Odd as it may seem to those of us who live and breathe cyber, tech and privacy insurance, I have heard anecdotally of municipal authorities who profess that their cities and towns do not need to incur the expense of buying these products. “Why do we need them? We don’t operate on the internet,” they reportedly have said.

Well, my response is “why don’t you think you need them?” Do you maintain a bank account? Do you store personally identifiable information about private citizens, whether in your property records, police files, tax databases or otherwise? Are your employees able to access your municipality’s computer systems remotely? Is it really possible that every single piece of information you maintain is recorded on paper and nothing is stored on a mainframe, whether located on- or off-site? Come on. Its 2010. That’s virtually impossible, isn’t it? Haven’t you read my December 23, 2009 post “No One is Immune. Even Government Entities Need Cyber/Tech Insurance?”

Since that posting, additional municipalities have suffered cyber attacks and been the subject of cyber lawsuits.

Read the rest of this entry »

This topic angers me.  Fines for infringement under the Copyright Act range from $750 to $150,000 per infringement.  That’s a wide spectrum!  More disturbing is that the Act leaves the pricing decision in the hands of the judge, without any real guidelines for them to follow.

This week, a judge ordered Whitney Harper to pay $27,500 for illegally downloading 37 songs…I’ll do the math for you – that’s $750 a song, i.e., the minimum allowed.  Earlier this year, Joel Tenenbaum was held liable for $675,000 for file sharing 30 songs – that’s $22,500 per song.  It gets better.  Nearly a year ago, Jammie Thomas-Rasset was ordered to pay $1.92 million by a jury for downloading 24 songs…$80,000 per download!  How does the court conclude how much to, for lack of a better word, charge per song?  Is it based on the popularity of the song?  Does Lady Gaga or Jay-Z rank higher than Skid Row or Journey because the former are currently more mainstream?

Read the rest of this entry »

Lawyers, academics, politicians, students and of course litigants are naturally concerned, often vitally concerned, to know how the final appellate court of the land will decide a given matter. Depending on the outcome, the law might be changed in new and radical ways; legislation might be struck down; government policy might fall.

The wait to discover what is going to happen can be very long because, as we all know, it can be a year or more between the hearing of an appeal and the delivery of judgment in a given case. There is, however, a vital source of clues to the possible outcome of a case, to the thinking of the court and the arguments which they find persuasive, or not, that is often overlooked. I mean of course the transcripts of argument made during the oral hearing, which includes questions and comments from the bench.

As an example of the usefulness of these, take the case of Abbott v. Abbott, recently heard by the US Supreme Court. The Court heard argument about the meaning of “habitual residence” in the Hague Child Abduction Convention. The phrase is not defined, and counsel took the Court to decisions of courts of other countries, also signatory to the Convention. Have a look at the following extract, which includes submissions by counsel and exchanges with the bench, noting that in this instance at least, Justice Scalia seems quite willing to consider the application of foreign court decisions:

Read the rest of this entry »

Jurors are not supposed to look at media coverage of the case during a trial since their verdicts are supposed to based on the evidence presented in a trial, rather than media reports. But can they really resist taking a sneak peek on the Internet?

In February of 2010, the U.K.’s Ministry of Justice released a very interesting report, titled “Are Juries Fair?“, by Professor Cheryl Thomas.  Among other things, the study examined jurors’ use of the Internet to look up information about their cases in both long, high profile cases and standard cases lasting less than two weeks, with little media coverage. The report found:

• All jurors who looked for information about their case during the trial looked for it on the Internet, as opposed to television, newspapers or some other source. (Well, okay, so this one wasn’t exactly a big surprise…).

• More jurors said they “saw” information on the Internet than admitted to “looking for it” on the Internet. Since they were doing something that a  judge should have told them that they were not supposed to do, this may explain why jurors were more likely to say the saw reports on the Internet than said they looked for it. (See? Lawyers aren’t the only people in the courtroom who resort to semantics….). But just what are the figures?

Read the rest of this entry »

Who would have thought a comment as innocent as “Just walked into work at Cozen O’Connor-Toronto…so much work to get done” could potentially cause you so much trouble? 

I came across an article this weekend by Tracy Staedter, titled “I’m Not Home: Please Rob Me”. Ready to become paranoid?  Read the article – it’s short and to the point.  Ever send out Evites?  How about prior tweets, MySpace posts, etc. inviting people to your place and including an address?   Bingo!  Better pack up and move quick! 

