Issue 68 February 2003	BYTES IN BRIEF® by Editors: Sharon D. Nelson, Esq. and John W. Simek Associate Editor: Amelia C. Hierholzer Editor Emeritus: G.V. Nelson 9500+ subscribers worldwide © 2001 Sensei Enterprises, Inc./Nelson & Wolfe. All rights reserved. This newsletter may not be reproduced or redistributed in any manner except with consent of the copyright owner. Distributed by Silver Law Inc. under license.

On January 15th, the U.S. Supreme Court upheld the 1998 Sonny Bono Copyright Term Extension Act (CTEA). The act extends the term of existing copyrights by 20 years and also grants longer terms for future copyrights, ranging from 70-120 years. The original suit was filed by Eric Eldred of Eldritch Press, which runs a nonprofit website with free online access to public domain books. Eldred’s suit was joined by other publishers of online public domain content and supported by a number of library and education groups. They argued that the CTEA was beyond the scope of legislative power, that it violated the "limited times" provision of the Copyright Clause and that it violated the First Amendment. The court found a long history of Congressional extensions of copyright and patent terms. The court also found additional Congressional support for the CTEA in harmonizing U.S. and European Union copyright terms, and in "demographic, economic and technological changes" affecting copyrights. The court declined to find that the CTEA amounted to a perpetual copyright, noting that there were other similar long-term practices in law, such as 99-year leases. Eldred argued that the continuing extension of copyright kept works from the public domain and restricted their free use. The court found, however, that copyright law contained "built-in" First Amendment accommodations. These included the protection of only expression, not underlying facts and ideas; the availability of those facts and ideas for continuing exploitation even when they are published in a copyrighted work; and the availability of fair use as a means for accessing copyrighted expression in certain circumstances. The decision is a major victory for large-scale commercial copyright holders, such as Disney and Time Warner, whose creations, like Mickey Mouse and the movies and music of the 1920s and early ‘30s, are now protected until the year 2020 and beyond. The opinion in Eldred v. Ashcroft may be found at http://www.supremecourtus.gov/opinions/02pdf/01-618.pdf

On January 21st, U.S. District Judge John D. Bates ruled that Verizon Communications, Inc. must identify a subscriber who is suspected of illegally offering more than 600 songs by top recording artists. The Recording Industry Association of America sought the user's identity with a subpoena approved under the 1998 Digital Millennium Copyright Act. The law allows the issuance of a subpoena from a U.S. District Court Clerk’s office, but does not require a judge's permission for such subpoenas, which is a central complaint in the dispute. The ruling means that consumers using any of the popular Internet file-sharing programs can more easily be identified and tracked by copyright owners. Verizon appealed the ruling and asked for a stay on January 30th. The decision may be found at http://www.politechbot.com/docs/verizon.riaa.decision.012103.pdf

On January 27th, the U.S. Supreme Court ruled that the Federal Communications Commission (FCC) violated federal law when it attempted to reclaim part of the public airwaves from a wireless firm that had sought refuge in bankruptcy court after it could no longer afford to make payments on its $4.74 billion bid. The ruling was a victory for NextWave Personal Communications, Inc., which won the licenses in a government auction in 1996 but filed for Chapter 11 bankruptcy protection two years later. The FCC said it acted in the public interest when it seized the airwaves in 2001 and resold them to several established companies for $15.8 billion. The agency argued that it had acted on regulatory grounds, enforcing rules that required winning bidders to make full and timely payments as a condition of keeping their licenses. The Supreme Court, in an 8-1 decision, said that the federal bankruptcy code clearly prohibits any governmental unit from revoking a license solely because the company has not paid a debt. The FCC's claim that it was acting as a regulator rather than a creditor was irrelevant, according to the court. The decision means NextWave must now use the airwaves to build its own network or return the licenses to the government if it cannot afford to do so. The company is expected to try to sell the rights to other wireless phone companies. The decision in FCC v. NextWave may be found at http://www.supremecourtus.gov/opinions/02pdf/01-653.pdf

