Category Archives: Technology and information policy

This is the category for legal and public policy issues about technology.

Copyright Alerts System

The Copyright Alert System (CAS) is coming to the US next week.

AT&T, Cablevision, Comcast, Time Warner, and Verizon have come together and created a 6 strike system where every time it detect “pirated content” being download on your internet connection it sends you an email/telephone message, makes you watch an education video/view anti-piracy material, slow down your internet connection, demote you to lower tier of service, and/or disconnect you from the internet completely until you complete an anti-pirating class. All depending on how many strikes your have.

CAS does this by scanning your internet packets, a violation of 4th amendment rights (assuming we still have have it at this point). After all if your ISP is already scanning your internet packets I *doubt* the CIA, FBI etc. will ask to see then. Also who knows how much of a bottleneck the scanning process will slow down the internet. (Think TSA in an airport)

The company making the CAS software MarkMoniter has already had many false positives problems accusing HBO.com of pirating HBO content. The CAS scanning system would also wouldn’t be able to identity “fair use” cases like sharing a family video with music in the background.

The only way to appeal strikes to is pay $35 to have your case heard in front of the American Arbitration Association (not a court of law).

This quote sums up CAS perfectly.

So, basically, it’s an unelected body of industry-connected officials who get to police the Internet?
Yep.

Read more about CAS here: Primer GuideUnintended Consequence.

Unit 61398

Was listening to NPR this morning and found this little gem.

A military unit from the PLA (People’s Liberation Army) known as Unit 61398 or “Comment Crew” has been hacking into U.S and other foreign firms to gather intellectual property, infrastructural data and other information that could be useful to the Chinese Government.

This hacking unit has been effectively gathering such information since as early as 2006 and has been using the intellectual property int order for China to be able to keep with the same corporations that the information is being taken from.

A group called Mandiant were the ones who traced the data back to Shanghai China and into a building which houses the military unit.

Another issue comes from the data retrieved about electrical grids and gas lines. Such data could be used to a very harmful degree.

I know that we discussed in class that intellectual property could not be stolen and that this would be considered to be found information by the “Comment Crew”, but I could see how this could in fact be considered stolen and creates a huge advantage to competing companies abroad.

Could these companies IPs be considered stolen? What about the trade secrets that were probably found as well? Would this have been viewed differently if a U.S based company was hacking competitors in order to gain an upper hand?

Everything Is a Remix

Everything Is a Remix is a 4 part video series showing why fair use is important topic to talk about and what role fair use plays today in creativity and creating “new” ideas.

Part 1 follows how music has evolved by taking existing beats and words and coming up new songs. A real world example of this would be the four chord song which compiles song people would consider each unique but happen to be based on the same 4 chords. If 1 person had ownership over these 4 chords and could stop other from using them a lot of famous songs couldn’t have been written.

Part 2 follows movie making and how story are reused over and over again that were in the public domain. If Disney and others keep extending copyright will we run out of story “idea” if new information doesn’t enter public domain?

Part 3 goes into how creativity works by looking at the history of the computer. How companies copied one another features like the GUI and mouse without suing each other as often as today where every having a similar looking design land you in a billion dollar lawsuit.

Part 4 goes into the history of intellectual property and why copyright and patents were invented. The issue discuss in class about how idea are difference from material properties. Also the effect of the growing legal protection on software and music.

I highly recommend you watch all 4 parts of Everything is a remix it is a very informative series.

Kirby Ferguson, the maker of Everything is a Remix, also did a TED talk on the subject of intellectual property.

Newegg defeats patent troll

A “patent troll” is a company that is set up just to make money off of patents it owns. Usually, such companies do not do any R&D themselves. Instead, they strategically purchase patents from other companies, especially companies that are going bankrupt or having other financial difficulties. Then they use these patents to make money from other larger companies. They say, “Hey, you use technology that we have patented. Either pay us some royalties or we will sue you.”

It is important to be aware that patents are different than copyrights. A copyright covers the creative work itself — that piece of data itself, as written or recorded. Examples include source code, an executable binary, some song lyrics, a book, a musical recording, a photograph, a video, etc. A patent covers an invention, in other words, an idea. So, for instance, you could have a certain kind of pulley system patented. And you could have the blueprints (or CAD drawings, etc.) copyrighted. Roughly, the patent covers the idea, while the copyright covers a data object.

