TLJ News from October 16-20, 2006

EU Trade Commissioner Advocates IPR Protection

10/20. Peter Mandelson, the European Commissioner for Trade, gave a speech in Monaco on ideas, intellectual property rights (IPR), globalization, and trade.

Peter MandelsonMandelson (at right) said that Europe trades in ideas that are transformed into products and services, that those ideas are being stolen, and that nations need to address this.

He said that "I'm steering towards the question of IPR and counterfeiting because I want to use it as an example of the kind of issue that is around the next corner in trade policy. And it is particularly important for people who trade in ideas -- ideas as services or ideas as manufactured products."

He said that until recently counterfeiting meant fake Gucci purses and Rolex watches. However, he said that it is much bigger now, and includes "fake foodstuffs and drinks, fake car parts; fake airplane parts -- I mean think about that for a moment, fake aircraft parts! -- fake electrical appliances and fake toys."

He continued that counterfeiting now includes "fake antibiotics, fake avian-flu drugs, fake anti-malarials and fake insulin. 800000 doses of fake medicine were seized at EU borders in 2004. Most of those fake drugs were headed for the world's poorest countries. Still think its harmless?"

He said that "it goes far beyond counterfeit manufactures. Counterfeit music and film -- often easily available on the internet -- is undermining the music and film industries' investments in artist development. That single issue of internet music piracy and the abuse of music copyright is a significant part of what’s standing between Russia and the US on the issue of Russia’s accession to the WTO to which I have added Europe's voice -- so it matters."

He said that "two thirds of counterfeit goods intercepted on their way into the EU are made in China. Behind China come Russia, the Ukraine, Turkey, Chile."

He also recited some of the things that the EU is doing in response. He said We've teamed up with the US this year to create joint task forces in our embassies, and customs services and to share intelligence on border trafficking."

He added that "We've been strengthening our resources on the ground in China to help EU businesses find reliable suppliers, spot the risks from IP theft and deal with the Chinese legal system -- which is, well, opaque, shall we say. We’ve set benchmarks for intercepting counterfeit goods and we expect the Chinese to meet them."

He also suggested that it is in the interest of China to protect IPR, and that it is beginning to act accordingly. He said that "I think that I detect a definite shift in approach in China, certainly a major change of tone. There is a willingness to engage on IPR that wasn’t there even two years ago. Why? Partly because of carefully applied and constructive pressure for action. But there is also this: last month China became the fifth biggest filer for patents in the global economy after the US, Japan, Korea and the EU.

He elaborated that "half or more of those patents are foreign companies looking to protect their own production in China from local piracy. But an increasing number of Chinese companies are looking to the Chinese system to protect their own innovation."

"The infant Chinese film industry is being crippled by film piracy in China. The Chinese government’s attempts to protect the official branding of the 2008 Beijing Olympics is being undermined by the flow of counterfeit knock-offs of official merchandise. If Chinese businesses don’t have confidence in the protection of IPR in their own market then they won’t innovate." Mandelson said that "The lesson -- if you’re inclined to draw it, and I think the Chinese government is drawing it -- is that tolerating intellectual property theft is a dead end for just about everyone."

He also commented on those persons who argue against protection of IPR with slogans such as "corporate agenda" and "people not patents".

He said that "When we privatise knowledge we have to do so with great care." He urged consideration of "the incentive that drives us to innovate in the first place". He argued that Europe produces many services and products that are idea based, and "To preserve the innovation that creates those things, and to preserve the quality dividend that attaches to those things, those ideas need to be better protected."

He concluded that "IPR protection is not a ``corporate agenda´´. And it is not a favour emerging economies like China are doing for us. If you want to get ahead, move up the value chain, then looking the other way on intellectual property piracy will come back and bite you. It’s an essential element of an economy that trades in ideas."

In this speech, he referenced many types of intellectual property that should be protected, including trademarks that consist of European place names used to identify food products. He said that Camembert is an idea.

Federal Circuit Vacates in Qualcomm v. Nokia

10/20. The U.S. Court of Appeals (FedCir) issued its opinion [15 pages in PDF] in Qualcomm v. Nokia, a patent case. However, the issue in this appeal relates to a licensing agreement that contains an arbitration clause. The Court of Appeals vacated the District Court's order denying Nokia's motion for stay pending arbitration.

Qualcomm pioneered the Code Division Multiple Access (CDMA) technology for wireless communications. It holds many patents related to CDMA. It also hold patents not related to CDMA technology.

Nokia makes wireless equipment.

Qualcomm and Nokia entered into an agreement under which Qualcomm granted Nokia a non-exclusive license to some of Qualcomm's patents, permitting Nokia to make and sell products that incorporate CDMA technology. This agreement included an arbitration clause that states that "Any dispute, claim or controversy arising out of or relating to this Agreement, or the breach or validity hereof" ... "shall be settled by arbitration in accordance with the arbitration rules of the American Arbitration Association (the 'AAA Rules')."

Subsequently, Qualcomm filed a complaint in U.S. District Court (NDCal) against Nokia alleging that Nokia infringed twelve of its patents, other than CDMA patents covered by the license agreement.

Nokia then initiated an arbitration proceeding before the AAA, seeking resolution of two issues. First, it asserted an estoppel defense. It argued that Qualcomm engaged in misleading conduct that caused Nokia to believe that Qualcomm did not hold issued or pending patents it intended to assert against Nokia’s GSM products.

Second, Nokia asserted a license defense in the arbitration proceeding. It argued that it is entitled to a declaration that it had a valid and enforceable license to make, import, use, sell, offer to sell, lease, or otherwise dispose of products that incorporate CDMA technology and that Qualcomm’s claims of infringement against those products should be barred by the 2001 Agreement.

Nokia filed a motion with the District Court to stay the litigation pending arbitration. The District Court denied the motion. Nokia brought the present appeal.

The Court of Appeals vacated the District Court's order, and remanded "to perform the inquiry in the first instance".

The Federal Arbitration Act's stay provision, which is codified at 9 U.S.C. § 3, provides in full that "If any suit or proceeding be brought in any of the courts of the United States upon any issue referable to arbitration under an agreement in writing for such arbitration, the court in which such suit is pending, upon being satisfied that the issue involved in such suit or proceeding is referable to arbitration under such an agreement, shall on application of one of the parties stay the trial of the action until such arbitration has been had in accordance with the terms of the agreement, providing the applicant for the stay is not in default in proceeding with such arbitration."

The Court of Appeals wrote that "this case raises the question of how to reconcile an agreement to delegate arbitrability decisions to an arbitrator in accordance with the language of section 3 of the FAA, which specifies that the district court be ``satisfied´´ as to the arbitrability of an issue before ordering a stay. Thus, we must necessarily determine what inquiry the district court should perform in order to be "satisfied" under section 3."

The Court of Appeals concluded that "in order to be ``satisfied´´ of the arbitrability of an issue pursuant to section 3 of the FAA, the district court should first inquire as to who has the primary power to decide arbitrability under the parties' agreement. If the court concludes that the parties did not clearly and unmistakably intend to delegate arbitrability decisions to an arbitrator, the general rule that the ``question of arbitrability ... is ... for judicial determination´´ applies and the court should undertake a full arbitrability inquiry in order to be ``satisfied´´ that the issue involved is referable to arbitration."

The Court of Appeals continued, "If, however, the court concludes that the parties to the agreement did clearly and unmistakably intend to delegate the power to decide arbitrability to an arbitrator, then the court should perform a second, more limited inquiry to determine whether the assertion of arbitrability is ``wholly groundless.´´ ... If the court finds that the assertion of arbitrability is not ``wholly groundless,´´ then it should stay the trial of the action pending a ruling on arbitrability by an arbitrator. If the district court finds that the assertion of arbitrability is ``wholly groundless,´´ then it may conclude that it is not ``satisfied´´ under section 3, and deny the moving party's request for a stay."

