Law and technology

I have been blogging less because I am working on a technology & law related project (more information soon). In the meantime:

Online Defamation

Kiwiblog noted an interesting Canadian defamation case (Baglow v Smith) involving defamation on political blog sites:

On 30 August 2011 the Ontario Superior Court of Justice handed down judgment in the case of Baglow v. Smith, 2011 ONSC 5131. The decision suggests that an allegedly defamatory statement made in a debate on a blog or internet forum may not be found to be defamatory if the plaintiff previously engaged in the debate but did not respond to the statement despite having the opportunity to do so.

Canadian law firm Heenan Blaikie has a summary of the case here:

At the risk of over-simplifying the matter, the court’s decision can be summarized as this: there is something meaningfully different about online statements, particularly those which are made on political blogs and discussion forums, which militates that they be treated differently for purposes of defamation law. Put somewhat differently (and, again, with the qualification that this over-simplifies matters): impugning someone’s name on the broadcast evening news is different from impugning their name on a blog.

New Zealand courts give weight to Canadian judgments, and it will be interesting to see whether this case is raised in a New Zealand defamation proceeding in due course.

Amazon’s “one click” patent reaffirmed in NZ

Amazon’s infamous “one click” patent has been reaffirmed in New Zealand by a decision of the Commissioner of Patents, Amazon.Com, Inc v Patrick Ryan Costigan [2011] NZIPOPAT 12 (21 July 2011). The opposition to the patent does seem to have been somewhat quixotic – the opponent was not represented at the hearing, whereas Amazon had a team headed by a QC appear to defend its patent, as well as evidence from US and Australian patent experts. The Commissioner also noted that the patent had been upheld in Australia.

Google cleared in Australian ad-word case

The Australian Competition and Consumer Commission – the equivalent of NZ’s Commerce Commission (but rather tougher, it has to be said) – has lost a case it brought against Google alleging that Google engaged in misleading and deceptive conduct by mixing ads into its search results. The Court also found Google had not breached trade practices law by using (or allowing the use of) competitors’ names and trademarks in sponsored links. The full 73 page judgment is here.

UK Govt asks for Search Engine De-optimisation

Computerworld reports:

Google and other search engines, including Microsoft Bing and Yahoo, will be asked by the UK government to push copyright-infringing websites down their search results under new plans.

Which sounds like it could open a can of worms… The article also notes:

… it is understood that there could be forthcoming legislation, within the Communications Bill, if an industry-run solution is not found.

Which will certainly be a can of worms.

Watch the UK Supreme Court live

In what is understood to be a first, the UK Supreme Court (which in 2009 replaced the House of Lords as the UK’s highest court) now transmits a live coverage of hearings. This is a good step forward for open justice, because while most court hearings are open to the public, they are usually rather inaccessible. The Supreme Court coverage is available here streamed via Sky UK.

Virtualised software licensing

Licensing virtualised software isn’t getting any easier:

Big picture: Software licensing for virtual desktops is incredibly complex, confusing and, in some cases, prohibitively expensive. “It’s like the tax code,” says Dave Buchholz, principal engineer at Intel’s IT unit

Like the tax code – ouch. This is not new, yet from a contractual point of view, licensing virtual software is relatively straight-forward. The complexity is not an inherent licensing problem, but simply a commercial consequence – partly due to the well-worn idea that complexity is good for business (think mobile phone plans), and partly due to vendors trying to have their cake and eat it too.

Besides piracy, studies show that even users who actively try to be fully compliant often cannot understand the licensing rules (and as the article says, even vendors can struggle to understand their own licensing). The reality is that in most cases, if there is money on the table that a licensing tweak could recover, those tweaks would have already been made. But while the practice of overly-complex licensing has perhaps lasted longer than expected, disruptive technologies such as usage-based cloud computing, and open source software and the increasing use of virtualisation itself, mean the trend will be toward simplified licensing and subscription models.

Name suppression laws to be tightened

The Government has announced changes to name suppression laws, following a number of high profile incidents, a prosecution, and a Law Commission report into the matter. Among the announced changes:

Introducing a new offence to capture New Zealand-based Internet service providers or content hosts who do not remove locally hosted suppressed information which they know is in breach of a suppression order, and who fail to block access or remove it as soon as reasonably practicable. [emphasis added]

This is an improvement on the Law Commission’s recommendation that ISPs and hosts “carrying” suppressed information should “block access” to it, which would have caused practical problems for ISPs (see my comments here). Having a requirement simply to remove locally hosted content is a simpler and more realistic approach. But it still remains an iffy matter – IT lawyer Rick Shera raises some pertinent questions here.

