--- Date: Tue, 7 Oct 2003 17:35:10 -0700 To: declan@private From: Lauren Gelman <gelman@private> Subject: SLS Center for Internet and Society Content-Type: multipart/alternative; boundary="============_-1146549181==_ma============" Hey Declan-- How about a one-time mailing to Politech of all the cool stuff we're doing this year... Two events we are hosting-- one on Computer Security and Vulnerability reporting 11/22/03, the other a Call for Papers for an Internet Privacy Symposium 3/13-14/04-- and v1.2 of our new cyberlaw newsletter "Packets." People who want more info can visit our website at cyberlaw.stanford.edu Thx!! ______________________________________ Cybersecurity, Research & Disclosure November 22, 2003 Stanford Law School http://cyberlaw.stanford.edu/security/ Stanford Law School's Center for Internet and Society will host a day-long exploration of the relationship between computer security, privacy, and disclosure of information about security vulnerabilities. This is the must-attend conference for researchers, academics, practitioners, government officials and CTO and CIOS interested in formulating disclosure practices or policies that would promote security research, constructive information sharing, remediation and commercial interests, and determining how such policies could be put into effect? Questions to be addressed include: * Does public disclosure of vulnerabilities motivate the vendor to release more secure software, and if so, does this benefit sufficiently outweigh potential risks that the information will be misused? * How can independent researchers be adequately compensated for the valuable service they provide to vendors and customers while encouraging responsible reporting? * Does the commercialization of security information promote security, or should reporting be an academic or governmental function? * What practices or policies facilitate communication between vendors and researchers. What should the researcher do? What should the vendor do? Should practices differ for small vendors, ISPs or website owners? * When does disclosure best promote security and minimize exploitations, and how much information should be disclosed at a given point in time, and to whom? * What policies or practices encourage the installation of patches? * How can disclosure policies promote computer security? How can we work towards consensus on such a policy? Encourage compliance with the policy? What would the policy include, and what are the security tradeoffs? Is there a role for regulation or government intervention in this area, or are market incentives sufficient? Register now at: http://cyberlaw.stanford.edu/security/ ________________ CALL FOR PAPERS A Stanford Law School Symposium: Securing Privacy in the Internet Age What legal regimes or market initiatives would best prevent the unauthorized disclosure of private information while also promoting business innovation? March 13-14 2004 Stanford Law School http://cyberlaw.stanford.edu/privacysymposium/ As individuals do more - shopping, talking, working - on-line, they leave private information behind in databases stored on Internet-connected servers. Companies store proprietary data on networked servers connected to the Internet. Computer security experts struggle to develop technology and best practices to protect this information from unauthorized intruders or inadvertent leaks. Are private initiatives sufficient to protect private and confidential information, or should the law allocate the responsibility of keeping the server secure, and if so, on whom? And will the imposition of this legal and economic burden impede further exponential advances like those the computer industry has made in the past decade? The Center for Internet and Society (CIS), part of the Law, Science and Technology Program (LST) at Stanford Law School announces an open call for papers addressing the ways in which application of various legal doctrines could induce software vendors, hardware companies and system administrators to adopt security-enhancing practices, report unauthorized disclosures of private information, properly value and remedy harm flowing from privacy breaches, while promoting vigorous competition and innovation. In the selection process, papers offering new perspectives, novel analysis, or innovative prescriptions will be given preference. Proposals from legal and other academics, economists, lawyers, scientists and technologists, as well as new voices are encouraged. Some suggested topics are posted on the conference website at: http://cyberlaw.stanford.edu/privacysymposium/ The event is funded by a generous grant from the cy pres fund established in the Supnick et al. v. Amazon.com, Inc. and Alexa Internet, Inc. litigation. We are able to offer free admission to the symposium and anticipate a large audience of academics, executives, students, and U.S. and foreign policy makers. Those selected to present papers will be reimbursed for two- week advance purchased coach airfare to California and for two nights stay at the Westin, Palo Alto hotel. Interested parties should submit a 200 word abstract describing the proposed paper to; http://cyberlaw.stanford.edu/privacysymposium/form.html. The deadline for submissions is October 13 and the selected presenters will be notified by mail by November 3. The website also allows visitors to register to be notified when we finalize the symposium schedule. Papers will be due May 3, 2004. The Symposium Editors will select the papers which will be published in a scholarly volume under a Creative Commons license that will allow authors to submit their papers to other publications, including law journals. The Symposium Editors are: * Margaret Jane Radin, Wm. Benjamin Scott and Luna M. Scott Professor of Law, Director, Stanford Program in Law, Science and Technology * Anupam Chander, Professor, UC Davis School of Law, Visiting Professor Stanford Law School, Spring 