| |
 |
Friday, January 10, 2003 |
In New York City or other metro areas a city statute might also apply. State statutes presumably apply also.
Thanks to Hale & Dorr
INTERNET ALERT: The Americans with Disabilities Act and Company Websites [^] the Ever-changing Legal Landscape!
Whether private company websites are public accommodations under Title III of the Americans with Disabilities Act (the ADA) is a hotly contested issue. In our November 15, 2000 Internet Alert, we reported on the developing legal argument that websites are [base "]places of public accommodation[per thou] and, therefore, are subject to the ADA. Many of the cases discussed addressed the factors considered in determining what constitutes a [base "]place of public accommodation[per thou] and did not specifically address Internet websites. One of the cases mentioned, a U.S. District Court case from the Southern District of Florida, concluded that a telephone system of selecting participants for a game show was not a place of public accommodation. The Eleventh Circuit Court of Appeals, however, recently overturned and vacated that decision. See Rendon v. Valleycrest Prod., Ltd., 294 F.3d 1279 (11th Cir. 2002).
Specifically at issue in Rendon was the means by which contestants qualify to participate in a game show. The court found that the phone quiz was a means of access to a place of public accommodation (participation in the game show), not an end in itself. Therefore, under Title III, the selection procedures for the game show were required to be accessible to persons with disabilities. Based on this analysis, one might assume that websites in general would soon be found to be places of public accommodation. However, this is not what has happened.
Access Now, Inc. v. Southwest Airlines, Co.: Federal District Court Holds Websites Are Not Public Accommodations
The Rendon decision was distinguished in the more recent case of Access Now, Inc. v. Southwest Airlines, 2002 U.S. Dist. LEXIS 19795 (S.D. Fla. Oct. 18, 2002). According to the U.S. District Court for the Southern District of Florida, Internet websites do not encompass a physical structure and, as a result, are not places of public accommodation for purposes of Title III. As a result of this determination, websites are not required to be made accessible to disabled persons.
Title III of the ADA requires that: [base "]No individual shall be discriminated against on the basis of disability in the full and equal enjoyment of the goods, services, facilities, privileges, advantages or accommodations of any place of public accommodation.[per thou] 42 U.S.C. § 12182 (1990). The obligations of Title III of the ADA only extend to private entities that are public accommodations. In the suit brought by Access Now, Inc., a Florida non-profit advocacy group, against Southwest Airlines, Co., Access Now claimed that southwest.com, Southwest Airline[base ']s internet website, violated Title III because it was a [base "]place of public accommodation[per thou], but was not accessible to blind individuals. More specifically, Access Now argued that the website violated Title III of the ADA because the [base "]goods and services offered on southwest.com are inaccessible to blind persons using a screen reader.[per thou] Southwest Airlines countered by arguing that southwest.com is not a [base "]place of public accommodation,[per thou] and therefore not covered by Title III.
In reaching its conclusion that southwest.com was not a public place of public accommodation, the Florida court reviewed the twelve (12) categories listed in Title III that qualify as [base "]public accommodations[per thou] and determined that, in order to be considered a place of public accommodation, there must be a [base "]physical, concrete structure.[per thou] Examples of places of public accommodation listed in the regulations include insurance offices, bakeries, restaurants, and museums. The court determined southwest.com was neither a physical, public accommodation nor a means of accessing a concrete structure; the website does not exist in any particular geographical location. Furthermore, Access Now could not demonstrate that access to a physical ticket counter or travel agency was somehow impeded. Therefore, southwest.com was not a place of public accommodation and not subject to the requirements of Title III.
The Florida court addressed the Eleventh Circuit decision in Rendon and concluded that its decision was in fact aligned with Rendon. The court noted that under Rendon, the reasoning behind the Eleventh Circuit[base ']s ruling that Title III applied to the automated telephone screening system was because there was a [base "]nexus between the challenged service and the premises of the public accommodation,[per thou] namely the concrete television station. It used this same analogy to demonstrate that there was no nexus between southwest.com and a physical, public accommodation.
Access Now immediately appealed the Southwest Airlines decision to the Eleventh Circuit Court of Appeals.
Similar Suits by Access Now, Inc.
While the Southwest Airlines suit is similar to other suits filed by Access Now, it appears that the defendants in other suits have chosen to settle the claims brought by Access Now, rather than litigate. For example, the settlement reached between Access Now and the Claire[base ']s Stores requires Claire[base ']s Stores to modify its Internet website to ensure that it is accessible to disabled persons. Access Now, Inc. v. Claire[base ']s Stores, Inc., No. 00-14017-CIV, 2002 WL 1162422 at *6 (S.D. Fla. May 7, 2002). In noting its approval of the Claire[base ']s Stores[base '] settlement agreement, the Southern District of Florida acknowledged that [base "][n]o court has held that internet websites made available to the public by retail entities must be accessible.[per thou] The Claire[base ']s Stores suit and another similar suit against Barnes and Noble both were settled prior to the decision in Southwest Airlines.
Situations Where Websites Must be Accessible to Disabled Persons
The U.S. Supreme Court has not voiced its opinion on whether private company websites are subject to the requirements of Title III. However, the Federal Government has already determined, under Section 508 of the Rehabilitation Act regulations, that its Internet websites must be accessible for Federal employees and members of the public with disabilities. Electronic and Information Technology Accessibility Standards, 36 C.F.R. §§ 1194.1, 1194.4 (2001). Additionally, in an unpublished U.S. District Court for the Northern District of Georgia opinion, Martin v. Metro. Atlanta Rapid Transit Auth. (MARTA), 2002 U.S. Dist. LEXIS 19650 (Oct. 7, 2002), the court held that the plaintiffs would likely meet their burden in demonstrating that the government transportation agency, MARTA, failed to make information and schedules located on its website available, through accessible formats as required by Title II of the ADA and its regulations, to individuals with disabilities. See 28 C.F.R. § 35.160.
While Title II of the ADA only applies to [base "]public entities,[per thou] such as local governments, these examples of Internet websites being required to be accessible may influence any future U.S. Supreme Court decision regarding accessibility of private company websites and the requirements of Title III. For now, the wait for a definitive answer on private websites and the ADA still will go on.
Copyright 2002 Hale and Dorr LLP. All Rights Reserved.
2:29:08 PM 
|
|
Thanks to Hale and Dorr
INTERNET ALERT: Homeland Security Bill Offers New Opportunities for Technology Companies
The Homeland Security Act of 2002, which President Bush signed into law on November 25, 2002, has been described as a massive consolidation of 22 federal agencies and approximately 170,000 employees with a wide range of anti-terrorism responsibilities.
Beyond the new organizational charts, however, the Homeland Security Act contains numerous provisions of interest to private-sector technology companies, including stronger cyber-security measures, authorizations for targeted public-private research initiatives, sales opportunities for commercial technology products and services, streamlined procurement policies, and limitations on legal liabilities. Through these provisions, the new Department of Homeland Security (DHS) is expected to leverage [base "]private sector products, applications and solutions as they relate to homeland security challenges.[per thou] See our November 14, 2001 Internet Alert on the Defense Department[base ']s previous effort to solicit commercial solutions following the terrorist attacks of September 11, 2001.
Technology Infrastructure and Cyber-Security Enhancements
The DHS Directorate for Information Analysis and Infrastructure Protection will collect and analyze homeland security information and intelligence and protect the nation[base ']s government and private-sector critical information technology networks.
In order to encourage non-federal entities to provide DHS with information about threats to critical computer systems, information voluntarily provided to DHS may be protected from use for other purposes and can be provided under an exemption from disclosure under the Freedom of Information Act. Recognizing that non-government networks are vulnerable to terrorist attacks, the law directs DHS to provide analysis, warnings, crisis management, and technical assistance to private-sector operators of critical information systems and proposes the creation of a [base "]NET Guard[per thou] corps of volunteer technical experts to assist local authorities to respond and recover from cyber-attacks.
The law instructs DHS to utilize commercial technologies and service providers to improve the government[base ']s domestic intelligence-gathering capabilities. A DHS Privacy Officer will be responsible for monitoring these information collection technologies, reviewing DHS regulations, and reporting to Congress on DHS efforts to protect individual privacy.
The law also adds new protections against unauthorized access to information networks. Among these provisions are increased penalties for cyber-terrorism under the Computer Fraud and Abuse Act and a prohibition of Internet advertising of devices that illegally intercept electronic communications.
Federally-Supported Acquisitions, Research & Development
Given its size and complex mission, the new DHS may quickly become a major consumer of commercial products and services, including significant purchases of commercial information technologies and software. So far, however, a widely expected wave of new homeland security contracts has been slow to materialize. This is due in part to a moratorium on major information technology acquisitions by DHS component agencies, imposed by the White House in July 2002 to avoid redundant acquisitions while DHS needs are assessed. In addition, DHS will have to compete for funding with other federal budget priorities, because the law authorizes, but does not fund, new homeland security initiatives.
However, as the consolidated agency[base ']s acquisition requirements are defined, new opportunities for technology companies will emerge. For example:
· The new Bureau of Citizenship and Immigration Services (a successor to the current Immigration and Naturalization Service) to directed to seek [base "]Internet-based technologies[per thou] for providing information and receiving filings affecting millions of immigrants.
· DHS and other federal agencies are required to implement information security safeguards [base "]commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosure, disruption, modification, or destruction[per thou] of the data maintained on agency systems, and the law states a preference for commercial information security solutions.
The DHS Directorate of Science and Technology will be a new focus for public-private collaboration on technologies addressing chemical, biological, radiological, nuclear, and other terrorist threats. The law provides for a wide range of homeland security R&D initiatives, including:
· A Homeland Security Advanced Research Projects Agency to provide competitive awards to private companies to develop priority technologies, supported by a proposed [base "]Acceleration Fund[per thou] of up to $500 million, subject to Congressional funding.
· Homeland security-related collaborations with the Department of Energy[base ']s renowned national laboratories, which already provide funding, research facilities, and technical expertise to private companies.
· Coordination of human health research projects conducted by the Department of Health and Human Services, which houses the National Institutes of Health and the Centers for Disease Control and Prevention.
· A DHS advisory commission, a research institute and a technology clearinghouse, intended to promote private-sector participation in DHS science and technology activities.
In addition, the law creates a new Justice Department Office of Science and Technology to fund R&D projects in areas such as monitoring and alarms, communications systems, and DNA identification.
Streamlined Procurement Rules
The Homeland Security Act contains streamlined procurement policies that may be a model for future changes in government-wide acquisition policies. Among the special rules for DHS acquisitions are expanded authorizations to make noncompetitive purchases, increased thresholds for using [base "]simplified[per thou] procurement methods, and broader use of [base "]commercial[per thou] contract terms. Other federal agencies will be permitted to use these streamlined procedures for emergency acquisitions related to homeland security needs.
The law helps companies with innovative technologies by requiring federal agencies to make ongoing efforts to identify [base "]new entrants[per thou] that may be able to provide anti-terrorism products or services to the government.
New Liability Limitations
The law provides new protection for companies that disclose electronic communications to law enforcement agencies. Specifically, the law amends the Electronic Communication Privacy Act, 18 USC 2702(b), to permit electronic communication providers to disclose the contents of a subscriber[base ']s message in emergency situations involving a danger of death or personal injury.
Other provisions limit the legal liability of companies that are sued for alleged defects in vaccines and certain anti-terrorism technologies. For technology suppliers, these protections include a prohibition on punitive damages, limitations on noneconomic damages, and an extension of the so-called [base "]government contractor defense[per thou] that shields companies from liability for work performed under federal direction.
The new DHS will immediately become one of the largest federal government entities, with perhaps the most complex set of missions. In creating DHS, Congress acknowledged the critical role of commercial technology companies in protecting homeland security and in providing the tools needed to operate the vast new Department. The Homeland Security Act provides a blueprint for involving the technology sector in homeland security.
Barry J. Hurewitz, via email
Hale and Dorr LLP
Telephone: 202-942-8413
Telecopy: 202-942-8484
To receive a free copy of our 2001 e-Alert book - a compilation of all 2001 Internet Alerts, please click here.