The Court of Appeals concluded that the District Court did not perform this inquiry, and hence, vacated, and remanded to the District Court to perform this inquiry.

This case is Qualcomm Inc. and Snaptrack Inc. v. Nokia Corporation and Nokia, Inc., App. Ct. No. 2006-1317, an appeal from the U.S. District Court for the Southern District of California, D.C. No. 05-CV-2063 B, Judge Rudi Brewster presiding.

Judge Sharon Prost wrote the opinion of the Court of Appeals, in which Judge Schall joined. Judge Pauline Newman dissented, but wrote no opinion.

SEC Chairman Plugs Interactive Data and XBRL Reader Products

10/20. Securities and Exchange Commission (SEC) Chairman Chris Cox gave a speech at the 39th Annual Securities Regulation Seminar in Los Angeles, California. He once again spoke at length about interactive data.

In this speech, he identified, described, and demonstrated several interactive data products and services, including Hitachi's Xinba XBRL Reader and Analyzer (which enables users to work with SEC data inside a Microsoft Excel spreadsheet), SavaNet's free XBRL Reader, Edgar Online's I-Metrix, and Rivet Software's Crossfire Analyst.

He also touched on the SEC's forthcoming e-proxy rules. He said that "In just a few months, we'll finalize our e-proxy rules, to further advance our goal of tapping the enormous power of technology and the Internet to simplify and improve disclosure."

FCC Releases NOI on Video Competition and Other Issues

10/20. The Federal Communications Commission (FCC) released the text of its Notice of Inquiry [37 pages in PDF] seeking information to assist it in preparing its annual report to the Congress on the status of competition in the market for the delivery of video programming.

The FCC also announced comment deadlines. The deadline to submit initial comments is November 29, 2006. The deadline to submit reply comments is December 29, 2006.

This is a wide ranging NOI that asks many questions that relate to other FCC proceedings, and are only marginally related, or unrelated, to the status of competition in the market for the delivery of video programming.

The FCC adopted, but did not release, this item at its October 12, 2006, event titled "Open Meeting". See, story titled "FCC Adopts Notice of Inquiry Regarding Video Competition" in TLJ Daily E-Mail Alert No. 1,467, October 12, 2006.

In addition to seeking information about video competition involving traditional services, including cable systems and direct broadcast satellite (DBS) services, this NOI also asks about emerging services, such as wireless video and broadband video.

It seeks comments "on the availability and deployment of mobile television services, including information on programming agreements between video programming networks and other content providers and cell phone companies."

For example, it asks "how many mobile telephone users have access to, and subscribe to, such services? What equipment is needed to receive video over cellular, and what is the cost of equipment and service? In which markets is service available? We also are interested in any studies or surveys that explore the use of mobile video services as a complement to, or a substitute for, traditional video services. Do current trends in mobile video suggest that we should consider mobile telephone providers that offer video programming to be MVPDs?" (Footnote omitted.)

The NOI also seeks information on "video distribution from other wireless devices that are not CMRS providers and on the viewing equipment, including iPODs and personal digital assistants (PDAs), used to receive such programming. We seek information on the manner in which video content is delivered to these devices (e.g., broadcast vs. Internet downloading). We seek information on how programmers are re-purposing traditional broadcast and non-broadcast programming for viewing on these devices, and if programmers are creating content specifically for these new devices." (Footnote omitted.)

The NOI also asks about video that is streamed over the internet. It seeks "information as to the quality of readily available streaming and downloadable video". It also seeks "projections of whether Internet video will become a viable competitor in the market for the delivery of video programming and, if so, when such competition will emerge".

The FCC is required by 47 U.S.C. § 548(g) to "annually report to Congress on the status of competition in the market for the delivery of video programming". However, this NOI is long, wide ranging, and seeks information about many subjects other than "competition in the market for the delivery of video programming". It seeks information that is related to other open FCC proceedings. For example, it asks about VOIP and 911/E911.

VOIP/911. The NOI includes this. "Many cable operators appear to be adopting VoIP as the platform for their telephony offerings, although some continue to provide telephone service using circuit switched technology. At the end of June 2005, there were 1.2 million subscribers to cable's VoIP service. We seek information on the latest development and deployment of VoIP; the manner in which VoIP service is being marketed to subscribers (e.g., as part of bundled services); and whether discounts are offered to subscribers who subscribe to a package containing VoIP and other advanced services along with video service." (Footnote omitted. Parentheses in original.)

The NOI continues. "In how many markets do MVPDs provide switched circuit telephony, and where are they? To what extent are MVPDs phasing out switched circuit telephony? To what extent do cable operators offer telephony service for low-income households, similar to basic dialtone service or so-called plain old telephone service (POTS)? We also seek information on the extent to which these cable telephony services include 911 or E-911 service and battery backup systems."

See also, FCC proceeding titled "E911 Requirements for IP-Enabled Service Providers" and numbered WC Docket No. 05-196.

Content Protection. The NOI also asks for information of about technologies for the protection for copyrighted content. It includes this. "We seek comment on what content protection technologies are now available, how they work, and what legal or marketplace impediments have affected the roll-out of such tools. What technologies have consumer electronic manufacturers included in their set-top boxes or other devices designed to receive and display digital programming? What types of content protection requirements have video program networks negotiated with MVPDs to secure distribution of digital media? What types of content protection technologies are MVPDs using to secure on-demand digital media or programming made available through DVRs?"

It also asks "What is the relationship between content protection technologies and the availability of digital navigation devices for sale at retail establishments? We seek comment on what security measures are in use by IP-based technology providers, and the effect of the choice of such security measures on competition. We also invite comment on how the Commission can encourage the development of digital rights management technology that will promote consumer uses of, and access to, high value digital content."

The FCC issued this NOI in its proceeding titled "In the Matter of Annual Assessment of the Status of Competition in the Market for the Delivery of Video Programming". This item is FCC 06-154 in MB Docket 06-189.

FCC Adopts NPRM Proposing New DTV Table of Allotments

10/20. The Federal Communications Commission (FCC) announced and released its Seventh Further Notice of Proposed Rule Making [116 pages in PDF] in its proceeding titled "In the Matter of Advanced Television Systems and Their Impact upon the Existing Television Broadcast Service".

FCC Commissioner Robert McDowell wrote in a separate statement [PDF] that with this item "we begin the final stage of the transition of broadcasters to digital television. The Notice proposes a new DTV Table of Allotments, taking the seventh and final step to complete the DTV channel election process."

This item states that "In developing the proposed new allotments, the Commission has attempted to accommodate broadcasters’ channel preferences as well as their replication and maximization service area certifications (made via FCC Form 381). Our proposed DTV Table is based upon the tentative channel designations (``TCDs´´) announced for eligible broadcast licensees and permittees (collectively, ``licensees´´) through the channel election process, along with our efforts to promote overall spectrum efficiency and ensure that broadcasters provide the best possible service to the public, including service to local communities." (Parentheses in original.)

It continues that "Once effective, the proposed DTV Table will guide stations in determining their build-out obligations. The proposed DTV Table will ultimately replace the existing DTV Table at the end of the DTV transition, when analog transmissions by full-power television broadcast licensees must cease. The current DTV Table will govern stations’ DTV operations until the end of the DTV transition." (Footnotes omitted.)

The item is FCC 06-150 in MB Docket No. 87-268. Initial comments are due by January 11, 2007. Reply comments are due by February 12, 2007. The FCC announced that it adopted this item on October 10, 2006.

