anonymous e-mailers, forum posters, meet norwich orders

A very nice summary of a recent Ontario case on Norwich orders by Omar Ha-Redeye in Slaw. Within the context of anonymous internet communications (anonymous e-mail accounts, forum postings, etc.), a Norwich order can be used to compel a service provider (such as an ISP, a forum host or e-mail service provider) to provide information on its customer in an attempt to identify the individual who has sent an e-mail or posted a message that has given rise to a claim or potential claim.

The case noted by Omar related to a defamatory e-mail that was sent from an anonymous Gmail account. The person making the claim needed to take a few steps in order to attempt to identify the alleged wrongdoer. First, as it is possible to open a Gmail account without submitting full/accurate personal information, he would have needed to obtain a Norwich order from Google. That order likely would have requested from Google a listing of the IP addresses used to create and/or access the specified Gmail account and the times at which they were used. Once the IP addresses were obtained, it would be easy to identify the ISPs or organizations which were allocated those addresses through a WHOIS or similar enquiry (generally IP address allocations are public information). IP addresses typically are not sufficient to identify a particular individual since most (if not all) of them are allocated to organizations, who then either permit specific computers within their organization to use them on a permanent basis (static IP addresses), or allocate them on a dynamic basis. In the case of most ISPs, they will maintain a pool of IP addresses that are used as their customers switch on their computers and access their accounts, so that the address allocated to any particular customer may vary over time.

Consequently, one the wronged party had obtained the relevant IP addresses and identified the ISPs, he would have needed to file a Norwich order against the ISPs to obtain information regarding the account holders who had used the IP addresses at the indicated times. The ISP’s records would allow them to do this, as ISPs will usually need to validate the identity of their customers when they sign up. The case at hand involved this second step, and the wronged party was successful in having the Norwich order issued against the ISPs.

Norwich orders are very useful devices to help advance claims where a wrongdoer attempts to use the cloak of anonymity to protect him or herself from liability. That being said, technology being what it is, there are limits to what a Norwich order can do. For example, if a wrongdoer used cash-only web-cafes, free anonymous wifi connections or, anonymization proxies, IP spoofing or pirates third party wifi signals or hacks into a third party computer, it may be more difficult to successfully identify the wrongdoer (though even in these cases it may not be impossible). Along similar lines, the defence of a claim by an individual whose information was obtained in such a manner could also assert that, although the account with the ISP was in his or her name, it wasn’t that individual who actually initiated the wrongful communication – e.g. shared ISP connection with others or hacked computer or internet connection. In short, while a Norwich order will provide useful information that will likely lead in the right direction to track down a wrongdoer, ultimately the only information it will provide is the linkage between an IP address used for wrongdoing and the account holder allocated that IP address, and not necessarily the individual committing the wrongdoing.

Fair Use and the DMCA

An article in Wired News with the dramatic title of “Lawmakers Tout DMCA Killer” describes the most recent attempt to: (a) water down the protections afforded to content owners by the DMCA; (b) ensure the preservation of fair use rights on the part of users. As is usual, each side has its own rhetoric to describe what is happening, so in fairness I took the liberty of offering to readers of this blog the two alternative descriptions above. The nub:

The Boucher and Doolittle bill (.pdf), called the Fair Use Act of 2007, would free consumers to circumvent digital locks on media under six special circumstances.

Librarians would be allowed to bypass DRM technology to update or preserve their collections. Journalists, researchers and educators could do the same in pursuit of their work. Everyday consumers would get to “transmit work over a home or personal network” so long as movies, music and other personal media didn’t find their way on to the internet for distribution.

And then of course on the other side:

“The suggestion that fair use and technological innovation is endangered is ignoring reality,” said MPAA spokeswoman Gayle Osterberg. “This is addressing a problem that doesn’t exist.”

Osterberg pointed to a study the U.S. Copyright Office conducts every three years to determine whether fair use is being adversely affected. “The balance that Congress built into the DMCA is working.” The danger, Osterberg said, is in attempting to “enshrine exemptions” to copyright law.

To suggest that content owners have the right to be paid for their work is, for me, a  no-brainer. That being said, I wonder whether the DMCA and increasingly more complex and invasive DRM schemes will ultimately backfire – sure they protect the content, but they sure as heck are a pain in the ass – just my personal take on it. For example, I’d love to buy digital music, but having experienced the controls that iTunes imposes and suddenly having all my tracks disappear, I just don’t bother with it now. Not to mention the incredible hoops one needs to go through to display, say, Blu-ray on a computer – at least in its original, non-downgraded resolution – why bother with all of that at all?

I wonder whether this is, in a way, history repeating itself in a way. I am old enough to remember the early days of software protection – virtually every high-end game or application used fairly sophisticated techniques (like writing non-standard tracks on floppies in between standard tracks) in attempting to prevent piracy. Granted, these have never gone away altogether, particularly for super high end software that needs dongles and and the like, and of course recently there has been a resurgence in the levels of protection that have been layered on in Windows, but after the initial, almost universal lockdown of software long ago, there came a period where it seemed many (if not most) software developers just stopped using such measures.  At least that’s what seemed to happen. I’m not quite sure why, but I wonder if this same pattern will repeat with content rather than software. I suspect not. But hey, you never know.

In the meantime, off I go, reluctantly, in the cold, cold winter, to the nearest record shop to buy music the old fashioned way…


Wikiality

Interesting post on the Wellington Financial Blog about “Wikiality” – the practice of taking stuff in Wikipedia as the truth, or, to quote: ““a reality where, if enough people agree with a notion, it becomes the truth.”

