mass p2p lawsuit commenced in canada

I was surprised to see Michael Geist’s post that a new lawsuit is targeting thousands of individuals for unlawfully sharing copyrighted films through peer-to-peer networks. I had thought approach had lost its appeal some time ago. Go and read Mr. Geist’s analysis of how he thinks things will proceed. I have nothing to add on that front. I am curious, however, why it seems (as far as I can tell) that only one carrier, TekSavvy Solutions, seems to have been targeted. I would have thought that carriers having much larger shares of the ISP market would result in a much larger number of prospective defendants and therefore much more rewarding. Then again, I imagine such carriers might also have a larger legal budget. Still, it does seem rather curious to focus only on one, comparatively small, ISP.

Stikeman Elliott appears to be on for Teksavvy (from what I see on the motion record), while Brauti Thorning Zibarras is on for Voltage Pictures, the plaintiff (better known as the firm who launched the defamation claim against Youtube and others on behalf of “Officer Bubbles”).

Will be interesting to see how things play out (unless of course you’re one of the poor souls that are in Voltage’s crosshairs).

linux kernel found to infringe patent

Well, this is rather disconcerting. By way of Engadget, I came across this blog entry on FOSS Patents about how a small outfit in Texas, Bedrock Computer Technologies LLC (apparently a non-practicing entity, otherwise typically described as a “patent troll”), has won a $5 million claim for patent infringement against Google.

But the part that is perhaps a bit more worrisome than either the amount or the defendant is the fact that the infringing technology in question is a portion of the Linux kernel. From the entry:

Like I said further above, the question of Google possibly having to pay $5 million (unless the judge decides otherwise or an appeal succeeds) is not really the issue. In addition to money, Bedrock also asked for an injunction, and now that Google has been found to infringe a patent deemed valid by the jury, it remains to be seen whether an injunction will be granted either by this court or on a possible appeal.

The problem is that Bedrock is now in a pretty strong position to collect royalties from other Linux users, especially those utilizing Linux for large server operations.

It’s a bit difficult to tell, based on the claims asserted in the patent, whether or not Google would be able to excise the offending part of the kernel or find some other way to avoid infringing use. I’m sure they can, but if they can’t,  an injunction might have some implications for Google’s server farms and therefore its operations.

In addition, there’s also the possibility that this will impact Android:

Concerning Android, I wouldn’t rule out that maybe some of the hundreds of thousands of Android applications out there use the teachings of the infringed patent claims in one way or another. Even if that is not the case, Google might have to modify the Linux kernel it distributes with Android in order to remove the infringing code because otherwise there’s always the risk of contributory infringement should any app make use of that portion of the Linux kernel.

Needless to say, there could be quite a few companies impacted by this, though I imagine folks in the open source community are starting to look at workarounds, hopefully. It’s difficult to tell from the claim in the patent how fundamental it is or how difficulty or easy it would be to work around.

Perhaps its just me, but sometimes get rather irritated when reading software patent claims. Often, they seem to describe things that already well known or rather mundane. Take for example the claims in this case:

1. An information storage and retrieval system, the system comprising:

  • a linked list to store and provide access to records stored in a memory of the system, at least some of the records automatically expiring,
  • a record search means utilizing a search key to access the linked list,
  • the record search means including a means for identifying and removing at least some of the expired ones of the records from the linked list when the linked list is accessed, and
  • means, utilizing the record search means, for accessing the linked list and, at the same time, removing at least some of the expired ones of the records in the linked list.

2. The information storage and retrieval system according to claim 1 further including means for dynamically determining maximum number for the record search means to remove in the accessed linked list of records.

I’m not trained as a patent agent, so cannot speak with much authority on this, but these claims, to me, seem rather mundane.

woman sues rogers for exposing affair to husband

Can mobile carriers be liable for divorce? I guess we’ll find out soon enough. There was a story in the Toronto Star this morning that told of a woman who is suing Rogers for $600,000 because her husband left her. She alleges this was caused by Rogers taking the liberty of sending her husband a consolidated bill when he signed up for internet and home phone. They apparently then lumped in her cell phone bill, which she alleges she did not request. When the husband saw the bill and noticed a series of long phone calls, he called the number and apparently found out about his wife’s affair.