On January 3rd, Supreme Court Justice Sandra Day O’Connor released the emergency stay she had placed on a ruling by the California Supreme Court. The effect of the release is that the defendant in the case, Matthew Pavlovich, is no longer prohibited from distributing the DeCSS descrambling code, though he risks further litigation if he chooses to do so. A coalition of movie studios and consumer electronics manufacturers had filed the suit in 1999 against a number of people who had posted DeCSS online, alleging violations of California’s trade secret laws. However, the California Supreme Court ruled that Pavlovich was a resident of Texas with no substantial contact with California who therefore could not be sued there. The plaintiffs could still sue Pavlovich in Texas or, alternatively, could file a petition for review by the full Supreme Court. Further information may be found at http://news.com.com/2102-1023-979197.html

On January 1st, VeriSign turned authority for the .org top level domain over to the Public Interest Registry (PIR), an entity established by the nonprofit Internet Society (ISOC) to administer .org. The .org domain is the Internet's fifth-largest top-level domain, with 2.4 million names registered, and is intended for use by noncommercial organizations. PIR won the responsibility for administering the .org domain in October 2002. VeriSign gave up that right in exchange for the right to maintain the more lucrative .com domain. Further information may be found at http://www.pir.org/orgtran.html

On January 3rd, the Indiana Supreme Court temporarily halted a new law that requires the Indiana Sheriffs’ Association to place the photographs and addresses of convicted sex offenders on the Internet. In a 3-2 decision, the court sided with the Indiana Civil Liberties Union and granted an emergency stay to block the extension of Zachary's Law, which was originally passed in 1994 to protect children from convicted sex and violent offenders. The injunction will remain in force until the Indiana Supreme Court decides whether the law’s extension passes Constitutional muster. Further information may be found at http://www.indystar.com/print/articles/8/013146-4898-P.html

On January 3rd, a 9th Circuit panel of judges asked the California Supreme Court to consider the question of whether traditional property conversion laws should apply to Internet domain names. Sex.com owner Gary Kremen began the legal battle four years ago with Network Solutions, now owned by VeriSign. Kremen alleged that Network Solutions should be held responsible for the erroneous transfer of the sex.com domain name to a con artist. The panel is asking the Supreme Court, essentially, whether domain names are to be treated in the same manner as corporate stock, having clear and discrete property rights. If that is held to be the case, one who alters title to a registered domain name is fairly on notice that another’s property may be affected. If the California Supreme Court elects not to take the case, it is anticipated that the appeals court will make a final decision. The court’s Order Certifying Question to the California Supreme Court in Kremen v. Cohen may be found at http://www.ca9.uscourts.gov/ca9/newopinions.nsf/ 35F36BEEE57010D588256CA2007A625D/$file/0115899o.pdf?openelement

On January 10th, U.S. District Judge J. Frederick Motz declined to dismiss antitrust cases filed against Microsoft by two small competitors, Be and Burst.com. Motz said he was satisfied that there were sufficient allegations to proceed with the companies’ federal antitrust claims. Be, which folded last year, alleged that it was excluded from competing in the computer operating system market when Microsoft pressured computer manufacturers not to ship computers with two operating systems. Burst alleged that Microsoft forced it out of the video-streaming software market by pressuring Intel and RealNetworks not to support Burst technologies. Further information may be found at http://www.wired.com/news/print/0,1294,57168,00.html

According to a January 20th court release, Manhattan Supreme Court Justice Marilyn Shafer permanently enjoined Network Associates from using language in their product sales and distribution which bars customers from disclosing the result of any benchmark test to any third party without Network Associates’ approval and from using language which bars customers from publishing reviews of the product without the prior consent of Network Associates. New York Attorney General Eliot Spitzer had filed the suit in 2002 charging that the language unconstitutionally restricted free speech. Network Associates is the manufacturer of the popular McAfee antivirus software. The court also ordered Network Associates to provide it with evidence of its sales so the court may assess penalties and costs. The company says it will appeal the ruling. The decision may be found at http://www.eff.org/IP/UCITA_UCC2B/spitzer-v-network-assic.pdf

