The Law - Promoting Data Insecurity

The MBTA, U.S. Customs, Apple, and Cisco would like you not to know that their data was or is insecure. Yes, I repeat, their data was, or is, insecure, and they don’t want you to know. Rather than promoting information security by working with security researchers, the MBTA, U.S. Customs, and Cisco would rather file criminal complaints against researchers who find vulnerabilities in their security.

With the advent of the Internet, data stored on computers with access to the Web are prone to access by hackers. Infosec specialists and researchers work hard to protect our data, but the policies that make hacking a criminal activity sometimes also encompasses the work of security researchers. While some organizations agree to have their security measures inspected by researchers, other researchers find vulnerabilities in a company’s security without their express consent. In the name of research, infosec specialists often disseminate their findings at security conferences for the benefit of other researcher’s knowledge and development of techniques.

However, this well-meaning effort to develop better information security has met extreme pushback from companies wishing to maintain their bottom line and avoid bad publicity. Companies with security vulnerabilities may threaten researchers with legal action and filing of criminal complaints in efforts to suppress their findings. This is counterproductive to improving data security, and policy should be construed in favor of promoting more security and public awareness of security breaches.

Minnesota Department of Administration Rules License Plate Reader Data is Private

On Monday March 18, 2013, the Minnesota Department of Administration ruled data collected on the license plate readers is private, including plate numbers, times, dates and locations of vehicle scans, and vehicle photos. Automatic license plate readers (ALPRs) are used by law enforcement to rapidly scan plates and can be used to track wanted vehicles. These cameras take a photograph of every license plate that passes them by, often storing that photo of the vehicle in addition to the plate number, meta-tagging each file with a GPS location, time and date, and converting each number into text that is searched in a database of plate numbers entered manually or selected by an agency. In December of 2012, the City of Minneapolis released a database of over 2 million license plate scans, as reported in the StarTribune.

The reclassification of license plate reader data as private is temporary through 2015. The Minnesota House of Representatives Civil Law Committee addressed Rep. Mary Liz Holberg’s (R) bill to regulate automated license plate reader data to make it classified, require log of use, and require data to be destroyed.

When the City disclosed the data, it nonetheless sought to protect the locations of its stationery cameras by redacting the locations across much of the entries. ALPRs are generally mounted on stationery objects like telephone poles and under bridges or on patrol cars. Among the seven people that requested and received the data from the city were a web developer, a University of Minnesota researcher, and a StarTribune reporter.

This practice sparked a debate in the legislature, a push to reclassify the data as private from Minneapolis Mayor R.T. Rybak (among those tracked), and calls from privacy advocates to narrow limitations on retention policies for such data. Arstechnica reported that a local Minnesota firm, Datalytics had received the database. The firm caught the local police department’s attention when it advised that it was able to pin the locations of the stationery cameras, underscoring the vulnerability exposed by making all of the data collected freely accessible for the police itself. The data had been public by default, and could be stored indefinitely absent state law on the matter. StarTribune reported last August that in Minneapolis the location data is stored for one year, while St. Paul discards it after 14 days, and State Patrol erases it in 48 hours.

The discourse over how to manage the data echoes the concerns of nationwide public interest groups and privacy advocates like the American Civil Liberties Union (ACLU). ACLU noted in July 30, 2012 that only two states had passed legislation barring retention of “non-hit” plate data, which is data on cars that are not wanted by the police. This locational information provides potential for data mining, generating profiles on plate owners and potentially sensitive information about where they have been, raising privacy concerns similar to those raised by warrantless GPS tracking. The license plate reader data in effect becomes a retroactive warrantless surveillance tool. States and municipalities have a valuable tool in license plate readers, but should regulate them with considered data retention and access policies that address the privacy interests of the public to prevent unfettered tracking and abuse of sensitive information.

DMCA v. ADA: How the Digital Millennium Copyright Act Hinders eReaders in providing ADA Compliant Content

The White House recentlyannounced that individuals should be able to unlock their phones. The announcement came at the response to a We the People Petition on the White House website, which garnered over 100,000 signatures from citizens around the country. The announcement was also a response to the decision by the Library of Congress that the unlocking of a phone constituted a violation of the Digital Millennium Copyright Act (DMCA). Under that act, authors and creators of digital content have a vast and varied power to control who, when, and how their copyrighted material is downloaded and distributed. But the flip side of all that protection is that as technology has evolved, the DMCA has expanded its reach over protected content utilizing the newest forms of technology. Each expansion results in growing pains and the latest growing pain hits one of the most vulnerable portions of our society: the disabled.

The Americans with Disabilities Act of 1990 (ADA) was and is designed to protect the disabled portion of our population and guarantee access to both the basic necessities of life, as well as prevent discrimination and promote their quality of life. As such, it protects not only access to buildings, roads, education, and medical care, but also information and how that information is disseminated. And it is here, where technology and information dissemination meet in the digital world, that the DMCA and the ADA clash.

The ADA defines the abilities to hear, see, speak, read, think, and communicate as major life activities and protects them accordingly. The DMCA allows publishers, copyright holders, and other digital rights owners to lock their digital content such that without the proper technology or know-how the material cannot be converted into a format that is useable by disabled individuals. The DMCA also makes the act of conversion of this material into ADA compliant forms illegal.

Users of eReaders and iPads who legally purchase written and copyrighted material, such as books, magazines, and newspapers, are prohibited under the DMCA from converting these materials into formats which could be read to the seeing-impaired. Blu-Ray and standard DVDs distributed through the web or streamed on a user’s computer are coded in a manner which prevents researchers and developers from creating closed-caption and other ADA adaptive technologies so that disabled individuals could fully use legally purchased or streaming content. And even when subtitles are included, any hearing-abled individual can tell you that sometimes the subtitles are incorrect, don’t properly translate, or are so far behind that they only serve to confuse the reader. Bypassing such technology is often easy enough done, but the act of doing it opens the user up to DMCA violations, which would likely cost them more than it is worth to risk the conversion in the first place.

As it stands, really, both statutes need to be updated. The ADA needs to be updated to include the new technologies which provide services to disabled individuals, such as the Internet, eReaders, computers, phones, PDAs, etc. The DMCA needs to be updated to reflect the need for adaptive technologies to be an exception, such as fair use, under the DMCA so that as new technologies come along they aren’t by default restricted to only able-bodied individuals. Technology is designed to make an individual’s life easier. But if the legally purchased content is protected to the extent that disabled individuals risk punishment for adapting it so that they can perform major life functions, then technology and the laws need to adapt. The ADA should trump the DMCA when it comes to technology that is designed to make basic everyday functions easier, like reading, communicating, hearing, and thinking. But, until such time as Congress amends the ADA and DMCA to reflect the technology needs of the disabled, the usefulness of some technologies will be out of the reach of many disabled individuals.

