August 26, 2016

Archives for July 2010


My Work at CITP This Year: Judicial Policy, Public Access, and The Electronic Court

Hi. My name is Ron Hedges. I am a Visiting Research Collaborator with the CITP for 2010-11.

Let me tell you a little about myself. I am a graduate of the University of Maryland and Georgetown University Law Center. I spent over twenty years as a United States Magistrate Judge and sat in Newark, NJ. I came to the Center through my work with the use and abuse of electronic information in civil litigation in the United States Courts. Several years ago, I wrote a decision on the subjects of “preservation” and “spoliation” electronic information. That led me to The Sedona Conference, a think-tank of academics, attorneys, and judges who focus on electronic information and other things. Today, I’m on a Sedona advisory board and work on, among other things, confidentiality, public access, and electronic information in criminal actions. For information on Sedona, go to

This year, I hope to work with the Center to update something Sedona did a few years ago on confidentiality and public access in civil litigation. Our society prizes two conflicting values: openness in our judicial system and protection for matters of personal privacy and “protected” information. Examples of the latter are trade secrets and personal medical information. How we as a society reconcile openness and protection in civil litigation was the theme of The Sedona Guidelines on Confidentiality and Public Access, published in March of 2007. This document is not focused on electronic information and offers only general guidance on access to electronic information managed by courts. I hope to use my time at CITP to conduct a symposium on confidentiality and access and to move The Sedona Guidelines forward.

Another project for 2010-11 would be to consider the automation of the review of electronic information for “relevance” and “privilege.” Relevance is a simple, but often misunderstood, concept. To be relevant, information must tend to either prove – or disprove – something. Privilege is also simple, but often misunderstood. To be privileged (in a broad sense), information must be either subject to either the “attorney client privilege” or “work product.” Privileged information need not be turned over to an adversary and, if it is turned over, there can be serious consequences. Not surprisingly, human review for privilege is estimated to account for about half of the cost of litigation.

The “holy grail” of litigation is to come up with an automated process or processes for relevance and privilege review that is reasonable. The process must also be something that can be explained to laypeople (i.e., judges and lawyers). Research is being spearheaded by NIST, and I hope to have CITP sponsor a program on automated search that would feature, among others, Jason Baron of NARA and Maura Grossman of the Wachtell firm. They have led the NARA initiative and are prominent exponents of automated review.

Finally, I hope to offer a symposium or class to introduce technology-oriented folks like you to the intricacies of the law as it deals with electronic information.

Please give me your thoughts as we move toward the Fall semester.


Jailbreaking Copyright's Extended Scope

A bit late for the rule’s “triennial” cycle, the Librarian of Congress has released the sec 1201(a)(1)(C) exceptions from the DMCA prohibitions on circumventing copyright access controls. For the next three years, people will not be ” circumventing” if they “jailbreak” or unlock their smartphones, remix short portions of motion pictures on DVD (if they are college and university professors or media students, documentary filmmakers, or non-commercial video-makers), research the security of videogames, get balky obsolete dongled programs to work, or make an ebook read-aloud. (I wrote about the hearings more than a year ago, when the movie studios demoed camcording a movie — that didn’t work to stop the exemption.)

Since I’ve criticized the DMCA’s copyright expansion, I was particularly interested in the inter-agency debate over EFF’s proposed jailbreak exemption. Even given the expanded “para-copyright” of anticircumvention, the Register of Copyrights and NTIA disagreed over how far the copyright holder’s monopoly should reach. The Register recommended that jailbreaking be exempted from circumvention liability, while NTIA supported Apple’s opposition to the jailbreak exemption.

According to the Register (PDF), Apple’s “access control [preventing the running of unapproved applications] does not really appear to be protecting any copyright interest.” Apple might have had business reasons for wanting to close its platform, including taking a 30% cut of application sales and curating the iPhone “ecosystem,” those weren’t copyright reasons to bar the modification of 50 bytes of code.

NTIA saw it differently. In November 2009, after receiving preliminary recommendations from Register Peters, Asst. Secretary Larry Strickling wrote (PDF):

NTIA does not support this proposed exemption [for cell phone jailbreaking]…. Proponents argue that jailbreaking will support open communications platforms and the rights of consumers to take maximum advantage of wireless networks and associated hardware and software. Even if permitting cell phone “jailbreaking” could facilitate innovation, better serve consumers, and encourage the market to utilize open platforms, it might just as likely deter innovation by not allowing the developer to recoup its development costs and to be rewarded for its innovation. NTIA shares proponents’ enthusiasm for open platforms, but is concerned that the proper forum for consideration of these public policy questions lies before the expert regulatory agencies, the U.S. Department of Justice and the U.S. Congress.