2004 * Lauren Gelman, Assistant Director, Center for Internet and Society, Stanford Law School If you have questions, you are welcome to contact Lauren Gelman, at gelman@private The conference is organized by the Center for Internet and Society, part of the Program on Law Science and Technology at Stanford Law School. __ * * * * Packets * * * * Vol. 1, No. 2 // 10.7.03 -=-=-=-=-=-=-=-=-=-=-=-=-=- Packets is production of the Stanford Center for Internet & Society (CIS). It is written by members of the Stanford Law and Technology Association (SLATA), and edited by CIS staff, fellows and volunteer attorneys. Our purpose is to provide the legal community with a concise description of recently decided cyberlaw-related cases. Click "For More" for longer, more detailed summaries hosted on our website, along with a keyword searchable archive of past packets. http://cyberlaw.stanford.edu/packets/ We urge you to forward Packets wherever you please, and to take from it any content you'd like. The writers on the Packets Editorial Board are: Carl G. Anderson, Rob Courtney, JuNelle Harris, Rena Kaminsky, Rachel Kovner, Todd Lewellen, Stephany Lin, Stephen Bruce Lindholm, Jia Liu, Grace Park, Ji-Hyun Park, Jef Pearlman, Kateryna Rakowsky, Stuart M. Rosenberg, Neil A. Rubin, and Jim Sojoodi. -=-=-=-=-=-=-=-=-=-=-=-=-=- Contents Vol. 1, No. 2 -=-=-=-=-=-=-=-=-=-=-=-=-=- Verisign Settles FTC Complaint for False Advertising to Take Competitors' Domain Name Registrants Verisign and the Federal Trade Commission have reached a settlement stemming from charges that Verisign's Network Solutions unit tricked customers of competing domain name registrars into renewing and transferring their domain name with Network Solutions. Pursuant to the settlement, Verisign is to provide the expiration date of the registrant's domain name registration in all its future notices and to disclose whether the renewal would transfer a registrant's domain name from its previous registrar to Verisign. Verisign did not make any admissions of liability or wrongdoing. FTC v. Network Solutions, Inc., No. 03-1907 (D.D.C., Sept. 12, 2003). For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001555.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Headline: Advertisers in the UK Must Get Explicit Permission Before Marketing By E-mail The UK's Advertising Standards Authority ruled that e-marketers must receive explicit consent before marketing to consumers by e-mail. Recipients of unsolicited commercial e-mails filed a complaint against the Training Guild (a Southampton seminar provider) , alleging that their marketing violated the CAP Code's requirements that (1) e-mails make clear that they are marketing communications, and (2) advertisers get explicit consent before sending e-mails to consumers. The ASA rejected the first complaint, finding the subject heading "Business Seminars - Telesales & Selling Skills made Easy" sufficient to put consumers on notice that the e-mails at issue were marketing communications. However, the ASA upheld the second complaint, stating that it was the advertiser's responsibility to ensure recipients had given explicit consent. The Training Guild, UK ASA Adjudication (Sept. 10, 2003). For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001556.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Attachmnent of GPS Devices to Private Vehicles Requires a Warrant William Bradley Jackson was convicted of first degree murder on October 5, 2000 in the death of his daughter. Jackson appealed to the Supreme Court of Washington, raising, inter alia, whether a warrant was required under Wash. Const. art. I, § 7 for the installation and use of a global positioning system (GPS) device on his vehicle; and, if so, whether the two warrants issued in this case were supported by probable cause. The court held that a warrant is required before authorities can install and use a GPS device on a private vehicle under Wash. Const. art. I, § 7. However, the court found that the two warrants in this case were valid, and, therefore, there was no constitutional violation. State v. Jackson, No. 72799-6, 2003 Wash. LEXIS 659 (Wash. Sept. 11, 2003) For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001557.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Federal Court Strikes Down FTC's National Do-not-call List, Allows Other Telemarketer Regulations Several groups representing telemarketing firms sued the Federal Trade Commission (FTC), challenging the FTC's "creation of a national do-not-call registry, its prohibition of abandoned calls, and its restrictions on the use of pre-acquired account information". The plaintiffs claimed that the FTC did not have Congressionally delegated authority to implement these measures. The District Court for the Western District of Oklahoma granted summary judgment for the plaintiffs in the matter of the do-not-call registry and enjoined the FTC from enforcing its use. The court granted the FTC's cross-motion for summary judgment for the defendant in the other two matters, allowing them to enforce the regulations. 2003 U.S. Dist. LEXIS 16650. For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001558.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Register.com Settles Class Action Suit Internet domain name registrar Register.com issued a Notice of Class Action Settlement and Hearing on August 12, 2003, agreeing to pay $5.00 to its registrants in settlement of a lawsuit brought by an owner of an Internet website, alleging that the registrar's advertisements constituted a deceptive consumer-oriented business practice and breached the covenant of good faith and fair dealing. The New York Supreme Court will hold a hearing on November 3, 2003, to determine whether the proposed Settlement is fair, reasonable in the best interests of the Settlement Class, adequately represented by the plaintiffs, and issue a final order or judgment in approving the proposed settlement. Zurakov v. Register.Com, Inc. 760 N.Y.S.2d 13, N.Y.A.D. 1 Dept., 2003. For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001559.