Court Rules Homeland Security has the Right to Search through Electronics

The Ninth Circuit Court of Appeals has ruled, in United States v. Cotterman, that Homeland Security’s border agents may conduct a forensic examination of mobile phones, laptops, memory cards in cameras, and many other electronics, as long as the border agents have the “reasonable suspicion” to do so. In Cotterman, Howard Cotterman and his wife were driving home to the U.S. from a vacation in Mexico, eventually reaching Lukeville, Arizona, Port of Entry. During the primary inspection, the border agents found a hit on Howard, which indicated that he was a sex offender - he was previously convicted: on two counts of use of a minor in sexual conduct; two counts of lewd and lascivious conduct upon a child; and three counts of child molestation.

Based on Howard's history and the fact that he was potentially involved in child sex tourism, the border agents performed a secondary inspection on him and his wife, and they were told to exit their car, subsequently leaving their belongings behind. The agents searched the vehicle and retrieved two laptops and three digital cameras; upon reviewing these items, it appeared that these devices only contained family and other personal photos, along with other password-protected files. The agents retained the two labtops and one camera for forensic reviews, where a computer program would be used to copy the hard drives of the electronic devices and extract information that was deleted. Upon inspecting the two laptops, the inspector found about hundreds of images of child pornography, stories, and videos depicting children. Based on this evidence, the grand jury indicted Howard Cotterman for various offenses related to child pornography. In his defense, Cotterman argued that the evidence should not have been admitted because it violated his Fourth Amendment protection from warrantless searches.

Before examining the details of the case, the Ninth Circuit Court of Appeals noted that case law in this field is ambiguous, noting that the Supreme Court “has never defined the precise dimensions of a reasonable border search, instead pointing to the necessity of a case-by-case analysis.” In fact, the court in Cotterman cited to U.S. v. Duncan in explaining that "reasonableness, when used in the context of a border search, is incapable of comprehensive definition or of mechanical application.” As a result, the court noted that it must evaluate the totality of the case, rather to the specifics. The court found that although Cotterman’s previous convictions do not support the reasonable suspicion to conduct an extensive forensic search, the border agents’ understanding of the objective facts became the baseline for determining reasonable suspicion. The court determined that it was reasonable for the border agents to have acted the way they did given the fact that Mexico is a country associated with sex tourism and that Cotterman was previously convicted as a sex offender.

It appears that the Ninth Circuit Court of Appeals made its decision in a punative, yet politically and publically popular way; it did not want to let a sex offender go unpunished in light of the amount of child pornography that was found in his possession. Although the court made well rationalized decisions as to why the search was reasonable, the idea that courts should look to the totality of the circumstances for example, it appears that there is still a violation of one’s Fourth Amendment right from warrantless searches. Because the law in this field is vague and fairly new, we should expect more litigation in this area soon and it shouldn’t be a surprise if decisions vary in their outcome and reasoning.

Privacy on the Internet? “Do Not Track” Won’t Get Any Traction So Long as Compliance is Voluntary.

A quick visit to the Ads Preferences section in the personal settings of my Gmail account reveals my age, an affinity for all types of news (local, newspaper, international), an interest in the law and government, and an unhealthy obsession with coffee. Unless you’ve never Google-d anything, the search engine giant probably has very similar – and eerily accurate - information about you. But what happens when you’d like to maintain some semblance of privacy on the world wide web? The onus is largely on internet companies to be forthright about the kind of information they collect about users and how they use it.

Back in May 2011, Senator Jay Rockefeller (D. W.Va.) introduced the Do Not Track Online Act, which subsequently died in committee. Faced with the threat of regulation, many internet companies vowed to increase privacy settings, become more transparent about how personal information is used, and allow users to exercise more control over whether their information is collected at all. It comes as no surprise that very few companies actually followed through with these vows. Privacy settings on websites like Facebook are notoriously difficult to navigate and every time we click “I have read and agree to the terms of service” we give up a little slice of our private information without fully understanding what it is we’re allowing these companies access to.

Some form of a “Do Not Track” setting currently exists in many of the most popular browsers but the problem is that compliance with the wishes of internet users by internet companies is entirely voluntary. Essentially, companies are free to honor or ignore their users request to not have their information collected and used for advertising or other purposes. Since many companies don’t honor the “Do Not Track” request, many consumer advocate groups are calling for the Federal Communications Commission to step in and require companies to give users the information necessary to grant internet companies informed consent, in other words "opt-in," to use their personal data. Senator Rockefeller has reintroduced the Do Not Track Online Act that would give the FCC the authority to create rules around the collection of personal user information online.

In an Ad Week article Senator Rockefeller is quoted as saying, "[o]nline companies are collecting massive amounts of information, often without consumers' knowledge or consent . . . [and] [m]y bill gives consumers the opportunity to simply say 'no thank you' to anyone and everyone collecting their online information. Period." Senator Rockefeller’s proposed legislation does not try to do away completely with companies utilizing, or making money off of the information of their users. Instead, it requires companies to fully disclose the information they collect and how that information is used. It should be a welcome step forward for consumers.

Podcasters Hope to Raise SHIELD Against Patent Trolls

Ahead of the standard introduction to his February 28, 2013 episode of his WTF Podcast, standup comic Marc Maron decided to shine a light on patent trolls, or “non-practicing entities” ("NPEs") as they are otherwise called. These organizations have been characterized as shell companies that procure broad patent portfolios, do not produce content, and sue inventors for patent infringement if the invention allegedly incorporates a patent held in the portfolio. Winning in court is not even the endgame for the troll here, because the defendant may be someone who can ill afford to continue in drawn-out litigation, and therefore the inventor may opt to settle.

Protracted patent litigation is well-trodden ground for the likes of Apple and Samsung. Apple has been criticized for wielding broad patents against competitors like Android with respect to touchscreen smartphone interfaces. On a different scale, this is occurring in the arena of podcasting. A February 7, 2012, patent issued for Personal Audio LLC that it is being put forth as essentially preempting podcasters in the medium, many of whom are small operations out a garage speaking to their audiences in weekly installments on all matters of, well, anything at all. Personal Audio has actually taken on Apple in the past and won $8 million in a suit for infringement of downloadable playlists.

Personal Audio’s patent is said to be the precursor to podcasting, as it set forth a “system for disseminating media content representing episodes in a serialized sequence.” Some of the podcasters Personal Audio has reached out to and invited to apply for a license include Maron, Adam Corolla, and Stuff You Should Know. Personal Audio has been criticized for having “not sold a product since 1998.”