More News

10/20. The National Institute of Standards and Technology (NIST) released its Draft Special Publication 800-53 [176 pages in PDF] titled "Recommended Security Controls for Federal Information Systems". This is Revision 1, Final Public Draft. See also, mark up copy [186 pages in PDF]. The deadline to submit comments is November 17, 2006.

10/20. President Bush gave a speech at a National Senatorial Committee reception in Washington DC. He stated that terrorists "carry video cameras, film their atrocities, email images and video clips to Middle Eastern cable networks like Al-Jazeera, and opinion leaders throughout the West. They operate web sites where they say their goal is to, ``carry out a media war that is parallel to the military war.´´"

10/20. The Securities and Exchange Commission (SEC) announced in a release that individual investors who were victimized in the MCI WorldCom financial fraud "will soon receive up to $150 million from an SEC fund set up to help compensate investors for their losses".

10/20. The Federal Communications Commission (FCC) released the text [51 pages in PDF] of its TV white space order. This item is numbered FCC 06-156 and titled "First Report and Order and Further Notice of Proposed Rule Making".  This proceeding is numbered ET Docket No. 04-186 and ET Docket No. 02-380, and titled "Unlicensed Operation in the TV Broadcast Bands". The FCC adopted, but did not release, this item at its October 12 event titled "Open Meeting". See also, story titled "FCC Adopts Order and FNPRM Regarding TV White Space" in TLJ Daily E-Mail Alert No. 1,467, October 12, 2006. This item states that initial comments will be due 75 days after publication in the Federal Register, and that reply comments will be due 105 days after. However, this publication has not yet occurred.

OUSTR Seeks Comments on Internet Gambing

10/19. The Office of the U.S. Trade Representative (OUSTR) published a notice in the Federal Register requesting public comments, within 4 days, regarding the proceeding before the World Trade Organization (WTO) initiated by Antigua and Barbuda. This Caribbean nation complained that various U.S. laws affecting internet gambling violate trade treaty obligations of the U.S.

See, story titled "WTO Appellate Body Upholds U.S. Laws Affecting Internet Gambling" in TLJ Daily E-Mail Alert No. 1,111, April 8, 2005, and story titled "Allgeier Addresses Trade Agreements and Internet Gambling, in TLJ Daily E-Mail Alert No. 1,118, April 19, 2005. See, notice in the Federal Register, October 19, 2006, Vol. 71, No. 202, at Pages 61808-61809.

On April 7, 2005, the WTO's Appellate Body issued its report [146 pages in PDF] titled "United States -- Measures Affecting the Cross-Border Supply of Gambling and Betting Services".

The WTO ruled on April 20, 2005, rejecting all of Antigua and Barbuda's claims except the WTO ruled that for the United States to show that the Federal gambling laws meet the requirements of the chapeau to Article XIV of the GATS, the United States needed to clarify an issue concerning Internet gambling on horse racing. On May 19, 2005, the United States stated its intention to implement the DSB recommendations and rulings. On April 10, 2006, the United States informed the DSB that the United States had complied with the DSB recommendations and rulings. However, Antigua disputes that the U.S. has in fact complied with the WTO's ruling.

The OUSTR states in its notice that Antigua has raises the following issues:
  "(1) Antigua and Barbuda argues that the United States has not taken any measure to comply with the DSB recommendations and rulings.
  (2) Second, Antigua and Barbuda characterizes U.S. compliance as relying on a ``restatement of a legal position taken by a party to a dispute,'' and argues that such action is legally insufficient under
the DSU to amount to compliance.
  (3) Third, Antigua and Barbuda disputes that the U.S. compliance brings the measures at issue within the scope of the GATS Article XIV public morals/public order exception."

The OUSTR now seeks comments on these issues.

The OUSTR notice does not reference, or seek comments upon, the just enacted "Unlawful Internet Gambling Enforcement Act of 2006". See, text. This was attached to HR 4954, the port security bill that President Bush signed into law on October 13, 2006.

The notice sets an almost immediate deadline. However, the notice adds that "Although USTR will accept any comments received during the course of the dispute settlement proceedings, comments should be submitted on or before October 23 to be assured of timely consideration by USTR."

District Court Dismisses Hacking Case Against IBM

10/19. The U.S. District Court (DC) issued an opinion [18 pages in PDF] and order [1 page PDF] in Butera & Andrews v. IBM, a civil case alleging violation of the Computer Fraud and Abuse Act (CFAA), the Stored Communications Act (SCA), and the Wiretap Act (WA). The District Court dismissed, without prejudice, all of the claims in the complaint against IBM for failure to state a claim, and denied the plaintiff's request for discovery. Claims against a John Doe defendant remain.

Introduction. This is an opinion with limited scope. It merely pertains to the threshold pleading requirements for bringing private actions under the CFAA, SCA and WA.

The Court's opinion might be interpreted to create an exception to the Federal Rules of Civil Procedure (FRCP), and ordinary principles of agency law, for the purpose of computer fraud and hacking cases where the defendant is a corporate entity. It may be interpreted to create a heightened pleading requirement, higher than that imposed under the FRCP, for private actions brought under the CFAA, SCA and WA against corporate entities, based upon its interpretation of intent elements in these statutes. It holds that the plaintiff must allege, upon a "concrete and particularized basis", that the company "did intentionally authorize" the hacker's attack.

This opinion may hinder the ability of persons targeted by corporate spying, hacking, and pretexting to obtain legal redress through private litigation.

Companies may be liable for various acts, including hacking, pretexting, and wiretapping. However, the companies themselves do not hack, pretext, wiretap or spy. Individuals do. Corporations may be liable for the acts of their employees or agents.

In the present case, the plaintiff, Butera & Andrews (B&A), filed a complaint in the District Court alleging that IBM violated the CFAA, SCA, and WA by accessing, and attempting to access, its e-mail server. B&A alleged in its complaint that the unlawful acts were committed by a "John Doe" defendant. B&A alleged that this defendant "in his capacity as IBM employee or agent, initiated, directed and managed" IBM's attacks.

The private right of actions provision of the CFAA, SCA, and WA each include intent to access or intercept as an element. For example, the CFAA states, "Whoever ... intentionally accesses a protected computer ..." The District Court's opinion may be construed to hold that for the purposes of the CFAA, SCA, and WA, the intent requirement refers, not to the act of accessing or intercepting, but to the corporate entity's supervision and direction of its employees and agents.

Attorneys drafting complaints that assert private causes of action against corporate entities under the CFAA, SCA, and WA should take note, as should prosecutors bringing criminal and civil actions.

Companies that avail themselves of the information to be afforded by hacking, pretexting, and spying, and the attorneys called upon to defend against private actions brought under the CFAA, SCA, and WA, may take advantage of this opinion.

Facts. There are no factual allegations, other than those contained in the complaint.

There has been no discovery. There are no affidavits in support of or in opposition to a motion for summary judgment. There have been no evidentiary hearings or trials. The District Court has made no findings of fact.

IBM's prompt filing of a Rule 12(b)(6), FRCP, motion to dismiss for failure to state a claim, and the Court's prompt granting of the motion, has prevented the plaintiff from obtaining any discovery from IBM.

Hypothetically, it is possible that a hacker unconnected to IBM spoofed IBM's IP numbers. Nevertheless, IBM's strategy to date has not included any attempt to demonstrate its innocence.

It is also possible that a hacker took control of one or more of IBM's computers, and then used them to attack the plaintiff's computers. If this is the case, IBM may be trying to avoid disclosure of its own information security weaknesses.

It is also possible that attacks came from computers owned, operated, or maintained by IBM, but leased to, or operated on behalf of, a customer. If this is the case, IBM could be innocent, but possess facts that would incriminate one of its customers, and now pursues evasive litigation tactics to protect its customer.

