Legal Issues in Computing
advertisement
Staying Out of Prison in the Information Economy Lecture Caveats • I am not a lawyer and do not have any formal legal training • This lecture is made up of my observations of the legal system to make you aware of important issues concentrating on an information technology workplace • Cardinal Rule: Be aware of the law, but always consult an attorney if/when you become involved with it. Law Caveats • Some people read the text of the law and think they know it. Things are never so easy. If you have questions ask a lawyer. • Others ignore the law relying on corporate lawyers in case something goes wrong. This is not a good idea. As in any other system, catching problems in the design phase is always better than in the debugging phase. Talk Overview • Life for Lawyers Vs. Life for Engineers • Patents, copyright, trademarks, trade secrets reviewed • Defamation • ISP Liability • Privacy • Jurisdiction Issues Life for Computer Professionals • Binary – Problem solutions either work or not. Little room for gray areas. • Physical and mathematical laws ultimate authority when disputes arise • Guiding Philosophy - “Tell me what you need and I will create a system with appropriate trade-offs at least cost to solve your problem.” Life for Lawyers • Gray – Effort and intent often matter as much as results • Supreme court ultimate authority when disputes arise • Guiding Philosophy - “Laws are passed based on how society should run - even if enforcement and legal interpretation issues have yet to be nailed down.” When Worlds Collide . . . • Legal community always behind the technology curve • Lawyers and politicians typically have poor technical backgrounds • As a result, analogies often made between new technological paradigms and old world systems some more easily defended than others. • Different interpretations would result in different laws Patents • Embodiment of a specific methodology • Competing products must use different method for achieving same task to avoid payments • Definite lifespan beyond which patent information freely available for use by the public Copyright • Specific work • Automatically held when work is created, but easier to defend if it is registered • Definite lifetime beyond which the work is freely available to the public Trademark • Specific name or phrase • Generic terms cannot be trademarked • Trademarks can be lost if they are not defended – Lost trademarks: aspirin, kleenex – Held Trademarks: Coke, Pepsi Trade Secrets • Does not expire - as long as it is kept secret • Competitors may not use secrets obtained through extraordinary means • Example: Walled chemical plant layout learned through helicopter use Defamation • Publishing damaging statements you cannot prove about others • The publisher and author are both liable • Slander is a less serious, but similar, crime where damaging statements that cannot be proven are made in a public arena Bally Total Fitness Vs. Faber • A “Bally Sucks” web site was created by Faber complaining about Bally fitness centers • The trademarked Bally seal was placed on the site overlaid with the words “Sucks” • Bally sued Faber making claims of trademark infringement, dilution, and unfair competition. Bally Case Decision • No trademark infringement - little possibility of confusion • No dilution - the defendant did not sell a competing product and did not convey confusion about the author’s identity • No dilution (lessening ability of the plaintiff’s mark to identify its goods and services) since defendant was not marketing a competing product • Incidentally - no slander, negative opinions protected under the first amendment ISP Liability • What is an Internet Service Provider Like? – Phone Company: Route information flows between individuals – Newspaper: Package content for distribution in a public forum • Answer determines ISP’s legal liability • The rules have been in a constant state of flux in recent years Ancient History (~Decade Ago) • Defamatory posting on Prodigy (Stratton Oakmont Vs. Prodigy Services 1995) – Prodigy a large ISP – Claimed to be “family friendly”. Prodigy advertised that internal newsgroups monitored for bad/inappropriate language – Role of a publisher - hence, Prodigy like a newspaper – CompuServe did not monitor users activity - like a telephone company (Cubby Inc. Vs. CompuServe Inc. in 1991) Modern Era Communications Decency Act • ISP may monitor user activity (according to policy) • If statement to the effect that ISP does not take responsibility for user traffic in place then no ISP liability, BUT – Area for complaints must be available – Complaint response must happen in a timely fashion DMCA • Digital Millennium Copyright Act – If a copyright infringement is claimed a web site must be taken down (however tenuous the claim may be) – Web site can only be reinstated after an appeals process. Near Future? . . . • European Computer Crime Treaty may be created by the end of this year • ISP’s may