The SHIELD Act, an acronym for Saving High-Tech Innovators from Egregious Legal Disputes, was initially introduced in 2011 by Rep. Peter DeFazio (D-OR) and Rep. Jason Chaffetz (R-UT) and intended to create a loser-pays rule by which the loser of the patent infringement or validity suit would be made to pay the costs of the opponents’ fees for the proceedings. The idea is to deter would-be litigants from filing frivolous suits regarding computer hardware and software patents, specifically, “where the court finds the claimant did not have a reasonable likelihood of succeeding.” The software portion is defined as covering “(A) any process that could be implemented in a computer regardless of whether a computer is specifically mentioned in the patent; or (B) any computer system that is programmed to perform a process described in subparagraph (A).” The revised bill intends to expand its scope to all patents to protect not just technology companies, but retailers, manufacturers, podcasters, and municipalities from being subjected to predatory litigation, as expressed in a press release from Rep. Chaffetz’s site.

It would seem like an oddly unjust policy to allow for a patent to cover a medium in its entirety; in the case of podcasts, an application of electronic audio files in a serialized form disseminated online. Legislative efforts like the SHIELD Act could help prevent patent litigation undertaken in bad faith.

For many podcasters, monetizing the podcast is an issue. While the format may be inexpensive, with the producers of the content often using nothing more than their microphones and a computer for interviews, it is not generally lucrative in a direct way. It seems that much of the value derived from the podcast for the broadcaster/podcaster is the goodwill it generates with the audience. It can also be an effective means of self-promotion; for example, a comic promoting his upcoming appearances and shows. Another mechanism for income is the utilization of ads for things like stamps.com or audible.com. This is all to say that podcasters may make for an odd target for this type of litigation, even if some podcast authors are more well-known and have somewhat deeper pockets. Is it because some in this demographic earn just enough to yield a promising settlement but not enough to pursue all-out “sport of kings” patent litigation?

There is also a question as to whether there should be a distinction made between original content available exclusively in the podcast format from, for example, a radio show on NPR that is broadcast live on terrestrial radio and via livestreaming online, and then packaged for downloads later as a podcast. Should podcasters now have to consider the high price of patent litigation just a cost of doing business?

As suggested in some comments on related articles like Techcrunch.com’s The Death of the Non-Practicing Entity?, additional measures could be taken to close potential loopholes, and to craft legislation to address not only NPEs, but NPEs that purport to be practicing entities. Arguments against the SHIELD Act suggest that it might stifle startup companies that have legitimate patent claims from litigating those claims, because the costs would be too burdensome if unsuccessful. Addressing the categories of companies that occupy the grey areas between practicing entities and NPEs might address that concern in some measure. What still remains is the larger issue of fairness and incentives created by the current standards used by the US Patent and Trademark Office in patent examinations and whether they are truly effective in promoting innovation, which was the original intent of patent protection in the United States Constitution.

Cameras in the Courtroom in Ohio

Permitting cameras inside of America’s courtrooms would allow the public the opportunity to see and learn more about the daily occurrences and processes of our nation’s legal system. Opponents argue that such coverage could pose harmful effects surrounding the privacy of those involved in the proceedings. Initial disfavor for banning cameras occurred after sensationalized public trials, such as the trial of Bruno Hauptmann who was accused of the kidnapping and murder of Charles Lindberg’s baby. This frenzy was furthered by the O.J. Simpson case in the 1990s. Proponents of cameras suggest that by providing insight into daily activities, the cameras would reveal to viewers that day-to-day activities are not always exciting, separating typical court proceedings from television show portrayals and dramatic public trials.

The public has a legal right to attend court and most courts are open and accessible to the public. However, many of the court proceedings occur during normal business hours so attending court may prove impracticable for most working Americans. While individuals have a right to access the proceedings, there is no First Amendment right to have cameras in the courtroom. Fundamental differences exist between attending court and having the proceedings recorded and broadcast on television or over the Internet.

There are different ways that the public can receive this information; one example being through a live-feed, or videos posted online. Live streaming video footage can be accessed on court’s websites and is more commonly used in state courts. Federal courts tend to be more restrictive and may choose to videotape the proceedings and then post those videos online. Federal courts also impose greater restrictions than state courts, including: no live streaming video (videos will be archived and posted online at a later date), only civil matters may be filmed, recordings are made by court employees rather than the media, and consent for the recording must be granted by the judge and both parties.

Many Americans are accustomed to receiving instant updates and news stories via social media outlets on the Internet. The benefit of facilitating access to courts online in a format that is user-friendly may be a wider appeal to a broader, younger audience. On the other hand, social media was not a concern when cameras were first introduced into courtrooms. Instant responses by social media and clips from trials going “viral” may occur as a result of our connectedness and globalization. With today’s ever-connected society, the reactions may divert too much attention in a way that threatens a fair trial because of adverse publicity.

Opponents point to privacy concerns as a major downfall of implementing cameras. Some have noted that cameras can be intimidating for witnesses and jurors and juror anonymity certainly should be a major concern with cameras in a courtroom. A ban on filming the jury at any point in the proceedings is one suggestion for removing any nervousness or fear of retaliation. Another issue is the security of witnesses, especially in regards to "snitches" (confidential informants), undercover investigators, and victims of sexual abuse and domestic violence.

The presence of cameras is an issue that should and will be dealt with in courts of every level; from local courthouses to the Supreme Court. Historically, cameras have been banned from the Supreme Court, but the newest members of the Court, Justices Sotomayor and Kagan, initially supported the idea of cameras during their confirmation hearings. However, once confirmed, both Justices changed their positions and supported a continued ban on cameras. They expressed concerns that Justices will play to the camera, and that the clips will be used for unintended purposes, such as political ads. Maybe it is too early to tell, but perhaps broadcast of courtroom proceedings will be comparable to C-SPAN coverage in the future, and it will serve as a useful and beneficial tool, allowing for greater access and understanding of what happens in America’s courtrooms.

Registered sex offenders’ right to free speech – Is a ban on social media unconstitutional?

In January 2013, the United States Seventh Circuit Court of Appeals struck down an Indiana Law that made it a misdemeanor (or, in some instances, felony) for registered sex offenders to use a social networking website. Implying that the law was too broad, the panel of judges declared that while the state has a legitimate interest in protecting the safety and welfare of its children, the law "targets substantially more activity than it seeks to redress.”

In the suit, initiated anonymously by a registered sex offender released from prison in 2003, “John Doe” alleged that the law infringed upon his First Amendment constitutional rights. After the trial court found the law constitutional, the case went before the Seventh Circuit who declared that laws implicating the First Amendment must be tailored narrowly. They found that a blanket ban on social media for all registered sex offenders does not fit within this narrow interpretation.

One reason the argument before the court was so complex was because it was simultaneously over- and under- inclusive in terms of the outlets it restricted. It banned sex offenders from using not only sites that allow minors to sign up, but also ones that allow users to create a website or a personal profile, and that provide users with an opportunity to communicate with another person online. If this definition were applied literally, even sites such as Amazon.com, YouTube and CNET, as well as thousands of other blogs and retail sites could have been included, as each afford members the opportunity to create profiles and comment and interact with each other.