JN notes that Wikipedia has been cited by the courts, and this is reason for concern. A snippet:

The practice poses two problems:

  1. The references may be inaccurate; and
  2. Even if accurate, the references are subject to change at any point in the future, making it difficult for any future decisions to refer back to the original or understand the context in which it was made.

Given recent reports of Microsoft offering to pay individuals to make changes to certain Wikipedia articles in which they have a vested interest, the credibility of the site as a definitive reference source again comes into question.

A few of my colleagues at the firm also expressed bemusement when a recent case in Ontario (don’t have the citation, sorry) also cited Wikipedia.

I am quite a big fan of Wikipedia. It is, I think a rather useful and handy tool to refer to from time to time. Do I take it as the gospel? No. Would I use it if I were trying to concoct an antidote for a poison that was about to kill me? Probably not. Would I cite it in a legal research paper? Possibly. In fact, quite likely.

Although Wikipedia is by no means without its weaknesses, it also has its strengths. Sure, there is a possibility of inaccuracy. But then again, isn’t something less likely to have inaccuracies if it is reviewed (and edited) by more eyes (and more minds)? Isn’t it more likely that if there is a dispute about what is and isn’t correct, it will come to light, just like the Microsoft incident?

And what source, can it be said, is free of inaccuracies? Certainly not The New York Times. Although the Gray Lady is quick to point out that it was “deceived” by an errant reporter, it is less quick to reflect on the fact that it published fabricated stories. That of course is the clearest example, but history is rife with examples of inaccurate or misleading stories in the press. Less clear, of course, is media bias. And one only needs to refer to Manufacturing Consent. I don’t necessarily agree with all that book has to offer, but it certainly provides some food for thought.

What about scientific publications? Hmmm. Well. Again, truth is quite often relative. The clearest examples, are, of course, outright fabrication. Nonetheless, Dr. Hwang Woo-suk’s paper on producting the first cloned stem cell line was considered the truth for several years, until he was discredited. And more generally speaking, is it not true that, in the world of science, what is considered to be the truth is what most scientists believe to be true? Is that not the system of peer review? A great read on this topic is The Structure of Scientific Revolutions (as an aside, its also the book that introduced the phrase “paradigm shift” into popular parlance). I won’t bore you with details, but suffice it to say that, at the end of the day, science, at least in concept, may not be that far from wikiality.

My point isn’t necessarily to skewer existing sources of “truth” but rather to point out that such sources aren’t necessarily more reliable or accurate, or less fallible, than something like Wikipedia.

And as for things changing? Make a copy.


Microsoft Patents RSS. Or Tries To. Maybe.

Interesting post on someone else’s blog about Microsoft apparently trying to patent RSS:

The applications, filed last June but just made public yesterday, cover subscribing and discovering what Microsoft calls “Web feeds.” That comes as a bit of a shock to anyone who’s been working on RSS, which has its origins in a format developed seven years ago at Netscape Communications.

Microsoft executive Don Dodge, while not involved in the patent applications, says he suspects the filings were made to defend the company against “patent trolls”. (The filings were made shortly before Microsoft announced plans to build RSS technology into its upcoming Vista operating system.) Still, if granted, the patents would give Microsoft a legal cudgel to wield against other companies using RSS.

Well. They do have a point. Generally speaking, I don’t think patent trolls (those that basically file overly broad patents and then sit on them in a dark cave until someone who actually does something useful, and therefore has deep pockets, unwittingly infringes, at which point the troll comes out and clubs them over the head with a lawsuit or settlement) are a good thing. That being said, its ironic that Microsoft feels the need to abuse the system in the same way as patent trolls in order to proactively defend itself. It will be interesting to see how things turn out.

Unfortunately, I’m not necesarily sure that prior art would necessarily invalidate these patents – after all, most of NTP’s patents were more or less considered invalid, but that didn’t stop them from collecting several hundred million from RIM. And its not like there haven’t been other, um, rather broad patents asserted in the past. You know, like back in 2002, when British Telecom asserted ownership of hyperlinks (which they lost) though of course BT doesn’t quite fit the description of a patent troll.

Then again, it begs the question as to who or what should or shouldn’t be considered a patent troll – for example, its well known that IBM has a huge, gigantic, enormous arsenal of patents at its disposal. IBM also actively licenses these patents (and of course threatens litigation where it believes its rights are being violated), but it isn’t necessarily the case that IBM would otherwise have exploited these patents in what I’ll call “active” business – i.e. making and selling something based on the patent as opposed to primarily seeking royalties and licenses from those do – even though IBM does do so in some cases. So does that make IBM a patent troll? What about Philo T. Farnsworth who, arguably, never started producing televisions but instead sought legal claims against others?

My perhaps overly simplistic take on this is that patent trolls are not inherently the problem, but rather the ability, primarily in the US, to register patents that should have never issued in the first place. If someone comes up with a smart, cool, inventive, and truly novel way of doing something, then they should certainly be free to either produce something with it, or sue the living daylights out of someone else who comes along and infringes the IP even if they don’t (or can’t) make productive use of it themselves. Not actively exploiting a patent is not necessarily tantamount to being a bad guy, IMHO.

It will be interesting to see what happens on this front, if anything. If nothing does, then I may well turn to drafting patents, the first being “Method of Utilizing a Rhythmic Cadence in the Expansion and Contraction of Multiple Muscular Groupings to Faciliate Indefinite Continuation of Metabolism of Cell Structures.” I like the sound of that. Yes indeed.