I Was Wrong. SCOTUS Denies Cert In Google v. Oracle.

 Although certainly less high profile than Obergefell v. Hodges and King  v. Burwell (gay marriage and Obamacare, ICYMI while vacationing on Mars), Google, Inc. v. Oracle America, Inc. has some weighty implications in the open source and programming communities.  We had mentioned it several times in this little blog (see here and here and here) and had gone out on a limb and predicted that SCOTUS would grant certiorari.  Boy, did I miss that one.  The Supremes up and decided not to hear such case.  There's a good chance I will go none for fifteen in my Nostradamus imitation.

What effect does the denial of cert for Google have?  It leaves the lower court's ruling in place that such interfaces are subject to copyright.  Google still have a fair use argument and that could be taken up by the lower court again.  In the interim, programming of interfaces is fraught with the possibility of infringement, which is in contrast to the prevailing former view (at least in the programming community) that such APIs were not subject to such protection.

As always, this is not completely over.  Stay tuned

UPDATE: Dread Pirate Roberts Sentenced to Life In Prison.

 Ross Ulbricht, the "Dread Pirate Roberts" of Silk Road fame (see here and here) has been sentenced to life in prison.  He was here for your soul.  The great waste of a brilliant mind.

Once Again Arriving At The Intersection of Law, Technology and the Expectation Of Privacy. Court Rules That Vast Collection of Metadata Is Not Allowed By Patriot Act.

 Were you surprised a couple of years ago when Edward Snowden released documents that showed that the NSA had a program whereby they collected all metadata on all phone calls within the U.S. and stored them in a database for possible future use?  I must confess I probably ho-hummed that one a little bit and continued to expect that pretty much anything I did by phone or on-line could one day be reviewed by someone for some purpose or no purpose at all.  I'm not saying I liked that but like many I have lost faith in any real privacy.

Now, a federal court has said that the unlimited, unrestrained collection of such metadata is beyond the congressional intent expressed in the Patriot Act.  ACLU v. Clapper [the "Clapper Case"]   Setting aside for a moment the notion that "congressional intent" may be an oxymoron, the language of Section 215 of the Patriot Act as it was feed steroids after the attacks of September 11 allowed for: "...an order requiring the production of any tangible things (including books, records, papers, documents, and other items) for an investigation to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities."

The first such order to come to light was directed to Verizon and required Verizon to turn over  "on an ongoing daily basis . . . all call detail records or `telephony metadata' created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls."  Note the "wholly within the United States" language.  The Government, in the Clapper Case, declined to either affirm or deny that other major carriers were subject to the same language.  More than likely this means that if you have a cell phone with a major carrier, your call metadata is residing somewhere on a government controlled server.  The Government counters that this is not the content of the conversation nor has it been reviewed.  The Court in Clapper found that even without the content, metadata could reveal that a caller was "...a victim of domestic violence or rape; a veteran; suffering from an addiction of one type or another; contemplating suicide; or reporting a crime. Metadata can reveal civil, political, or religious affiliations; they can also reveal an individual's social status, or whether and when he or she is involved in intimate relationships."

The Patriot Act allows the collection of things that would otherwise be obtained through a grand jury subpoena.  The Court reasoned that the issuance of a grand jury subpoena, while given very broad latitude, had to have some relevance to the matter at hand and since there was no present intention to review the metadata nor any issue to which it was specifically relevant, this exceeded the authority granted.

It should be emphasized that this was merely a statutory interpretation and the Court expressly stated that it was not ruling on the constitutionality of the statute.  A concurring opinion stated that because it was a statutory interpretation, Congress could fix it (albeit with still the Fourth Amendment issue).  So Congress, with all its alacrity, is trying to deal with the issue.  These provisions of the Patriot Act sunset on June 1 and we all know how effectively this Congress deals with deadlines.  In the meantime, keep using that cell phone.


TechCrunch Disrupt NY: Our Good Friends Bitfusion.io Compete On Tuesday.

