Law and technology

Legal risks for IT pros

InfoWorld has an article on lurking legal gotchas (and how to avoid them) for IT pros. Its list includes:

• Confidentiality and privacy violations
• Pornography use
• Copyright and source code violations
• “Financial shenanigans” – essentially fraud or other criminal activity.

The article is based on US law, but the above list is applicable in New Zealand. However an important distinction not made entirely clear is that between intentional (i.e. malicious) activity and accidental contravention. Also, in most cases employees who are honestly carrying out their job are entitled to be indemnified by their employer for any liability arising against them personally (subject to employment contracts and other factors). Independent contractors are generally liable for their own actions, however, and insurance is an important risk management practice for contractors.

Open source wrangling

Computerworld reports on a controversy over whether a US company has breached the GPL terms of the R statistical software (developed out of Auckland University and the original version of which I used in stage-1 stats). The company, Revolution Analytics, denies breaching the GPL. It uses the increasingly popular (but sometimes controversial) “open core” model where (for example) the core program remains licensed on open terms, but other components and add-ons are under proprietary licenses. The situation highlights the sometimes murky issue of copyright ownership, assignment and licensing in large open source projects. Another example, involving OpenOffice, is reported here.

Copyright vs Contract law

A UK government advisory board, the Strategic Advisory Board for Intellectual Property, has completed a lengthy report (182 pages, 6MB pdf) on “the relationship between copyright and contract law”. The highly academic report appears to be a last hurrah for the quango, which is to be axed. The report is based on extensive research into “creator contracts” – i.e. supply side contracts such as those entered into by authors, musicians, artists, etc – and “user contracts” – i.e. demand side contract typically involving licensing of IP to end users. A summary of the fairly impenetrable report is here.

A recent copyright case gives an interesting ruling from the Court of Appeal on the commissioning rule. The case, Oraka Technologies Limited v Geostel Vision Limited [2010] NZCA 232, involved a dispute over the ownership of industrial drawings.

In short, a customer had engaged an engineering firm to produce designs for an industrial machine. Unfortunately the terms of the engagement were unclear, and a dispute arose (some years later) between the customer and the engineering firm as to who actually owned the designs. The customer claimed that because it had commissioned those works, and provided an implied agreement to pay for them, and the designs were made pursuant to that commission, it (the customer) owned the copyright, by virtue of the commissioning rule. The engineering firm denied there had been a commissioning as defined in the Copyright Act, and that it therefore remained the owner of the designs.

The Court noted the orthodox position that:

Whether a work is “commissioned”; what the scope of that commission is; and the date on which the commission arises are all necessarily questions of fact in each case.

And it offered the following sage advice:

Patently, the better practice is to have a written agreement, and software developers and purchasers would be well advised to see that sound industry contracting procedures are put in place.

The critical issue was whether or not the customer had agreed to pay for the works – a requirement of the commissioning rule. Normally, payment (or an agreement to pay) is not in question, but was complicated in this case by the engineering firm claiming that it had provided a “free design service” in order to attract new customers. Because the designs had been provided for free, it claimed, the customer had not agreed to pay for the work and there could not have been a “commissioning” as defined in the Copyright Act.

The Court of Appeal rejected the engineering firm’s argument (which had been accepted in the High Court). It said that the engineering firm had offered “free design” on the basis that it would get to do the subsequent manufacturing work (which wasn’t free), and this was sufficient to create an intended-to-pay commissioning. The Court said it was “everyday commercial sense” that such an arrangement would be regarded as two parts of the same deal, and the customer had “agreed to pay” for the design work as part of the overall design-and-manufacture arrangement. It would be artificial to divide the “free design” and the subsequent intended manufacturing into two separate transactions. The Court therefore ruled that the copyright in the works was owned by the customer.

This is a useful case that demonstrates a pragmatic and commercially realistic substance-over-form approach to what was a murky factual situation. But, as the Court noted, these very costly disputes are easily avoidable by having a simple, appropriate agreement in place.

Copyright in compilations

The Independent has an update on YPG’s legal battles to uphold the copyright in its Yellow Pages listings (see my post earlier this year). The outcome of the latest Court proceedings – expected very soon – could be of interest to all database or “compilation” rightsholders.

One such group may be New Zealand television networks seeking to restrict use of their TV listings by third parties. In Australia, this was the subject of the landmark IceTV case – which confirmed there is no copyright in basic, factual TV listings. Recently, Sky Television’s lawyers sent out cease-and-desist letters to people who had written programs allowing its listings to be “screen-scraped”, on the flimsy grounds that such actions breached its copyright in those listings (assuming such copyright even exists).