The Hale and Dorr Internet Law Group periodically distributes short and practical alerts on topics of interest to Internet and other technology companies. You can access our earlier alerts, or subscribe to receive future alerts, at our Web site. Subscribers may periodically receive other informational materials from us. Our web site also contains extensive information about our Internet attorneys, legal services, clients, transactions and publications, as well as links to numerous Internet resources.
If you do not wish to receive any further Internet Alerts from Hale and Dorr LLP, please reply to this email with the word "Remove" typed in the subject line.
Copyright 2002 Hale and Dorr LLP. All Rights Reserved.
2:21:12 PM
|
|
Thanks to Hale & Dorr
INTERNET ALERT: Seminar Explores Data Protection Challenges for Companies with U.K. Operations
The European Union[base ']s Data Protection Directive establishes a standard for protecting personally-identifiable data which is more demanding than currently accepted privacy principles in the United States. See our June 24, 1999 and April 18, 2000 Internet Alerts. The Data Protection Directive also restricts the transfer of EU personally-identifiable data to other countries [^] such as the United States [^] which are not deemed by the EU to have adequate privacy laws of their own. Such transfers have become particularly challenging for European subsidiaries of U.S. companies, which must both comply with the Data Protection Directive and at the same time provide human resource ([base "]HR[per thou]) and other information to their U.S. parent companies in connection with paying EU employees, evaluating their performance and conducting other routine operations. Companies should be aware that breaching the relevant rules in this area exposes them to civil claims as well as the risk of criminal prosecution.
On November 19, Hale and Dorr, in conjunction with Brobeck Hale and Dorr, conducted a seminar in London (with a live video conference link to Boston) that explored how U.K. and U.S. companies are dealing with these new regulatory challenges.
Sarah Harrop of Brobeck Hale and Dorr[base ']s London and Oxford offices discussed the implementation of the Data Protection Directive, along with the related Directive on the Protection of Privacy in the Telecommunications Sections (the [base "]ISDN Directive[per thou]) and the recent Directive on the Protection of Privacy in the Electronic Communications Sector (the [base "]Spam Directive[per thou]), which was the subject of our August 12, 2002 Internet Alert. To see Sarah[base ']s PowerPoint presentation, click here.
Barry Hurewitz of Hale and Dorr[base ']s Washington office then reviewed the various methods by which personally-identifiable data may be transferred from EU countries to the U.S. under the Data Protection Directive. The primary mechanisms for transferring personal data from the EU to the U.S. permit transfers subject to contractual privacy safeguards, transfers necessitated by contractual obligations, and transfers to U.S. companies that have self-certified under the voluntary safe harbor program (see our February 14, 2001 and December 27, 2001 Internet Alerts). To see Barry[base ']s PowerPoint presentation, click here.
Finally, Henry Clinton-Davis of Brobeck Hale and Dorr[base ']s London Office reviewed, from a U.K. labor law perspective, the HR issues that arise when dealing with personally-identifiable information of U.K. employees. Click here to review a paper discussing data protection principles in the HR context, including special guidelines for sensitive personal data, the U.K. Information Commissioner[base ']s employment practices data protection code, proposed additional European privacy legislation, individuals[base '] rights to access data about themselves, procedures for handling medical and sickness records, guidelines for monitoring employees[base '] e-mail and Internet usage, providing access to records of disciplinary investigations, and remedies for privacy violations. To see Henry[base ']s PowerPoint presentation on laws and regulations with respect to U.K. HR data and employee monitoring, click here.
For further questions on these topics, please contact Sarah Harrop, Barry Hurewitz or Henry Clinton-Davis directly.
Hale and Dorr LLP
Washington, D.C.
Telephone: 1-202-942-8413
Telecopy: 1-202-942-8484
Brobeck Hale and Dorr
London
Telephone: 44-20-7645-2524 or 2507
Telecopy: 44-20-7645-2424
To receive a free copy of our 2001 e-Alert book - a compilation of all 2001 Internet Law Email Alerts, please click here.
The Hale and Dorr Internet Law Group periodically distributes short and practical alerts on topics of interest to Internet and other technology companies. You can access our earlier alerts, or subscribe to receive future alerts, at our Web site. Subscribers may periodically receive other informational materials from us. Our web site also contains extensive information about our Internet attorneys, legal services, clients, transactions and publications, as well as links to numerous Internet resources.
If you do not wish to receive any further Internet E-Mail Alerts from Hale and Dorr LLP, please reply to this email with the word "Remove" typed in the subject line.
Copyright 2002 Hale and Dorr LLP. All Rights Reserved.
1:33:15 PM
|
|
ATTEMPTED TRADE SECRET SALE VIOLATED ECONOMIC ESPIONAGE ACT
A former employee's attempted sale of reverse-engineering
data for making aftermarket aircraft brake assemblies
violated the Economic Espionage Act's prohibition against dealing in "trade secrets," the U.S. Court of Appeals for the Seventh Circuit holds. "U.S. v. Lange. " . . . Page 113
http://ippubs.bna.com/ip/BNA/ptc.nsf/is/a0a6f1q5c7
FAILURE TO RESPOND TO NAME CHANGES WAS ACQUIESCENCE TO TRADEMARK USE
A trademark owner's failure to respond to an alleged infringer's good faith offer to change its name qualified as active consent by the trademark owner to the use of the name, the U.S. Court of Appeals for the Second Circuit rules. However, the court vacates a summary judgment for an infringement defendant because the district court failed to make findings on likely confusion to resolve the plaintiff's claim of progressive encroachment. "Pro Fitness Physical Therapy Center v. Pro-Fit Orthopedic
and Sports Physical Therapy P.C., " . . . Page 115
http://ippubs.bna.com/ip/BNA/ptc.nsf/is/a0a6f1j1q2
TRADEMARKS:The use of a trademark for the domain name of a
Web site containing critical commentary about the trademark owner is a commercial use, even though the domain name is also the surname of the defendant, the U.S. District Court for the Central District of California rules. "Nissan Motor Co. Ltd. v. Nissan Computer Corp. " . . . Page 118
http://ippubs.bna.com/ip/BNA/ptc.nsf/is/a0a6e6g1f7
COPYRIGHTS:The way a three-note "arpeggiated" chord was
used and memorialized in a sound recording was sufficiently original and creative to warrant copyright protection, but its sampling in another recording was not infringing, the U.S. District Court for the Middle District of Tennessee holds. "Bridgeport Music Inc. v. Dimension Films LLC. " . . . Page 119
http://ippubs.bna.com/ip/BNA/ptc.nsf/is/a0a6e1r0k1
COPYRIGHTS:The right of publicity claim by a model to block
the use of her likeness on a hair product is preempted by
the Copyright Act, the U.S. District Court for the Central District of California rules. "Toney v. L'Oreal USA Inc. " . . . Page 120
1:29:25 PM
|
|
Thanks to Hale and Dorr
INTERNET ALERT: E-Retailers May be Affected by State Gift Certificate Statutes
Clients who offer gift certificates for products sold over the internet should be aware that several states have specific statutes governing the use and appearance of gift certificates. Moreover, several states have pending legislation governing gift certificates. Under these statutes, any violation -- however minor -- can give rise to a claim by the purchaser or holder, including claims that carry multiple damages and attorneys' fees. In addition, such claims can be brought as class actions.
In several states, a violation of the gift certificate statute also constitutes a violation of the state's consumer protection law. These consumer protection statutes carry the potential for class action law suits, multiple damages, fee shifting and, in some cases, enforcement and penalties by the attorney general.
The number of class action suits based on alleged violation of gift certificate statutes is on the rise. It is therefore particularly important for e-retailers to be aware of the various state laws governing gift certificates. The attached bulletin sets out the requirements of the statutes currently in place for California, Hawaii, Massachusetts, New Hampshire, New Jersey, New York, Oklahoma, and Rhode Island. It also details the pending legislation in Kansas, Michigan, Nebraska, Pennsylvania, and Tennessee.
Gabrielle R. Wolohojian, via email
James W. Prendergast, via email
Hale and Dorr LLP
Telephone: 617-526-6167 and 6181
Telecopy: 617-526-5000
To receive a free copy of our 2001 e-Alert book - a compilation of all 2001 Internet Alerts, please click here.
The Hale and Dorr Internet Law Group periodically distributes short and practical alerts on topics of interest to Internet and other technology companies. You can access our earlier alerts, or subscribe to receive future alerts, at our Web site. Subscribers may periodically receive other informational materials from us. Our web site also contains extensive information about our Internet attorneys, legal services, clients, transactions and publications, as well as links to numerous Internet resources.
If you do not wish to receive any further Internet Alerts from Hale and Dorr LLP, please reply to this email with the word "Remove" typed in the subject line.
Copyright 2002 Hale and Dorr LLP. All Rights Reserved.
1:22:48 PM
|
|
-----Original Message-----
From: Custserv [mailto:custserv@sportsendeavors.com]
Sent: Sunday, December 08, 2002 9:45 AM
To: nhumphreys@akingump.com
Subject:
Dear Customer,
We did carry the Manchester United Heather Fleece, item 187188 with an embroidered logo, but unfortunately, we have now sold out of that item. We do not have anything else like it available now, but you can try the websites listed below:
www.subside.co.uk
www.replicaworld.co.uk
www.jags-online.com
www.kitbag.com
www.calciomania.com
Sara Hils
Alternative Orders Supervisor
Eurosport: The Fabled Soccer Traders
Keepersport
Great Atlantic Lacrosse
431 US Hwy 70-A East
Hillsborough, NC 27278
1-800-934-3876 ext. 2119
Fax: 1-800-443-8326
custserv@soccer.com (lacrosse.com)
www.soccer.com
www.lacrosse.com
12:57:55 PM
|
|
Thanks to Hale and Dorr
INTERNET ALERT: Council of the EU Adopts Major Antitrust Law Reform
Based on a proposal by the European Commission (2000/0243CNS), on November 26, 2002 the Council of the European Union adopted the most comprehensive reform since 1962 with respect to procedures to be followed for ensuring the compliance of individual license, distribution, research and related agreements with EU antitrust law. Effective May 1, 2004, the reform will make significant changes to Regulation No. 17 of 1962, which has since 1962, without major changes, provided the procedural rules under which the EU Treaty[base ']s Articles 81 and 82 are enforced with respect to agreements which restrict competition.
Fundamentally, the reform attempts to enhance enforcement by simplifying procedures. Companies will no longer have to notify the European Commission with respect to individual agreements in order to obtain clearance or exemption under the EU[base ']s antitrust rules. Under the current Regulation 17, companies are required to notify the Commission with respect to agreements which restrict competition and which do not fall within the safe harbors created by various block exemptions, such as Reg. No. 2790/1999 on Vertical Agreements, Reg. No. 240/1996 on Technology Transfer and Reg. No. 2659/2000 on Research and Development.
In the past, these procedural requirements resulted in the EU Commission receiving notice of an enormous number of agreements. It is widely acknowledged that continuing this system of notification and clearance/exemption for individual agreements would not be workable when the EU expands from 15 to 25 Member States in 2004, with the addition of Cyprus, the Czech Republic, Estonia, Hungary, Latvia, Lithuania, Malta, Poland, the Slovak Republic and Slovenia.
Furthermore, as we discussed in our January 8, 2001 Internet Alert, when the Vertical Agreement block exemption was issued in 1999, for the first time, the market share of the parties became relevant in determining whether the safe harbor is available. The safe harbor under that block exemption is not available if the supplier's market share exceeds 30% or, in exclusive supply arrangements, the buyer's market share exceeds 30%. For companies that offer goods and services that are often promoted as having no competitive alternatives, it is sometimes difficult, under the current block exemption approach, to prove that relevant market shares are less than 30%
The Council[base ']s reforms replace the current system with a system that offers directly applicable exceptions, based on the judgment of the companies involved rather than a decision of the European Commission. Under the new system, companies are freed from the requirement that they notify the European Commission of their agreements. Those agreements will automatically be valid as long as the criteria for exemption in Article 81(3) are met:
The provisions of paragraph 1 [Article 81[base ']s prohibition of restrictive agreements] may, however, be declared inapplicable in the case of:
[macron] any agreement or category of agreements between undertakings [companies];
[macron] any decision or category of decisions by associations of undertakings; [and]
[macron] any concerted practice or category of concerted practices;
which contributes to improving the production or distribution of goods or to promoting technical or economic progress, while allowing consumers a fair share of the resulting benefit, and which does not:
(a) impose on the undertakings concerned restrictions which are not indispensable to the attainment of these objectives; [or]
(b) afford such undertakings the possibility of eliminating competition in respect of a substantial part of the products in question.
