For now, the "do not call" list appears to be on hold. In a dizzying few days, the U.S. District Court in Oklahoma ruled on September 23rd that the Federal Trade Commission (FTC) exceeded its authority by administering the "do not call" list without an express grant of authority from Congress. With blinding speed, Congress answered the ruling on September 25th by expressly granting the FTC authority. Also on September 25th, a federal judge in Denver declared the "do not call" list violated the First Amendment. U.S. District Judge Edward W. Nottingham said the registry was unconstitutional on First Amendment grounds because it would have allowed telemarketers for charitable groups to call numbers on the list even though commercial telemarketers could not. By exempting charitable solicitations, the FTC "has imposed a content-based limitation on what the consumer may ban from his home . . . thereby entangling the government in deciding what speech consumers should hear." According to the ruling, "The First Amendment prohibits the government from enacting laws creating a preference for certain types of speech based on content, without asserting a valid interest, premised on content, to justify its discrimination." The FTC has, thus far, about 50 million people who have signed up for the "do not call" list, which had been slated to become effective October 1st. The FTC has announced that it will appeal the Denver decision. Judge Nottingham’s opinion may be found at http://news.findlaw.com/wp/docs/ftc/mmsftc92503opn.pdf

On September 24th, the Federal Trade Commission (FTC) announced that VeriSign had settled charges that its Network Solutions unit had tricked consumers into registering domain names with its service. Under the settlement, Network Solutions is prohibited from falsely stating that a domain is about to expire, or that a domain name transfer is a renewal. VeriSign must also pay consumers who were subjects of the alleged scheme under terms of a class action lawsuit settled previously. Further information may be found at http://www.ftc.gov/opa/2003/09/networksolutions.htm

On September 18th, Popular Enterprises LLC, operator of the Netster.com search site, sued VeriSign over a controversial service that sends Web users to a VeriSign search page if they enter a nonexistent Web address. The suit, filed in the U.S. District Court for the Middle District of Florida, seeks an injunction barring VeriSign from running the Site Finder service as well as damages of up to $100 million. VeriSign controls the main database of .com and .net domain names. On September 15th, the company added a "wild card" to the databases, sending Web users who enter a nonexistent .com or .net address to Site Finder, a new VeriSign search service. The suit accuses VeriSign of antitrust violations, unfair competition and violations of the Unfair Trade Practices Act. The complaint may be found at http://search.netster.com/about/lawsuit.asp

On September 22nd, U.S. District Court Judge Colleen Kollar-Kotelly awarded $967,014 to the Massachusetts attorney general’s office in the Microsoft antitrust case. The amount was less than half of what Massachusetts had asked for. Massachusetts is the only state continuing to seek harsher penalties against Microsoft. The court’s order may be found at http://www.dcd.uscourts.gov/98-1232dq.pdf

California's new anti-spam law, signed on September 23rd, is scheduled to take effect on January 1, 2004, but has already been called vulnerable to legal challenges, including First Amendment grounds or arguments based on the law’s interference with interstate commerce. Also, many of the anti-spam bills now pending in Congress would preempt more stringent state laws. The new law outlaws sending most commercial e-mail messages to anyone in the state who has not explicitly requested them. That makes it the most wide-reaching law of any of the 35 other state laws meant to regulate spam or any of the proposed bills in Congress. The law, which also prohibits companies inside the state from sending unsolicited e-mail to anyone outside the state, imposes fines of $1,000 for each message, up to $1 million for each campaign. Proponents of the law say it will be more effective than many anti-spam laws because it gives people the right to file private lawsuits rather than depending on state prosecutors. The text of the law may be found at http://www.spamlaws.com/state/ca1.html

