linux kernel found to infringe patent

Well, this is rather disconcerting. By way of Engadget, I came across this blog entry on FOSS Patents about how a small outfit in Texas, Bedrock Computer Technologies LLC (apparently a non-practicing entity, otherwise typically described as a “patent troll”), has won a $5 million claim for patent infringement against Google.

But the part that is perhaps a bit more worrisome than either the amount or the defendant is the fact that the infringing technology in question is a portion of the Linux kernel. From the entry:

Like I said further above, the question of Google possibly having to pay $5 million (unless the judge decides otherwise or an appeal succeeds) is not really the issue. In addition to money, Bedrock also asked for an injunction, and now that Google has been found to infringe a patent deemed valid by the jury, it remains to be seen whether an injunction will be granted either by this court or on a possible appeal.

The problem is that Bedrock is now in a pretty strong position to collect royalties from other Linux users, especially those utilizing Linux for large server operations.

It’s a bit difficult to tell, based on the claims asserted in the patent, whether or not Google would be able to excise the offending part of the kernel or find some other way to avoid infringing use. I’m sure they can, but if they can’t,  an injunction might have some implications for Google’s server farms and therefore its operations.

In addition, there’s also the possibility that this will impact Android:

Concerning Android, I wouldn’t rule out that maybe some of the hundreds of thousands of Android applications out there use the teachings of the infringed patent claims in one way or another. Even if that is not the case, Google might have to modify the Linux kernel it distributes with Android in order to remove the infringing code because otherwise there’s always the risk of contributory infringement should any app make use of that portion of the Linux kernel.

Needless to say, there could be quite a few companies impacted by this, though I imagine folks in the open source community are starting to look at workarounds, hopefully. It’s difficult to tell from the claim in the patent how fundamental it is or how difficulty or easy it would be to work around.

Perhaps its just me, but sometimes get rather irritated when reading software patent claims. Often, they seem to describe things that already well known or rather mundane. Take for example the claims in this case:

1. An information storage and retrieval system, the system comprising:

  • a linked list to store and provide access to records stored in a memory of the system, at least some of the records automatically expiring,
  • a record search means utilizing a search key to access the linked list,
  • the record search means including a means for identifying and removing at least some of the expired ones of the records from the linked list when the linked list is accessed, and
  • means, utilizing the record search means, for accessing the linked list and, at the same time, removing at least some of the expired ones of the records in the linked list.

2. The information storage and retrieval system according to claim 1 further including means for dynamically determining maximum number for the record search means to remove in the accessed linked list of records.

I’m not trained as a patent agent, so cannot speak with much authority on this, but these claims, to me, seem rather mundane.

woman sues rogers for exposing affair to husband

Can mobile carriers be liable for divorce? I guess we’ll find out soon enough. There was a story in the Toronto Star this morning that told of a woman who is suing Rogers for $600,000 because her husband left her. She alleges this was caused by Rogers taking the liberty of sending her husband a consolidated bill when he signed up for internet and home phone. They apparently then lumped in her cell phone bill, which she alleges she did not request. When the husband saw the bill and noticed a series of long phone calls, he called the number and apparently found out about his wife’s affair.

Needless to say, Rogers is asserting that it is not liable, primarily it seems on the basis of lack of causality – i.e. it was the affair that led to the break-up, not the disclosure of personal information. Of course the wife will argue that the break-up would not have happened but for Rogers disclosure, which is likely alleged to be in contravention of her agreement with Rogers or the Canadian Personal Information Protection and Electronic Documents Act.

Interestingly, on the latter front, she apparently did not choose to make a complaint to the federal privacy commissioner, instead deciding to proceed by way of a statement of claim in the Ontario Superior Court.

I have my doubts as to the likelihood of her success. Despite the unfortunate circumstance she and her two young children now find themselves, I don’t think the courts will have much sympathy for her claim. Even if there were a breach by Rogers, I’m not sure how much in the way of damages she would be awarded. The question here would be whether the court believes the damages would have been foreseeable by Rogers. I think that would be unlikely. But who knows. In any event, I’m sure this is a case that The Ashley Madison Agency will be following very closely.

anonymous e-mailers, forum posters, meet norwich orders

A very nice summary of a recent Ontario case on Norwich orders by Omar Ha-Redeye in Slaw. Within the context of anonymous internet communications (anonymous e-mail accounts, forum postings, etc.), a Norwich order can be used to compel a service provider (such as an ISP, a forum host or e-mail service provider) to provide information on its customer in an attempt to identify the individual who has sent an e-mail or posted a message that has given rise to a claim or potential claim.

