Wednesday, November 28, 2012
Creepin’ on your Internet, Surfin’ over your Shoulder
When it comes to the internet, you are never alone. Nor, for that matter, is anything you do or say really private. At its most basic level, the internet now functions as a phone call to the world, telling it exactly what you are thinking, buying, listening to, and reading. And for most people this is the best part of the internet. They can log in to their social media account and announce their inner-most thoughts, tell that funny story about the co-worker with the crazy cats, or share the cutest baby photos in the blink of an eye. Yet for all the willingness to share every instant of your life, the price you pay for this ability is steep: your right to privacy. The Fourth Amendment guarantees that individuals, their homes, and their papers are protected from unwarranted search and seizure. But now that everyone lives their lives simultaneously off- and online, there is a question of how much privacy we really expect online when we share everything anyway?
The Supreme Court has yet to answer this question directly. In Katz v. United States, the Supreme Court held that because society recognized an expectation of privacy while in an enclosed telephone booth, the recording of telephone conversations inside from microphones planted on the outside violated the Fourth Amendment.389 U.S. 347, 353 (1969). The Court found that the Fourth Amendment protects people, not places, which goes hand in hand with its acceptance of the fact that society recognizes that privacy can exist in public places, like the enclosed telephone booth at issue in the case. Id. at 351. The recognition that privacy wasn’t attached to a stationary object, like a house or apartment, but traveled with an individual, was a novel idea that has helped to shape some of the current concepts of privacy that we have today. And while you may not expect privacy in a phone booth anymore because they are, for all intents and purposes, defunct, thanks to this opinion you might have a reasonable expectation of privacy in the contents of your cellphone. Maybe.
In Kyllo v. United States, the Supreme Court found that the warrantless search of a private home through the use of infrared cameras to detect the presence of marijuana growing violated the Fourth Amendment. 533 U.S. 27, 40 (2001). The Court’s opinion in Kyllo though hinged on the belief that the Fourth Amendment “draws a firm line at the entrance to the house.” Id. This was a step back in terms of privacy because the Court retreated to a position where privacy afforded to individuals depends upon the location of the search. While expectation is still part of any analysis of whether a search or seizure implicates the Fourth Amendment, after Kyllo the conception of privacy afforded individuals seems rooted to the home and traditional conceptions of private places.
So what does this mean today, eleven years later, when we, as a society live almost as much of our life online as we do offline? The answer is unclear. Many would presume that because certain social websites allow you to make certain aspects of your online profile “private” that this gives you, the user, some sort of privacy. But the truth of the matter is that the second you connect to the internet, your expectation of privacy is being undermined (unless you have employed one or more of the nifty anti-tracking tactics discussed in this New York Times article). The distinction between the phone booth in Katz, the private home in Kyllo, and an individual’s activities on the internet boil down to one simple fact: a user of social media and email puts information out there to be read by at least one other person. The act of communicating to someone on these sites seems to undermine the very expectation of privacy that society has come to expect. In fact, the mere fact that an individual is talking with someone else further weakens the expectation of privacy because it is difficult to control what another person will do with private information. True, there may be a difference between posting a status update for only certain friends or family to see as opposed to posting the same sentiment on a public message board or on the front page of a well-traveled website. But that difference may be more artificial than actual because of one detail: the user voluntarily put that information on the web to be seen. When phone booths existed, the recognition of privacy while using them was simple to understand: a person went in, shut the door, and had a conversation away from the prying ears of the public. And the same rationale applies to a person’s home: what people do there is done away from the eyes of the public.
When the Court eventually deals with this issue, and at some point it will, the question will turn on what kind of expectation of privacy a user has in a post they have voluntarily put out on the internet to be seen by others. It will also turn on whether the Court recognizes that with an individual’s online and offline lives seamlessly merging into one, the expectation of privacy must depend less on society’s expectations in physical places and more on society’s expectations of privacy in electronic media and communication. But with people sharing more and more of their ostensibly private lives online, the real worry is this: does anyone actually expect privacy online?
Tuesday, November 27, 2012
Call Me Maybe? – The Use of Cell Phone Records as an Investigative Technique to Locate and Track Suspects
In 2008, the FBI utilized a novel and innovative way to track a band of bank robbers in Texas – they obtained phone records. These records not only documented over 20 calls made between two of the robbers around the time that the heists occurred, but also revealed the identities of the two men, thus allowing police to make an arrest. The two men were charged with robbery and possession of deadly weapons charges and were eventually convicted.
This case marked the beginning of a trend in the investigative method of cell phone tracking. The ambiguity of many longstanding federal privacy laws allows for debate over whether or not such a method is, in fact, constitutional. The Obama administration has taken the stance that because most Americans have no reasonable expectation of privacy when it comes to their cell phone records, their Fourth Amendment rights are not violated when a phone company subsequently turns over records to police.
On the other hand, many civil liberties groups such as the American Civil Liberties Union argue that allowing warrantless searches of an individual’s cell phone records could open a so-called “Pandora’s Box” regarding privacy limitations (or lack thereof). If cell phones can be tracked without a warrant, can online history, automobile GPS and even social media be trailed by the government as well sans justification?
And for proponents of this novel investigative technique – how far should investigators be allowed to go? Should warrantless searches be limited to retrospective data such as from where and to whom calls have already been placed? Or should law enforcement be privileged to attain up-to-date live information documenting where a cell phone is at any given moment and receive notification when such a device is used? Questions like these are not readily answered in current privacy statutes and have found themselves at the onus of much litigation regarding the issue.
Four years after the Texas case, this issue finds itself before the federal courts yet again, this time in New Orleans. Again the Obama administration is arguing that warrantless tracking of cell phones is entirely constitutional and does not violate any privacy expectations. In fact, federal prosecutors are maintaining that law enforcement should be able to obtain minute-by-minute movements of such devices for up to 60 days at a time as part of an investigative proceeding. Information to be gleaned by such close monitoring, they argue, involves medical treatments, political associations, religious convictions and even potential indiscretions such as adultery.
