Month: December 2017

Internet Governance

We’re Dreaming of a New Internet? Following the FCC’s vote last week to repeal the 2015 “Net Neutrality” rules, Republican Rep. Marsha Blackburn from Tennessee aims to introduce a new bill to implement some regulation towards ISPs; critics contend that while the legislation would ban ISPs from blocking or slowing web traffic it does not ban “fast lanes” and limits the FCC’s ability to regulate broadband networks.

Uber, Your Taxi is Arriving: The EU Court of Justice ruled Uber as a “transport service” and not an “information society service,” thus allowing the EU jurisdictions where Uber operates to enforce transport laws and regulations upon the company; Uber argued that it was merely an “e-commerce platform that facilitates rides,” and while the Court did acknowledge that Uber was “an intermediary service between drivers and riders,” it ultimately ruled that the company was inherently linked to a transport service due to the indispensability of the app to the drivers and riders and Uber’s control over the service provided.

Facebook in Fritz: Following the French data protection authority’s order to WhatsApp to stop sharing its user data with Facebook, Germany’s competition authority, the Bundeskartellamt, made a preliminary finding labeling Facebook’s data collection from third parties as abusive; while the finding is preliminary and Facebook will have an opportunity to comment and provide justifications for its conduct, the finding acts as a warning to Facebook about its data aggregation practices.

Privacy

Privacy at the Border: A new report from Georgetown Law criticizes the Department of Homeland Security’s (DHS’s) biometric exit pilot program—which uses facial recognition technology to identify passengers leaving on international flights—for its scope, execution, and accuracy; the report called the system an “invasive surveillance tool,” highlighted the system’s high rate of error, and criticized the DHS’s implementation of the program for not following the proper federal rulemaking procedures.

Information Security and Cyberthreats

You Be Gone: Youbit, a South Korean cryptocurrency exchange, filed for bankruptcy following a hack earlier this week where the company lost 17% of all its assets, with the company informing that during bankruptcy proceedings its customers would receive around 75% of the value held in the exchange; this was the second hack for the company in less than eight months with the first hack incurring losses of around 4,000 bitcoins.

Intellectual Property

Let Them Eat Sorbet: In a dispute between Comité Interprofessionnel du vin de Champagne, a lobbying group to protect the champagne mark, and Aldi, a supermarket chain, the EU Court of Justice issued a judgment stating that if sorbet, “has, as one of its essential characteristics, a taste attributable primarily to champagne,” it may be described as such and perhaps not interfere with champagne’s status as a “protected designation of origin”; the case was ultimately remanded back to the lower court to decide whether Aldi violated any laws by marketing the sorbet with the champagne mark.

Free Expression and Censorship

Rohingya Online: The Rohingya, a persecuted ethnic minority in Myanmar, will have its language included in the next version of Unicode—the international standard for digitally encoding characters and symbols—allowing the Rohingya to communicate through smartphones and computers; digitizing the language will support the humanitarian response to the current crisis and ultimately preserve the Rohingya’s identity and culture.

On The Lighter Side

Holiday Snooze: If your Facebook friends’ holiday over-sharing becomes an issue, use this new feature.

---

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Idalys Núñez
Dean’s Fellow, Fordham CLIP

Internet Governance

NYC Against the Machine: The New York City Council approved a first-of-its-kind bill to create a task force made up of various fairness, accountability, transparency and non-profit experts to review NYC agencies’ use of algorithms; the task force will develop a set of recommendations addressing when and how to make the algorithms public, how to assess the algorithms’ biases, the impact of such biases, and how to document and archive the algorithms and their training data.

The Net Dynamic Duo: As the FCC works towards repealing the Obama-era Open Internet Order, it released a Memo of Understanding detailing how the agency along with the FTC will share jurisdiction over ISPs and meet regularly to discuss open investigations against ISPs; the memo highlights the ISPs’ required disclosures, the FCC’s role—to monitor broadband market entry barriers, review consumer complaints, and take actions for improper public disclosure of any throttling, blocking or prioritization practices—and the FTC’s role in regulating ISPs for “marketing, advertising or promotional activities deemed deceptive, unfair or unlawful.”