A central pillar of this reform is the increased role of national competition authorities. They are, along with the European Commission, enforcers of EU competition rules. By May 1, 2004, the EU will establish the so-called network of European Competition Authorities (ECN). The goal of this network will be to ensure that antitrust rules are enforced in a consistent manner throughout the 25 EU Member States.
The EU Commission intends to issue a number of Notices in order to explain and clarify certain key issues of this reform and to thus assist companies in evaluating their agreements in light of the EU competition rules.
This reform does not affect the requirements under the current rules governing merger control. Mergers which have a [base "]community dimension[per thou] as defined in the Merger Regulation must still be notified to the European Commission.
The new system puts more responsibility in the hands of the companies, who will need to ensure themselves that their agreements do not restrict competition or, in case they do, that these restrictions qualify under the Article 81 (3) criteria. In this sense, the new system will resemble the general enforcement approach followed in the United States, where companies in a vertical relationship (e.g., suppliers and distributors) enter into various restrictive contractual provisions based not on clearance from a government agency, but rather, based on the companies[base '] belief that, if they were ever challenged, a court or administrative agency would ultimately conclude that the pro-competitive benefits of the agreement outweigh any anticompetitive effects (under the so-called rule of reason).
In shifting this determination of what is reasonable under competition law from the European Commission to the contracting parties themselves, the ultimate goal of this reform is to streamline procedures without sacrificing underlying competition principles. Of course, no one will know until well after May 1, 2004 how achievable that goal will be.
Peter W. Kremer, via email
Brobeck Hale and Dorr, Munich
Telephone: 49-89-24-213-102
Telecopy: 49-89-24-213-213
Michelle D. Miller, via email
Hale and Dorr, Boston
Kenneth H. Slade, via email
Hale and Dorr, Boston
Hale and Dorr LLP
Telephone: 617-526-6116 and 6184
Telecopy: 617-526-5000
To receive a free copy of our 2001 e-Alert book - a compilation of all 2001 Internet Alerts, please click here.
The Hale and Dorr Internet Law Group periodically distributes short and practical alerts on topics of interest to Internet and other technology companies. You can access our earlier alerts, or subscribe to receive future alerts, at our Web site. Subscribers may periodically receive other informational materials from us. Our web site also contains extensive information about our Internet attorneys, legal services, clients, transactions and publications, as well as links to numerous Internet resources.
If you do not wish to receive any further Internet Alerts from Hale and Dorr LLP, please reply to this email with the word "Remove" typed in the subject line.
Copyright 2002 Hale and Dorr LLP. All Rights Reserved.
This alert is provided with the understanding that it does not constitute the rendering of legal, tax or other professional advice or services by Hale and Dorr LLP or its attorneys.
12:56:21 PM
|
|
ALLOWING PUBLICATION OF TOBACCO INGREDIENTS IS TAKING OF
TRADE SECRETS
A Massachusetts law that permits the publication of
disclosed tobacco product ingredients is an
unconstitutional taking of the tobacco companies' trade secrets, the en banc U.S. Court of Appeals for the First Circuit rules. Affirming a summary judgment for the tobacco companies, the three-judge en banc court concludes that the tobacco companies had a reasonable investment-backed expectation that their trade secrets would be protected, and that the state law essentially extinguished that right with the prospect of public disclosure. Judge Bruce M. Selya agrees, but argues that the economic
impact or character of the state action need not be considered in a trade secret case. Judge Kermit Lipez in a dissenting opinion insists that there was no showing that the statute would require disclosure of all of the ingredients lists. "Philip Morris Inc. v. Reilly". . . . Page 138
http://ippubs.bna.com/ip/BNA/ptc.nsf/is/a0a6f6d2q1 [subscription required]
12:54:33 PM
|
|
Isat study of privacy
http://www.epic.org/privacy/profiling/tia/isat_study.pdf
Study Seeks Technology Safeguards for Privacy
December 19, 2002
By JOHN MARKOFF
The Pentagon has released a study that recommends the
government pursue specific technologies as potential
safeguards against the misuse of data-mining systems
similar to those now being considered by the government to
track civilian activities electronically in the United
States and abroad.
The study, "Security and Privacy," was commissioned in late
2001 before the advent of the Pentagon's Total Information
Awareness system, which is under the leadership of Dr. John
M. Poindexter, national security adviser in the Reagan
administration. The study was conducted by a group of
civilian and military researchers, the Information Sciences
and Technologies Study Group, or ISAT, which meets annually
to review technology problems.
A Washington privacy group, the Electronic Privacy
Information Center, filed a Freedom of Information request
last month with the Pentagon's Defense Advanced Research
Projects Agency, or Darpa, and made the report available
yesterday.
The privacy group had asked the military to release
documents relating to any review of the privacy
implications of the Total Information Awareness system.
Yesterday a group official said the study did not appear to
be a complete response to its request. "They seem to be
saying they have made no assessment of the privacy issues
raised by the Total Information Awareness system," said
David Sobel, general counsel for the group. "It's
disturbing."
The study concludes that technologies can be adapted to
permit surveillance while minimizing exposure of individual
information. Those technologies include automated tracing
of access to database records; the ability to hide
individual identification while conducting searches of
databases with millions of records; and the ability to
segregate databases and to block access to people without
authorization.
"Perhaps the strongest protection against abuse of
information systems is Strong Audit mechanisms," the
authors wrote. "We need to watch the watchers."
But several study participants said there was also
widespread skepticism within the group about whether
technological safeguards would protect privacy.
"It's laughable they gave our report in response" to the
privacy group's request, said Barbara Simons, an ISAT
member who is the former president of the Association of
Computing Machinery. "We weren't looking at Total
Information Awareness, and we weren't looking at policy
issues."
The study was commissioned in the wake of the Sept. 11
attacks. It drew together 41 computer scientists and policy
and civil liberties experts at several meetings this year.
The report specifically notes that it is not a review of
the Total Information Awareness system or any other
program. The authors also note that they intentionally
focused only on technology, not on policy issues.
A Darpa spokeswoman did not respond to a request for
comment.
Dr. Poindexter took over in February as director of the
Information Awareness Office, one of two Darpa agencies
created after Sept. 11 to combat new kinds of warfare.
The Information Awareness Office is developing a prototype
of a system that might cast a vast electronic net to detect
suspicious patterns of behavior - possibly alerting the
authorities to terrorist attacks. But the prototype system
has drawn angry reactions from privacy advocates and others
because it could lead to elaborate monitoring of civilians.
The Information Awareness Office was a sponsor of the
study, and Dr. Poindexter was a participant in one meeting,
several participants said. Dr. Poindexter has said publicly
that he has begun discussions with the National Academy of
Science to finance a long-range study of the privacy
implications of new surveillance technologies.
http://www.nytimes.com/2002/12/19/national/19COMP.html?ex=1041304089&ei=1&en
=405d25536916233c
12:39:46 PM
|
|
The Cybersecurity Industrial Complex
The Feds have a massive, multiagency plan to protect the national
information infrastructure. Get ready for IT police and network smart bombs.
By Bruce Sterling
Since the dawn of the information age, computer security commandos have
battled the Four Horsemen of the Infocalypse: child pornographers, drug
lords, mafiosi, and terrorists. A noble struggle, to be sure, but mostly
vaporwar.
Computer cops have long predicted that a massive cyberdisaster would
transform their field from an underfunded annex into a law enforcement
cornerstone. On 9/11, disaster struck, and whileal Qaeda doesn't appear to
have mastered high tech, a year later the President's Critical
Infrastructure Protection Board has unveiled a comprehensive plan: "The
National Strategy to Secure Cyberspace." It's not a precise scheme for
defeating cyberwar, cyberterror, and cybercrime, but the 58-page document
does give a firm sense of the immense bureaucratic scale and vast budget
required.
Self-appointed security experts may scoff, yet "National Strategy" is
actually a well-informed report written by sober, career-oriented
functionaries. Richard Clarke and Howard Schmidt, the board's chair and vice
chair, respectively, have broad experience that ranges from police work to
the Air Force to the National Security Council to Microsoft. And there's
money on the table. The $1.4 billion a year currently spent to secure
federal computers is likely to expand by a factor of 10 during the rest of
the Bush presidency. Given the present lean times, many clever hands will
have their palms out. "National Strategy" cordially name-checks nearly every
outfit that might improve the situation.
Who will secure America's computing resources? Here's a brief list of
organizations mentioned in the report, ranked from most formidable to least
effectual, along with my best guesses as to their marching orders.
Cyberterrorists beware: This is what you're up against.
Defense Department
If you're operating on foreign soil, the DOD will blow up your desktop and
comb the wreckage for incriminating data.
National Security Agency/UKUSA Echelon
Outside and possibly inside the US, these spooks will listen in on your
phone calls and read your faxes and email.
Federal Bureau of Investigation
The FBI will continue being the FBI, only bigger and angrier.
Targets: global terror and multinational business crime.
Secret Service
The earphone army will collar money launderers, credit card and bank
fraudsters, plus anybody "of protective interest."
Federal Telecommunications and Information Systems Infrastructure
This hypothetical outfit will get federal communications off the hack-prone
Internet and onto safe, dedicated hardware.
National Homeland Security Portal
This is a one-stop Web shop for security patches and approved encryption,
still in the idea stage.
Office of Management and Budget
The OMB will map federal networks and issue security report cards. A bad
grade means you lose your computer money.
National Infrastructure Assurance Partnership
NIAP reps will make sure your workplace hardware meets their standards. Do
what they say or your insurance will skyrocket.
National Institute of Standards and Technology
NIST's Computer Security Resource Center will write primers, distribute
patches, and hand out cool security toys.
Federal Computer Incident Response Center
When new 'sploits devastate government routers, these white hats will man
the servers.
National Infrastructure Protection Center
This is an attempt to keep data lines open among 18,000 federal, state, and
local law enforcers should all hell break loose.
Federal Emergency Management Agency
The valiant disaster relief office will rush food and clothing to American
cyberwar casualties.
Task Force on Computer and Network Security
Responsible for locking down the .edu sector, this agency will sniff out
student hackers and have them expelled.
Partnership for Critical Infrastructure Security
This confederation will roll 13 federal agencies and 60 businesses into a
military-industrial complex for waging long-term infowar.
Information Sharing and Analysis Centers
Here, corporate players who otherwise would be conspiring in restraint of
trade can share "sector-specific security information."
Cyberspace Academy
This imaginary defense school will trade hordes of Cyber Corps soldiers for
the expanding security apparatus.
Forum of Incident Response and Security Teams
A vague diplomatic huddle where Americans will argue about security with
increasingly alienated Europeans, Japanese, Indians, Canadians, Australians,
and Chinese.
------------------------------------------------------------------------
Email Bruce Sterling at bruces@well.com.
12:23:00 PM
|
|
-----Original Message-----
From: Consorcio Software Libre [mailto:info2@csl.cc]
Sent: Saturday, December 21, 2002 9:56 PM
To: nylug-talk@nylug.org
Subject: [nylug-talk] [Off-Topic] Free Software Consortium in search of Consultants and Agents in your area.
We would like to invite you to be a founding members of the FSC either as a Consultant and/or an Agent.
http://www.fsconsortium.com
On the main page you will find links to subscribe as consultant and/or agent.
Free Software Consortium is a multinational consortium established to link the companies and the independent consultants that use and promote free software.