While this decision will most certainly be precedent for other states considering legislation that monitors sex offender internet use, other states such as New Mexico are already considering enacting similar laws. A proposal in New Mexico introduces legislation that would ban all registered sex offenders from using any websites, including social media, that incorporate instant messaging or chat room features that the sex offender knows include individuals under eighteen years old. The first violation of this law would be considered a misdemeanor, and any subsequent violations would be treated as felonies.

Opponents of this proposed New Mexico law (and other similar laws proposed in Louisiana and Nebraska) argue that these laws are unconstitutional attempts to severely limit free speech and do not consider that many registered sex offenders did not commit a crime against a minor. On the other side of the argument, however, proponents of these laws present the argument that broad legislation banning the use of any website that allows communication between members and the creation of profiles prohibits substantial protected speech. While the protection of minors is a legitimate state interest, it is not substantial enough to so thoroughly infringe and restrict any registered sex offender’s free speech rights.

While there is still work to be done in order to strike a balance between the protection of minors on the internet and the preservation of First Amendment free speech rights of registered sex offenders, legislators are currently working to devise a narrower proposal that will achieve both ends. As of yet, it is still uncertain what the fate will be for those who have previously been charged under the newly-struck-down Indiana law.

LinkedIn Favored in Lawsuit over Hacking

LinkedIn provides an online community for professional networking, where prospective members may sign up by providing their email address and registration passwords, which are all stored to LinkedIn’s database. Although registration is free, for a monthly fee, LinkedIn members may upgrade to premium accounts, which allows access to increased networking tools and capabilities. During the registration process, the prospective LinkedIn members must agree to the LinkedIn’s User Agreement and Privacy Policy regardless of the type of accounts they decide to get.

In the Privacy Policy’s Security section (http://www.databreaches.net/wp-content/uploads/LinkedIn.pdf) it states “In order to help secure your personal information, access to your data on LinkedIn is password-protected, and sensitive data is protected by SSL encryption when it is exchanged between your web browser and the LinkedIn website. To protect any data you store on our servers, LinkedIn also regularly audits its system for possible vulnerabilities and attacks, and we use a tier-one secured access data center. However, since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to LinkedIn . . . . It is your responsibility to protect the security of your login information. Please note that emails, instant messaging, and similar means of communication with other Users of LinkedIn are not encrypted, and we strongly advise you not to communicate any confidential information through these means.”

In June 2012, LinkedIn suffered a data breach where a hacker posted over the Internet 6.5 million password hashes and e-mail addresses from LinkedIn users. Of the 6.5 million hashes, 60% were cracked. Angered about the security breach, two premium account users (“Plaintiffs”) filed a class action suit against LinkedIn on behalf of all who also paid an extra fee to the networking server. The complaint included nine causes of action, two of which are relevant for the class action suit: (1) breach of contract and (2) restitution or unjust enrichment. However, before going into the merits of the claim, standing became an issue. To have standing: (1) an injury is concrete and particularized, as well as actual and imminent; (2) the injury is fairly traceable to the challenged action of the defendant; and (3) the injury may be mitigated if given a favorable decision.

The Plaintiffs argued there was standing because they did not receive the full benefit of the bargain for the paid premium memberships. They alleged that in consideration of the extra fees, LinkedIn would take extra measures to protect these premium users’ personal information. The Plaintiffs further argued that if they had known that LinkedIn would not have provided these extra security features, they would not have upgraded their accounts. Federal District Judge Davila of the Northern District of California rejected this argument finding that the additional fees the Plaintiffs paid were not for extra security, but for the advanced networking tools and capabilities. Any alleged promise LinkedIn made to premium account holders were also made to non-paying account holders, and thus when a member purchases this upgrade it is only for the additional networking features. And as such, Davila found that there lacked a causal relationship between LinkedIn’s actions and the Plaintiff’s assertions of alleged harm.

Although it is unfortunate that LinkedIn users’ passwords and email addresses were revealed, these sorts of things happen all the time. As technology advances, so will hacking intelligence. The only way to prevent hackers from infiltrating these private servers is to be a step ahead of them; an impossible task.

NYPD & Microsoft join together to create a high tech crime fighting dashboard

It sounds like something out of a futuristic science fiction movie, but the New York Police Department’s Domain Awareness System is far from a fantasy. This system, nicknamed the “dashboard”, connects the cities over 3,000 public and private cameras onto one central network. This system has allowed the police department to respond to crime more quickly, more effectively, and also more efficiently.

The way that the system works is best illustrated by a hypothetical scenario. Hypothetically, a call comes in for a bomb in lower Manhattan. An alert would contact the officers and they would be able to focus their cameras on the threatened area. The cameras could scan for heightened levels of radiation as well as suspicious behavior. This type of response creates a safer working environment for the officers as it provides them with crucial information prior to entering the field. As the Fox News article states, it enables officers to know what they are getting into. According to the Fox News article, it is the city’s hope to connect this system to a laptop in every police cruiser. This would allow for real time updates and more effective crime management.

Right now the Domain awareness system is getting most of its use in the counterterrorism unit. Jessica Tisch, who is the director of planning and policy for the counterterrorism unit, was quoted referring to the system, saying “it works incredibly well”. According to the Fox News article the system was used during the “deadly shooting outside of the Empire State building this past August”. With so many calls coming in, it originally looked like there were multiple shooters. However, after the system pulled cameras within 500 feet of the area and mapped the data, police were able to determine that there was a single shooter.

Besides being able to detect bombs, other uses of the Domain awareness system include access to the entire departments arrest records and emergency calls. Also, in addition to the 3,000 connected security cameras, there are also license plate readers and portable radiation detectors being used.

One of the interesting twists of this story involves Microsoft. In 2009, the NYPD approached Microsoft with the idea of developing this type of technology. According to Richard Daddario, the NYPD’s deputy commissioner for counterterrorism, “usually you purchase software that you try to work with, but we wanted this to be something that really worked well for us, so we set about creating it with them”. It was estimated that the development of this software would cost between $30 and $40 million. The city also looks to potentially benefit financially from this system. A potential marketing deal between the NYPD and Microsoft would pay the city tens of millions of dollars according to the article.

While this system will undoubtedly create a more effective and efficient police force, many citizens are rightfully concerned about the privacy implications that come with a surveillance system of this magnitude. This system provides immense power to a small group of individuals. Being able to track an individual, without a warrant or scan an individual’s license plate without cause could raise Constitutional issues not only in privacy but also invalid search and seizure. The courts will have to take a serious look at this system. While it does increase our safety as citizens and provide the NYPD with a tool leading to more effective policing, its unregulated use could prove quite invasive.

Skype: A New Way to Testify

In time, distance and illness may no longer excuse some witnesses from testifying in court. Courts are gradually becoming more accepting of the use of technology in courtrooms to promote efficiency and fairness at trial. However, while using technology, such as Skype, in the courtroom instead of in-person testimony may simply be another progressive step taken by courts into the twenty-first century, it also gives rise to legal controversy.