The case noted by Omar related to a defamatory e-mail that was sent from an anonymous Gmail account. The person making the claim needed to take a few steps in order to attempt to identify the alleged wrongdoer. First, as it is possible to open a Gmail account without submitting full/accurate personal information, he would have needed to obtain a Norwich order from Google. That order likely would have requested from Google a listing of the IP addresses used to create and/or access the specified Gmail account and the times at which they were used. Once the IP addresses were obtained, it would be easy to identify the ISPs or organizations which were allocated those addresses through a WHOIS or similar enquiry (generally IP address allocations are public information). IP addresses typically are not sufficient to identify a particular individual since most (if not all) of them are allocated to organizations, who then either permit specific computers within their organization to use them on a permanent basis (static IP addresses), or allocate them on a dynamic basis. In the case of most ISPs, they will maintain a pool of IP addresses that are used as their customers switch on their computers and access their accounts, so that the address allocated to any particular customer may vary over time.

Consequently, one the wronged party had obtained the relevant IP addresses and identified the ISPs, he would have needed to file a Norwich order against the ISPs to obtain information regarding the account holders who had used the IP addresses at the indicated times. The ISP’s records would allow them to do this, as ISPs will usually need to validate the identity of their customers when they sign up. The case at hand involved this second step, and the wronged party was successful in having the Norwich order issued against the ISPs.

Norwich orders are very useful devices to help advance claims where a wrongdoer attempts to use the cloak of anonymity to protect him or herself from liability. That being said, technology being what it is, there are limits to what a Norwich order can do. For example, if a wrongdoer used cash-only web-cafes, free anonymous wifi connections or, anonymization proxies, IP spoofing or pirates third party wifi signals or hacks into a third party computer, it may be more difficult to successfully identify the wrongdoer (though even in these cases it may not be impossible). Along similar lines, the defence of a claim by an individual whose information was obtained in such a manner could also assert that, although the account with the ISP was in his or her name, it wasn’t that individual who actually initiated the wrongful communication – e.g. shared ISP connection with others or hacked computer or internet connection. In short, while a Norwich order will provide useful information that will likely lead in the right direction to track down a wrongdoer, ultimately the only information it will provide is the linkage between an IP address used for wrongdoing and the account holder allocated that IP address, and not necessarily the individual committing the wrongdoing.

first us gpl lawsuit filed

Surprising. I’ve read about cases going to court in Europe and naturally assumed, given the litigious environment of the US, that something had happened long ago stateside. So, I was a bit surprised to hear about the first GPL lawsuit down there.

For the first time in the U.S., a company and software vendor, Monsoon Multimedia, is being taken to court for a GPL violation. Previously, alleged GPL violations have all been settled by letters from the FSF (Free Software Foundation) or other open-source organizations, pointing out the violation. (Linux Watch)

Hmmm. Maybe not – recent news is that they’re now in settlement discussions. In any event, this gives me yet another excuse to rant, once again, about open source software, or for that matter, any third party code that companies out there may wish to use or build into their products.

As some of you may know, I personally quite like open source stuff. In fact, this blog is written using a giant truckload of the stuff, which works remarkably well for something developed by folks who aren’t paid (for the most part) to develop any of it. Open source can also be a great asset to many companies out there, whether in use or in development.

BUT (and surely you must be expecting a but by now), to the extent you are going to develop with open source code, public domain code or for that matter ANY third party code, you absolutely, positively, MUST keep track of it and make sure you use it both in compliance with the terms under which it is licensed and: (a) make sure the license terms are appropriate for the intended purpose; and (b) make sure you comply with the license terms.

Why is (a) important? To give a very simply illustration, if you plan on building a company whose primary asset and value is based on closed and (ostensibly) proprietary code, you should not be putting GPL code into your product, since one of the requirements of doing so would be an obligation to make your code publicly available on the same terms. This is probably a vast oversimplification of the terms of the GPL but I hope it illustrates the point. And if you don’t think this is likely to have an impact on your company, well, think again. Regardless of what you may think about (b) (which we’ll be getting to in a second), a potential acquiror of your company may feel quite differently about the risks of unintended use of open source code if, for example, it has been told your product is proprietary. And they definitely will find out about it. In fact, there are very, very effective tools to do so, like the one provided by Black Duck. And it is becoming a rather normal practice in acquisition due diligence to run code through Black Duck or something similar if there is the possibility of undisclosed open source.

Why is (b) important? Well, in addition to what’s described above, there is a real risk associated with contravening the GPL, the LPGL or other open source licenses. Just because its free does not mean that someone will not invest the time and effort to find out about contraventions of such licenses and make sure their terms are complied with, including the Software Freedom Law Center. In addition to institutions like those, there are also many, many folks out there keeping an eye out for possible breaches of GPL and reporting them to bodies like the SFLC.

