Information Technology and the Law

The internet has, undeniably, become central to our lives. The wide range of cases we have reviewed this semester gives us just a glimpse into the complicated legal world that governs our use of this resource. Email and instant messenger have made communication among people across the globe easy and inexpensive. Needed information is now just a few clicks away. Companies have been able to expand their customer bases far beyond the confines of traditional brick and mortar business models. Computers have secured a place in the classrooms of even the youngest students. As technology develops and consumers become more sophisticated, the internet seeps further and further into global use. The web can now be accessed through your computer, your cell phone and soon even your refrigerator.

Beyond challenging technology creators to build on the innovations of the internet, this medium has challenged lawmakers as well. Traditional geographically-based conceptions of property and jurisdiction have been repeatedly called into question. Our discussions this last week regarding community standards in cases like U.S. v. Thomas bring up once again the role of geography with the internet. For regional businesses, laws incorporating community standards for conduct make sense, since practically only these customers would have access to them. With the internet, on the other hand, even with password protection, filters, and other means, some people under the jurisdiction of strict community standards would be bound to obtain access to the material. Why should a company be obligated to research the arbitrary standards that a jury might impose thousands of miles away, when companies would have little recourse to prevent these parties from accessing their site? Cases like this demonstrate the need for at least national—or better yet international internet community standards—for determining what is “legal” to place, sell, do, etc. on the web.

The example of U.S. lawmakers intending to shield children from accessing pornographic material through public libraries highlights the difficulty national laws have in combating a problem that needs a more international solution. Filters are just a band-aid in U.S. v. American Library Association. Without some sort of consensus and/or change in the internet infrastructure, most sites lie within easy reach of anyone, regardless of age or place. The value of this cannot be underestimated, but neither can the costs. The success of the internet comes through the interconnectedness of sites around the globe. This ideal would lean towards implementing more internet community laws or common standards that users should abide by. Creating an international law would be a difficult process. But, this truly global entity which does not yield to arbitrary state or country borders necessitates such an approach. Last week’s discussions and multiple posts on ICANN highlighted the potential role that this organization could take to govern the internet. Already in charge of domain names and the disputes arising from this governance, this organization or another one to take its place could become the central point for creating rules that all countries could abide by. While some people proposed that all domain names should end with a country code, which would allow countries more jurisdiction over the kinds of sites in their domain and the ability to provide better filtering for examples like the Library case, to me this defeats the value of the internet. Many of the cases and laws discussed this semester continually point towards lawmakers resorting to more traditional geographical viewpoints. Discussion of trespass to chattels use in cases of sending spam and robots crawling websites have called me to question the use of internet nomenclature like homepage and site in terms of their real personal property value. Lawmakers should question these conventions as well and look beyond the physical constraints of clearly outlined borders and national property rights when governing the internet.

Whether it is the Supreme Court rendering a decision on Grokster or Congress enacting the DMCA, no decision about the internet or creation of new technology operates completely in a vacuum within the borders of America. A clear cut set of rules on a global scale is best for internet users, government regulators, and the creators of technology. Inventors must have protection from overly invasive governments or Courts which would restrict their rights to create and sell new technologies as well from overly-lax places which would give them no incentive to create and not protect their rights. This is true for the maker of the next iPod as well as the new company which launches its international e-commerce site. While difficult to implement, a global consensus for rules would be the best means to protect all of these parties.

I am going to continue with the current ICANN debate by throwing a few of my own thoughts into the mix…

I want to comment on the idea of changing to a .country system for all sites that was brought up in class. International companies like Microsoft would have to go out and buy the rights to all the domain names from each country in which they want to do business. I have huge qualms with this idea from both a theoretical as well as practical approach. First, and foremost, I am surprised to see people in the class taking such a “geographical” perspective to domain names. The internet is one of the most internationalized systems in the world. There are relatively few borders in cyberspace; the particles comprising connections, messages, or interactions between parties can traverse the world with no passports or checkpoints. The internet provides a means for people around the world to communicate freely and for businesses to interact with customer bases they could never achieve in the “real” world. Enacting geographical “barriers” for websites who wish to continue this revolutionary practice is just moving backwards in the progress that has already been achieved. Having separate root servers for every country further fragments the net. Countries, regulators, and politicians spend tens of years negotiating trade, finance, and other treaties. An alternative universe of .com’s and .net’s has sprung up in place that does not have to deal with many of these border-imposed problems. Just because the system does not conform to the geographical representations does not make it wrong. Making large international corporations buy the rights to sites in all countries places undo burden on them. For small companies, the ability to receive exposure to a huge community through one site also makes the current system attractive.

