Issue 45 March 2001	BYTES IN BRIEF® by Editors: Sharon D. Nelson, Esq. and John W. Simek Associate Editor: Amelia C. Hierholzer Editor Emeritus: G.V. Nelson 9500+ subscribers worldwide © 2001 Sensei Enterprises, Inc./Nelson & Wolfe. All rights reserved. This newsletter may not be reproduced or redistributed in any manner except with consent of the copyright owner. Distributed by Silver Law Inc. under license.

COURT RECORDS ONLINE: PUBLIC HEARING PLANNED

In March, the Subcommittee on Privacy and Electronic Access to Case Files, a panel of eight judges created last year by the Judicial Conference of the United States, will examine the security and privacy issues surrounding the government's plan to link files from all federal courts under a single system, known as PACER (Public Access to Court Electronic Records). Currently, users looking for a particular case must log onto the PACER site for the relevant court. In many cases, only docket information is available. By 2005, the Administrative Office of the Courts expects to finish its new PACER system which, for a small fee, will allow users to search virtually all federal court documents from a single site. The plan concerns privacy and consumer groups, which note that many court case files contain medical records, personnel files, tax returns or other proprietary information, and that immediate access to court records raises severe privacy and potential fraud issues. The subcommittee's comments will be reviewed by the Court Administration and Case Management Committee, which could make a recommendation to the Judicial Conference in time for its biannual meeting in September. The Judicial Conference is the 27-judge entity that makes policy for the federal judiciary. The March 16th four-hour hearing (8:30 a.m. - 12:30 p.m.) will be in the Judicial Conference Center in the Thurgood Marshall Federal Judiciary Building, One Columbus Circle N.E., Washington, D.C. Public comments filed regarding the proposed new PACER System may be viewed at http://www.privacy.uscourts.gov

CIA BACKS ANONYMITY SOFTWARE

The Central Intelligence Agency's non-profit venture capital company, In-Q-Tel has zeroed in on software called Triangle Boy, which promises user anonymity on the Internet. Triangle Boy was developed by SafeWeb, a start up company in which In-Q-Tel has invested about $1 million of its $30 million current fiscal year budget. SafeWeb's web site currently provides free access to an "anonymizer" that lets anyone surf anonymously and securely by typing in a Web address. It replaces the URL bar with a JavaScript implementation and establishes an encrypted connection from the user's desktop using 128-bit SSL with cookies automatically disabled. Triangle Boy, which has not yet been deployed, will go still further, using SafeWeb's Privacy Matrix technology (patent pending) to allow users to get to SafeWeb's anonymizer through a third party. The code will be open source, allowing anyone to set up third-party access to the anonymizer. The CIA plans to use the technology primarily to protect the anonymity of its own employees as they do their work, but it would undoubtedly be used to gather information without leaving a trail as well. Further information may be found at https://fugu.safeweb.com/webpage/press_room/in_q_tel.html

PRAYING TO SAINT ISIDORE

Reportedly, Pope John Paul II intends to name Saint Isidore of Seville the patron saint of Internet users and computer programmers. Isidore, who lived in Spain while it was occupied by the Visigoths, spoke many languages and is considered by historians to be one of the most educated men of his time. He is most noted for his compilation of a 20 volume encyclopedia entitled "The Etymologies." Scholars have called it the sixth century version of a web portal. For information about St. Isidore, including a suggested prayer before logging onto the Internet (we couldn't make this up if we tried), see http://www.catholic.org/isidore/

BROADCASTERS SUE OVER NET ROYALTIES

In a lawsuit filed on January 26th in the U.S. District Court for the Eastern District of Pennsylvania, the National Association of Broadcasters (NAB) is seeking to overturn a December ruling by the U.S. Copyright Office. The ruling could force radio stations that rebroadcast their programming over the Internet to pay millions of dollars in fees to record companies. Currently, radio stations pay a few hundred million dollars in annual fees to composers and authors of songs, but they are exempt from paying record labels for broadcasting copyrighted songs over the air. Broadcasters sought the same exemption for broadcasting their over-the-air programming on the Internet. The Copyright Office agreed with the Recording Industry Association of America in the dispute, ruling that the exemption applies to broadcasters in only limited situations. The NAB argues that, if the ruling stands, broadcasters who want to stream programming over the Internet would be forced to engage in a multiplicity of individual negotiations with the copyright owners of every sound recording they stream. Companies that offer music exclusively over the Internet are already required by law to pay royalties to the record labels. The suit says that the ruling will "reorder the legal and economic relationships between broadcast radio and recording industries in a manner that could wreak havoc with over-the-air broadcast formats and 
stifle the offer of streamed over-the-air radio broadcast programming over the Internet." Further information is available at http://www.thestandard.com/article/display/0,1151,21709,00.html

