norwich orders, part ii (an editorial of sorts)


I was a bit surprised to find this article that covered the court orders that had required Google to disclose information on some Gmail users and the subsequent orders in Canada against certain Canadian ISPs, which was the subject of a previous post. The long and short of it is that the author considers Norwich orders to be some sort of grave, grave intrusion on privacy rights and personal liberty. Hence, this dire warning at the end of the article:

No matter how many precautions we take to remain private or cloak our identity, the authorities and other potential litigants usually have little difficulty obtaining this content. And they do it not by nefarious mean like hacking, but through our very own court system.

Internet users everywhere would do well to take heed. Your emails — and maybe even your Google searches — could be one subpoena away from the prying eyes of federal authorities, not to mention private litigants.

Why am I surprised? Because it seems to lack the most basic understanding of the legal system. I won’t get into all the details of the workings of Norwich orders – the original article by Omar Ha-Redeye that I had previously mentioned does a very good job at that, and I would certainly commend it to the author of this article so he may perhaps gain some insight.

The fact of the matter is that no, your privacy rights and right to anonymity have not suddenly disappeared altogether. However, as with all rights there are limitations. Thus, while U.S. citizens have the right to bear arms, they do not have the right to shoot people. If someone were to do that, they should reasonably expect their gun (and likely their liberty) to be taken away. Similarly, if someone uses their right to anonymity in an attempt to commit a crime or harm someone else, they should reasonably expect that right of anonymity to be taken away – at least to the extent it relates to the crime.

Remarkably, the author seems to suggest that the use of “subpoenas” (presumably he meant to refer to the Norwich orders) are almost the equivalent of, say, parking tickets, that the authorities or litigants can simply write up  if and when they choose to stomp on someone’s personal liberties for no good reason. What an unfortunate misperception of the legal system. The very reason why someone must go to the courts to obtain such as order is to ensure that the interests of the parties involved are balanced and safeguarded. If someone seeking the order does not have a reasonable and valid basis for doing so, it is likely that the order would not issue.

Regarding process, he cites Eric Goldman:

“People need to know that very little information that they give or make available to third parties [like Google] is unavailable to the government or private litigants,” says Eric Goldman, director of the High Tech Law Institute at Santa Clara University School of Law. “I think most people are surprised at how relatively easy it is for the government and private litigants to obtain ‘their’ information.”

I can’t speak to the process in the U.S. or what Mr. Goldman considers to be “relatively easy”. What I can say is that in Canada there is reasonable due process and consideration before such orders are issued. Just to cite one part of Mr. Redeye’s article:

A Norwich order is a pre-action discovery mechanism that is described by Spence J. in Isofoton S.A. v. The Toronto-Dominion Bank,

Requests for Norwich relief are largely unfamiliar to Canadian courts.  A Norwich order essentially compels a third party to provide the applicant with information where the applicant believes it has been wronged and needs the third party’s assistance to determine the circumstances of the wrongdoing and allow the applicant to pursue its legal remedies.

The 5 elements identified in this case for granting such an order include:

(i) Whether the applicant has provided evidence sufficient to raise a valid, bona fide or reasonable claim;
(ii) Whether the applicant has established a relationship with the third party from whom the information is sought such that it establishes that the third party is somehow involved in the acts complained of;
(iii) Whether the third party is the only practicable source of the information available;
(iv) Whether the third party can be indemnified for costs to which the third party may be exposed because of the disclosure, some [authorities] refer to the associated expenses of complying with the orders, while others speak of damages; and
(v) Whether the interests of justice favour the obtaining of disclosure.
[emphasis added]

The privacy interests of the alleged wrongdoer were overcome by the last element, the interests of justice, because of the applicant’s equitable right to information.  Spence J. pointed to Alberta v. Leahy and Bankers Trust Orders (from Bankers Trust Co. v. Shapira) indicating that court orders can override confidential information, even for financial records, and Glaxo-Wellcome PLC v. M.N.R. that the privacy interests of alleged wrongdoers is somewhat diminished.

Perhaps its just me, but this doesn’t sound particularly easy.

Of course, as with most things, the legal system is certainly not perfect, and there may well be instances where abuses might occur, or wrong decisions might be made by the courts where the scales of justice tip a bit. But to point at the sky and say it’s falling because of this case seems to me to be somewhat premature, to say the least.

Or at very least, as far as privacy concerns go, consider focusing more on things like the NSA and TIA than the courts.


student rant = protected speech?

Alas, my dabbling with blogging took a bit of a nosedive lately. As things get busy with the day job something has to give, and as between playing a little bit with the boy and writing another entry in the blog, the boy always wins.