Logistically, what about these inconvenient examples: What if suddenly Small Island decides to start the (aptly named) .sl group of sites. Instead of selling Microsoft www.Microsoft.sl, the island decides to let some scammer who wants to cheat unsuspecting webusers or a cybersquatter or other party buy the site for a large sum of money. This hurts the internet user as well as Microsoft. Countries may have incentives to try to extort money from companies for domain names or retain names for other purposes that hurt the internet as a whole. Alternatively what if Small Island flip-flop company wants to sell its flip-flops to Princeton students? Maybe my Google search for sandals will put .sl sites far down the list of matching sites, because it will return .us sites on top. These are just theoretical situations, but I see the internet becoming unduly fragmented by such a system. We questioned in past weeks the use of “home” analogies for discussing websites. Why should the geographical idea of property be extended to domain names as well if we think it does not fit for individual sites?

Although some people have brought up perceived faults of ICANN’s dispute resolution system for websites, I think that this approach has some important benefits. Although individual countries do have trademark laws and some have treaties with one another to protect these trademarks, this resolution provides a uniform way to handle disputes over domain names. Trademark rights are, however, given deference in this system. Instead of relying on country-based treaties, a more universal view of a company’s rights to a particular name are considered. While in the current implementation of ICANN the rulings may not always be clear to the outside public or the methodology used to decide them may not always seem fair, this approach seems to work well with my basic premise of the internet. The International Court is not going to take up fights between companies in different countries over a domain name and neither is the UN! Through ICANN’s process, as outlined , there is recourse through the traditional court system. In addition, ICANN’s system helps stop countries like Small Island above from creating particularly lax rules to help cybersquatters or others on the internet trying to take advantage of companies, trademarks, or customers. A centralized, non-geographical or country-biased system is starting to be created through this process. This positive example of internationalization should be allowed to continue.

Lastly, some more general comments on ICANN after our class and reading the numerous posted to the blog this week. I agree that ICANN must be more forthcoming in its work and decision-making process. The bottom-up idea of more general elections for the board members appeals to me as well. Why does ICANN have to be under the auspices of the UN or some other international existing organization? Maybe it makes sense to try electing members of the internet community to the board at large again. The community connected is much larger than the first time and arguably the users are more attuned to issues facing the web as it has increased. If ICANN’s proceedings are clearer to the public and its membership is more democratically elected, then for now it may be possible and agreeable to keep the rest of the structure as is. With a small body of people working, ICANN could probably respond to issues and developments faster than would calling a UN conference would.

Maybe this last comment is a little out there, but I want to bring up a more political reason why ICANN may be kept so close to U.S. control. By maintaining the root servers in the U.S. under a democratic government system, web users may have better recourse to challenge complaints through our structured Court system. In addition, our Free Speech rights give users much leverage of what they can post on the web. Not all countries have such protections. If certain countries maintained their own root servers, the advantages of the web might be lost to the people in those countries. This would not be the first time that the U.S. has tried to promote and extend its democratic freedoms to other countries.

I hope this post adds some new perspective to our ICANN discussion!

I agree with Stacy’s sentiments that the spamming case of Jeremy Jaynes brings forth many of the issues we have discussed this semester. I want to further comment on the case and the ramifications of the ruling resulting in Jaynes’ 9 year jail sentence for sending spam messages. First of all, I agree with the Virginia Court ruling and the jury-imposed 9 year sentence for his crime. Despite evidence that Evan presents that “Americans just don’t care” anymore if they receive spam, it is apparent that some—including this jury—still do! The fact that Jaynes sentence is akin to sentences for drug trafficking shows how serious this issue is. And I do not believe it is just the AOLs of the world lobbying for more legislation who think so!