The debate affects what an end-user buys when purchasing a product with embedded software, and how far copyright law can be leveraged to control that experience and the market. Is it, as Apple would have it, only the right to use the phone in the closed “ecosystem” as dictated by Apple, with only exit (minus termination fees) if you don’t like it there? or is it a building block, around which the user can choose a range of complements from Apple and elsewhere? In the first case, we see the happenstance of software copyright locking together a vertically integrated or curated platform, forcing new entrants to build the whole stack in order to compete. In the second, we see opportunities for distributed innovation that starts at a smaller scale: someone can build an application without Apple’s approval, improving the user’s iPhone without starting from scratch.

NTIA would send these “public policy” questions to Congress or the Department of Justice (antitrust), but the Copyright Office and Librarian of Congress properly handled them here. “[T]he task of this rulemaking is to determine whether the availability and use of access control measures has already diminished or is about to diminish the ability of the public to engage in noninfringing uses of copyrighted works similar or analogous to those that the public had traditionally been able to make prior to the enactment of the DMCA,” the Register says. Pre-DMCA, copyright left room for reverse engineering for interoperability, for end-users and complementors to bust stacks and add value. Post-DMCA, this exemption helps to restore the balance toward noninfringing uses.

In a related vein, economists have been framing research into proprietary strategies for two-sided markets, in which a platform provider is mediating between two sets of users — such as iPhone’s end-users and its app developers. In their profit-maximizing interests, proprietors may want to adjust both price and other aspects of their platforms, for example selecting fewer app developers than a competitive market would support so each earns a scarcity surplus it can pay to Apple. But just because proprietors want a constrained environment does not mean that the law should support them, nor that end-users are better off when the platform-provider maximizes profits. Copyright protects individual works against unauthorized copying; it should not be an instrument of platform maintenance — not even when the platform is or includes a copyrighted work.


Private Information in Public Court Filings

Court proceedings are supposed to be public. When they are public and easily accessible, citizens know the law and the courts are kept accountable. These are the principles that underpin RECAP, our project to help liberate federal court records from behind a pay-wall.

However, appropriate restrictions on public disclosure are equally critical to democracy-enhancing information management by the judiciary. Without protections on personal data, trade secrets, the addresses of cooperating witnesses, or other harmful information the courts would become a frightening place for many citizens in need of justice. Peter Winn has described this challenge in detail.

Thus, somewhat counter-intuitively, it is important to restrict some legal information in order to set the rest free. That is why our courts have a strong legacy of sealing cases when, on balance, their disclosure would do more harm to justice than good. When the risks don’t require the entire case to be sealed, portions of documents can be redacted. Federal Rule of Civil Procedure 5.2 and Federal Rule of Bankruptcy Procedure 9037 define these instances.

But what happens when mistakes are made or negligence occurs? This has been a largely unexplored area to date. In a 2005 bankruptcy case in the US District of South Carolina, Green Tree Servicing included the debtors’ social security numbers in a public filing. The document was made available via the courts’ electronic public access system (PACER) for viewing by anyone who was willing to pay the fee. The debtors filed suit in 2008 against Green Tree for disclosing their personal information counter to the rules I mentioned above, as well as the Gramm-Leach-Bliley Act, and other provisions. This was to be an interesting case, but (unfortunately for scholars and perhaps fortunately for the parties) they settled.

However, this was not the end of Green Tree’s entanglement with these provisions. In 2009 they were servicing another pair of debtors, and they likewise included their social security numbers in the filing. The debtors filed suit against Green Tree under similar reasoning. This time, the parties didn’t settle. In its opinion, the US Bankruptcy Court for the Southern District of Indiana dismissed all claims that were based on a private right of action against Green Tree, but left open the possibility that a contempt of court claim could prevail:

The Debtors have pled sufficient facts to state a claim for contempt under §105 for Greentree’s failure to comply with Rule 9037. The act of limiting access to [the document containing SSNs] may be a sufficient remedy under Rule 9037, and a finding of contempt would require that Greentree was aware of its violation of Rule 9037. […] Greentree has “inadvertently” failed to redact social security numbers on proofs of claim forms in at least one other case in which the debtors alleged a claim for contempt. See, In re Petty, No. 08-34375 HCD (Bankr. N. D. Ind. September 21, 2009). Whether the failure to redact here was coincidence or something else is not for the court to decide at this juncture. Nonetheless, the Debtors have pled sufficient facts to establish their claim for contempt under §105(a) due to Greentree’s failure to comply with Rule 9037 and thus, that count survives Greentree’s motion to dismiss and will proceed to trial. All other counts shall be dismissed.