According to Title 35 §101 of the US Code, the things you can patent are these: “any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof”.

Well, what if someone had a patent on e-commerce? That is the issue in this Ars Technica article about the legal fight between Newegg and Soverain Software. (Read the article. It’s great.) Soverain Software is a patent troll, in the sense described above. And, at one point, they acquired a patent for the idea of an internet shopping cart. They didn’t actually do the “invention” or file for the patent. Apparently they got it from a software outfit that was going out of business in 2001. Well, who uses web shopping carts? Everyone. Soverain has sued the likes of J.C. Penney, TigerDirect, Avon, Victoria’s Secret, Best Buy, Office Max, Home Depot, IBM, and others. Not all the cases have been resolved, but Soverain was pulling in millions of dollars.

Newegg was also being sued by Soverain, and they said, “This is bullshit.” (That’s a quote from Newegg’s Chief Legal Officer.) Instead of settling with Soverain, they fought. Finally, they got Soverain’s patents declared invalid. This saves them and many other e-commerce businesses tons of money.

It seems extreme to be able to patent an idea as general as internet shopping cart. But are there other ideas that potentially should be covered by patent protection? What would be the justification for that? Would copyright be enough by itself?

My guess is that act utilitarianism would favor a policy of no software patents but some level of copyright protection for software and source code. However, I haven’t worked through the act utilitarian evaluation step-by-step. Furthermore, there are many ways copyrights can be structured, and that is another complication. We will be talking about this more in class in a couple of weeks. But please weigh in with your initial thoughts!

Fair Use: Do you “own” the media on storage mediums?

If you buy a CD or book do you “own” it and should you be free to use it as you wish?

First, can you even copy your own media from one form to another? With CDs you now can copy them to in a cloud storage site / music player (through companies like amazon with the roll out of Amazon AutoRip). But with DVD making backups on your computer  is illegal (because you have to break DRM).

Do you have to buy the same media in difference formats for every device you own which seems “wrong” to having to repurchase VHS then DVD then Blue ray then digital download of the same material when there is nothing (other then legally) stopping you  from copying it over from one format to the next.

Second, can you resale or lend CD you own with others (first sale doctrine). Physical lending a CD to a friend doesn’t seem to be wrong morally (legally is another matter) since you can’t have it at the same time. It would be like a lending/selling a microwave. Digital lending a song is another matter because it would be like cloning a microwave and both people can use it. Assuming you do not delete your the file when the friend has it. 

If you buy a microwave you can do anything you want with it from reselling, taking it apart. or putting tin foil in it. So when you buy music should it be any different? Are you buying a licence to listen to a song, a piece of plastic, or the song itself? 

UK Anonymous Hackers Get Jail Time

Even though I have just written a post, I came across this article and I am completely mind blown. Anonymous, probably the most popular and well known hacker group in the world, is basically an independent hacker organization that seems to run on their own morals. Basically, they want an open internet, and they stand for a lot of other things, but they are famous for hacking into websites and exposing people’s sensitive information. They are known for launching DoS (denial-of-service) attacks on websites to shut them down, most notable being the FBI’s website, Government websites in the UK, and GoDaddy domains, among others. They have threatened Governments around the world, criminal organizations, even religious groups. Recently they attacked the Westboro Baptist Church, a religious group that acts as a hate group that had plans to picket the memorial service for the Sandy Hook Elementary School, by launching a DoS attack on their website to shut it down, exposed sensitive information of the WBC members (addresses, full names), and even hacked a member’s Twitter page. Anonymous seems to live above the law, and is very successful at it too.

The reason for such a length summary of Anonymous is because of what this article means. Four members of Anonymous have been arrested in the UK for attacks on websites as part of actions carried our by Anonymous. Guess what the longest prison sentence received was? 18 months. Honestly I am confused. These members launched DoS attacks on websites owned by Paypal, Visa, Mastercard, and the British Recorded Music Industry, and are receiving pretty lenient sentences, considering what Anonymous has done in the past. Anonymous’ actions have put many people’s lives in danger, security at risk, and ruined people’s lives, as in the case of Michael Nodianos, who even though was in the wrong for saying what he said about a rape victim in the video, the video surely was not intended to be made public and has made it dangerous for Nodianos to even walk around in public in Ohio. Why is it that some members of the secret Anonymous organization have been found out and given such lenient prison terms, when they can get out sooner than 1.5 years and continue working for Anonymous?