Coincidentally, on the same day as the Government’s announcement, a name suppression order forced a number of bloggers to remove posts that had previously the identity of certain individuals. By which time the information was already available in caches, syndicated posts, Twitter, etc – just another reminder of the difficulty of name suppression in the present day.

Who’s suing who(m)?

Another day, another US patent infringement claim. There are so many flying around, its hard to keep up. Fortunately the Guardian gives us this diagram. Expect to see a few more arrows added in the near future.

If you can’t beat ‘em?

Minorly ironical: Ars Technica reports on antipiracy lawyers apparently pirating the legal forms of other antipiracy lawyers.

Throwing the ‘book

Facebook is attempting to assert ownership over use of the word “book” in domain names, by filing a lawsuit in the US against unrelated site Teachbook.com. It has also been reported that Facebook is attempting to claim the word “face” as well. The “book” complaint alleges:

Misappropriating the distinctive book portion of Facebook’s trademark, defendant has created its own competing online networking community in a blatant attempt to become a Facebook for teachers.

It is not uncommon for trade mark owners to take action to stop “similar” names being used by another party, even where the other is innocently using them in an unrelated manner. A recent local example being designer Trelise Cooper’s unsuccessful attempt to stop another New Zealand designer from registering her own actual name, “Tamsin Cooper” as a trade mark. Facebook will not succeed in gaining a monopoly over either “face” or “book”, but may be seeking to force a lesser-resourced start-up into a settlement. Teachbook has said it will fight the suit.

ISP or not to ISP

Computerworld reports on ongoing concern over the very broad definition of “ISP” in the Copyright Act (see my post here). Submitters have suggested that the definition be modified to only apply to organisations that allocate IP addresses. While that would be a significant improvement, it would still leaves some organisation as unintended or unwilling ISPs. For example the University of Auckland has submitted:

The University currently controls a range of 65,534 unique IP addresses which it allocates to access points in the University and to halls of residence… The University thus has serious concerns about its status and the definitions of an ISP as drafted in the Bill. It will be apparent from the information provided that the University has essentially all the characteristics of an ISP and will be the entity that is contacted if illegal file sharing is alleged.

Government Open Access and Licensing

The Minister of State Services recently announced the release of the NZ Government Open Access and Licensing Framework – a series of Govt-approved licensing models that advocate the use of liberal Creative Commons licenses. The policy is available here. It applies to all public service departments and Crown entities, except (somewhat curiously) for tertiary institutes.

We called out for another drink, the waiter brought a cease-and-desist

Can you copyright a cocktail? The Atlantic reports on a Manhattan bar that may yet find out. For the record, a recipe can be copyright, but for heaven’s sake can’t they just settle it over a Long Island Iced Tea?

Preference vs protectionism

Labour MP Clare Curran has entered the Kiwi Jobs Bill into the private members’ ballot. The bill aims to “determine whether the NZ Government can have a policy that gives preference to local procurement without breaching our international trade obligations”. The bill would apply to IT procurement, which has prompted some differences of opinion from the industry. For something as universal as IT, anything that is simply protectionist would be irrational and detrimental. But an increase in transparency and the promotion of open standards (if the Bill does that) would be welcomed.

IT & the new Limitations Act

Under the Limitation Act 1950, the general rule is that a person cannot bring a claim in contract or tort more than 6 years after the cause of action arose. As a result, business records (including electronic data) should generally be kept for at least 6 years (although other acts impose specific rules, for example 7 years for certain accounting information under the Tax Administration Act). However, over the years many quirks and wrinkles have been introduced into the picture, resulting in some uncertainty.

A replacement Limitation Bill received its first reading earlier this month. The bill tidies up and simplifies limitation periods. Importantly, it proposes to introduce (for most matters) a “longstop” limitation period of 15 years. As a result, prudent businesses will want to keep some records for 15 years. This sounds like a very long time and, of course, raises some practical issues, but expanding storage capabilities mean disk/cloud space should not be burdensome for most businesses. However, there can be a downside to keeping records – in that they may be discoverable in litigation – so this rather dry subject does require some thought in each case.

Record keeping risk?

On a related note, a new survey shows that most Kiwi businesses do not have documented procedures for recovering from an IT disaster. Besides the business interruption risk, there could be significant third-party legal risks from a catastrophic data loss. For example, a firm that has assumed responsibility for holding records for clients (e.g. accountants, architects, engineers, lawyers, etc) could be liable in negligence for their clients’ business interruption following the record-holder’s data loss, in certain circumstances.

