Information Technology and the Law

In truth, I must admit that U.S. v. Thomas seems like quite an irrelevant case. For all the discussion of varying community standards and hypotheticals involving naked children from distant countries and cultures, what we are dealing with in this particular case is something far simpler. Thomas distributed pornographic images, including “images of bestiality, oral sex, incest, sado-masochistic abuse, and sex scenes involving urination.” Let’s not split hairs. (Aside from the fact that they had the Memphis address of a particular subscriber) Applying logic that we’ve used earlier in the course about the nature of the internet and its users, there is a high probability that at least one of the Thomases users would reside in a jurisdiction which found such material obscene—we are not talking borderline stuff here… it does not take a low bar to admit bestiality, incest and similar acts under the obscene tag—so then legally, the Thomases knew, at least constructively, that they were sending their images to some jurisdiction where they would not be welcome or legal. It is not as if the images that he was sending were likely to be seen as universally non-obscene across the nation. Consequently, it makes sense that the Thomases be held accountable for whatever harm their images did in any jurisdictions they reached…specifically the jurisdiction of Tennessee.

Why bother?

Another question I had was why bother with this case? I mean, sure the material was obscene in Tennessee, but last time I checked the internet was chock full of tons of other sites promising depictions of the same and similar weird and deviant behaviors (personal opinion). So what makes the Thomases bulletin board any different? What makes this case in particular worth pursuing? Because the internet is almost wholly accessible from anywhere you can access any part of it, surely there are an abundance of other sites, both password protected and unprotected, where people within Tennessee jurisdiction can come in contact with similar material.

It’s been done before

Something else that struck me about this case is the lack of originality (which is not to say that individuals need be more creative with respect to the expression and depiction of their deviant behavior). To me, it seems that any ruling in this case could have followed directly from a precedent set by any cases relating to obscene materials distributed via mail order. Disregarding the differences between the way customers interface with each company, I think it is easy to agree that most issues concerns raised by Thomas’company are probably common to companies that specialize in obscenity via mail.

What is the point of this case?

What is the point of this picture?

It’s been a great semester

It’s easy to hate Microsoft. They’re the giant. They’ve got all of the market share and the corporate arrogance to go along with it. But did you ever wonder what would have happened had Microsoft represented themselves better? What if Bill Gates had been called as a witness and had given a deposition that seemed like something closer to the truth? What if Microsoft had employed no obviously doctored demos? What if none of these damning corporate emails existed and instead they were damning conference calls or private conversations which could never be recovered? Clearly, this is not what happened, but I wonder if the outcome would have been the same in such a case.

That said, I would like to take a quick at the outcome, the settlement between Microsoft and the United States government. The settlement prohibits Microsoft from several actions. Microsoft can no longer retaliate against an Original Equipment Computer Manufacturer (OEM) who has taken steps to promote or foster competition with respect to the operating system that their machines run, charge varying prices to different OEM companies, or restrict the ability of OEM companies to include and/or promote other “middleware” products than Internet Explorer. Microsoft now has to make it easier for competitors to interoperate with Windows by releasing their API to the public. Microsoft cannot retaliate against manufacturers and distributors who try to compete. Microsoft cannot force manufacturers and distributors into exclusivity deals or ask that competing products be excluded from their installations. Microsoft must allow end users and OEM companies to easily remove Microsoft “Middleware” products and to replace them with competing products using fairly standard mechanisms.

The settlement then goes on to describe how the plaintiff, the U.S. government will be responsible for holding Microsoft accountable, as well as the process for appointing a Technical committee (which will be composed of individuals of varying interests to keep it fair), the process for establishing a Microsoft Internal Compliance Officer position, and the Voluntary Dispute Resolution process by which the Technical Committee and Microsoft Internal Compliance Officer interact to ensure that Microsoft sticks to the measures described in the settlement.

All in all, the settlement seems pretty fair to me. It does not at all cripple Microsoft’s business, but aims to take steps to allow competitors entry into the lucrative market. I guess my only question would be how well it is working. We are now four years removed from the 2001 settlement and [speaking very unscientifically] I cannot say that I see much of a difference in the market, even if Microsoft’s business practices have changed.

I too would like to discuss the hypothetical H drive case brought up in last week’s class. I am of the opinion that there is in fact a difference between the general internet, which is commonly believed to be public domain and students’ personal H drives, which I would argue to belong to a more private domain just by their very nature. In the case of H drives, a certain sense of ownership seems to attach. Each Princeton student has their own H drive which is referenced by their username. There is a certain assumption that files on the H drive belong to the Princeton student whose office of information technology account that the particular H drive is associated with. There is no assumption, as with the internet in general, that the owner of the files wants to show these files to the world. I would make an unscientific, uninformed guess that most students who have left all of their H drive files world-readable have inherited the somewhat naïve and misguided default policy that was handed down to them by the Office of information technology. Most of these students probably lack technical expertise. They probably assume (based on past computing experience) that the password that they use to protect other parties from logging into their account—the password that they need to access their H drives—also protects the files that they store. While ignorance of the law and of policy is generally not an excuse in the case of bad acts, I think it should be considered here in the case of the victim, especially since the University has taken no major steps to increase public knowledge among students.