The website causing havoc is www.PleaseRobMe.com.  Check it out…make sure you aren’t on the site…then check again after every time you tweet, post, etc.  Do you have the time to constantly check?  Probably not.  Should you?  Probably.  It may make you paranoid, but then again, shouldn’t you be?  But should the creators of the website be blamed – legally, morally, ethically?  Should they be held accountable for what you put out into the public realm?  Can you sue for violation of your privacy rights?  Do you really have an expectation of privacy in any of those posts?  In an age where MySpace, Friendster and other social networking sites regularly have their records subpoenaed, why should anyone think that anything they post will be “private”?  What piqued my curiosity even more was how this website could apply in the criminal or tort law application.  Can this website be used to substantiate or corroborate an accused’s alibi – “Your Honor, look!  I have proof that I wasn’t in the city when the crime occurred…I tweeted that I would be in Los Angeles!”  Look, my knowledge of Canadian (or U.S., for that matter) Criminal Law/Procedure does not extend further than the 800 or so pages of textbooks I read while in law school.  But surely this website can be put to more use than just what the creators intended.  So long as a proper foundation is laid, and the purported evidence is relevant, it may be admitted, right?  Something to definitely consider as a defense attorney. 

The creators of the website claim the site is supposed to help us…to open our eyes to the evil out in the world.  Call me crazy, but perhaps a simple email addressed to me would have been more appreciated…though it leaves one wondering if such a logical course of action would have been as effective.

As the cyber war of words heats up between the U.S. and China, the rest of the world is taking notice….and proposing action.

Most recently, the head of the United Nations’ communication and technology agency, Secretary General Hamadoun Toure of the International Telecommunications Union, proposed a treaty whereby member countries agree not to precipitate a cyber attack against other member countries. “The framework would look like a peace treaty before a war,” he is reported to have said.

Secretary Toure’s proposal follows a series of concerns expressed at last month’s World Economic Forum in Davos-Klosters, Switzerland, including a harsh warning that cyber attacks could amount to a declaration of war. According to Secretary Toure, “[a] cyber war would be worse than a tsunami – a catastrophe.” Because of the potential devastating consequences of a cyber war, the Secretary strongly recommended that countries agree not to harbor cyber criminals and “commit themselves not to attack another.” Of course, nothing is quite as simple as that. For example, John Negroponte, the former director of U.S. intelligence, cautioned that intelligence agencies would “express reservations” about such a treaty. Given the breadth and scope of China’s, Russia’s and other countries’ intelligence operations and their reported limits on information disclosures, Mr. Negroponte’s remarks likely would be echoed by other nations.

Read the rest of this entry »

Join the forum discussion on this post - (1) Posts

Pamela Pengelley, our resident expert on Facebook, is now internationally recognized for her expertise. 

Most recently, Pamela was quoted in an article published by Law 360 entitled “Poking Around Facebook Could Win Your Case.” According to Pamela, “‘Lawyers are realizing [Facebook] is a gold mine of information…it’s pretty much standard that you subpoena Facebook when you get a personal injury action. It’s not a substitute for having a private investigator, but people will put up incriminating photos online without realizing that there can be consequences in a lawsuit.’”

Pamela further observed that Facebook is “most effective in lawsuits where plaintiffs are claiming an injury, such as when their health or ability to work has allegedly been impaired”.

Kudos to Pamela. Where will her sage words of wisdom appear next?

Never underestimate the value of a good domain name! As any website owner will tell you, http://www.rose.com, by any other name, is likely to lose customers.

About a week ago, my colleague’s nephew, Kevin Bortnick, found himself in a domain name predicament. His plight is interesting and he has graciously permitted us to blog about his situation, which provides some useful context for a discussion about domain name disputes.   

Kevin is a talented website developer who used the name “KBortnick” or “KB” for his internet business. In November of 2005, he registered the domain name kbortnick.com for a period of four years, at a cost of about $10 per year. Although the domain name expired in November, 2009, he explained that “I was moving out & had a bit of a money crunch, so I figured I’d renew it in about a month, because it really wasn’t worth anything & I figured it would be fine….”   

A couple of weeks ago, he attempted to re-register the name, only to discover that someone else had purchased it. That unknown ‘someone’ had immediately put it up for sale on a website that auctions off domain names, http://seto.com, subject to a minimum bid of $480. As you can imagine, Kevin was livid. “The highest I’ve ever seen my domain name appraised at was about $30”, he exclaimed, “and most places didn’t even give it that!”   

(I empathized with Kevin’s situation. Over Canadian Thanksgiving, while I was sitting before the computer in a state of turkey-induced lethargy, I was suddenly roused from my stupor by the discovery that the domain name “pamelapengelley.com” could be registered for the low, low price of just $10 a year. I may soon write a post that is entitled “How I learned the hard way that just because you can make a hideously tacky personal flash website dedicated to your glorious self doesn’t mean that you should make one.” But I digress…)   

Kevin’s dilemma got me thinking –  is this what is known as “cybersquatting”?  Is there any remedy for this sort of thing? Does Kevin have any recourse?