On September 22nd, the Electronic Privacy Information Center (EPIC) filed a complaint with the Federal Trade Commission (FTC), asking it to prosecute JetBlue Airways for secretly giving the names of more than a million passengers to the Defense Department as part of an anti-terrorist screening program. According to the complaint, JetBlue violated a promise to maintain customer privacy when it gave the passenger information to a military contractor in 2002. JetBlue apologized last week for handing over passenger names, addresses and phone numbers. It is alleged that defense contractor Torch Concepts crossed passenger lists with additional personal information such as Social Security numbers and income levels in a data-mining program to determine whether passengers could be assessed for a security risk. Data aggregator Acxiom, which provided the additional information, was also named in the EPIC complaint. EPIC also asked the Federal Aviation Administration, the Army and the Transportation Security Administration for further information about the anti-terrorism program. A copy of the complaint may be found at http://www.epic.org/privacy/airtravel/profiling/jetblue/ftccomplaint.html

The August 29th arrest of the teenager who promulgated a variant of the notorious Blaster worm was of little comfort to computer users whose machines continued to spontaneously shut down and reboot. Various companies quickly pounced on the worm and developed deworming tools that would clear Blaster before it began rebooting again. Blaster first appeared on August 11th, quickly followed by the Sobig virus which flooded networks and mailboxes with spam. The author of the Blaster variant proved to be Jeffrey Lee Parson, 18, of Hopkins, Minnesota. He was arrested on one count of intentionally causing or attempting to cause damage to a computer. Parson is under house arrest and ordered not to have access to the Internet. He faces up to 10 years in prison and a $250,000 fine if convicted. Symantec’s information about the Blaster.B worm may be found at http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.b.worm.html

On August 27th, Earthlink filed suit against the so-called "Alabama Spammers," an unidentified group it alleges utilizes Earthlink to transmit massive quantities of spam. Earthlink is asking the court for an injunction and $15 million in damages against the defendants, who are accused of engaging "in a massive scheme of theft, spamming and spoofing," with the use of stolen credit cards and unauthorized use of Net access accounts. The suit was filed in the Northern District of Georgia, Atlanta Division. Earthlink said the name Alabama Spammers refers to the group's frequent use of phone lines in Birmingham to illegally connect to EarthLink Post Office Protocol accounts in that area. EarthLink said as many as 100 individuals could be involved in the spamming ring in Alabama and British Columbia, and they've sent as many as 250 million e-mail messages on its network. The suit gives Earthlink the ability to issue subpoenas to domain name registrars, mailbox companies and other third parties to help identify the spammers. EarthLink's John Doe suit claims that the Alabama Spammers used stolen or bogus credit card information to buy hundreds of dial-up Internet accounts and then used those memberships to send spam. Further information may be found at http://news.com.com/2100-1024-5069057.html?part=dht&tag=ntop

On August 26th, Amazon.com announced that it had filed 11 lawsuits against marketers who allegedly used its name when transmitting spam. Federal suits were filed in the U.S. and Canada seeking injunctions against the use of Amazon.com’s name in e-mail forgeries – the suits also seek millions of dollars in punitive damages. In addition, the company announced it is working with the New York Attorney General’s office to identify the spammers. Further information may be found at http://phx.corporate-ir.net/phoenix.zhtml?c=97664&p=IROL-NewsText&t=Regu lar&id=443386&;

On August 26th, the California Supreme Court ruled that Internet disclosures of trade secrets are not protected by the First Amendment. The unanimous decision reversed a lower court ruling holding that dissemination of trade secrets warrants Constitutional protection. The case involved coding designed to prevent consumers from making copies of DVDs. While the Supreme Court ruled on the general question of trade secrets, it did not resolve whether the DVD code was still a trade secret, leaving that question for a lower court to decide. San Francisco computer programmer Andrew Bunner had posted the code, developed by Jon Johansen of Norway, to circumvent DVD encryption technology in 1999 and, according to the movie industry, helped users freely replicate copyrighted movies. The DVD Copy Control Association, an arm of Hollywood studios, said it controls the encryption system, which scrambles data to prevent unauthorized copying. The association sued Bunner and others under California's Uniform Trade Secrets Act. A San Jose judge ordered Bunner to remove the decryption code from the Internet. But the 6th District Court of Appeal lifted the injunction, holding that protecting trade secrets is not as important as "the First Amendment right to freedom of speech." The Supreme Court reversed the decision in a 7-0 vote, saying an order to remove the code "does not violate the free speech clauses of the United States and California Constitutions." The decision in DVD Copy Control Association v. Bunner may be found at http://www.courtinfo.ca.gov/opinions/documents/S102588.PDF