One of the bigger obstacles to the development of the free software services market is the fear of many companies to establish contracts with independent consultants who do not have support of a well known Company, Corporation or Consortium. Questioning quality, support, experience and capability to successfully complete a project are the companies manager's main concerns when considering the option of migrating their systems to free software.
Like you, we know the excellent quality that Free Software offers. We have complete confidence that Free Software is going to be the platform of the future. That is why it's so important to work and consolidate together to solve the problem mentioned above.
Free Software Consortium intends to fill this void joining the best free software companies and consultants at the national and international level.
By joining to Free Software Consortium you or your company will have the following benefits:
1. Possibility of being hired by other Consortium members.
2. Possibility of hiring other Consortium members.
3. Use of the Consortium image and name with your clients.
4. Use of the Consortium's resources like Publicity Brochures, Business Cards, Banners for presentations and events, financial presentations, publicity articles for the press and magazines, support via mailing list and forums with the Consortium's members, marketing and communication assistance, CD's and manuals from the Consortium, site and mail hosting (yourarea.fsc.cc) and other future services. 5. Representation of the FS Consortium in your area to share administrative, legal and marketing
resources between the Consultant members in your area.
Free Software Consortium will establish a contract with an Agent company which will have exclusive representation in it's area, in charge of organizing the consultants in the area. This Agent company will provide the administrative services, marketing and sales with the local customers.
From the business generated by the Free Software Consortium, the Agent company will receive 20% of the value of the contract, and the Consultant or
Consulting
company will receive 80%.
The Free Software Consortium is developing a new business model and invites
you
to join as a founding member and contribute in developing this new business model. We need your valuable help to give us ideas and comments. Please write to info@fsconsortium.com
Thank you for your attention.
Free Software Consortium
http://www.fsconsortium.com
info@fsc.cc
12:18:17 PM
|
|
http://www.eweek.com/article2/0,6071,800596,00.asp
YEAR'S BIGGEST TECH STORY: The biggest threat to IT in 2002 wasn't viruses, worms or terror-backed hacker groups; it was government intervention[~]from legislation that would criminalize basic security research to Hollywood-backed bills that would cripple all future hardware and software.
WHAT TO WATCH IN 2003: In 2002, the U.S. government established a set of system configuration security guidelines for government workers and departments[~]and anyone who, or any company that, works with these entities. More of these guidelines will be established, forcing default security mandates for many businesses.
12:09:09 PM
|
|
------ Forwarded Message
From: Steven Cherry
Date: Tue, 31 Dec 2002 11:28:37 -0500
To: "David J. Farber"
Subject: IEEE Spectrum 2003 Technology Forecast & Review
Dave,
The IEEE Spectrum 2003 Technology Forecast & Review is now up and
available. It covers five areas, Communications; Computers; Energy;
Transportation; and Semiconductors, a total of 16 articles, including
the one you authored on cybersecurity.
I hope the issue can play a small part in helping everyone have a
happy and successful new year.
Regards,
Steven
Communications
What's Wrong With Telecom
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/comm.html
Combine greed, corporate crime, misguided regulation and explosive
new technology, and you get an industry that's in serious trouble.
By Peter A. Bernstein
What's Right With Telecom
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/solu.html
Broadband's secret success and our never-ending love of mobile
communication are the aces up the industry's sleeve.
By Steven M. Cherry
Opinion
Three Takes on Telecom's Trouble
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/cfell.html
From IEEE members with intimate views of the industry's current woes
and prospects.
By Roch Guerin, Frank Ferrante & Jules A. Bellisio
Opinion
The End of the Middle
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/clude.html
Intelligent devices on stupid networks are grabbing the phone
business away from the traditional carriers.
By David S. Isenberg
Computers
Hardware Hangover
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/comp.html
System complexity is driving customers and vendors to seek solace and
solutions in software.
By Harry Goldstein
The Perfect Handheld: Dream On
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/hand.html
New technology is on the way to make your heart's desire a reality.
By Peter Savage
Can't We All Just Get Along?
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/soft.html
In a networked world, software needs to interoperate.
By Steven Cass
Opinion
Fame, but No Riches, For Cybersecurity
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/compi.html
We've had enough talk, and not enough action, from government and industry.
By David Farber
Energy
Opening Up Energy Trading
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/ewoe.html
A small circle of players gave nascent U.S. electricity markets a bad name.
By Kennedy Maize
Emission Permission
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/emis.html
Bartering in carbon dioxide will be big business.
By Mark Ingebretsen & William Sweet
Opinion
Are We Safe Yet?
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/elude.html
Richard L. Garwin explains how to keep nuclear bombs out of the hands
of terrorists.
By Jean Kumagai
Transportation
Running off the Rails
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/trail.html
Why does high-speed rail work well everywhere but the United States?
By Tony R. Eastham
Hybrid Vehicles to the Rescue
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/thev.html
They've been making major gains and could soon be in your garage.
By Willie D. Jones
The Ticket Chase
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/tair.html
Can cutting off the middleman return needed revenue to airline coffers?
By Holli Riebeek
Reversal of Fortune
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/tlude.html
Stanford University's Stephen R. Barley reflects on what's going on
in the engineering workplace.
By Jean Kumagai
Semiconductors
A Sea Change for Semiconductors
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/semi.html
When the recovery is in full swing, chip makerswill be ready with new
technologies.
By Linda Geppert
--
--
Steven Cherry, +1 212-419-7566
Senior Associate Editor
IEEE Spectrum, 3 Park Ave, New York, NY 10016
< TITLE="http://www.spectrum.ieee.org>" TARGET="_blank">http://www.spectrum.ieee.org>
12:04:24 PM
|
|
------ Forwarded Message
From: Steven Cherry
Date: Tue, 31 Dec 2002 11:28:37 -0500
To: "David J. Farber"
Subject: IEEE Spectrum 2003 Technology Forecast & Review
Dave,
The IEEE Spectrum 2003 Technology Forecast & Review is now up and
available. It covers five areas, Communications; Computers; Energy;
Transportation; and Semiconductors, a total of 16 articles, including
the one you authored on cybersecurity.
I hope the issue can play a small part in helping everyone have a
happy and successful new year.
Regards,
Steven
Communications
What's Wrong With Telecom
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/comm.html
Combine greed, corporate crime, misguided regulation and explosive
new technology, and you get an industry that's in serious trouble.
By Peter A. Bernstein
What's Right With Telecom
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/solu.html
Broadband's secret success and our never-ending love of mobile
communication are the aces up the industry's sleeve.
By Steven M. Cherry
Opinion
Three Takes on Telecom's Trouble
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/cfell.html
From IEEE members with intimate views of the industry's current woes
and prospects.
By Roch Guerin, Frank Ferrante & Jules A. Bellisio
Opinion
The End of the Middle
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/clude.html
Intelligent devices on stupid networks are grabbing the phone
business away from the traditional carriers.
By David S. Isenberg
Computers
Hardware Hangover
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/comp.html
System complexity is driving customers and vendors to seek solace and
solutions in software.
By Harry Goldstein
The Perfect Handheld: Dream On
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/hand.html
New technology is on the way to make your heart's desire a reality.
By Peter Savage
Can't We All Just Get Along?
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/soft.html
In a networked world, software needs to interoperate.
By Steven Cass
Opinion
Fame, but No Riches, For Cybersecurity
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/compi.html
We've had enough talk, and not enough action, from government and industry.
By David Farber
Energy
Opening Up Energy Trading
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/ewoe.html
A small circle of players gave nascent U.S. electricity markets a bad name.
By Kennedy Maize
Emission Permission
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/emis.html
Bartering in carbon dioxide will be big business.
By Mark Ingebretsen & William Sweet
Opinion
Are We Safe Yet?
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/elude.html
Richard L. Garwin explains how to keep nuclear bombs out of the hands
of terrorists.
By Jean Kumagai
Transportation
Running off the Rails
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/trail.html
Why does high-speed rail work well everywhere but the United States?
By Tony R. Eastham
Hybrid Vehicles to the Rescue
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/thev.html
They've been making major gains and could soon be in your garage.
By Willie D. Jones
The Ticket Chase
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/tair.html
Can cutting off the middleman return needed revenue to airline coffers?
By Holli Riebeek
Reversal of Fortune
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/tlude.html
Stanford University's Stephen R. Barley reflects on what's going on
in the engineering workplace.
By Jean Kumagai
Semiconductors
A Sea Change for Semiconductors
http://www.spectrum.ieee.org/WEBONLY/publicfeature/jan03/semi.html
When the recovery is in full swing, chip makerswill be ready with new
technologies.
By Linda Geppert
--
--
Steven Cherry, +1 212-419-7566
Senior Associate Editor
IEEE Spectrum, 3 Park Ave, New York, NY 10016
< TITLE="http://www.spectrum.ieee.org>" TARGET="_blank">http://www.spectrum.ieee.org>
11:57:58 AM
|
|
To the W3C Patent Policy Working Group:
I have received the following comments from various other
online sources, all indicating that they have been sent to
the www-patentpolicy-comment@w3.org list.
However, these comments have not shown up tonight, the final
day of the comments period; I am therefore forwarding them
below and cc'ing their authors.
Comments by the following authors follow:
1) Jay Sulzberger
2) David Kaufman
3) Edward Welbourne
4) Ward Vandewege
5) Jim Bray
Thank you,
Seth Johnson
---------- Forwarded message ----------
Date: Tue, 31 Dec 2002 15:51:55 -0500 (EST)
From: Jay Sulzberger
Subject: Against Item 3 of Section 3 of the proposed Policy
on Patents
Dear Patent Policy Working Group of the World Wide Web
Consortium,
The buggy Item 3 of Section 3 of the proposed W3C Policy on
Patents allows for patent encumbrances of
standards-compliant software. Up to now, the W3C has not
allowed such encumbrances. Up to now the Web has been built
with un-encumbered software. Up to now those pushing for
encumbrances have lost in the market for web servers and
have lost in any free market for web clients. If the buggy
policy document is adopted a special advantage will be
granted to patent holders, which means, in the main, large
companies and cartels. These large companies and cartels
did not build the Net, we did and we did it using
un-encumbered software. There is no reason to grant these
companies and cartels special privileges. It is known that
any patent encumbrance is effective at stopping commercial
and often non-commercial development and use of encumbered
software. A patent encumbrance need not be plain and direct
to do such damage; an indirect, obscure, and uncertain
threat of patent encumbrance is usually equally effective.
Patent encumbrances can only decrease inter-operability and
increase the barrier to entry in the market for software.
The World Wide Web Consortium has at this juncture a chance
to act in the interest of all, rather than in the imagined
self-interest of a small and economically unimportant group
of special interests. I say "small and economically
unimportant" because they are. They are a few companies
whose combined capital is much less than than the wealth of
the billion people who make use of the Web for their own
private, business, and public purposes. Of this billion, a
negligible number would vote to have the Web less
competitive, less efficient, and less free than it is
today. That means that the real stakeholders, the people of
the world, are overwhelmingly against adoption of Item 3 of
Section 3 of the proposed Policy on Patents.
Jay Sulzberger
For purposes of identification only:
I am the Corresponding Secretary of LXNY, New York's Free
Computing Organization.
http://www.lxny.org
---------- Forwarded message ----------
Date: Mon, 30 Dec 2002 14:22:10 -0500
From: David Kaufman
Subject: Comments: the "field of use" restrictions in
Section 3 Item 3 of the proposed W3C Patents Policy
To:
Patent Policy Working Group
World Wide Web Consortium
From:
David Kaufman
Power Data Development
87 East 21st Street
Bayonne, NJ 07002
Re: W3C Patents Policy, Section 3 Item 3 "field of use"
restriction
I'm writing to add my voice to those calling for the removal
of the "field of use" restrictions in the current wording of
the proposed W3C Patents Policy.
As a web developer, I rely on *truly* free software each day
for the operation of my business. I choose to use only Free
Software, as defined by the Free Software Foundation
(www.fsf.org), and not merely the more broad range of other
"open source" software because, to remain competitive in
this industry, I must be free to modify and redistribute
software without legal restrictions, in order to deliver
secure and reliable products and services to my customers.