Rule 804 of the Federal Rules of Evidence provides an exception to the rule against hearsay when a witness is unavailable due to infirmity, unavoidable absence, or forfeiture. Furthermore, the Sixth Amendment to the United States Constitution gives criminal defendants the right to “confront” witnesses who testify against them. The defendants have the right to be present and in view while the witness testifies, and also enjoys the right to cross-examine such witness. When a witness is unable to testify in court, the defendant should have had an opportunity to cross-examine the witness in order for the admissibility of testimonial out-of-court statements.

Skype is a web-based service that allows individuals to make free Internet video phone calls. If one has a laptop or mobile phone with a solid Internet connection and a front-facing camera, they could reach another person, or people, almost anywhere in the world for a video phone call.

Recently, there have been a few instances in civil and criminal cases, where courts have allowed the use of Skype so a witness could testify. In one instance, Law Technology News reported that an out-of-state witness was allowed to testify against the government via Skype in a criminal case because the defendant could not afford the witness’s travel costs. There were a few technological glitches during the witness’s testimony due to a few brief Internet disconnections, yet there was a large flat screen television set up in the courtroom for the jury, and others in the courtroom, to see. This decision by the Georgia Superior Court raised Confrontation Clause issues because the witness’s testimony was technically made out of court. However, since the defendant is calling this witness to testify via Skype, his confrontation rights were not at risk. In another instance reported by the Wall Street Journal Law Blog, a bedridden man looking to extend a protection order against his estranged wife was allowed to testify from his home using Skype. The lawyer used his iPad for the Skype call so the judge and opposing attorney could watch the call. In spite of some connection issues during the testimony, those involved found that using Skype was more efficient and cost-effective than the accommodations needed to bring the witness into court.

It was only a matter of time before court adopted this advance in technology. Attorneys use information from Facebook and e-mail as evidence, for example, so it is not surprising that video conferencing technology is slowly being implemented into courtrooms. While it is understandable why some may hesitate to accept the use of such technology for evidentiary or constitutional reasons, courts already find some forms of video technology acceptable in pleas, depositions, and testimony from children. Furthermore, when one makes a Skype call, attorneys for both parties may direct or cross-examine the witness as they normally would during testimony in court, thus the Confrontation Clause argument is weakened. The use of Skype may also help in saving money for all parties by limiting travel or special accommodation expenses. However, some money is necessary in equipping courtrooms with adequate technology and service connections to make Skype calls run more smoothly. Nevertheless, if courts are able to work out the technological kinks in making Skype calls to out-of-court witnesses, this may be an effective and economical solution to problems of getting certain witnesses into the courtroom.

U.S. Considers Economic Sanctions against Chinese Hackers

The United States Executive Branch is considering enacting economic sanctions against individuals and countries that attempt to hack U.S. networks. Other policies that may be considered include visa restrictions, military action, and State Department diplomacy efforts. Intellectual property concerns are the main motivation in the White House’s consideration of the issues of cyberattacks and cyber theft. White House Cybersecurity Coordinator Michael Daniel is the official responsible for developing a strategy to address the internet issues between US data owners and hackers.

The policy considerations seem to be in response to recent news alleging that a military unit of Chinese hackers based in Shanghai have been attempting to hack into U.S. companies’ data. The administration has not named China specifically in these policy discussions, but the news, along with hacker attacks involving The New York Times, The Washington Post, Apple, and other companies, are part of the backdrop of this initiative. The White House is encouraging Congress to develop legislation surrounding sharing information about cyber threats, fortifying cybersecurity measures, and establishing law enforcement tools for such crimes. The Commerce Department has also been involved in setting standards for cybersecurity.

These measures are part of an ongoing struggle regarding intellectual property between U.S. innovators, and entrepreneurs in countries such as China that borrow U.S. designs and technologies without regard to ownership. While the U.S. is clearly concerned about innovation and innovators’ rights, more needs to be done before China will respect property rights as the U.S. and inventors desire.

More here.

Hail a NYC Taxicab on a Smartphone? Not Yet.

Considering that there is a smartphone application for just about everything these days, it is surprising that the New York City Taxi and Limousine Commission (TLC) did not approve a pilot program for electronic hail applications (e-hail program) until last December. However, the day before the pilot program was set to launch in NYC on February 13th, The Livery Roundtable and Black Car Assistance Corporation, among others, filed suit claiming that the program was improperly passed. The petition argued that the pilot program was invalid because the TLC failed to obtain City Council approval before starting a year long trial period for the e-hail program.

The e-hail app. would allow passengers using the application on their smartphones to identify available taxis in their area and/or hail a taxicab using the device. Alternatively, taxi drivers will be able to locate passengers in need of rides and/or receive electronic hails. Some companies with pre-existing e-hail applications such as Uber, GetTaxi, Hailo, and Flywheel were required to augment their pre-existing e-hail applications in order to conform to the TLC’s e-hail program regulations. Specifically, the TLC wanted to ensure that passengers and drivers used the application exclusively to hail, or accept hails, not bribe drivers with cash bonuses.

While the TLC was excited about the e-hail program and believed it would benefit both passengers and drivers, some companies lobbied against the program. Unsurprisingly, those in opposition of the e-hail program include the aforementioned petitioners Black Car Assistance Corporation and The Livery Roundtable, as well as other black car companies. The companies believe the e-hail system will generally hinder the livery business and negatively impact certain segments of the NYC population, specifically the elderly and the lower class. While this maybe true since yellow cab drivers and passengers will be easier to locate, there is nothing preventing black car companies from developing their own applications.

Nonetheless, the TLC and Mayor Michael Bloomberg remain unconcerned by the petitioners’ injunction and informed the public that the e-hail program was validly passed.

Marketplace Fairness Act Aims To Allow States To Obtain Sales Tax From Large Internet Retailers

On February 14, 2013 a bipartisan group of Senators and Representatives introduced legislation that will supposedly level the playing field between local brick-and mortar retailers and out-of-state Internet retailers. The Marketplace Fairness Act of 2013 would allow states to require out-of-state online retailers to collect sales and use tax on in-state purchases. Businesses with less than $1 million in annual domestic sales would be exempt from the bill. Despite the optimism for the passing of the bill, critics question whether it will achieve its goal of leveling the playing field between local businesses and out-of-state online retailers without introducing a host of unintended consequences.