Advocates of warrantless searches argue that requiring police to obtain a warrant prior to tracking would only serve to hinder law enforcement’s ability to obtain valuable and crucial information relating to investigations of serious crimes. They state that because a cell phone provider stores and records information regarding cell phone location and usage, and because customers voluntarily convey information to their wireless provider by using their cell phone, that customer, upon signing a cell phone contract, has no reasonable expectation of privacy regarding their mobile device. They maintain that as long as law enforcement is able to demonstrate that the cell phone records are relevant and material to an ongoing investigation, no constitutional rights are violated.
On the other hand, individuals who oppose warrantless searches suggest that while tracking for a period of a few weeks might be constitutional, carrying out the period for over two months violates any expectation of privacy cell phone users may have.
While there is much debate in the Senate regarding this issue, with Democrats vetoing required warrants and Republicans introducing pro-warrant legislation, it does not appear as if the issue is soon to reach a resolution. In an age where an individual’s every movement and conversation can sometimes be traced using technology, whether that be through cell phone records, Facebook, Twitter, or otherwise, it seems as if some limits should be placed on the government’s ability to scrutinize every move of the American public. It is hard to believe that an unsuspecting customer using his or her cell phone or updating a status online impliedly renounces the right to privacy, and essentially acquiesces to having every move subject to the investigative techniques of law enforcement.
Sunday, November 25, 2012
Anti-Piracy Program "Six Strikes" to Launch at End of 2012
After more than a year's worth of setbacks, the much anticipated anti-piracy program commonly known as “Six Strikes” is set to launch by the end of 2012. Six Strikes, officially known as the Copyright Alert System, was established in a joint effort by Hollywood studios, record labels and major U.S. Internet service providers (ISPs) to discourage and minimize piracy. Major U.S. ISPs including AT&T, Verizon, Comcast, Cablevision, and Time Warner Cable have joined forces with movie and music moguls in the attempt to curb this highly disputed matter.
However, this is not like baseball, and you are not “out” on your last “strike”. The vision of the program is to educate and stop the alleged content theft in question versus punishing individuals for the act. After years of suing the users with minimal results in the courtroom by movie and music conglomerates, will a more passive approach create the results the industry is seeking? Understanding ISPs were never and never will be in sync with the austere penalties recommended by the movie and music industry to be imposed on their own customers, this may be the only viable option left.
Copyright holders will scan the internet in search of suspect IP addresses from peer-to-peer file-sharing networks. Upon locating suspect users, the program will alert the user with “copyright alerts”. These are a series of messages, warning the user their alleged activity has been detected and that penalties could follow if the behavior persists.
ISP’s have agreed to institute “mitigation measures” also known as punishments upon a user’s receipt of strikes five and six. The reprimands include temporary reduction of internet speed, redirection to landing pages providing education information regarding copyright, or other measures the ISP may deem reasonable to aide in the deterrence of file-sharing. Before a “mitigation measure” can be levied, the user can request an independent review of the acquisitions. The review will not be before a judge and will cost the defendant a $35 filing fee.
Today, in our society, without stiff penalties for file-sharing, many are still willing to take risks. With the development of Six Strikes the burden falls onto the ISPs to maintain order; therefore the BIG questions still remain. Will ISPs risk loss of revenue and customer satisfaction to help the music and movie industry? With various delays in the implementation of Six Strikes, is this last ditch passive effort too late? Time will tell, but for now, you be the umpire.
Saturday, November 24, 2012
IT Human Capital Flight
Immigrants make up one-tenth of the overall U.S population and have made significant scientific and economic contributions to the country. According to recent studies of immigration statistics, the disparity between the large number of skilled professionals waiting for visas and the small number that can be admitted to the U.S is creating a possible reverse “brain-drain” effect of highly skilled labor, particularly in the field of high technology and bio-technology, driving both the talents and their businesses back to their home countries.
Human capital flight, more commonly known as “brain drain”, is the large-scale emigration of a large group of individuals with technical skills or knowledge. The U.S has enjoyed a “brain gain” in the IT, bio tech, aerospace, and entertainment industries since the 1990’s, due to its high wages, comfortable living standards and stabilized system of government. Aside from permanent U.S resident visas, the government introduced the H-1B visa program that allows U.S employers to temporarily employ foreign workers in specialty occupations, subject to numerical limits. Each year, over one million highly skilled professionals compete for the 120,000 permanent U.S resident visas and the 65,000 regular H-1B visas.
With the recently tightened immigration law and the thriving economy in other countries, the best and brightest talents are no longer begging to be let into the U.S. This is an alarming trend because immigrants have founded over 50 percent of Silicon Valley’s companies, including Yahoo!, Google, eBay, YouTube, Intel and Sun Microsystems. Most large IT companies have hired immigration specialists and spent millions of dollars on visa administrations in an effort to prevent losing overseas talents and creativities.
One’s loss is someone else’s gain. For the first time, immigrants have better opportunities outside of the U.S as the advantages in entrepreneurship in their home countries outweigh the burdensome visa application process. China and India, two countries that suffered the most from “brain drain” in the past few decades in the field of high technology, are currently benefiting from this reverse brain-drain effect. Studies show that things are good enough economically in these countries that there is little incentive for IT talents to come to the U.S, let alone stay.
Both candidates for the 2012 presidential election highlighted the importance of immigration reform in an economic context, suggesting changes designed to help retain IT talents and innovative businesses. Experts have recommended an expansion of visa programs to increase the number of visas for highly skilled professionals, creating a modern electronic visa system, and more importantly, addressing American workers’ concerns about impacts of immigration on the unemployment rate. Unless the U.S regains immediate access to these talents, it will soon find itself struggling to compete in the global technology industry.
Friday, November 23, 2012
E-voting: Efficient Democracy or Hacker’s Holy Grail?”
Our country recently experienced an extraordinary two weeks, encompassing Hurricane Sandy and the presidential election. This marriage of natural and political events brought a new level of prominence to the issue of electronic voting. New Jersey’s Lt. Governor Kim Guadagno encouraged residents displaced by the storm to vote via email, being treated as overseas voters. In New York State, where voters were allowed to cast their ballot at any polling place because of relocation, the State Board of Elections rejected e-voting, citing its susceptibility to fraud.
