Issue 70 April 2003	BYTES IN BRIEF® by Editors: Sharon D. Nelson, Esq. and John W. Simek Associate Editor: Amelia C. Hierholzer Editor Emeritus: G.V. Nelson 9500+ subscribers worldwide © 2001 Sensei Enterprises, Inc./Nelson & Wolfe. All rights reserved. This newsletter may not be reproduced or redistributed in any manner except with consent of the copyright owner. Distributed by Silver Law Inc. under license.

SUPREME COURT NARROWS TRADEMARKS' REACH

On March 4th, the U.S. Supreme Court unanimously curbed the scope of a federal trademark law, making it more difficult for trademark owners to win lawsuits over alleged infringements of their intellectual property rights. The case was brought by undergarment-vendor Victoria's Secret against a sex toy shop called Victor's Secret. The court said Victoria's Secret had not proven that the value of its trademark to identify its own stores or products had been reduced. Even if consumers recognize a word or phrase as a trademark, the court ruled, "such mental association will not necessarily reduce the capacity of the famous mark to identify the goods of its owner." Under the Federal Trademark Dilution Act, actions that effectively dilute the value and distinctiveness of the trademark can be punished. Dilution is defined as the "lessening of the capacity of a famous mark to identify and distinguish goods or services." The decision in Moseley v. Secret Catalog, Inc. may be found at http://supct.law.cornell.edu/supct/html/01-1015.ZS.html

On March 5th, the U.S. Supreme Court ruled that states may put pictures of convicted sex offenders on the Internet. In a separate narrow ruling, the court dismissed a challenge from offenders who argued they should be given the opportunity to prove they aren't dangerous to avoid having their pictures and addresses put on the Internet. This is the Supreme Court’s first review of Megan’s laws, named for 7-year-old Megan Kanka, a New Jersey girl kidnapped, raped and killed in 1994 by a convicted sex criminal who lived in her neighborhood. The cases, from Alaska and Connecticut, sought to balance the rights of offenders with the public safety interest in keeping tabs on people who may commit more sex crimes. The court came down on the side of public safety in the Alaska case, but left the door open for future constitutional challenges of Megan's laws in the second case. The court, by a 6-3 vote, rejected arguments from two Alaskan sex offenders who contended that they already served time for sex crimes before the Alaska registration law was passed and were punished a second time with the registry. The court said that the law is not punitive, and therefore it does not punish the inmates after the fact, noting "Our system does not treat dissemination of truthful information in furtherance of a legitimate governmental objective as punishment . . . The purpose and the principal effect of notification are to inform the public for its own safety, not to humiliate the offender." The decision in Connecticut Department of Public Safety v. John Doe may be found at http://www.supremecourtus.gov/opinions/02pdf/01-1231.pdf

On March 6th, the 3rd Circuit issued its second decision striking down the Child Online Protection Act (COPA) as unconstitutionally broad. The law would imprison commercial web site operators who do not keep sexually explicit materials from minors. The court found that the law prohibited a wide range of expression protected by the First Amendment and that it unfairly targeted legitimate web site owners. COPA makes it a crime to publish "any communication for commercial purposes that includes sexual material that is harmful to minors, without restricting access to such material by minors." The maximum penalty is a $50,000 fine, six months in prison and additional civil fines. The opinion in ACLU v. Ashcroft may be found at http://www.ca3.uscourts.gov/opinarch/991324.pdf

Jon Johansen, 19, was acquitted by a Norwegian court in January 2003 of theft charges after developing a computer program that defeated the copyright protection measures on DVD movies. "DVD Jon" had said that he only copied legally purchased DVDs using his program, and the court found this a permissible use. Prosecutors filed an appeal and the appeals court decided to hear the case. The new trial is expected to begin in the fall. Further information may be found at http://news.com.com/2100-1025-990583.html

On February 26th, the domain and web site www.isonews.com were surrendered to U.S. law enforcement pursuant to a federal prosecution and felony plea agreement for conspiracy to violate criminal copyright laws. Officials described the site, with more than 100,000 regular users and more than 140,000 hits each day, as the nation's leading public Internet site dedicated to online computer piracy. David Rocci, a.k.a. "krazy8," pled guilty in the United States District Court for the Eastern District of Virginia on December 19, 2002, to conspiring with others to violate federal copyright laws by illegally importing, marketing, and selling modification, or "mod," chips. Mod chips illegally circumvent built-in security protections and allow individuals to play pirated games on game consoles, such as the Microsoft Xbox and the Sony Playstation2. Rocci and his co-conspirators used www.isonews.com as the exclusive outlet to sell their mod chips to individuals in the illegal warez market. As a result, the isonews website is now the property of the United States government. Individuals involved in this conduct face up to five years in federal prison and a fine of $500,000 for each count charged. By placing information about the legal action on the site, officials hope to send a message to other violators. Further information may be found at http://www.isonews.com/release.htm