Privacy

(Major)ity Report: The U.S. Citizenship and Immigration Services wants to implement sophisticated biometrics authentication to its visa, green card, and naturalization programs in an effort to prevent fraud and save money in labor costs; the agency “expects formal rules on the use of voice, iris and rapid DNA identification by March 2019” and hopes to use the biometrics data to authenticate users online and in person and to verify familial links.

Information Security and Cyberthreats

Starbucks’ Little Secret: A customer in a Starbucks store in Argentina found that the store had a ten-second delay when allowing patrons to connect to the in-store Wi-Fi which the store used to mine cryptocurrencies using the customer’s laptop; Starbucks announced that it had addressed the issue but a cybersecurity expert highlights this as an example of the risks incurred when using public Wi-Fi networks.

Searchable Dump: In the largest data dump to date, over 1.4 billion email addresses and unencrypted passwords have been found in an underground community forum with the anonymous compiler accepting cryptocurrency donations to allow downloads of the data; the data dump features search tools and scripts to import the data into databases thus simplifying the accessibility and usage of the information.

Intellectual Property

Conventional: A jury in the U.S. District Court for the Southern District of California found in favor of San Diego’s Comic-Con (SDCC) in its trademark action against the founders of Salt Lake City’s Comic Con over their use of “Comic Con” in describing the Utah event; SDCC argued that “Comic-Con” was a brand name while defendants argued that the mark had been diluted.

Free Expression and Censorship

Ask Your Parents, Please: As part of a newly proposed French data privacy bill, the French government aims to require parental approval before children under the age of 16 open a social media account despite concerns about the enforceability of such requirement.

“Alt-Tech” Flaws: As mainstream sites like Facebook, Twitter, and YouTube increase the monitoring of online hate speech and suspend users from their platforms, alternative online sites have emerged to allow the Alt-Right movement to express their views without being censored; however, the sites are far from the “alt-tech” dream due to technical inferiorities caused by lack of available resources with many of the sites having few users, “long load times, broken links, and frequent error messages.”

Practice Note

Judge, Do Not Google That: According to a new ABA ethics opinion, judges may risk violating ethical rules if they conduct online research for “adjudicative facts”­—facts concerning the parties or the subject matter of the ligation at hand—but judges may still conduct online legal research for cases not cited by the parties and for facts subject to judicial notice because they are generally known and not subject to reasonable dispute; the opinion further contends that a judge’s online research of a lawyer in a case may be allowed if done “merely to become familiar with counsel” or to determine the lawyer’s status to practice in the jurisdiction but may not be allowed if a judge’s “independent research about a lawyer…is done to affect the judge’s weighing or considering [of] adjudicative facts.”

On The Lighter Side

Netflix 1984: Netflix reminds some users that it is always watching their every move.

---

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Idalys Núñez
Dean’s Fellow, Fordham CLIP

Internet Governance

Crypto Quandary: The SEC’s Cyber Unit arm filed its first-ever charges against PlexCorps alleging the company’s ICO, which raised over $15 million dollars, failed to adhere to U.S. securities law by making unrealistic return rates promises and was “a fraud aimed at enriching” the company’s executives; Canada had previously prohibited PlexCorps from “engaging in unregistered offering of PlexCoin Tokens.”

Fighting News Misinformation: In an effort to protect its national press and advertising quality, the Australian Competition and Consumer Commission announced plans to examine Facebook and Google to understand the companies’ influence on the content produced by Australian journalists.

Privacy

“Creepy Cayla”: In anticipation of gift-giving season, the CNIL, the French data protection agency, issued a formal notice to Genesis Industries Ltd., a toymaker, targeting the company’s lack of security in two Bluetooth-enabled toys with the agency claiming that the lack of a PIN and the ability to easily communicate with the child through the toys violate Article 1 of the French Data Protection Act; the toys in question have been outlawed in Germany and consumers in the U.S. have filed complaints against the toymaker with the FTC.