The contrasting views of e-voting by these bordering states similarly affected by Sandy reflect the issues surrounding its use on a national scale. Over 121 million Americans voted in the recent Presidential election; 3.5 million of them did so electronically. In a day and age when electronic services are so accessible and popular, can e-voting be securely used to facilitate the democratic process?
There are several types of e-voting, including computer-like touch screen voting machines and voting over email, typically available to overseas residents and military personnel. Some e-voting machines provide no paper record of the votes cast while others produce a record of each vote, providing a back up record if necessary. New Jersey residents who voted via email send a copy of their completed ballot via either email or fax and then mail in the original paper copy as soon as possible.
Many Americans wonder why more states have yet to implement online voting as people perform common, secure tasks online, such as paying their taxes, shopping and banking. Experts have conflicting viewpoints on what is an acceptable and secure model for protecting Americans votes. Many in the technology realm, including security experts, hackers, and cryptologists, challenge the security of current e-voting technology. Groups such as Verified Voting and Common Cause monitor the security of e-voting. Along with the Rutgers University Law School, these two groups recently published a paper citing numerous problems that currently exist with the e-voting methods and machines in America.
They argue that despite the obvious benefits, e-voting has had several notable incidents of failure. The U.S. military attempted to create an online voting system for service members stationed overseas known as the Secure Electronic Registration and Voting Experiment (SERVE). However, this project was abandoned as a result of numerous security flaws.
Another example of a system failure was in Washington, D.C. Prior to launching, District officials invited the public to try to hack into the system. Within 36 hours, hackers gained complete control of the system and were able to switch votes and even made a song play once voters submitted their electronic ballots.
Experts also say that the hardware on some e-voting machines can pose security problems. In one experiment, security specialists revealed how some e-voting machines could be altered and controlled remotely using a few cheap and simple computer parts and a paper clip. Tampering with hardware becomes even more of a threat when expanded early voting practices have put votes on machines stored in schools, churches and other polling places for weeks before Election Day.
Others believe that every state should use e-voting because this new method would increase voter turnout, lessen the time and burden of traditional voting, and instantly and accurately report results. Everyone Counts, a company that creates e-voting machines and technology, cites the successful use of iPad voting in a local election in Oregon last year. They argue that the dangers and “hacking” incidents sighted by opponents are over reported and therefore the threat seems larger than it actually is. “Cyber the Vote” is a voting blog from a former IBM IT employee. It advocates that e-voting can substantially help the voting process by eliminating human error in the vote counting process, preventing future “hanging chad” situations. E–voting could also facilitate any last minute changes to the ballot. Proponents urge more states to embrace e-voting because it would be impracticable to wait for all possible problems to be eliminated as the traditional paper ballot system has inherent flaws.
Hopefully it will not take another Superstorm for states to cast a clear decision on the place of e-voting in the American democracy. The question remains if the benefits of quicker voting and increased turnout outweigh the potential risks of security and fraud. Other countries, including Canada, Sweden and Switzerland, successfully use e-voting systems; perhaps the move to e-voting will happen over time with our country’s voting system.
Thursday, November 22, 2012
Pigs Fly: Court Declares Heart Valve Patent Enabled for Human Use Despite Testing Only on Pigs
35 U.S.C §112 ¶1 requires that a claimed invention be reduced to practice; that is, described in the patent specification such that one of skill in the relevant art area would be able to read the patent and implement the invention. Without this requirement, useless specifications could confer patents on vague ideas rather than practical inventions. Doing away with this requirement would make a mockery of patent law. The Court of Appeals for the Federal Circuit disagrees.
In a recent patent law decision, Edwards Lifesciences AG v. CoreValve, Inc., 2012 U.S. App. LEXIS 23385 (Fed. Cir. Nov. 13, 2012), the asserted patent (5,411,552) went to a stent for a prosthetic heart valve. Prior to filing the patent, it had been tested only on pigs, not humans, which the invention ostensibly claimed. The various experimental implants in pigs were not always successful and design changes were made after the patent application was filed.
Edwards (the company asserting the patent) agrees that more developmental work was required at the time of filing. Co-inventor Knudsen wrote, in a contemporaneous report, that "questions such as size reduction, material and design optimization, and stent valve sterilization, remain unsolved," and that "much more work had to be done before anybody ever even contemplated using this for a human." Edwards' expert witness Dr. Buller testified that at the time the patent application was filed, it was "a device to perform testing on" and "not a device to move in and treat patients."
Despite the law, the patent was found enabled, and hence valid under §112 ¶1. The claim construction ruling by the district court, affirmed by the court of appeals, demonstrated bias towards the patent holder, as did an excessive damages award. The law seems to have been bent to fit the case.
In this case the court of appeals also went directly against the Supreme Court's eBay decision regarding injunctive relief. In eBay, the Supreme Court ruled that normally, financial compensation was sufficient; that injunctions were to be granted only after considerations of equity, which were not applied in this case. Instead, the court of appeals stated: “The innovation incentive of the patent is grounded on the market exclusivity whereby the inventor profits from his invention. Absent adverse equitable considerations, the winner of a judgment of validity and infringement may normally expect to regain the exclusivity that was lost with the infringement.”
Judge Prost’s dissent in the case, regarding the court’s treatment of the injunction standard, says it best:
“Some complain of areas of patent law in which our guidance is mixed or muddled. This is not - or should not be - one of those areas after the Supreme Court's clear pronouncement in eBay. eBay made clear that there is no general rule that a successful plaintiff is entitled to an injunction; rather, the plaintiff bears the burden of establishing the four equitable factors that weigh in its favor in order to obtain a permanent injunction. We should take care to avoid possible misinterpretation of an otherwise clear Supreme Court standard. [T]he majority's statements appear to me to deviate from the standard articulated by the Supreme Court and our court.”
