Archive for March, 2005

Dan says consolidation of data access into the hands of two or three providers is the real problem (talking about Brand X and Madison River), because they'll always discriminate against competitive content.  Big bills for distributing popular content by individuals are a big problem, so P2P is the only real alternative, and the Grokster discussion is most important. 

The key message is “don't make me ask for permission.” I'm all for ensuring that competitive modes of access to online resources exist — baseline access.  But it's a difficult step to take to ensure more than that.  And providers should have the chance to offer more (and different) services if they want to. 

These sessions are interesting — it's still not clear what a proto-activist would do to agitate to change the world of online access.

At a Grokster forum this afternoon (graciously hosted by GW), the power of the Nimmer copyright treatise was on display.  There is really no caselaw on contributory copyright liability for “inducement.”   In 1911, Justice Holmes said that “the most innocent objects may be used for unlawful purposes.”  But the case in which he said this wasn't about inducement — it was about direct infringement.  Since then courts really haven't discussed “inducement” in the copyright context, except as part of boilerplate lists.

Tom Perrelli of Jenner & Block is a very skilled and thoughtful lawyer.  He told us this afternoon that the Nimmer treatise describes two branches of contributory liability in copyright.  One branch covers active encouragement/inducement, and the other covers distribution of products.  So all the talk about inducement during today's argument has ample support — from the Nimmer treatise.  Cindy Cohn of EFF said at one point during the discussion [paraphrasing]:  “We discovered a new branch of copyright infringement liability today.  It must be because it's cherry blossom season in Washington.” 

Why do we depend so much on copyright treatises?  I heard a talk by Ann Bartow last week about the power of the Nimmer treatise (among other treatises), and Perrelli's comment today seemed to bring this back around.

One of Perrelli's central points this afternoon was the following question:  “Is this [Grokster] the kind of innovation we should be fostering?”  That's the content industry's goal.  Sure, we're all for innovation.  But shouldn't we be careful just what kind of innovation we allow? Hmm?  (As readers will anticipate, that last “Hmm” was intended to be humorous.)

Perrelli also makes the point that the “rule” of Sony isn't all that clear.  If it provides such strong protection for innovation, why has there been so much litigation over what it means?  He noted that petitioners were pleased that the Court spent so little time focusing on the dominant aspects of respondents' arguments — parsing Sony and being told to go to Congress — and so much time swimming in the difficulty of establishing what the right rule for contributory liability should be.  Another panelist piped up and said that it's a mistake to think that the business community even knows what the Sony rule is, so how could they possibly be relying on it?  (Hmm.) 

I'm looking forward to the blogging about the argument. The Court did not find this an easy case, either procedurally (“bizarre!”) or substantively (“what about the iPod?”).  No one is predicting a clear win for either side.     

Given everything that's going on in communications policy, David Isenberg's conference — coming up later this week — is particularly timely.. 

Hope to see you there.

Did you know that the US Congress is in charge of all devices worldwide?  Let me explain.

Legislation that has something to do with computers often uses the defined term “protected computer.”  I recently looked up that definition, which is found in 18 USC Sec. 1030(e)(1).  It's an emotionally powerful definition.  It's breathtaking.  It's almost spiritual in its sweep.

First, the term “computer” is defined as:

an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions

In other words, any device you can think of that has something to do with data processing.  That's a lot of devices.  But wait — there's more:

and includes any data storage facility or communications facility directly related to or operating in conjunction with such device

So that means any wires or wireless communications or storage or almost anything else you can think of that is associated with communications or devices.  Anything.

Luckily, Congress was sensible and excluded from this definition:

automated typewriters or typesetters, portable hand held calculators, or other similar devices.

Phew.  Your slide rule is not included in the definition of “computer.”  But everything else is.

Now we know what a computer is — what's a protected computer?  Well, in addition to devices used by financial institutions, a protected computer is a computer that:

is used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States.

So a protected computer is any device, anywhere, that “affects” commerce or communication by the US.  That could mean every single router, wire, backbone, gateway.  That means the internet is a protected computer.

Where am I going with this?  Well, both the SPY BLOCK act, S. 687, and the SPY ACT, HR 29, use this defined term “protected computer.”  The Spy Block Act, for example, says it's unlawful for anyone who isn't an “authorized user” of a protected computer to cause software to be installed secretly on that computer.  It's illegal to prevent a “user” of a protected computer from having an opportunity to knowingly grant consent to that installation.

The sweep of this illegality is amazing.  It will be unlawful for any communications device to experience automatic installations that aren't upgrades or network security fixes.  That's really something.

We're in control.    

Halliburton managed to get audit reports of its Iraq expenses (including $108 million in overcharges) designated as confidential, and thus not subject to disclosure to reporters (or legislators).

DeCSS was originally claimed to be a trade secret.

EFF has a “patent busting project.”  What are examples of the most unlikely and most abusive uses of the law of trade secrets?  There's a story here.

Anything a company generates that is the subject of reasonable secrecy-maintaining efforts by the company (and that has economic value because it is secret) can be a trade secret.  Things that aren't copyrightable or patentable may be trade secrets.  Shh.  I'd tell you what's going to happen next, but I can't — it's a secret.  

I'm talking tomorrow about the intersection between the qualified reporter's privilege and trade secret law.  If you feel like reading a beautiful but quite long decision about the contours of the qualified privilege, here [pdf] it is — from Judge Sweet of the SDNY not long ago.

The law of trade secrets is ripe for abuse.  It's under-theorized and over-puffed by venture capitalists and IP lawyers.  In an era of secrecy and a time of privatization of government functions, any Administration (and certainly this one) could figure out routes using trade secret law to block publication of just about anything. 

Our poor First Amendment.  It's being trumped all over the place. 

