Issue 59 May 2002	BYTES IN BRIEF® by Editors: Sharon D. Nelson, Esq. and John W. Simek Associate Editor: Amelia C. Hierholzer Editor Emeritus: G.V. Nelson 9500+ subscribers worldwide © 2001 Sensei Enterprises, Inc./Nelson & Wolfe. All rights reserved. This newsletter may not be reproduced or redistributed in any manner except with consent of the copyright owner. Distributed by Silver Law Inc. under license.

SUPREME COURT OVERTURNS VIRTUAL CHILD PORN BAN

On April 16th, the U.S. Supreme Court struck down as unconstitutional a law which prohibits the depiction on the Internet of so-called "virtual child pornography," which appears to depict real children, but does not. The 6-3 decision said that key provisions of the Children Pornography Prevention Act of 1996 were "overbroad" and infringed on established First Amendment protections of material with artistic value that does not violate community standards. The law attempted to ban many kinds of images, including computer generated images and the use of adults with childlike appearances, which were meant to convey the impression of minors engaging in explicit sexual activities. The opinion cited several artistically significant instances in which teenage sex was portrayed, such as "Romeo & Juliet," and the recent films "Traffic" and "American Beauty." The decision in Ashcroft et al v. Free Speech Coalition et al may be found at the Supreme Court Website

FBI FINDS MORE HACKING, LESS DISCLOSURE

On April 7th, a joint FBI/Computer Security Institute survey was released which found that roughly 90% of survey respondents suffered security breaches in the past year, but only 34% reported those breaches to law enforcement authorities. The primary reason for the failure to report was the fear of bad publicity resulting from the computer security failure. This seventh annual survey polled 503 American corporations, government agencies, financial and medical institutions and universities, though the names were not released. One of the conclusions is that companies are finding that revealing security intrusions hurts rather than helps the bottom line and that the preference is to solve the security problem and simply move forward. The government has begun to use such partnership ventures as the FBI's InfraGard chapters in each field office to persuade companies to report the attacks directly to FBI agents without fear of public disclosure. Survey respondents said they lost at least $455 million as a result of computer crime, compared with $377 million the previous year. Only half the respondents opted to quantify their losses. Although there is serious concern about intrusions by foreign governments or terrorists, most intrusions still come from individual hackers and disgruntled employees. Thirty-eight percent of the respondents said their web sites were broken into over the past year. Eighteen percent reported some sort of theft of transaction information, such as credit card numbers or customer data, or financial fraud. The survey may be found at http://www.gocsi.com/press/20020407.html

W3C OKS PRIVACY STANDARDS

On April 16th, the World Wide Web Consortium approved a system for offering web site visitors a guide to how well a site honors their personal privacy. Known as the Platform for Privacy Preferences, or P3P, the system allows users to tell it how much data collection and sharing they are willing to tolerate. The software then checks the machine-readable privacy policies attached to web sites as hidden tags. The software warns users when there isn't a match. Microsoft has already included a limited form of P3P in Internet Explorer 6. The system is voluntary, and its utility will depend in large part on the number of sites that employ it. Even if a site uses P3P, the system won't prevent sites from collecting data or sharing the information with marketers, nor would it let users negotiate with sites on the way information is used. Opponents say P3P will do nothing to protect users' privacy and may make it more difficult to win passage of privacy-protection legislation. The W3C recommendation may be found at http://www.w3.org/P3P

FTC ANNOUNCES INTERNET NETFORCE

On April 2nd, the Federal Trade Commission announced that it had joined forces with eight state law enforcement agencies and four Canadian consumer protection groups to combat fraud and spam on the Internet. The two-year effort is named "International Netforce" and has thus far resulted in the filing of 63 cases against defendants accused of fraud. The agencies have also debuted a joint effort to target spam and have sent more than 500 warning letters to spammers. The FTC hopes to expand its efforts to encompass more states and foreign agencies in the future. As part of its mission, the agencies replied to spam messages and asked to be removed, seeking to verify the commonly held belief that replying to spam and asking to be removed simply provides spammers with the knowledge that they now have a valid e-mail address. In fact, the results indicated that the majority of replies went to dead addresses. Since the beginning of 1998, the FTC said people have forwarded 10 million spam messages to uce@ftc.gov, the address for the agency's junk e- mail database. Further information may be found at http://www.ftc.gov/opa/2002/04/spam.htm