Wednesday, November 21, 2012
Fair Use or Overriding Authors’ Rights: the Google Books Saga Continues
This week, Google revived its fair use defense to the United States Court of Appeals for the Second Circuit. Google would like to get the suit it is fighting against the Authors Guild dropped as a class action with new suits arising on a book-by-book basis. However, the question still remains whether Google Book Search truly constitutes fair use or whether it infringes authors’ rights to reproduce, distribute, and display publicly.
Google has had a long standing legal battle with the Authors Guild and publishers since it first initiated its book digitizing project, Google Books. The Google Books legal saga began in 2005 and nearly ended when the parties reached a settlement. Yet this settlement never came to fruition because the U.S. District Court in New York found that allowing such a settlement would grant Google a monopoly and unfair advantage over authors and publishers. Although, the Second Circuit reasoned that the District Court’s ruling could be appealed. Authors Guild is holding strong in demanding $750 per book as recovery for copyright infringement. Though Google Books proclaims its database consists of about 20 million books, only a portion of these books would qualify for the $750 since most of them are foreign works or already in the public domain not subject to copyright law.
Google maintains that book scanning in its context is “fair use” reasoning that its use of the books is transformative. While fair use is usually not found where whole works are used or copied, Google argues that only portions of the copyrighted works would be available. Furthermore, Google does not to use the books in the same way that readers or consumers of the texts would, especially if the texts have never been digitized. Google believes the Google Books Search is beneficial to authors and publishers because it provides readers easier access to material by searchability and online readiness. Thus, the question remains whether authors and publishers should be allowed to sue together.
According to a recent PaidContent article, Google believes that allowing the class action deprives authors of financial benefits, such as increasing demand in the books. Furthermore, many authors were in favor of their works' public display and searchability on Google.
Google makes a strong point in advocating for book-by-book lawsuits. Since more authors than not are okay with Google’s book scanning project, it should be up to individual authors to determine whether their copyrights have been violated. On the other hand, copying or scanning complete written works strips authors of their opportunities to determine when and how their works should be made digital. Some authors may want to maintain the integrity of their written work on the page, especially if they are not as proud or enthused by it. Other authors may want greater control over how much of the work readers can or should have access to although, I cannot see too much of a detriment in expanding the accessibility or demand in readers. It could provide some authors with a chance to make more of a name for themselves if their name popped up in a search result of a new or unlikely reader and consumer.
Tuesday, November 20, 2012
Affairs Gone Digital: What the Petraeus Affair Says About Personal Privacy
This New York Times Article examines the relatively new transparency one should expect with regard to one’s personal affairs—including, um, affairs—when they are conducted through technology-based media like email. The article entertains us with mention of many public figures that had dalliances of their own, including Alexander Hamilton, JFK, and Lyndon Johnson, who “commandeered a room in the Capitol” for such things and had a buzzer installed to alert him of his wife’s approach. But, Capitol gossip aside, the FBI’s discoveries in this case highlight the fluctuating scope of the Fourth Amendment when it comes to searches of computers, or, for that matter, cell phones. We all know by now that the messages that brought out the affair were in Ms. Broadwell’s computer, which the FBI searched pursuant to complaints by Jill Kelley, a woman described in this article about harassing emails. The FBI “examined all of her [Broadwell’s] emails as a routine step.”
The Fourth Amendment states, “The right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” ThisNorthwest Herald Article indicates that for most online communications, a subpoena approved from a federal prosecutor sufficiently authorizes a search. It is not clear what, if any, document the FBI had when it took Paula Broadwell's compute. The Fourth Amendment was added to the Bill of Rights in 1789 because in the prelude to the American Revolution, British loyalists could obtain Writs of Assistance, general warrants to enter the homes of suspected rebels, looking for anything and everything that might reveal their guilty identities. Once entering a given person’s computer, isn’t that what the FBI is now doing, “as a routine step”? On the other hand, once an email account is cracked or its perusal is authorized by its owner, with no physical barrier between some email content and other email content, there really is no way to say when someone should stop reading it. At that point, it would be a matter of discretion by the investigating agent, not a bright line that could be enforced. Nobody knows what it says until they read it, so any agent could argue it would be a breach of duty not to do so.
The ACLU quotes the Times and confirms that a subpoena is the only necessary document in order for law enforcement agencies to access login records of IP addresses kept by Google, Yahoo, and Microsoft. These records are maintained for, the ACLU says, “more than a year.” It does not say how much longer than a year.
The ACLU is concerned that this peek into the FBI’s methods illustrates how people are so easily tracked. Ms. Broadwell sent from an alias email account on wi-fi networks outside the home. The IP addresses saved by Microsoft and Google include geolocation information. Although Ms. Broadwell logged on to “warn” people about Ms. Kelley from various hotels, the FBI matched the guest lists from the various hotels with the email addresses that logged into the IP address. After enough hotels, they likely had the “kelleypatrol” email address from which harassing emails were sent, with only Ms. Broadwell remaining steady on the guest lists. The ACLU tells us the creepy part is, although by nature this high-level scandal broke across media even without criminal charges, the average person on the street will never know if his or her data was accessed. A WebPro News article mentioned below, however, notes a number of days allowed before a service like Google needs to notify a user that content was accessed.
The Electronic Communications Privacy Act (ECPA) became law in 1986, and currently governs what can be accessed with a subpoena as opposed to a warrant. Its Title II is known as the Stored Communications Act (SCA) and protects communications held in electronic storage, like emails. The SCA is less stringent than Title I which applies to wire, oral, and electronic communications in transit—your basic wiretapping. The Chairman of the Senate Judiciary Committee, Senator Patrick Leahy, has proposed legislation that would update the ECPA to require a warrant supported by probable cause before law enforcement can access stored electronic records. At least, the ACLU gives readers this information in its pre-formulated letter available for anyone that wants to write in in support of updating the ECPA. It would, the organization claims, give the same protections to electronic records as given to those anachronisms—letters, diaries, or “records stored in desk drawers”—that used to be so plentiful. This post of November 20th on WebPro News contradicts the ACLU, telling us to fight the bill because the Department of Justice complained and it has now been rewritten to include access by mere subpoena by many, many government agencies.
