On the difficulties of defining intangibiity. Paypal seems to be having a hard time coming up with a policy.

« I’m selling an online account and I’m going to be shipping the buyer a password to the account. »
« OK, I can tell you now then that that would not be covered. »
« Why not? »
« Because it’s a virtual item. »
« But I’m not shipping a virtual item, I’m shipping a piece of paper or a floppy disk with a password for the virtual item. »
« But you’re not selling the password, you’re selling the virtual item, which is not a tangible good. »
« Well, neither is a football game. Football games are not tangible goods. »
« But you’re not selling the football game, you’re selling the tickets, and those are tangible. »
« So is the piece of paper I’m sending to my buyer. »

[Thanks Fizzz]

The Copyrights Cuffs by Jonathan Zittrain in CIO magazine.

On « Why we should care who gets the merchandising deal from a movie or the song tie-in on a variety show ».

[thanks Brightblue]

Made the mistake of checking technorati before going to bed… Bad idea… 🙂

Brightblue brought the Puretracks [Google news search] launch to my attention this morning. It is a new online music store containing songs licensed for sale in Canada.

We knew it was coming… The corollary is the CRIA press release on the licensing deal.

Frank asks: « What does this mean for all the fees collected on Canadian recording media? ». He’s not alone asking.

At the Ottawa Symposium, the counsel for CRIA refuted allegation that sums perceived through the tariff were not redistributed. (I’ll try to find the exact moment in the video and update this later). This is touchy subject as many labels and artists feel they are not getting their cut.

The tariff is meant to compensate for private copying. That is, copying in certain circumstances without a specific licence to do so. If I read correctly (I can’t try the Puretracks service for myself right now) Puretracks allows a user to burn a file 3 times to a CD and transfer (I assume they mean copy) a file an unlimited number of times to a portable device. Interestingly, files can be downloaded twice and you can apparently backup and restore the licence file that your computer uses to manage the DRM restrictions.

If I burn a Puretrack file to a CD-R, I’m using the blank media for a purpose that was not considered when the tariff was put in place: I’m using a CD-R to create an audio cd (or a MP3 cd) filled with licensed music. If the use of such systems becomes widespread, we could reasonably expect a reduction in the tariff for CD-R, since a lower percentage of total CD-R sales will be used for private copying purposes and since songs sold online can’t be privately copied due to DRM. Or we could aim for a more realistic goal: avoid including portable devices in the tariffed goods since most of the portable players have some sort of DRM built-in to shape their practical uses and consumers owning those devices are more likely to be the main users of online music stores.

Should the tariff be abolished? Should I get a refund for the 100 CDs spindle sitting on my desk waiting for the backup announcing the installation of yet another big cat? (Well yes, of course!)

I certainly feel the levy reduction argument should be brought to the table during the debate on future modifications of the tariff. I would guess the strength of that argument will depend on the success of online music stores, the perception of the usage that is made of such music (portable devices, PC-based listening, CD burning, DRM hacking, etc.) and public awareness of the success and the amounts of money collected under the current tariff. Similarly, the introduction of copy-protected/broken CDs that impede private copying should be taken into account also as these CDs can’t be copied and therefore shouldn’t benefit from the tariff. This logic actually applies to DRM protected files too, as noted above.

Considering all the debates on collective licensing, I believe the private copying regime is a valuable tool that should not be abolished, but it must be able to adjust itself to the current situation.

I have finally posted my quick and dirty notes for the Comparative IP and cyberspace law symposium. Check them out, with the videos, in the monthly archive.

Saturday 16h00 [Video]

Moderator: Philippa Lawson

Speakers:

• Art Cockfield, Developments in Canadian Privacy Law
• Jonathan Weinberg, RFID Tags and Privacy Law

Nope, no notes on this one. it was good though. The Canadian privacy landscape is a weird one, but it’s better than having none I guess. I still feel statutory damages would really help this body of laws to get credibility though since actual losses are so hard to measure.

The RFID could modify the very concept of fungible goods. With Walmart imposing the use of RFID by it’s suppliers, there are just too many good things about that technology to prevent it from becoming widespread. Now will someone make a cue:CAT to read them?

Saturday 13h45 [Video]

Moderator: Michael Geist

Speakers:

• Ian Kerr, People Like Us
• Dan Hunter, Cyborg and Virtual World

This panel was very different from the rest of the symposium. It left me in a very meditative and dreamy state, due to both the topics and the schedule. Far fetched in many ways, but I always feel far fetched theories and hypothesis is what helps me to test my ideas in the field of cyberlaw. Therefore I feel it provided very good food for thoughts.

DH: The young inventor and the emperor of China: in compensation for the game of chess, the inventor asked for 1 grain of rice, doubled on each square.

Moore’s law: transistor density, the singularity…

Possibility of digital buddies.