COURT REBUFFS SEC'S ATTEMPT TO SHUT DOWN STOCK GAME

On January 30th, a federal judge in Boston dismissed the Securities and Exchange Commission's attempt to close down a web site running a "virtual stock exchange," holding that the SEC had exceeded its authority since the site was clearly labeled as a game. The U.S. District Court had previously issued an injunction against SG Limited, which runs "StockGeneration." An SEC complaint had alleged that the site was a pyramid scheme violating federal securities laws, saying that it promised risk-free investment and a guaranteed annual return of 215 percent. Judge Joseph L. Tauro ruled that the SEC had overreached its authority because the company did not offer, buy or sell securities. The site raises money by asking "investors" to play the game by sending in money and then buying stocks in fictitious companies. Money is made or lost depending on the fluctuating value of the fantasy companies, controlled by the game's managers. The site raised hundreds of thousands of dollars, but people did not receive the promised return or even their initial investment, according to the SEC, which received complaints about the company from 27 states. SEC attorneys said they may appeal the decision. The "Stock Generation" site says it will be up again as soon as its frozen assets are released. If available, the site may be found at http://www.stockgeneration.com/

REPORT SUGGESTS OVERHAUL OF U.S. CYBERDEFENSES

A Congressionally appointed panel of national security experts recommended on January 31st that the U.S. create a National  Homeland Security Agency (NHSA) with oversight of all government and private sector efforts to protect America's critical infrastructure from both cyber and physical attacks. The U.S. Commission on National Security urged the Bush administration to form the new agency and to include a National Crisis Action Center, which would be a focal point for monitoring and coordinating federal support during any infrastructure crisis. Central to the new agency would be a directorate of critical infrastructure protection (CIP) that would manage cyberdefenses for the various sectors of the economy, including banking and finance, telecommunications, 
transportation and utilities. The commission's report, "Road Map For National Security: Imperative For Change," is the third installment of a three-phase study of how the U.S. can most efficiently deal with new threats posed by both technology and weapons of mass destruction. The report may be found at http://www.nssg.gov/

FTC'S "OPERATION DIRECT PRETEXT" UNDERWAY

The Federal Trade Commission announced on January 31st that it has identified 175 Internet firms that offer to collect personal financial information under false pretenses and then sell it to third parties, which is a violation of federal law. The practice of obtaining customer information under false pretenses is called pretexting, hence the name "Operation Direct Pretext." The Gramm-Leach-Bliley Act prohibits individuals from obtaining a customer's information from a financial institution or directly from the customer using false representations, fictitious documents, or forgery. The FTC has sent notices to the 175 firms that they must comply with federal law and that they are being monitored. Violations of the Gramm-Leach-Bliley Act may result in civil penalties of up to $11,000 for each violation, as well as criminal penalties. Further information may be found at http://www.ftc.gov/opa/2001/01/pretexting.htm

ONLINE AUCTIONS LARGEST SOURCE OF NET FRAUD

The National Consumers League reported on January 31st that online auctions made up 78 percent of the Internet fraud complaints it received in the year 2000. The nonprofit consumer organization also released a report showing 41 percent of online auction buyers surveyed reported problems ranging from late delivery of goods to damaged items or merchandise that never arrived. Internet auction fraud is also on the U.S. Federal Trade Commission's list of top 10 online scams and makes up 42 percent of all Internet related complaints filed with the FTC. The League's Online Action survey may be found at http://www.natlconsumersleague.org/onlineauctions/auctionsurvey2001.htm