YAHOO RESETS USERS' PRIVACY PREFERENCES

In late March and early April, Yahoo sent out messages to its users telling them that their preferences had all been reset to opt-in to receipt of all marketing options. Yahoo said the company acted correctly when it reset users' marketing preferences, informing users of the changes with an e-mail message giving them 60 days to reset their preferences. The company said that the changes had been made to benefit Yahoo users so they could choose the kind of information they wanted to receive from Yahoo. Predictably, those who had already set their preferences to indicate "No thanks" to all marketing were not pleased to do so all over again. Legal experts have suggested that a class action suit may be filed to compel Yahoo to honor the privacy terms in force at the time users signed up. Yahoo's updated Privacy Policy may be found at http://privacy.yahoo.com/privacy/us/

JUDGE DENIES MOTION TO DISMISS ELCOMSOFT SUIT

On April 2nd, Judge Ronald Whyte of the U.S. District Court for the Northern District of California denied a motion to dismiss the suit against the Russian software company ElcomSoft for allegedly violating the U.S. Digital Millennium Copyright Act (DMCA). ElcomSoft is charged with creating and distributing software over the Internet that allows users to circumvent the copyright protection in Adobe Systems's eBook format. ElcomSoft's attorney had argued that the conduct at issue took place primarily on the Internet, not in the U.S., and was therefore outside the court's jurisdiction. Whyte based his decision in part on the fact that the software was offered for sale on a server located in the U.S. and was purchased by people in the U.S. Further information may be found at http://news.com.com/2110-1023-874225.html

EPIC FILES SUIT AGAINST HOMELAND SECURITY OFFICE

On April 2nd, the Electronic Privacy Information Center (EPIC) filed suit in the U.S. District Court for the District of Columbia, seeking to force the U.S. Office of Homeland Security to reveal information regarding proposals for a national identification system. EPIC took the action after it failed to receive a response to its requests under the Freedom of Information Act. EPIC said it is looking for records "on technical and legislative proposals for identification systems," believing that legislation has already been drafted calling for state driver's license records to be linked to federal agency databases. A copy of the complaint in the case may be found at http://www.epic.org/open_gov/foia/ohs_complaint.pdf

JUDGE PROHIBITS ONLINE STREAMING MOVIE CLIPS

In late March Judge Jerome Simandle, of the U.S. District Court for the District of New Jersey, granted a request for a preliminary injunction by Buena Vista Home Entertainment and Miramax Film Corporation against the video preview company Video Pipeline. The court agreed with Buena Vista and Miramax's argument that the plaintiffs would likely prevail against Video Pipeline in their copyright infringment claims involving the defendant's streaming video-clip previews which lifted scenes from Disney and Miramax movies. The ruling in the case may be found at http://lawlibrary.rutgers.edu/fed/html/ca00-5236-1.html

DOUBLECLICK SETTLES PRIVACY CLASS ACTION SUITS

On March 29th, Internet advertiser DoubleClick announced that it had agreed to settle federal and state class-action suits by purging user information it had gathered and by instituting an enhanced privacy policy. The company also agreed to an extensive series of consumer education measures. As part of the settlement, DoubleClick will pay up to $1.8 million in legal fees. Further information may be found at DoubleClick.com

SECOND CIRCUIT OVERTURNS COMPUTER BAN IN CP CASE

On March 28th, the Second Circuit Court of Appeals ruled that Gregory Sofsky, who had been convicted of possessing child pornography, could not be prohibited from using a computer during supervised release. The court said that the restriction "exceeds even the broad discretion of the sentencing judge with respect to conditions of supervised release." The court also said that the prohibition against using a computer constituted a "greater deprivation of Sofsky's liberty than is reasonably necessary." The decision in United States v. Sofsky may be found by entering the search term "Sofsky" at http://csmail.law.pace.edu/lawlib/legal/us-legal/judiciary/search-opin ions.html

