and ethnic discrimination in the allocation of FCC licenses, mergers and acquisitions , ownership regulation, intellectual property, advertiser contracts, and expectations, coordination of similar editorial and journalistic standards across media organizations, and negotiations with governments over security threats likely play a much greater role in shaping public debate than indecency or fleeting expletives rules. 

The Court may take the opportunity to undertake a historical analysis of the freedom to speak indecently as of the era in which the Constitution was ratified.  Nearly 40 years ago, Justices Douglas and Brennan argued that the First Amendment was a product of a licentious time in which offensive publications proliferated.  Other justices, of course, will catalogue draconian obscenity and indecency laws enacted in Congress and the states from the eighteenth century until today.  Much of that history also reflects anti-homosexual persecution of the type rejected by the Court in Romer v. Evans  and Lawrence v. Texas.  Elizabeth Glazer of Hofstra's law school has written a foundational paper on how the present framework of obscenity and indecency regulation cannot withstand scrutiny under the principles of individual autonomy and respect for privacy set forth in those cases.  If the fleeting expletives policy makes it to the Supreme Court on constitutional grounds, it may be a good opportunity to revisit that framework in light of the original understanding and evolving conceptions of freedom and dignity.  Perhaps even the broader jurisprudential question will be raised, whether the theory or the practice of the founders and ratifiers of the constitution controls when defining the outer boundaries of our civil rights.

Posted by Howard Wasserman on July 15, 2010 at 08:01 AM in Constitutional thoughts, Howard Wasserman, Information and Technology, Law and Politics, Web/Tech | Permalink | Comments (0) | TrackBack

Monday, April 26, 2010

Search of Gizmodo Journalist's "Newsroom"/Bedroom: Federal Law

There are interesting new developments in the case of the "lost" iPhone 4G prototype.  On Friday, police searched the home of the Gizmodo editor Jason Chen pursuant to a search warrant, purportedly to find evidence of a felony with regard to Chen's purchase of the iPhone prototype from someone who ostensibly found it in a bar.  According to the New York Times, the police seized four computers and two servers from Chen's home but did not arrest him.  There are many fascinating issues here for those of you who are specialists in criminal law or intellectual property.  For media lawyers, there is the attraction of this novel issue:  Should an online "journalist" receive protection under the federal Privacy Protect Act of 1980, 42 U.S.C §2000 et. seq., which is designed to prevent seizures of "work product" and "documentary materials" from newsrooms?  The answer is probably yes, though this may be of little assistance to Gizmodo editor Chen under the peculiar circumstances of this case.

The Privacy Protection Act makes it "unlawful" for law enforcement officials "to search for or seize" media "work product materials" or "documentary materials."  The Act applies to local, state, and federal law enforcement searches and seizures; indeed, it applies to searches by any "government officer or employee."  Although the act is designed to protect newsrooms, Chen's "work product" ordinarily should be protected from search or seizure because it is "possessed by a person reasonably believed to have a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication, in or affecting interstate or foreign commerce."  Likewise, his "documentary materials" are protected because they are "possessed by a person in connection with a purpose to disseminate to the public a newspaper, book, broadcast, or other similar form of public communication, in or affecting interstate or foreign commerce."  As a writer for the blog Gizmodo (owned by parent company Gawker Media), Chen certainly seems to qualify as a person intending to disseminate a form of public communication "similar to" a newspaper that "affects" interstate commerce.  However, . . .

. . .and this is a big however, there are exceptions to the PPA's prohibition on searches and seizures of media work product and documentary materials, and these exceptions might come into play in Chen's case.  For example, law enforcement may seize documentary materials or work product when they have probable cause to believe that the person possessing the materials (i.e., Chen) has committed a criminal offense, unless that offense consists in receipt, possession, communication, or withholding of the documentary materials or work product.  The purpose of this exception is to prevent a reporter from shielding his own criminal acts from discovery by using the PPA.  Depending on whether payment for and receipt of the lost/possibly stolen iPhone was a crime, this exception might prevent Chen from claiming that his materials were protected from seizure by the PPA.  I am not an expert on the substantive criminal law, but one thing I know for sure is that receiving stolen information is one thing [See Bartnicki v. Vopper] but receiving stolen property is another. 

[It is also worth noting here that California also has a state analog to the PPA, and reporter's privilege issues might come into play in this case as well.  But those are blog posts for another day or for someone else.] 