The freedom to modify and redistribute software should not
be restricted to the so-called "web" or even "the Internet"
as fields of endeavor, because the business use of the web
and internet themselves are hardly relevant when not tightly
bound to the context of a particular business, industry,
field of study, or some other narrow area of human endeavor.
Patents allowing so-called free software that is restricted
to the internet would be more harmful than helpful to most
of the single field to which it *is* limited, the web.
Why? Well, how could internet software written for a
bookstore not be construed as being used in *both* the
internet, and the publishing industry? Therefore future W3C
patented software and protocols that are freely modifiable
and redistributable only to the "web" or internet industries
would be neither freely modifiable nor redistributable when
an online publisher, for instance, uses these to create an
OS-specific GUI application, that is protocol-compatible
with their web site, built using not-completely-free tools.
A non-web application that allows their staff to edit books
in their database would be merely a publishing industry
application, or a database application, that the patent
owner might decide to license restrictively for developers
to be allowed to *let it* talk to the website using a
W3C-patented storage system, communications protocol, file
format, or even, Amazon taught us, any simple-but-patented
idea!
Such a situation would create a loophole for economical
opportunism that no corporation could or would resist
driving their delivery trucks through.
Companies would soon be rushing to W3C patent applications,
protocols and other software ideas (which should *never* be
patented in the first place) (think: Amazon-One-Click) and
use the W3C's reputation to market these products as "free
and open" in order to lure developers and create a large
installed base of users who were mistakenly led to believe
that these tools were in fact Free (as in freedom) and that
any company's developers, including their own, were free to
use them to extend and enhance their use and enjoyment of
the software, when in fact, those freedoms would be quite
restrictable by the patent owners.
The obvious second step is to then create proprietary
industry-specific tools, GUI, OS/Specific user interfaces,
or any other "non-web" tools for which these is No Freedom,
for which only the patent owner may legally develop and sell
solutions, and for which the users, the users' programmers
and the entire "third-party" developer marketplace, must pay
hefty licensing fees to compete, or possibly be simply
forbidden from competing at all.
The GPL prevents this unfortunate situation by placing no
restrictions *whatsoever* on the modification and
redistribution rights granted to everyone, except one
sensible one: no one may circumvent freedom bestowed on the
software by the GPL license by simply *redistributing* and
placing a *more* restrictive license on the redistributed
version. This sole limitation closes the legal loophole of
control of ideas, and protects the rights of the developers,
the users, by restricting only the rights of those who would
seek to further restrict or control the complete freedom
rights that the developer intends, and this is why the GPL
is used and championed by so many developers such as
myself. It keeps freedom free. Any lesser license is
vulnerable to the completely legal theft, control and
exploitation of ideas.
I urge the W3C and the Patent Policy Working Group to
consider this matter seriously, and take the position that
is best for the users and developers of the large body of
excellent and truly free software that has made the internet
what it is today.
Please do not create a W3C-sanctioned loophole that must by
it's very existence be exploited by the natural profiteering
tendencies of normal competitive corporations which *must*
bow to competitive pressures to profit by trying to legally
own, control, license and otherwise restrict the use of the
high quality best-practices ideas, and industry standards
and other intellectual property that the W3C develops.
These should remain the property of the public, not of
corporations, and only a Free Software Foundation approved
license can ensure exactly that those property rights are
ensured.
Thank you in advance for your consideration to this matter.
Sincerely,
David Kaufman
---
www.Gigawatt.com / Power Data Development www.ClickSQL.com
Hosting Scriptage Databasics
www.Power-Data.com
87 East 21st Street, Bayonne, NJ 07002
(201) 436-0668
-------- Original Message --------
Date: Tue, 31 Dec 2002 17:16:48 +0000
From: Edward Welbourne
Subject: Patent Policy
http://www.w3.org/TR/2002/WD-patent-policy-20021114/
> The W3C Royalty-Free Patent Policy governs the handling of patents in
> the process of producing Web standards.
A very important topic. Many pieces of software in the
modern world are naturally obliged to interact with the
world-wide web; it is crucial that the web thus be governed
by open standards, if innovation is to continue to flourish
on and around the web. A standard whose implementation is
covered by a patent cannot be sensibly described as open
unless the patent is first de-fanged.
> The goal of this policy is to assure that Recommendations produced
> under this policy can be implemented on a royalty-free basis.
(aside: assure ... `ensure' seems more apt ...)
I contend that this goal is too tame: software designed to
interoperate with the Recommendations must also be
implementable on a royalty-free basis, even if the software
in question is not countenanced by the Recommendations.
Both Web Servers and User Agents (to give the most obvious
examples) are significant and complex bodies of software
which support mechanisms for third-party code to provide
added functionality at run-time (e.g. flash and kindred
plugins for browsers, or [NI]SAPI server-side extensions).
Such extensions are not parts of the Recommendation, and the
extension is a separate piece of software from the
implementation of the Recommendation. Yet an extension may
need - and typically does have - access to arbitrary
functionalities of the program it extends - including those
covered by an Essential Claim.
Once an Essential Claim is available to extensions to, and
to programs interoperating with, implementations of a
Recommendation, it will effectively be available to
arbitrary other programs, save that it will oblige them to
go through some artificial motions to make themselves
classifiable as implementation of, interoperator with or
extension to the Recommendation. Introducing the need for
such artefacts benefits no-one, least of all the W3C.
It is clear, further, that many in the Free (as in Liberty)
Software movement will be unable (both in principle and in
practice) to work with your policy unless all techniques
which are necessary to implement W3C Recommendations are
available for use in all software - not just that relating
to W3C Recommendations - on a royalty-free basis. The
Liberty to re-purpose code - to re-use it in arbitrary other
programs - is an essential part of the Open Source
revolution. Any Libre implementation of a W3C
Recommendation will include implementations of all Essential
Claims; limiting the royalty-free ambit only to
implementations of W3C Recommendations will collide
disastrously with such re-purposing.
Accommodating the needs of the Free Software movement will
effectively turn the policy into a requirement that
patenters of Essential Claims substantially abandon relevant
patent privileges; however, one may equally read this as
saying that a standard cannot sensibly be called open if it
depends on a technology which is subject to a monopolistic
privilege. This would appear to be a prima facie truth
which must be accepted by all participants in the
standards-making process. To this essentially political
argument, I shall add a strictly technical argument, below,
with the same net effect.
(aside:
> All sections of this document are normative unless specifically
> market non-normative.
^
marked
typo !)
That said, the policy appears to be a very sensible and
prudent approach to the sensitive and difficult problem of
engaging holders of monopolistic privileges in the
standardisation process, save for one clause which realises
the restriction, implicit in the above goal, to protecting
only implementations of W3C Recommendations - namely ...
Section 3, clause 3:
[a W3C Royalty-Free license ...]
> 3. may be limited to implementations of the Recommendation, and to
> what is required by the Recommendation;
This may lead to software being forbidden to interoperate
with a Recommendation, unless it is, itself, an
implementation thereof. It may prevent extensions from
integrating properly with implementations of
Recommendations, in so far as they have an existence
independent of the implementation (e.g. they are separately
distributed). It might even oblige an implementation to use
one solution to a general problem where the Recommendation
requires exercise of an Essential Claim while yet using a
separate solution to most of the same problem where the
Recommendation does not strictly require the Essential
Claim. It runs against the W3C's interests for such
restrictions to arise.
Worse, such a limitation may restrict the architectural
choices of those implementing a Recommendation: one would
naturally chose to break up the functionalities involved
therein into a family of libraries, all employed by one
program to implement the Recommendation. However, no one of
the libraries would constitute an implementation of the
Recommendation: only the main program itself would then be
allowed to contain the code which exercises the Essential
Claim.
Indeed, where the Recommendation's implementation has, or
may have, several running instances at one time on a
computer, breaking the program up into shared libraries
(a.k.a. DLLs) is the natural way to minimise the host
computer's resource-use; only a `thin application' need
remain as the program of which several copies are run.
Likewise, if parts of the functionality (of an
implementation of a Recommendation) are only used on some
runs of the program, putting those parts into a shared
library makes it possible for the program to only load the
library when needed - thereby, again, reducing load on the
computer. Again, if several W3C Recommendations require some
common functionality (e.g. URL parsing), it makes sense for
an implementor to write a shared library providing this, to
be used by the implementations of all the relevant W3C
Recommendations - rather than obliging each of these to
include its own, probably with subtly incompatible bugs. In
like manner, shared libraries provide a natural mechanism
for the development of a W3C standards-compliant core on top
of which application-developers can implement `thin
applications', thus separating out the user interface from
the core and allowing several different user agents to be
built on top of a single engine (c.f. the gecko renderer).
If code implementing an Essential Claim is included in a
shared library, however, it becomes accessible to other
programs - they need only link against the shared library
and exercise its API - even if those programs do not
implement W3C Recommendations. It will then be a legal
nightmare to decide who is guilty of the patent infringement
- the application author has not written, published or
distributed any code which implements the Essential Claim,
but has merely linked against an API provided as part of the
existing functionality of the target computer system; yet
the implementor of the Recommendation supplied the shared
library, in good faith, as part of the implementation of the
Recommendation. Clause 3 would thus appear to allow the
patent holder to forbid the implementation of an Essential
Claim in a shared library.
The flip-side of this is that the natural way for an
implementor of a Recommendation to make functionalities
available, to other programs interoperating with the
Recommendation, is to provide those functionalities via
shared libraries. It is, indeed, desirable that essential
components of implementations of W3C standards (e.g. XML
parsing, HTTP requests, etc.) should be provided in this
form, so as to facilitate the various uses (discussed above)
of shared libraries as common `engine and API' components.
Clause 3 allows a patent-holder to forbid such sensible
practices: indeed, the objective it tries to achieve
(namely, to ensure that the license not extend to
applications outside the arena of the W3C Recommendation)
implicitly presumes that it will be so used.
The world of computer software is ill suited to such "field
of use" restrictions, since the boundaries are far less
well-defined than is naively supposed in the wording of
clause 3: allowing such restrictions will merely lead to a
legal quagmire from which neither the W3C nor implementors
of its Recommendations will ever escape. If a patent
restricts the use of a technique essential to the support of
a standard, either the relevant claim of the patent needs to
be substantially waived or, if the patent-holder cannot be
prevailed upon to do so, the standard must be changed;
otherwise, the standard is not meaningfully `open'.
Please remove clause 3 from Section 3 before ratifying this
policy.
Your humble and obedient servant,
Edward Welbourne.
--
Writing in my capacity as a private netizen; however, I earn
my living as a programmer, in which the web has been pivotal
since 1994, including a period as a server developer for
www.Zeus.com and my present employment as a browser
developer for www.Opera.com. For more, see
http://www.chaos.org.uk/~eddy/cv/history.html
-------- Original Message --------
Subject: Re: DEADLINE New Years: Drop the W3C's "Field of
Use" Patent Policy Clause
Date: Tue, 31 Dec 2002 18:00:53 +0000
From: Ward Vandewege
In addition to doing a Masters in Science and Technology
Policy, I'm a Software Consultant, and I use Free and Open
Software exclusively because that is the only way I can
assure that I can adapt the software I use to the specific
needs of my clients.
I'm very grateful for the tremendous amount of work that has
gone into the Royalty-Free Patent Policy. I really
appreciate how the Patent Policy Working Group has listened
to and acted on the input of the public, and worked with
Bruce Perens, Larry Rosen, Eben Moglen, and others. The
current compromise is laudable, and I realize it may be the
best we can get short of the W3C becoming irrelevant by
being bypassed altogether by corporate interests trying to
establish a 'standard'.
However, I must admit I am worried about the 'field of use'
clause in the proposal. I'm afraid it will make the
standards the W3C endorses rather irrelevant, as they will
be much less attractive for (grassroots) innovative
purposes. A short example to illustrate this point:
Imagine that the Internet Protocol (IP) was established
under the RF licensing requirements as proposed, and that it
would only be RF when used on the internet. Would we have
seen the proliferation of the IP as we see today? I don't
think so. Proprietary networks that have switched to the IP
would not have done so, e.g. Novell would probably not have
dumped IPX in favour of the IP if there was a royalty fee
involved. Companies selling products that use the IP would
have had to spend much time and effort also supporting
proprietary protocols they would understand less thoroughly
because there would be much less documentation and sample
implementations, and they would be much harder to come by.