It is also possible that an employee or agent of IBM did use IBM facilities to access the plaintiff's computers, and that IBM now seeks to avoid discovery of this information, and any possible liability that may flow therefrom.

Whatever the case may be, IBM holds relevant evidence for making findings of fact. It is attempting to prevent this evidence from being submitted to the Court, and made public. IBM did not return phone calls from TLJ.

The complaint reveals that the plaintiff is Butera & Andrews, a Washington DC based lobbying and law firm.

The complaint alleges that there was unauthorized access to B&A's e-mail server. It further alleges that the intruder left a series of instructions that permitted the intruder to enter the system surreptitiously and download documents from the server.

It further alleges that B&A's security firm investigated, and discovered subsequent attacks, and that all of the attacks originated from IP addresses registered to IBM. The complaint further alleges that the attacks originated from the IBM facility on Cornwallis Road in Durham, North Carolina. And, it alleges that these acts were committed "with IBM owned or operated equipment and were directed by IBM employees or agents".

B&A asks for statutory damages, a return of information obtained from B&A, and an injunction against further intrusion.

Statutes. There is no interpretation of the relevant statutes beyond the intent elements. Nevertheless, the key provisions of the statutes alleged to have been violated are set out below.

The Computer Fraud and Abuse Act (CFAA) is codified at 18 U.S.C. § 1030.

18 U.S.C. § 1030(g) provides that "Any person who suffers damage or loss by reason of a violation of this section may maintain a civil action against the violator to obtain compensatory damages and injunctive relief or other equitable relief. A civil action for a violation of this section may be brought only if the conduct involves 1 of the factors set forth in clause (i), (ii), (iii), (iv), or (v) of subsection (a)(5)(B). Damages for a violation involving only conduct described in subsection (a)(5)(B)(i) are limited to economic damages. No action may be brought under this subsection unless such action is begun within 2 years of the date of the act complained of or the date of the discovery of the damage. No action may be brought under this subsection for the negligent design or manufacture of computer hardware, computer software, or firmware."

Thus, one must refer back to 18 U.S.C. § 1030(a)(5)(B)(i)-(v), which are as follows:

   "(i) loss to 1 or more persons during any 1-year period (and, for purposes of an investigation, prosecution, or other proceeding brought by the United States only, loss resulting from a related course of conduct affecting 1 or more other protected computers) aggregating at least $5,000 in value;
   (ii) the modification or impairment, or potential modification or impairment, of the medical examination, diagnosis, treatment, or care of 1 or more individuals;
   (iii) physical injury to any person;
   (iv) a threat to public health or safety; or
   (v) damage affecting a computer system used by or for a government entity in furtherance of the administration of justice, national defense, or national security;"

The Stored Communications Act (SCA) is codified at 18 U.S.C. § 2701-2712. The private right of action is found at 18 U.S.C. § 2707.

The basic prohibition is at Section 2701. It provides, in part, as follows:

"whoever --
  (1) intentionally accesses without authorization a facility through which an electronic communication service is provided; or
  (2) intentionally exceeds an authorization to access that facility;
   and thereby obtains, alters, or prevents authorized access to a wire or electronic communication while it is in electronic storage in such system shall be punished ..."

Section 2707 provides that "any provider of electronic communication service, subscriber, or other person aggrieved by any violation of this chapter in which the conduct constituting the violation is engaged in with a knowing or intentional state of mind may, in a civil action, recover from the person or entity, other than the United States, which engaged in that violation such relief as may be appropriate".

The federal Wiretap Act is codified at 18 U.S.C. §§ 2510-2522. It provides a private right of action against anyone who "intentionally intercepts ... any wire, oral, or electronic communication".

District Court Opinion.  The statutes involved reference intentionally accessing or intercepting computers or communications. A plain reading of the statutes might lead one to conclude that the intent requirement refers to the act of accessing or intercepting. For example, did a person sitting at a computer intentionally access a protected computer? A second and separate issue would then be whether a corporate entity is also liable for the intentional act of that person pursuant to principles of agency law.

However, this is not the reasoning of the District Court. The Court's opinion construes the statutory references to intent to create an element of the agency relationship between the hacker and the corporate defendant. That is, it held that the plaintiff must allege, upon a "concrete and particularized basis", that the company "did intentionally authorize" the hacker's attack.

The opinion states "there is no basis to hold IBM liable under theories of respondeat superior or vicarious liability for the actions of the John Doe defendant, even if the attacks were actually carried out by an IBM employee or agent." The opinion adds that "there are no grounds whatsoever for bringing an action against IBM under any of the statutes relied upon by the plaintiff, as each requires ``intentional´´ conduct on the part of the defendant."

The opinion adds, in a footnote, that "the Court recognizes the possibility, however slim, that the plaintiff will uncover facts, whether through third-party subpoena or otherwise, which demonstrate that IBM did intentionally authorize or direct the attacks alleged in the complaint. ... Accordingly, the Court will dismiss the plaintiff’s claims against IBM without prejudice. The plaintiff may refile its claims against IBM only if it has a concrete and particularized basis on which to do so and only if the asserted conduct meets the requisite statutory standards of intentional conduct."

The opinion also includes a denial of B&A's request for discovery. The opinion offers this explanation. "Post-complaint discovery, however, is not the appropriate tool by which to gather facts about the extent, if any, of IBM’s intentional participation in the alleged attacks."

Except in rare circumstances, discovery is post-complaint discovery. Post-complaint discovery is the tool by which litigants discover facts in all types of cases. The opinion states that B&A must possess, pre-complaint, a "concrete and particularized basis" for factual allegations in its complaint. In contrast, the Rule 8, FRCP, requirement is merely that a complaint contain "a short and plain statement of the claim showing that the pleader is entitled to relief". Ordinarily, litigants obtain the "concrete and particularized basis" for key elements of their cases through post-complaint discovery.

Nor does the opinion reconcile its "concrete and particularized basis" requirement with Rule 9, FRCP, which provides that "Malice, intent, knowledge, and other condition of mind of a person may be averred generally."

Thus, the opinion creates a pleading requirement, higher than that imposed under the FRCP, for private actions brought under the CFAA, SCA and WA against corporate entities, based upon its interpretation of intent elements in the statutes.

Commentary. It would be impertinent to suggest that a person who holds an Article III judgeship lacks a basic understanding of the difference between (1) a Rule 12(b)(6) motion to dismiss for failure to state and claim, in which the Court must treat as true the complaint's factual allegations, (2) a Rule 56 motion for summary judgment, in which the Court must determine, following discovery and presentation of summary judgment evidence, whether there "is no genuine issue as to any material fact and that the moving party is entitled to a judgment as a matter of law", and (3) a finding of facts by the trier of facts after trial on the merits.

The District Court opinion states that this is a Rule 12(b)(6) dismissal, and holds that pursuant to Rule 12(b)(6) procedure, dismissal is appropriate.

Nevertheless, the opinion cites the lack of evidence before the Court, as though this were a Rule 56 judgment based upon the plaintiff's failure to submit sworn testimony in support of an issue upon which it bears the burden of proof. For example, the opinion states that the "plaintiff fails to provide a shred of support for its claim ...", and that "The plaintiff has thus made no showing ...". But, the opinion states that this is not a Rule 56 judgment. Also, the Court has not allowed B&A the discovery that would precede a Rule 56 motion, and demonstrate whether or not B&A can make the requisite showing.

Moreover, the opinion is laden with conclusions of a factual nature that would be characteristic of a findings of fact. For example, the opinion states that "the Court is not persuaded by the plaintiff's contention that ``IBM assets initiated the attacks´´", and that "it is difficult for the court to conclude that IBM assets initiated the attack ...". The opinion adds that the "possibility" is "slim" that the B&A could discover evidence in support of its allegations.