Posted by Lyrissa Lidsky on April 26, 2010 at 09:53 PM in First Amendment, Web/Tech, Weblogs | Permalink | Comments (8) | TrackBack

Wednesday, April 21, 2010

What Animal Cruelty Videos May Tell Us About Teen Sexting

While researching a recent article on the increasing penalties associated with possession of child pornography, I kept coming across references to teen sexting.  (The term “sexting” refers tothe act of sending sexually explicit messages or photographs electronically, primarily between mobile phones.”)  As commentors on PrawfsBlawg and elsewhere have noted, there have been a number of reports that local prosecutors are using child pornography laws — which carry very hefty penalties — to go after teens who are creating, receiving, or forwarding sext-messages.

In response, several legislatures have proposed (and in some cases enacted) legislation that removes sexting from the category of child pornography and provides for lesser criminal penalties.  I’ve been mulling over both the charging decisions of local prosecutors, as well as these legislative decisions, and I think that I might write about this topic over the summer.  My thoughts are still in a relatively early stage, and so I’d love to get input from fellow Prawfs readers on what I’ve come up with.  In particular, I’m interested in your thoughts about how some language from yesterday’s opinion in the Stevens animal cruelty video case may affect the constitutional status of sexting.

First, Stevens seems to suggest that teen sexting, unlike child pornography, may be protected by the First Amendment.  The opinion contains the following description of Ferber — the case that initially held that child pornography is not protected by the First Amendment:

When we have identified categories of speech as fully outside the protection of the First Amendment, it has not been on the basis of a simple cost-benefit analysis. In Ferber, for example, we classified child pornography as such a category, 458 U. S. at 763. We noted that the State of New York had a compelling interest in protecting children from abuse, and that the value of using children in these works (as opposed to simulated conduct or adult actors) was de minimisId. at 756–757, 762. But our decision did not rest on this “balance of competing interests” alone. Id. at 764. We made clear that Ferber presented a special case: The market for child pornography was “intrinsically related” to the underlying abuse, and was therefore “an integral part of the production of such materials, an activity illegal throughout the Nation.” Id. at 759, 761.  As we noted, “‘[i]t rarely has been suggested that the constitutional freedom for speech and press extends its immunity to speech or writing used as an integral part of conduct in violation of a valid criminal statute.’” Id. at 761–762. Ferber thus grounded its analysis in a previously recognized, long-established category of unprotected speech, and our subsequent decisions have shared this understanding.

As I read this language, the Court is explaining that child pornography falls outside of First Amendment protection, not because the government interests outweighed the individual interests at stake, but rather because images of child pornography are the product of child exploitation or sexual abuse — an argument that the Court made (at least implicitly) in Ashcroft when striking down the federal ban on virtual child pornography.  Because children cannot consent to sexual activity, all sexually explicit pictures of children are considered non-consensual, and thus any sexually explicit image of a child is necessarily a product of child sex exploitation/abuse.

In contrast to the prototypical image of child pornography — i.e., an image taken by an adult of a child — teen sexting is not the product of child sex exploitation or abuse.  That is because it is an image that the teen takes of him or herself, and his or her ability to consent to engage in sexually explicit conduct with an adult (even if it is just the taking of pictures) is irrelevant.  [I am, of course, leaving to one side a teen who takes such a picture of him- or herself because of pressure from peers — the analysis in that case might be different.]  We might argue that the teen ought not have taken the picture, and if the teen is under the age of consent in his or her jurisdiction perhaps they have no affirmative right to sexual autonomy that would include taking such a picture; however, assuming no involvement by adults in the production of the image, then I simply don’t see how the image can be considered a product of child sex exploitation or abuse.  In short, I don’t see how prosecutors can charge teen sexting under child pornography laws.

Second, the Stevens opinion seems to cast some doubt on whether legislatures can outlaw sexting at all if the person who is taking the images of him- or herself is above the age of consent. Section III.B of the opinion contains the Court’s explanation about how the statute’s prohibition on depictions of animal cruelty includes many images of lawful activity.  In particular, the opinion focuses on the fact that the statute outlaws possession of an image if the activity portrayed is illegal in the state where the image is possessed, even if the activity portrayed was legal in the jurisdiction when the image was created.  Ultimately, the opinion doesn’t hold that an image is protected by the First Amendment so long as the activity portrayed was legal at the time the image was produced; however it does describe such images as “presumptively protected by the First Amendment” and characterizes prosecutions for the possession of those images as “presumptively impermissible applications” of the statute.

It seems to me that if a state’s age of consent law authorizes a sixteen year old to consent to sexual activity, then the ability to take sexually suggestive pictures of herself is a lesser included version of that right to sexual autonomy.  And, arguing by analog to the Stevens opinion, sexting images are presumptively protected by the First Amendment,” and thus ought not be subject to any criminal penalties, even if those penalties are not as severe as those associated with child pornography charges.  If I am correct about this argument by analogy to Stevens, then perhaps the federal statute defining child pornography as including images of any person under the age of 18 needs to be re-thought, since the most U.S. states set their age of consent at 16 or 17.