This would result in buggy implementations and/or much
higher overhead. People unaffiliated with (big)
corporations would not have used the IP for the thousands of
innovations that they have come up with since, making the
marketplace even more fragmented.
Essentially, the more open the standard, the higher the
chance it will become widely used and accepted (given that
there are no monopolistic factors that work against it).
This is something the creators of the Internet Protocol
understood well - they decidedly didn't try to foresee how
the protocol would be used, rightly realising they could
never guess all future uses of their innovation. Instead,
they tried to remove as many barriers towards unforeseen
future use as they could, both technically (by making it
totally open and designing a 'stupid' network) and more
relevant for this argument, financially - no royalty fees
whatsoever. The result is the Internet Protocol as we know
it today - omnipresent, unencumbered. Why limit the chances
of open W3C standards to become the most widely used, by
allowing royalties for unforeseen uses?
In the long run, I think this is in the interest of both
(big) industry and more independant developers. The value of
having a pool of standards totally unencumbered by
Intellectual Property Rights, is that much more is available
for innovators to build on. In other words, barriers to
innovation go down. More innovations will be made, directly
resulting in economic growth for everyone involved. If we
choose this road, everyone will benefit. If not, only a few
(large) entities will, and certainly not to a similar
extent. In that case, the world will be a much less
interesting place for people with a passion for
technology...
---
Happy New Year,
Ward.
--
Pong.be -( "Fools ignore complexity. Pragmatists
suffer it. Some )-
Virtual hosting -( can avoid it. Geniuses remove it."
-- Perlis's )-
http://pong.be -( Programming Proverb #58, SIGPLAN
Notices, Sept. 1982 )-
GnuPG public key: http://gpg.dtype.org
---------- Forwarded message ----------
Date: Mon, 30 Dec 2002 13:49:25 -0500 (EST)
From: Jim Bray
Subject: No 'field of use' patent restrictions
Dear Sirs,
I have read and agree with the Free Software Foundation's
objection to the 'field of use' patent restrictions
presently allowed in Section 3 of the W3C's proposed patent
policy, as described here:
http://www.fsf.org/philosophy/w3c-patent.html
Please amend the proposed draft to be fully consistent with
the GPL and Free Software.
With Best Regards,
Jim Bray
11:28:49 AM
|
|
From http://home.gci.net/~agimarc/
"Your Conservative Weekly OnLine Since 1997"
------ Forwarded Message
From: Alex Gimarc
Reply-To: splickplus@lists.spunge.org
Date: Wed, 01 Jan 2003 09:37:24 -0900
To: Alex Gimarc
Subject: [slickplus] Interesting Items 12/30
2. Aerospace. The portion of the American economy that has performed the
very worst since 9-11 is Aerospace. We have seen a rash of airline
bankruptcies, falling passenger count, and generally poor performance by all
aerospace sectors. Why is this? From an economic standpoint, it is simple:
Aerospace is the portion of the economy with the very most government
control, government meddling and government money. The airlines, in their
response to 9-11, all instantly demanded a federal takeover of airport
security - and they got it. Result ? The feds have completely destroyed
the under 300-mile portion of the market by making it simply too painful to
get on an airplane for a short trip. The airlines also demanded a monetary
bailout from the feds for losses suffered. The feds delivered. In
response, the airlines cut back amenities for passengers - cutting food and
beverage service, imposing new restrictions on carry-on baggage, and a range
of other responses all typical of businesses protected from competition.
Result ? Passengers are only flying when they need to do so, telling the
newly surly airlines to go straight to hell. The airlines did it to
themselves - demanded federal intervention into the marketplace. They got
that intervention. They also got the destruction of a marginally
competitive marketplace by the US government. The defense -related portion
of aerospace has been doing quite nicely, with great gobs of money being
spent to replace and revitalize our forces for the next phase of the World
War. The final portion doing poorly is spaceflight. Manned spaceflight is
a government monopoly - and has been one for over 40 years. The marketplace
has never been allowed to exist, and as a result, the dream of private
tickets for a ride to orbit has all but died here in the US. Two tickets
have been purchased, much to the chagrin of the Federalies. Both purchased
rides in Russian spacecraft. It is a darn shame that the only capitalists
for manned space travel are former Soviets.
3. Solution. Given all the above, what do we do to fix it? Easy: get the
feds out of the marketplace. Do it instantly. Do it completely. Shut down
the TSA. Make airlines responsible for their own security. Arm pilots.
Arm passengers. Arm gate agents and baggage handlers. Let the airlines
figure out how they want to handle security and let them do so. Start
identifying hijackers rather than identifying weapons (the Israeli
solution). The only federal response ought to be a limit on lawsuit awards.
The marketplace will quickly identify and reward the companies that do
security well. It will also identify and quickly destroy those that don't
(remember Pan Am?). For space, shut down all NASA manned spaceflight
operations. Force the agency to purchase launch and flight services from
commercial vendors. Get the marketplace working. Do it before it is too
late.
11:18:17 AM
|
|
On January 28 the Alumni Association holds its annual Winter Meeting in the Lecture Hall at the Graduate School of Journalism. There will be a reception at 6:30pm followed by a panel discussion at 7pm. The topic is one that will be of interest to all alumni. I hope you will make plans to attend and I look forward to seeing you there:
"Journalism Education: Is It Meeting the Challenges of the 21st Century?"
Panelists include:
* James W. Carey, CBS Professor of International Journalism at the Columbia School of Journalism;
* Brent Cunningham, managing editor of the Columbia Journalism Review;
* Josh Mills, director of the masters program in business journalism at Baruch College- CUNY;
* Jay Rosen, chairman of the journalism and mass communication department at New York University.
The panel will be moderated by: Joan Konner, J '61, dean emerita and professor at the Columbia University Graduate School of Journalism.
RSVP to Sasha Boak Kelly 212-854-3864 or alumni@jrn.columbia.edu
http://www.jrn.columbia.edu/alumni/association/calendar/
11:04:51 AM
|
|
An ERIC Digest on how libraries deal with the pressing issue of spreading declining budgets across multiple new formats like books on tape, DVDs, large type, CDs, etc.
Foundation Center's Online Librarian
http://fdncenter.org/learn/librarian/
Responding to "your need for factual information on foundations, philanthropy, and other issues related to nonprofits, and to assist with your fundraising research." Check out the FAQ file, use the Foundation Finder, or submit a query online.
11:01:08 AM
|
|
From Dave Farber
--
"They that can give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety." - Benjamin Franklin Historical Review
of Pennsylvania 1759
"To announce that there must be no criticism of the president, or that we
are to stand by the president right or wrong, is not only unpatriotic and
servile, but is morally treasonable to the American public." - Theodore
Roosevelt (1918)
"During times of universal deceit, telling the truth becomes a revolutionary
act." - George Orwell
"If ye love wealth better than liberty, the tranquility of servitude better
than the animating contest of freedom, go home from us in peace. We ask not
your counsels or arms. Crouch down and lick the hands which feed you. May
your chains set lightly upon you, and may posterity forget that ye were our
countrymen." - Samuel Adams, speech at the Philadelphia State House, August
1, 1776.
10:58:44 AM
|
|
Government Executive
January 6, 2003
National cybersecurity plan omits industry mandates
By Bara Vaida and William New , National Journal's Technology Daily
The latest version of the national cybersecurity plan expected to be
presented to President Bush within the next month encourages the private
sector to do more to protect the Internet but without mandates on industry,
which had been proposed in the initial draft released publicly last
September.
Internet service providers (ISPs) will not be required to build a
centralized system to enable broad monitoring of the Internet; rather, they
will be encouraged to develop a national network operations center (NOC)
that could complement a federal cybersecurity response team that is to be
developed in the Homeland Security Department, according to a copy of the
plan obtained by National Journal's Technology Daily.
"In substance, the latest draft isn't all that different from September,"
said one high-tech industry source who viewed the latest version.
"Stylistically, it's much different in that it is much better written,
simpler and more straightforward. If you ticked off the items in this draft
compared to the other, however, there aren't that many differences."
The administration has been gathering comments on the first draft and has
addressed issues raised in those comments, including suggestions that the
plan more clearly state that it does not seek to regulate the private
sector.
Late last month, The New York Times reported that the Bush administration
was planning to propose requiring that ISPs build a central monitoring
system of the Internet, raising fears that the strategy had become more
regulatory. However, the version that has been circulating within the
high-tech sector since December says only that private-sector organizations
focused on cybersecurity "should consider the benefits of creating an
entity or center with a synoptic view of the health of cyberspace on a 24
by 7 basis."
The creation of such an operations center will continue to face resistance
from companies that have made a business by monitoring cyberspace for
specific clients, a high-tech lobbyist said. Richard Clarke, the special
adviser to Bush on cybersecurity and chief architect of the strategy, "just
hasn't made a good enough case that a NOC is necessary ... when it is
already being done in the private sector," the lobbyist said.
The strategy states that "federal regulation will not be used as a primary
means of securing cyberspace" but also emphasizes that the federal
government cannot protect the Internet alone.
On the international front, the draft still makes a strong pitch for global
cooperation but adds that the United States "reserves the right to respond
in an appropriate manner, including through cyberwarfare." It also stresses
stronger U.S. counterintelligence efforts in cyberspace, improvements in
attributing cyberattacks to their sources, and better interagency
coordination.
Other points emphasized in the latest version include:
A Cyber Warning and Information Network to allow government officials and
the private sector to discuss cyber threats.
Tests to determine the impact cyberattacks would have on processes in
various agencies.
A program to manage the information flow and to protect the information on
threats to critical infrastructures that companies voluntarily submit.
A public-private task force to recommend the implementation of the new
Internet protocol, IPv6 in the United States.
Annual priorities for cyber-security research and development and periodic
reviews of emerging cyber-security technologies.
An information and analysis center for universities and colleges because
they have among the most powerful computing systems in the nation.
A task force of public and private-sector officials to identify ways that
information technology providers, other organizations and the government
can reduce the burden on home users and small businesses in securing their
computer systems.
10:55:32 AM
|
|
Wisdom is the principal thing; therefore get wisdom:
and with all thy getting get understanding.
Bible: Hebrew Proverbs, 4:7
10:34:59 AM
|
|
Thanks to:
============================================
EUROPEAN TECH WIRE -- Jan. 8, 2003
============================================
To Subscribe For Free: http://www.europeantechwire.com
o Philips To Transfer "Several Thousand" Jobs Out Of Europe
London -- Philips Electronics will transfer "several thousand" jobs from
Western Europe in an ongoing effort to cut costs, the Financial Times
reported. Amid the recent economic downturn, many of Europe's largest
technology companies have increased the pace that they are relocating
various IT and administrative functions to cheaper foreign markets. CEO
Gerrard Kleisterless said in an interview that some of the company's
human resources, IT and accounting operations will move to new owners
or transfer to factories in Asia, Central America and Eastern Europe,
where labor costs are lower. Philips has 184,000 employees worldwide.
http://www.afxpress.com/afxpress2/afx/story_48024.xml.html
_____________________________________________
o SAP Transferring U.S. Call Center Jobs To Ireland
Stuttgart, Germany -- German software group SAP said on Wednesday
that it will cut 88 jobs as part of a restructuring of its U.S. sales force and
will transfer another 42 U.S. call center jobs to Ireland. The job cuts come
as part of a restructuring of SAP's U.S. business by new SAP America
CEO Bill McDermott. SAP employs 3,400 staff in the U.S; its U.S.
headquarters is located in Philadelphia.
http://biz.yahoo.com/rb/030108/tech_sap_jobs_2.html
_____________________________________________
10:06:33 AM
|
|
Thanks to:
============================================
EUROPEAN TECH WIRE -- Jan. 8, 2003
============================================
To Subscribe For Free: http://www.europeantechwire.com
o Norwegian Teenager Johansen Found Not Guilty of DVD Piracy
Oslo, Norway -- In a closely watched case in Hollywood, a Norwegian
teenager on trial for his role in creating a controversial computer code that
can crack the anti-copying technology on DVDs, has been found not
guilty on all charges. Norwegian prosecutors had asked for a suspended
90-day jail sentence for 19-year-old Jon Johansen, who was sued in
Norway after a complaint was filed by the Motion Picture Association of
America (MPAA), which represents Hollywood movie studios. Several
U.S. publishers have been sued by movie studios for distributing the code
he developed over the Internet.
http://shorterlink.com/?3BU7X7
http://www.aftenposten.no/english/local/article.jhtml?articleID=466519
10:04:57 AM
|
|
This law is a huge and costly problem that justifies a great deal of spending on security measures.