Anyway, to kick off a backlog of a zillion entries, E-Commerce News reports on a finding by the Indiana Court of Appeals:

The Indiana Court of Appeals has ruled that a student’s obscenity-filled MySpace post blasting a school principal is protected free speech. The student, who is identified as “A.B.” in court documents, was originally placed on probation by a lower court judge in Indiana after she commented about her body piercings and school policy on a MySpace page created by another student.

“While we have little regard for A.B.’s use of vulgar epithets, we conclude that her overall message constitutes political speech,” the Indiana Court of Appeals notes in its opinion on the case.

The key finding in this particular case is that A.B. was speaking out against her principal and his policies rather than causing actual harm.

This is rather interesting given that there have been one or two cases in Canada where students have been suspended for commenting negatively on their teachers. From what I recall, the stories characterized the activities or comments as “cyber-bullying”. In fact I believe The Toronto Star reported riot policing intervening at a protest by students over the suspension of one student for just this type of activity.

It will be interesting to see whether cases like this one will work their way up to Canada, and whether students, given the somewhat less litigious environment in Canada, will proceed with legal challenges of a similar nature.

Fair Use and the DMCA

An article in Wired News with the dramatic title of “Lawmakers Tout DMCA Killer” describes the most recent attempt to: (a) water down the protections afforded to content owners by the DMCA; (b) ensure the preservation of fair use rights on the part of users. As is usual, each side has its own rhetoric to describe what is happening, so in fairness I took the liberty of offering to readers of this blog the two alternative descriptions above. The nub:

The Boucher and Doolittle bill (.pdf), called the Fair Use Act of 2007, would free consumers to circumvent digital locks on media under six special circumstances.

Librarians would be allowed to bypass DRM technology to update or preserve their collections. Journalists, researchers and educators could do the same in pursuit of their work. Everyday consumers would get to “transmit work over a home or personal network” so long as movies, music and other personal media didn’t find their way on to the internet for distribution.

And then of course on the other side:

“The suggestion that fair use and technological innovation is endangered is ignoring reality,” said MPAA spokeswoman Gayle Osterberg. “This is addressing a problem that doesn’t exist.”

Osterberg pointed to a study the U.S. Copyright Office conducts every three years to determine whether fair use is being adversely affected. “The balance that Congress built into the DMCA is working.” The danger, Osterberg said, is in attempting to “enshrine exemptions” to copyright law.

To suggest that content owners have the right to be paid for their work is, for me, a  no-brainer. That being said, I wonder whether the DMCA and increasingly more complex and invasive DRM schemes will ultimately backfire – sure they protect the content, but they sure as heck are a pain in the ass – just my personal take on it. For example, I’d love to buy digital music, but having experienced the controls that iTunes imposes and suddenly having all my tracks disappear, I just don’t bother with it now. Not to mention the incredible hoops one needs to go through to display, say, Blu-ray on a computer – at least in its original, non-downgraded resolution – why bother with all of that at all?

I wonder whether this is, in a way, history repeating itself in a way. I am old enough to remember the early days of software protection – virtually every high-end game or application used fairly sophisticated techniques (like writing non-standard tracks on floppies in between standard tracks) in attempting to prevent piracy. Granted, these have never gone away altogether, particularly for super high end software that needs dongles and and the like, and of course recently there has been a resurgence in the levels of protection that have been layered on in Windows, but after the initial, almost universal lockdown of software long ago, there came a period where it seemed many (if not most) software developers just stopped using such measures.  At least that’s what seemed to happen. I’m not quite sure why, but I wonder if this same pattern will repeat with content rather than software. I suspect not. But hey, you never know.

In the meantime, off I go, reluctantly, in the cold, cold winter, to the nearest record shop to buy music the old fashioned way…


Interesting post on the Wellington Financial Blog about “Wikiality” – the practice of taking stuff in Wikipedia as the truth, or, to quote: ““a reality where, if enough people agree with a notion, it becomes the truth.”

JN notes that Wikipedia has been cited by the courts, and this is reason for concern. A snippet:

The practice poses two problems:

  1. The references may be inaccurate; and
  2. Even if accurate, the references are subject to change at any point in the future, making it difficult for any future decisions to refer back to the original or understand the context in which it was made.

Given recent reports of Microsoft offering to pay individuals to make changes to certain Wikipedia articles in which they have a vested interest, the credibility of the site as a definitive reference source again comes into question.

A few of my colleagues at the firm also expressed bemusement when a recent case in Ontario (don’t have the citation, sorry) also cited Wikipedia.

I am quite a big fan of Wikipedia. It is, I think a rather useful and handy tool to refer to from time to time. Do I take it as the gospel? No. Would I use it if I were trying to concoct an antidote for a poison that was about to kill me? Probably not. Would I cite it in a legal research paper? Possibly. In fact, quite likely.