Furthermore, it is commonly known that Princeton students are entitled to a public web page. By placing files into a folder within their H drive, entitled public_html, Princeton students definitively identify these files as ones that they do not mind the general public browsing and perusing. And rather than accessing these files by the somewhat unconvential browsing of the smb server, people can access them through the normal use of web browsers and URLs. For example, if I, Muoyo Okome (username: mokome), place a file called read_it.txt into my H:\public_html folder, it is accessible to the rest of the world via the URL www.princeton.edu/~mokome/read_it.txt. And in this case, it is clear that I wanted, or did not mind people seeing it. While I think it may be overly harsh to send H drive perusers to prison, I also disagree with the notion that files on one’s H drive belong to the public.

In each of the three cases we examined last week, we saw the old-time doctrine of Trespass to Chattels used to try to restrict the usage of services (telephone services in one case, websites in another). In each of the cases involving websites, the claim to Trespass to chattels rested upon the [over]use of the claiming party’s server. But what is actually going on here? As said in class, we know that the client-server interactions between the requester’s computer and the website’s host computer, in a very literal sense, cause electrons to move through the server’s circuitry. So is electron wear and tear the basis of these suits? No. Rather, the companies—eBay in one case, and Compuserve in the other—are suing on the basis that the servers which are being exploited are a valuable and scarce resource that they need to conduct their business. So although the traffic used up by any one party may not be nearly large enough to constitute something like a denial of service attack, they could certainly put the bandwidth to use elsewhere. I think that there is no question that they own the servers and should be able to restrict their overuse by individuals or groups, but I would also like to note that these arguments represent a departure from a concept that we saw in many previous cases—that a company’s business model does not dictate the law.

When deciding the guilt/liability of Grokster, neither the business models of the record companies nor Grokster’s business model played a role in the final outcome. The fact that Grokster and similar services represent a considerable [perceived] threat to the recording industry is immaterial to the case. The fact that finding Grokster guilty of large-scale infringement would do irreparable damage to their business is not a consideration. This holds true in Sony v. Universal, where the fact that the presence of Sony’s video tape recorder technology represented a perceived threat to the television industry (even though they eventually became best buddies) was not a factor in coming to the final decision. It holds true in Sega vs. Accolade. Sega’s business model called for them to make money by charging licensing fees to game manufacturers. The fact that accolade was able to circumvent the technology and go outside the proposed business model did not weigh in Sega’s (or anybody’s) favor. However in this instance, the fact that the servers are being overused—the argument made was that the company could be using them for other things—seems to matter. Why is this different?

I would like to preface this post with a little clarification. All four models of Lexmark printer cartridge discussed in class (T520, T522, T620, and T622) come in prebate and non-prebate versions (This can be quickly verified via Google)
…

In my last post, I challenged the right of the End User License Agreement to include overly complicated language designed to limit certain rights and box the user in. This week, I think it is time to take issue with another contract: the box-top contract employed by Lexmark to protect their prebate cartridges. I agree with the comment made in class that there is not likely a meeting of the minds in this case. Whereas with the EULA, the consumer must definitively click “I Accept”/“I Agree” before moving ahead to installation—whether or not we think this is fair, at least the user is definitely aware that certain terms exist—because there is no real expectation that a consumer needs to read a box or container before opening it to use the goods inside that he/she has purchased. Here, Lexmark only asked that the prebate cartridges be returned directly to their company, but suppose they had asked for more. Is it the strength and reasonableness of the request that determines the legality and enforceability of the contract? I should hope not.

Stepping away from the contract and looking at the case at a whole, it seems clear that Lexmark should not win the case. On the surface, it seems clear that one should be able to refill their printer ink however they like. The gas-in-car analogy holds very well in my opinion. No car company could ever attempt to demand that their car only be filled by Shell gas without tremendous public response. Furthermore, the DCMA protection that Lexmark tries to hide behind was not designed to protect things like printer ink . The basis of Lexmark’s claim is that their toner-loading software and printer engine program have been infringed upon, but those are not the things that Lexmark is actually seeking to protect. They brought the suit upon Static Control Components in order to try to preserve their monopoly in the sales of printer cartridges and ink compatible with Lexmark printers. While it is their right to try to make their business profitable by employing means such as lockout codes and security systems to thwart competitors, it is also the right of the competitors to try to overcome these systems via reverse engineering and similar techniques (a la Sega/Accolade) and I don’t think a flimsy boxtop contract should stand in the way.