 TechCrunch Disrupt NY starts today.  Part of their program is providing emerging technologies an  opportunity to preach the gospel of their ideas (and perhaps win some money).  Our friends at Bitfusion.io get the podium on Tuesday afternoon to demonstrate how they will bring "super computing to the masses".  Good luck, Subbu, Mazhar and Maciej!

Brush Off That Trademark Application For C**cksucker. You Might Get That After All.

 In one of our more erudite musings, we examined the plight of a young entrepreneur who sought to market rooster shaped chocolate candies on a stick with the trade name of "cock suckers".  The USPTO denied the registration pursuant to their authority under the portion of the trademark act that prohibits marks that are "...immoral...or scandalous".

Now, such entrepreneur may get another lick at the lollipop because the U.S. Court of Appeals for the Federal Circuit has decided to determine whether the above-cited provision violates the First Amendment to the Constitution.  This arose from a case in which the Court had affirmed denial of an application for a trademark for a musical band "The Slants".  The Court reasoned that the term has too much traction as an ethnic slur and therefore could be refused on that basis.  The case was considered by a panel and one of the panel members penned a strong opinion saying the whole issue should be reconsidered based on the free speech argument.  Then the Court took an unusual action.  Because of the additional opinion written by that panel member, they vacated their order affirming the denial of the mark and scheduled a new hearing by the whole court on the matter sua sponte (a good Latin legal word meaning "on their own motion or spontaneously", i.e. not pursuant to the request of a litigant).  Now new briefs will be filed on this issue and the entire Court will hear it en banc (another good Latin legal term meaning "the whole court").  

While the present case did not involve a term considered "immoral", the Court is expected to consider that issue as well when it convenes on this again as that would also fall within the ambit of the First Amendment.  One of the problems with having Courts be morality police on these things is the way that society changes in regard to views on matters.  The word "sucks" was, at one time, considered somewhat racy.  At least it was in my oldest son's grade school where he was disciplined and missed a field day because of his use of the word.  Now you can get it as a top level domain name.

So, trademark lawyers everwhere are gearing up to race to the USPTO to register their favorite ethnic and racist words and all the fashionable Urban Dictionary terms.  Stay tuned to see whether you may have to cover your kid's eyes in the candy aisle in the future.


Now The Bitcoin Technology Is Going To Revolutionize The Securities Trading Industry, Just Like It Didn't Revolutionize The Currency Industry.

 Every body's second favorite "Big O", Overstock.com (the owner of the world's shortest domain name: O.co) has ventured into the hitherto untraveled wilderness of "cryptosecurities".  Last week, Overstock, led by its visionary chairman, Patrick Byrne, filed an application for a shelf registration with the SEC for an as yet undescribed offering of securities (like common stock), that would completely bypass any formal exchange (NYSE, NASDAQ, AMEX) in the sale, transfer and documentation of such equities.

Mr. Bryne proposes to use the technology behind the "cryptocurrencies" (e.g. Bitcoin) to accomplish this.  As everyone knows, such technology is referred to as "blockchain", a distributed, peer to peer exchange platform.  When a transaction is initiated, such as a message that "X sells Y shares of Overstock crytosecurities to Z", the transaction is distributed to a network of communicating computers running blockchain software.  All such computers maintain their own copy of the ownership ledger and when they receive such a message, it is evaluated to determine whether the seller owns such securities.  If it is validated, the transaction is added to their copy of the ledger and transmitted to the other computers in the network, which updates their ledgers.  In the Bitcoin world, a new block of transactions is sent out about every 10 minutes and when validated, provides a "chain" back to the previous blocks. Hence, "blockchain".  Each block has a difficulty target and a "nonce" (a number only used once).   Proving that the transaction is valid requires a great amount of work and in the crytohash algorithm used to encrypt the information, there is only one way to find the nonce.  So, the extremely remote possibility that this could be hacked or accidentally duplicated.  But you all knew this already.