Currently, due to a 1992 Supreme Court decision, states have been unable to require out-of-state online retailers to collect sales taxes from in-state customers. See Quill Corp. v. North Dakota ex rel. Heitkamp, 504 U.S. 298, 313 (1992) (holding that although businesses did not need to have a physical in-state presence to permit the state to require the business to collect taxes from its in-state customers, physical presence within the state is required for the business to have a “substantial nexus” with the taxing state as required by the Commerce Clause). Customers who order products from online retailers from outside of the state are supposed to declare these purchases on their tax forms, but few customers do. Due to this outdated Supreme Court ruling the National Conference of State Legislature reports that, collectively, states miss out on approximately $23 billion in tax revenue annually. Furthermore, local business are at a disadvantage because consumers can walk into these local stores, try out the product that they are interested in, and go home and purchase the item from an out-of-state online retailer without paying the state sales tax.

The current version of the bill combines several proposals from the previous bill that failed to pass last year while incorporating revisions intended to make the bill more palatable to critics and opponents. In particular, the exemption threshold for businesses was raised from $500,000 to $1 million in out-of-state annual sales. The Marketplace Fairness Act of 2013 would empower states to compel out-of-state online retailers to collect sales and use taxes provided that the state simplifies its sales and use tax system. Several online retailers, including Amazon, have expressed their support for the bill.

Despite the optimism and support for the passing of this bill, it is not without critics. Some critics argue that given that one of the prerequisites for states to use this bill is that they must simplify their sales and use tax system, the bill may have the potential to create a complicated new tax system with differences in each state. Furthermore, the legislation may be difficult to enforce because determining whether a retailer is not collecting the taxes may be challenging and needs to be addressed. There are concerns that the bill has a potential to stifle Internet commerce. Large online retailers such as Wal-Mart and Amazon can easily deal with the increase reporting expenses and decreased revenues in out-of-state sales but the smaller online retailers may be forced to keep their sales within their state of operation or confined to states where they have their largest out-of-state sales revenues. The bill, if passed, will likely do the most good in terms of getting states sales revenues that they are already rightfully owed but are not being paid because customers fail to report their out-of state purchases. In this tough economy an infusion of sales revenue may be the much-needed resource that may allow state governments to keep their taxes steady and prevent the need for cuts in programs and services and this bill appears like it has the potential to help in this respect.

The Marketplace Fairness Act appears most misguided in its focus on putting local business on a level playing ground with out-of-state online retailers. The bill may just be slowing down the inevitable. The fact that residents have to pay taxes on goods bought in local business may not be the only reason for why customers are choosing to buy from out-of-state online retailers. The prices of the online retailers may still be significantly lower than the local business even after the passing of this bill because some online retailers are able to provide lower prices due to economies of scale and the fact that they do not have the expense of having locations or warehouses within the state. Therefore, the bill should be presented more as a way for states to obtain revenue that they are rightfully owed and less as a savior of local businesses.

Source: http://news.cnet.com/8301-13578_3-57569600-38/politicians-push-bill-to-help-states-collect-online-sales-tax/

Aaron Swartz: Internet Innovator and IP Advocate

On January 11, Aaron Swartz committed suicide. For those who don’t already know, Swartz was a programming genius, internet wizard, developer of RSS web-feed format, and a co-founder of Reddit. He was a legend in the internet programming world at age 14. At the time of his death, he was only 26.

But unlike the stereotypical internet entrepreneur, he was not in it for the money. His innovations afforded him plenty of cash, but he freely spent it on what became his overarching purpose: freedom of information on the internet. Swartz became an activist, and was a key figure in the defeat of SOPA and PIPA. He was a Robin Hood of the web, a rebel with a very timely cause.

In 2008, Swartz decided to take on PACER, a website run by the U.S. federal court system. PACER charges users a per-page fee to access court records, briefs, decisions, and other documents. Swartz reasoned that public money pays the courts’ operating costs, and that such documents should be freely available. After writing a program to download the documents, he spent a significant sum of his money amassing millions of them and making them publicly available. He was investigated, but not charged.

His next target was JSTOR, an internet hub for the distribution of scholarly articles. Swartz was a fellow at Harvard, and used his JSTOR login to access and download millions of articles that he intended to distribute freely to the public. After his activity was detected and cut off, he trespassed into an MIT closet and began directly downloading them into his laptop.Again, he was guided by principle. Swartz was bothered for two reasons. First, authors who write for scholarly journals receive no portion of JSTOR’s fees. Second, the expense of the database was preventing average Americans from ever benefitting from the research and writing of our higher education system.

This time, however, Swartz was caught red-handed. He was arrested in 2011. Since his legitimate access to JSTOR gave him permission to download the files, his only crime against JSTOR was his intent to distribute them. But he never distributed them. When he was arrested, he promised that he never would. JSTOR settled with him and stated they did not wish to see him prosecuted.

The Justice Department saw things differently. U.S. attorney Carmen Ortiz decided to come down heavily on Swartz, and vowed to see him serve time for his crimes. His trial was scheduled for this April. Swartz had struggled with depression for a long time, but, in an official statement his family laid some of the blame for his death on the Justice Department: “Aaron’s death is not simply a personal tragedy. It is the product of a criminal justice system rife with intimidation and prosecutorial overreach. Decisions made by officials in the Massacusetts U.S. Attorney’s office…contributed to his death.”

Some writers have suggested that Swartz was facing decades of jail time and so took his own life. Some have cautioned the media and blogosphere against such hyperbole, noting that maximum allowable sentences are almost never related to actual imposed sentences.

Following his death, Ortiz issued a statement insisting that she was only seeking to imprison him for six months. But Ortiz is now being slammed in Congress for her overzealous prosecution of what ultimately was a mere trespass case.

The big question is why the Justice Department decided to pursue this so zealously. In a terrific tribute to Swartz in The Guardian, Glenn Greenwald suggests that Swartz was engaged in “the war over how the internet is used and who controls the information that flows on it - and that was his real crime in the eyes of the US government: challenging its authority and those of corporate factions to maintain a stranglehold on that information.”

Widespread use of the internet is only fifteen years old. All three branches of government (which tends to move at a glacial pace), are still trying to put together the puzzle of how and if it will be legislated, regulated, and interpreted. Swartz became the straw that stirs the drink for the progressive side of this issue. Although he tragically died young, Swartz was an example of civil disobedience of the highest order.

Piracy in the Caribbean: WTO Approval of Antigua and Barbuda Piracy Site

The World Trade Organization (WTO) has taken a controversial step in an effort to settle the score between the United States (US) and Antigua and Barbuda: authorizing the suspension of US copyrights in Antigua and Barbuda. This move in essence allows the islands to give away US copyrighted material without compensation to the copyright holders. While actual implementation of a government-powered website that freely distributes US copyrighted material might be a distant reality, this WTO action could ignite a disastrous ripple effect and is being highly scrutinized by member countries who are wondering if these retaliatory legal measures are in line with the spirit of the WTO.