Jaynes earned between $600,000 to $750,000 a month—building up a multi-million dollar fortune—by sending people 10 million unwanted emails per day. As spamming was his livelihood, there is no probably little doubt that Jaynes was well aware of the Virginia law enacted two weeks before he sent a batch of emails that would have made it illegal for him to do so. This time factor, therefore, should not aid in his case. The fact that Jaynes was an out of state resident is also not relevant. He specifically sent emails to AOL customers bombarding the company’s Virginia-based servers. While a person cannot control the network path the bits of information composing each email take, an AOL address ultimately had to pass through Virginia regardless. I believe that this element gives Virginia jurisdiction in this matter. If residents of other states could not be tried under Virginia law for targeting servers in that state, then spammers would ultimately aggregate to the states with the most lenient restrictions. Creating such an “off-shore” market (think: tax havens) for spam doesn’t seem to be in the best interests of anyone. I also think that Virginia’s new spam laws are a good means of leaving the realm of trespass to chattels, which we have discussed before to be deficient on many levels. While each service provider could attack spammers individually, a state law makes the prosecution more efficient. If approximately half of the world’s internet traffic passes through Virginia, as claimed , then it is important that Virginia takes the lead in crafting legislation to combat spam.

For Jaynes, Stacy sees community service as a “more productive” means of punishment. I disagree. Jaynes may have to take the fall, but if you are one of the world’s biggest spammers then you were definitely asking for it. This ruling is the perfect scare tactic for other spammers. A 9 year jail sentence would certainly deter others much more than any community service provision would do! And it is important to note why Jaynes was convicted. Spam, per se, is not illegal. The CAN-SPAM Act says:

“The Controlling the Assault of Non-Solicited Pornography and Marketing Act requires unsolicited commercial e-mail messages to be labeled (though not by a standard method) and to include opt-out instructions and the sender’s physical address. It prohibits the use of deceptive subject lines and false headers in such messages.”

Jaynes modified headers and such to make his emails unable to be traced and the receivers could not opt-out of receiving them. Virginia law classifies such acts as well as the number of emails sent out, etc. as criminal and thus Jaynes was tried and convicted under that law.

That was some of my analysis on the ruling and the benefits of having such a law in place. But, as articles ( for example ) have suggested, the constitutionality of the law is debatable. What if I want spam? Or, what if my service provider wants to have its servers flooded with spam? It is my first amendment right to have spam, they say! I don’t really have a counter-argument as to why a state should be allowed to deny them the right to get spam. Jaynes was obviously receiving so much money because his techniques were good enough to make money from the spam. Some people do buy the services offered.

I don’t like getting spam, so I personally like the ruling. State and federal laws to combat spam seem more efficient that individuals service providers pursuing trespass to chattels or other claims. At the same time, spammers do have first amendment rights which shouldn’t be taken away, regardless of whether I would prefer if they were. Certainly, higher level courts will have to respond to this issue.

Most anyone who has worked in corporate America knows that companies often reserve the rights to monitor their employees’ email usage. Some firms save communications for upwards of ten years in case of lawsuits or legal matters in the future. For example, according to the Superior Court of California, Sacramento County, Intel Corporation’s rules for email are as follows:

“Reasonable personal use of the e-mail access to the internet by employees is permitted, but is subject to various restrictions, and communications are expressly not private. The company guidelines regarding e-mail internet and computer use expressly provide that employees have no proprietary interest in any part of the system or its use.” (Superior Court ruling April 28, 1999).

During six different occasions, a disgruntled former employee Kourosh Hamidi sent 30,000 email messages to current Intel employees. Intel sought to obtain an injunction against Hamidi under trespass to chattels doctrine, citing the unauthorized “trespass” of his emails on to their servers. The company said that it was injured by having to expend resources to combat his mailings, by means of addressing employee concerns regarding them as well as taking means to block them. The California Courts granted Intel the injunction.

I wholeheartedly agree with the Court’s decision for several reasons. I don’t think that the “sky is falling” criticisms against this kind of trespass to chattel case have much merit. First of all, I don’t see this case as the downfall of freedom of speech rights on the internet. Intel was not blocking its employees from interacting with Hamidi either through his webpage or their own personal email accounts on their own time. It is perfectly reasonable that they would want to stop someone from interfering with their employees during the work day as well as monitor the content of the emails being received on their servers during work time. As stated for their email system, “communications are expressly not private.” Hamidi is purposefully trespassing on the servers that Intel owns to reach its employees. Intel should and, by the Court’s ruling, does have the authority to screen out those messages which it does not want to receive. Just as a company has a security desk or gate at the front of its door to monitor who comes in and out of the building or to screen packages in the mailroom, it seems logical that in the digital age in which we live, that screening emails is just the next step. Although it appears that Intel’s server could handle the receipt of 30,000 messages at once without any physical harm, trespass to chattels make sense because Hamidi’s messages were an “impairment in the value to Intel of its e-mail system.” Intel’s email system is for delivering work-related mail to the employees. The electrons of Hamidi’s emails trespassed on to the server chattel, undermining the effectiveness of the server to deliver work-related messages to its employees.