 Finding the nonce is called "mining" in the Bitcoin world and the discovery of that is rewarded by a fee (i.e. the releasing of more Bitcoins) to the finder's account.  As can be imagined, this requires a great deal of compute power and there is some discussion of whether the cost of the electricity exceeds the fees earned in using the compute power.

Obvious problems with crytosecurities (acknowledged by Mr. Bryne), include the opposition of the established exchanges to their business model, resistance to change by the SEC, the fear of the unknown in the securities world (like the present scheme worked so well for Mr. Madoff's clients) and how the members of the network would be paid.  Processing transactions only every 10 minutes or so may be too slow for the present environment and may not work for that reason.

Therefore, in this imagined brave new world of libertarian stock trading, the billions of dollars in fees now paid to the exchanges, stock brokers, the on-line trading sites and the people working the pits in the NYSE and the commodity exchanges could be threatened.  How much howling do you think will come from them about the possibility of fraud and the potential for abuse that this brings?  It's a good thing they can point to the absence of these things in the present environment.

However, when you consider the potential for completely anonymous, on-line trading in credit default swap derivatives in a marijuana growing consortium using Bitcoins for payment, what could possibly go wrong?


Dotsucks Sucks. Is The New gTLD Fair Criticism Or Extortion? Steps You Should Take Now.

 We have babbled on about generic top level domain names ("gTLD") in this little blog (See here and here).  We told you what you needed to do to prevent your company name becoming a XXX site.  We talked about how ICANN was going to auction off the rights to any new domain name that you could think of and plunk down $185,000 to obtain the rights to act as a registrar.

In a prior defensive move, you already have bought up all the regular domain names (e.g. .com, .net, .org) that have your company name combined with disparaging terms (e.g. "Walmartsucks.com").  Just when you thought it was OK to relax, along comes a new set of problems for you to deal with in regard to your domain names.

Vox Populi applied for and obtained the rights to be registrar for the new gTLD .sucks.  So, instead of you having to worry about the combination of your name with "sucks" in the original set of domain names, now the problem arises with having your name appended to a website with the .sucks domain (e.g. "Walmart.sucks").  Should you care?  I don't know.  Maybe.  If our limited experience with the internet has taught us anything, it is that vocal, dissatisfied clients or customers are going to find a way to spout their venom, justified or otherwise, somewhere on the interwebs.  Yelp, Pissedconsumer.com or a number of others provide them that forum.  So maybe this is just another minor inconvenience and might actually be a badge of honor for some companies.  However, it does present the chance for one place to be a major clearing house for criticism for larger companies.

The method of marketing the .sucks domain has elicited some criticism in and of itself.  According to the .sucks website, during the "Sunrise Period", which began March 30, 2015 and continues until May 29, 2015, if you have a registered trademark, you can get dibs on the .sucks domain for your own use (or non-use) for $2499 initially and $2499 annually thereafter.  Chump change for most large corporations but significant for others.  If you are a risk taker, you can wait it out and after June 1, other options are available and the prices drop significantly.  However, you are threatened with the possibility that Vox Populi will grant the .sucks domain name to certain consumer advocacy groups and the price will be subsidized (i.e. free).  So, do you feel lucky, punk?  Do you?

Fifteen Things That Could Maybe Happen In 2015 In Law and Technology.

In keeping with the BuzzFeed nature of blogging and the proud tradition of procrastination irretrievably associated with this blog, we will fearlessly predict fifteen things that might, could, should occur during calendar 2015, even though well over one-sixth of the year has already passed us by. So after consulting my Magic Eight Ball®, Ouija® board and Googling® “things that might occur during 2015”, here goes:

1. If I hadn’t procrastinated, I would have predicted that Ross Ulbricht, a/k/a Dread Pirate Roberts, d/b/a Silk Road would be convicted and I would have had at least one prediction be accurate. However, since that occurred before I got off my keyboard and wrote this, I will just predict that he will appeal and some of his convictions will be reversed and/or he will strike a plea bargain to reduce the amount of jail time that he faces. He’s such a young guy that he will still have plenty of time to get into other trouble when he gets out.