The outcome appears to hinge largely on the “willfulness” of Green Tree. Given the 2005 South Carolina case, it seems evident that Green Tree should have been quite aware of the federal rules of procedure regarding redaction. It will interesting to see how the case turns out.

In the context of these recent cases, the 4th Circuit issued a decision yesterday on a related matter. In Ostergren v. Cuccinelli, the court ruled that a third-party who downloaded public records (“land records”) from government-provided web sites would not be liable for damages when republishing those records online — even if that third-party knew that the records contained private information such as social security numbers.

The facts of the case are quite interesting. Betty Ostergren, a pro-privacy advocate, had for many years tried to get the State of Virginia to implement and then to improve its automatic redaction technology for these records. Virginia was making some effort to do so, but evidently the various counties were not working as fast as she would like, leaving many documents unredacted. Indeed, the original legislation setting the redaction system into motion would have required the task to have been completed by July 1, 2010, but it didn’t go into effect because the General Assembly failed to appropriate the necessary funds. Ostergren decided that the only way to motivate the necessary attentiveness was to begin publishing land records with unredacted SSNs on her own web site. For maximum effect, she chose land records from known public officials.

Virginia enacted a statute designed to stop this type of behavior, and Virginia filed suit under that statute. The Electronic Privacy Information Center filed an amicus brief in support of Ostergren. The 4th Circuit delivered a double-whammy to Virginia: not only did it uphold the district court’s ruling that Ostergren’s site warranted First Amendment protection, it ruled that the protection should extend even further than the district court had ruled. This interpretation was made even easier for the court given the fact that she was posting the materials for the explicit purpose of drawing attention to the problem — it was disclosure, critique, and commentary via simple transparency. As the court noted:

Under Cox Broadcasting and its progeny, the First Amendment does not allow Virginia to punish Ostergren for posting its land records online without redacting SSNs when numerous clerks are doing precisely that.19

19 For the same reason, Virginia could not punish Ostergren for publishing a SSN-containing land record that had accidentally been overlooked during its imperfect redaction process—having a one to five percent error rate—unless Virginia had first corrected that error. Even then, we leave open whether under such circumstances the Due Process Clause would not preclude Virginia from enforcing section 59.1-443.2 without first giving Ostergren adequate notice that the error had been corrected.

Thus, we have an intriguing reversal of the principle I set out above (that it is important to restrict some legal information in order to set the rest free). In this case, it was important to (hopefully temporarily) make more visible the very type of information that ultimately needed to be restricted.


Announcing the CITP Visitors for 2010-2011

We are delighted to announce the CITP visiting scholars, practitioners, and collaborators for the 2010-2011 academic year. The diverse group of leading thinkers represents CITP’s highly interdisciplinary interests. We are looking forward to their work at the center, and welcome them to the family. The short list is below, but you can see more description on the announcement page.

  • Ronaldo Lemos, Fundação Getulio Vargas Law School
  • Fengming Liu, Microsoft
  • Frank Pasquale, Seton Hall
  • Wendy Seltzer, Berkman Center
  • Susan Crawford, Cardozo Law School
  • Alex Halderman, University of Michigan
  • Joe Hall, UC Berkeley School of Information
  • Ron Hedges, Former Federal Magistrate Judge
  • Adrian Hong, Pegasus Project
  • Rebecca MacKinnon, New America Foundation
  • Philip Napoli, Fordham
  • W. Russell Neuman, University of Michigan
  • Steven Roosa, Reed Smith


A Good Day for Email Privacy: A Court Takes Back its Earlier, Bad Ruling in Rehberg v. Paulk

In March, the U.S. Court of Appeals for the Eleventh Circuit, the court that sets federal law for Alabama, Florida, and Georgia, ruled in an opinion in a case called Rehberg v. Paulk that people lacked a reasonable expectation of privacy in the content of email messages stored with an email provider. This meant that the police in those three states were free to ignore the Fourth Amendment when obtaining email messages from a provider. In this case, the plaintiff alleged that the District Attorney had used a sham subpoena to trick a provider to hand over the plaintiff’s email messages. The Court ruled that the DA was allowed to do this, consistent with the Constitution.