Thanks to Dave Farber's IP for circulating this:
-----Original Message-----
From: ghamilton(contr-ato)
To: IAIPT
Subject: California Disclosure Law Has National Reach
Date: Wed, 8 Jan 2003 17:19:45 -0500
California Disclosure Law Has National Reach
from SecurityFocus on Wednesday, January 08, 2003
A new California law requiring companies to notify their customers of
computer security breaches applies to any online business that counts
Californians as customers, even if the company isn't based in the
Golden
State.
So warned Scott Pink, deputy chair of the American Bar Association's
Cybersecurity Task Force, in a conference call Monday organized by an
industry trade group and attended by approximately 50 representatives
of
technology companies and law firms concerned about the scope of the new
law,
which will take effect on July 1st of this year.
"If you are selling products or providing services to residents of
California, it would probably be determined that you're conducting
business
in California under this law," said Pink. "This is something that has
captured the attention of many corporate counsel and many IT managers
around
the United States, as they try to understand what the law requires and
how
it impacts them."
The law, called "SB 1386," is intended to combat identity theft. It
passed
last September in the wake of a high-profile computer intrusion into a
California state government system that housed payroll information on
200,000 state workers, in which the victim employees were not warned
that
their personal information was stolen until weeks after the incident.
The
law passed over strong objections from industry groups.
To trigger the law, a breach must expose certain type of information:
specifically, customers' names in association with their social
security
number, drivers license number, or a credit card or bank account
number.
After such an intrusion, the company must notify the effected customers
in
"the most expedient time possible and without unreasonable delay."
Other types of information are not covered, and the disclosure only
needs to
be made to California residents. But as a practical matter, Pink said,
online businesses may find it easier to notify everyone impacted by a
breach, rather than trying to cherry-pick Californians for special
treatment.
"Many, many companies outside California are likely to be governed by
this
law," said Pink. "The question for them is to what extent do they find
it
convenient to only notify California residents, and do they find it
easier
to just notify everybody?"
Companies that ignore the law face potential exposure to class action
lawsuits.
The law addresses a chronic problem in e-commerce - companies that are
hacked are often reluctant to go public for fear of bad publicity or
civil
liability. But in forcing companies to come clean, the California law
takes
the opposite approach of the Bush administration's emerging cyber
security
policies, which encourage secret disclosure to government officials,
rather
than public warnings.
In Monday's talk, organized by the Information Technology Association
Of
America, Pink called the law "revolutionary," and said he believes
that
other states will follow California's lead. But he also pointed out
some
ambiguities in the law's language that are still waiting to be
resolved.:
The ROT13 loophole? An exception in the law says companies don't have
to
disclose a breach if the stolen data was stored in an encrypted form.
But it
doesn't say the encryption has to be strong. "If someone were to hack
into
the system... obtain the encrypted contents, and are able to unencrypt
them,
does that trigger the disclosure requirements?," asks Pink. "As I read
the
legislation, that' s not entirely clear."
Willful Ignorance. Disclosure isn't just triggered by drop-dead,
caught-'em-red-handed intrusions, but by any incident in which customer
data
is "reasonably believed" to have been compromised. That's a vague term
that
leaves much room for legal wrangling, Pink says. And what constitutes
knowledge, anyway? "If a lower level IT person notices some
unauthorized
activity... is that knowledge of the company as a whole, and does that
trigger disclosure?"
Law enforcement investigations. Companies are permitted to delay
disclosure
to meet "the legitimate needs of law enforcement," a provision intended
to
keep the law from acting as an early warning system for cyber crooks
who've
fallen under police scrutiny. But who decides what a legitimate need
is?
That last provision means that law enforcement officials effectively
hold
the power to grant a stay of execution on disclosure, giving a company
time
to examine its liability and plan a public relations strategy. That
could
mean a boost in the number of intrusions companies report to police,
something the law enforcement community has been trying to achieve for
years. As one participant in Monday's conference call -- an executive at
a
large Silicon Valley software company -- put it, reporting the crime
would
be a way of "buying time." ("II'm not trying to get around the law,"
the
exec added).
Pink suggested that any company relying on the law enforcement
exception
first get an explicit request from officials to delay disclosure. And
resist
the temptation to notify a local traffic cop and consider the matter
closed.
"The agency you're reporting it to should at least have jurisdiction,"
said
Pink.
Copyright (c) 1999-2003 SecurityFocus
9:11:04 AM
|
|
Thanks to Abraham Sofer:
Client Alerts are newsletters authored by Lipa Meir attorneys, each
addressing a single topic. The purpose is to provide timely information
regarding the latest court decisions, legislative developments and business
topics-- all in the context of US international trade or Israeli
international business development.
Dear Client, Friend and Colleague:
*************************************************************
A road map to sellers' product liability in the Homeland Security market
Minimizing the risk of product liability actions for technologies sold in
the Homeland Security market has emerged as a significant element of the new
US anti- terrorism legislation seeking to encourage budding technology
companies to come forward with new wares and artifacts. Under a "regular"
product liability review, the rules generally require no more of
manufacturers, importers and retailers than responsible business practices,
a culture of safety, quality assurance and prudence in design, production,
record keeping and marketing procedures (and customer information material
to ensure the safety). However, the types of technologies in the homeland
security market -- in many cases stripped down civilian versions of military
products, and the obvious risk of unknown factors, may not be offered such a
"courteous" treatment by plaintiffs' counsel for product liability victims.
For instance, a gas mask designed to withstand certain chemicals may not
protect against newly invented compounds not known at the time the mask was
being distributed. Thus, technology companies wishing to sell products in
the US Homeland Security market, must consider product liability exposure
along with other factors associated with doing business in the US. The
Homeland Security Act of 2002 ("Act") provides a road map to all potential
sellers (Us and foreign) on how to limit such liability in the market.
Generally speaking, product liability applies to a company that manufactured
the product; or imported the product, or sold its "own brand" goods
manufactured for it under license. Also, in some circumstances, the retailer
may be deemed to be the manufacturer of the product and hence liable. As a
general rule, a product is defective if it does not provide the level of
safety which the community generally is entitled to expect. The level of
safety may vary from case to case and it is ultimately for the courts to
determine whether a product was indeed defective. There are a number of
factors a court will take into account when making its determination,
including: the manner in which and the purposes for which the product has
been marketed, the packaging of the product; the use of any mark in
relation to the product; instructions for or warnings with respect to doing
or refraining from doing anything with or in relation to the product; what
might reasonably be expected to be done with the product; and the time when
the product was supplied. Products would not necessarily be defective simply
because the safety of later models had been improved. The drafters of the
Act did not leave the treatment of these claims to the courts and plaintiffs
lawyers to apply regular tort tests.
As part of the legislative process of the Act, there were floor amendments
by congressmen offering to provide full federal indemnification to companies
facing potential lawsuits over homeland security-related products. Many have
noted that technology companies have been unable or reluctant to sell
cutting-edge counter-terrorism technologies to the government because
insurance companies, fearful of the liability risks stemming from major
terrorist attacks, have been unwilling to provide adequate coverage. The Act
did not go as far as to provide a full blanket indemnification, but did
provide protection for manufacturers from liability to their products by
placing limits on the liability exposure for contractors whose products or
services have been certified as "high-risk" by the Homeland Security
Secretary (Secretary). Lawsuits would be limited to a "reasonable" amount of
insurance, essentially the amount a company can obtain commercially and
still be profitable. `Liability insurance' is to cover all legal liabilities
incurred by the insured resulting from loss of or damage to property of
others; ensuing loss of income or extra expense incurred because of loss of
or damage to property of others; bodily injury (including) to persons other
than the insured or its employees; or loss resulting from debt or default of
another. `Loss' means death, bodily injury, or loss of or damage to
property, including business interruption loss.
The coverage essentially relates to acts of terrorism' meaning any act that
is unlawful, causes harm to a person, property, or entity, in the United
States, or in the case of a domestic United States air carrier or a United
States-flag vessel, in or outside the United States; and uses or attempts to
use instrumentalities, weapons or other methods designed or intended to
cause mass destruction, injury or other loss to citizens or institutions of
the United States, subject to such other requirements are further defined
and specified by the Secretary.
Risk management. First, the Act provides that any person or entity that
sells or otherwise provides a qualified anti-terrorism technology to Federal
and non-Federal government customers (`Seller') must obtain liability
insurance in accordance with the Act (and certified by the Secretary) to
satisfy otherwise compensable third-party claims arising out of, relating
to, or resulting from an act of terrorism when qualified anti-terrorism
technologies have been deployed in defense against or response or recovery
from such act. Second, the Seller must only seek liability insurance which
need not exceed the maximum amount of liability insurance reasonably
available from private sources on the world market at prices and terms that
will not unreasonably distort the sales price of Seller's anti-terrorism
technologies. Third, the liability insurance obtained pursuant to the Act
shall, in addition to the Seller, extend to contractors, subcontractors,
suppliers, vendors and customers of the Seller, and vendors of the customer,
to the extent of their potential liability for involvement in the
manufacture, qualification, sale, use, or operation of qualified
anti-terrorism technologies deployed in defense against or response or
recovery from an act of terrorism.
Under a special provision, the Seller, in turn, must enter into a reciprocal
waiver of claims with its contractors, subcontractors, suppliers, vendors
and customers, and contractors and subcontractors of the customers, involved
in the manufacture, sale, use or operation of qualified anti-terrorism
technologies, under which each party to the waiver agrees to be responsible
for losses, including business interruption losses, that it sustains, or for
losses sustained by its own employees resulting from an activity resulting
from an act of terrorism when qualified anti-terrorism technologies have
been deployed in defense against or response or recovery from such act.
If this coverage is obtained, the Act proclaims that regardless of any other
provision of law, liability for all claims against a Seller arising out of,
relating to, or resulting from an act of terrorism when qualified
anti-terrorism technologies have been deployed in defense against or
response or recovery from such act and such claims result or may result in
loss to the Seller, whether for compensatory or punitive damages or for
contribution or indemnity, shall not be in an amount greater than the limits
of liability insurance coverage required to be maintained by the Seller
under the Act.
Products covered by the new product liability rules: only products titled
`qualified anti-terrorism technologies', to mean any product, equipment,
service (including support services), device, or technology (including
information technology) designed, developed, modified, or procured for the
specific purpose of preventing, detecting, identifying, or deterring acts of
terrorism or limiting the harm such acts might otherwise cause, that is
designated as such by the Secretary. The designation could apply to
property with prior US government use, the availability of the technology
for immediate deployment, existence of extraordinary third party exposure,
substantial likelihood that the technology will not be deployed absent such
certification, magnitude of the risk to the public if the technology is not
deployed, etc.
Federal law to apply in most cases: the Act provides that federal law will
preempt state law, where applicable, and that a federal cause of action
shall exist for claims arising out of, relating to, or resulting from an act
of terrorism when qualified anti-terrorism technologies have been deployed
in defense against or response or recovery from such act and such claims
result or may result in loss to the Seller. The substantive law for decision
in any such action shall be derived from the law, including choice of law
principles, of the State in which such acts of terrorism occurred, unless
such law is inconsistent with or preempted by federal law. Such federal
cause of action shall be brought only for claims for injuries that are
proximately caused by sellers that provide qualified anti-terrorism
technology to Federal and non-Federal government customers.