It appears that the battle is still being waged over who can access people’s electronic records and when. For my part, although I was entertained by the Petraeus scandal, I’d rather have my tax dollars spent elsewhere. I believe that if the need for probable cause to support a warrant could have delayed or prevented the discovery of the Petraeus/Broadwell emails and their affair, this country would be better off, not worse. JFK isn’t just revered because of the way he died; he was a great president. And he had affairs. I hate cheating as much as the next person, but at the national level, I advocate that we think not what our leaders are doing in bed, but what they can do for our country.
Monday, November 19, 2012
U.S. Urges Federal Judge Not to Unfreeze Megaupload’s Assets while It Fights to Extradite the Site’s Founder
The United States is advising a federal court judge to reject Megaupload’s attempts to unfreeze its assets while the site’s founder, Kim Dotcom, fights extradition from New Zealand. Megaupload’s argument is that having its assets frozen is causing it irreparable harm. The United States countered by arguing that even if it were to regain control of its assets Megaupload would not be able to resume its business operations. The freezing of Megaupload’s assets raises due process concerns and may lead to the firm going out of business regardless of whether they are found guilty of the charges alleged by the United States.
Megaupload.com was a 50-petabyte online file storage website and was a free online storage solution in the “cloud” for files that were too large for email. Megaupload generated about $25 million a year in revenue from ads and $150 million from its paid premium service. At its peak, 50 million people visited Megaupload each day and handled about 4 percent of global Internet traffic. The company maintains that it was a legitimate data storage business used by millions of individuals including employees of NASA and the FBI. However, the Department of Justice (“DOJ”) maintains that the legitimate storage business was a front. The real money was made providing a virtual fence for $500 million in pirated material.
The DOJ further maintains that Kim Dotcom, Megaupload’s founder, ran the criminal swap meet with impunity from safety of his $24 million New Zealand mansion, protected by guards, guns, and closed circuit television surveillance. The New Zealand Special Forces carried out Operation Takedown, which was overseen by the FBI via video link. Operation Takedown was a dramatic helicopter raid of the Dotcom Mansion. Dotcom was captured by the New Zealand Special Forces in a panic room hidden behind a secret door located in one of the many closets of Dotcom’s mansion. If all goes according to federal prosecutors’ plan, Dotcom and his six executives would be extradited to the United States to face a Virginia judge and the possibility of 55 years in prison.
Megaupload argues that by freezing its assets the government is subjecting it to ongoing irreparable harm similar to a criminal conviction following a full criminal process. The company further argues that because it has not been convicted of anything, the freezing of their assets violates its right to due process of the law. The United States has countered this argument by saying that Megaupload and Dotcom have contradicted each other because Dotcom has stated on several occasions that he has no intention of relaunching Megaupload. The reality is that even if Megaupload regained control of its assets the site would have many issues trying to operate with a potentially crippling lawsuit hanging over it. Plus, it would require years to regain the market position they enjoyed prior to the arrest of Dotcom and the freezing of the company’s assets.
The United States government's seizure of Megaupload’s assets definitely raises fundamental due process issues. Without access to its servers, Megaupload cannot maintain a steady cash flow. Companies cannot survive without a constant cash flow. Megaupload will likely not be able to recover from the criminal proceedings even if the company and its executives are acquitted of all criminal charges. Regaining its previous market share, which is almost an impossibility at this point, would take many years for Megaupload as many customers have likely migrated to other file-sharing services and are probably wary of going back to a service that they see as vulnerable to prosecution. This should concern more citizens of the world because it raises an important question: what is stopping the United States government from shutting down other businesses by freezing its assets rather than shouldering its burden of proof in a court of law. The government's desired result appears to be the same whether it can prove its claim or not.
For more analysis of this issue see http://arstechnica.com/tech-policy/2012/10/us-slow-legal-proceedings-are-megauploads-fault-dont-unfreeze-assets/
Friday, November 16, 2012
Court Approves Warrantless Police Surveillance Cameras
Judge William Griesbach ruled that the Drug Enforcement Administration (DEA) was legally permitted to install hidden cameras on rural private property without a warrant. The DEA’s purpose for installing the multiple cameras was to obtain evidence in a large-scale marijuana growing operation. Five Marinette County residents were charged last July with violating federal drugs laws after more 1,000 marijuana plants were discovered. Council for the defendants attempted to have video surveillance excluded from evidence under the Fourth Amendment prohibition of unfair governmental searches and seizures. But the defense’s argument did little to convince Judge Griesbach to not admit the tapes.
The charges were the result of an extensive two-month drug investigation, which culminated in a bust last summer involving over 200 federal and state police. While things are not looking too good for the defendants, one wonders what effects Judge Griesbach’s ruling will have on future criminal investigation and litigation. U.S. Magistrate Judge William Callahan admitted the video evidence on grounds that, “The Supreme Court has upheld the use of technology as a substitute for ordinary police surveillance.” Judge Callahan cited a 1984 Supreme Court case, Oliver v. United States, in which the court ruled the government’s intrusion on an open area constituted trespass at common law, but did was not “search” protected by the fourth amendment. 466 U.S. 170, 184 (1984).
However, Judge Griesbach’s ruling was contrary to the Supreme Court’s decision last January. In the previous case, the Supreme Court held that installing GPS tracking devices without a warrant violated the Fourth Amendment. The Supreme Court has yet to rule on warrantless cell phone tracking devices but the hot-button issue is currently before the Court. While Judge Griesbach’s ruling will likely not influence the Supreme Court’s upcoming decision, it may have a significant impact on future evidentiary hearings regarding police surveillance.
As stated previously, the use of covert digital surveillance cameras without a warrant is just one of many technological surveillance innovations garnering attention in the courts. Police monitoring evokes legitimate concerns for Fourth Amendment rights but the increasing police surveillance is also a violation of ordinary citizens’ privacy rights. The objectives of the police may be to ensure public well being, but those objectives must be cautious not to strip the public of fundamental rights in the process. As technology advances, the capabilities of police surveillance will expand and the degree of privacy invasion we allow in exchange for peacekeeping purposes remains to be seen.