There are few opinions interpreting the CFAA and SCA. It would likewise be impertinent to suggest that the District Court, and many sitting federal judges, are uninformed about the uses and abuses of new information technologies, and have few opinions or treatises to which to turn, and hence, render uniformed opinions regarding these statutes.

The District Court opinion does offer a policy rationale for its conclusion. It asserts that without a Rule 12(b)(6) dismissal "totally innocent parties could be forced to defend themselves in judicial proceedings, at great expense and with the potential for public humiliation, against baseless claims predicated on nothing more than pure speculation or, even worse, mean-spirited vindictiveness. Therefore, insofar as the plaintiff’s request for expedited discovery is directed at shoring up, in some post hoc manner, its reason for including IBM as a defendant in this lawsuit in light of a facially deficient complaint, the request must be denied."

The flip side to this argument might be that without the opportunity for discovery and decision on the merits, especially in cases where the defendants possess key facts, such as in hacking and spying cases, totally guilty parties could be able to avoid all judicial proceedings, and hence, conduct electronic spying with impunity.

There is also the matter that it is unclear what spying objective, if any, underlies this action. IBM has maintained silence, and has fought to evade discovery. Also, IBM did not return phone calls from TLJ.

TLJ spoke with B&A's Jim Butera on October 20. He stated that B&A is reviewing the opinion. He added that B&A will continue to pursue that case against the John Doe defendant. He also noted that the dismissal is without prejudice, so that it might conduct further discovery and amend the complaint to again name IBM as a defendant.

However, Butera would not comment on what information IBM and/or the John Doe defendant may have sought from B&A's e-mail server, or which client of B&A may have been the target.

B&A is primarily a lobbying firm that specializes in representing businesses and groups in the financial services sector. However, its web site states that it has also represented Mitsubishi Consumer Electronics, Orion Communications, and Sharman Networks.

Finally, it should be noted that the claim against the John Doe defendant has not been dismissed. The opinion states that "the Court will consider the plaintiff’s requests for information from IBM concerning John Doe’s identity when and if such requests are brought in the form of third-party discovery now that IBM has been dismissed as a party in this action."

The discovery options applicable to non-parties are more limited than for parties. Moreover, IBM will likely assert further arguments for evading discovery, if and when B&A serves it with a subpoena. For example, it is likely to argue that B&A lacks standing to sue on the grounds that the alleged hacking affected e-mail servers owned or controlled by third parties.

This case is Butera & Andrews v. International Business Machines Corporation, et al., D.C. No. 1:06-CV-647 (RBW), Judge Reggie Walton presiding.

People and Appointments

10/19. George Curtis was named Regional Director of the Securities and Exchange Commission's (SEC) Central Regional Office (CRO), which covers the states of Colorado, North Dakota, South Dakota, Utah, Wyoming and New Mexico. He replaces Randall Fons who left the SEC to work in the Denver, Colorado office of the law firm of Morrison & Foerster. See, SEC release.

More News

10/19. The U.S. Court of Appeals (8thCir) issued its opinion [6 pages in PDF] in Mid-State Aftermarket Body Parts, Inc., v. MQVP, Inc., a trademark infringement case in which the Court of Appeals reversed the District Court's summary judgment for the alleged infringer. This case is App. Ct. No. 05-3057, an appeal from the U.S. District Court for the Eastern District of Arkansas.

10/19. The Department of Commerce's (DOC) Bureau of Industry and Security (BIS) extended the deadline to submit comments regarding its proposed changes to its Export Administration Regulations (EAR) pertaining to exports and reexports of dual-use items to the People's Republic of China (PRC). Dual use items include certain encryption products, information security products, fiber optic products, computers, and software. See, original notice in the Federal Register, July 6, 2006, Vol. 71, No. 129, at Pages 38313-38321, and notice of extension in the Federal Register, October 19, 2006, Vol. 71, No. 202, at Page 61692. The deadline was November 3, 2006. The new deadline is December 4, 2006.

More News

10/18. The Department of Commerce's (DOC) Bureau of Industry and Security (BIS) published a notice in the Federal Register withdrawing a proposed rule that would have revised the definition of "knowledge" in the BIS's Export Administration Regulations (EAR). See, original notice in the Federal Register, October 13, 2004, Vol. 69, No. 197, at Pages 60829-60836, and notice of withdrawal in the Federal Register, October 18, 2006, Vol. 71, No. 201, at Pages 61435-61436.

CBS Radio Settles With New York

10/17. The State of New York and CBS Radio, Inc. signed an agreement [22 pages in PDF] titled "Assurance of Discontinuance Pursuant to Executive Law 63(15)". The agreement prohibits business plans structured upon the sale of air time, or the broadcast of sound recordings, to record companies.

The agreement recites New York's allegations that "certain CBS Radio stations have placed their time up for sale, and have concealed from listeners and reporting services the detrimental impact of their deceptive practices.

The agreement describes this a "pay for play", and "payola", and adds that this has been an industry practice for as long as there has been an industry.

It also states that "Rather than developing playlist and airing music based on artistic merit or editorial decision-making, some CBS Radio stations have provided airplay in exchange for valuable consideration."

The agreement also recites that CBS Radio enters into this agreement "without admitting the OAG's allegations herein in their totality". It adds that "By entering into this Assurance, CBS Radio make no admission of liability or violation of law, but acknowledges that certain of its employees engaged in wrong and improper conduct".

The agreement provides that CBS Radio shall cooperate with the Office of the Attorney General in related proceedings and actions. The agreement also requires CBS Radio to "contribute" $2 Million to the Rockefeller Philanthropy Advisors, which will distribute the money for programs aimed at music education and appreciation.

The agreement further provides that CBS Radio agrees to implement business practices listed in the exhibits [41 pages in PDF] attached to the agreement. These include the following: "CBS Radio shall not solicit, receive or accept anything of value from a Record Label or Record Label employee, including anything of value to be distributed to a Broadcast Station contest winner ..."

Eliot SpitzerEliot Spitzer (at right), the Attorney General of New York, stated in a release that "The sale of a station's valuable air time to the highest bidder violates state and federal laws and robs consumers of their right to know why the songs they hear on the radio are being broadcast ... Our settlement with CBS Radio represents a significant milestone in our effort to reform the music industry for the benefit of the listening public."

Federal Communications Commission (FCC) Commissioner Michael Copps wrote in a statement [PDF] that "I commend Attorney General Eliot Spitzer for once again achieving a breakthrough with this settlement. CBS Radio is leading the radio broadcasting industry by finally admitting wrongdoing and agreeing to change its practices. This should provide new fuel to drive the FCC payola investigation to completion. Since payola saps the vitality out of radio, this is a win not only for listeners everywhere, but also for the radio industry itself."

FBI Director Mueller Seeks Data Retention Mandate

10/17. Federal Bureau of Investigation (FBI) Director Robert Mueller gave a speech to the International Association of Chiefs of Police (IACP) in Boston, Massachusetts, in which he advocated a data retention mandate.

Robert MuellerMueller (at right) wrote in the prepared text of his speech that "cyber crime is a growing threat. Today, terrorists coordinate their plans cloaked in the anonymity of the Internet, as do violent sexual predators prowling chat rooms."

He continued that "All too often, we find that before we can catch these offenders, Internet service providers have unwittingly deleted the very records that would help us identify these offenders and protect future victims. We must find a balance between the legitimate need for privacy and law enforcement’s clear need for access. Your resolution on records retention passed this morning will help put us on the right path."

The IACP did not respond to requests from TLJ for a copy of the resolution.