Which courts shall have jurisdiction: the district courts of the United
States shall have original and exclusive jurisdiction over all actions for
any claim for loss of property, personal injury, or death arising out of,
relating to, or resulting from an act of terrorism when qualified
anti-terrorism technologies have been deployed in defense against or
response or recovery from such act and such claims result or may result in
loss to the Seller.
Limitations on damages awarded: In an action brought for damages the
following provisions apply, (a) no punitive damages intended to punish or
deter, exemplary damages, or other damages not intended to compensate a
plaintiff for actual losses may be awarded, nor shall any party be liable
for interest prior to the judgment, (b) non-economic damages (that is,
damages for losses for physical and emotional pain, suffering,
inconvenience, physical impairment, mental anguish, disfigurement, loss of
enjoyment of life, loss of society and companionship, loss of consortium,
hedonic damages, injury to reputation, and any other nonpecuniary losses)
may be awarded against a defendant only in an amount directly proportional
to the percentage of responsibility of such defendant for the harm to the
plaintiff, and no plaintiff may recover non-economic damages unless the
plaintiff suffered physical harm, and (c) any recovery by a plaintiff in an
action under this section shall be reduced by the amount of collateral
source compensation, if any, that the plaintiff has received or is entitled
to receive as a result of such acts of terrorism that result or may result
in loss to the Seller.
Defense for government contractors: if a product liability or other lawsuit
is filed for claims arising out of, relating to, or resulting from an act of
terrorism when qualified anti-terrorism technologies approved by the
Secretary, have been deployed in defense against or response or recovery
from such act and such claims result or may result in loss to the Seller,
there shall be a rebuttable presumption that the government contractor
defense applies in such lawsuit. This presumption shall only be overcome by
evidence showing that the Seller acted fraudulently or with willful
misconduct in submitting information to the Secretary during the course of
the Secretary's consideration of such technology under this subsection. This
presumption of the government contractor defense shall apply regardless of
whether the claim against the Seller arises from a sale of the product to
Federal Government or non-Federal Government customers.
Steps to be taken by the manufacturers relying on a government contractor
defense: if you plan on selling products in the Homeland Security market and
you wish to be covered by the limitations on liability, you must apply to
the Secretary for review and approval of the anti-terrorism technology
developed by you for purposes of establishing a government contractor
defense in any product liability lawsuit.
Upon such submission to the Secretary for approval, the Secretary will
conduct a comprehensive review of the design of such technology and
determine whether it will perform as intended, conforms to the Seller's
specifications, and is safe for use as intended. The Seller will conduct
safety and hazard analyses on such technology and will supply the Secretary
with all such information.
For anti-terrorism technology reviewed and approved by the Secretary, the
Secretary will issue a certificate of conformance to the Seller and place
the anti-terrorism technology on an Approved Product List for Homeland
Security.
Finally, it has been reported that the defense and technology industries are
hopeful that in the coming weeks, the Bush administration will commit to pay
for some future lawsuits involving homeland security products and services
provided to the government. The White House is expected to circulate a draft
modifying a longstanding executive order under which the Defense secretary
and agency heads may choose to indemnify contractors for unusually hazardous
products. The technology industry considered the Act to create a Homeland
Security Department a win, but they failed to get indemnification included
in earlier versions of the bill. As mentioned above, they did get protection
from liability for their products to the level of commercially available
insurance, but there is no agreement that the government would step in above
that level. Indemnification would commit the federal government to cover
additional damages resulting from terrorist attack or other incident
involving the homeland security products.
As yet to be seen, creating a new department in a time of war, merging
various cultures and organizations, and significantly increasing the people
and resources involved is a tremendous management challenge. But the Act
promises a mini revolution in the area of product liability. Several
plaintiffs counsel are notorious for suing corporate America on behalf of
persons who have suffered injury or loss as the result of a defective
product or service -- the asbestos, Dalkon Shield, tobacco, Pen Phen cases,
to name a few and it is yet unclear, though, how they will react in the
Homeland Security tort domain.
**************************************
This communication is designed to provide accurate and authoritative
information in regards to the subject matter covered. It is offered with the
understanding that it is not a legal opinion and should not be relied upon
or presented as such. If legal advice or other expert assistance is
required, the services of a competent professional should be sought.
*************************************
NO SPAM POLICY
Your privacy is important to us. We abide by a no spam policy. If you
believe that you are receiving this message in error or would no longer like
to receive email from Lipa Meir & Co. please click on "reply", type
"unsubscribe" in the subject field and click "send."
Abraham Sofer, Esquire
Admitted in New York, Washington DC and Israel
Lipa Meir & Co. -- Attorneys at law
Please visit our web site at : www.israelattorneys.co.il
E-mail address:
asofer@lipameir.co.il
asofer@attglobal.net
Telephone number: 972-3-6070600
Fax number: 972-3-6070666
8:58:43 AM
|
|
Homeland security
http://www.washingtonpost.com/wp-dyn/articles/A18662-2003Jan6.html
------ Forwarded Message
From: Ted Bridis
Organization: The Associated Press
Date: Tue, 07 Jan 2003 11:16:05 -0500
To: dave@farber.net
Subject: RE: [IP] National cybersecurity plan omits industrymandates
>>[IP] National cybersecurity plan omits industry mandates<<
Dave, Gov't Executive's review of the administration's latest plan for
cyber-security missed at least one change that I found curious:
eliminating an earlier, formal proposal to consult regularly with
privacy experts. In the September draft (available at
http://www.whitehouse.gov/pcipb/) there was a section of explicit
proposals (See Recommendations R-36, -37 and -38) dedicated to "Privacy
and Civil Liberties," all of which have been eliminated as formal
proposals from the latest draft, as far as I can tell. It will be
interesting to see whether the privacy provisions are added back in
before this latest draft is made public.
http://news.yahoo.com/news?tmpl=story2&cid=528&ncid=528&e=3&u=/ap/200301
06/ap_on_go_pr_wh/securing_cyberspace
White House Trims Cyber-Security Plan
By TED BRIDIS
Associated Press Writer
WASHINGTON - The Bush administration has reduced by nearly half its
initiatives to tighten security for vital computer networks, giving more
responsibility to the new Homeland Security Department and eliminating
an earlier plan to consult regularly with privacy experts.
An internal draft of the administration's upcoming plan also eliminates
a number of voluntary proposals for America's corporations to improve
security, focusing instead on suggestions for U.S. government agencies,
such as a broad new study assessing risks.
"Governments can lead by example in cyberspace security," the draft
said.
The draft, circulating among government offices and industry executives
this week, was obtained by The Associated Press. President Bush was
expected to sign the plan, called the National Strategy to Secure
Cyberspace, and announce the proposals within several weeks.
The new draft pares the number of security proposals from 86 to 49.
Among changes, the draft drops an explicit recommendation for the White
House to consult regularly with privacy advocates and other experts
about how civil liberties might be affected by proposals to improve
Internet security.
The draft notes that "care must be taken to respect privacy interests
and other civil liberties," and it noted that the new Homeland Security
Department will include a privacy officer to ensure that monitoring the
Internet for attacks would balance privacy and civil liberties concerns.
"It's perplexing," said James X. Dempsey of the Washington-based Center
for Democracy and Technology. "This administration is constantly on the
receiving end of criticism on privacy issues. This looks like another
example of willfully raising privacy concerns. They should know better
by now."
An official for the White House cyber-security office declined to
comment, saying the latest draft hasn't yet been published.
The draft obtained by the AP puts the new Homeland Security Department
squarely in the role of improving Internet security, proposing to use it
to launch some test attacks against civilian U.S. agencies and to
improve the safety of automated systems that operate the nation's water,
chemical and electrical networks.
The new version also makes it more clear than ever that the Defense
Department can wage cyber warfare if the nation is attacked. The
administration said previously that government "should continue to
reserve the right to respond in an appropriate manner."
The new draft cautions that it can be difficult or even impossible to
trace an attack's source. But it warns that the government's response
"need not be limited to criminal prosecution. The United States reserves
the right to respond in an appropriate manner, including through cyber
warfare," it said.
The new version also puts new responsibilities on the CIA and FBI to
disrupt other countries from using cyber tactics to collect intelligence
on government agencies, companies and universities.
The administration published an early version of its plan in September -
weeks before Congress voted to create the Homeland Security Department -
with 86 recommendations for at home users, small businesses,
corporations, universities and government agencies.
Critics, even the InfraGard national organization of private security
experts established by the FBI, seized on the lack of new regulations
that would have mandated better security practices but could have
required America's largest corporations to spend millions for
improvements.
"We felt that there was a significant security improvement that could be
made most easily through regulation," the InfrGard group wrote to the
White House. "In many cases the deeply held conclusion was that the same
result could not be reached in the absence of new regulation."
The draft, however, continues to refute the need for any new
regulations, saying mandates for private industry would violate the
nation's "traditions of federalism and limited government." It said
broad regulations would hamstring security by creating a "lowest
common-denominator approach" and could result in even worse security.
8:56:02 AM
|
|
Thanks to:
THE WRITE NEWS(TM) WEEKLY 1-6-03
"A look at the highlights of the news published in
The Write News(TM) http://www.writenews.com for the
weeks of 12-16-02 through 1-3-03."
LIGHT READING ACQUIRES BOARDWATCH MAGAZINE
-----------------------------------------------------------------------
Light Reading, a telecommunications technology resource,
announced that it has purchased Boardwatch magazine from
Penton Media. Light Reading also acquired Penton's Boardwatch
and ISPworld websites and its directory of Internet service providers.
"This is a huge day for Light Reading. Integrating Boardwatch's
50,000 service provider readers with our existing carrier audience
gives Light Reading the largest service provider audience of any
publication in the world," said Stephen Saunders, president and
CEO of Light Reading. "We now reach over 100,000 service
providers in the U.S., Asia, and Europe."
The Boardwatch magazine will be moved online, like all of Light
Reading's publications. The resulting savings on printing and
distribution costs will be reinvested into the magazine's editorial
coverage -- which will be expanded to include analysis of both the
economics of service provider networks and the technology
installed in them.
"Boardwatch will focus on the issues that service providers are
concerned with -- not just technology and the business case for
deploying it, but also everything to do with the information supply
chain that links content providers to end users," said Peter
Heywood, cofounder of Light Reading.
The Boardwatch website will also undergo a sweeping redesign --
including the incorporation of an existing part of the Light Reading
Website: the Service Provider Circle, a portal that brings together
information of interest to carriers from third-party sources.
Light Reading launched in February 2000. Its website provides
analysis of telco networking developments. Light Reading says it
has been profitable from its inception and that its lightreading.com
website receives 850,000 visitors each month. Light Reading also
publishes byteandswitch.com, which covers storage networking
issues, and unstrung.com, a site providing analysis of the
wireless industry.
8:49:23 AM
|
|
Thanks to Dave Farber's IP mailing list:
From: Declan McCullagh
Reply-To: declan@well.com
Date: Thu, 9 Jan 2003 18:20:48 -0500
To: politech@politechbot.com
Subject: FC: Lexmark invokes DMCA in suit over aftermarket printer toner
Hearing postponed:
http://news.com.com/2110-1023-979975.html
Complaint:
http://www.politechbot.com/docs/lexmark.complaint.010803.pdf
---
http://news.com.com/2100-1023-979791.html
Lexmark invokes DMCA in toner suit
By Declan McCullagh
January 8, 2003, 7:28 PM PT
Printer maker Lexmark has found an unusual weapon to thwart rivals
from selling replacement toner cartridges: the Digital Millennium
Copyright Act.
A federal judge in Kentucky has scheduled a hearing for Thursday in
the case, which Lexmark filed against Static Control Components in an
effort to slam the brakes on the toner cartridge remanufacturing
industry. Lexmark is the No. 2 printer maker in the United States,
behind Hewlett-Packard, and manufactures printers under the Dell
Computer brand.
[...]
Lexmark claims that Static Control violated the DMCA by selling its
Smartek chips to companies that refill toner cartridges and undercut
Lexmark's prices.
8:46:37 AM
|
|
© Copyright 2003 Noel D. Humphreys.
|
|