Google Street View WiFi drama

Errata Security has a good technical explanation of Google’s WiFi sniffing controversy, which is the subject of a preliminary criminal investigation in New Zealand (see my post here). From the post:

Although some people are suspicious of their explanation, Google is almost certainly telling the truth when it claims it was an accident. The technology for WiFi scanning means it’s easy to inadvertently capture too much information, and be unaware of it… It’s really easy to protect your data: simply turn on WPA. This completely stops Google (or anybody else) from spying on your private data (assuming you haven’t done something stupid like chosen an easily guessed password, or chosen WEP instead of WPA). If you don’t encrypt your traffic, then by implication, you don’t care if people eavesdrop on it.

Meanwhile, details are emerging that the captured data included passwords and emails. This is hardly surprising given that a huge amount of computer activity involves these two things, and it doesn’t change the “case” against Google. As I wrote earlier, intention is a key issue, as is whether the captured data is “reconstructed into a communication that indicates confidentiality” and made use of.

Luke Appleby gave his take on the Google WiFi drama here. While my post looked at the criminal acts, Luke rightly points out that Google could also have run foul of s 133A of the Radiocommunications Act 1989. That is certainly worth a look by the Privacy Commissioner (not the police; and there is still a need for intention which has yet to be established), although substantive privacy issues should be the focus of any investigation, if warranted – a case which has yet to be made.

Copyright Amendment Bill submissions

Internet NZ has published its submission on the Copyright Amendment Bill. It includes a great detailed analysis by lawyer Rick Shera. While I have different views on some aspects, I support a good many parts of the submission. Paragraphs 86 and 87 of Rick’s analysis in particular raise key questions that need to be addressed by the Committee.

The submission also emphasises the range of business and government activities reliant on internet access. This is a point I submitted on earlier, and it will be interesting to see if other business sectors pick up on this. For example, do banks and online shops really want their customers to be disconnected for transgressions against another industry group? I’m sure the recording industry would not want their online customers disconnected because one of their kids is caught shoplifting at the local dairy.

Aussie net filter to be back-burnered

The Australian government’s daft plan to impose mandatory internet filtering, which only recently was being pushed ahead, is now likely to be shelved until after the election.

My recent Computerworld article is now online:

• Protecting IP in a post-software patent environment, Computerworld 10 May 2010

The article briefly summarises some of the ways developers can protect valuable intellectual property if, as expected, New Zealand bans software from patentability. I avoided the pros-vs-cons debate, because the decision has been made (after an 8 year long review). For developers operating in New Zealand, software patents will not be an option. Software patents in other countries still are, though.

Meanwhile in a new development, a German appeals court has reversed a lower court and upheld a software patent:

… the highest German appeals court in matters of civil and criminal law overruled the country’s highest patent-specialized court and decided that a client-server software for the automatic generation of structured documents (such as XML or HTML) is an example of a patentable software invention… This decision has the effect that in Germany, a country in which software patents were previously only considered valid under relatively strict criteria, all software ideas are now potentially patentable as long as they are innovative from a purely formal point of view, meaning they’re at least marginally different from how a technical problem was solved before.

If this is a change in position (change being the only constant), does it represent a change in European policy? No – Courts do not (or should not) make policy. They interpret and apply law.  But if Europe does change its position (politically or judicially) on software patents, will New Zealand need to follow suit and reverse its expected software patent ban? Pressure to conform with international norms (if one emerges) and trading partner requirements may force a change down the track, but the New Zealand decision was born of widely supported policy, not judicial opinion (or judicial fiat for that matter).

Another judicial development still pending is the US Supreme Court’s ruling in Bilski, expected to be released in the near future. That decision could impact on the ability to patent business methods, which underlie many software patents (and vice versa).

P2P operator personally liable for copyright infringement

A US court has ruled that LimeWire, one of the early popular file-sharing sites, induced copyright infringement (Eric Goldman has an excellent summary here of the “intention” issue). While this outcome was really inevitable, what is more relevant is that the Judge also ruled that the founder and sole director, Mark Gorton, is personally liable. This is a clear warning that peer-to-peer operators potentially face personal liability – which some say could have a chilling effect of P2P services.

In New Zealand, section 92B of the Copyright Act provides a limited safe harbour from copyright infringement (see my Computerworld article here) [Note: this part of the Copyright Act is due to be amended] . Whether this would protect a LimeWire-like operation in New Zealand is debatable – s92B does not protect intended infringement.

The US decision also involved liability under trade practices laws. In New Zealand, personal liability can attach to directors of companies under the Fair Trading Act 1986.