2. Sixty percent (60%) of all websites and addresses will experience a hack or attempted hack.  This is not a stretch, as this has been the average over the past few years.  The cost of responding to a breach will exceed $200 per record in the U.S.  On average, each person in the U.S. will receive two notifications of breaches and 33% will take no action after receipt.  The three states that don't have breach notification laws (Alabama, New Mexico and South Dakota) will pass some version.  President Obama will suggest a national breach notification standard.  Republicans will threaten to shut down the Department of Defense if he does anything by executive action.  Congress will take no action.  President Obama will make a statement favoring oxygen.  Eight Republicans will suffocate.

3. The Supreme Court of the United States, after failing to rip insurance from 8 million people because of a typo, will grant certiorari to the Google/Oracle kerfuffle over APIs and we will be left with the spectacle of having some people who were born before telephones were prevalent (although younger than the Rolling Stones) try to determine whether interfaces will be subject to copyright.

4. The internet of things (“IoT”) will be the most hyped buzzword and will be attached to everything that has a wireless internet connection or that is hardwired into the internet and will include your refrigerator, air conditioner, automobile, FitBit, phone and clothing. The most intimate details of your life will reside on the cloud (the most hyped buzzword of a few years ago) and will be hacked and someone in Kazakhstan will know whether you need to buy more mayonnaise.

5. Big Data will be another over hyped concept and will be applied to any amalgamation of large data bases. Algorithms to sort this data and apply it will be developed so that advertisements for mayonnaise will come up on your browser after the hack described in 4 above.

6. Another result of big data amalgamation and parsing will result in the ability to do much more genome sequencing. More and more data will be available about genetic traits and inherited characteristics. Methods of manipulating those traits will begin to be developed. Designer babies will become a possibility. The use of steroids, amphetamines and other performance enhancing drugs will become obsolete in the future as children that have been “optimized” for athletic success will reach the age of competition and X-Men-like debates will dominate sports talk radio. The furor over Barry Bonds will seem quaint.

7. New methods of security for personal devices and premises will be developed and more widely used. One of these will be finger vein authentication, which will be safer, easier and more portable than fingerprints, retina scans or other methods. The NRA will object because identifying someone’s trigger finger will definitely be the next step in Obama’s nullification of the Second Amendment.

8. There will be a rise in personal biometric services.  Devices such as socks, shirts and wristbands and implants will constantly measure a person's physical characteristics and transmit the data to a smart phone and then to a medical provider.  There will be an automated response telling the patient to eat less mayonnaise.  The hacker in Kazakhstan will already know that.

9. An actor or actress will license their digital likeness rights to a movie studio where the studio will be able to use the likeness in a computer generated image without the actor participating in the filming at all. Just think of a young Mel Gibson and Danny Glover doing Lethal Weapons Number ad infinitum. I can only imagine the conditions of the licensing agreement regarding the personal conduct of the actor post license signing. Morals clauses, prohibition against drunken anti-Semitism and racism and good behavior clauses will be rampant.

10. There will be an accident involving two self-driving, autonomous cars involving personal injury. Personal injury plaintiff’s lawyers will sue all the programmers in sight. Programmers will have to begin carrying collision and liability insurance if they want to produce such cars.

11. New cryptocurrencies will emerge to compete with Bitcoin, even the several million that can’t be found after Mt. Gox lost them. None of them will catch on much because you still need a central government and an army to enforce the value of an arbitrary currency (which all are).

12. Artificial intelligence will blur the line between humans, robots and computers. More and more machines will pass the Turing Test. This blurring will bring the concept of the movie “Her” closer to reality.

13. TOR will take a hit because of NSA infiltration and detection. Something will emerge to take its place and the battle will begin again.