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Although Product Distributor's Web Activity Did not Create Minimum Contacts with Forum State, Personal Jurisdiction Held Proper on the Basis of Purchases from In-State Manufacturer In this District of Kansas case arising from the defendants' sales to plaintiff of a reptile care product, Judge Carlos Murguia denied defendants' motions to dismiss for lack of personal jurisdiction. The court found that (1) one of the defendants offered to sell the product in Kansas through a website, and (2) both defendants purchased the product from a Kansas manufacturer. Although the offer to sell the product through the website did not confer jurisdiction, the purchases from the Kansas manufacturer created the 'minimum contacts' with Kansas sufficient for personal jurisdiction because these purchases were necessary to the transactions from which the plaintiff's claims arose. Robert Pound v. Airosol Company, Inc., et al., No. 02-2632-CM (D. Kan. 2003) For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001560.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- FTC Proposes Settlement of Unfair Practice Charges with AOL, CompuServe On September 23, the Federal Trade Commission (FTC) published a proposed consent order settling complaints with AOL and its subsidiary, CompuServe. The FTC had alleged that AOL's procedures for handling customer cancellation requests and AOL and CompuServe's handling of a recent "CompuServe $400 Rebate Plan" were flawed in that: (1) some customers who had requested cancellation of service had continued to be billed for monthly service, and (2) AOL and CompuServe had failed to deliver promised $400 rebate checks toward consumers' purchase of a computer after the consumer contracted for three years of CompuServe Internet Service. The proposed settlement requires better procedures by AOL and CompuServe in both areas. Proposed Agreement Containing Consent Order, In the Matter of Am. Online, Inc., and Compuserve Interactive Servs., Inc., at http://www.ftc.gov/os/2003/09/aolconagreement.pdf (Sep. 23, 2003). For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001561.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Class Certification Denied in Infringement Action against Copyright Clearance Center, Inc. The District Court of Massachusetts denied plaintiffs' motion for class certification in a copyright infringement suit brought by three freelance photographers against Copyright Clearance Center Inc. Defendant acts as an agent for magazine publishers, licensing rights to photocopy magazine articles. Plaintiffs allege that they, like most freelance photographers, explicitly retain all rights beyond one-time publication in magazines; therefore defendant infringes their copyright by unauthorized trafficking in these images. The plaintiffs introduced evidence of the large number of freelance magazine photographers in the United States and that it is standard practice to retain copyright in photographs. The court ruled, however, that this evidence was not sufficient to meet the numerosity and typicality requirements for class certification stated in Fed. R. Civ. P 23, and therefore denied the motion. Resnick v. Copyright Clearance Center, Inc., No. 01-11520-RWZ, 2003 U.S. Dist. Lexis 16516 (D. Mass. September 22, 2003). For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001562.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Refusal to Establish Hyperlink May Violate First Amendment Rights Reversing a district court's grant of summary judgment, the Sixth Circuit held that a city government's refusal to provide a hyperlink from its website to an online tabloid monitoring city corruption may violate the First Amendment rights of the tabloid publisher. Although the Court found the city website to be a nonpublic forum, allowing the city broad discretion in selecting participants, denying access based on the participant's viewpoint is a clear violation of the First Amendment. The Court held that the tabloid publisher raised an issue of material fact as to whether the city's actions were based on "impermissible viewpoint discrimination" and remanded to the district court for further proceedings. Putnam Pit, Inc. v. City of Cookeville, Tenn., 21 F.3d 834 (6th Cir. 2000). For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001563.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- Federal Court Dismisses Hyperphrase Patent Infringement Case Against Microsoft A federal judge in the Western District of Wisconsin granted Microsoft's motion for summary judgment in a patent infringement suit filed by Hyperphrase Technologies. Hyperphrase filed suit claiming that the Smart Tags technology Microsoft included in its recent versions of Microsoft Office XP infringed on three of Hyperphrase's patents relating to the storage and retreival of information in computer systems. The judge agreed with Microsoft that the Smart Tags operate differently than Hyperphrase's technology and did not infringe on the patents. U.S.A. v. Thomas Michael Whitehead, Case No. 2:03CR53 (C.D.C.A. Sept. 19, 2003). Press Release: Department of Justice Press Release No. 03-127, United States Attorney, Central District of California, "Federal Jury Convicts Smart-Card Hacker for Violating Digital Millennium Copyright Act," Sept. 22, 2003 For more: http://cyberlaw.stanford.edu/packets/vol_1_no_2/001565.shtml -=-=-=-=-=-=-=-=-=-=-=-=-=- http://cyberlaw.stanford.edu/ Stanford Center for Internet & Society Crown Quadrangle, 559 Nathan Abbott Way, Stanford, CA 94305-8610 -- Lauren Gelman, Esq. Center for Internet and Society Stanford Law School (ph) 650-724-3358http://cyberlaw.stanford.edu/ _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2b30 : Tue Oct 14 2003 - 06:59:13 PDT