50,000 Hurt Locker downloaders to be sued

It is being reported that upwards of 50,000 people are in the process of being sued for pirating the Hurt Locker movie. The movie was leaked to the internet several months before its release, which potentially cost it dearly in ticket revenue. The lawsuits are aimed at generating settlements. Since the first lawsuits were filed in January 2010, about 40% have already settled.

There are no reports of proceedings outside of the US. Class actions in New Zealand are not facilitated by the legal system, and are very difficult to bring (a failing of our legal system) and it is therefore unlikely that proceedings will be brought against New Zealand users due to the high cost of doing so.

iiNet appeal set down

The legal appeal of iiNet’s total victory over anti-piracy group AFACT ’s claims of copyright infringement liability in Australia has been set down for August this year. As with the first ruling, this appeal will be closely watched – enormous resources are being put into heavyweight IP litigation around the world to determine just where the line should lie for ISP / third-party liability for copyright infringement. Several decisions have recently gone against rights-holders, while others (such as the Newzbins case in the UK and the LimeWire case above) went the other way. The iiNet appeal will be heard in the Federal Court. If iiNet wins again, it is likely that AFACT will seek a further appeal to the High Court of Australia.

Rendering ACTA superfluous?

Australian law professor Michael Fraser suggests that ISPs could render ACTA “superfluous” by entering into commercial agreements with content providers:

“The best approach to these issues… is to do a commercial deal and bring the ISPs into the value chain,” he said. “Rather than litigate [content providers] should include ISPs in the supply chain and ensure they get a fair part of the reward and allow access to content via the ISPs.”

The suggestion does not, of course, imply that ISPs could “contract out” of copyright law altogether. But if a commercially acceptable deal with major rights-holders could be reached, that could at least provide a “market” solution to the possible uncertainty and other concerns ACTA may cause for ISPs, rights-holders and users.

Parody rights in IP law

The studio behind Downfall film has applied to have numerous parodies of its movies removed from YouTube on the grounds of copyright infringement. The clips of the film used in the short YouTube videos are the copyright of the studio, but the question is whether the parodies are permitted under the fair use doctrine of US law.

Now, YouTube has helpfully given instructions for users whose clips have been the subject of an infringement claim by the studio.

On the local front, Luke Appleby notes that New Zealand still does not have a parody right under our copyright law. In essence, a review was announced in 2008, but has not progressed since.

Privacy attitudes

A study has been published in the US entitled “How Different are Young Adults from Older Adults When it Comes to Information Privacy Attitudes and Policies?”. From the report:

An important part of the picture, though, must surely be our finding that higher proportions of 18-24 year olds believe incorrectly that the law protects their privacy online and offline more than it actually does. This lack of knowledge in a tempting environment, rather than a cavalier lack of concern regarding privacy, may be an important reason large numbers of them engage with the digital world in a seemingly unconcerned manner.

From the conclusion:

… we found that in large proportions young adults do care about privacy. … Public policy agendas should therefore not start with the proposition that young adults do not care about privacy and thus do not need regulations and other safeguards. Rather, policy discussions should acknowledge that the current business environment along with other factors sometimes encourages young adults to release personal data in order to enjoy social inclusion even while in their most rational moments they may espouse more conservative norms.

The wider issue for all age groups, though, is that people seem quite happy to exchange privacy for functionality (or other benefits). To what extent should governments intervene?

Government confirms ban on software patents

Commerce Minister Simon Power has confirmed that the Government will adopt the recommendation to ban software patents in New Zealand. The speed of this announcement is somewhat surprising, as lobbying against the ban had been signalled.

The Economist on shorter copyright terms

The Economist says it is “time to tip the balance back” on copyright terms:

Largely thanks to the entertainment industry’s lawyers and lobbyists, copyright’s scope and duration have vastly increased. In America, copyright holders get 95 years’ protection as a result of an extension granted in 1998, derided by critics as the “Mickey Mouse Protection Act”. They are now calling for even greater protection, and there have been efforts to introduce similar terms in Europe. Such arguments should be resisted.

In New Zealand, the copyright term is generally the life of the author plus 50 years – meaning that the period often cannot even be determined while the author is still alive.

Website operators: edit comments at your own risk

The Register reports on a recent case highlighting the defamation risk of editing website comments. A key issue in New Zealand is whether the website operator “assumes responsibility” for another person’s potentially defamatory comment. As I say in my article published here:

If your website publishes third-party content (e.g. forums, search results of other sites, user ratings, etc), ensure that you are not seen as “assuming responsibility” for that content. In practice, this can include not exercising editorial control over articles and comments. This will not always be possible or appropriate on some websites.

