Posted on August 16, 2010 in IP by View Comments

Website privacy policies can be complicated and confusing. The lack of a standard in both presentation and terminology makes it difficult for the average consumer to understand a website’s privacy policy, an understanding which is necessary to make an informed choice whether to use a particular website’s services. In A “Nutrition Label” for Privacy, Patrick Kelly, Joanna Bresee, Lorrie Cranor and Robert Reeder present a way to display online privacy policies in a consumer friendly manner in the spirit of the ubiquitous nutrition label.

The authors’ proposed label, the “Privacy Nutrition Label”, uses a grid to display the privacy policy with the rows displaying the types of information collected and the columns showing how the information might be used and to whom the information might be shared. A privacy symbol is displayed in the intersection of each row and column representing the severity of the privacy practice. The label consists of ten rows of information collected with five ways of using the information and two outlets for sharing the information totaling seventy cells, each displaying a privacy symbol. This is a large amount of information to sort through no matter how cleanly organized. Multiply this by every website that you might interact and do business with and it only gets worse. I personally prefer an earlier iteration of the authors’ label, the “Simplified Label”, which displays the privacy policy in a series of Yes/No statements. Although it lacks the detail of the grid and may exaggerate the permissiveness of the policy because of grouping categories together for simplicity, it is easy to understand and quick to read. A possible compromise might be to allow the Yes/No statement to be expanded into a more detailed breakdown if the user feels the policy is too permissive and wants to know more about it.

Privacy Nutrition Label
Simplified Label

The authors’ project is a great start to simplify privacy policies but should be expanded to address two more concerns, the permanency of the information collected and mutability of the privacy policy. The first issue is simply how long the company will store the information collected about you. If I purchase a book from an online seller, how long will the company keep my credit card information? How long will it keep my address and phone number? This can be addressed simply by supplying a column in the “Privacy Nutrition Label” to display the length of time data is kept or a time range in the “Simplified Label” that can be expanded for more detail if desired. The second issue addresses what happens when the company changes its privacy policy. Will the company notify the consumers whose information the company has already collected when it makes a change to the privacy policy? How will the consumers know the policy has changed otherwise? What happens to the information already collected? Will that information now be subject to the new terms? A Big Mac purchased under the “terms” of one nutrition label is not going to be retroactively affected if McDonalds changes the recipe at a later date whereas data residing on Facebook might. The solution to this is a mechanism to show how and when a policy has changed.

The has developed to address this very issue. TOSBack monitors the privacy policies of various websites and publishes the changes made to those policies. Something like this would be very helpful if incorporated into the privacy label itself to allow the consumer to see a policy change when revisiting a particular website. This of course would not help a consumer who uses a website for a one-time purchase and never returns but it is a start.

A larger problem with the privacy label project in general is with its adoption. A project such as this is only as useful as the size of its implemented base. Moreover, companies must agree on how to implement it. It would defeat the purpose to have different companies presenting their privacy labels differently, such as using different colors or symbols for privacy statuses. Such inconsistencies would only further complicate and confuse the consumer. Maybe this is a case where government regulation would be helpful. A regulatory agency such as the Federal Trade Commission could ensure that the use of such labels were widespread as well as preventing the proliferation of dissimilar privacy labels.

Overall the authors’ project is a noble one and one that I think whose time has come. Consumers deserve to understand the policies surrounding the data collected about them without having to struggle through pages and pages and legalese. The keys to the project’s success are adoption and standardization, without which the project is simply a great idea.

Posted on August 2, 2010 in IP by Comments Off

When Shepard Fairey (“Fairey”) first sought a Declaratory Judgment against The Associated Press (“AP”) regarding Fairey’s use of an AP photograph, the Fair Use Project at the Stanford Law School Center for Internet and Society took the case representing Fairey. The heart of the case was whether Fairey’s use of the AP photograph fell within the “fair use” exception of the copyright law, insulating Fairey from a possible copyright infringement claim brought by AP.

The purpose of copyright law is to spur innovation and creativity by granting some protection to a creator’s works thereby giving the creator an incentive to create. Because copyright law restricts the free speech rights of others, the “fair use” exception provides balance by allowing others some access to copyrighted works so that they may create new works based upon them. As conveyed by Justice Story, “[i]n truth, in literature, in science and in art, there are, and can be, few, if any, things, which in an abstract sense, are strictly new and original throughout. Every book in literature, science and art, borrows, and must necessarily borrow, and use much which was well known and used before.” Simply put, innovation is the building upon the foundation laid by those before us.