DUTCH COURT PROTECTS FILE SWAPPER KAZAA

On March 28th, a Dutch appellate court overturned a lower court ruling that had found the file-swapping firm Kazaa liable for copyright infringement. The surprise decision said that Kazaa is not responsible for the illegal acts of those using its software. The decision, which may be appealed to the Netherlands' Supreme Court, is not expected to have any impact on U.S. decisions, which have tended to favor copyright owners in similar circumstances. Kazaa is presently being sued for copyright infringement in the U.S. by a number of music companies and music studios along with Grokster and MusicCity. Commentators are speculating that the Dutch decision may allow the Netherlands to become a safe haven for file-swapping companies that could relocate there to avoid liability in other countries. Further information may be found at http://news.com.com/2100-1023-870396.html

AOL VICTORIOUS OVER PORN SPAMMER

On April 3rd, America Online announced that it had successfully settled its suit against Netvision Audiotext, whose Cyber Entertainment Network had been accused by AOL of spamming its users on behalf of various pornographic sites. The settlement includes an undisclosed monetary payment to AOL and an injunction prohibiting the company from sending unsolicited e- mail to AOL members through Netvision's Webmaster affiliates. Netvision must also provide detailed information to AOL in any future spam investigations. The lawsuit alleged that Netvision violated a number of laws, including the Virginia Computer Crimes Act and the Federal Computer Fraud and Abuse Act. Further information may be found at ZDNet.com

5TH CIRCUIT PROTECTS GALLO TRADEMARK IN DOMAIN NAME

On April 3rd, the Fifth Circuit Court of Appeals affirmed the lower court's ruling that Spider Webs Ltd. violated the trademarked name of the Ernest and Julio Gallo Winery when it registered the domain ernestandjuliogallo.com and then labeled the company the "Whiney Winery." Spider Webs refused Gallo's request to transfer the name and posted information on the site about the dangers of alcohol. According to the Gallos' attorney, the decision represents the first time the 5th Circuit has applied the federal Anti-Cybersquatting Consumer Protection Act according to Gallo's attorney. The lower court's injunction prohibiting Spider Webs from registering any domain name that might be associated with the Ernest and Julio Gallo Winery was also affirmed, as was the court ordered transfer of the domain name to Gallo. The decision in the case may be found at findlaw.com

EUROPEAN PARLIAMENT VOTES AGAINST BLOCKING

On April 11th, the European Parliament voted overwhelmingly against the use of blocking to control content on the Internet. The 460-0 vote (with three abstentions) means that Internet Service Providers will not be required to restrict access to certain web sites, but instead may continue to rely on self- regulation. The Parliament expressed concern about the technical problems raised by blocking, as well as concern about free speech issues. Further information may be found at the Register

HOUSE PASSES DIGITAL TECH CORPS ACT

The House of Representatives passed the Digital Tech Corps Act by voice vote on April 20th. The bill, fashioned to assist the government in finding an adequate supply of high-tech employees, would permit some government employees to work temporarily at private companies while also permitting private employees to take temporary job assignments with the government. The assignments would generally vary between six months and two years. Two amendments were added to the bill. They require that 20 percent of government workers heading to temporary industry jobs be placed with small businesses, that the Office of Personnel Management update Congress on current training programs, and that companies be prohibited from adding the costs of the Tech Corps program to current government contracts. A companion bill is still pending in the Senate. The text of the bill may by entering bill number H.R. 3925 at http://thomas.loc.gov

20 YEAR OLD NIGERIAN LETTER FRAUD CONTINUES ONLINE

The so-called "Nigerian Letter fraud," around for more than 20 years, has taken a new life online. In the e-mail version, e- mails purportedly from representatives of the Nigerian government ask to use the recipient's bank account to deposit millions of dollars. The dignitaries say that the Nigerian government has misappropriated the funds. The e-mails offer the recipient 10% of the funds for the use of their bank account. They require the account number and various other personal information to proceed. Sometimes they ask for cash from the victims to pay for licenses, taxes, transfer fees, or other supposed costs. The scammer then cleans out the bank accounts. At least 16 Americans have reported total losses of $345,000 and it is suspected that this is just the tip of the iceberg. In April, the Internet Fraud Complaint Center reported that almost 10,000 Americans last year reported losing $17.8 million in online scams. A list of the most common scams may be found at http://www1.ifccfbi.gov/strategy/fraudtips.asp#Nigerian%20Letter%20Scam