In a study released on January 15th, the American Civil Liberties Union (ACLU) blames the unchecked use of technological tracking features for an increase in surveillance by both the government and the private sector. In "Bigger Monster, Weaker Chains: The Growth of an American Surveillance Society," the ACLU reports "The explosion of computers, cameras, sensors, wireless communications, (Global Positioning System) biometrics and other technologies in just the last 10 years is feeding a surveillance monster that is growing silently in our midst." The study cites several trends that are leading to an advanced surveillance society, including video surveillance, the capturing and marketing of personally identifying data, new data-gathering technologies that take advantage of cell phones and other devices, and stepped-up government efforts to maintain databases containing information about citizens. The ACLU report may be found at http://www.aclu.org/Privacy/Privacylist.cfm?c=39

EFF REPORT ATTACKS DMCA

In a report released on January 9th, the Electronic Frontier Foundation (EFF) attacks the Digital Millennium Copyright Act (DMCA), which was passed in 1998. The report says that Congress meant to stop copyright pirates from defeating anti-piracy protections added to copyrighted works, and to ban "black box" devices intended for that purpose. The report, entitled "Unintended Consequences: Four Years Under the DMCA," says that aggressive application of the law has reached beyond Congress’ intention, thereby chilling free expression and scientific research, jeopardizing fair use and inhibiting competition. The study particularly examines the anti-circumvention provision, which prohibits cracking protections on copyrighted works except in narrow circumstances, even if the purpose is legitimate. A copy of the report may be found at http://www.eff.org/IP/DMCA/20030102_dmca_unintended_consequences.html

The U.S. Sentencing Commission (USSC) is asking the public to comment on the formula used to sentence hackers and virus writers to prison or probation, as part of a review demanded by legislators who are increasingly concerned that computer criminals are getting off easy. The USSC's Federal Sentencing Guidelines set the range of sentences a court can choose from in a given case, based on a point system that sets a starting value for a particular crime, and then adds or subtracts points for specific aggravating or mitigating circumstances. Computer crimes currently share sentencing guidelines with larceny, embezzlement and theft, where the most significant sentencing factor is the amount of financial loss inflicted, and additional points are awarded for using false IDs or defrauding more than 10 victims. In the wake of September 11th, Congress became more concerned with computer crime and one of the provisions in the Homeland Security Act passed last November requires the USSC to review the cyber crime sentencing guidelines to ensure they take into account "the serious nature of such offenses, the growing incidence of such offenses, and the need for an effective deterrent and appropriate punishment to prevent such offenses." The USSC therefore published a formal "Issue for Comment" on the general question of whether sentences are strong enough to deter and punish cyber criminals, and on eight specific proposals to add more variables to the formula that produces a hacker's sentence. The public comment period ends on February 18th. The Commission’s notice may be found at http://www.ussc.gov/FEDREG/fedr1202.htm

Microsoft announced on January 10th that it had settled the largest consumer antitrust suit against it, agreeing to give up to 13 million California residents and businesses who purchased Microsoft software a total of $1.1 billion in vouchers for use in buying any computer hardware or software. Similar suits are pending in 17 states and the District of Columbia. California Superior Court Judge Paul Alvarado must still approve the settlement. Under the settlement, Californians will have four months to file claims. People who purchased any Microsoft software in February 1995 through December 2001 could file claims and have up to four years to use vouchers given by Microsoft. The value of the vouchers would be based on a negotiated formula for each type of software purchased. If there is money left from the $1.1 billion after all claims have been filed, one-third of it will revert to the company and two-thirds will pay for software and computer services for disadvantaged schools in California. Further information is available at http://news.com.com/2117-1001-980269.html

On January 16th, the California Department of Motor Vehicles banned Allstate Insurance from checking drivers’ records online after Allstate employees were found illegally looking through the records of friends, family and acquaintances. In its investigation, DMV found 131 violations of confidentiality rules such as those requiring people who access the data to have individual passwords and sign confidentiality papers. Allstate employees in seven claims offices violated the rules, sometimes by sharing computer passwords or making up fake car claim numbers to get into friends' or family members' DMV records. DMV Director Steven Gourley called the violations "egregious" and said that Allstate resisted the DMV’s attempts to resolve the problem. Allstate workers will still be able to get DMV records, but they will have to ask for them in writing and wait for written responses. Allstate can apply to have its access reinstated, but the DMV will review its security procedures, a process that will take at least 60 days. Further information may be found at http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2003/01/17/BU2 17673.DTL&type=business