Mueller also said this. "Let me give you one recent example that highlights the vulnerabilities of our infrastructure in the cyber age. Some of the most secure systems throughout the world, including hundreds of computers at university, military and government sites within the United States suffered intrusions by an individual who called himself ``Rebel.´´"

"Two years of intensive Investigative work uncovered a network of suspects stretching from the United Kingdom to Romania. As it turns out, Rebel was a 16-year-old living in Sweden", said Mueller.

Gonzales Statement of September 19. Various House and Senate committees and subcommittees held numerous hearings during the month of September 2006 regarding online pornography. These were not legislative hearings or markups at which the committees examined, amended or approved bills. Rather, these were held in the run up to the November Congressional elections.

Attorney General Alberto Gonzales raised the subject of data retention at one of these hearings. See, prepared testimony [12 pages in PDF] for the Senate Banking Committee on September 19, 2006.

Alberto GonzalesGonzales (at left) wrote that "one thing we are examining is the retention of records by communications service providers. Several months ago, I established a working group within the Department of Justice that is looking at this issue."

He elaborated that "By providing pedophiles a cloak of anonymity, extremely rapid communications, and access to potential victims, the Internet has made it easy for pedophiles to commit these crimes and, in many cases, to profit from them. It has also enabled pedophiles to easily find like-minded offenders, creating a field of competition to see who can produce the most unthinkable photos or videos of raping and molesting children."

He added that "advances in technology have also made it easier and easier for offenders both to profit from these images and to distribute them to each other. Once images are posted on the Internet, it becomes very difficult to remove the images from circulation."

Gonzales also used his prepared testimony for the September 19 event to advocate other proposals that would impact internet service providers.

He wrote that ""I would like to briefly mention four legislative proposals that the Department of Justice recently transmitted to Congress. The first would strengthen 42 U.S.C. § 13032, which requires Internet Service Providers to report violations of child pornography laws, by increasing the criminal penalties for knowing and willful failure to do so, and also establishing a new civil penalty for negligently failing to do so. The second would require warning labels to be placed on commercial websites containing sexually explicit material. The third would extend administrative subpoena power currently available under 18 U.S.C. § 3486 to obscenity investigations. And the fourth would add violations of 18 U.S.C. §§ 2252A and B as predicates for RICO and money laundering charges."

Other FBI Uses of Information Technologies. Mueller also used his October 17 speech to discuss other uses of information technologies by the the Department of Justice (DOJ), and other law enforcement agencies. He said that "Technology is helping us to do our jobs better".

He stated that "Just as technology can be a tool for criminals, it is also aiding our efforts to protect communities from crime and terrorism. Through technology, we are building stronger connections within the law enforcement community. We continue to provide support through a number of information sharing efforts underway across the country, including our fingerprint, DNA and criminal justice databases."

He discussed the FBI's Criminal Justice Information Services (CJIS) Division's Integrated Automoated Fingerprint Identification System (IAFIS).

He said that the "IAFIS supports law enforcement agencies by providing identification responses to electronic fingerprint submissions. Last year, IAFIS received over 23 million fingerprint submissions, almost 65 thousand per day. We are moving forward with the Next Generation Identification system, which will expand on the capabilities of IAFIS to include additional biometrics such as palm prints, tattoos and scars, along with facial recognition. CODIS continues to refine its ability to gather evidence from tiny bits of DNA. So often, the evidence that is invisible to the eye is that which cracks the case."

Finally, he discussed the FBI's Law Enforcement National Data Exchange (N-DEx). He said that "Just as IAFIS brought together disparate fingerprint systems into a common system, N-DEx will do the same for crime report data gathered by federal, state and local agencies. It will correlate data from major FBI databases, such as NCIC, into a national system that will allow us to perform nationwide inquiries in a matter of seconds. N-DEx will allow officers in different cities to collaborate and pursue joint investigations through “virtual task forces” and “on-line investigative teams.”"

Back on January 26, 2005, the FBI released a memorandum from Zalmai Azmi, Chief Information Officer of the FBI, to Glenn Fine, Inspector General of the DOJ. Azmi addressed, among other information technology projects, the N-DEx.

He wrote that "we are well on our way toward implementing the Law Enforcement National Data Exchange (N-DEx). The N-DEx will provide federal, state, municipal and tribal law enforcement with a system to collect, process, and disseminate criminal and investigative data. This national information sharing program will provide the Law Enforcement Community with: Information about methods of criminal operation identified by national contributors; arrestee/indictor information; victim information; suspect information; and other ongoing criminal and investigative information."

He added that "N-DEx will provide a national law enforcement "pointer" to more detailed indices, case, and intelligence information. It will provide for automated direct electronic input from local, tribal, state, and federal agencies, as well as interactive responses."

Azmi also wrote that "N-DEx is fully integrated with the Global Justice XML initiative for improving interoperability of all criminal justice information systems under one standard. N-DEx is also fully integrated with the DOJ Law Enforcement Information Sharing Program (LEISP) plan. In short, the FBI's capacity to access, analyze, and share data internally and externally has improved considerably since the OIG began this audit, strengthening our ability to predict and prevent acts of terrorism and otherwise supporting our national security mission."

More TLJ Stories. See also, story titled "Gonzales Proposes Data Retention Mandate, Web Site Labeling, and Ban on Deceptive Source Code" in TLJ Daily E-Mail Alert No. 1,357, April 25, 2006; stories titled "House Commerce Committee Considers Data Retention Mandate" and "Gonzales Says Foreign Governments Should Have Access to Information Collected under Data Retention Mandatein" in TLJ Daily E-Mail Alert No. 1,365, May 8, 2006; and story titled "Senate Ratifies Convention on Cybercrime" in TLJ Daily E-Mail Alert No. 1,425, August 4, 2006.

EFF Sues DOJ for Failure to Respond to FOIA Request for Records About FBI's Investigative Data Warehouse

10/17. The Electronic Frontier Foundation (EFF) filed a complaint [PDF] in U.S. District Court (DC) against the Department of Justice (DOJ) alleging violation of the federal Freedom of Information Act (FOIA) in connection with its failure to process its FOIA requests for records related to the Federal Bureau of Investigation's (FBI) program titled "Investigative Data Warehouse" (IDW).

The FBI is a component of the DOJ.

FBI Director Robert Mueller addressed the IDW in his prepared testimony for a hearing of the Senate Judiciary Committee (DOJ) titled "FBI Oversight" on May 2, 2006.

Mueller wrote then that "other technology initiatives, such as the Investigative Data Warehouse (“IDW”), have surpassed our expectations. As this Committee knows, the IDW is a centralized repository for relevant counterterrorism and investigative data that allows users to query the information using advanced software tools. IDW now contains over 560 million FBI and other agency documents from previously stove-piped systems. Nearly 12,000 users can access it via the FBI’s classified network from any FBI terminal throughout the globe. And, nearly thirty percent of the user accounts are provided to task force members from other local, state and federal agencies."

The EFF is represented by David Sobel and Marcia Hoffman. Sobel previously litigated FOIA claims for the Electronic Privacy Information Center (EPIC).

Sobel stated in a release that "Americans deserve to know what information is collected under what circumstances, and who has access to it. ...  And what if this database contains false information about you? How would you correct that? These are serious questions that the FBI needs to answer."

The complaint states that on August 25, 2006, the EFF submitted a request for records "listing, describing or discussing the categories of individuals covered by the IDW; ... listing, describing or discussing the categories of records in the IDW; ... listing, describing or discussing criteria for inclusion of information in the IDW; ... describing or discussing any FBI determination that the IDW is, or is not, subject to the requirements of the Privacy Act of 1974; and ... describing or discussing any FBI determination that the IDW is, or is not, subject to federal records retention requirements, ..."