On September 8th, Symantec announced Norton Antivirus 2004 would also include spyware detection capabilities as well as updated protection against complex viruses that use multiple points of entry to a victim’s computer and carry multiple payloads. Norton Antivirus 2004 will detect malicious software at its point of entry to a system, according to Symantec, scouring email and instant messaging (IM) attachments. In addition, the package will offer additional protection for users of Microsoft's Windows 2000/XP operating systems. It will scan for viruses hidden in compressed files, which often occurs in files sent over peer-to-peer networks or via IM tools. Two versions of the software will be released, with a standard edition aimed at consumers and a professional version marketed toward business users. Purchasers will also get free access to its LiveUpdate service, which checks for new antivirus updates and downloads them automatically whenever a user of the software is online. Norton Antivirus 2004 will cost $49.95, with Norton Antivirus 2004 Professional retailing for $69.95. Current users of Norton Antivirus and competitors' antivirus products will be able to upgrade to the applications for $29.95 and $39.95, respectively. The software will also be made available in multi-user packages with a retail price of $199.95 for five users and $399.95 for 10 users. Further information may be found at http://www.symantec.com/press/2003/n030908a.html

On September 17th, Paramount Pictures and Twentieth Century Fox sued Tritton Technologies, accusing Tritton of distributing software that can crack technology used to prevent unlawful copying of DVDs. The plaintiffs argued that Tritton's CopyWare software is designed to circumvent a copy-protection system called the Content Scramble System. The suit, filed in Manhattan federal court, seeks a court order stopping Tritton from distributing the software, DVD CopyWare. It also seeks unspecified damages. Three Web site operators that offer to sell various DVD-copying software are also named as defendants in the suit. The suit charges Tritton with violating the Digital Millennium Copyright Act, which bars creating or distributing technology that can be used to circumvent copyright protections on software, movies and music. Further information may be found at http://www.forbes.com/home_asia/newswire/2003/09/17/rtr1084626.html

On September 1st, a new Texas law makes it illegal to send unsolicited e-mail that uses misleading subject lines or offers unlabeled obscene material. The law also requires mass e-mailers to remove names from their lists within three days of being notified. Unsolicited advertising must carry the annotation "ADV:" in the subject line, and messages with sexual material must say "ADV: Adult Advertisement." Violators can be fined $10 for each mislabeled, unsolicited e-mail message, up to $25,000 per day. Critics call the law weak and point out that senders of junk faxes can be fined up to $500 per fax in small claims court, 50 times the penalty for a spam violation. Texans who wish to file complaints can do so online at http://www.oag.state.tx.us/index.shtml

On August 27th, the Second Circuit Court of Appeals ruled that a Vermont law couldn’t prohibit a nonprofit organization and the American Civil Liberties Union (ACLU) from publishing sexual information on the Internet. The court ruled that a law signed in 2000 by Vermont Gov. Howard Dean to curb Internet crimes against children was too broadly applied, violating the First Amendment. The ruling benefits the ACLU and the Sexual Health Network, a Connecticut-based nonprofit corporation that provides sexuality-related information for people with disabilities, illnesses and changes in their lifestyle. The ACLU Web site contains materials on subjects such as birth control, safe sex practices, gay and lesbian rights, abortion and sex education. Both organizations sought a court order to protect themselves from the effects of the new law. The decision in American Booksellers Foundation et al v. Howard Dean may be found at http://www.ca2.uscourts.gov