Information Security and Cyberthreats

NiceHack: NiceNash, a cryptocurrency company, announced via its Facebook page that the contents of its digital wallet were stolen in a major security breach; the company has yet to release whether any customers’ bitcoins were part of the breach but speculators say that the hackers misappropriated value over $63 million dollars.

Intellectual Property

Our Brand, Our Rules: The European Court of Justice ruled in favor of Coty, Inc., the parent company of brands such as Calvin Klein and Chloe, allowing it to enforce a selective distribution system banning Parfümerie Akzente, a German distributor, from selling Coty’s products on third-party platforms such as Amazon, thus preserving Coty’s control of its brands’ images and its high-end pricing strategy; in its ruling the Court stated that if selective distribution systems are “mainly intended to preserve the ‘luxury image’ of those [goods],” and are applied uniformly and non-discriminatorily, the systems do not breach EU competition law.

iMine: The European General Court upheld the EU Intellectual Property Office’s decision to not allow Xiaomi, Inc., a Chinese smartphone manufacturer, from registering the trademark “Mi Pad” for its tablet computers due to a likelihood of consumer confusion between Xiaomi’s tablet and Apple’s iPad.

Free Expression and Censorship

Facebook Ban: Following the recent wave of social media posts about sexual harassment, many women comedians are accusing Facebook of banning them from the social media site for posting comments about men that Facebook views as threats and hate speech towards a protected group.

Practice Note

CDA Section 230: In Dyroff v. The Ultimate Software Group, Inc., the Northern District of California ruled that Section 230 of the Communications Decency Act immunized the Experience Project’s website from liability arising from an overdose death one of its users suffered from drugs purchased through connections made on the website; the Court held that Section 230 protected the company from all claims except the failure-to-warn claim, with the Court ultimately deciding that the website did not have a duty to warn the user due to a lack of a “special relationship.”

On The Lighter Side

DroneUI: If you’re planning on flying a drone while drinking, avoid doing so in New Jersey.

---

Information Law News From CLIP-ings International Correspondents Around the Globe

This academic year, former CLIP-ings Editorial Fellows studying abroad are reporting from time-to-time on current local news and developments in the field of information law!

From Victoria Loeb – Paris, France:

Pioneer Blockchain Project Incorporates in France: ARK Ecosystem, one of the first blockchain projects to incorporate in the EU, chose France’s unique General Interest Cooperative (SCIC) process as the most compatible legal framework for its decentralized, global cryptocurrency adoption project; as an SCIC, ARK can have an executive and community shareholder management structure without having to redistribute its cryptocurrency funds as earnings.

French Agency Provides Free Privacy Accountability Software: The French data protection authority (CNIL) released the beta version of a user-friendly data protection tool in development since 2015; the software is freely licensed and gives data controllers contextual knowledge based directly on the GDPR and the CNIL’s Privacy Impact Assessment (PIA) process, and will improve through community development of new features and feedback so that organizations can achieve compliance when the GDPR comes into effect in 2018.

Meghna Prasad – Rome, Italy:

“Web Tax” Will Pass: As part of an amendment to Italy’s 2018 budget law, the Senate budget committee in Italy has approved a proposal for a “web tax” which is aimed at taxing multinational companies like Google and Facebook for digital services, like advertising, which are otherwise untaxed; the proposal will be further delineated in April of next year, after parliament’s expected approval by the end of this year.

This is Uber Bad:  After the recent revelation of a massive hack of Uber, in which 57 million users had their personal data stolen and Uber paid the hackers $100,000 to keep the breach a secret, the data protection authorities of each EU Member State came together last week to form a task force which will determine how to penalize the company.