SPRINGSTEEN LOSES DOMAIN NAME TO FAN CLUB

After a long string of victories in which celebrities have succeeded in claiming the right to a domain name featuring their name, Bruce Springsteen chalked up a loss. On February 7th, a three member World Intellectual Property Organization (WIPO) panel ruled that Canadian Jeff Burgar and the Bruce Springsteen Club had not violated Springsteen's rights by registering the domain name "brucespringsteen.com." The panel majority ruled that Burgar had demonstrated that he has some rights or legitimate interests in the domain name, and Springsteen failed to demonstrate that the domain name was registered or used in bad faith. In particular, there was no evidence that Burgar had tried to sell the name. The WIPO decision may be found at  http://arbiter.wipo.int/domains/decisions/html/2000/d2000-1532.html

BILL TO EXTEND NET MORATORIUM INTRO'D

On February 8th, a bipartisan group of Senators and Representatives reintroduced legislation to extend the moratorium on "discriminatory" Internet taxes for five more years. The bill, introduced by Senator Ron Wyden and Representative Christopher Cox, is similar to one that cleared the House last year but died in the Senate. The current moratorium on new Internet taxes and Web access charges will expire in October of 2001. The new bill would prevent discriminatory taxing of e-commerce or any taxes that treat online businesses differently from traditional businesses, prevent imposition of multiple taxes on the same online transaction and apply a permanent ban to Internet access taxes. States and local jurisdictions are concerned about the loss of tax revenues as more and more businesses move online, but bill supporters say it would be impossible for businesses to comply with thousands of local sales taxes. Recently, a coalition of U.S. states unanimously approved a plan to simplify their sales tax codes, in large part so they may eventually secure revenue from Internet and catalog sales. The Cox-Wyden bill requires Congress to approve or reject the states' plan without modification to induce quick action. If a sufficient number of states simplify and unify their sales and use tax systems, the bill says that Congress should consider authorizing those states to require sellers to collect taxes on goods delivered to those states. The text of the bill (The Internet Tax Nondiscrimination Act – S. 288) may be found by entering the bill number at 
http://thomas.loc.gov/home/c107query.html

AMERICA THE VIRUS RIDDEN

McAfee has posted a map of the world on its site, showing the prevalence of viruses around the world. The incidences of viruses in North America is both striking and logical given our technology dependence. The map comes in variants, which can show virus activity during the past 24 hours, the past week, or the past month. It can also show the number of computer files infected. North America, Australia, Sweden and Chile radiate hues of magenta and crimson. The former Soviet Union and most of the African continent appear virtually in a pale beige, meaning they have almost no virus activity. Computers that don't use McAfee software are not included, though the map's representation is only an indicator of virus activity and not a complete representation. The map reflects information gathered from almost 39 billion files. McAfee's customers voluntarily sent their data back to the company for virus detection and more than 20 percent of all computers were found to be infected. The World Virus Map may be found at  http://mast.mcafee.com/mast/mass_map.asp?

TERRORISTS UTILIZE THE NET

To no one's surprise, the terrorists of the world have also discovered the many wonders of technology. USA TODAY reported on February 6th that Muslim extremists, including Osama bin Laden, are posting encrypted photographs and messages on web sites and using them to plan attacks against the U.S. and its allies. The information includes maps and photographs of targets as well as information for executing attacks. U.S. law enforcement officials say the Internet has provided a new form of the "dead drop." The information is scrambled using free encryption programs set up by advocates of Internet privacy, requiring a private key for decryption. Further information may be found at http://www.newsfactor.com/perl/story/7731.html

NAPSTER DECISION PROMPTS NEW BUSINESS MODEL

The long-awaited ruling in the Napster case came down on February 12th. The three member panel of the 9th Circuit Court of Appeals allowed Napster users to continue swapping music files for the moment. Calling the lower court's decision overbroad, they remanded it to the district court with instructions to create a narrower injunction that would nonetheless require Napster to cease the trading of copyrighted music if the record companies bring specific infringing songs to its attention. The judges warned that Napster could be liable for huge damages, which could lead to sweeping changes in the way it operates its service. They affirmed the district court's conclusion that the plaintiffs had demonstrated a likelihood of success on their contributory copyright infringement claim. The ruling ordered Napster to police its networks "within the limits of the system." Napster has said such policing is technologically impossible.

