French Assembly Passes Three-Strikes Piracy Law
The French parliament gave final approval Tuesday to a new version [Note: text in French] of a controversial Internet piracy law [Note text in French] that would suspend users’ Internet access after three violations. (Nicknamed the “HADOPI” law – HADOPI is the acronym for the government-run agency created by the law). The bill was approved by a joint legislative committee of the National Assembly and the Senate by a vote of 258-131.
The new version, drafted after portions of it were rejected in June by the Constitutional Council, leaves discretion to suspend a user’s Internet services to a judge instead of an administrative authority.
This law basically criminalizes illegal file-sharing. Those caught infringing copyright online could face the suspension of their Internet access, a fine or prison. From what I can make out with my limited French, and news reports, Internet subscribers would also be held liable if someone else uses their Internet connection to illegally download copyright works. That may include situations where a subscriber’s computer is attacked by malware and under someone else’s control, or their wireless Internet access was inadequately secured.
The law requires only the signature of President Nicolas Sarkozy to become official French law, although there are reports of another appeal to the Constitutional Council. The opposition Socialists, who brought the challenge against the original bill, vowed to challenge the new version as well.
MA High Court Rules GPS Monitoring Car is Legal
The Massachusetts Supreme Judicial Court ruled yesterday that police may secretly break into a suspect’s vehicle and install a GPS tracking device if the state first obtains a valid warrant.
In a unanimous decision, the court decided in Commonwealth v. Connolly (under slip opinions) that the covert placement of such a device into a private car is a seizure. However, the court also stated it is not a violation of the Massachusetts Declaration of Rights’ ban on unreasonable searches and seizures as long as the state establishes “before a magistrate, probable cause to believe that a particularly described offense has been…or is about to be committed, and that GPS monitoring of the vehicle will produce evidence…or will aid in the apprehension of a person” who police believe is responsible for that offense.
While most search warrants are valid for seven days, the court said that GPS monitoring can last up to fifteen days.
In class, we will talk about the various tools enforcement agencies use to collect electronic information (key logging systems, GPS monitoring, wiretaps, etc.) However, the theme in all these cases is that a judicial officer (judge, magistrate, or otherwise) must approve a warrant before such action can take place. Otherwise the evidence can be challenged in a court of law as an illegal seizure.
“SPAM Sleuth” has no standing under CAN-SPAM
The U.S. Court of Appeals for the Ninth Circuit held that the plaintiff, James S. Gordon Jr. and his company, Omni Innovations LLC, was not a “provider of Internet access service (IAS) adversely affected by a violation.”
The FTC has primary enforcement authority CAN-SPAM. State attorney generals are provided a private right of action to enforce certain provisions of the Act on behalf of its citizens, and Internet access service providers (IAS) are similarly afforded a private right of action in certain circumstances.
No circuit court has seriously addressed CAN-SPAM’s standing provision. The Ninth Circuit stated that the standing provision is “ambiguous” at best.
Congress purposefully limited the parties who have standing to pursue a CAN-SPAM claim. According to the court, the FTC, law enforcement, and internet services are “best suited to detect, investigate, and if appropriate, prosecute violations of the CAN-SPAM Act.”
- “While Congress did not intend that standing be limited to fee-for-service operations, we think it did intend to exclude plaintiff [James S. Gordon Jr.] who, despite certain identifying characteristics, did not provide the actual, bona fide service of a legitimate [IAS] operation.”
The Ninth Circuit has never defined an IAS provider under the statute, and, in the same opinion, refused to establish a general test to determine what it means to be an IAS, saying it was not necessary to the holding.
I am not sure if any court would ever create and official definition or a test for an IAS. It seems that the very nature of the Internet would make the test useless in a matter of years. Decide for yourself by looking at the full opinion here (pdf).
Prof. Cyberlaw has returned
With the new semester on the horizon please stay tuned for more updates, news, information, and all things Cyberlaw!
Canada: Internet Users Have “No Reasonable Expectation of Privacy”
In a very interesting case reported out of the Ontario Superior Court, a judge has ruled that there is “no reasonable expectation of privacy” in subscriber information kept by ISP’s.
Furthermore, this case presents a potential privacy nightmare where Canadian police may be able to utilize IP addresses to find out the names on-line users without any need for a search warrant. (Apparently, the judge also accepted the arguments of the prosecuting attorney that the IP information is similar to a simple phone book!)
According to the National Post (Canada):
A police officer in St. Thomas faxed a letter to Bell Canada in 2007 seeking subscriber information for an IP address of an Internet user allegedly accessing child pornography. The court heard that it was a “standard letter” that had been previously drafted by Bell and the officer “filled in the blanks” with a request that stated it was part of a child sexual exploitation investigation.
Bell provided the information without asking for a search warrant. The name of the subscriber was the wife of the man who was eventually charged with “possession of child pornography” and “making available child pornography.”
I have not read the full ruling yet, but expect to to become available via Canada’s excellent case law database CANLII.
Presently, Canada does have the Personal Information Protection Electronics Documents Act (PIPEDA) which does allow ISP’s to surrender records to police, as long as they have “lawful authority.” But the case seems to turn on the definition of “lawful authority.” According to several articles, the judge interpreted the phrase as the act of turning over the records to the “lawful authority” (a police officer) and therefore does not require a proper warrant.
One wrinkle in this equation is that most ISPs in Canada require search warrants to turn over subscriber information unless it is a child pornography investigation. What is not clear is that the difference in warrant requirements between “possession of child pornography” and “making available child pornography.”