Global privacy regime mooted

New Zealand’s privacy commissioner, Marie Shroff,  has suggested that a United Nations treaty may be required to protect privacy.  She said:

“The reason for this is [a global regime] would bring legal certainty… We have to look at whether and how we can regulate to provide certainty for businesses and protections for individual citizens”

Legal certainty is a very good thing though as I said the other day, there is unlikely to be an “imposed” global regime, and Ms Shroff denied the proposal would be “some sort of a bureaucratic initiative to impose more regulation on business”. The continued development of international guidelines (also suggested by Ms Shroff), co-ordinated enforcement, and even UNCITRAL-type “model law” is more likely here (a TRIPS-like treaty could be a possibility). New Zealand’s “privacy principles” approach works well, and the Privacy Commissioner plays a good and efficient domestic role – could the New Zealand regime be a model template? Standards would also assist and reinforce the nascent “self-regulation” by the industry, such as the Digital Due Process Coalition launched recently.

New Zealand TV listings copyright row

Kiwiblog has commented on Sky TV’s recent attempts to prevent a software developer from distributing software that could be configured to copy its TV listing, claiming their listings are protected by copyright (more on this another day).

Net nuetrality setback

A US court has ruled that the Federal Communicationc Commission does not have the authority to stop an ISP prioritising traffic, meaning that the ISP can take steps such as choking file-sharing traffic. Some see this as a major setback for maintaining net nuetrality, while others are more sanguine. For the record, New Zealand does not have any internet nuetrality regulation.

Pink Floyd has won a case, in the UK, preventing its record label EMI from distributing its songs individually, instead of as an entire album. The band objected to this practice, which it said undermined the integrity of their “seamless” albums. The judge said EMI was “not entitled to exploit recording by online distribution or by any other means other than the original album, without the consent of Pink Floyd”.

While this case turned on a contractual clause expressly prohibiting EMI from selling Pink Floyd’s songs “out of context”, New Zealand’s copyright law can give musicians (and other copyright holders) limited protection against “derogatory treatment” of their musical works outside of a contract (part of the “moral rights” of authors long recognised in civil law jurisdictions, but only since 1994 in New Zealand).

Under section 98 of the Copyright Act 1994, an author of music has the right (with various complex requirements and exceptions)  “not to have his or her work subjected to a derogatory treatment”. It is important to note that, where this section applies, it gives the right to the author, not the copyright owner who usually has all the rights under copyright law.

Derogatory treatment includes doing something “prejudicial to the honour or reputation of the author”.  What this actually means in practice is not always clear. In the case of a band, whose reputation might include concept albums portraying a high level of “interconnectedness” of songs, an argument could be made that breaking up the album, or rearranging it, or reducing a song to ring tone without permission, is a derogatory treatment. Similarly, using a musical work to accompany or promote a highly offensive movie could be derogatory treatment (one quirk is that moral rights extend to the “musical work” but not necessarily to an actual recording of it). In either case, the person using the work may be licensed to use it, but the author may still have a remedy for derogatory treatment. It would very much depend on the facts, taking into account the complex and incomplete coverage of moral rights.

One of the few New Zealand cases involving derogatory treatment is Radford v Hallensteins ([2009] DCR 907 and others). It involves a clothing chain that printed t-shirts showing an image of sculptor John Radford’s Western Park installation in Auckland. Radford has brought a claim against the clothing chain for copyright infringement, including derogatory treatment of his work. The case is yet to be heard, but the District Court refused to strike out the claim last year.

The New Zealand version of the Yellow Pages is facing a fight similar to the one its Australian counterpart had recently, in which an Australian court ruled that there is no copyright in a White Pages or Yellow Pages telephone directory (read my post here). Together with the IceTV case, the Australian courts appear to have decisively moved away from the “sweat of the brow” type arguments favoured in the UK and (to date) New Zealand, instead re-focussing on key principles of originality and authorship. Previous cases involving Yellow Pages and other directories have been before the New Zealand courts (for example, YPG IP Ltd v Yellowbook.com.au Pty Ltd, Auckland High Court 2007; University of Waikato v Benchmarking Services, Court of Appeal 2004), however these have not conclusively settled the question.

The New Zealand case is due to be heard in the High Court in May. The clear and forceful Australian judgments will surely be influential on the Court’s ruling (assuming the Telstra case is not overturned – it is being appealled), bearing in mind that New Zealand’s Copyright Act does have some important differences to Australia’s.

It is quite possible that by years end New Zealand will be on the road to adopting the more tightly focussed copyright law that has found favour in Australia. However, it will likley require at least one appeal to the Court of Appeal (and ideally another appeal to the Supreme Court) to set an authoritative precedent.