Although Wikipedia is by no means without its weaknesses, it also has its strengths. Sure, there is a possibility of inaccuracy. But then again, isn’t something less likely to have inaccuracies if it is reviewed (and edited) by more eyes (and more minds)? Isn’t it more likely that if there is a dispute about what is and isn’t correct, it will come to light, just like the Microsoft incident?

And what source, can it be said, is free of inaccuracies? Certainly not The New York Times. Although the Gray Lady is quick to point out that it was “deceived” by an errant reporter, it is less quick to reflect on the fact that it published fabricated stories. That of course is the clearest example, but history is rife with examples of inaccurate or misleading stories in the press. Less clear, of course, is media bias. And one only needs to refer to Manufacturing Consent. I don’t necessarily agree with all that book has to offer, but it certainly provides some food for thought.

What about scientific publications? Hmmm. Well. Again, truth is quite often relative. The clearest examples, are, of course, outright fabrication. Nonetheless, Dr. Hwang Woo-suk’s paper on producting the first cloned stem cell line was considered the truth for several years, until he was discredited. And more generally speaking, is it not true that, in the world of science, what is considered to be the truth is what most scientists believe to be true? Is that not the system of peer review? A great read on this topic is The Structure of Scientific Revolutions (as an aside, its also the book that introduced the phrase “paradigm shift” into popular parlance). I won’t bore you with details, but suffice it to say that, at the end of the day, science, at least in concept, may not be that far from wikiality.

My point isn’t necessarily to skewer existing sources of “truth” but rather to point out that such sources aren’t necessarily more reliable or accurate, or less fallible, than something like Wikipedia.

And as for things changing? Make a copy.

Microsoft Patents RSS. Or Tries To. Maybe.

Interesting post on someone else’s blog about Microsoft apparently trying to patent RSS:

The applications, filed last June but just made public yesterday, cover subscribing and discovering what Microsoft calls “Web feeds.” That comes as a bit of a shock to anyone who’s been working on RSS, which has its origins in a format developed seven years ago at Netscape Communications.

Microsoft executive Don Dodge, while not involved in the patent applications, says he suspects the filings were made to defend the company against “patent trolls”. (The filings were made shortly before Microsoft announced plans to build RSS technology into its upcoming Vista operating system.) Still, if granted, the patents would give Microsoft a legal cudgel to wield against other companies using RSS.

Well. They do have a point. Generally speaking, I don’t think patent trolls (those that basically file overly broad patents and then sit on them in a dark cave until someone who actually does something useful, and therefore has deep pockets, unwittingly infringes, at which point the troll comes out and clubs them over the head with a lawsuit or settlement) are a good thing. That being said, its ironic that Microsoft feels the need to abuse the system in the same way as patent trolls in order to proactively defend itself. It will be interesting to see how things turn out.

Unfortunately, I’m not necesarily sure that prior art would necessarily invalidate these patents – after all, most of NTP’s patents were more or less considered invalid, but that didn’t stop them from collecting several hundred million from RIM. And its not like there haven’t been other, um, rather broad patents asserted in the past. You know, like back in 2002, when British Telecom asserted ownership of hyperlinks (which they lost) though of course BT doesn’t quite fit the description of a patent troll.

Then again, it begs the question as to who or what should or shouldn’t be considered a patent troll – for example, its well known that IBM has a huge, gigantic, enormous arsenal of patents at its disposal. IBM also actively licenses these patents (and of course threatens litigation where it believes its rights are being violated), but it isn’t necessarily the case that IBM would otherwise have exploited these patents in what I’ll call “active” business – i.e. making and selling something based on the patent as opposed to primarily seeking royalties and licenses from those do – even though IBM does do so in some cases. So does that make IBM a patent troll? What about Philo T. Farnsworth who, arguably, never started producing televisions but instead sought legal claims against others?

My perhaps overly simplistic take on this is that patent trolls are not inherently the problem, but rather the ability, primarily in the US, to register patents that should have never issued in the first place. If someone comes up with a smart, cool, inventive, and truly novel way of doing something, then they should certainly be free to either produce something with it, or sue the living daylights out of someone else who comes along and infringes the IP even if they don’t (or can’t) make productive use of it themselves. Not actively exploiting a patent is not necessarily tantamount to being a bad guy, IMHO.

It will be interesting to see what happens on this front, if anything. If nothing does, then I may well turn to drafting patents, the first being “Method of Utilizing a Rhythmic Cadence in the Expansion and Contraction of Multiple Muscular Groupings to Faciliate Indefinite Continuation of Metabolism of Cell Structures.” I like the sound of that. Yes indeed.