Secondly, I do not see a free-rider problem as Dan Burk (pg.27) suggests. Why does it matter if Intel “secedes” from the network? And, to be honest, I don’t see monitoring employees emails for content as seceding from the network. The company has substantial webpages for its customers, conducts business and communications through email services, and creates products that aid the public in general for using the web. The company is not asking the public at large to pay for the cost of monitoring its servers or for the legal costs in pursuing claims of trespass to chattels against spammers like Hamidi. In order to provide the public at large with better chips for their computers, the company seeks to segregate its employees’ emails to ones that will only increase their productivity and not detract from it. The ability to stop “trespass” on its servers does not detract from the value of email at large. All of Intel’s employees have the ability to use their Google, Yahoo, or AOL personal email accounts to receive as many emails from Hamidi as they wish. And if in addition to contacting Hamidi, they don’t like spam from Cyber Promotions either, they can sign up for the use of CompuServe’s services (see CompuServe Inc. v. Cyber Promotions, Inc.)!!

In my opinion, the use of trespass to chattels is completely legitimate in this case. I think that the interpretation of this age-old doctrine for the internet is innovative and useful. Of course, care must be taken to ensure that its implementation does not stray past reasonableness in the Court’s eyes. But, I think that Hamidi’s case is one that benefits from its use.

The use of “trespass to chattel”—“where an intentional interference with the possession of personal property has proximately caused injury” (pg. 2)—seems like a fairly reasonable way to resolve tapping into a long distance telephone service in Thrifty-Tel, Inc. v. Beznek and spamming directed at a specific group of email users in CompuServe Inc. v. Cyber Promotions, Inc. The guilty parties were trespassing on systems that their owners did not want them to have access to. Customers of these systems were complaining about these interferences, so the Courts seemed to have correctly applied the standard for liability:

“An unprivileged use or other intermeddling with a chattel which results in actual impairment of its physical condition, quality or value to the possessor makes the actor liable for the loss thus caused.” (CompuServe Inc. v. Cyber Promotions, Inc)

There was actual impairment of the physical condition of these systems. Thrifty-Tel, a small long distance carrier, only had so many telephone lines available. The Beznek children placed hundreds of calls, tying up the system, and preventing paying customers from utilizing the service. This use of these telephone lines was Thrifty-Tel’s property and the Beznek children trespassed on this ability.

In the CompuServe case, Cyber Promotions deliberately made use of CompuServe servers by sending emails to its customers after the company had explicitly asked Cyber to refrain from doing so. CompuServe was granted an injunction to bar Cyber from sending any more mail to its subscribers, because CompuServe’s customers were complaining about the rampant spam from the company and having to pay for the time it takes to filter through this spam.

Use of trespass to chattel in the eBay, Inc. v. Bidder’s Edge, Inc case seems less clear to me. At first glance, the situation seems similar. Bidder’s Edge is “crawling” eBay’s site without its permission despite the fact that eBay has told them to stop doing so. While the thought of physical telephone lines and computer servers as personal property which should not be trespassed on is not far-fetched, extending the idea to a public website which gets thousands of hits a day is harder to believe. More importantly, the judges granted the preliminary injunction against Bidder’s Edge even though eBay did not allege that the “physical condition, quality, or value” of its services was really affected by the crawling, and that customers of its site had been affected. Instead it seem that the judge’s decision comes out of eBay’s argument that if Bidder’s Edge is allowed to continue “it would encourage other auction aggregators to engage in similar recursive searching of eBay system such that eBay would suffer irreparable harm from reduced system performance, system unavailability, or data losses.” Denying the injunction, the Court says, “would present a strong likelihood of irreparable harm.”

To me, it seems like the Court starts down a slippery slope when it extends “trespass to chattel” to situations where no real harm to the “physical condition, quality or value” has already occurred. The potential for harm does not mean that harm will occur. Companies should not be barred from doing business under this reasoning, because this rationale does not fit under the trespass to chattel precedent. The ramifications for this ruling could be widespread. At the beginning of this semester when looking at jurisdiction cases, we discussed how the internet works and the fact that packets of information can flow through many different routes to get to their final destination. If companies do not have to allege current harm, then potentially suits could be brought against any emailer or web crawler in light of the fact that increased traffic flowing through communication lines in their possession could hurt their businesses or affect their customers in the future. Your packet of information might not hurt them today, but if people keep sending them the effects could be detrimental.