Californication of commerce: various application of AI in ecommerce.
Aristotle, Descartes, Babbage/lovelace

Gilbert Ryle, Norbert Weiner, Turing, Deep blue, Kurzweil, Weizenbaum (Eliza)

Nativeminds.com and Nicole.

ELLEGirlBuddy (smarterchild/activebuddy)

Marketing push to create word of mouth/relationship. Virtual trust, virtual frienship.

Concerns: consumer law: truthful information, complete information, privacy implications.

An approach might be translating what we know about psychology into machine language and use that to obtain info about someone.

 Saturday 11h45 [Video]

Moderator: Jane Bailey

Speakers:

• Richard Gold, « The Reach of Patent Law and Institutional Competence »
• Jonathan Zittrain, Writing the Rules of War Between Free and Proprietary Software

RG: Patent and biotech. Talking of jurisdiction issues over questions of patent eligibility.

Don’t confuse eligibility, applicable to a class of inventions, with patentability, applicable to a particular invention.

Theories:

• It is question statutory interpretation only

  Hinges on the interpretation of « invention »: cannot limit to eligibility to what is known because then it’s not an invention

  Therefore, what is unknown in an invention unless legislature specifically says otherwise. BAD ARGUMENT: confuses a particular invention with type of invention.

• It is a technical and morally neutral

  To refuse a patent would be futile because in itself would not stop the invention bieng put to practical use.

  Patents may lead to accountability and spillover effects

  The very fact of allocating property rights alters the burden of persuasion re: limitation on use of invention

  Patents may provide holders with power over non economic decisions.

• It is essential to promote innovation. Courts should withold patents only when legislation specifically restricts it.

  Starting principle is that knowledge ought to be free unless a good reason exists to put it under private control.

  Lack of empirical evidence showing that patents actually encourage innovation and dissemination.

Example given using the reaction to the Harvard mouse.

JZ.

JZ is not behind the podium, he prefers to do his stuff standing in front. Just watch the video, he is, as always, a great speaker.

Today’s fire: free and proprietary software.

Software: lowers the barrier of entry for « inventors » (and explains bad software).

Taxonomy of software:

• Public domain
• Free (copyleft)
• Proprietary.

Analogy of the models using a cake/recipe metaphor. Software: it’s a cake, you eat it and it’s good.

But the recipe is usually given for public domain cakes. You always get it for Free cakes. Most often not for proprietary software (they could give you the recipe though and say if you do anything wth it you go to jail).

Licence terms: nope for public domain. Free: GNU licence. JZ give a How do deal with RMS 101. Viral threath, way overplayed: if you include GPL by accident, you never agreed to it, it’s only infringement and the viral clauses don’t apply to your proprietary code. Proprietary: well.. you all know how this goes.

SCO v. IBM.

Things at stake:

• 1. Free software is a way of producing social benefit. Not universal, but it matters in many areas. Yet because of work for hire agreements, there might be unvanted contamination.
• 2. Free software is too tasty a target for lawyers. e.g. easier to audit free software than proprietary software when stolen code is hidden.
• 3. Comparative IP and cyberlaw.
  Many people are trying to choose between linux and MS in LDCs. Or Linux and pirated MS. Attempt by MS and others to kill Free software so they don’t have to compete with it.

Saturday 10h15 [Video]

Moderator: Jane Bailey

Speakers:

• Joel Reidenberg , States and Internet Enforcement
• Jennifer Chandler , Internet Security

JC: Was infected by Blaster. It required no positive action by user: passive failure to patch.

Monetary losses from a general point of view, loss of confidence in a supposedly efficient system. 200 billion US$ is a figure often quoted for damages caused by security failures.

Not merely economic losses: also a problems when it affects critical infrastructure. e.g. power plants

Possibiliy of censorship on unpopular sites via DOS attacks. A risk in a digital democracy. It’s a concern to have: e.g. al jazeera english site during irak war. Hacking? Natural DoS?

She’ll focus on availabilty of ressources, in regard of distributed Dos attacks.

Underlying cause: bad software rushed to marked; users that do not patch, use a firewall, scan for viruses; ISPs that refuse to scan for zombies. The hacker who controls the zombies.

Going after the hackers and the ISPs is not her focus.

From the point of view of end users: patches are poorly written and tend to break stuff. People are weary. Rapid rate of patches. Fake security alerts that try to install trojans. Changes to licensing agreements. It’s an exterrnality problem: there are no consequences for you. It’s too much pain to patch though.

Solutions:

• Fine and disablement from ISP/corporate/school nwtwork.
• Liability of compromised users
• Mandatory automatic updates from MS

Biology analogies: crapware = innoculation to ensure we’re not too dependant on software that can, in the end, never be totally secure. Monoculture = vulnerable.