Needless to say, Rogers is asserting that it is not liable, primarily it seems on the basis of lack of causality – i.e. it was the affair that led to the break-up, not the disclosure of personal information. Of course the wife will argue that the break-up would not have happened but for Rogers disclosure, which is likely alleged to be in contravention of her agreement with Rogers or the Canadian Personal Information Protection and Electronic Documents Act.

Interestingly, on the latter front, she apparently did not choose to make a complaint to the federal privacy commissioner, instead deciding to proceed by way of a statement of claim in the Ontario Superior Court.

I have my doubts as to the likelihood of her success. Despite the unfortunate circumstance she and her two young children now find themselves, I don’t think the courts will have much sympathy for her claim. Even if there were a breach by Rogers, I’m not sure how much in the way of damages she would be awarded. The question here would be whether the court believes the damages would have been foreseeable by Rogers. I think that would be unlikely. But who knows. In any event, I’m sure this is a case that The Ashley Madison Agency will be following very closely.

anonymous e-mailers, forum posters, meet norwich orders

A very nice summary of a recent Ontario case on Norwich orders by Omar Ha-Redeye in Slaw. Within the context of anonymous internet communications (anonymous e-mail accounts, forum postings, etc.), a Norwich order can be used to compel a service provider (such as an ISP, a forum host or e-mail service provider) to provide information on its customer in an attempt to identify the individual who has sent an e-mail or posted a message that has given rise to a claim or potential claim.

The case noted by Omar related to a defamatory e-mail that was sent from an anonymous Gmail account. The person making the claim needed to take a few steps in order to attempt to identify the alleged wrongdoer. First, as it is possible to open a Gmail account without submitting full/accurate personal information, he would have needed to obtain a Norwich order from Google. That order likely would have requested from Google a listing of the IP addresses used to create and/or access the specified Gmail account and the times at which they were used. Once the IP addresses were obtained, it would be easy to identify the ISPs or organizations which were allocated those addresses through a WHOIS or similar enquiry (generally IP address allocations are public information). IP addresses typically are not sufficient to identify a particular individual since most (if not all) of them are allocated to organizations, who then either permit specific computers within their organization to use them on a permanent basis (static IP addresses), or allocate them on a dynamic basis. In the case of most ISPs, they will maintain a pool of IP addresses that are used as their customers switch on their computers and access their accounts, so that the address allocated to any particular customer may vary over time.

Consequently, one the wronged party had obtained the relevant IP addresses and identified the ISPs, he would have needed to file a Norwich order against the ISPs to obtain information regarding the account holders who had used the IP addresses at the indicated times. The ISP’s records would allow them to do this, as ISPs will usually need to validate the identity of their customers when they sign up. The case at hand involved this second step, and the wronged party was successful in having the Norwich order issued against the ISPs.

Norwich orders are very useful devices to help advance claims where a wrongdoer attempts to use the cloak of anonymity to protect him or herself from liability. That being said, technology being what it is, there are limits to what a Norwich order can do. For example, if a wrongdoer used cash-only web-cafes, free anonymous wifi connections or, anonymization proxies, IP spoofing or pirates third party wifi signals or hacks into a third party computer, it may be more difficult to successfully identify the wrongdoer (though even in these cases it may not be impossible). Along similar lines, the defence of a claim by an individual whose information was obtained in such a manner could also assert that, although the account with the ISP was in his or her name, it wasn’t that individual who actually initiated the wrongful communication – e.g. shared ISP connection with others or hacked computer or internet connection. In short, while a Norwich order will provide useful information that will likely lead in the right direction to track down a wrongdoer, ultimately the only information it will provide is the linkage between an IP address used for wrongdoing and the account holder allocated that IP address, and not necessarily the individual committing the wrongdoing.

mature industries

This may be just me. In fact I’m probably sure it is. But I seem to note a correlation between lawsuits of the sort that make me wonder a bit why they bother and the maturity of the industry in which they take place. And by maturity I mean in terms of industrial growth cycle, and not (necessarily) in terms of developmental psychology. To wit, a claim that had a writeup by Manatt Phelps & Phillips LLP:

Hormel Foods has sued rival Campbell’s over the latter’s description of its Chunky Fully Loaded soup as a “stew.”In its lawsuit, Hormel charges Campbell’s with “misrepresenting the nature, characteristics, ingredients, benefits and qualities of its Chunky Fully Loaded soup products in commercial advertising and promotion.”

Which leads me to believe that the soup/stew market is relatively mature. What do you think? Dumb rule?

long live the revolution! and lawsuits!

