August 31, 2015

Annemarie Bridy

Annemarie Bridy has been a member of the faculty of the University of Idaho College of Law since 2007. Professor Bridy teaches Contracts, Copyrights, Introduction to Intellectual Property, and Cyberspace Law. Before joining the faculty, Professor Bridy was an associate with the lawfirm of Montgomery, McCracken, Walker & Rhoads in Philadelphia, where she practiced in the area of complex commercial litigation. Bridy holds a B.A from Boston University, a M.A from the University of California, Irvine, a Ph.D. from the University of California, Irvine, and a J.D. from Temple University James E. Beasley School of Law.

avatar

Cyberterrorism or Cybervandalism?

When hackers believed by the U.S. government to have been sponsored by the state of North Korea infiltrated Sony Pictures’ corporate network and leaked reams of sensitive documents, the act was quickly labeled an act of “cyberterrorism.” When hackers claiming to be affiliated with ISIS subsequently hijacked the YouTube and Twitter accounts of the U.S. military’s Central Command, military officials called it an act of “cybervandalism.” A third category of cyberattack, which presents definitional challenges of its own, is “cyberwarfare.” In terms of the nature and scale of any official response, it obviously matters quite a lot which bucket the government and the media choose when they categorize a cyberattack to the public. So how is that choice made as a descriptive matter? And how should it be made?

It seems to me that there are several potentially relevant factors to assess when drawing the semantic line between cyberterrorism and cybervandalism. The ones that spring to mind are the origin of the attack (e.g., state-sponsored v. state-aligned v. unaligned); the target of the attack (e.g., public infrastructure v. corporate infrastructure; critical infrastructure—however defined—v. non-critical infrastructure); the nature of the harm caused (e.g., personal injury v. injury to property); and the reach and severity of the harm caused (e.g., minor or major; isolated v. pervasive). Are these the right factors to take into account? If so, what configuration of factors makes a cyberattack an act of cyberterrorism as opposed to an act cybervandalism? And how should we distinguish both cyberterrorism and cybervandalism from cyberwarfare? Is cyberwarfare only state-to-state?

As the Internet is increasingly beset by attacks of all kinds from all quarters in the name of all different ideologies (or just lulz), it seems vital to have in place a stable, rational way of classifying cyberattacks so that official responses can be appropriate and proportional. I know there are a lot of cybersecurity experts who read FTT. I am definitely not one. I’d love to hear your thoughts about a principled taxonomy for cyberattacks. If there’s a good article about this out there somewhere, I’d be happy to get the citation.

avatar

Four Fair Use Takeaways from Cambridge University Press v. Patton

The most important copyright and educational fair use case in recent memory (mine, at least) was decided by the Eleventh Circuit Court of Appeals last week. The case, Cambridge University Press v. Patton, challenged Georgia State University’s use of e-reserves in courses offered by the university. The copyrighted works at issue were scholarly books–i.e., a mix of monographs, edited volumes, and portions thereof–not textbooks. This case is important because of its broad applicability to similarly situated academic institutions throughout the country that routinely engage in the same practices for which GSU was sued. It’s also important because the court’s decision re-articulated and faithfully followed some foundational fair use principles from prior case law. Readers of the case who are proponents of a vigorous fair use doctrine shouldn’t be disheartened by the fact that the Eleventh Circuit reversed the district court’s ruling in favor of GSU and remanded the case for reconsideration. Ultimately, this case is good news for educational fair use. Here are four reasons why:
[Read more…]

avatar

Google Fights Genericide Claim (and Wins)

Google’s famous trademark in its name has just survived a challenger’s attempt to have it declared generic. In Elliott v. Google, a federal court in Arizona held last week that despite the public’s use of the word “googling” to mean “searching on the Internet,” the “Google” word mark still functions in the minds of consumers primarily to identify Google, the Mountain View-based Internet company, as the source of the search service associated with the “Google” mark. The plaintiff in the case argued that the public’s use of a trademark as a verb necessarily signifies that the mark has become generic. The court disagreed:

Verb use of a trademark is not fundamentally incapable of identifying a producer or denoting source. A mark can be used as a verb in a discriminate sense so as to refer to an activity with a particular product or service, e.g., “I will PHOTOSHOP the image” could mean the act of manipulating an image by using the trademarked Photoshop graphics editing software developed and sold by Adobe Systems. This discriminate mark-as-verb usage clearly performs the statutory source-denoting function of a trademark.