14.  Cyber-ransom, a subset of hacking, will become a bigger problem.  

15.  Several cases involving the warrantless searching of cell phones of arrested people will begin to wind their way through the appeals courts.  Since the holding that a warrant was needed, police will try to find ways to chip away at that requirement.  The issue will be resolved in the 2016 term of SCOTUS.

None of these predictions are particularly Kreskin-worthy and will not fill us with awe and wonder even if they come true.  However, think how amazing these would be if we had made them just 10 years ago. We truly live in interesting times.

14 Technology Law Things About 2014 That I Should Have Written About Over 14 Days Ago.

It’s been over a fortnight (I love saying fortnight) since 2014 expired and every other blogger has penned a recap of something(s) that occurred during 2014. So, it seems appropriate that this little procrastinating blog would get around to that now. So, without further ado (I’m not sure there was any prior ado), here are fourteen law/technology stories about 2014 that I could find without doing too much research. Some of these are important, some are slightly amusing and some are just to get the number up to fourteen. You can make your own assessment.

1. The first Twitter libel ("Twibel") suit went to trial. A former attorney for Courtney Love sued Ms. Love for tweeting that the attorney was “bought off”. The court decided that was not defamatory. You may remember from your law school days about libel “per se”, i.e. if you wrote that someone had committed a crime or immoral acts, was unable to perform their profession, had a “loathsome” disease or was dishonest in business you could recover without proving actual malice or specific injury. It seems to me that about 75% of all tweets fit this definition.

2. The Supreme Court ruled that police must obtain a warrant before searching a cell phone of someone they arrested. Prior to this, police has maintained that a cellphone was like anything else in the possession of an arrestee (e.g. wallet, address book, pocket litter) and consequently no warrant was needed.

3. A coding error was found in OpenSSL, encryption software that was supposed to keep transactions secure. This error, named “Heartbleed”, caused millions of people, companies and sites to have to change their passwords.

4. Bitcoin and other cryptocurrencies continued to have a rocky ride. Executives of Bitcoin companies were arrested for activities through Silk Road (see number 6 below). One of the companies had received funding from the Winklevoss twins. Dedicated readers of this blog will remember our fondness for the Winklevi.

5. Mt. Gox, the largest Bitcoin exchange, filed for bankruptcy. Mt. Gox had somehow lost 774,000 bitcoins (about 6% of all bitcoins in existence) due to theft, technical problems or perhaps merely leaving them out in the rain. Incidentally, Mt. Gox got its name because its original business was operating an exchange for “Magic The Gathering” cards, hence Magic The Gathering Exchange. I mean, what did you expect?

6. The alleged proprietor of Silk Road, Ross Ulbricht, was scheduled for trial. This former resident of Westlake Hills, Austin, Texas had his communication capabilities curtailed while in jail for fear that witnesses would be rubbed out before they could witness. That’s some Corleone stuff, for sure. Now, Mr. Ulbricht is claiming that he was not the masterdude behind the nefarious doings of the Dread Pirate Roberts, but that it was the CEO of Mt. Gox (see 5 above). If you wrote a script like this, no one would use it because it’s too farfetched. As a sterling example of the advantages of capitalism, several creative business people, including the marketing geniuses at Silk Road 2.0, rushed to fill the void left after the arrest of the Dread Pirate Roberts and to address the need for illicit drugs and murder for hire through the dark web.

7 through 12. The Year In Hacking: (i) The cyber division of the Chinese People’s Liberation Army was charged with hacking into the networks of Westinghouse and U.S. Steel, among others; (ii) Chinese hackers also breached the network of the U.S. Gov’s Office of Personnel Management and targeted information from employees applying for top security clearances; (iii) Sony Pictures was hacked by North Korea (maybe) hackers, which resulted in a movie called “The Interview” getting a lot more publicity that it deserved and Charlize Theron getting paid an amount equal to her male contemporaries, so it wasn’t all bad. How could you not pay one of the most desirable people (have you seen that perfume commercial?!) on the planet anything she asked? (iv) A glitch in Apple’s picture storing service along with weak passwords and not so secure security questions allowed most of us (don’t say you didn’t look, too) to see a lot of celebrity nude selfies; and (v) eBay was hacked and lost the personal records of 233 million users.