Thursday, November 15, 2012
More Web Surveillance for Government Officials – Where Do We Draw the Line?
The FBI is renewing its request to update and broaden the Communications Assistance for Law Enforcement Act (CALEA), a law initially intended for surveillance of digital telephone networks. The FBI wishes to make the Internet more conducive to wiretapping. If passed, this could lead to less privacy and less security for users.
CALEA was first passed by Congress in 1994, forcing phone companies to rearrange their network architectures to make wiretapping easier. Then in 2005, the FCC announced an expansion of CALEA to include Internet broadband providers and certain VoIP providers.
According to CNET, in May, the FBI requested expansion of this law to include built-in “back doors” for various Internet services, such as e-mail, instant messaging, and social media sites for government surveillance. The FBI also asked that Internet companies not oppose such an amendment. However, the FBI has not been specific in stating how government surveillance is made more difficult by not having easier access to wireless connections, encryption, or social networks.
The Electronic Frontier Foundation (EFF) , a group that opposes this proposed expansion of CALEA, suggests that law enforcement agencies can already access information on the Internet. Also, by having the existing ability to tap cell phones, law enforcement officials already have access to digital data such as e-mails, and locations based off of cell phone signals. Furthermore, Internet companies are already cooperative with law enforcement officials. So why does the FBI wish to make such surveillance even easier?
Doing so would put many values and rights at risk. In looking to amend CALEA, Congress needs to make sure that this expansion would not infringe upon the Fourth Amendment or due process rights of individuals. Furthermore, granting the government easier access to personal data on the Internet would likely provide easier access to hackers and identity thieves. Also, according to the EFF, this type of expansion could lead to limited creativity among programmers and Internet companies who would have to always keep government surveillance at the forefront of their minds.
Furthermore, the EFF makes a great point that CALEA was never intended to provide such surveillance over Internet data. Phone networks are closed systems, whereas the Internet is a wide, open global network. The FCC’s expansion to broadband networks should be enough. This is where we should draw the line in maintaining as much privacy as possible on the Internet.
Wednesday, November 14, 2012
Facebook finding new ways to Track its Users
The Electronic Privacy Information Center has (EPIC) recently questioned Facebook’s relationship with data marketer, Datalogix. Facebook requested the aid of Datalogix to bolster their advertising strategy. EPIC, however, believes that the U.S. Federal Trade Commission (FTC) should open an investigation on whether the relationship between Facebook and Datalogix complies with the terms of an agreement between Facebook and the FTC made in November 2011.
The recent partnership with Datalogix, however, has raised concern over whether Facebook will abide by its commitment. Datalogix is linked to Facebook through loyalty cards, which allow it to track user purchases and target advertising campaigns according to the purchases. In addition, the loyalty cards are linked to Facebook accounts, which share information such as email addresses.
Through their relationship, Datalogix will be able to give Facebook and its advertisers information on which ads drove in-store sales. Moreover, the information will provide an indication of which ads Facebook users see and may determine if an item was purchased offline. Although the information provided by Datalogix is based on what ads Facebook users are drawn to, it has also been their practice to share users' personal information to allow advertisers to get a better picture of the potential customer. This data sharing has Facebook users concerned, and may find such tracking as a violation of their privacy.
Facebook has been repeatedly charged by the FTC for sharing information that users believe to be kept private. Although it is not readily apparent whether the relationship with Datalogix will violate the agreement with the FTC, Facebook seems to continually find loopholes to potentially compromise the privacy of its users.
Tuesday, November 13, 2012
Supreme Court hears arguments on possible warrantless surveillance affecting U.S. citizens via far-reaching foreign intelligence statute
The Supreme Court addressed the issue of whether respondents have standing to bring a facial challenge to the FISA (Foreign Intelligence Surveillance Act) Amendment Act (FAA). The parties here are the Director of National Intelligence and Amnesty International among others. Currently an executive order allows the government to conduct surveillance on foreign persons abroad for foreign intelligence purposes, and non-U.S. citizens while in the U.S. The concern for U.S. individuals is that their communications were intercepted in this surveillance even while the government’s target was a foreign individual. No warrant is required for surveillance conducted pursuant to this Act, creating Fourth Amendment concerns about reasonable expectation of privacy. However, the court here does not deal with the merits of the case, only the issue of standing.
Article III standing requires injury in fact, causation, and redressability. A concern is that the FAA allows interception of email going through particular nodes based on the status of the targets. Is the government doing enough to mitigate the use of other data that is incidentally acquired?
Solicitor General Donald Verrilli said that “[t]he government conduct being challenged has to either have occurred or be certainly impending.” p. 9 of Oral Argument Transcript of Clapper v. Amnesty Int’l. The government’s argument is that the plaintiffs assert a speculative connection between the FAA’s grant of authority and injury that is unproven. Given that such surveillance is secret, plaintiffs would have no notice of injury unless they were prosecuted using information acquired by their surveillance. Also part of the argument is that the injuries alleged are wrought by authorization under other programs, not FISA or the FAA. Redressability is thus an issue since if the injury is being overheard in monitored communications, then acting against this statute will not necessarily cure the injury if it is caused by action taken under another program or statute such as FISA surveillance under Executive Order 12333. As a means of regulation, the FISA Court assesses the reasonableness of targeting and minimization procedures, which are intended to mitigate the effect on parties not targeted, such as U.S. citizens, by filtering out their communications. The government notes that there is high level certification required before such surveillance can be undertaken.