Now, I’m sure that there are a number of issues that I am missing with this analysis.  For example, teenagers may not have the same rights of expression or sexual autonomy as adults, age of consent laws notwithstanding, and thus their First Amendment rights to create and possess these pictures may not receive the same protection.  Or perhaps because these images are being sent via the internet or wireless networks, there may be some other hook that allows government regulation.  In any event, I find the topic really interesting and if anyone is will to share their thoughts or impressions either in the comments thread or via email, I’d really appreciate it.

Posted by Carissa Hessick on April 21, 2010 at 01:53 PM in Constitutional thoughts, Criminal Law, First Amendment, Information and Technology, Web/Tech | Permalink | Comments (3) | TrackBack

Wednesday, April 07, 2010

On Misappropriation...

I found Lyrissa Lidsky's recent Prawfs post on the misappropriation doctrine quite thoughtful, especially the potential connection to blogger lifeblood - commenting on news collected by someone else. I wanted to share a few thoughts on the topic, primarily because I find myself in what appears to be a small minority - academics who think misappropriation is a good thing.

Now, when I say "misappropriation," I don't mean stupid stuff like the NBA trying to protect basketball scores. I also don't mean sheep in wolf's clothing applications where a plaintiff tries to claim misappropriation because it failed to protect its trade secrets (I defended plenty of those cases in practice - yuck!).

I'm talking about "hot news" and other time sensitive factual information that is costly to gather. This is information that is undeniably public and copyable - indeed, that's the whole point. If it were secret, you might be able to claim trade secrecy. If it were creative, you might be able to protect it with copyright. What to do about undeniably public and factual information is a difficult question - one that I can only begin to answer after the jump.

The typical answer these days falls into the "information wants to be free" category - if it is factual and public, then society is best served by it being spread. I'm just not so sure. I think there's an important externality that gets missed - the decreased incentive to gather information in the first place. To me, the question is not whether information wants to be free, but whether it should be.

Many have criticized newspapers, a dying medium, for failure to get into the modern cyber world. Why can't they just figure out how to publish all their news in an easily accessible digital format - for free no less - and figure out how to make money? The answer is simple - if information is available for free, no one will pay for it. And it is costly to gather news - if newspapers don't get paid for the work of uncovering news stories, they won't do it.

The result is closure of newspapers because their news gathering no longer gives them a competitive edge. This leads to a consolidation of news stories, which leads to echo chambers with thin content and even thinner analysis. I hardly need to point to examples. The latest is the April Fools Joke about the White House Blogger that fooled no less than the New York Times (the Times!). Why? No time, no money, no incentive to do fact checking. Information is out there - let's just copy it from somewhere else, and assume that someone else will gather the news. (I'm happy to say the Washington Post took the time to fact check and discovered the hoax).

So, I don't like where the news world is going. I like free and instant news as much as the next person. But I wouldn't mind a little bit of for-cost news gathering rather than press-release repetition now and again. Real news gathering is still out there. I've been quoted in a couple stories in the San Jose Mercury News recently - 20 minutes of interviews for a one line quote. From the questions he asked me alone, it's clear that the reporter took his time to research and understand the story before printing it. I think that's a luxury we will see less of in coming years. It's no surprise that AP is starting to crack down on copyright and hot news arguments - it is one of the few real news gathering organizations out there - with reporters everywhere - and it wants to stay that way. It simply won't be able to afford to do so if only one provider pays for content while everyone else just copies the news or snips the facts someone else paid to gather.

So, where does this leave bloggers? I don't think blogging will come to an end. Blogging can be plenty vapid. How many blogs do we need to report the news that Michael Jackson died? Are they telling us something we don't already know? Not that this is the type of news gathering I'm talking about, but the real value of a blog is the commentary - and that can be done with a link back to the original news source, not a replacement of it. Anyone who reads a blog as a replacement for their daily news is either grossly under-informed or reading a blog that perhaps should be subject to a hot news delay. (Indeed, even some bloggers want their own content delayed).


Even though I believe in the misappropriation doctrine, line drawing is difficult. At some point, news must be shared. Theflyonthewall.com case discussed by Prof. Lidsky tries to draw that line. I don't know if it gets it right. Finding the line is where the hard work lies.

Posted by Michael Risch on April 7, 2010 at 10:08 PM in Intellectual Property, Web/Tech, Weblogs | Permalink | Comments (0) | TrackBack