ISP search concerns

Is the Copyright (Infringing File Sharing) Bill a wolf in sheep’s clothing when it comes to secret surveillance? Civil liberties lawyer Michael Bott thinks so, and wants better notification requirements for electronic searches.

Law Society’s s92A Copyright Act submission

Computerworld covers the controversy of the New Zealand Law Society’s submission on the s92A Copyright Act review, which included a recommendation to tighten the disconnection penalty. The submission, and comments from one of the authors, barrister Clive Elliot, are here.

IT admin jailed for holding system “hostage”

A San Francisco network administrator has been sentenced to four years jail for refusing to hand over passwords to the City’s computer systems he was maintaining. The charge was “denying or disrupting computer services to an authorized user”. The computer network continued to operate during the 12 day “lock-out”.

In New Zealand, section 250 of the Crimes Act makes it an offence to:

“”intentionally or recklessly, and without authorisation, knowing that he or she is not authorised … causes any computer system to … deny service to any authorised users”

This would cover a situation where a network administrator deliberately changed passwords to lock out rightful users, but it would be less clear in a situation where an administrator withheld a password (that had been innocently changed / set at an earlier time) and then withheld it after (say) becoming disgruntled.

NZ Police turn to Google for help

While the Police are apparently still considering (at the request of the Privacy Commissioner) whether Google committed criminal acts by capturing public WiFi data (my verdict: not guilty), they are cleverly using Google’s data as a crime fighting tool to establish the location of suspects.

No Aussie net filter

More death-knells are sounding for the Australian government’s unloved internet filter plans. Communications Minister Stephen Conroy says he will push on with it, but unless a new Gillard government is returned with a larger majority than present (which seems unlikely), the plan will not survive the Senate.

Consumer guarantees & online auctions

The Government is now accepting submissions on its reform of the Consumer Guarantees Act, which will extend standard consumer protections to online auction sites such as TradeMe. The proposed text is as follows:

Supply by auction or competitive tender under subsection (3) does not include supply of goods and services by a supplier through a competitive bidding process using an online trading facility.

This will be a welcome change for consumers, and one I expect will be supported by many retailers.

Jailbreaking iPhones deemed legal

The US Copyright Office has ruled that jailbreaking (or unlocking) iPhones or other devices does not infringe copyright law. This clears the way (for now at least) for consumers in the US to legally use third-party tools to install  “unsanctioned” apps on their devices. To date, Apple has kept a very tight grip on which apps can – and cannot – be installed on iPhones (all via its official AppStore). Jailbreaking involves removing or bypassing Apple’s built-in restrictions that prevent unauthorised apps from being installed. Apple (and others) have argued that this breaches copyright law, by bypassing DRM restrictions and unlawfully modifying their code (similar in some ways to the “technological protection measure” provisions in New Zealand’s Copyright Act 1994). Proponents claim that jailbreaking is fair use.

The matter will not end here. Given the revenue involved it is likely to be a contentious issue for years to come. The US Copyright Office is not a Court, so its ruling is susceptible to legal challenge. Also, jailbreaking is still a breach of the iPhone’s EULA:

“You may not and you agree not to, or to enable others to, … modify … the iPhone Software or any services provided by the iPhone Software …”

However the enforceability of such a provision is greatly limited, and in practice largely useless if jailbreaking software and service providers become mainstream.

s92A rolls on

IT lawyer Rick Shera blogs on the New Zealand Law Society’s submission on s92A of the Copyright (Infringing File Sharing) Amendment Bill. He notes the Society’s recommendation that the Bill “should be amended to provide the Court with the power to order that the account holder may not open an account with another ISP during the period of any suspension”. That the existing Bill does allow someone to simply get another account could be seen as a loophole – but part of the reason why I have always thought disconnection was a red herring. In any case, the Law Society’s proposed change is simply draconian.

Legal risks for IT pros

InfoWorld has an article on lurking legal gotchas (and how to avoid them) for IT pros. Its list includes:

• Confidentiality and privacy violations
• Pornography use
• Copyright and source code violations
• “Financial shenanigans” – essentially fraud or other criminal activity.

The article is based on US law, but the above list is applicable in New Zealand. However an important distinction not made entirely clear is that between intentional (i.e. malicious) activity and accidental contravention. Also, in most cases employees who are honestly carrying out their job are entitled to be indemnified by their employer for any liability arising against them personally (subject to employment contracts and other factors). Independent contractors are generally liable for their own actions, however, and insurance is an important risk management practice for contractors.