The Internet Research Task Force (IRTF), the closest thing to an Internet governing body for technical issues, announced that it has formed an Anti-Spam Research Group (ASRG) to develop "a taxonomy of the (spam) problem and the proposed solutions." Chaired by Paul Judge, director of research and development at CipherTrust, an Internet security firm, the ASRG will seek to establish a more systematic, research-based framework for collaboration among those fighting spam. The first mission for ASRG is to define spam, itself a tricky task, before attempting to devise means for regulating spam. Further information may be found at http://www.irtf.org/charters/asrg.html

Serial child molester Brian DeVries, shortly to be released from a mental hospital, will have every move he makes tracked by a Global Positioning System device he will wear as an electronic tamper-proof ankle bracelet and carry like a lunchbox. If he were to approach an elementary school or another child-centric location, the device would sound a silent electronic alarm sent through a satellite in space. The warning, sent as a text message to a pager, could be transmitted from the satellite to the Florida company that makes the device, a state Department of Mental Health contractor, and the San Jose police. DeVries had confessed to molesting 50 boys and voluntarily had himself surgically castrated. Further information may be found at http://www.siliconvalley.com/mld/siliconvalley/ 5266395.htm?template=contentModul es/printstory.jsp

On February 28th, the European Union adopted a new law under which hackers and virus disseminators could receive jail sentences of up to five years. The new law seeks to harmonize existing national rules in the 15-nation European Union, where there are enormous gaps in laws. The law applies to anyone who illegally enters a computer network or server as well as those who author and spread computer viruses. Hacking and spreading viruses, when committed by organized criminals, will be punished with jail terms of not less than two years and no more than five years under the new law. Less serious offenses could result in jail terms of between one and three years. Further information may be found at http://news.com.com/2102-1002-990669.html

On March 3rd, Lindows announced that the trial in its trademark dispute with Microsoft has been delayed until December 1st. The U.S. District Court for the Western District of Washington has ordered Microsoft to produce more than 300 boxes of evidence to support its claims in the lawsuit, including documents from Apple Computer’s 1992 litigation with Microsoft. In that case, Apple sued Microsoft for copyright infringement claiming that the Windows graphical user interface mirrored the look and feel of its Macintosh desktop. Apple lost the suit. Lindows believes that the documents from the case show that terms "windows," "icons" and "menus" are widely used as generic terms by the computer industry. Lindows also believes that the evidence in that case will show that "windowing systems" were developed in the 1970s and 1980s before both Microsoft and Apple developed their own. Further information may be found at http://www.lindows.com/lindows_news_pressreleases_archives.php?id=45

Two federal judges have said that the Federal Bureau of Investigation (FBI) recklessly misled judges to get search warrants used in making more than 100 arrests for possession and/or distribution of child pornography. In both cases, judges threw out evidence gathered against defendants. On March 5th, U.S. District Judge Denny Chin in New York said that Constitutional safeguards cannot be relaxed simply because "the crimes are repugnant." On March 6th, U.S. District Judge Catherine Perry in St. Louis said "false information was recklessly included in the search warrant application." The investigation into child pornography was dubbed "Operation Candyman." Nearly identical search warrant applications were used throughout the country so the rulings may have great significance. The FBI had targeted members of Internet discussion groups on Yahoo, including one called "Candyman." According to court documents, the FBI misled judges into believing that those who used the Candyman site automatically received child pornography, which was not the case. Much of what went on in the Candyman site, which is no longer operative, was in fact constitutionally protected. According to Judge Chin, the vast majority of subscribers to the site elected to receive no e-mail. Further information may be found at http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2003/03/11/DD90960.DTL

On March 9th, Vector Capital announced that its Vector CC Holdings arm had signed an agreement with Microsoft to buy the company's 22.89 million preferred shares in Corel. The deal was expected to be completed by March 24th. Vector was to pay about 56 cents a share, bringing the total value of the deal to $12.88 million. Microsoft paid $135 million in October 2000 to acquire a 24.6 percent share of Corel, best known for its WordPerfect application and graphics software. Corel has posted significant losses in the past few years and has gone through several rounds of layoffs. On March 24th, Corel announced that it had signed a nondisclosure agreement with Vector Capital that will allow Vector to explore a takeover bid. Corel also said it has hired the Canadian investment bank CIBC World Markets to look for other possible bidders and to explore strategic options. Further information may be found at http://www.vectorcapital.com/corel/release030903.htm and http://www.corel.com/servlet/Satellite?pagename=Corel/Company/PressRoom/PressRel ease&id=1044393442588&prid=1047021704626