Fairey’s case appeared to be a good test to clarify “fair use” doctrine at a time in which digital technologies have proliferated the creation of transformative works. Fairey used an AP photograph as the foundation for a graphic of Barak Obama that Fairey used in a series of posters. Fairey’s use appeared capable of passing the courts’ implementation of the “” evaluation (purpose and character of use, nature of copyrighted work, amount and substantiality of use, and effect of use on potential market) because the highly transformative nature of Fairey’s work might have propelled it beyond reach of the other factors. Unfortunately, the case was tarnished by Fairey’s actions resulting in the withdrawal of Fairey’s attorneys and the suggestion by the judge hearing the case for the parties to settle. This does not bode well for Fairey’s case.

So what went wrong?

Fairey originally claimed that he used an AP photo containing images of both George Clooney and Barack Obama as a reference in creating Fairey’s artwork and specifically denied using an AP photo of Obama alone (the “Obama photo”). However, Fairey later claimed that there was some confusion over which photo was used and that he actually did use the “Obama photo”. The photo used was relevant because, in general, the less one uses of a copyrighted work, the better the case is for “fair use.” If Fairey used the photo of Clooney and Obama, the amount of the copyrighted work used (roughly half) would have been less than had Fairey used the entire “Obama” photo as the reference. However, even the complete usage of a copyrighted work does not necessarily preclude “fair use” so while using a different photograph might have helped the case, Fairey’s usage may have still been ruled “fair use” nonetheless. That was before Fairey’s next move.

Rather than informing his attorneys of the error, Fairey attempted to cover it up by erasing the computer files that were used to make the graphic from the “Obama photo.” Fairey went so far as to create new documents using the AP photograph of Clooney and Obama in order to support his claim of using that photograph. Destruction of evidence and deceit does not bode well when defending a “fair use” claim and it is arguably what may decide this case.

This is because the Supreme Court has stated:

Also relevant to the “character” of the use is “the propriety of the defendant’s conduct.” “Fair use presupposes ‘good faith’ and ‘fair dealing.’”

Harper & Row Publishers, Inc. v. Nation Enterprises, 471 U.S. 539, 562 (1985) (quoting 3 Nimmer on Copyright § 13.05[A], at 13-72 and Time, Inc. v. Bernard Geis Associates, 293 F. Supp 130, 146 (S.D.N.Y. 1968)).

So what exactly is good faith? As my contracts professor once said, good faith is not defined so much as what it is but rather what it is not. That is, good faith is the absence of bad faith.

Despite the Supreme Court’s affirmation of the relevance of good faith in “fair use” evaluations, the courts have not agreed upon how much weight it should be given. In the case cited by the Supreme Court in its affirmation, the Southern District of New York Court ruled that the defendant’s use was “fair use” because the “fair use” was strong enough to discount the defendant’s bad faith in appropriating the materials (which could have been appropriated by other means). Time, Inc. v. Bernard Geis Assoc., 293 F. Supp. 130 (S.D.N.Y. 1968). The Supreme Court, in its own case at hand, ruled against the defendant, in part, because the defendant was trying to “scoop” the story out from under the plaintiff who had legitimately licensed the story. Harper & Row Publishers, Inc. v. Nation Enterprises, 471 U.S. 539 (1985).

More recently, the Second Circuit ruled in favor of a defendant despite the defendant’s bad faith in obtaining the material in an unauthorized manner, stating that “a finding of bad faith is not to be weighed very heavily . . . and cannot be made central to fair use analysis.” NXIVM Corp. v. Ross Institute, 364 F.3d 471 (2nd Cir. 2004). The Second Circuit then stated that it awaits clearer guidance from the Supreme Court. Id. In another case, the District Court of Nevada contrasted the bad faith of the plaintiff with the defendant’s good faith stating that it added further weight in ruling for defendant’s fair use. Field v. Google, Inc., 412 F. Supp. 2d 1106, 1123 (D. Nev. 2006).

Although the impact of good faith may not be predictable in Fairey’s case, keep in mind that the good faith discussions in most of the above cases have been centered on the acquisition of the material. Fairey’s destruction of evidence and deceit are of a different type entirely and may prove to be the deciding factor.

Posted on July 8, 2010 in IP by View Comments

A district court recently ruled that YouTube was insulated from copyright infringement claims made by Viacom for content that was uploaded by YouTube users. The judge ruled that YouTube was protected by the safe harbor provision of the Digital Millennium Copyright Act (DMCA) which provides immunity to Internet providers who allow users to upload content as long as the Internet provider promptly removes copyrighted content when notified by the copyright owner.

With this ruling, free speech on the Internet has also been protected. Randy Tyler, in an ACLU of Washington blog, writes that without this decision,

the Internet could devolve into a series of tubes in which access is restricted to a few, select, familiar faces. My request to share this blog would be impossible if YouTube and related sites were not covered by the DMCA safe harbor, because this blog is copyrighted and social networks would be subject to potential infringement claims. In fact, blogs and social networks might cease to exist.