Among the respondents are human rights researchers, attorneys for defendants charged with foreign-intelligence crimes or terrorism, and journalists. Jameel Jaffer, American Civil Liberties Union attorney, represented the respondents and argued that the new statute expands its reach to people beyond those FISA would have reached. He argues that it also lacks FISA's probable cause requirement, under which, for example, one person on a monitored call had to be a foreign agent. Plaintiffs include attorneys who represent defendants charged with foreign-intelligence crimes. Their concerns are with professional and pecuniary costs faced due to the statute. Some complain they have to travel far and wide to have conversations with their clients, and to speaking in generalities rather than specifics, and that they are deterred from speaking on the phone or via email. They must gather information by traveling overseas that should otherwise be readily accessible, but-for the impact of secret surveillance enabled by the statute. Though to a lesser extent similar precautions are to be taken to preserve confidentiality in the legal profession more generally, the statute is argued to expand the reach and heighten the concerns and cause the parties injury. Respondents also discuss the issue in terms of “substantial risk” that their communications would be monitored, rather than the “certainly impending” standard the government contended operates here.
Jaffee asserted the purpose of the FAA is to allow the government to collect Americans’ international communications. Journalists represented that they travel abroad to report on war zones and investigate human rights abuses in areas like Sudan, Syria, Yemen, and Lebanon. Part of their claim is that they have lost their sources who have disappeared after this statute, resulting in pecuniary costs. Under this statute, “there’s no requirement that the target be a terrorist or a foreign agent” (p. 39 of Oral argument transcript). He pointed to cases like Monsanto, Laidlaw, and Meese v. Keene in which the Court looked at future harm. Jaffer does say that it is true that “we don’t know that our Plaintiffs have specifically been monitored.” (54) Here however, the government has conceded that the statute is being used, so there is no doubt that it is conducting surveillance under its authority. It allows the government to acquire, retain and disseminate the information, and it would have to redact Americans’ names.
The government rebuts by saying that unlike in this case, in the other cases referenced the government action was certain. Further Verrilli argued that a distinction was drawn in the Summers case from those prior since there was no example of the “concrete application of the authority” (57). Respondents’ claims that they may undertake cost-incurring steps does not change the speculative nature of the injury asserted, which under Laird is not enough to establish standing. The Solicitor could not elaborate on minimization procedures in part because it is sensitive intelligence information. He did note that safeguards include that information can be retained for limited periods of time, names of U.S. persons or corporations are redacted, among other restrictions on the use of the information.
Scotusblog for one saw this as presenting itself as a closer issue than might have been expected when the case was taken up by the Court. The Volokh Conspiracy argues that based on Sibron v. New York, Fourth Amendment facial challenges cannot be brought against statutes regulating warrantless search and seizure, only challenges on an as-applied basis. Were that the case, a victory for the respondents here might ring hollow.
Monday, November 12, 2012
Music to My Ears? - Setting a Precedent for Federal Copyright Infringement
Categories: Computers, Copyright, Entertainment, Internet, Licensing, Patent, Trademark
In one of the largest amounts ever awarded in an illegal file sharing proceeding, an Illinois judge has ordered defendant Kywan Fisher to pay $1.5 million to adult entertainment company Flava Works for illegally copying and sharing 10 movies on the file-sharing website BitTorrent. This case highlights a trend in the courts' increasing disapprobation for copyright infringement, and hints at the potential for an increase in the severity of punishments imposed for such crimes. In a world in which illegally downloading a film or audio file is as easy as clicking a button, users may want to think twice before they bypass copyrights or skimp on paying full price for their digital entertainment.
When Napster gained mass popularity in 1999 for allowing users to share files effortlessly and seemingly without consequences, it soon boasted over 25 million users. However, in 2001, only two years after its inception, Napster lost a copyright infringement suit and was subsequently forced to revoke the free access to mp3s that it once afforded its members. Despite indications that the legal system and record companies were attuned to the growing trend of file sharing, other sites such as AudioGalaxy, Morpheus, Kazaa and Limewire sprung up in Napster’s wake, bolstering the trend and creating even more fans of file sharing.
Predictably, however, users of these copycat sites soon saw themselves faced with lawsuits citing illegal downloading and copyright infringement. While no case has been as monumental or landmark in its consequences as Fisher, courts have, since the inception of file-sharing websites, taken seriously and not looked favorably on the activity. In 2010, defendant Joel Tenenbaum, a doctoral student in physics at Boston University, was convicted and slapped with a fine of over $67,000 for downloading and distributing 30 copyrighted songs using file-sharing software. Also in 2010, the case against Jamie Thomas-Rasset went to trial, resulting in a damages award of $2,250 per song, totaling an amount of $675,000.
Not surprisingly, many lawsuits involving illegal file sharing settle out of court, with defendants seeking to avoid costly litigation and potentially astronomical damages amounts. However, the amount of damages awarded in these types of cases has met with some controversy, with some judges deeming excessive amounts “unconstitutional,” overly “oppressive,” and greater than needed to serve the government’s legitimate interests in protecting copyright owners and preventing infringement. In an effort to assuage this controversy, Congress passed the Digital Theft Deterrence and Copyright Damages Improvement Act of 1999 which mandated that damages should not exceed $150,000 per infringement if the violation was committed willfully. In the case at hand, the judge utilized the maximum amount allowed under this statute, charging Fisher $150,000 for each of the 10 videos he copied and illegally shared.
In the thirteen years since Napster gained mass popularity, the Recording Industry Association of America (RIAA) and the U.S. Copyright Group have become increasingly zealous in their monitoring and suing individuals who utilize file-sharing sites. After initiating over 20,000 lawsuits against sharers of indie movies and other forms of digital media, the RIAA and U.S. Copyright Group, coupled with the hefty fines that usually accompany conviction, seem to have had a deterrent effect on internet users contemplating downloading an illegally shared file. Together with user’s ability to purchase individual tracks instead of entire albums on iTunes (often for as low as $.99 per song) and a similar opportunity to find songs on Napster for $.70-$.80 each, it appears as if the rate of illegal file sharing should soon be on the decrease.
The precedent set by Judge John Lee last week in Illinois that violators of federal copyright law could potentially find themselves paying millions of dollars for their transgression is a strong one that speaks loudly. In comparison to the minimal amount that it costs to acquire a legally distributed video or audio recording, the prospect of being fined such an astronomical amount will likely have a huge effect on those contemplating taking the easy way out and utilizing illegally shared files.