Open source wrangling

Computerworld reports on a controversy over whether a US company has breached the GPL terms of the R statistical software (developed out of Auckland University and the original version of which I used in stage-1 stats). The company, Revolution Analytics, denies breaching the GPL. It uses the increasingly popular (but sometimes controversial) “open core” model where (for example) the core program remains licensed on open terms, but other components and add-ons are under proprietary licenses. The situation highlights the sometimes murky issue of copyright ownership, assignment and licensing in large open source projects. Another example, involving OpenOffice, is reported here.

Copyright vs Contract law

A UK government advisory board, the Strategic Advisory Board for Intellectual Property, has completed a lengthy report (182 pages, 6MB pdf) on “the relationship between copyright and contract law”. The highly academic report appears to be a last hurrah for the quango, which is to be axed. The report is based on extensive research into “creator contracts” – i.e. supply side contracts such as those entered into by authors, musicians, artists, etc – and “user contracts” – i.e. demand side contract typically involving licensing of IP to end users. A summary of the fairly impenetrable report is here.

NZ developer wins worldwide-injunction

(Disclosure: with a little help from a New Zealand law firm) New Zealand high-availability software firm Maximum Availability has won an injunction in a United States court against a US competitor that (it alleges) made false claims about MA’s products. The interim order prevents the competitor from further distributing the specific materials anywhere in the world, and requires them to send a clarification to all parties who received the information. More details are here.

YouTube defeats Viacom – a boost for NZ’s safe harbour?

A US judge has dismissed Viacom’s massive copyright claim against YouTube, saying that YouTube was protected by the “safe harbour” provisions of the US’s Digital Millennium Copyright Act. The DMCA safe harbour provisions are similar to New Zealand’s own, found in section 92B of the Copyright Act (see my Computerworld article here).

The question with safe harbour laws such as New Zealand’s and the DMCA, is at what point is does the ISP “leave the harbour”? What is the “something more” that an ISP must do to lose that protection? The YouTube case provided a perfect opportunity to test those rules. The judge said that YouTube remained in the safe harbour, despite having considerable knowledge of infringing activities:

[The judge] disagreed with Viacom’s claims that YouTube had lost the so-called “safe harbor” protection under the DMCA. Viacom … maintained Google did not qualify, because internal records showed Google was well aware its video-hosting site was riddled with infringing material posted by its users. [The judge] ruled that YouTube’s “mere knowledge” of infringing activity “is not enough.”

“To let knowledge of a generalized practice of infringement in the industry, or of a proclivity of users to post infringing materials, impose responsibility on service providers to discover which of their users’ postings infringe a copyright would contravene the structure and operation of the DMCA,” the judge wrote.

He said that YouTube had no way of knowing whether a video was licensed by the owner, was a “fair use” of the material “or even whether its copyright owner or licensee objects to its posting.”

New Zealand’s s92B is undergoing further amendment (as part of the tortuous reform process mainly centred on s92A), but the general process remains. The YouTube case is already under appeal, but whatever the final outcome, will be of interest in New Zealand due to the similar (though not identical) safe harbour provisions in New Zealand’s Copyright Act.

Judge Harvey gives NZ’s first multimedia judgment

Judge David Harvey has delivered what is said to be NZ’s first digital judgment, a 9MB PDF including embedded images and YouTube links. (New Zealand still hasn’t sorted out online publication of all judgments, but fortunately the Herald is hosting the DIA v TV Works judgment here.)

Judge Harvey is widely known as New Zealand’s most tech-savvy jurist, and uses his knowledge and interest in technology to push the odd boundary (in a judicious manner, of course). His ruling in this case is being celebrated in online circles (admittedly pro-gambling sites) and we can be grateful that Judge Harvey heard this case, as he was able to bring his understanding of not just internet technology but also online custom to bear. Let’s hope other judges follow his lead. Also, if digital judgments are now en vogue, surely it is time for e-filing?

As a point of contrast, I’m reminded of this story from a few years back:

Judge Peter Openshaw, 59, brought an Internet terror trial to a halt when he admitted he struggled to cope with basic terms like “website”. The Judge said he was completely lost by the terminology during the questioning of a witness about a Web forum used by alleged Islamist radicals. He told stunned prosecutors at Woolwich Crown Court in south east London: “The trouble is I don’t understand the language. I don’t really understand what a website is.”

