Privacy

Besides cold temperatures, inevitable musings about an Ovechkin-led Capitals being positioned to make a run at the Stanley Cup (followed by them falling off a cliff), and the occasional wayward arctic fowl, January in the District of Columbia comes with at least one constant ritual: the time honored tradition of speculating on what will be included in the State of the Union.  (And, in recent times, the SOTU-themed drinking games that flow from the anticipation… even the Washington Post has one this year).  Although some of the suspense has been dampened with media leaks and a multi-week presidential tour highlighting important SOTU themes, some surprises remain.

With political watchers fixated on what President Obama will and will not include in this year’s SOTU, I thought it was a good time for DisCo to lay out a potential tech policy roadmap for what to watch for this year in the President’s annual “setting priorities” exercise.

MORE »

{ 0 comments }

(Originally published at and cross-posted from CircleID)

On December 17th a US proposal for online commerce in a major trade negotiation, the Trade in Services Agreement (“TISA”)[1] leaked. A flurry of press releases and opinion pieces claim that TISA is a threat to the Internet. The headlines are lurid: “TISA leak: EU Data Protection and Net Neutrality Threatened” and “Leaked TISA text exposes US threat to privacy, civil rights”. Yet the authors of these screeds are far removed from the negotiations and not actively following them; their comments generally assume the 8-month-old text from one country is a reliable base to use to make assumptions about the end result of unfinished negotiations involving more than 40 countries. Because I’ve spent years in Geneva regularly meeting with and advising negotiators on the networked economy[2] I have a very different perspective. Frankly, I believe most commenters have got the main issues wrong and largely missed the significance of the worst feature of the proposal – the extremely broad national security exception.

MORE »

{ 0 comments }

2014

New Year’s is always a time for remembrance and nostalgia, with lots of “top” lists. This is another, focused on the most important, entertaining and reverberating technology law cases of 2014.

1.  Apple’s iPod Class Action Win.  Near the end of the year, a decade-old antitrust class action against Apple Inc. finally went to trial in early December. The gist of the claim was that by reconfiguring its DRM system for the then new (now iconic) iPod MP3 players in a way that broke compatibility with RealNetworks’ protocol back in 2006, Apple monopolized the market for digital music. Although the Sherman Act theory was questionable, at best, the presiding federal judge refused to dismiss the complaint or enter summary judgment for either side. After just three hours of deliberations, the jury returned a unanimous verdict for Apple, finding that the new software was a meaningful product improvement over previous versions. (This was also the case where the late Steve Jobs testified, by way of videotaped deposition, from the grave.) Lesson: even monopolists get the blues.

2.  Software & Business Methods Patents Narrowed.  In one of several precedent-setting Supreme Court cases involving intellectual property, the Court ruled in Alice Corp. v. CLS Bank that vague or generic patents, which do little more than operate mathematical algorithms on a general purpose computer, are not “patentable subject matter.” CLS Bank has already had a profound effect on the Court of Appeals for the Federal Circuit, which for nearly the first time invalidated some business method patents on patentablity grounds in its wake, and the the U.S. Patent & Trademark Office, which was far more aggressive in rejecting patent applications during the second half of the year. The longer term consequences in the ongoing debate over patent trolls and patent reform legislation remain to be seen. Lesson: the era of easy patents may be ending. MORE »

{ 0 comments }

Last Friday, President Obama signed an executive order announcing the “BuySecure Initiative” to jump-start the adoption of enhanced security measures for financial transactions and sensitive data.  The goal is for financial institutions to implement tools like “chip-and-pin,” which would secure credit, debit, and other payment cards with microchips in lieu of basic magnetic strips, and PINs (like those standard on consumer ATM cards).  While the PIN feature speaks for itself, the microchips soon to be embedded in payment cards allow for dynamic authentication of the card’s validity and account information through strong encryption.

The new executive order was announced during the ongoing National Cyber Security Awareness Month, and comes on the heels of a massive data breach at JP Morgan.  The cyber threat landscape is not pleasant, particularly in the financial sector, but we at DisCo are an optimistic bunch.  We’d like to focus on the silver lining—the proliferation of methods of mobile and online payment, in addition to the long-awaited shift to chip-and-pin, partly spurred by consumer desire for enhanced security in the face of data breaches associated with traditional means of payment.

MORE »

{ 0 comments }

If you haven’t had your daily fill of irony yet, let me tell you about the Euro-skeptic, free marketeer news organization appealing to European regulators to guarantee “fair returns” in the wake of Internet-driven disruption.