Sony Fined For PlayStation Network Breach

Officials at Sony woke up today to a very interesting problem. According to this  article from Ars Technica, Sony is being fined $395,000 by a UK government body for the security breach that was suffered by users of PlayStation network back in 2011. At first, this doesn’t seem fair to Sony. People/Organizations should not have to be punished for being hacked. However, the UK argues that Sony, being such a huge corporation, should have been able to prevent this from happening. Back in 2011 when the network was breached, user’s dates of birth, names, email addresses, home addresses, passwords, and possibly credit card information were gleaned from Sony. The breach was so bad that Sony engineers had to shut down PlayStation network for three weeks in order to rebuild it. According to the Information Commissioner’s office (the body suing Sony), the network breach “could have been prevented if the software had been up-to-date, while technical developments also meant passwords were not secure.” They believe that Sony could have prevented all of this sensitive information from being leaked if their software had been current and secure. How have they deduced this? The IFO says a “data controller failed to take the action required [redacted] to address the vulnerability even though appropriate updates were available.”

Unsurprisingly, Sony disagrees with the ruling and plans to appeal, even though $395,000 is pocket change to the corporation. The most interesting thing about this situation is that nothing has been said about the 77 million users who were afflicted by the security breach. The IFO has not said anything about what their plans are for the money if they win the case in court, but would the users get some of that money? It does not sound like it. In 2011, Sony offered an incentive to all PlayStation network users for suffering the security breach, but that incentive is nothing compared to the bank cards and addresses that were leaked, possibly causing people to lose their hard-earned money.

Government pulls data from Google

Slash Gear released an article today about Government data requests to Google. This is an interesting piece especially on the discussion of privacy.  You sign a privacy agreement with online companies such as Google, but apparently it takes one government order to disregard those details.

The news starts by explaining that the data requests made by government entities has increased since last year.  The governing authorities are able to collect information by the ironically named Electronic Communications Privacy Act (EPCA).  The article shows charts of how it has increased over the years.  One other interesting piece is that Google did not make reporting data on compliance prior to 7/1/11.  I feel that it is unfortunate that any data the government requests they are able to receive, but when we want to request data from the government, it’s can be a very difficult inquiry.

Aaron Swartz suicide

Ars Technica has the best short summary of the controversial life and death of Aaron Swartz that I’ve seen. It is definitely worth reading, if you have not been following this story.

The article points out what all commentators have been saying — that Swartz was a brilliant programmer, hacker, and technological innovator (and that he was only 26 at the time of his death). The Ars article is especially good because it presents a fairly clear (but maybe over-simplified) picture of how the events of the last couple years may have led to Swartz’s unfortunate death.

Swartz was an outspoken activist for free and open access to information — especially government documents and scientific publications. In 2010, Swartz (allegedly) used the MIT computer network to download millions of academic articles from JSTOR. I am not sure what his exact motives were. The Ars article suggests that it was a kind of activism or protest. What seems clear is that Swartz did not do it for personal profit. Also, as far as I can tell, he never distributed the documents to anyone. Anyway, JSTOR did not press charges but the US federal government went after him pretty hard. Apparently, he was potentially facing more than 50 years in prison.

At this point, it does not look like people are sure about Swartz’s motive for suicide. People have been speculating, though, that it was because of despair over a long prison sentence.

Swartz’s life was complex, but a simple summary still seems accurate. He had strong moral views. He worked for those views, and, in the process, ran afoul of the law. Legal issues threatened to ruin his life. So he took his own life.

Who is at fault here? Is it the fault of Swartz himself — for going too far in pursuit of his ideals? Is it the fault of the government, for prosecuting Swartz too hard (as Lawrence Lessig contends it did)? Is it the fault of society somehow? A combination? No one’s fault, just a said turn of events?