VISA USA announced on March 6th that it would prohibit merchants who accept VISA from displaying all but the last four digits of the credit card number on receipts. This is intended to thwart financial identity thieves who commonly gather such information from discarded receipts. VISA will instruct merchants to remove the first 12 digits of the card number and its expiration date by July 2006. New terminals with information masking set-ups will begin to be issued in July of this year. Further information may be found at http://www.usa.visa.com/personal/about_visa/newsroom/ press_releases/nr151.html

On March 7th, a jury ruled against an engineer's claims that two of the biggest security companies in the industry infringed on his patent covering technology contained in the SSL protocol. Leon Stambler, an electrical engineer, sued RSA Security Inc. and a number of other companies two years ago, claiming that a technology he patented back in the early 1990s is the basis for the Secure Sockets Layer protocol used in virtually every e-commerce transaction today. The trial took place in the U.S. District Court for the District of Delaware in Wilmington. Further information may be found at http://www.rsasecurity.com/company/news/releases/pr.asp?doc_id=1577

University of Texas student Christopher Andrew Phillips turned himself in to the U.S. Secret Service and has been charged with breaking into the school’s database and accessing 55,000 student records. Secret Service agents, pursuant to search warrants, seized several of Phillips’ computers and said they recovered downloaded names and Social Security numbers as well as the computer program used to access the university’s database. The database contains general information about students, faculty and employees at the university, including people's name, Social Security number, e-mail address, title, department name, department address and department phone number. A security flaw in the database's design allowed records to be accessed with a valid Social Security number. Phillips is alleged to have created a program that tried more than 3 million numbers, which resulted in approximately 55,000 records being found. Further information may be found at http://news.com.com/2102-1002-992732.html?tag=ni_print

DO NOT CALL LIST SIGNED INTO LAW

President Bush has signed into law a bill creating a national do-not-call registry. October 1st is when the registry goes into effect, but consumers can start enrolling in the registry online or by calling a toll-free number beginning in July. Telemarketers will have access to the database in September so they can update their call lists. The law authorizes the Federal Trade Commission (FTC) to collect fees from telemarketers to fund and enforce the do-not-call list. The FTC is working to harmonize state do-not-call lists with the national registry – over half of the states have their own list. Companies that violate the law will be fined up to $11,000 for each violation. Further information may be found at http://www.ftc.gov/opa/2003/03/trp.htm

Friends and foes of the controversial Digital Millennium Copyright Act (DMCA) will have a chance to express their opinions. The Copyright Office announced on March 13th that it will hold a series of public hearings over the next two months in Washington D.C. and California to determine what changes may be desirable to the section of the DMCA that restricts bypassing copy-protection schemes. The hearing dates in Washington D.C. will be April 11th, April 15th and May 2nd. The Copyright Office’s announcement may be found at http://www.copyright.gov/fedreg/2003/68fr13652.html?tag=nl/ The U.S. Copyright Office has also posted the comments it received on DMCA exemptions. The comments may be found at http://www.copyright.gov/1201/2003/reply/reply1.html

In its first courtroom test, Utah’s anti-spam law was dealt a setback when a judge dismissed a proposed class action lawsuit brought against Sprint Communications Co. The lawsuit had been filed on behalf of South Salt Lake resident Terry Gillman and accused the telecommunications giant of violating the Unsolicited E-Mail Act by sending him unsolicited advertising. Judge Denise Lindberg found that Gillman had given his permission to receive third-party promotional messages when he signed on to the Audio Galaxy Web site in April. That site sold e-mail addresses to other parties, including Sprint. Commentators noted that this may not have been a fair test of the statute since Gillman had, even if unaware, given some sort of permission online. Gillman requested his removal on May 14, 2002, from the e-mailing lists his visit to Audio Galaxy a month earlier had linked him to. Two days later, he received a Sprint ad, and on May 28th he filed suit. The court found his attempt to remove himself from the lists was technically insufficient to void the pre-existing business relationship. Further information may be found at http://www.sltrib.com/2003/Mar/03142003/business/38043.asp

On March 19th, the Internet Corporation for Assigned Names and Numbers (ICANN) announced that Paul Twomey, an Australian Internet consultant and former bureaucrat, would take over the leadership of ICANN on March 27th. Twomey succeeds Stuart Lynn, who headed ICANN during a time marked by controversy over ICANN’s secrecy and slow approval of new top-level domain names. Twomey, the first non-American to lead ICANN, has said it should focus on technical coordination but that its deepening involvement in policy issues like intellectual property, privacy, and law enforcement was inevitable. Further information may be found at http://www.icann.org/announcements/announcement-19mar03.htm