I am happy to report that today, the Court vacated the opinion and replaced it with a much more carefully reasoned, nuanced opinion.

Most importantly, the Eleventh Circuit no longer holds that “A person also loses a reasonable expectation of privacy in emails, at least after the email is sent to and received by a third party.” nor that “Rehberg’s voluntary delivery of emails to third parties constituted a voluntary relinquishment of the right to privacy in that information.” These bad statements of law have effectively been erased from the court reporters.

This is a great victory for Internet privacy, although it could have been even better. The Court no longer strips email messages of protection, but it didn’t go further and affirmatively hold that email users possess a Fourth Amendment right to privacy in email. Instead, the Court ruled that even if such a right exists, it wasn’t “clearly established,” at the time the District Attorney acted, which means the plaintiff can’t continue to pursue this claim.

I am personally invested in this case because I authored a brief asking the Court to reverse its earlier bad ruling. I am glad the Court agreed with us and thank all of the other law professors who signed the brief: Susan Brenner, Susan Freiwald, Stephen Henderson, Jennifer Lynch, Deirdre Mulligan, Joel Reidenberg, Jason Schultz, Chris Slobogin, and Dan Solove. Thanks also to my incredibly hard-working and talented research assistants, Nicole Freiss and Devin Looijien.

Updated: The EFF (which represents the plaintiff) is much more disappointed in the amended opinion than I. They make a lot of good points, but I prefer to see the glass half-full.


My Experiment with "Digital Drugs"

The latest scare meme is “digital drugs” or “i-dosing”, in which kids listen to audio tracks that supposedly induce altered mental states. Concerned adults fear that these “digital drugs” may be a gateway to harder (i.e., actual) drugs. Rumors are circulating among some kids: “I heard it was like some weird demons and stuff through an iPod“. In a way, it’s a perfect storm of scare memes, involving (1) “drugs”, (2) the Internet, and (3) kids listening to freaky music.

When I heard about these “digital drugs”, I naturally had to try them, in the interest of science.

(All joking aside, I only did this because I knew it was safe and legal. I don’t like to mess with my brain. I rely on my brain to make my living. Without my brain, I’d be … a zombie, I guess.)

I downloaded a “digital drug” track, donned good headphones, lay down on my bed, closed my eyes, blanked my mind, and pressed “play”. What I heard was a kind of droning noise, accompanied by a soft background hiss. It was not unlike the sound of a turboprop airplane during post-takeoff ascent, with two droning engines and the soft hiss of a ventilation fan. This went on for about fifteen minutes, with the drone changing pitch every now and then. That was it.

Did this alter my consciousness? Not really. If anything, fifteen minutes of partial sensory deprivation (eyes closed, hearing nothing but droning and hissing) might have put me in a mild meditative state, but frankly I could have reached that state more easily without the infernal droning, just by lying still and blanking my mind.

Afterward I did some web surfing to try to figure out why people think these sounds might affect the brain. To the extent there is any science at all behind “digital drugs”, it involves playing sounds of slightly different frequencies into your two ears, thereby supposedly setting up a low-frequency oscillation in the auditory centers of your brain, which will supposedly interact with your brain waves that operate at a very similar frequency. This theory could be hooey for all I know, but it sounds kind of science-ish so somebody might believe it. I can tell you for sure that it didn’t work on me.

So, kids: don’t do digital drugs. They’re a waste of time. And if you don’t turn down the volume, you might actually damage your hearing.


Bilski and the Value of Experimentation

The Supreme Court’s long-awaited decision in Bilski v. Kappos brought closure to this particular patent prosecution, but not much clarity to the questions surrounding business method patents. The Court upheld the Federal Circuit’s conclusion that the claimed “procedure for instructing buyers and sellers how to protect against the risk of price fluctuations in a discrete section of the economy” was unpatentable, but threw out the “machine-or-transformation” test the lower court had used. In its place, the Court’s majority gave us a set of “clues” which future applicants, Sherlock Holmes-like, must use to discern the boundaries separating patentable processes from unpatentable “abstract ideas.”