In fact, there are a couple of different mechanisms for resolving a cybersquatting dispute, and my understanding of them was greatly assisted by some basic knowledge about the development of the Internet and some tech-related acronyms like “DNS”, “IP” and “ccTLD”. If these terms are unfamiliar to you, then I ask for your indulgence while I lay out some of the basic IT background. It’s a bit lengthy so if you are computer-savvy, you may just want to skip part 1. Read the rest of this entry »

“Since time immemorial” and “time out of  mind” are phrases that we throw around with little thought as to their meaning. We mean, of course, a very long time ago, or way, way back. Few know that, by a statute of Edward I in 1276, legal memory was actually fixed to begin with the reign of Richard I (yes, the Lionheart himself) on July 6^th, 1189.

The point of this discursis into the mists of time? Well eight hundred plus years, back to the accession of King Richard, is undoubtedly a very long time. Try finding a statute from his reign, or even the one I’ve referred to from that of Edward I, 61 years after Magna Carta. You’d think it would be easy. Finding English legislation, no matter how old, on the Web these days? “No problem”, you might think. Well…actually yes, problem. It’s not that easy. Try it. Oh, and then try and find any relevant secondary material. And cases…okay, well there wasn’t all that much anyway, since Richard was way more interested in walloping Saladin and trying to recapture Jerusalem, not to mention avoiding his mom who was trying to get him hitched.

Flash forward to the early twenty-first century and there’s nothing you can’t find. Every law. Every piece of background information. Every piece of interpretation. Every comment. Every case. Every piece of utterly boring pointless minutiae blogged and twitted by millions of netizens. Heavens, just think. In eight hundred years time, scholars researching the first (only?) Obama presidency will be able to read every single word written about the proposed healthcare reform legislation. Golly! Won’t they be lucky.

Of course, from the lofty pinnacle of the far distant future, a land of peace and unqualified respect for human rights, where a World government runs the planet in perfect harmony, they’ll also be trying to discover the truth buried beneath all the spin. Whose view to respect? That of the old United States? Or perhaps that of the Peoples Republic of China? What was this Google thing and just who hacked who? Just what was an iPad and who was this Jobs guy? Who will care?

…Or, maybe, just maybe, they’ll be looking back on this time in wonder. The time when, so its said, someone pressed the giant reset button and wiped the Internet clean. There’ll be a huge gap in history because no-one wrote anything down. Maybe they’ll know more about Richard the Lionheart than they know about us.

The risk of cyberattacks is real and growing. While many of us theorize and speak in hypotheticals about the possibility of a major and potentially devastating cyberattack (or twenty), those considered most “in the know” are taking these risks seriously. And for good reason.

A January 29, 2010 study commissioned by McAfee, Inc and authored by the Center for Strategic and International Studies (CSIS) reports that over one-third (37%) of the IT security executives surveyed believe that critical infrastructure such as electrical grids, oil and gas production, water supply, telecommunications and transportation networks has become increasingly vulnerable to a cyberattack. Moreover, 40% of the 600 executives from 14 countries who responded predict a major security incident in their sector within the next year. Only 20% believe their sector is secure and will successfully avoid a serious cyberattack over the next five years.

The respondents work in critical infrastructure enterprises across seven sectors in 14 countries (including the US, UK, Japan, China, Germany, France, Italy, Russia, Spain, Brazil, Mexico, Australia and Saudi Arabia). Most problematic, over half of the respondents admitted that their concerns are not without foundation. Indeed, 54% acknowledged that their companies already have experienced infiltrations or large-scale cyberattacks from terrorists, organized crime gangs, and/or nation-states. The average cost of resultant downtime is estimated to be $6.3 million per day. Not chump-change by any means.

The recent cyberattack on Google is just one example. According to CSIS’s report, however, there have been scores more. With additional attacks to come. Of most concern, perhaps, over half of those surveyed believe that the U.S., China and Russia as the three most vulnerable countries.

The report, entitled “In the Crossfire: Critical Infrastructure in the Age of Cyberwar,” goes on to state that more than one-third of the executives who responded feel their respective sectors are unprepared for a major attack and that two-thirds believe the ongoing recession has caused companies to reduce resources devoted to cyber protection.

This situation harkens back to the adage “one man’s suffering is another man’s gain.” The opportunities for cyber/tech underwriters are there. Go get ‘em, ladies and gentlemen.