 

---

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Idalys Núñez
Dean’s Fellow, Fordham CLIP

Rilana Wenske
Editorial Fellow, Fordham CLIP

Internet Governance

Inter(Net)ional Influencers: As the fight over net neutrality wages on, the Federal Communications Commission’s final decision will have reverberating effects around the world as this decision will likely influence how developing nations approach their internet policies moving forward; yet, India’s Telecommunications Agency has taken a different approach by denouncing “discriminatory treatment” in internet access within their borders.

Border Brawn: As part of the Department of Immigration and Customs Enforcement’s augmented “Visa Lifecycle Vetting” program, and despite concerns from privacy advocates, the agency is calling on major software companies to develop algorithms to assess threats posed by U.S. visa holders and to surveil the social media of persons deemed high risk.

Privacy

Will ENOUGH be Enough? This week, the bipartisan Ending Nonconsensual Online User Graphic Harassment (ENOUGH) Act of 2017 was introduced with the hope of providing the Justice Department with the necessary tools to prosecute revenge porn perpetrators and creating federal criminal liability for revenge porn, which now affects 1 in 25 Americans.

DNcrAy: Senator Chuck Schumer is asking the Federal Trade Commission to review the lack of regulation of consumer DNA testing companies, which can claim ownership of DNA, allow third parties to access it, and make DNA vulnerable to hackers, and which the Food and Drug Administration only regulates in a limited capacity.

Information Security and Cyberthreats

Unveiling Uber: This week, the leads of the congressional committees on technology,  finance, telecommunications, and data security sent Uber executives a series of questions regarding their recently unveiled data breach cover-up, specifically asking why consumers were informed so long after the attack.

Web Watch: A new study has identified almost 500 of the world’s top 50,000 websites, including Home Depot and CBS News, which engage in “session replay,” a technique that records users’ keystrokes, mouse movements, and scrolling behavior and may compromise sensitive user information.

Intellectual Property

Patent Predicament: The Supreme Court appears divided over the constitutionality of a 2011 law that allows the Patent Trial and Appeal Board (PTAB) to hear patent challenges, with supporters claiming that the PTAB hearings make it easier to go after patent trolls and critics arguing that the PTAB is improperly replacing the federal courts.

Free Expression and Censorship

Working Hard or Hardly Working? This week YouTube has been on its toes as it worked to fix a hack of its autocompleted search results, based on frequently searched terms, which previously allowed for suggestions of auto-completed terms relating to obscene acts with children; meanwhile, YouTube also froze brand advertisements on obscene videos of children after the company received requests from big-name brands to remove their ads from such content.

Practice Note

Balancing Act: In an effort to avoid patent licensing disputes, the European Commission has issued licensing guidelines aiming to strike a balance between the interests of patent owners and users, with the final draft removing both a requirement for owners to categorically provide licenses and a requirement for users to pay different rates to use patents.

On The Lighter Side

Mechanical Mentor: A mechanical female falcon now patrols the airspace around the Alberta, Canada airport to scare and herd birds away from the airport and teach them to fly in less dangerous areas.

---

Information Law News From CLIP-ings International Correspondents Around the Globe

This academic year, former CLIP-ings Editorial Fellows studying abroad are reporting from time-to-time on current local news and developments in the field of information law!

From Victoria Loeb – Paris, France:

Numerous Trackers Found in Android Apps: Security researchers at French nonprofit Exodus Privacy built a custom auditing platform to find tracking software in more than 300 apps for Android’s smartphone operating systems, with capabilities to target users based on third-party data, identify offline movement through machine learning, track behavior across devices, and correlate users; researchers at Yale Privacy Lab are working to replicate the Exodus findings and believe many of the trackers also exist on iOS, as many companies distribute for both platforms.

 

---

Joel R. Reidenberg
Stanley D. and Nikki Waxberg Chair and Professor of Law
Founding Academic Director, Fordham CLIP

N. Cameron Russell
Executive Director, Fordham CLIP

Yemi Danmola
Harrison Kay
Rilana Wenske
Editorial Fellows, Fordham CLIP