U.S. District Court Judge J. Frederick Motz has ruled that Microsoft has 120 days to start shipping Sun Microsystems’ Java technology with its Windows operating system. He also ruled that Sun may proceed with all 16 of its antitrust claims against Microsoft. However, he granted Microsoft’s motion to delay the Java order in order to give the company time to appeal his decision. Sun had accused Microsoft of using its monopoly power in the desktop operating systems market to undermine the use of Java, which competes with Microsoft's .Net software. Sun said Microsoft did this by distributing Java software that is incompatible with Sun's, restricting its ability to run across multiple computer platforms. Motz asked Microsoft's lawyers why they were raising about 60 pages of concerns about his Java order more than nine months after Sun asked for the preliminary injunction. In a memorable quote, the judge said, "I'm reminded of a sentence I took out of my opinion . . . when Microsoft has the will to achieve, the achievement is great, and when it has the will to obstruct, the obstruction is complete." On January 21st, Judge Motz issued an order setting a schedule for Microsoft to include Java programming language with its operating system. On January 22nd, Microsoft filed an emergency motion with the 4th Circuit Court of Appeals seeking a stay of Motz’ order. The court’s order may be found at http://www.sun.com/lawsuit/121order.pdf

A Norwegian court has cleared Jon Johansen of breaking the law when he helped to unlock a DVD copy protection code and distribute a computer program (DeCSS) that allowed the unauthorized copying of DVD movies. The suit was brought after a complaint was filed by the Motion Picture Association of America, which represents the major Hollywood studios. The studios charged that unauthorized copying was copyright theft and undermined a market for DVDs and videos worth $20 billion a year in North America alone. Norwegian prosecutors have appealed the acquittal. Further information may be found at http://abcnews.go.com/wire/Business/ap20030120_1015.html

According to the Federal Trade Commission (FTC), the number of identity theft complaints rose from 86,000 in 2001 to 162,000 in 2002. Of the 380,000 fraud complaints received by government authorities last year, identity theft accounted for 43% of the complaints. Complaints about fraud in Internet auctions ranked second and accounted for 13 % of complaints. The FTC estimates that up to 700,000 people in the U.S. are victimized by identity theft each year, with average victims expending more than $1,000 to cope with the damage to their accounts and credit. The District of Columbia had the highest rate of identity theft in 2002 with 123 victims for every 100,000 people. California and Arizona followed with 91 and 88 victims per 100,000 people, respectively. The FTC’s identity theft site may be found at http://www.consumer.gov/idtheft/

On January 23rd, the U.S. Senate placed a moratorium on the Pentagon’s Total Information Awareness (TIA) program into a massive spending bill. The moratorium was inserted by unanimous consent. Since the House of Representatives’ appropriations bill does not include any limits on TIA, a conference committee will have to hash the issue out. The TIA program, if fully implemented, would link databases from sources such as credit card companies, medical insurers and motor vehicles agencies with the intent of catching terrorists Opponents say that the TIA amounts to a domestic spying apparatus and the most far-reaching government surveillance plan in history. The TIA program, to be funded by the Defense Advanced Research Projects Agency (DARPA), came under further scrutiny after the FBI indicated it wanted to use TIA domestically against U.S. citizens. In a statement posted in December on the TIA web site, the Defense Department defended the project as privacy neutral. The statement may be found at http://www.darpa.mil/iao/iaotia.pdf

The Organization for the Advancement of Structured Information Standards (OASIS) has announced the Universal Business Language (UBL) initiative, intended to promote standardized document formats to ease information exchange between companies. OASIS is an industry standards group whose members include technology providers and companies using Extensible Markup Language (XML) for business applications. The draft UBL proposals specify document formats for generic business operations, such as placing an order or sending an invoice. The UBL standards effort would allow computers to read and exchange documents automatically without complicated reformatting. OASIS expects that the documents would also be readable by workers in a variety of business functions. The draft UBL proposals may be found at http://oasis-open.org/committees/ubl/lcsc/0p70/