Sunday, November 11, 2012
(Dis)Like: Facebook, Censorship, and the First Amendment
The First Amendment to the Constitution protects, among other things, the right of individuals to express themselves. In the hierarchy of protected speech, none is considered more deserving of protection than political speech. Say what you will about the election and the candidates because it is all fair game and it is all protected. Well, protected from governmental interference or censorship, anyway. Once outside of the public arena the protection afforded speech is controlled less by “the marketplace of ideas” and more by the private entity providing the forum.
One week before the 2012 presidential election, Facebook found itself awkwardly at the center of a censorship controversy concerning election memes. According to Slate, Facebook removed a meme posted by a group of anti-Obama Special Ops members on their group page, Special Operations Speaks (SOS). The meme accused Obama of calling on S.E.A.L.s when he needed Osama bin Laden, but claimed that when the S.E.A.L.s called him for backup he denied their request. After posting the meme, Facebook removed it and informed SOS that it was removed for violating terms of service, specifically the statement of rights and responsibilities. SOS re-posted the meme anyway. Facebook responded by not only removing the meme for a second time, but also freezing the SOS account for 24-hours, preventing the group from posting anything further. After conservative website Breitbart.com picked up the story, Facebook released a statement saying that the removal of the meme was not an act of censorship but rather an error on their part. Removing a meme once for violations of terms of service may be an error, but removing it a second time and freezing the poster’s account for 24-hours seems less so. SOS’s page is now up and running again and the meme, along with the story about its removal, has gone viral.
This isn’t the first time that Facebook has been accused of censorship though. Back in May a journalist posted a story on TechCrunch about a blogger’s inability to comment on a Facebook post because his comments were deemed to be “irrelevant or inappropriate.” At that time the inability to post was chalked up to an error in the code that searches for inappropriate comments and prevents them from being posted to Facebook. But while it appears that Facebook is merely trying to prevent violations of their terms of service, many users look upon such preemptive action as censorship by the social networking behemoth. In August 2012, Forbes.com reported an accusation of Facebook censorship, stating that an artist’s work was removed for being too graphic to post on the site (it depicted a “misted” image of a nude woman). Like with the S.E.A.L. meme, Facebook eventually relented and allowed the image to be posted. One Facebook user has gone so far as to document, via a website called FacebookCensorship.com, the instances where Facebook has either inquired about posts or outright prevented him/her from posting content, which includes posts as recent as the end of October 2012.
Though some may be up in arms about how Facebook’s potential censorship of material on their site violates their First Amendment right to free speech, it is wise to remember that the First Amendment only protects individuals from government interference. The Supreme Court has yet to find that private entities, like Facebook or Yahoo!, act like the government when they open their space to individuals to use as public forums for discussion. Until such time as the government sees fit to regulate websites that are the Internet equivalent of the Boston Common or your local town square, the private owners of such sites are free to censor your conduct and speech so long as it may violate their terms of service (which all users agree to abide by in order to access the site).
While it is sad that Facebook seemingly inserted itself into the election less than a week from Election Day by censoring an anti-Obama meme, the company was within their rights as a private entity to do so. Remember, private websites are a bit like the Eagles’ song, Hotel California: you can post your speech anytime you like, but they don’t have to leave it up.
Saturday, November 10, 2012
Court Awards Largest Damages Award to Date in Illegal File-Sharing Suit
An Illinois federal court handed down the largest damages award to date this week in a BitTorrent illegal file-sharing case. Judge John Lee ordered Kywan Fisher, of Virginia to pay $1,500,000 in damages to adult entertainment company Flava Works in a default judgment for sharing ten of their movies on BitTorrent. This total, reaching penalties of $150,000 per movie is the maximum statutory damages under U.S. copyright law.
BitTorrent since early 2010 has been the forum through which hundreds of thousands of people have been sued for downloading and sharing copyrighted material. The most well known case involves Voltage Pictures movie studio, which sued more than 27,000 people who allegedly downloaded “The Hurt Locker.” Most cases are typically dismissed or settled, as finding evidence against alleged file sharers is generally challenging. Multiple cases relied on using the IP addresses of alleged users as evidence, however this idea was struck down by a federal judge in May, ruling that an IP address alone was not enough to accuse someone of illegal downloading. The thrust behind this holding is that IP address identifies only the location at which any number of Internet-connected devices may be located. Discovering the identity of the individual associated with the device, i.e. the subscriber to an IP address, does not necessarily reveal the identity of the true defendant, as it could be the subscriber, a member of his family, an employee, neighbor, etc.
The current case avoids this hurdle by presenting additional evidence of encryption codes inserted in the original films that Fisher bought. Flava Works has software that assigns a unique encrypted code to each member of their paid websites, so every time Fisher downloaded a copyrighted video from Flava’s website the encrypted code attached. Flava Works was able to trace the shared illegal copies of the movies back to Fisher, who copied or distributed Flava Works copyrighted property at least ten times, leading to the videos to be infringed or download more than 3,449 times. The user agreement that Fisher signed expressly forbids copying films, which allowed Flava Works to claim willful copyright infringement for 10 titles that Fisher uploaded to BitTorrent. Fisher did not assert any defenses, as he did not appear in court.
Flava Works and other copyright holders involved in BitTorrent illegal file-sharing lawsuits will embrace this surprisingly sizable verdict as a huge win for copyright holders to combat the illegal file-sharing epidemic. It is likely that this case will be widely cited by plaintiffs, especially in settlement letters. Notably this case is different from other cases in that the encryption code adds the extra evidence needed beyond IP addresses, but it also presents more options for the copyright holders and shows how seriously the courts are taking these cases. Due to Fisher’s nonappearance, the judge entered a judgment in favor of the plaintiffs for one million, five hundred thousand dollars, the greatest amount statutorily allowed by copyright laws; however, Fisher will likely attack this judgment collaterally with a jurisdictional argument.
© Copyright 2010 The Journal of High Technology Law, Suffolk University Law School
Suite 450B | 120 Tremont Street | Boston | MA | 02108-4977 | Legal and Copyright Information