End User License Agreements (EULAs), like all other contracts, hold within them immense power to do harm and to deceive if not fully comprehended by both involved parties (it is safe to assume that in most cases, it will be the accepting party absorbing the majority of the harm). However, unlike most contracts, EULAs are usually not read thoroughly. Instead, they are just accepted with a quick button press because the end user is anxious to install the software that he/she has “bought” (leased?) and does not expect to initiate anything outrageous by clicking “I Agree.” Even if the accepting party does take some time out to read the EULA, it is unlikely that he/she read and comprehend the document in its entirety. Most contracts of comparable complexity, take for example a contract to purchase a house, are reviewed with the aid of legal counsel. Other contracts that we see as often as EULAs tend to be shorter and worded with more straightforward language.

In Davidson (Blizzard) v. Internet Gateway, we saw a EULA used to make the accepting party give up his/her right to reverse engineer Blizzard’s game software, a right that was established as fair use in Sega v. Accolade and then reaffirmed in Sony v. Connectix. Were it not for this EULA, Blizzard would essentially have no case as the programmers were performing precisely the action that had been established as fair use in the two aforementioned cases: reverse engineering to discover the workings of unprotected functional elements that were inaccessible by any other method. And just as in the previous cases, the programmers used the results of the reverse engineering to create a work that was transformative—their version of Battle.net was much more user-customizable and contained measures to counteract cheating. One could make the argument that such features are beneficial to society as a whole. So the only thing impeding the work done by these programmers is the EULA that they clicked through.

Should EULAs be able to deprive us of rights? As it was pointed out in class, contracts often serve the purpose of limiting our rights. Nondisclosure agreements restrict our 1st amendment rights in a limited fashion. Authors often sign contracts with publishers to limit their distribution rights with other publishers. So what is the issue here that makes it feel wrong? EULAs have been used for [perhaps] more sinister purposes than restricting fair use. We know of EULAs that authorize the deployment of spyware and malware on the end user computer. Should this be allowed? Going beyond that, what if a EULA were to authorize the deployment of a hard disk-wiping virus? What if it asked the user to agree to pay the full price of the software repeatedly? Where does the line get drawn? It is understandable that software companies want to protect themselves through the use of these tricky contracts and it is true that both parties have the responsibility of trying to read and understand the contract so that there can be a meeting of the minds, but it seems as if normatively, given their ubiquitousness and the fact that they are so often peremptorily ignored (again, not the company’s fault, but…) there needs to be a way to restrict the power of EULAs to do harm.

At the moment it seems as if the courts are telling us that peer-to-peer and file-sharing are here to stay in one form or another (or many). The question is what form? Of course we are all familiar with the Napster model, in which end users search for files living on the computers of other end users with the help of an index living on a central server and the Grokster model, in which end users have the same abilities to search for files on other end user computers (be it more inefficient and less comprehensive) using an index that is distributed across various end user computers with adequate resources. But one must admit that these softwares/services, along with Aimster, Kazaa, Shareaza, Soulseek, and a myriad of other file-sharing applications perform basically the same functionality. They dress in slightly different interfaces, some uglier, some prettier, some more intuitive, some less, and have differing levels of popularity, but at their core all of these services have in common that end users use them to search for and download music (with most of the downloading activity infringing on copyrights). Isn’t it possible that peer-to-peer can exist in some other truly unique form?
Finally, we are seeing some exploration into this possibility. In class, we discussed the recent (“newish?”) development of a peer-to-peer network which functions something like online radio, allowing end users to stream, or broadcast, their music files to other end users. While this system is not at all flawless in terms of its ability to protect the rights of the copyright holders against infringement, one can make an argument much more easily that the creators of such a system are making a good faith effort to contribute towards that protection.
Another new development has been made by the FastTrack-owned Altnet. Altnet (which offers only industry sanctioned, and consequently often independent label files) has opted to start an advertising fund that would split its revenue with some of the largest independent labels. My initial thoughts about this service are that again, it is not perfect (What happens to the littler little guy? Does it even matter? Would he want to be distributed?), but again, it is making a better effort to show good faith. However, one can only wonder if this generous altruistic move has anything to do with the troubles of Altnet’s parent company.
The last point of discussion is Cinequest, a fifteen year old California film festival. Cinequest has decided to use Kontiki’s movie-sharing software to distribute high-quality copy-protected copies of the festival’s films. This seems to me to be exactly the type of legitimate fair use that Aimster “imagined” their service to have and that Grokster “proved” they had through anecdotal evidence. The major difference here is that Cinequest is providing their service exclusively for fair use and they are expecting a fairly large target audience (60,000 flesh and blood, 75,000 downloaders), which, as soon as I typed it I realized, pales in comparison to the number of illegal downloaders on the net. But it’s a start right? I’m curious to see what other novel uses of P2P will come along in the near future.