On Wednesday, News Corp released a letter from its CEO Robert Thomson to the EU competition commissioner Joaquín Almunia, criticizing Google and championing regulators to act against the search provider, following similar demands by the news publisher’s European peers.  Unfortunately, Thomson’s letter received about as much fact-checking as a News Corp tabloid.  (Jeff Jarvis has already annotated the letter’s “staggering” “willful blindness to irony” on the News Genius platform).

News Corp publications have championed tech disruption before, but apparently those principles go out the window when News Corp is the one being disrupted.  In fact, News Corp’s own Wall Street Journal previously complained that Google had become its competitors’ “piñata,” who were demanding “a regulatory veto” notwithstanding the fact that they “haven’t demonstrated any economic harm” stemming from the search provider.  Yet this week, News Corp itself jumps into the piñata party, waving the European banner. MORE »

{ 0 comments }

Earlier this month, at the Black Hat 2014 conference, Yahoo announced that it would implement end-to-end encryption in its Mail service by 2015. This announcement came on the heels of Google’s June announcement of a Chrome browser extension that would make it easier to do the same for data leaving the browser for a specific recipient (Yahoo’s implementation is a fork of Google’s publicly released source code).

End-to-end encryption of message content through OpenPGP, even as implemented by the savvy engineers at Yahoo and Google, is by no means a privacy cure-all on its own. However, when end-to-end is viewed along with earlier developments, like an always-on secure connection (via HTTPS) for Gmail or multi-factor authentication, it’s becoming clear that the tech industry is taking improved consumer privacy seriously, both in word and deed. MORE »

{ 0 comments }

What sounds like a surreal Monty Python joke is actually a serious question facing Internet users and companies following the ruling yesterday by the Court of Justice of the European Union, Europe’s highest court.

In the ruling by the full court against Google the court has decided that Google must remove from its index information relating to Mr Costeja Gonzalez. The trick here though is that this information is entirely legitimate according to Spanish law and the newspaper that published the story in 1998 is not publishing a correction. Copies of that story will remain on file in libraries.

Google will, however, need to remove links to the story from its index. This is equivalent to telling libraries that they can keep a copy of the newspaper on file, but that librarians must not tell anyone how to find it. Indeed, it may well be that the search systems of all libraries in the European Union will need to delete links upon request as well. And this to publications in the bowels of the building. This may create even more headlines.

The digital world has provided the general public, and specialists such as researchers and historians, the ability to find information quickly and cheaply, and to compare different sources. This is the essence of a plural, democratic society. This ruling will likely mean that the elite, those with access to well resourced libraries with well stocked back copies of newspapers, journals and books, will continue to be able to dig up information: legally available information. If they can find it in the library. The rest of us won’t, in the European Union at least.

Let us consider some of the possible effects. MORE »

{ 0 comments }

This post is part of the Disruptive Competition Policy Forum recap series.

Details below. MORE »

{ 0 comments }

This post is part of the Disruptive Competition Policy Forum recap series.

Details below. MORE »

{ 0 comments }

If you think competition between companies drives innovation, what might happen when they also have to go up against autonomous pieces of software running distributed across millions of computers through the Internet and around the world? It sounds like something out of a Singularity obsessed science fiction novel, but if you know where to look, the bones of this idea are already beginning to be seen today. The results might look pretty strange still, but there are some fascinating things happening in the “Distributed Autonomous Corporation” (DAC) area.

A DAC is a (so far) hypothetical construction that could perform at least some of the same functions as a corporation, non-profit organization, or other grouping of humans without the centralized legal or physical trappings of those organizations. This could be accomplished by creating a blockchain-type system (similar to that running Bitcoin) in which the code that makes up the DAC runs. DACs are simply algorithms tied to payment accounts that pay for their own computing cycles used, are paid for the services they provide, and can modify their own code.

DACs as an idea have been tossed around the Bitcoin community for a few years, and were somewhat codified in a series of blog posts by Stan Larimer beginning with “Bitcoin and the Three Laws of Robotics”. Larimer posits that the Bitcoin system itself is a DAC, suggesting that much of the network’s value comes from “performing a trustworthy confidential fiduciary service,” much like a Swiss bank would do. Unlike a Swiss bank, however, Bitcoin is open source and thus anyone can look at the code and be relatively assured that the network itself will act as designed and is worthy of trust. Of course, as we’ve seen time and again since the launch of the Bitcoin software, the same cannot be said of the human beings that may provide any related services.

MORE »

{ 0 comments }