All that being said, I should make it clear that I do think that open source software does have a place in profit-driven companies, as do open source development models. JBoss, MySQL, and Sleepycat are just a few in the latter category that have been quite successful. The key of course, is to make sure that how you use those tools works consistently both with your intended business model and with the terms under which apply to their use. Which will be a good topic for another day.

Pretexting, Canadian Style

From one of my very smart colleagues at the firm – a recent Canadian case involving “pretexting” like activity a la HP.

The short story: A company hires an investigator to see what some former employees are up to, since they’ve started a competing business. Based on what they find out, they sue the employees. In discovery (in rough terms, the process through which each party gets to look at the information that the other side has supporting their case), the employees find out that the investigator has obtained their phone records and also has recorded them on video at their business premises, in both cases without their consent and without a court order.

Sound somewhat familiar?

So the employees countersue the company and the investigator. It turns our that the company wasn’t aware of the methods used by the investigator and so is left off the hook, but the action against the investigators is given the green light.

Whether or not the claim of the employees will succeed remains to be seen. In the meantime, folks thinking of using investigators, for whatever purpose, would be wise to give serious consideration to the nature of information that they want to collect.

Kinderstart v. Google

Speaking of litigation, here’s another one, albeit rather old news. The short version: Kinderstart, a web startup focused on children, decides to sue Google because its PageRank drops when Google decides to fine tune its PageRank algorithms. PageRank, btw, is what determines where your site shows up in search results when someone searches on key terms in Google. So when your PageRank drops, less people see the link to your site, less people find your site, and therefore your traffic and revenue go down.

Because of this, they sued Google for damages and also sought an injunction to require Google to reveal their proprietary PageRank algorithms (which of course Google closely guards as a trade secret.

As with the Culligan case, yes, well written decision, etc. etc., and I understand the logic and all that, but there’s a little part of me that wishes that the court could have written a judgement like this:

Kinderstart, this is Google. Google is a separate business from yours. They don’t owe you a living. So, in response to your claim, the answer is no. Now go away.

Tip o’ the hat to the Stella Awards for mentioning this in their listserv. Highly recommended for their take on US litigation.

Valuation of Flies

One of the great things about working in a large firm is the sheer depth of expertise and knowledge. As an example, a recent case came out and was analyzed in short order by the folks in our litigation group, which discussed an interesting interpretation liability for negligence.

The first three paragraphs sum it up rather nicely:

[1] The Mustaphas maintain a spotless home. Cleanliness and hygiene are matters of utmost importance to them. On November 21, 2001, an incident occurred that offended their sense of sanctity in the purity of their home, and shattered Mr. Mustapha’s life. In the course of replacing an empty bottle of Culligan water on the dispenser provided by Culligan, he and his wife saw a dead fly, and part of another dead fly, in the fresh, unopened, replacement bottle.

[2] Neither Mr. Mustapha nor any member of his family drank from the bottle. He became obsessed, however, with thoughts about the dead fly in the water and about the potential implications for his family’s health of their having possibly been drinking unpurified water supplied in the past.

[3] The trial judge accepted the medical evidence that Mr. Mustapha suffers from a major depressive disorder, with associated phobia and anxiety – all triggered by the fly-in-the-bottle incident. In the result, Mr. Mustapha recovered judgment at trial in the total amount of $341,775, plus pre-judgment interest, for psychiatric injuries suffered because of the incident.

My emphasis. The decision goes on for many, many more paragraphs to ultimately overturn the judgement and absolve Culligan of liability. Its a well thought out judgement with cogent arguments supporting the conclusion.

All that being said, even as a lawyer, sometimes I read certain cases, such as this one, and wonder whether judges ever wish they could write a judgement more along these lines:

C’mon Mr. Mustapha. Its a fly. OK, a fly and a half. It didn’t kill you. It wouldn’t have killed you. Get over it. Fine, you freaked out. And I probably would also be a bit upset. But really, destroying your life? $341,000 in damages? No, the damages aren’t from the fly, they’re from you. So forget it. Not today. Not in my court. Appeal allowed. Good day.

Yes, I have my tongue firmly in cheek and yes, definitely, I understand the need for lengthy and well-reasoned judgements, etc. But sometimes, just sometimes, I scratch my head a bit and wonder what the world would be like…

Microsoft Patents RSS. Or Tries To. Maybe.

Interesting post on someone else’s blog about Microsoft apparently trying to patent RSS:

The applications, filed last June but just made public yesterday, cover subscribing and discovering what Microsoft calls “Web feeds.” That comes as a bit of a shock to anyone who’s been working on RSS, which has its origins in a format developed seven years ago at Netscape Communications.