Someone in China got upset that the state censors there required cuts to Ang Lee’s film Lust, Caution. From Reuters:

Dong Yanbin, a Ph.D student at the China University of Political
Science and Law in Beijing, had filed a suit against the nation’s film
censor, the State Administration of Radio Film and Television (SARFT),
for infringing upon his “consumer rights,” the Beijing Times said.

Power grows out of a statement of claim. Its the new Mao.

first us gpl lawsuit filed

Surprising. I’ve read about cases going to court in Europe and naturally assumed, given the litigious environment of the US, that something had happened long ago stateside. So, I was a bit surprised to hear about the first GPL lawsuit down there.

For the first time in the U.S., a company and software vendor, Monsoon Multimedia, is being taken to court for a GPL violation. Previously, alleged GPL violations have all been settled by letters from the FSF (Free Software Foundation) or other open-source organizations, pointing out the violation. (Linux Watch)

Hmmm. Maybe not – recent news is that they’re now in settlement discussions. In any event, this gives me yet another excuse to rant, once again, about open source software, or for that matter, any third party code that companies out there may wish to use or build into their products.

As some of you may know, I personally quite like open source stuff. In fact, this blog is written using a giant truckload of the stuff, which works remarkably well for something developed by folks who aren’t paid (for the most part) to develop any of it. Open source can also be a great asset to many companies out there, whether in use or in development.

BUT (and surely you must be expecting a but by now), to the extent you are going to develop with open source code, public domain code or for that matter ANY third party code, you absolutely, positively, MUST keep track of it and make sure you use it both in compliance with the terms under which it is licensed and: (a) make sure the license terms are appropriate for the intended purpose; and (b) make sure you comply with the license terms.

Why is (a) important? To give a very simply illustration, if you plan on building a company whose primary asset and value is based on closed and (ostensibly) proprietary code, you should not be putting GPL code into your product, since one of the requirements of doing so would be an obligation to make your code publicly available on the same terms. This is probably a vast oversimplification of the terms of the GPL but I hope it illustrates the point. And if you don’t think this is likely to have an impact on your company, well, think again. Regardless of what you may think about (b) (which we’ll be getting to in a second), a potential acquiror of your company may feel quite differently about the risks of unintended use of open source code if, for example, it has been told your product is proprietary. And they definitely will find out about it. In fact, there are very, very effective tools to do so, like the one provided by Black Duck. And it is becoming a rather normal practice in acquisition due diligence to run code through Black Duck or something similar if there is the possibility of undisclosed open source.

Why is (b) important? Well, in addition to what’s described above, there is a real risk associated with contravening the GPL, the LPGL or other open source licenses. Just because its free does not mean that someone will not invest the time and effort to find out about contraventions of such licenses and make sure their terms are complied with, including the Software Freedom Law Center. In addition to institutions like those, there are also many, many folks out there keeping an eye out for possible breaches of GPL and reporting them to bodies like the SFLC.

All that being said, I should make it clear that I do think that open source software does have a place in profit-driven companies, as do open source development models. JBoss, MySQL, and Sleepycat are just a few in the latter category that have been quite successful. The key of course, is to make sure that how you use those tools works consistently both with your intended business model and with the terms under which apply to their use. Which will be a good topic for another day.

silly lawsuit of the week

OK. Short version of the story in InformationWeek: Woman puts up a website. She puts a “webwrap” agreement at the bottom – i.e. basically a contract that says if you use the site then you agree to the contract. Still some question as to whether such a mechanism is binding, but anyway…

So the Internet Archive of course comes along and indexes her site. Which apparently is a violation of the webwrap. So she sues, representing herself, I believe. The court throws out everything on a preliminary motion by IA except for the breach of contract.

InformationWork observes that “Her suit asserts that the Internet Archive’s programmatic visitation of her site constitutes acceptance of her terms, despite the obvious inability of a Web crawler to understand those terms and the absence of a robots.txt file to warn crawlers away.” (my emphasis). They then conclude with this statement:

If a notice such as Shell’s is ultimately construed to represent just such a “meaningful opportunity” to an illiterate computer, the opt-out era on the Net may have to change. Sites that rely on automated content gathering like the Internet Archive, not to mention Google, will have to convince publishers to opt in before indexing or otherwise capturing their content. Either that or they’ll have to teach their Web spiders how to read contracts.