During 2003, over 150 spammers have joined The Bulk Club, an online service that provides tools, tips and a kind of support group for bulk e-mailers. Inadvertently, the membership list was left exposed on the site for a time, allowing visitors to ascertain that some of the biggest names in bulk e-mailing subscribe to the site. A sign-up page at the site states that, for a $20 monthly fee, Bulk Club subscribers get access to a variety of how-to articles, spamming software, a members' message board area, and "300,000 FRESH e-mails/week." Bulk Club subscribers have access to such files as a document about antispam associations, an article titled "How to Spoof," and summaries of state spam regulations. Harvesting e-mail addresses from Web pages and discussion groups, also known as "extraction," is the topic of 17 articles. The Bulk Club’s site may be found at http://www.thebulkclub.com

The notorious John Zuccarini, 53, was arrested by federal agents on September 3rd at a Hollywood motel. Authorities said that Zuccarini was running Web sites using misspelled addresses to direct children searching for Disneyland, the Teletubbies or Britney Spears to sex sites instead. This is reportedly the first prosecution in the nation under a provision of the new Amber Alert legislation that makes it a crime to use a misleading Web address to entice children to pornography. Zuccarini registered thousands of Internet domain names and was earning up to $1 million per year from them, much of it from sex sites that paid him when he sent Web users to their sites. Once there, Web users often encountered a maze of pop-up advertising called "mousetrapping," which sends up even more ads when surfers click the "Back" button on browsers or try to close the windows altogether. The Federal Trade Commission said Zuccarini has lost 53 state and federal lawsuits and has had about 200 Web addresses taken from him and transferred to copyright holders. The Amber Alert law allows for a prison sentence of up to four years. Further information may be found at http://www.siliconvalley.com/mld/siliconvalley/6683165.htm?template=contentModul es/printstory.jsp

According to the Federal Trade Commission’s (FTC) "Identity Theft Survey Report," released on September 3rd, nearly 10 million people in the U.S. were victims of identity theft in the past year. These crimes took a total of 300 million hours to correct and cost a total of $5 billion. The report estimates that 27.3 million people have, in the past five years, had their personal information compromised and used to fraudulently purchase products or services or to establish credit for someone else. Identify theft, according to the report, cost businesses $47.6 billion or $4,800 per victim. The average individual suffered losses and correction expenses of $500. The FTC's findings were based on a random telephone survey of 4,057 adults. The FTC report may be found at http://www.ftc.gov/os/2003/09/synovatereport.pdf

On September 4th, lawyers representing a woman calling herself "Jane Doe" filed a motion that seeks to retain her anonymity in an ongoing legal battle between communications providers and the music industry over Internet piracy. Lawyers say the motion is the first of its kind – it was filed in federal court in Washington D.C. on behalf of a Verizon Communications customer who has been accused of offering songs for free downloading on an Internet file-sharing network. Recently, the Recording Industry Association of America (RIAA) has issued more than 1,000 subpoenas to Internet Service Providers demanding the names and addresses of people who share copyrighted music online in order to sue them for copyright infringement. Verizon had tried unsuccessfully to challenge the RIAA from issuing subpoenas related to song-swapping on its communications network, but a court in June compelled it to turn over names. That decision has been appealed. Meanwhile Verizon said it was complying with the court by turning over names, though it first notifies its customers that the RIAA is seeking their identity and asks them to notify Verizon if they plan on challenging the subpoena. Verizon, believing it faced liability if it had turned over the woman’s name, asked the RIAA to deal with the woman’s attorneys directly. Instead, the RIAA filed a motion to compel Verizon to provide the name. Verizon has filed a motion in opposition to the RIAA’s motion. Further information may be found at http://news.com.com/2100-1027_3-5071699.html

On September 9th, Adrian Lamo, known as the "homeless hacker," surrendered at a U.S. courthouse in Sacramento, California. He was released to his parents after they posted a $250,000 bond. He is not allowed to use a computer. Lamo, 22, is facing two criminal charges, one relating to his confessed intrusion into the New York Times network and the other dealing with his alleged misuse of a Lexis-Nexis account. He also has claimed break-ins at technology companies including Microsoft, Yahoo and WorldCom (now MCI). Lamo has never deleted data or asked for money in exchange for identifying vulnerabilities. Lamo is charged with violating the Computer Fraud and Abuse Act, which penalizes anyone who "intentionally accesses a computer without authorization or exceeds authorized access" with fines and between one and five years in prison. Lamo became known as the "homeless hacker" by deciding not to hold down a permanent job and instead wandering the country on Greyhound buses, sleeping on friends' couches and camping in vacant or derelict buildings. His version of the story and a copy of the complaint filed against him may be found at http://www.freelamo.com