On March 25th, the White House announced that President Bush had signed an executive order that gives the government the authority to classify information about critical infrastructures such as the Internet. The order changes the definition of what the government may classify as confidential, secret and top-secret to include details about infrastructures and weapons of mass destruction. The order also makes clear that information related to "defense against transnational terrorism" is classifiable. In his executive order, which replaces a 1995 directive signed by President Bill Clinton, Bush said that information that already had been declassified and released to the public could be reclassified by a federal agency. The definition of what may be properly classified tends to become an issue when Freedom of Information requests are filed. The Executive Order may be found at http://www.whitehouse.gov/news/releases/2003/03/20030325-11.html?tag=nl

On February 27th, the Federal Trade Commission (FTC) announced that it had settled charges that Mrs. Fields Cookies and Hershey Foods Corporation had violated the Children’s Online Privacy Protection Act (COPPA). The companies were charged with collecting personal information from children without first obtaining the proper parental consent. Mrs. Fields will pay civil penalties of $100,000 and Hershey will pay civil penalties of $85,000. The separate settlements bar the companies from violating the Rule in the future and represent the biggest COPPA penalties awarded to date. COPPA applies to operators of commercial Web sites and online services directed to children under the age of 13 and to general audience Web sites and online services that knowingly collect personal information from children under 13. Both companies were also charged with failing to post adequate privacy policies, to provide direct notice to parents about the information they were collecting and how it would be used, and to provide a reasonable means for parents to review the personal information collected from their children and to refuse to permit its further use. Further information may be found at http://www.ftc.gov/opa/2003/02/hersheyfield.htm

On March 5th, Jerry Falwell lost his second bid to have the domain name www.jerryfalwell.com turned over to him. The U.S. District Court for the Western District of Virginia found that it had no jurisdiction over the case, which involved a Web site that parodies Falwell. The site’s creator, Gary Cohen, is a resident of Illinois. In 2001 Falwell filed a complaint against Cohn with the World Intellectual Property Organization (WIPO), alleging trademark violations, even though Falwell had never registered his name as a trademark. The WIPO rejected Falwell’s claims and Falwell sued Cohn, alleging trademark violations and libel. The court noted that Cohn lives in Illinois, is not licensed to do business in Virginia, has no office or employees there, owns no property in Virginia, and his message in no way targets Virginia residents. It also found that registration of domain names with a Virginia company is insufficient to establish jurisdiction. The decision in Falwell v. Cohn may be found at http://www.citizen.org/documents/FalwellDismissalOrder.pdf

The Center for Democracy and Technology (CDT) has released a new study of spamming tactics, which found the most successful methods of avoiding unwanted messages involved obscuring email addresses or hiding them altogether. For the past six months, the group baited spammers by posting a variety of e-mail addresses in different Web locations to glean some insight into where bulk e-mailers get their targets. The CDT report contains a list of suggestions for reducing the volume of spam a user receives. The report may be found at http://www.cdt.org/speech/spam/030319spamreport.shtml

In a ruling disclosed on March 5th, Administrative Law Judge James Timony said Rambus destroyed or failed to preserve evidence it should have retained and, because of that action, the company will have the burden of proving its innocence on some key allegations. The Federal Trade Commission (FTC) had filed antitrust charges against Rambus in June, accusing the company, which designs high-speed memory chips, of improperly patenting key computer chip technologies. It argued that Rambus had forfeited its right to a trial because the company had destroyed potentially incriminating documents. The judge refused the FTC’s request for a default judgment, but wrote "it is clear that Rambus should not be rewarded for its gross negligence concerning, or reckless disregard of, its obligation to maintain documents potentially relevant to litigation and (to) inventory those documents destroyed." Rambus has maintained that its document destruction was part of its regular document retention policy. The trial is slated to begin on April 29th. The complaint in the case may be found at http://www.ftc.gov/os/2002/06/rambuscmp.htm

On March 8th, a Texas state court in Tarrant County, Texas issued a temporary injunction blocking software vendor Farechase from scraping the American Airlines website for web fare information. The court relied on trespass to chattels and breach of the site’s user agreement in reaching its decision. Trial in the case is scheduled to begin on July 7th. The decision in American Airlines v. Farechase Inc. may be found at http://www.eff.org/Cases/AA_v_Farechase/20030310_prelim_inj.pdf

On March 21st, the Eighth Circuit Court of Appeals overturned a lower court decision and ruled that a law restricting junk faxes was constitutional. The court concluded that a 1991 federal law banning unsolicited fax advertising did not violate the First Amendment's guarantee of freedom of expression. Congress's goal of "restricting unsolicited fax advertisements in order to prevent the cost shifting and interference such unwanted advertising places on the recipient" was reasonable, a three-judge panel ruled. The decision in State of Missouri v. American Blast Fax may be found at http://www.ca8.uscourts.gov/opndir/03/03/022705P.pdf