However, Napster announced on February 16th that it was developing technology for a membership based business model  supported by the recording industry. The new business model will be implemented by Digital World Services (DWS), a subsidiary of Bertelsmann. Napster and Bertelsmann recently entered into an agreement to set up a fee-based digital distribution service for Bertelsmann's BMG labels. Napster said the new service enables secure administration of transferred files within a peer-to-peer structure. On February 20th, Napster offered the recording industry a $1 billion, five year offer for the rights to its copyright music, but the offer didn't find a receptive audience. The industry wants Napster to stop its current alleged illegal activities and build what it calls a legitimate business model before trying to reach a deal. Further information about the offer and its reception may be found at 
http://www.infoworld.com/articles/hn/xml/01/02/21/010221hnresponse.xml

As a follow-up to the Napster story, the RIAA has apparently been so emboldened by the court's holding that it has written letters to about 75 ISPs advising them that open-Napster services were using ISP channels to infringe on music copyrights and asking that those services be unplugged. Open-Napster systems utilize Napster clone software like Napigator or FileNavigator to facilitate music swapping without ever connecting to the actual Napster's centralized corporate servers. Instead, they often reside on home PCs with high-speed Internet connections and are operated privately. The letters ask that the ISPs inform the operators of the servers of their illegality and advise the RIAA in writing that the activity has ceased.

On February 23rd, Napster filed a request for rehearing with the full U.S. Court of Appeals for the 9th Circuit, saying that the three judge decision which had been rendered was overly broad and violated Napster's First Amendment rights. Napster said that by ordering it to "police its service" for copyright violations, the panel had undermined the protection Congress gave ISPs under the Digital Millenium Copyright Act. Napster said it is entitled to the same protection, which would mean that any court-ordered injunction against it would have to specify the infringed copyrights. Napster will remain operative at least until March 2nd, when U.S. District Judge Marilyn Hall Patel will hold a hearing to determine the terms of the modified injunction. The Court's decision in the Napster case may be found at http://www.ca9.uscourts.gov/ca9/newopinions.nsf/ 04485f8dcbd4e1ea882569520074e698/998c4fac8b2b2708882569f1005fa015?OpenDocument

COURT SHUTS DOWN NAME REGISTRATION SCAM

The Federal Trade Commission announced on February 15th that the U.S. District Court for the Northern District of Georgia had granted its request for a restraining order against a company known by the names National Domain Name Registry, Electronic Domain Name Monitoring, and Corporate Domain Name Monitoring. The company sent faxes to web site owners stating that an unidentified third party had attempted to register a site with a near identical name, which could be prohibited by sending in a $70 fee. Of course, no third party had registered or tried to register the names. The scam duped more than 27,000 consumers. The court ordered the defendant to cease operating its web sites and froze the corporate assets pending trial. Further information may be found at http://www.ftc.gov/opa/2001/02/morgenstern.htm

EU PASSES NEW PRIVACY LAW

On February 14th, the European Parliament approved a new law curbing Internet and high-tech piracy, plugging a legislative  vacuum in Europe. The new regulation, which affects the music and film industries, adapts outmoded EU laws to the digital  environment, allowing rights holders to prevent illegal copying of copyrighted works by advanced technology, such as encryption. Consumer rights groups welcomed the directive, saying it protected artists' rights without harming individual liberties. However, music labels and artists said the new EU rules were too soft and did not give the industry adequate weapons to fight digital piracy. Further information may be found at http://www4.zdnet.com/intweek/stories/news/0,4164,2685587,00.html

FBI'S CARNIVORE: A ROSE BY ANY OTHER NAME

Acknowledging that the name "Carnivore" conjured up "unfortunate" images, the FBI decided to give its e-mail and Internet surveillance system a tamer name. Certainly the new name, DCS1000, is about as boring a name as could be devised. The announcement of the new name came on February 13th. Privacy and civil-rights advocates have argued that the system violates Fourth Amendment protections against unreasonable search and seizure. Further information may be found at http://www.msnbc.com/news/530857.asp?cp1=1