On August 28th, U.S. District Judge Frederick Motz, of the Northern Division of Maryland, said that Microsoft must find backup tapes and servers containing the communications of six key executives in its Windows Media Strategy division. Streaming media company Burst.com, having sued Microsoft for allegedly purloining its video delivery technology, had listed 70 e-mails between the parties that Microsoft did not produce, but had once existed. Microsoft says it has cooperated in the discovery process and will continue to do so. Legal documents in the case may be found at http://www.burst.com/new/newsevents/legalactivity.htm

On September 5th, Microsoft announced that it would pay more than $23 million to settle an antitrust suit filed by a previous operating system competitor, Be. Microsoft did not admit wrongdoing in the settlement. Be had charged that Microsoft's anticompetitive efforts led to the company's destruction, with the software maker's efforts having stopped deals that would have put the company's operating system onto major name brand PCs. Be has said it would dissolve and return all its remaining assets to shareholders. The company's technology and much of its staff went to PDA maker Palm two years ago in exchange for $11 million in Palm stock. As part of the Palm deal, Be retained the rights to file suit against Microsoft. Further information may be found at http://www.microsoft.com/presspass/press/2003/sep03/09-05BeSettlementPR.asp

On September 8th, the Recording Industry Association of America (RIAA) announced that it had filed 261 lawsuits against alleged file swappers, charging them with "egregious" copyright infringement. RIAA said these suits are just the first wave of what could be thousands more lawsuits filed over the next few months. The suits mark the first time that copyright laws have been widely used against individual users, rather than operators of private servers or sites. More than 2.8 million copies of Kazaa (a file sharing software program) were downloaded in the first week of September, according to Download.com, a software aggregation site operated by CNET News.com publisher CNET Networks. A recent study by the Pew Internet and American Life Project found that 67 percent of people downloading music said they did not care whether the music was copyrighted or not. They may begin to care if the lawsuits continue. Under copyright law, violators can be held liable for up to $150,000 per violation and, according to the RIAA, most of the people sued in the current round of lawsuits were sharing 1,000 songs or more on the file-swapping networks. It is expected that most of the lawsuits will settle since few of the defendants are expected to have any credible defense. The suits were filed across the United States, and included users of Kazaa, Blubster, Grokster and several other file-swapping software programs. The RIAA also released details of an online amnesty campaign, offering file swappers amnesty if they turn themselves in before a suit is filed. Under the "Clean Slate" program, file swappers must destroy any copies of copyrighted works they have downloaded from services such as Kazaa, and sign a notarized affidavit pledging never to trade copyrighted works online again. Further information may be found at http://www.riaa.com/news/newsletter/090803.asp

On September 5th, U.S. District Judge Gerald Bruce Lee (Eastern District of Virginia) ruled that online pop-up ads do not violate trademark laws even if they cover up or appear beside unaffiliated Web sites, including those of competitors. Judge Lee found that users are responsible in part for such ads because they voluntarily agree to them, even if they do so unknowingly. The suit was filed in 2002 by U-Haul International, Inc. against WhenU.com, which provides users with free software such as games and screen savers but also comes with a program called SaveNow, which tracks Web traffic and claims to match a user’s surfing habits with particular advertisers. By so doing, a user visiting the U-Haul site might find a pop-up ad from competitor Ryder. U-Haul argued that WhenU violated its trademarks because the ads appeared when Internet users visit U-Haul's site, potentially creating confusion. In dismissing those claims, Lee wrote that the pop-up ads open "in a WhenU-branded window that is separate and distinct from the window in which the U-Haul website appears." Lee also rejected U-Haul's arguments based on copyright and other laws. Further information may be found at http://abcnews.go.com/wire/Business/ap20030908_1655.html