Microsoft executive Don Dodge, while not involved in the patent applications, says he suspects the filings were made to defend the company against “patent trolls”. (The filings were made shortly before Microsoft announced plans to build RSS technology into its upcoming Vista operating system.) Still, if granted, the patents would give Microsoft a legal cudgel to wield against other companies using RSS.

Well. They do have a point. Generally speaking, I don’t think patent trolls (those that basically file overly broad patents and then sit on them in a dark cave until someone who actually does something useful, and therefore has deep pockets, unwittingly infringes, at which point the troll comes out and clubs them over the head with a lawsuit or settlement) are a good thing. That being said, its ironic that Microsoft feels the need to abuse the system in the same way as patent trolls in order to proactively defend itself. It will be interesting to see how things turn out.

Unfortunately, I’m not necesarily sure that prior art would necessarily invalidate these patents – after all, most of NTP’s patents were more or less considered invalid, but that didn’t stop them from collecting several hundred million from RIM. And its not like there haven’t been other, um, rather broad patents asserted in the past. You know, like back in 2002, when British Telecom asserted ownership of hyperlinks (which they lost) though of course BT doesn’t quite fit the description of a patent troll.

Then again, it begs the question as to who or what should or shouldn’t be considered a patent troll – for example, its well known that IBM has a huge, gigantic, enormous arsenal of patents at its disposal. IBM also actively licenses these patents (and of course threatens litigation where it believes its rights are being violated), but it isn’t necessarily the case that IBM would otherwise have exploited these patents in what I’ll call “active” business – i.e. making and selling something based on the patent as opposed to primarily seeking royalties and licenses from those do – even though IBM does do so in some cases. So does that make IBM a patent troll? What about Philo T. Farnsworth who, arguably, never started producing televisions but instead sought legal claims against others?

My perhaps overly simplistic take on this is that patent trolls are not inherently the problem, but rather the ability, primarily in the US, to register patents that should have never issued in the first place. If someone comes up with a smart, cool, inventive, and truly novel way of doing something, then they should certainly be free to either produce something with it, or sue the living daylights out of someone else who comes along and infringes the IP even if they don’t (or can’t) make productive use of it themselves. Not actively exploiting a patent is not necessarily tantamount to being a bad guy, IMHO.

It will be interesting to see what happens on this front, if anything. If nothing does, then I may well turn to drafting patents, the first being “Method of Utilizing a Rhythmic Cadence in the Expansion and Contraction of Multiple Muscular Groupings to Faciliate Indefinite Continuation of Metabolism of Cell Structures.” I like the sound of that. Yes indeed.

RIAA to AllOfMP3: Show Me the Money!!

Interesting article in TechCrunch about how AllOfMP3 told the RIAA to get lost when it filed its $1,650,000,000,000 (yes, you did read that figure right – its in the trillions) claim in New York against AllOfMP3, even though AllOfMP3 operates out of Russia. From a legal perspective one would typically launch into the complexities of jurisdiction, judicial comity, real and substantial connection, forum non conveniens, blah, blah, blah.

But since this is a personal blog, let’s focus on the fun part, shall we? Let’s focus on the CASH. Woohoo! Fun with numbers. OK, so, let’s see. Accordingly to the CIA World Factbook, the current population of the world is 6,525,170,264. So, if the the damages sought by the RIAA were evenly divided amongst every man, woman and child, each one of them could go out and buy, oh, about twenty CDs, give or take. Wow. That’s a lot of CDs.

Another way to look at it? Its bigger than the GDP of every country in the world except for roughly the top ten. Yes yes, figures are few years old. Fine. Call it 15. You get the point. In any event, around the ballpark GDP for all of Russia. Yes, including the little nesting doll thingies.
From a more personal perspective, the interest on that amount, calculated at the low, low US fed rate for the shockingly painful period of time of two minutes is quite just a bit more than the combined annual incomes of me, my wife, my mom, stepmom, dad, sister, and her husband make in a year.
The point? Just that its a lot of money. A LOT of money. Not exactly googol or a googolplex

(which, as you probably know, is how Google got its name:

The Internet search engine Google was named after this number. Larry Page, one of the founders, was fascinated with mathematics and ‘Googol’, even during high school. They ended up with ‘Google’ due to a spelling mistake on a cheque that investors wrote to the founders.

(from Wikipedia)) but still a lot of money.

Update:  Further news from the INQ – apparently they calcuated damages at US$150,000 per song. Though the INQ correctly observes that AllOfMP3 hasn’t made that much money, damages could also be measured not by what an infringer has made (or an “accounting of profits”) but also the harm that they’ve cost you – so if AllOfMP3 sold each song for a penny, while the RIAA members would have otherwise sold the same song for a buck, multiply that by 150,000 downloads and you have your damages, as that is what they’ve lost out.