be required to monitor user traffic with a 40 day data-log. • ISP’s not explicitly exempt from liability • Hacker/Security Tools Illegal • Citizens must provide passwords for data seized by police Privacy in the Workplace • Test for employers/employees - “Do you have a reasonable expectation of privacy?” • A case can be made that private e-mail on business machines still private, but this is not the law • Work-related material on business machines is definitely not private Privacy in E-mail • Legally, e-mail is like a postal letter – Expectation of privacy in transit – Mail loses its special protected status once it leaves the letter carrier's grasp • For e-mail, – Expectation of privacy while signal travels over Internet – E-mail loses its protected status at the mail server whether you have read it or not Spam and Address Spoofing • Matthew Seidl v. Greentree Mortgage Co. (1998) • Greentree hired third party to send mass e-mail to potential customers (spam) • Return address spoofed to read nobody@localhost.com (an actual address) • Over 7,000 complaints sent to nobody resulting in denial of service for 3 days • Libel case dismissed since third party was a contractor. Likely that third party would, in fact, be vulnerable to a lawsuit. Business E-mail • Electronic Communications Privacy Act (1986) says all business communication belongs to that business • Deleting e-mail can be ruled spoliation (intentionally destroying company records) • Archive worthless if it cannot be indexed effectively (in effect, saving everything can be equivalent to saving nothing) What about Privacy at Home? • A lot of public information is considered private. • An increasing amount of public information available on the Internet – – – – Reverse phone lookups Campaign Contributions Housing prices (Thwarted) Driver’s license information and photographs Data Collection • Data collection has few boundaries in U.S. • Check privacy policy (can change!!) • EU Safe Harbor agreement may change things in the future (TRUSTe web site privacy seal program) Jurisdiction • “The Internet has no boundaries” • Is that really true? • If you break a law in Finland, but you were on the Internet in the United States, what happens to you? • What if you are in California and you break a law in Minnesota? E-Commerce Big Questions • Did you sell an illegal item to a resident of community X? • Did you try to stop the flow of illegal sales into X? • An easy example of where this might come up is found in the on-line pornography boom. Obscene or Offensive? • Indecent speech and offensive speech protected under the 1st Amendment • Obscene speech is not • But what is obscene speech? Miller Test for Obscenity (1) Whether “the average person applying contemporary community standards”, would find that the work, taken as a whole, appeals primarily to prurient interest. (2) Whether the work depicts or describes, in a patently offensive way, sexual conduct specifically defined by applicable state law. (3) Whether the work, taken as a whole, lacks serious literary, artistic, political, or scientific value. Federal Court System • 94 US District Courts (89 in the 50 states) • 13 Judicial Circuits, each with a court of appeals • Supreme Court ultimate appellate court • Jurisdiction can be a determining factor in case outcomes US V. Thomas (1994) • Mr. And Mrs. Thomas ran a pornographic BBS in California • State officer paid a membership fee and downloaded pornography in Tennessee • Couple tried in Federal court in Tennessee and lost their case International Jurisdiction • Extradition over civil suits unlikely • Big Question #1: Do you have assets in the country in question? • Big Question #2: Will you ever try to enter country X? Godfrey Vs. Dolenga • Dolenga was a Cornell Biochemistry Master’s student from British Columbia • Godfrey, a nuclear physicist from London, made anti-Canadian remarks in a newsgroup • Dolenga responded by flaming Godfrey • Godfrey notified Cornell of the offensive remarks, but they were not removed (First Amendment) • Godfrey filed defamation suits against Dolenga and Cornell in Britain (one of at least seven such cases) Dolenga Did Not Defend Himself . . . • Dolenga was found guilty by default in English court • BUT - Dolenga does not have assets in England and it is unlikely that American courts will enforce the British judgement. Cornell Did Defend Itself • Cornell has assets in England (the Cornell abroad program) • The suit was for roughly 80,000 pounds. The University could have settled, but chose to take the case to court • The suit was brought to a successful conclusion (for Cornell) • Lessons to be taken away from this . . . Conclusions . . . • The law is constantly changing and never as simple as it seems • You should try to be familiar with the law to protect yourself (corporate lawyers are like a fire department, not like a seeing eye dog) • Even so, you DO need the help of someone with formal training when dealing with legal issues