Two definitions for plangent: (1) loud and resounding, as in “plangent bells,” and (2) sad or plaintive.  Both these definitions fit the tech policy world today — the alarm bells are ringing both loudly and…sadly.

Just today, the governor of Utah signed into law an unconstitutional bill that will lead to massive overblocking of innocent web sites.  (Read the CDT analysis.)

Sen. Burns and Sen. Wyden today introduced yet another spyware bill that will likely have substantial unintended consequences.  It covers all devices “used in interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States.”  (We're in charge!) It probably covers all software that is secretly installed (with exceptions — I haven't seen the final text).  There's no telling how the bill will be construed — it's very broad. 

I'm sure spyware legislation will pass, and I'm concerned about the precedent it will set for the design of code by legislatures.

Next Tuesday, the Grokster and BrandX arguments will be heard in front of the Supreme Court.  These two cases are linked in a deep way that may not be widely reported.  In Grokster, the content industry is trying to ensure that developers of new applications have to ask permission — the content community wants to make sure that infringement has been frustrated. 

In BrandX, the DOJ/FBI is trying to ensure that developers of new applications have to ask permission — the law enforcement community wants to make sure that applications are easily tappable.  (FCC has probably made a deal with the DOJ that it will apply CALEA obligations to information services if DOJ fights on FCC's behalf for judicial deference to FCC's determination about the regulatory classification of cable modem service.)

And we may want to worry about software defined/cognitive radios.

Therefore, send not to know for whom the bell tolls.

Michael Geist has a new column up today about ISP “accountability” and it's very worth reading.  Geist proposes some baseline requirements for ISPs.  His proposals don't wander into content control issues but do provide for nondiscrimination (against VoIP and other applications), adequate treatment of spam, and adequate responsbility for the privacy and security of consumer data.

What Geist is proposing is sensible.  My concern is that the content community is also proposing global ISP accountability.  Their kind of accountability is very different from the Geistian contribution.  The content industry would like to see international treaties make ISPs liable in lots of ways for activities occurring across their wires.

There really are black helicopters in the global sky.  The content guys are looking for global broadcast flag mandates [ppt] and they'll be working on the analog hole next.  

So I worry that the good-faith, reasonable, sensible Geistian step will morph into something much less reasonable all too easily.

HR 29, the SPY ACT, has a section requiring that “information collection programs” (or ICPs) provide notice and obtain user consent before they are transmitted or installed.  ICPs also have to have particular functions.

Today's question:  Would this section, if enacted into law, amount to compelled speech in a noncommercial setting — and thus be unconstitutional?

Here's how this might work.  “Information collection programs” are defined as “computer software” that either collects personally identifiable information and sends it to someone else or uses it to display ads – or software that collects information about the web pages accessed by the computer and uses that information to trigger ads.

There's no requirement that the software be commercial.  More generally, it's not clear that this software would fit under the Supreme Court's definition of “commercial speech.”  Yet ICPs are required by this section to present particular statements — e.g., “This program will collect and transmit information about you.  Do you accept?” 

Requiring the use of particular labels and notices is arguably a violation of the First Amendment right “to refrain from speaking at all.” (from the Supreme Court's opinion in Wooley v. Maynard).  As the Supreme Court put it in Riley v. National Federation of the Blind of North Carolina: “Mandating speech that a speaker would not otherwise make necessarily alters the content of the speech. We view [doing so] as a content-based regulation of speech.”

Although it is true that commercial speech receives less protection than non-commercial speech, and that disclosures can be required to keep commercial speech from being deceptive, it is not at all clear that software swept within the SPY ACT is necessarily commercial speech.

The Supreme Court has identified three factors which, when they're all present together, identify commercial speech: (1) an advertisement; (2) mentioning a specific product by name; that is (3) economically motivated speech.  Software transmitted to users and networks — even software that ends up triggering ads — does not necessarily meet this standard.

And even if software is commercial speech, it is not necessarily misleading or part of an illegal activity — the threshold inquiry for regulation of commercial speech under the Supreme Court's jurisprudence.  As the Court said in Zauderer, “Our recent decisions involving commercial speech have been grounded in the faith that the free flow of commercial information is valuable enough to justify imposing on would-be regulators the costs of distinguishing the truthful from the false, the helpful from the misleading, and the harmless from the harmful.”

Source code has been held (at least by the Sixth Circuit) to be expressive, pure speech that is protected by the First Amendment.  So you'd have to show a compelling interest in restricting the speech and you'd have to convince a court examining the Act that the restriction was necessary and narrowly tailored.  

The SPY ACT doesn't seem narrowly tailored, because it may sweep innocent speech within its scope and may be too vague to be predictable.  And, of course, it doesn't deal with offline data abuses/surveillance practices of which users may not be aware.

This question is easier for CAN-SPAM, because it's clear that that act is focused on commercial speech.  I'm not as certain about the constitutionality of the SPY ACT. 

First Amendment mavens: please comment.

Acting on a tip from a well-informed source, I trundled off to Primanti Bros. tonight.  The cheesesteak sandwich they sell, from top to bottom, is made up of:  (1) meat, (2) cheese, (3) french fries (4) cole slaw, (5) tomatoes.  It's sort of a french fry delivery device.

On the menu, it says “PITTS-BURGER CHEESE STEAK (#2 Best Seller).”

I ask:  “What's the best-selling sandwich?”

Guy says: “The cheesesteak.”

I say: “But it says #2 Best Seller.”

Guy says:  “It doesn't say #2 best selling sandwich.”

I say:  “Oh.  What's the #1 Best Seller?”

Guy, pleased, says: “Beer.”

Dah-DUM.

As requested by one of my fellow conference attendees:  the ultimate in empirical work (via discourse.net).