RIIA SETTLES WITH IIS OVER MUSIC AT WORK

On April 9th, the Recording Industry of America announced it had reached a $1 million settlement with technology consultants Integrated Information Systems (IIS). Arizona-based IIS had allegedly let employees trade copyrighted MP3 files over a dedicated server. This unprecedented action against an internal corporate network, according to the RIAA, was intended to serve as a clear message that there would be consequences if companies permit their resources to further copyright infringement. Further information may be found at http://www.riaa.org/PR_Story.cfm?id=505

COURT ORDERS LESS WEB SITE REFERENCES TO COMPETITOR

In an intriguing expansion of trademark rights on the Net, a federal judge has ordered Steven Kassel, the owner of www.taxes.com, to reduce the number of references on his site to his competitor, J.K.Harris & Co. The late March decision in J.K. Harris v. Steven Kassel (02-0400) was issued by U.S. District Judge Claudia Wilken of the Northern District of California. Her ruling included a preliminary injunction forbidding Kassel from overloading his web site with 75 references to J.K. Harris, which manipulated search engines to rank his site higher than Harris' even when the Harris name was the search term. Though judges have routinely enjoined companies from using their competitors' trademarked names in metatags, this decision extends the protection to techniques on the web site itself designed to lure consumers away by confusing them as they use search engines. Kassel was also charged with posting libelous statements about J.K. Harris. Wilken ruled that Kassel may only use J.K. Harris' trade name as reasonably necessary and she also prohibited its excessive use in headers and as underlined words. Further information may be found at http://www.newsbytes.com/news/02/175793.html

CIA WARNS OF CHINESE CYBER-ATTACKS

The Los Angeles Times reported on April 25th that the CIA has released a classified report which states its belief that the Chinese military is working to launch wide-ranging cyber-attacks on American and Taiwanese computer networks, including Internet- linked military systems which may be vulnerable to sabotage. The attacks are anticipated to include hacking and the release of computer viruses. The assessment concludes that the Chinese currently lack the technical expertise to do widespread harm to U.S. and Taiwanese systems, but maintains that this is the goal of the People's Liberation Army. The Chinese Embassy in Washington has insisted that Beijing is merely conducting defensive computer research. Further information may be found at http://www.latimes.com/technology/la-042502china.story

COURT ASKED: OK TO COPY DVDS?

On April 22nd, 321 Studios launched a frontal assault against nine movie studios, asking the federal district court in San Francisco to issue a declaratory judgement that its DVD Copy Plus program, which sells for $39.95, does not violate the Digital Millennium Copyright Act. The DMCA prohibits providing technology that can crack copy protections. According to the complaint, "This lawsuit involves the ability of a small Internet company to market and sell an instruction manual and bundled computer software that teaches legal owners of DVD movies to make legitimate backup copies of the contents of a DVD for their own personal use." Though courts have consistently recognized the right of consumers to make personal copies of music and TV shows, and protected VCR, tape deck and MP3 player manufacturers, and the movie and recording industries have sought tight enforcemenet of the DMCA. Their efforts have caused concern that protected and legitimate copying of legally purchased CDs and movies, for backup purposes and the ability to make computer copies, may be under fire. The complaint also states that the MotionPicture Association of America has asked the FBI to investigate 321's activities. The company seeks no damages, only permission to sell its product. A copy of the complaint may be found at http://www.321studios.com/complaint.pdf

DOT.US: OPEN FOR BUSINESS

On April 24th, addresses in the revamped U.S. Internet county code were made available to citizens and businesses, after years in which the domain was reserved primarily for local governments, schools and libraries. Unlike top-level domains, under the control of the International Internet Corporation for Assigned Names and Numbers, country codes are assigned to each country to manage as they wish. The U.S. previously had a decentralized, nonprofit system that assigned addresses based on locality. Washington-based NeuStar, which won the right to manage the domain in October of 2001, plans to preserve the existing system while also opening it up to commercial development. Company representatives say the company has set aside certain addresses like www.cityofchicago.us for state and local governments, but will make available simpler addresses like www.chicago.us. The privately held company is also working with the U.S. government to set up a kids-only address that would bar violent content, pornography or other inappropriate material. Further information may be found at http://www.neustar.us/