13. While technically falling within the realm of hacking, a disturbing tactic became more prominent during 2014. This technique, called cyber-ransom or ransomware, manifests itself by having a hacker obtain control over your network and threatening either to release the information, not allow the owner to use its own network or to destroy all the information in the network unless a ransom is paid. Domino’s pizza in Europe was asked for $40,000 to avoid having information in their network released. The release never happened and it is unclear as to whether Domino’s paid the ransom within 30 minutes. A company named Code Spaces was put out of business when it refused to pay a ransom and a vindictive hacker destroyed so much of its information that it had to close.

14. The Supreme Court of the United States was asked in 2014 to grant certiorari to hear the Google v. Oracle suit involving the ability to copyright interfaces. Recently, SCOTUS has asked the Solicitor General of the U.S. to file a brief regarding the advisability of granting cert. No decision of whether the court will hear this case has occurred yet.

2014 was rife with collisions occurring at the intersection of the law and technology. 2015 is likely to be just as debris strewn.

Hey! We Have A NDA. They Can't Do That, Can They?

 Consider this very common tableau: Two companies want to discuss doing business together, as in manufacturing something or joint development of software.  They sign a preliminary non-disclosure agreement that says that anything they give to each other in furtherance of the discussion must be kept confidential.  Information is exchanged, manufacturing is commenced and several months later the manufacturing party stops manufacturing the product for the other party and starts selling their own competing product.  Party 1 (the designing and  disclosing party) has the other party dead to rights under the NDA, right?  After all, Party 2 (the receiving and manufacturing party) is selling a product using information they received from Party 1.  A federal court in Illinois says: "Not so fast, my friend".  How can this happen?

nClosures designed a metal case for iPads.  Block and nClosures entered into a non-disclosure agreement that had the following language: 

"The Parties … agree that the Confidential Information received from the other Party shall be used solely for the purposes of engaging in the Discussions and evaluating the Objective (the “Permitted Purposes”). Except for such Permitted Purposes, such information shall not be used, either directly or indirectly, by the Receiving Party for any other purpose… ."

Block began production of the iPad cases as designed by nClosures.  Several months later Block terminated its relationship with nClosure and began manufacturing iPad cases of its own design.  Lawsuits ensued.

One of the counts raised by nClosure was for breach of the contract to keep its stuff confidential.  A lower court granted a summary judgment for Block and the summary judgment was affirmed upon appeal.

The courts reasoned that even though Block had agreed to keep certain information confidential, the parties had never entered into a subsequent contract for the manufacture (even though several drafts were exchanged and an oral agreement as to price had been reached), nClosure had never required anyone else (Block employees, consultants, third party designers, previous manufacturers, etc.) to sign a confidentiality agreement, had not kept its design on secured computers or under lock and key and had therefore not taken reasonable steps to protect the information.  Therefore, nClosure could not enforce the confidentiality agreement.

This case may be cited for the proposition that even though you have an original confidentiality agreement in place, at least in Illinois you had better take subsequent and further steps much like those required to protect trade secrets (see here, here and here) or the other party will not be required to keep stuff confidential even though they agreed to do so.

Alarming? A little bit.  It seems to mean that confidentiality agreements in Illinois can only be used to protect information that qualifies as a trade secret.  While that is a prime reason for the use of such agreements, I'm pretty sure most people thought that non-disclosure agreements had broader application than that.

Lessons learned?  Follow up the initial (i.e. "dating") confidentiality agreement with a more comprehensive (i.e. "marriage" agreement ) and get similar non-disclosure and non-use agreements from everybody else that will see your crown jewels.  Also, physically protect the information with locks, key cards, walls, safes, etc. and have a documented program in place that has all the elements for trade secret protection.

Remember this the next time somebody bitches about the over-lawyering surrounding confidentiality.  Your business could be at stake.