ISP PLEADS GUILTY IN CHILD PORN CASE

On February 15, 2001, the ISP BuffNET pled guilty to the misdemeanor of criminal facilitation in a New York child pornography case. While Internet service providers are generally not responsible for their content, BuffNET apparently did not react promptly to its knowledge of the illegal content it was hosting, and in fact, had some knowledge of what was being disseminated. BuffNET hosted the activities of a child porn distribution group, which calls itself "Pedo University." New York law enforcement officials said that they had repeatedly told BuffNET about the materials on its network, even sending it examples. BuffNET officials claimed ignorance, and said authorities did not give it time to remove the offending materials. BuffNET's version of the case may be found at http://www.buffnet.net/news.html

HIGH SCHOOL STUDENT VICTORIOUS IN WEB SITE PARODY CASE

Karl Beidler was suspended from Timberline High School for his construction of a web page which lampooned his assistant principal. The American Civil Liberties Union announced on February 20th that the North Thurston School District in the state of Washington will be required under the ruling to pay Beidler $10,000 in damages and to pay the ACLU $52,000 in attorney fees. The recent damage award follows a July 2000 ruling by Thurston County Superior Court Judge Thomas McPhee that school officials may not punish a student for speech outside of school. Beidler's web site was created on his own time and with his own equipment. Further information is available at http://www.aclu.org/news/2001/n022001a.html

MICROSOFT AND BRISTOL SETTLE

Microsoft and Bristol Technology called an abrupt halt to their legal battles on February 21st, agreeing to settle their case. Though Microsoft will pay Bristol some amount of money, neither side would disclose the amount of the settlement. Bristol brought the case in August 1998, alleging that Microsoft violated Connecticut unfair business laws and state and federal antitrust laws. The trial ended in July 1999, with a jury clearing Microsoft of the antitrust violations but finding the company violated the Connecticut Unfair Trade Practices Act. The settlement dismissed both parties without prejudice. Further information may be found at http://www.bristol.com/press/2001/pr_settlement_02212001.htm

UN PROPOSES TIGHTER DOMAIN NAME REGISTRATION RULES

On February 21st, officials of The World Intellectual Property Organization, the intellectual property division of the United Nations, announced that the WIPO has proposed better identification of individuals and businesses that register domain names as well as a mandatory domain name dispute resolution process. The proposed new rules are intended to help combat cybersquatting, especially in cases where registrants use country codes (ccTLDs) to secure domain names of famous people or businesses. They would require domain name registrants to aver that they are not knowingly infringing on a third party's intellectual property, with the consequence that the registration could later be canceled if they were found to be lying. Additionally, registrants would be required 
to provide more complete contact details, including their postal mail and e-mail addresses, and phone numbers. A revised registration agreement would require registrants to promise to adhere to alternative dispute resolution if the rights to a domain name were disputed. The WIPO urged that standardized ADR procedures take one month for most disputes or two months for more complex ones. During the process, transfers of domain names would be blocked to prevent "cyberflight," that is, passing the domain name on to another party not involved in the dispute. The WIPO is calling for comments on its proposals to be made by April 30th. The proposals may be found at http://ecommerce.wipo.int/domaines/cctlds/bestpractices

MICROSOFT AT CENTER OF ANOTHER ANTITRUST PROBE

Microsoft acknowledged on February 14th that it had received a subpoena from the U.S. Justice Department dealing with its $135 million investment in Corel Corp. The government is investigating whether the alliance between the two corporations adversely affects competition in the software industry. The formerly fierce competitors are now working together to develop and sell Microsoft's .NET platform, as well as planning mutual web sites and trade show presentations. Microsoft says it is fully complying with the subpoena. Further information may be found at http://www.newsfactor.com/perl/story/7520.html

MICROSOFT/DOJ ARGUE BEFORE COURT OF APPEALS

After a rare two days of argument before the Court of Appeals for the District of Columbia on February 26th and 27th, experts predicted that the antitrust action against Microsoft would conclude with conduct restrictions but without a breakup of the company. The full panel of Court of Appeals judges, minus two who had recused themselves, heard the arguments. Questions from the judges made it clear that they felt trial court judge Thomas Penfield Jackson had not fully considered the impact of a breakup, requiring an evidentiary hearing. Their pointed rebuke of Jackson for his out-of-court statements made it seem likely that a new judge will take over the case if it is, as expected, remanded to the lower court for a new remedy phase. Legal experts expect a ruling from the appeals court sometime in April or May. Court pleadings in the case may be found at http://www.cadc.uscourts.gov