On August 28th, the 9th Circuit Court of Appeals ruled that an unlawful subpoena, which led to the online publication of internal emails, led to a violation of federal electronic privacy and computer fraud statutes. The court noted that the provisions of the federal electronic privacy act could be extended to individuals other than the computer owner harmed by unauthorized access to their data. The decision in Theofel v. Farey-Jones may be found at http://caselaw.findlaw.com/data2/circs/9th/0215742P.pdf

On August 28th, the 6th Circuit Court of Appeals struck down a Michigan state law regulating the sale and distribution of wine as unconstitutional. The statute was challenged by several distributors, including those that sell online. The court ruled that the law violated the dormant Commerce clause due to its discrimination against out-of-state wine sellers. The decision in Heald v. Engler may be found at http://laws.findlaw.com/6th/03a0308p.html

On September 2nd, the 9th Circuit Court of Appeal asserted jurisdiction over mail order and online retailer L.L. Bean in a suit launched by pop-up advertiser Gator. Although a district court dismissed the Gator suit on jurisdictional grounds, the appellate court overturned, ruling that it could assert jurisdiction on general jurisdiction principles since L.L. Bean is structured to operate a sophisticated virtual store in California. The court concluded by noting that "Businesses who structure their activities to take full advantage of the opportunities that virtual commerce offers can reasonably anticipate that these same activities will potentially subject them to suit in the locales that they have targeted." The decision in L.L. Bean v. Gator.com may be found at http://shorl.com/jebrytystyribru

The Bush administration has extended its agreement with the Internet Corporation for Assigned Names and Numbers (ICANN). A key change to the agreement establishes seven deadlines for ICANN to meet. The move is aimed at formalizing the process used to approve new top-level domain names, improving the accuracy of "whois" contact information, and making ICANN more accountable to the public. The Agreement may be found at http://www.icann.org/general/amend6-jpamou-17sep03.htm

On September 11th, the Florida Supreme Court ruled that public employees do not have to disclose private emails to the public, even when using government computers at work. The court unanimously ruled that the emails are not public documents simply because they are stored or created on government computers. The decision in Florida v. City of Clearwater may be found at http://www.flcourts.org/sct/sctdocs/ops/sc02-1694.pdf

The Washington Supreme Court, in the first known decision of its kind, ruled on September 11th that police require a warrant when using GPS to track a suspect's vehicle. The court refused, however, to overturn the murder conviction of William Bradley Jackson, who unknowingly led police to the shallow grave of his 9-year-old daughter in 1999. In that case, deputies had a warrant for use of the GPS, though prosecutors had argued that it was unnecessary. The decision in State of Washington v. Jackson may be found at http://www.courts.wa.gov/opinions/index.cfm?fa=opinions.opindisp&docid=72799 6MAJ

On September 25th, California Governor Gray Davis signed the Electronic Waste Recycling Act, which imposes fees on computer monitors and television sets to fund recycling efforts. This is the first act of its kind in the U.S. and imposes a point-of-sale fee of $6 to $10 per device. The Act will go into effect on July 1, 2004. The Act addresses the presence of certain chemicals found in devices that use cathode ray tubes (CRTs), flat-panel screens or other video displays larger than four inches. Substances including mercury, lead and brominated flame retardants, though not harmful while the device is in use, are thought to be hazardous to individuals and the environment if the gear is improperly disposed of. The Act also requires makers of televisions and computers to phase out the use of hazardous materials in their products and prohibits the export of e-waste to developing nations, unless safety standards at the destination match those set by California. In addition, manufacturers will have to report every two years on their efforts to reduce those materials and to increase the recyclability of their products. The text of the Act may be found at http://www.leginfo.ca.gov/pub/bill/sen/sb_0001-0050/sb_20_bill_20030912_enrolled .html