In class and in some posts, there exists a lot of controversy over whether is it conscionable and/or legal to make someone to agree to a EULA after they have brought their software home and not beforehand. This throws the ball into the consumer’s court and makes it inconvenient because you would have to call a customer service representative or take the product back to the store, critics say.

I want to disagree with this sentiment for a few reasons. I think that terms of use agreements are pretty common; they seem to come in the packaging of a lot of electronics goods. Most of the time, the packages are sealed and they are one of many paper packets you get when you open the box. I don’t think that the process of the software licensing agreement is any more opaque. In fact, through the software methodology, the company actually makes more of a concerted effort to get you to agree to their terms by making you check a box. I see these situations as parallel; I don’t see how agreeing when you get home is any different from finding out the terms of use when you open up your electronic’s box to read a pamphlet. Maybe EULAs are more complicated, but to me the methodology of having to physically agree in the privacy of your home is best for all parties involved. If you actually want to read the agreement, you have the opportunity to sit, read, analyze, and research for as long as you like. This has to be a more educated and sensitive examination than one a consumer would make in the store at the check-out line. This could be rationale for arguing that EULAs should be simpler, but I don’t think that really refutes this point. The software company’s methodology provides an effective method of allowing any user who wants plenty of time to review the agreement before checking yes. By having an explicit click, the company can also ensure that its customers actively agreed to the terms of its use.

These issues aside, I want to get what to what I believe is the most important issue highlighted in Davidson v. Internet Gateway . I am worried about the consequences of this line in the ruling:

“The defendants in this case waived their “fair use” right to reverse engineer by agreeing to the licensing argument. Parties may waive their statutory rights under law in a contract.” (pg. 25) .

I am torn on the consequences of this statement. While I want to protect the ability for parties to enter into whatever contracts they wish, I would hope that this ruling would not evolve into a general practice that companies enter into to free their creations from competition. A Sega or Sony could devise similar agreements to preclude companies like Accolade and Connectix from reverse-engineering products that offer new interoperability or new innovation. For the average consumer, this might not be an issue. But on some level, we can all agree the ability to reverse-engineer is good. The fact that the average consumer so readily signs away these rights because they would never use them may end up denying new creators the ability to pursue innovation through reverse engineering. If no one decided to sign this EULAs, then the software companies would have to make a fundamental change in their way of thinking. But since we just click absentmindedly and proceed to installation, companies can continue to expand these agreements without much harm in the short-term. Long-term effects from this decision, however, remain to be seen. Legislation or further court decisions will likely be needed to protect these “fair use” rights needed for innovators against too burdensome EULAs in the future.

While I agree with many of the points brought up in discussion, I felt that I had to air a devil’s advocate position on this whole “good samaritan” view point that a lot of people in the class seem to espouse. So, the reasoning goes, the RIAA has a monopoly on artists, they charge a lot of money for CDs through their monopolistic practices, and the artists really never get to see this money……so, it is okay that we file share this music for free. We can have a backlash against the music companies this way and the artists are never going to feel the effects; we will change the way the music industry does business, since technology allows artists to make music so inexpensively these days.

But, just because you don’t like someone’s business model or dislike their objectives, that does not make it ethical to steal their products. John Mayer may have said that he didn’t mind people sharing his songs, but then again he has probably already made a lot of money from his albums and touring, the result of some music company investing in him as an artist to produce his album, find his shows, create and maintain his image, and pay for the production of his music videos. Without the money gained from selling albums, all of these benefits may not have been possible. An artist receives more from a music company than just money from his album sales. That is why many artists want to sign contracts with these major labels. They have the resources to promote them the best way possible. Even indie bands looking for exposure must appreciate the resources expended that could get its music on a compilation CD like the OC Soundtrack or Garden State soundtrack. These acts might not make much money from the CD sales, but they must garner some sort of benefit from being included—a benefit which I am not sure it is “right” for the downloader to just take away from them or try to encroach upon. No one forces these musicians into contracts, so they must gain some other benefits from these associations, otherwise the music industry wouldn’t have enough funds to fight these suits.

I think it is useful to think about this devil’s advocate position when someone brings up the “fight for the artist” argument. All opinions aside, similarly to what Nitin said in his post, I believe the question of whether the music industry properly compensates its clients is not in the scope of whether it is moral or legal for the Groksters of the world to exist.