The complaint adds that on September 1, the EFF submitted a second request for "1) records describing data expungement, restriction or correction procedures for the IDW; 2) privacy impact statements created for the IDW; and 3) results of audits conducted to ensure proper operation of the IDW."

The complaint states that the EFF has not received responsive records, and that the DOJ has not processed its requests. It asks the District Court to compel the DOJ to process the requests.

The FOIA is codified at 5 U.S.C. § 552. Subsection (a)(6) provides, in part, that "Each agency, upon any request for records made under paragraph (1), (2), or (3) of this subsection, shall -- (i) determine within 20 days (excepting Saturdays, Sundays, and legal public holidays) after the receipt of any such request whether to comply with such request and shall immediately notify the person making such request of such determination and the reasons therefor ..."

Federal agencies, including the DOJ, frequently violate this statute. Federal courts rarely provide timely or meaningful enforcement of the statute.

Federal Reserve Governor Bies Addresses Information Security

10/17. Federal Reserve Board (FRB) Governor Susan Bies gave a speech titled "A Supervisory Perspective on Enterprise Risk Management" in which she discussed information security in the financial services sector.

Susan BiesBies (at right) said that "cyber attacks and security breaches involving nonpublic customer information appear in the headlines almost every week. These events have cost the financial services industry millions of dollars in direct losses and have done considerable reputational damage. The cost of identity theft to affected consumers is also significant."

She addressed threats to banks from insiders. She said that banking "organizations also remain at risk for breaches or misuses of information by an insider. During our examination activities, we have seen operating losses that were traced back to weak controls over insiders' access to information technology systems interfacing with electronic funds transfer networks. Further investigation into these situations suggests that the duration and magnitude of the fraud and resulting losses is a direct function of the internal party's access to accounting and related systems."

She recommended that "institutions should tightly control access to funds transfer systems and ensure that access settings enforce separation of duties, dual controls, and management sign-offs."

Second, she said that "an institution's senior management should be restricted from regular access to business-line functional systems, especially funds transfer systems. When such restriction is impractical, additional controls must be in place and functioning effectively."

Finally, she said that "effective management of information security risk, even when focused on a specific function, requires an enterprise-wide approach to yield a true and complete evaluation of the associated risks."

She also discussed threats that banks face from persons outside of the banks. In particular, "Banking organizations' increased use of the Internet as a communication and delivery channel have resulted in the need for and use of more-sophisticated control mechanisms, such as enterprise-wide firewall protections, multifactor authentication schemes, and virtual private-network connections."

She did not discuss telephone pretexting to obtain bank customers' personal and financial information.

Bies spoke in Phoenix, Arizona, to the annual convention of the American Bankers Association (ABA).

GAO Reports on FBI's IT Management Problems

10/17. The Government Accountability Office (GAO) released a report [31 pages in PDF] titled "Information Technology: FBI Has Largely Staffed Key Modernization Program, but Strategic Approach to Managing Program’s Human Capital Is Needed".

This is another in a long running series of reports issued by the GAO, and others, regarding the Department of Justice's (DOJ) and the Federal Bureau of Investigation's (FBI) inability to manage and use information technologies.

This report pertains to the FBI's program titled "Sentinel". The GAO states that the purpose of this program is to "acquire and deploy an information technology (IT) system to replace and expand on both its failed Virtual Case File (VCF) project and its antiquated, paper-based, legacy system for supporting mission-critical intelligence analysis and investigative case management activities".

This report, as requested by the House Judiciary Committee, examines only the FBI's staffing of this Sentinel program.

It finds that the FBI has filled a lot of positions, but mostly with contractors, and without strategic planning, or concern for future workforce needs.

The GAO report states that these deficiencies increase "the chances that promised system capabilities and benefits will not be delivered on time and within budget."

It states that "the staffing plan addresses only the program’s immediate staffing needs and does not define the kind of strategic approach to human capital management that our research and evaluations have shown to be critical to the success of any organizational entity."

It adds that "the staffing plan was not derived using a documented, fact-based, data-driven methodology, and the plan does not provide for inventorying the knowledge and skills of existing staff, forecasting future knowledge and skill needs, analyzing gaps in capabilities between the existing staff and future workforce needs, (including consideration of expected succession needs), or formulating strategies for filling expected gaps, including training, additional hiring, and the appropriate degree of reliance on contractors." (Parentheses in original.)

The GAO report states also that "the program's inventory of risks does not include human capital; steps have not been planned to proactively mitigate the probability and impact of future staffing shortfalls, even though other program documents cite it as a challenge and a risk."

People and Appointments

10/17. Christopher Conte, Fredric Firestone and Cheryl Scarboro were named Associate Directors of the Securities and Exchange Commission's (SEC) Division of Enforcement. These are internal promotions. See, SEC release.

More News

10/17. The Federal Communications Commission (FCC) issued an Order on Reconsideration [4 pages in PDF] in its proceeding titled, in part, "In the Matter of Emmis Communications Corporation". This is a broadcast indecency proceeding. The petitioners, who are decency advocates, argued, among other things, against the FCC's conclusion in its original order that "no substantial and material questions of fact in regard to these matters as to whether Emmis possesses the basic qualifications, including its character qualifications, to hold or obtain any FCC licenses or authorizations". The FCC denied the petition. This order is FCC 06-152.

10/17. The Federal Communications Commission (FCC) issued an Order on Reconsideration [6 pages in PDF] in a proceeding regarding broadcast indecency and Viacom and its network and broadcast licensee subsidiaries and affiliates, including CBS, UPN and Infinity. The petitioners, who are indecency advocates, argued in their petition for reconsideration, among other things, that the FCC's original order was ultra vires because it prevented the FCC from considering Viacom's apparent indecency violations in making determinations on license renewal applications. The FCC denied the petition. This order is FCC 06-153.

10/17. The Federal Communications Commission (FCC) released a Memorandum Opinion and Order [10 pages in PDF] in its proceeding titled "In the Matter of Radio X Broadcasting Corporation Bayamon, Puerto Rico". This order is FCC 06-151.

Supreme Court Denies Certiorari in Hatch v. Cellco Partnership

10/16. The Supreme Court denied certiorari in Hatch v. Cellco Partnership, Sup. Ct. No. 05-1159, a case regarding 47 U.S.C. § 332 and state authority to regulate wireless service providers. See, Order List [9 pages in PDF] at page 1.

This is a victory for Verizon Wireless, and other wireless service providers. This lets stand the judgment of the U.S. Court of Appeals (8thCir), which ruled for the wireless service providers. See, December 9, 2005, opinion [13 pages in PDF] of the Court of Appeals, and story titled "Supreme Court Requests Solicitor General Brief in Hatch v. Cellco Partnership" in TLJ Daily E-Mail Alert No. 1,390, June 13, 2006.

The Department of Justice's (DOJ) Office of the Solicitor General (OSG) wrote in its amicus curiae brief for the Supreme Court that "The decision of the court of appeals is correct and does not conflict with any decision of this Court or any other court. Nor does the decision below present an important issue of federal law that should be decided by this Court. This Court's review is therefore not warranted."

This case arose because the state of Minnesota enacted a statute pertaining to "Wireless Consumer Protection". Cellco Partnership, which does business under the name of Verizon Wireless, and other wireless service providers, filed a complaint in U.S. District Court (DMinn) against Mike Hatch, the Attorney General of Minnesota, seeking declaratory and injunctive relief that the statute is preempted by 47 U.S.C. § 332(c)(3)(A). The District Court denied the wireless companies' request for a permanent injunction. They appealed.

The Court of Appeals reversed, and instructed the District Court to grant the wireless companies a permanent injunction.