US intellectual property rights, specifically copyright laws, prevent anyone but the copyright owner or someone they authorize from distributing or otherwise utilizing the copyrighted material - music, film, books, games, software, and photographs. The WTO has each member country agree to honor every other member country’s intellectual property laws. Respecting other member country’s laws is imperative in maintaining the harmonious spirit of the WTO and promoting free trade, and this protection can sometimes be a driving force behind a country’s decision to join the WTO. The WTO has the authority to issue decisions that are binding and punitive on member countries, which the countries must agree to comply with when joining the organization.

In 2007, the US and Antigua and Barbuda’s disagreement over online gambling services was brought to the WTO’s Dispute Settlement body, the highest trade body in the world. The US claimed they had inadvertently agreed to place no restrictions on the ability of foreign countries to provide online gambling services to US citizens. Antigua and Barbuda had invested millions of dollars in furnishing such services to US citizens under the belief that the US government was allowing this to happen, and when the US government later attempted to stop these services, Antigua and Barbuda lost money and many of their citizens lost jobs, creating a crisis for the islands. The WTO ruled that although the US’ agreement to no restrictions may have been unintended, the government had acted carelessly in outlining their restrictions and the agreement was binding because other countries had relied on it. The WTO ruled that the US must follow through with removing the restrictions on foreign online gambling services, or alternatively, compensate affected countries for their losses.

But since the ruling in 2007, the US has dragged its feet in following through with the WTO’s orders. On Monday, January 28, 2013, the WTO gave Antigua and Barbuda the final authorization to suspend US copyrights and implement a government-run website that can freely distribute US copyrighted materials, worth up to the sum of $21 million dollars a year, for as long as the US continues to refuse to comply with the WTO order. This measure is categorized as a retaliatory compensatory measure, typically implemented when a member country does not comply with a WTO ruling to the harm of another member country. The harmed member country is then allowed to retaliate in a proportionate manner to the non-compliant member country.

The WTO may have gone too far with this ruling, however. The suspension of intellectual property rights does not seem to have a clear ending point; once one song, for example, if freely distributed, copies can be made over and over again, creating an aggregate loss of much more than $21 million, the set limit imposed by the ruling. Suspension of copyright laws is not a defined enough penalty to be proportionate to the losses Antigua and Barbuda felt by the US’ actions, and the US could end up losing much more than the islands ever had.

It also seems that this sort of authorized retaliatory ruling is not within the spirit of the WTO, whose mission is to promote harmonious free trade throughout the countries of the world. US Trade Representatives have already expressed concern over the ruling, suggesting that this move would further spoil business relations between the countries involved. Imposing this harsh of a penalty on a country that claims to have inadvertently entered into this mess sets a precedent for other countries that they need to be afraid and tedious in their agreements, or else they may find themselves retaliated against, with the retaliation sanctioned by the WTO. This discourages blossoming countries from entering into the WTO, and encourages existing members to be as withholding as possible in their agreements to what services they allow foreign countries to provide. All of these effects are in direct conflict with what the WTO was designed to accomplish.

For now the world must wait to see if the US and Antigua and Barbuda can come to some alternative agreement before the drastic measures of the government-sponsored piracy site are taken. If the piracy website is realized, the WTO should brace itself for the severe backlash from not only the US, but all other countries who fear the extent of the retaliatory measures the WTO is comfortable with authorizing.

Rethinking the Cost and Benefits of Behavioral Targeting

Online behavioral targeting, also known as behavioral advertisement, involves tracking an individual’s online activities for the purpose of delivering tailored services or advertisement to a user. During the 2012 elections, it was revealed that even politicians used behavioral targeting in their campaigns. Online behavioral tracking has been proven to be extremely valuable because not only does it allow interested parties to align their advertisement with what the individual is likely to purchase, it also enables useful features to Internet users such as saving customized personal preferences and settings on the web.

Behavioral targeting has generated a form of service providers called network advertisers, companies that compile and classify expensive consumer profiles and deliver appropriate advertisements to participating websites across their network. Companies generally use “cookies”, amongst other tracking methods, to track consumer activities by associating those activities with a particular computer or electronic device.

Despite the Federal Trade Commission's efforts in setting self-regulatory principles, there is currently no law in the U.S that expressly addresses behavioral targeting. Typically, data that network advertisers collect does not fall under any existing privacy regulations because it does not include any personal identifying information, such as the user’s real name or other identifying information that can tie the user to his/her real identity.

Those who oppose to such act of data collection argue that behavioral targeting constitutes a breach of privacy because it implicates some form of personal information and more importantly, it invades an individual’s “inner identity”. A complete consumer data profile is, in a way, an attempt to replicate the individual’s personality in order to create customized advertisements. Such exploration can be more private and valuable than some aspects of external identity. For instance, the delivery of advertisements may reveal private browsing history such as religious beliefs or sexual orientation to other users of the same electronic device because cookies track the online activities of a device, not of a particular person. In other words, behavioral targeting may lead to not only identify thefts, but also embarrassment, inconvenience, and unfairness.

While many consumers in the U.S remain unaware that their online activities are being tracked, the European Union has heavily promoted Internet privacy awareness. Amongst other regulations, the e-Privacy Directive requires each member of the European Union to legislate the collection, use, and disclosure of personal information. Furthermore, the Directive requires all Internet firms and any other business that process data to obtain informed consent from data protection authority, as well as individuals, before commencing any data collection and processing.

There is an urgent need for the Legislature to find a way to balance data utility and privacy. Don’t you think it is about time that pair of shoes you checked out last week stops following you everywhere?

U.S. Urges Federal Judge Not to Unfreeze Megaupload’s Assets while It Fights to Extradite the Site’s Founder

The U.S. is advising a federal district court judge to reject Megaupload’s attempts to get its assets unfrozen while the site’s founder, Kim Dotcom, fights extradition from New Zealand. Megaupload’s argument is that having its assets frozen is causing it irreparable harm. The U.S. countered by arguing that even if it were to regain control of its assets Megaupload would not be able to resume its business operations. The freezing of Megaupload’s assets raises due process concerns and may lead to the firm going out of business regardless of whether they are found guilty of the charges alleged by the U.S.

Megaupload.com was a 50-petabyte online file storage website. It was a free online storage solution in the “cloud” for files that were too large for email. Megaupload generated about $25 million a year in revenue from ads and $150 million from its paid premium service. At its peak, 50 million people visited Megaupload each day. Megaupload handled about 4 percent of global Internet traffic. The company maintains that it was a legitimate data storage business used by millions of individuals including employees of NASA and the FBI. However, the Department of Justice (“DOJ”) maintains that the legitimate storage business was a front. The real money was made providing a virtual fence for $500 million in pirated material.

The DOJ further maintains that Kim Dotcom, Megaupload’s founder, ran the criminal swap meet with impunity from the safety of his $24 million New Zealand mansion, protected by guards, guns, and CCTV. New Zealand Special Forces carried out Operation Takedown, which was overseen by the FBI via video link. Operation Takedown was a dramatic raiding of the Dotcom Mansion via helicopter. Dotcom was captured by the New Zealand Special Forces in a panic room hidden behind a secret door located in one of the many closets of Dotcom’s mansion. If all goes according to federal prosecutors’ plan Dotcom and his six executives would be extradited to the U.S. to face a Virginia judge and the possibility of 55 years in prison.