This is because if Internet providers were liable every time one of their users uploaded copyrighted content,

providers would simply censor everything. The outcome would be disastrous for free speech online. The burden of reviewing all submitted content to determine whether it infringed a copyright would be too costly. Providers would either create heavy-handed rules to limit content-creation, or they would enter into agreements with certain content creators and allow only those entities to upload content. Either result limits free speech.

Stay tuned as Viacom has appealed the decision.

Posted on June 28, 2010 in IP by Comments Off

Bernard Bilski developed a method for managing risk in the commodity market, like the energy market where prices may skyrocket during a severe winter. Bilski’s idea was to introduce a third-party intermediary into the transaction who would purchase the commodity (e.g., coal) from the seller (e.g., coal mining company) at some fixed price, based on a historical average, and sell it to the buyer (e.g., power plant) at another fixed price. Since the buyer and seller’s prices are fixed, they are both protected from sudden price fluctuations and are not vulnerable to the risk inherent in the market. Bilski filed an application for a patent for his method, describing it in such vague terms that it could be applied to almost any transaction.

The U.S. Patent and Trademark Office (PTO) denied Bilski’s application because, according to the patent examiner, the method that Bilski developed was “not implemented on a specific apparatus and merely manipulates an abstract idea . . . without any limitation to a practical application” and therefore was not something that could be patented. The PTO’s appeal board and the U.S. Court of Appeals disagreed as to the proper test to determine what was patentable but agreed that Bilski’s method was not something that was eligible to be patented. The case now lies before the U.S. Supreme Court, whose decision may help clarify U.S. patent law and give guidance to the PTO and the lower courts.

The patent law statute allows an inventor an exclusive monopoly right for “any new and useful process, machine, manufacture, or composition of matter” (subject to some additional conditions). Determining what those categories encompass is a matter of interpretation left to the PTO and the courts. A business method, such as Bilski’s, is clearly not a “machine, manufacture, or composition of matter” and so must fall within the meaning of “process” in order to be eligible for a patent.

The U.S. Supreme Court had previously limited the broad meaning of “process” by excluding the laws of nature, natural phenomena, and abstract ideas from patent protection, stating that they are the “basic tools of scientific and technological work” and are “free to all men.” In upholding the decision against Bilski, the U.S. Court of Appeals recognized the meaning of “process” was limited and applied the “machine or transformation” test, used in an earlier U.S. Supreme Court decision, to determine whether a particular process is eligible to be patented. Under the “machine or transformation” test a process must either be tied to a particular machine or must “transform a particular article into a different state or thing.” The U.S. Court of Appeals held that Bilski’s method did not satisfy the first branch of the test because it was not limited to a specific machine (or even a machine at all) and it failed on the second branch of the test because transformations of “public or private legal obligations or relationships, business risks, or other such abstractions . . . are not physical objects or substances, and they are not representative of physical objects or substances.” The U.S. Court of Appeals insisted that processes must have some physical connection in order to be eligible for a patent.

During oral arguments to the U.S. Supreme Court, the Supreme Court Justices were not overly receptive to the idea of patenting intangible business methods either. Chief Justice Roberts compared Bilski’s method of hedging risk with a method for maximizing wealth where one buys low and sells high, and suggested that that would be patentable if Bilski’s method was. Justice Breyer asked whether his method of teaching antitrust law would be patentable, claiming “it kept 80 percent of the students awake” and “they learned things.”

The decision by the U.S. Supreme Court could have far reaching consequences apart from business methods because software also falls within the “process” category and would be subject to the same test.

Consider IBM’s patent on changing the color in an email message based upon the email’s destination and the cultural perspective of that region (U.S. 7,529,804). This patent gives IBM the exclusive right to change lettering appearing red, for instance, in an email originating from the U.S. to a different color when the email is destined to China, because whereas red might signal a warning in the U.S. it is considered good luck in China and might not impart the same level of importance.

Note that the issue is not with someone copying IBM’s source code and using it (that would be protected under copyright law). The issue is with preventing others from using the same idea that they might have developed on their own. This is because patent law allows the patent holder to prevent others from making, selling, using, or importing the patented invention even if the other person independently came up with the invention. This is especially relevant in the realm of software development where a multitude of simple processes have been patented. Any software developer could invest considerable amounts of time and money on a project only to inadvertently infringe upon one of the 200,000 software patents and have the project grind to a halt.

Even with a clearer test for patent eligibility the issue of software patents may not be resolved. A glimpse of what is yet to come may be found in the Amicus Briefs filed by Microsoft and Redhat. While both companies argue for a test where patents are tied to something physical, Redhat argues that such a test would exclude software whereas Microsoft argues that loading software on a computer changes the physical structure of the hard drive and would be sufficient to meet the requirements of the test.

Stay tuned.