JOLT Digest

By Marsha Sukach

EU Court Says Social Networks Cannot Be Forced to Monitor Users

The European Court of Justice ruled that social networks cannot be required to monitor users solely for the purpose of stopping piracy, reports CNET. The court said that such a requirement created a complicated and costly burden on the sites, and that it might endanger the privacy of user data by forcing sites to identify and analyze information connected to user profiles. According to the Wall Street Journal, the ruling came after a Belgian copyright manager, SABAM, filed a lawsuit against social network Netlog NV for allowing users to access SABAM’s portfolio of music and video.  This ruling is notable because it comes just after two anti-piracy bills—the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA)—became controversial issues in the United States. Critics of these acts argued that enabling law enforcement to erase sites containing allegedly pirated material would also put legitimate sites in danger.

Minnesota Court Denies Restraining Order for Harassing Photos

Olson v. LaBrie, 2012 WL 426585 (Minn. App. February 13, 2012)
Appellant sought a harassment restraining order against his uncle, claiming that his uncle posted embarrassing family photos of appellant on Facebook, with mean commentary. According to the Technology and Marketing Law Blog, the Court of Appeals of Minnesota affirmed the trial court’s denial of the restraining order, saying that photos and comments were mean and disrespectful, but cannot form the basis for liability. According to Internet Cases, the court derived the definition of harassment from the statute, which provides that a restraining order is appropriate to guard against “substantial adverse effects” on the privacy of another. The court refused to consider common law invasion of privacy violations to determine whether the statute called for a restraining order.

Associated Press Sues News Aggregator Over ‘Parasitic Business Model’

The Associated Press is suing Meltwater Group, a paid news subscription company, saying that Meltwater’s subscription service charges a fee for “content created at the expense and through the labor of others.” Ars Technica reports that Meltwater has about 18,000 customers, who pay at least $5,000 annually for searchable content that the company gathers from 162,000 online news sources. According to the International Business Times, the AP is asking a federal judge to block the service from continuation and seeks damages up to $150,000 per infringement. Meltwater has responded that it respects copyright, and merely performs the services of a search engine, customized for paying customers who use it to track stories via keywords. Flash Digest covered a similar suit in 2009, in which the AP defeated All Headline News, a company that repurposed AP content for its subscribers.

Written by Heather Whitney
Edited by Kassity Liu
Editorial Policy

United States v. Jones (U.S. Jan. 23, 2012)
2012 WL 171117; No. 10-1259

In a hotly anticipated decision, the Supreme Court unanimously found that the Government’s warrantless attachment of a Global Positioning System (GPS) tracking device to a vehicle to monitor its movement constituted a Fourth Amendment violation. While unanimous in judgment, the Court split on both its underlying reasoning and with regards to whether the tracking amounted to a search at all. The Court also did not reach the question of whether the search was reasonable. Due to the Court’s fractured analysis, it remains unclear when the Government must obtain a warrant to track a vehicle’s movements, particularly in the case of short-term monitoring. In concurrence, Justice Alito also suggests that if the public views the losses of privacy brought on by new technologies as inevitable, his Katz analysis would be different in future cases.  (more…)

By Susanna Lichter

Google Privacy Revisions Stir Debate
Google announced a new privacy policy last Monday, raising the concerns of privacy advocates, the Washington Post reports. The policy will allow the web giant to collect information across Google services including search, Gmail and YouTube. Google alleges that the changes will “provide, maintain, protect and improve” Google’s functionality as well as generate “more relevant search results and ads” for users. So far the policy has received mixed reviews. Digital rights organizations like Common Sense Media criticized the policy, calling it “frustrating and a little frightening,” and suggesting the inability to opt out of the policy may violate the company’s agreement with the FTC. However, the Telegraph reports that Viviane Reding, the European Commissioner for Justice, who advocates for laws on Internet privacy and data protection, made a statement praising the policy and commending Google’s forward thinking.