Megaupload argues that by freezing its assets the government is subjecting it to ongoing irreparable harm similar to a criminal conviction following full criminal process. The company further argues that because it has not been convicted of anything the freezing of its assets violates its right to due process of law. The U.S. has countered this argument by saying that Megaupload and Dotcom have contradicted each other because Dotcom has stated on several occasions that he has no intention of re-launching Megaupload. Even if Megaupload regained control of its assets the site would have many issues trying to operate with a possible prosecution hanging in the air and would require years to regain the market position it enjoyed prior to the arrest of Dotcom and the freezing of the company’s assets.

The U.S.’s seizure of Megaupload’s assets raises fundamental due process issues. Without access to its servers Megaupload cannot maintain a steady cash flow. Companies cannot survive without a constant cash flow. Megaupload will likely not be able to recover from the criminal proceedings even if the company and its executives are acquitted of all criminal charges. Although it is likely possible at this point, regaining its previous market share would take many years for Megaupload as many customers have likely migrated to other file-sharing services and are likely wary of going back to a service that they see as vulnerable to prosecution. This is concerning because it raises the question of what is stopping the government from shutting down other businesses through freezing their assets rather than actually bringing a valid claim against them. The result appears to be the same whether the government can prove its claim or not.

For more information: http://arstechnica.com/tech-policy/2012/10/us-slow-legal-proceedings-are-megauploads-fault-dont-unfreeze-assets/

How Secure is Your Connection?

Lawmakers and technology experts agree that better laws are needed regarding the online availability and use of personal information. There always has been, and probably will continue to be, a great tension between legislation that is too restrictive to innovation or is too vague to have significant legal impact.

Many challenges exist when creating such laws; chiefly, around the constant advancement of technology. Passing a law is a lengthy process that involves stakeholder meetings, compromise between many parties, and ultimately enactment and enforcement. Technological progression greatly outpaces legislative oversight. This dilemma is clearly illustrated in the issue of whether unencrypted wireless networks are protected from interception under the federal Wiretap Act (18 U.S.C. § 2511).

Currently, private wireless networks that are password protected, like the one you may have in your home, are protected from gathering information. However, when you use a non-password protected, unencrypted wireless network, that information might not be protected. These unprotected networks can be accessed in public places, such as coffee shops and airport terminals, or in homes that have a non-password protected wireless network.

The federal Wiretap Act prohibits “sniffing” or gathering of contents of communications by a device unless the contents are readily accessible to the general public. Initially, it only covered certain communication frequencies but over the years Congress has amended it to keep up with advancements in technology. For example, it was updated to include protection for cordless phone use in reaction to the expectation of privacy of most cordless phone users.

This issue has recently been discussed in a class action suit against Google, Inc. When Google was completing its Street View project, part of the project was to detect where the wireless access points were, but it also collected a large amount of data from unprotected wireless networks, such as individuals’ emails, passwords, and browser history. The plaintiffs argue that this collection of sensitive data was illegally intercepted because the users had an expectation of privacy. Google argues that it was legally obtained because the data was not secured. The court found in the plaintiffs’ favor stating, “[T]he wireless networks were not readily accessible to the general public as defined by the particular communication system at issue.” (In re Google Inc. St. View Elec. Communs. Litig., 794 F. Supp. 2d 1067, 2011 U.S. Dist. LEXIS 71572 (N.D. Cal. 2011).

This case clearly illustrates the problem of ineffective legislation attempting to solve technological problems. If the legislation is too strict, the fear is that it will stifle progress and innovation. Conversely, without clear, current laws, individuals’ privacy may be compromised. Whether it may be the Do Not Track proposed legislation, the President’s Privacy Bill of Rights, or something yet to come, the issue remains how to create laws that provide adequate safeguards while incorporating a flexible standard to adapt with the changes in technology.

If legislation continues to be ill equipped at dealing with these issues, high technological industry standards could enforce an atmosphere that would place a premium on individuals’ privacy.

The Technology Patent System, Stifling Innovation?

In a recent Techdirt blog, when discussing the idea that start up companies should be less open in order to avoid patent trolls, the author opined that “What's stunning -- and depressing -- is that the patent system is supposed to be the thing that encourages innovation. And yet, because it's become totally dysfunctional, one of the recommendations for how to avoid running afoul of it now... is to do the exact thing that holds back and limits innovation. What a shame.”

The United States patent system is in a state of disarray, some say due to patent trolls, while others point to the large technology companies, such as Apple, Microsoft, and Google, using the system's weaknesses to dominate with overly broad patents. Patent trolls, companies that exist to sue over violations of patents, make it difficult for startup companies to gain access to a patent for their technology without getting sued. Trolls collect patents solely for the purpose of attacking companies, making cases that the company infringes their patent. The trolls bring lawsuits as a course of business and the large technology companies seem to be following suit, creating an arms race in the field of patent law. The number of lawsuits involving patents in the United States District Courts has almost tripled in the last two decades, the number of patent applications has increased more than 50% over the last decade, and it seems most of the money is going to the trolls and the lawyers.

Trolls have become very efficient in pushing their claims through and the data from 2002 to 2009 shows that the median award given to patent trolls is $12.9 million, while awards given to operating patent holders dropped to $3.9 million. This is a drastic contrast from data between 1995 and 2001, where practicing entities were getting higher median awards ($6.3 million) in patent lawsuits than non-practicing entities ($5.2 million). Patent trolls bringing these lawsuits to extort money from economically productive companies ties money up in lawsuits and hinders innovation, especially for smaller companies. Some argue that if this continues companies will start being intentionally vague and less open, which defeats the purpose of innovation. Research has clearly shown that what helps innovation is more openness and sharing, which will lead to economic growth.

Large companies are following suit, using their patents as weapons against their rivals. Billions of dollars are being spent on bringing lawsuits and buying patents that will never amount to anything. Apple has used patents as a defensive tool, specifically for the iPhone, essentially trying to patent every creative idea, even if knowing it would never lead to a patent. Although Apple knew that a patent would never be approved for a specific technology, they would apply anyway, preventing other companies from later trying to patent that idea. Large companies such as Apple have been accused of applying for overly broad patents, and that accusation has merit considering the patent applicant wants to cover every aspect of a new technology. For example, there are multiple ways to write the same computer, so by creating a broad patent by intentionally making the borders undefined it is easier to sue accusing others of encroaching on the patent. These overly broad patents also hinder innovation by giving monopolies on specific technology to certain companies. Most of the large technology companies are in lawsuits with one another spending millions of dollars as well as time battling in court, so the question becomes how far will this go?