The court went on to explain that a problem arises for a mark owner only if mark-as-verb usage is indiscriminate, and the mark becomes referentially unmoored in the public’s mind from the mark owner’s product or service.

[Read more…]

avatar

Takedown 2.0: The Trouble with Broad TROs Targeting Non-Party Online Intermediaries

On August 14, a federal district court in Oregon issued an ex parte temporary restraining order (TRO) in a civil copyright infringement case, ABS-CBN v. Ashby. The defendants in the case are accused of operating several “pirate websites” that infringe the plaintiffs’ copyrights in broadcast television programs. In addition to ordering the defendants to stop engaging in infringing conduct, the court ordered unspecified “Internet search engines, Web hosts, domain-name registrars, and domain name registries or their administrators [to] cease facilitating access to any or all domain names and websites through which Defendants engage in the [infringement] of Plaintiffs’ copyrighted works.” The court ordered the domain name registrars that had originally registered the defendants’ domain names to transfer the registrations for the pendency of the litigation to a new registrar chosen by the plaintiffs. It then ordered the new, as-yet-unidentified registrar to divert traffic from the defendants’ sites to a location displaying legal documents from the case. None of the online intermediaries targeted by the order is a named party in the case, and none was represented in court before the TRO issued.

A little over a week before the Oregon court issued its TRO, a federal district court in California issued a TRO in another “pirate website” case involving sites streaming and distributing pre-release copies of “The Expendables 3.” The California court’s order to stop providing services to the defendants was directed broadly to “persons and entities providing any services to or in connection with the domain names <limetorrents.com>, <billionuploads.com>, <hulkfile.eu>, <played.to>, <swankshare.com> and/or <dotsemper.com> or the websites to which any of those domain names resolve.” In addition to domain name registrars and hosting services, the California court’s order swept in “[a]ll banks, savings and loan associations, payment processors or other financial institutions, payment providers, third party processors and advertising service providers of Defendants.” Again, none of the online intermediaries targeted in the order is a named party in the case and none was represented in court before the TRO issued.

The reach of these orders is breathtaking, particularly in light of the non-party status of the targeted intermediaries. [Read more…]

avatar

Criminal Copyright Sanctions as a U.S. Export

The copyright industries’ mantra that “digital is different” has driven an aggressive, global expansion in criminal sanctions for copyright infringement over the last two decades. Historically speaking, criminal penalties for copyright infringement under U.S. law date from the turn of the 20th century, which means that for over a hundred years (from 1790 to 1897), copyright infringement was exclusively a civil cause of action. From 1897 to 1976, there were criminal penalties, but only misdemeanor ones. In 1976, felony penalties were introduced, but only for repeat offenders. Following enactment of the 1976 Copyright Act, the pace of amendments expanding criminal liability greatly accelerated—a trend that more or less coincided with the PC revolution. In 1982, felony penalties were extended to some first-time offenses, but not for all types of copyrighted works. In 1992, felony penalties were extended to all types of works. In 1997, as the commercial Internet was beginning its exponential growth, the No Electronic Theft (NET) Act eliminated a longstanding requirement of commercial motive for criminal liability, making some infringements criminally actionable even if they are undertaken without any expectation of financial gain. Under the NET Act, a willful infringer acting without any commercial motive faces up to three years in prison for reproducing or distributing as few as 10 unauthorized copies of a copyrighted work.

As criminal penalties have ballooned domestically, they have also been expanding internationally.  The international expansion in criminal copyright liability has occurred in part (and increasingly) through the vehicle of plurilateral and bilateral trade agreements. The United States uses its negotiating leverage in the trade policy arena to pressure trading partners, particularly less powerful ones, to incorporate strict IP norms into their domestic law.   [Read more…]

avatar

Fair Use, Legal Databases, and Access to Litigation Inputs  

In copyright-and-fair-use news, a significant case for the legal profession’s access to the inputs of judicial decision-making was decided last week in federal district court in New York. The case was brought against West Publishing Corp. (owner of the Westlaw database) and Reed Elsevier (owner of the LexisNexis database) by two lawyers who alleged that their copyrights in their legal briefs were infringed when West and Lexis included the briefs in their databases. The two databases have long provided paid subscribers with access to the judicial decisions that adjudicate the arguments raised by litigants. Now, Westlaw and Lexis will be able to continue providing their subscribers with access to the primary documents in which those arguments are made. In a decision that follows the lead of recent fair use decisions concerning the wholesale copying of literary works to repurpose them for search and research, the court held that West and Lexis are protected from the lawyers’ claims of infringement. A holding in favor of the plaintiffs would have made it effectively impossible for West and Lexis to continue to provide subscribers with access to copies of briefs, given the prohibitively high transaction costs associated with trying to license every brief filed by every lawyer in every case in every court in the United States.
[Read more…]

avatar

Google Spain and the “Right to Be Forgotten”