The Court missed an opportunity to throw out “business method” patents, where a great many of these abstract ideas are currently claimed, and failed to address the abstraction of many software patents. Instead, Justice Kennedy’s majority seemed to go out of its way to avoid deciding even the questions presented, simultaneously appealing to the new technological demands of the “Information Age”

As numerous amicus briefs argue, the machine-or-transformation test would create uncertainty as to the patentability of software, advanced diagnostic medicine techniques, and inventions based on linear programming, data compression, and the manipulation of digital signals.

and yet re-ups the uncertainty on the same page:

It is important to emphasize that the Court today is not commenting on the patentability of any particular invention, let alone holding that any of the above-mentioned technologies from the Information Age should or should not receive patent protection.

The Court’s opinion dismisses the Federal Circuit’s brighter line test for “machine-or-transformation” in favor of hand-waving standards: a series of “clues,” “tools” and “guideposts” toward the unpatentable “abstract ideas.” While Kennedy notes that “This Age puts the possibility of innovation in the hands of more people,” his opinion leaves all of those people with new burdens of uncertainty — whether they seek patents or reject patent’s exclusivity but risk running into the patents of others. No wonder Justice Stevens, who concurs in the rejection of Bilski’s application but would have thrown business method patents out with it, calls the whole thing “less than pellucid.”

The one thing the meandering makes clear is that while the Supreme Court doesn’t like the Federal Circuit’s test (despite the Federal Circuit’s attempt to derive it from prior Supreme Court precedents), neither do the Supremes want to propose a new test of their own. The decision, like prior patent cases to reach the Supreme Court, points to larger structural problems: the lack of a diverse proving-ground for patent cases.

Since 1982, patent cases, unlike most other cases in our federal system, have all been appealed to one court, United States Court of Appeals for the Federal Circuit. Thus while copyright appeals, for example, are heard in the circuit court for the district in which they originate (one of twelve regional circuits), all patent appeals are funneled to the Federal Circuit. And while its judges may be persuaded by other circuits’ opinions, one circuit is not bound to follow its fellows, and may “split” on legal questions. Consolidation in the Federal Circuit deprives the Supreme Court of such “circuit splits” in patent law. At most, it may have dissents from the Federal Circuit’s panel or en banc decision. If it doesn’t like the test of the Federal Circuit, the Supreme Court has no other appellate court to which to turn.

Circuit splits are good for judicial decisionmaking. They permit experimentation and dialogue around difficult points of law. (The Supreme Court hears fewer than 5% of the cases appealed to it, but is twice as likely to take cases presenting inter-circuit splits.) Like the states in the federal system, multiple circuits provide a “laboratory [to] try novel social and economic experiments.” Diverse judges examining the same law, as presented in differing circumstances, can analyze it from different angles (and differing policy perspectives). The Supreme Court considering an issue ripened by the analysis of several courts is more likely to find a test it can support, less likely to have to craft one from scratch or abjure the task. At the cost of temporary non-uniformity, we may get empirical evidence toward better interpretation.

At a time when “harmonization” is pushed as justification for treaties(and a uniform ratcheting-up of intellectual property regimes), the Bilski opinion suggests again that uniformity is overrated, especially if it’s uniform murk.


Identifying Trends that Drive Technology

I’m trying to compile a list of major technological and societal trends that influence U.S. computing research. Here’s my initial list. Please post your own suggestions!

  • Ubiquitous connectivity, and thus true mobility
  • Massive computational capability available to everyone, through the cloud
  • Exponentially increasing data volumes – from ubiquitous sensors, from higher-volume sensors (digital imagers everywhere!), and from the creation of all information in digital form – has led to a torrent of data which must be transferred, stored, and mined: “data to knowledge to action”
  • Social computing – the way people interact has been transformed; the data we have from and about people is transforming
  • All transactions (from purchasing to banking to voting to health) are online, creating the need for dramatic improvements in privacy and security
  • Cybercrime
  • The end of single-processor performance increases, and thus the need for parallelism to increase performance in operating systems and productivity applications, not just high-end applications; also power issues
  • Asymmetric threats, need for surveillance, reconnaissance
  • Globalization – of innovation, of consumption, of workforce
  • Pressing national and global challenges: climate change, education, energy / sustainability, health care (these replace the cold war)

What’s on your list? Please post below!

[cross-posted from CCC Blog]