(my emphasis).

They already have – sort of. It’s called robots.txt – the thing referred to above. For those of you who haven’t heard of this, its a little file that you put on the top level of your site and which is the equivalent of a “no soliciation” sign on your door. Its been around for at least a decade (probably longer) and most (if not all) search engines

From the Internet Archive’s FAQ:

How can I remove my site’s pages from the Wayback Machine?

The Internet Archive is not interested in preserving or offering access to Web sites or other Internet documents of persons who do not want their materials in the collection. By placing a simple robots.txt file on your Web server, you can exclude your site from being crawled as well as exclude any historical pages from the Wayback Machine.

Internet Archive uses the exclusion policy intended for use by both academic and non-academic digital repositories and archivists. See our exclusion policy.

You can find exclusion directions at exclude.php. If you cannot place the robots.txt file, opt not to, or have further questions, email us at info at archive dot org.

standardized methods of communications – privacy policies, etc. – more. Question is, will people be required to use it, or simply disregard and act dumb?

press neutrality and lawsuits

Techcrunch (Mr. Arrington) has put up an article suggesting Digg sue Wired (that’s also the headline – “Digg Should Sue Wired”). Because Wired posted some negative reviews of Digg. And because Wired’s parent, Condé Nast, owns a competitor of Digg (reddit). The nub:

Digg can’t treat Wired like any other user that’s engaged in fraud. Wired is the press, and the press has tremendous power. Wired is putting Digg in an impossible situation, and they should be called on it. Reporting news is one thing (although they should note the conflict of interest there as well), but actively creating negative news about a competitor and then using the massive reach of Wired to promote that “news” is way over the line.

Very strog words indeed. I’m quite surprised by this comment, as I understand Mr. Arrington has legal training and in fact practiced as a lawyer for some time. Why surprised? Because, apart from the possibility that the reporter who wrote the second article to which he refers (who basically tried to see if Digg’s system of user rankings could be “gamed”) breached Digg’s terms of use (of course – because rightly so their terms would prohibit such gaming…), its really, really tough for me to see exactly what Digg should sue Wired for? What exactly is the cause of action? Surely he’s not accusing Digg of actually committing fraud, is he? It difficult for me to see how fraud has been committed – what exactly is fraudulent about the articles?

Sure, there is a conflict of interest situation here, the usual cure for which is full disclosure, but hardly the basis for a lawsuit. And if he thinks that Wired suffers from conflict of interest, well, I invite him to check out the ownership of most major media in the US and Canada, and see how many times they are taking a stab at competitors of other companies that their ultimate owners control. If this is as big a deal as Mr. Arrington suggests, the Chomsky’s Manufacturing Consent should be considered a field manual to endless lawsuits against not only Condé Nast but also CBS, NBC, ABC, CanWest Global, etc. etc. etc.

But perhaps I took the words too seriously – perhaps he was just using the words “sue” and “fraud” figuratively or to illustrate his point. Or perhaps, given the more litigious nature of the US, and the somewhat kindler, gentler, less punitive (as in damages) environment in Canada, there is actually a basis for Digg suing the heck out of Wired.

Bit of a tempest in a teapot, I think…

And of course in the interest of full disclosure, I am a subscriber to Wired, and also hope someday to see one tiny link from their site to this little blog.

Patent Lawsuits Catch-Up

A nice summary of the 2006 e-comm lititation in the E-Commerce Times. Not surprisingly, they call 2006 the “Year of the Tech Patent Lawsuits”. An excerpt on one of my favourites:

For better or worse, patent attorneys can thank the NTP v. Research In Motion case for introducing the word ‘patent troll’ into the general lexicon and more fundamentally, highlighting how easy it is for an upstart to challenge an established company. In short, it made patent law sexy.

This and many other recent cases in with which an e-commerce patent has been challenged by a small company has led to a steady call for reform by the software industry, he said.

“At every opportunity, today’s software market-leaders have called for reductions in the power of patents, increases in the difficulty of obtaining patents, and an enforcement bias toward companies that practice the patent.

Some see the proposed reforms as improving ‘patent quality’ while others see them as a way to squeeze out upstart competitors,” he explained

Wow. I never thought I’d live to see the words “patent law” and “sexy” used in the same sentence, much less using the latter to describe the former. I’ve already ruminated about this topic previously so will keep this one short. Links to the articles below.

Part 1 Part 2