COURT RESTRICTS CHILDREN'S ACCESS TO VIDEO GAMES

On April 19th, U.S. District Judge Stephen Limbaugh ruled that local governments have the right to restrict children's access to violent or sexually explicit video games because they are not constitutionally protected forms of speech. Limbaugh rejected a request by the Interactive Digital Software Association to toss out a St. Louis County ordinance regulating access to such games. The ordinance requires children under 17 to have parental consent before they buy or play violent or sexually explicit video games. Local authorities have suspended implementation of the ordinance until July 1st. Further information may be found at USA Today

MICROSOFT GETS ITS DAY IN COURT

On April 2nd, Microsoft landed some punches in its attempt to show bias on the part of some government witnesses. Microsoft produced e-mails showing one executive, Mitchell Kertzman of Liberate Technologies, offering to modify his anti-Microsoft stance by opposing the corporation's break-up in exchange for a business deal with Microsoft. During the hearings, Microsoft and AOL sparred, each accusing the other of trying to dominate the Internet.

On April 10th, U.S. District Judge Kollar-Kotelly rejected the non-settling states' request to freely introduce transcripts and videos of interviews with 18 Microsoft executives, including Bill Gates. Kollar-Ketelly said the states should have made their request earlier, under the timetable she had established before the hearings commenced. The judge said she would allow portions of the pre-hearing depositions to be entered during cross-examination of Microsoft employees if the material was touched on in their written testimony.

In mid-April, it was Microsoft's turn to present its case after roughly four weeks of the states presenting their arguments. Kevin Murphy, a University of Chicago economics and industrial relations professor, argued that sanctions against Microsoft should be limited to its misdeeds and opposed the broader sanctions sought by the non-settling states. The states' attorney countered in part by noting that Murphy had written a series of papers partially funded by Microsoft. Autodesk Chief Technology Officer Scott Borduin critized the antitrust sanctions sought by the states as risky to the stable and predictable platform of Windows. Attorneys for the states noted that he had nonetheless complained to Microsoft about its decision to drop Java software from Windows XP. Advanced Micro Devices chairman W.J. Sanders III told the court that creation of a modular version of Windows would harm both microprocessor manufacturers and consumers. He also acknowledged that, if Microsoft fails to support AMD's upcoming release of a new microprocessor called Hammer, it would be devastating to the company.

On April 15th, the Justice Department declined to support Microsoft's effort to have the non-settling states' claims dismissed on the grounds that they did not have standing to proceed on antitrust grounds without the federal government. The DOJ said it found "no definitive case law that would require granting the relief Microsoft seeks as a matter of law." At the same time, the department said the states do not have as much authority as the federal government.

A hearing highlight was the appearance of Microsoft Chairman Bill Gates who, predictably, said that the remedies proposed by the non-settling states were unworkable and would cause harm to Microsoft, the computing industry, and consumers. He also indicated that the states' remedies would impact the stock market and keep Microsoft from being able to compete effectively. Gates testified that removing code from Windows would have disastrous consequences because software would lose application program interfaces and cease to work. If Microsoft had to remove Internet Explorer from Windows and follow the other remedies proposed by the states, Gates said the company might have to pull Windows from the marketplace.

Under cross-examination, Gates admitted that the proposed remedies would have kept Microsoft from threatening to cease development of Mac Office if Apple Computer had not installed Internet Explorer on new computers. He also acknowledged that Microsoft would not have been able to pressure Intel into ceasing to develop software that would have competed with Windows. He also pointed out that the settlement Microsoft reached with the Department of Justice would have restrained the company in those two cases. In his final day of testimony, Gates warned that the remedies sought by the states would remove Microsoft's incentives to innovate and potentially send Microsoft's research and development arm into a ten-year period of hibernation. Legal documents in the case may be found at http://www.microsoft.com/presspass/legalnews.asp