Facebook Prepares for IPO Filing
The WSJ reports that Facebook might file for an initial public offering as early as this week in what could be one of the biggest debuts for a U.S. company ever. The 7 year old website, which boasts 800 million members and was famously founded in a Harvard College dorm room, could raise as much as $10 billion and be valued upwards of $100 billion. According to the WSJ, Facebook Chief Executive Mark Zuckerburg had been reluctant to go public, fearing it would pose a distraction to the staff. Likely another factor that has kept the young company from going public is the public disclosure requirements. However, as the company fast approaches 500 shareholders, at which point the company would have to publicly report financial information anyway, public disclosure seems inevitable. Morgan Stanley is expected to underwrite the deal, beating out Goldman Sachs who appeared to have the edge on the underwrite a year ago. Morgan Stanley is the leader in Internet stock underwrites with clients including Groupon and LinkedIn Corp.

Feds Arrest Megaupload Execs, Anonymous Retaliates
Seven executives connected to the popular file sharing website Megaupload were arrested last week and the website was shuttered, Wired.com reports. The individuals were indicted on charges including criminal copyright infringement, conspiracy to commit money laundering and racketeering. The government says that the company facilitated in excess of $500 million in harm to copyright holders. Hacker collective “Anonymous” claimed responsibility for retaliatory attacks on the websites of the Justice Department, Recording Industry Association of America, and Universal Music that occurred shortly after Megaupload was taken down. Megaupload’s controversial founder, Kim Schmitz, aka Kim Dotcom, was among the arrests. The site’s chief executive, Swizz Beatz, was not implicated.

Written by Susanna Lichter
Edited by Laura Fishwick
Editorial Policy

“CyberPatrol, ” “SniperSpy,” and “IamBigbrother” are the names of keyloggers that might be installed on your office computer. These easy to use and inexpensive hardware or software devices record keystrokes and allow a monitor to access email, and other password-protected accounts of an unsuspecting typist. Employers are using keyloggers more often in the workplace to oversee employees without their knowledge. Managers argue that computer surveillance is important to ensure productivity, but alternative tools like website blockers, remote desktop access and time audits allow employers to determine whether an employee deviated from her task without risking the same breach of trust or employee humiliation associated with keyloggers.

Although keyloggers facilitate a major invasion of privacy, they are legal in many jurisdictions. There is currently no federal law that has been interpreted to prohibit their surreptitious use. The Electronic Communications Privacy Act (ECPA), which includes the Federal Wiretap Act (FWA) and the Stored Communication Act (SCA), could potentially prevent keystroke theft, but thus far the protections it offers have not been extended to keyloggers. However, there is evidence that this may soon change. Several recent cases have suggested a broader interpretation of the ECPA than what has previously been held. Additionally, in the absence of a consensus about federal law prohibiting keyloggers, some courts have interpreted state statutes to protect the public from having their strokes stolen. The conflict of interpretations between jurisdictions leaves people in many states vulnerable to invasive employer spying. It also creates a lack of clarity for employers and employees regarding what is considered lawful conduct. The surreptitious use of keyloggers should be subjected to wider regulation by state or federal law. In a few cases courts have diverged from precedent and adopted this position.  (more…)

New Information about Carrier IQ Software Sparks Concerns that Wireless Carriers Have Violated Federal Anti-Wiretapping Laws

By Abby Lauer – Edited by Michael Hoven

Last month, a security researcher from Connecticut published information about a software program installed on some mobile smartphones that may be surreptitiously collecting data about how the phones are used. The software, called Carrier IQ and manufactured by a company of the same name, has been described as hard to detect, hard to remove, and programmed to run by default without the user’s knowledge. The scandal escalated last week when Senator Al Franken sent a letter to Carrier IQ asking for details about the software and the company’s business practices. Privacy analysts are concerned that the software violates the Federal Wiretap Act, as amended by the Electronic Communications Privacy Act, which forbids the intercepting of “wire, oral or electronic communication” and authorizes penalties of $100 per day for each violation. 18 U.S.C. §§ 2511, 2520. Other commentators have suggested that Carrier IQ may also violate the Computer Fraud and Abuse Act. 18 U.S.C. § 1030. So far, at least eight class action lawsuits have been filed against Carrier IQ and various device makers and wireless carriers.

Computerworld provides a general overview of the Carrier IQ software and the recent scandal. For a more detailed analysis of the legal issues, see Forbes, paidContent.org, and Talking Points Memo. (more…)