Copyright in compilations

The Independent has an update on YPG’s legal battles to uphold the copyright in its Yellow Pages listings (see my post earlier this year). The outcome of the latest Court proceedings – expected very soon – could be of interest to all database or “compilation” rightsholders.

One such group may be New Zealand television networks seeking to restrict use of their TV listings by third parties. In Australia, this was the subject of the landmark IceTV case – which confirmed there is no copyright in basic, factual TV listings. Recently, Sky Television’s lawyers sent out cease-and-desist letters to people who had written programs allowing its listings to be “screen-scraped”, on the flimsy grounds that such actions breached its copyright in those listings (assuming such copyright even exists).

Google Street View WiFi drama

Errata Security has a good technical explanation of Google’s WiFi sniffing controversy, which is the subject of a preliminary criminal investigation in New Zealand (see my post here). From the post:

Although some people are suspicious of their explanation, Google is almost certainly telling the truth when it claims it was an accident. The technology for WiFi scanning means it’s easy to inadvertently capture too much information, and be unaware of it… It’s really easy to protect your data: simply turn on WPA. This completely stops Google (or anybody else) from spying on your private data (assuming you haven’t done something stupid like chosen an easily guessed password, or chosen WEP instead of WPA). If you don’t encrypt your traffic, then by implication, you don’t care if people eavesdrop on it.

Meanwhile, details are emerging that the captured data included passwords and emails. This is hardly surprising given that a huge amount of computer activity involves these two things, and it doesn’t change the “case” against Google. As I wrote earlier, intention is a key issue, as is whether the captured data is “reconstructed into a communication that indicates confidentiality” and made use of.

Luke Appleby gave his take on the Google WiFi drama here. While my post looked at the criminal acts, Luke rightly points out that Google could also have run foul of s 133A of the Radiocommunications Act 1989. That is certainly worth a look by the Privacy Commissioner (not the police; and there is still a need for intention which has yet to be established), although substantive privacy issues should be the focus of any investigation, if warranted – a case which has yet to be made.

Copyright Amendment Bill submissions

Internet NZ has published its submission on the Copyright Amendment Bill. It includes a great detailed analysis by lawyer Rick Shera. While I have different views on some aspects, I support a good many parts of the submission. Paragraphs 86 and 87 of Rick’s analysis in particular raise key questions that need to be addressed by the Committee.

The submission also emphasises the range of business and government activities reliant on internet access. This is a point I submitted on earlier, and it will be interesting to see if other business sectors pick up on this. For example, do banks and online shops really want their customers to be disconnected for transgressions against another industry group? I’m sure the recording industry would not want their online customers disconnected because one of their kids is caught shoplifting at the local dairy.

Aussie net filter to be back-burnered

The Australian government’s daft plan to impose mandatory internet filtering, which only recently was being pushed ahead, is now likely to be shelved until after the election.

Software patents and venture capital

An argument often made in support of software patents is that attracting investment will be harder without them. Clearly this isn’t always the case. US venture capitalist Brad Feld has written an open letter against software patents:

In more recent years, patents on software have been granted – hundreds of thousands of patents. These patents cover essential techniques in computer programming, and their existence is having a chilling effect on the startup companies that I work with… Venture capitalist like me, who work with new innovative start-ups can testify that software patents have a chilling effect on the market.

He joins a number of other venture capitalists who have expressed similar sentiments. Now, this is not an either/or situation. There is no doubt that many investors have been, and will continue to be, attracted by a potentially lucrative software patent. But comments such as Feld’s highlight the potential “chilling effects” of software patents, as seen by some investors, and also (further) dispel the myth that software patents are necessary for investment – as reflected by the fact that a huge amount of IT investment has always occurred in situations without software patents.

See also: Protecting IP in a post-software patent environment

Waiting for Bilski

Feld’s letter also highlights the long-awaited Bilksi decision. The case has attracted attention for the potentially major implications on the US patent system – of relevance to all patent-holders including in New Zealand – as well as the long wait for judgment.

Defamation by hyperlink

A US court ruling that “forwarding a link to defamatory material can be considered defamation” has caused some consternation, showing again that, thanks largely to constitutionally protected free speech, US defamation laws are rather less stringent than in New Zealand. Under New Zealand / English common law, such actions have long been capable of being defamatory. For example, in the old case of Hird v Wood (1894) 38 SJ 234, a Court found that a man sitting in a chair and pointing at another person’s defamatory sign contributed to the defamation. If linking is “innocent”, however, the publisher has a defence.