The European Court of Justice (CJEU) has decided the Google Spain case, which involves the “right to be forgotten” on the Internet. The case was brought by Mario Costeja González, a lawyer who, back in 1998, had unpaid debts that resulted in the attachment and public auction of his real estate. Notices of the auctions, including Mr. Costeja’s name, were published in a Spanish newspaper that was later made available online. Google indexed the newspaper’s website, and links to pages containing the announcements appeared in search results when Mr. Costeja’s name was queried. After failing in his effort to have the newspaper publisher remove the announcements from its website, Mr. Costeja asked Google not to return search results relating to the auction. Google refused, and Mr. Costeja filed a complaint with Spanish data protection authorities, the AEPD. In 2010, the AEPD ordered Google to de-index the pages. In the same ruling, the AEPD declined to order the newspaper publisher to take any action concerning the primary content, because the publication of the information by the press was legally justified. In other words, it was legal in the AEPD’s view for the newspaper to publish the information but a violation of privacy law for Google to help people find it. Google appealed the AEPD’s decision, and the appeal was referred by the Spanish court to the CJEU for a decision on whether Google’s publication of the search results violates the EU Data Protection Directive.
[Read more…]

avatar

FOIA: When the Exemptions Swallow the Rule

I’ve been researching and writing over the last few years on privately ordered—what the government calls “non-regulatory”—approaches to online IP enforcement. The gist of this approach is that members of trade groups representing different types of online intermediaries (broadband providers, payment processors, ad networks, online pharmacies) agree in private contracts or less formal “voluntary best practices” documents to sanction or cut services to alleged IP infringers. I put quotes around “non-regulatory” not only because that’s the government’s word, but because the descriptor masks the fact that the government, at the behest of corporate rights owners, leans heavily on targeted intermediaries to negotiate and accept these agreements, all the while holding the threat of regulation over their heads. It has proven to be a very effective strategy. Many of the website blocking provisions in SOPA, which so memorably went down in flames of public outrage, have subsequently been implemented through these agreements, which belong to a broad category of regulatory practices that governance scholars call soft law.
[Read more…]

avatar

Is There a Future for Net Neutrality after Verizon v. FCC?

In a decision that was widely predicted by those who have been following the case, the Court of Appeals for the D.C. Circuit has invalidated the FCC’s Open Internet Rules (so-called net neutrality regulations), which imposed non-discrimination and anti-blocking requirements on broadband Internet access providers. The rules were challenged by Verizon as soon as they were enacted in 2010. The court held that, given the FCC’s past (and never reversed or modified) regulatory choice to classify broadband providers under the Telecommunications Act of 1996 as “information services” rather than “telecommunications services,” it cannot now impose on them common carrier obligations that apply under the statute only to services classified as telecommunications. Verizon argued in the case that the Open Internet Rules were not common carrier regulations, but the court didn’t buy it.
[Read more…]

avatar

A Good Day at the Googleplex

            Judge Chin has issued his decision in the Google Book Search case, and it’s a win for Google. For those of you who have been following the litigation, it’s been a long trip through the arcana of class certification. Today’s decision, however, finally gets to the merits of Google’s fair use defense under the Copyright Act. The outcome is not surprising in light of last year’s decision in the related HathiTrust case, which held that Google’s mass digitization of books on behalf of academic libraries to facilitate scholarship and research and to aid print-disabled library patrons is fair use. The Google Books case could have come out differently, however, given that Google, unlike an academic library, is a commercial enterprise and that the service it provides through Book Search reaches far beyond an academic audience. In addition, the amount of text that Google displays in Book Search results (multiple contextual “snippets” including the search term) is greater than the amount displayed by the HathiTrust (only the page numbers and number of hits per page for the search term). Both of those factors—the commercial or non-profit nature of the use and the amount of text displayed—are relevant to the fair use analysis.

[Read more…]