E-Privacy Law in Economic Stimulus Bill
When they say there is something for everyone in the current economic stimulus bill, they weren’t kidding. Inside this mostly economic bill (American Recovery and Reinvestment Act of 2009) is a entire section dedicated to promoting various aspects of health-care information.
Approximately $19 billion total: $2 billion in grants to create a national system of computerized health records and $17 billion in higher Medicare and Medicaid reimbursements for doctors and hospitals to adopt the technology.
The bill also would tighten restrictions on the sale of medical data and require patients be told when their records are disclosed. There are several other provisions (grants for using health-information technology, more in Medicaid and Medicare payments, penalties, etc.) but most of the privacy language can be found in Sec. 13400 et. seq. of the bill. THOMAS, the Library of Congress’ legislative information portal, has the entire bill, reports, and summaries.
New IP Bill Signed into Law
On Monday, President Bush signed into law [press release] a bill that will provide for additional intellectual property (IP) rights enforcement resources and stronger penalties for violators of those rights. The “Prioritizing Resources and Organization for Intellectual Property Act of 2008″ [full text] allows treble damages to be awarded against counterfeiters of protected goods, strengthens criminal laws relating to IP infringement, and allows the government broad authority to seize any materials or goods relating to infringement investigations.
It also creates a position for an Intellectual Property Enforcement Coordinator, a presidential appointee who would coordinate IP investigations among government agencies (dubbed the “IP Czar”). The Recording Industry Association of America, in an obvious PR move, had strongly supported the bill, saying that it will help protect the interest of copyright holders. On the other side, the public advocacy group Public Knowledge has criticized the bill, saying that it will exacerbate problems with existing U.S. IP laws which put too many restrictions on the use of what should be public information. Reuters has more.While the majority of our reading in class covers the U.S., it is important to note that other countries are also increasing efforts to expand the scope of protected intellectual property. Canada for example,
introduced new federal copyright legislation [full text] in July, designed to strengthen penalties against infringement.
In February, the International Intellectual Property Alliance(IIPA), released a report [full text] asserting that China, Russia and Canada are the main violators of U.S. copyright law.
Palin’s Hacker Tracked via Proxy Server Logs
FBI agents used proxy server logs to track down the hacker who broke into Sarah Palin’s Yahoo e-mail account. The hacker gained access to the Republican Vice Presidential candidate’s account by re-setting her password. He then foolishly posted details of his adventures up on an on-line forum. That information is now leading reporters and federal investigators to the suspect – 20-year-old David Kernell, Tennessee university college student, and son of state democratic representative Mike Kernell, who goes by the ‘net name “Rubico.”
He forced a password reset by answering questions about Palin’s birthday, zip code and where she met her spouse, Wasilla High School. Of course, by being the Republican candidate for Vice President, this information is all very easily found on the Internet. Rubico used a proxy server that shields the source IP address from website logging scripts. But aren’t proxy servers supposed to anonymize your information? Yes and no. To prevent abuse of the service – such as the occasional bomb threat or other illegal act that’s been known to happen - the admin of the proxy server logged each user’s IP address, along with the time and web destination.
CNET reports that the FBI searched Kernell’s apartment over the weekend, and local media reports suggest that three of his roommates could testify before a grand jury in connection to the case this week.
New Lawsuit: U.S. Warrantless Surveillance Program
On the heels of 2006’s lawsuit against AT&T, the Electronic Frontier Foundation (EFF) on Thursday filed a class action lawsuit [Full text complaint] seeking injunctive, declaratory and equitable relief from the National Security Agency(NSA) warrantless surveillance program. EFF is arguing against the NSA’s unprecedented access to over 300 terabytes of data concerning communication sent and received by AT&T customers.
The suit names the defendants as the U.S. government, the NSA, President George W. Bush, Vice President Dick Cheney, and several other officials. EFF alleges violations of the First and Fourth Amendments, the Foreign Intelligence Surveillance Act(FISA) and other federal electronic surveillance law. The complaint also argues that the surveillance program violated the Federal Administrative Procedure Actbecause it exceeded Congressionally-mandated limitations established by FISA, and alleges that it violates the Constitutional separation of powers principle “because it was authorized by the Executive in excess of the Executive’s authority under Article II of the United States Constitution … and exceeds the statutory limits imposed on the Executive by Congress.”
The NY Times has excellent coverage.
Comcast to Appeal Web Blocking Decision
Comcast is appealing an FCC ruling that the company is improperly blocking customers’ Web traffic, triggering a legal battle that could determine the extent of the government’s authority to regulate the Internet. The Comcast case arose from complaints by users of file-sharing software often used to download large data files.
In a precedent-setting move, a divided FCC last month determined that the company is violating a federal policy that guarantees unfettered access to the Internet.
The FCC noted Comcast’s network management practices were “discriminatory and arbitrary” and that the company’s practices “contravene industry standards and have significantly impeded Internet users’ ability to use applications and access content of their choice.” Full text here.
Interestingly, the FCC opinion also expressed the FCC’s desire to be “the” administrative agency involved with Internet regulation. Their opinion utilizes the FCC’s New Principles Preserve and Promote the Open and Interconnected Nature of Public Internet, which Comcast has stated is merely a policy, not an enforceable law. (Full text Appeal here)
This action is the first test of the FCC’s network neutrality principles, which may mean that there is no need for Network Neutrality legislation in the future, although both Presidential candidates currently have positions on the issue.
-
Flickr Photos
More Photos Cyberlaw101 RSS Feed