On January 27th, U.S. District Judge J. Frederick Motz struck down consumer antitrust lawsuits filed against Microsoft in Connecticut, Kentucky, Maryland and Oklahoma, finding that the laws in those states do not allow consumers to collect damages from Microsoft unless they purchased the software directly from the company. Judge Motz is overseeing many of the consumer lawsuits, as well as civil cases filed by Sun Microsystems, Inc., AOL Time Warner, Inc. unit Netscape Communications, Be Incorporated and Burst.com. In the class-action cases before Motz, the plaintiffs allege Microsoft abused its monopoly power to prevent competition in the market for personal computer operating systems, leveraged its Windows monopoly to obtain monopolies in the markets for word processing and spreadsheet software and used its monopoly positions in these markets to overcharge purchasers of Windows, Word, Excel and Office software. Further information may be found at http://www.siliconvalley.com/mld/siliconvalley/5045654.htm?template=contentModul es/printstory.jsp

In late January, the "Sapphire" worm (also known as "Slammer") shut down some Bank of America Corp. ATMs, corrupted Continental Airlines' online ticketing system and essentially blacked out an emergency call center in Seattle, where computers slowed almost to a halt. It also cut off access to the Internet for millions of personal computer users, including most of South Korea. Using a well-known flaw in a Microsoft Corp. database program, the fast-spreading worm overwhelmed computers with data. Many other systems quickly suffered ancillary effects as packets of information seeking ways around the vulnerable machines backed up in the resulting congestion. While similar in many ways to earlier worms, Sapphire raises new questions about how companies and government agencies are linking critical networks and computer systems to the Internet, creating potentially dangerous interdependencies. The worm also highlighted the chronic problem of getting system administrators to patch their systems, even when vulnerabilities are well known. Information about the worm may be found at http://securityresponse.symantec.com/avcenter/ venc/data/w32.sqlexp.worm.html

On January 23rd, the government introduced a new web site to increase public participation in the policy making process. The site catalogs all federal regulations open for comment and provides the opportunity for users to express their opinions. For the moment, users may submit their own comments, but may not see the comments of others, nor is any background information on the proposed regulations offered. More than 4,000 regulations per year are promulgated by more than 160 government agencies. The site may be found at http://www.regulation.gov

On January 27th, the owners of the Kazaa file-sharing network filed a counterclaim in response to a copyright infringement suit brought by major recording labels and movie studios. The suit charges that Sharman Networks, Ltd., the owner of Kazaa, illegally provides free access to copyrighted music and films to millions of Internet users in the U.S. The counterclaim came two weeks after U.S. District Judge Stephen V. Wilson dismissed Sharman’s claim that it could not be sued in the U.S. because it is based in Australia and incorporated in the South Pacific nation of Vanuatu. Wilson held that Sharman was subject to U.S. copyright laws because it has substantial usage by Californians and its actions are alleged to contribute to commercial piracy within the United States. Sharman's counterclaim alleges copyright misuse, monopolization, and deceptive acts and practices. Sharman seeks a jury trial, damages, attorney fees and a permanent injunction against the entertainment industry so that it cannot enforce its copyrights against any person or entity. The decision dismissing Sharman’s claim that it could not be sued in the U.S. may be found at http://www.politechbot.com/docs/kazaa.jurisdiction.ruling.011003.tif

On January 16th, the Electronic Privacy Information Center (EPIC) won a federal court ruling that rejects the Defense Department's attempt to impose financial obstacles to EPIC's requests under the Freedom of Information Act. The U.S. District Court for the District of Columbia ruled that EPIC is entitled to preferred fee status and ordered the Department to expeditiously process EPIC's request for information on the Total Information Awareness program. The decision may be found at http://www.epic.org/open_gov/foia/fees/EPICvDOD_decision.pdf

On January 27th, the 3rd Circuit Court of Appeals issued a new Internet jurisdiction decision ruling that a commercial and interactive site alone is not sufficient to assert jurisdiction. The court held that "there must be evidence that the defendant purposefully availed itself of conducting activity in the forum state, by directly targeting its Web site to the state, knowingly interacting with residents of the forum state via its Web site, or through sufficient other related contacts." The decision in Toys R Us v. Step Two SA may be found at http://caselaw.lp.findlaw.com/data2/circs/3rd/013390p.pdf