The Court of Appeals wrote in its opinion that the Minnesota "statute forbids the providers to implement changes in the terms and conditions of subscriber contracts that ``could result´´ in increased rates or an extended contract term, unless they first obtain affirmative written or oral consent from the subscriber."

It "also requires providers to deliver copies of the subscriber contracts to the subscribers, ... and, in the event a subscriber proposes a change to the contract, to disclose clearly any rate increase or contract extension that could result from the change. ... The statute further requires providers to maintain recorded or electronic verification of the ``disclosures´´ required by the law."

Section 332 provides that "no State or local government shall have any authority to regulate the entry of or the rates charged by any commercial mobile service or any private mobile service, except that this paragraph shall not prohibit a State from regulating the other terms and conditions of commercial mobile services."

The Court of Appeals reasoned that the section of the statute that regulates provider initiated changes is not a consumer protection provision that falls within the meaning of "other terms and conditions". Rather, it "effectively regulates rates", and is therefore preempted by Section 332. That is, it "requires providers to maintain rates different from those that would be charged if the providers were left to follow the terms of their existing contracts, which typically allow an adjustment of rates after reasonable notice of fewer than 60 days."

The OSG pointed out for the Supreme Court that "No other State has enacted a statute that freezes CMRS rates". It also wrote that "the court of appeals' decision does not prevent the States from prohibiting unfair business practices by wireless providers. The decision holds only that a state law is preempted if it ``freezes´´ the rates that CMRS providers may charge and thus "has a clear and direct effect on rates."

Copyright Office Opines that Cellphone Ringtones are Digital Phonorecord Deliveries Under Section 115

10/16. The Copyright Office (CO) issued a Memorandum Opinion [34 pages in PDF] in its proceeding titled "In the Matter of Mechanical and Digital Phonorecord Delivery Rate Adjustment Proceeding". This is also known as the ringtone decision.

The Copyright Royalty Board referred two issues to the CO: "1. Does a ringtone, made available for use on a cellular telephone or similar device, constitute delivery of a digital phonorecord that is subject to statutory licensing under 17 U.S.C. § 115, irrespective of whether the ringtone is monophonic (having only a single melodic line), polyphonic (having both melody and harmony), or a mastertone (a digital sound recording or excerpt thereof)? 2. If so, what are the legal conditions and/or limitations on such statutory licensing?" (Footnote omitted. Hyperlink added.)

The CO concluded that "ringtones (including monophonic and polyphonic ringtones, as well as mastertones) qualify as digital phonorecord deliveries (“DPDs”) as defined in 17 U.S.C. § 115. Apart from meeting the formal requirements of Section 115 (e.g., service of a notice of intention to obtain a compulsory license under Section 115(b)(1), submission of statements of account and royalty payments, etc.), whether a particular ringtone falls within the scope of the statutory license will depend primarily upon whether what is performed is simply the original musical work (or a portion thereof), or a derivative work (i.e., a musical work based on the original musical work but which is recast, transformed, or adapted in such a way that it becomes an original work of authorship and would be entitled to copyright protection as a derivative work)." (Parentheses in original.)

This proceeding is CO Docket No. RF 2006-1

FCC Issues Second Public Notice Seeking Comments on AT&T's Revised Proposed Conditions

10/16. The Federal Communications Commission (FCC) released a second public notice in its AT&T BellSouth merger review proceeding. This notice pertains to AT&T's revisions to its proposed conditions to be imposed in the FCC's forthcoming order approving its acquisition of BellSouth.

See, FCC's October 13 public notice [7 pages in PDF] and October 16 public notice [7 pages in PDF].

The FCC announced on October 5, 2006, that it would consider its order in its proceeding on the merger of AT&T and BellSouth at its event titled "Open Meeting", to be held on October 12. The FCC conducted this event, but did not take up this order.

The FCC announced that it would hold a second meeting on Friday, October 13. However, no Commissioners attended this event, and no business was conducted. However, Commissioners continued their secret negotiations.

On October 13, the two Democrats on the Commission, Michael Copps and Jonathan Adelstein, released a letter [PDF] to the Republican Chairman, Kevin Martin, requesting that the FCC further postpone this matter. They requested that the FCC "allow the applicants to put forth their best proposals, and solicit expeditious public comment so that we can receive a full record to inform the Commission's decision-making process."

Just before 2:00 PM, the Martin released a letter in response. He stated that he would postpone the matter, and had "instructed staff to place these proposals out for public comment for a period of ten days." The FCC then released the first public notice, late on Friday, October 13, with a comment deadline of October 24.

The first public notice disclosed, attached, and requested public comments upon, an AT&T letter proposal dated October 13, 2006. AT&T, in an effort to win support from the Democratic Commissioners, listed in this six page letter numerous proposed conditions to which it would agree.

On October 16, the FCC issued a second public notice, which is similar to the first. It attached a different letter from AT&T, also dated October 13.

The FCC titled its second public notice "ERRATUM". This is a mischaracterization. First, erratum is the singular form of a noun meaning error. Errata is the plural form. The FCC's second public notice contains at least two major changes from the first.

Second, errata normally signifies inadvertent errors of a typographical nature. The changes in the second notice affect the substance of AT&T's proposal. The proposal attached to the first notice included no reference to "network neutrality" or "net neutrality". The second version adds a new section titled "Net Neutrality". It proposes that "Effective on the Merger Closing Date, and continuing for thirty months thereafter, AT&T/BellSouth will conduct business in a manner that comports with the principles set forth in the FCC’s Policy Statement, issued September 23, 2005 (FCC 05-151)."

See, the FCC's 2005 policy statement [3 pages in PDF].

The second public notice also changes a proposal in the first public notice to apply certain conditions from a previous merger order. The first referenced the SBC Ameritech merger order. The second references the SBC AT&T merger order.

The condition, as recited in the second public notice, provides as follows: "AT&T/BellSouth affiliates that meet the definition of a Bell operating company in section 3(4)(A) of the Act (``AT&T/BellSouth BOCs´´) will implement, in the AT&T and BellSouth Service Areas, the Service Quality Measurement Plan for Interstate Special Access Services (“the Plan”), similar to that set forth in the SBC/AT&T Merger Conditions." (Footnotes omitted.)

See also, story titled "FCC Releases Public Notice Seeking Comments on AT&T's Proposed Conditions" in TLJ Daily E-Mail Alert No. 1,468, October 13, 2006.

People and Appointments

10/16. John Dugan was named Associate District Administrator for Enforcement in the Securities and Exchange Commission's (SEC) Boston District Office (BDO). He replaces David Bergers, who was previously named BDO District Administrator. Dugan has worked for the SEC since 1999. See, SEC release.

10/16. The Federal Communications Commission (FCC) issued a Public Notice [PDF] that requests nominations for membership on the newly created Commercial Mobile Service Alert Advisory Committee. This Committee was created by Section 603 of the "Warning, Alert and Response Network Act" or "WARN Act", which was attached to HR 4954, the port security bill that President Bush signed on October 13, 2006. Nominations are due by December 12, 2006. See also, story titled "House and Senate Approve Port Security Bill With Tech Provisions" in TLJ Daily E-Mail Alert No. 1,461, October 4, 2006.

More News

10/16. The Department of State (DOS) announced in a release that it "will provide $3 million for a combined 13 bilateral and multilateral training and technical assistance projects aimed at protecting intellectual property rights (IPR)." The DOS added that "The largest project -– with nearly $727,000 in funding -- will target the economies of the Association of Southeast Asian Nations (ASEAN) -- Brunei Darussalam, Burma (Myanmar), Cambodia, Indonesia, Laos, Malaysia, the Philippines, Singapore, Thailand and Vietnam. The two-year effort will provide training to border and customs officials at key offices and ports."

Go to News from October 11-15, 2006.