Liability of software developers:

• The target of DDoS has clean hands.
• The target has damages (usually high profile corp).
• The target has no contract with MS (or other corp).

a) you need a duty of care from the defendant (a duty not to create situations of unsual risk e.g. landlords liable for unsecure premises when there are attacks by 3rd parties).

b) peer economic loss, policy analysis

JR: Malicious code can be good: they offer the opportunity for states to focus on issues of jurisdiction.

The french Yahoo case: the failure by a country to enforce it’s democratically chosen policy is an abdication of it’s duties to it’s citizens.

Code == lex informatica

There has always been a policy injected into the architecture: ARPA and the Internet.

Public reengineering: ex ante automatic enforcment. DRM

.NET passport: collect data from users to manage passwords. MS was able to collect a mass of data. Legal in the US: no one care about privacy in the US. Problem in the EU. MS reengineered the product design.

Successful efforts to get Paypal to refuse to process payment from online casinos

Porn in the US: CIPA. Architecture to enforce policy decision.

Using intermediaries as enforcers: DMCA notice and takedown, going after the money, orders to ISP to block sites.

Worms and viruses have police power. e.g. attacking MS update site. Spam blacklists being shut down by Ddos. Same devices could be used by states.

Tools:

• Electronic border: China’s firewall. Yahoo french border. Indias’s yahoo NG shutdown.
• electronic blocaderestrain violator: interception of packets
• electronic sanctions: actions to shut down/disable

We should aim for the least intrusive device to achieve sanctions: consider magnitude of threat relative to public order. Urgency of the threat. Effectivness of the tool. Identification of the ultimate goal

JZ asks: Should we block ports used by windows networking for example? Should the ISPs be allowed/encouraged to police their networks in that way?

The answer was not as concise and to the point than the question. It is indeed tough to find the sweet spot between end-to-end and attribution of liability (and the defensive measures by potentially liable parties).

Saturday 8h30 [Video]

Moderator: Michael Geist

Speakers:

• Peggy Radin, Property and Contract in the Digital Environment
• Vincent Gautrais, The Colour of Electronic Consent

PR: Regulation by contract, regulation by machines

• 1. legal and policy discourse

  Three streams of legal culture in confluence:

  • Propertization policy: more isn’t better. Too much is as bad as having too little.
    Shouldn’t assume legislative rules are in the common benefit and appropriate
  • competition policy: there is a barrier to market in order to lover barrier to market
  • Free speech: rethoric: commodified content that when propertized… […]

• 2. Court’s ingenious methods to get around the debate.

  Database protection: what is the anticompetitive branch » ebay, verio: invasion of hard drive, and harm and trespass. removing information that you don’t want your competition to get. Using state tord law to construct a database protection doctrine.

  Using contract to extend copyright:
  ProCD: 7th circuit. Not the law outside 7th circuit.
  Clickwrap/browserwrap.
  Which parts of the copyright regime are « default » and waivable. and which are inalienable? Should we impose mandatory rules/inalienable rules?

  We have to consider if treating the property regime as a set of default rule is itself a default rule and if society should consider changing that default rule.

  In a chicago perspective: Blanket non waivability for certain category could be less costly to judicial review of case by case basic. Mandatory arbitration for example.

• 3 cat for attention:
  • 1. waiving legal enforcement
  • 2. human rights
  • 3. rights that are politically weak (most likely to be undercut by interest groups and not protected similarly: e.g. fair use rights)

  The machine control is like an injunction. There is no choice to infringe and then ask for court review. Irreparable harm to recipied will be without recourse.

  DRM will make even non waivable rights irrelevant.

  Plea for limitation on such systems.

VG: my notes here are terrible again…

Ecommerce and contract law are a nascent field of law. There are new laws and new concepts to discover.

Technological neutrality is an unattainable target.

There are precedents in legislative redaction in order to adapt to techonology.
e.g. in the Quebec law, there are many neologisms, new concepts. It’s a law for engineers.

New economy contrats are often illegal. Old contract principles should still apply to electronic environments.

E-consent and legibility:

• The criterias to judge informed consent should be adapted:
  Legibility is different on paper and on screen.
  The relation between lenght of contract and speed of contractual process is disproportionate.

• Ethan Katsh: paper contract is an act. Electronic contract is a process.

E-consent and demonstration of will.

• Different means of expressing consent, both in the physical and digital world.

  Vincent is preaching to the choir.

• The click should be explicit and clearly significant.

In conclusion: the contract should be more formal to compensate the loss of the materiality of paper.
It appropriate to draft standard contracts to be drafted and approved.

The consumer, the weakest party, shoud be protected. The practice of manifesting consent in ecommerce is still problematic. We need to care about the consumer to enhance consumer confidence.

Both participants expressed concern with consumer choice and freedom of contracting.