Pamela Pengelley, our resident expert on Facebook, is now internationally recognized for her expertise.
Most recently, Pamela was quoted in an article published by Law 360 entitled “Poking Around Facebook Could Win Your Case.” According to Pamela, “‘Lawyers are realizing [Facebook] is a gold mine of information…it’s pretty much standard that you subpoena Facebook when you get a personal injury action. It’s not a substitute for having a private investigator, but people will put up incriminating photos online without realizing that there can be consequences in a lawsuit.’”
Pamela further observed that Facebook is “most effective in lawsuits where plaintiffs are claiming an injury, such as when their health or ability to work has allegedly been impaired”.
Kudos to Pamela. Where will her sage words of wisdom appear next?
Never underestimate the value of a good domain name! As any website owner will tell you, http://www.rose.com, by any other name, is likely to lose customers.
About a week ago, my colleague’s nephew, Kevin Bortnick, found himself in a domain name predicament. His plight is interesting and he has graciously permitted us to blog about his situation, which provides some useful context for a discussion about domain name disputes.
Kevin is a talented website developer who used the name “KBortnick” or “KB” for his internet business. In November of 2005, he registered the domain name kbortnick.com for a period of four years, at a cost of about $10 per year. Although the domain name expired in November, 2009, he explained that “I was moving out & had a bit of a money crunch, so I figured I’d renew it in about a month, because it really wasn’t worth anything & I figured it would be fine….”
A couple of weeks ago, he attempted to re-register the name, only to discover that someone else had purchased it. That unknown ‘someone’ had immediately put it up for sale on a website that auctions off domain names, http://seto.com, subject to a minimum bid of $480. As you can imagine, Kevin was livid. “The highest I’ve ever seen my domain name appraised at was about $30”, he exclaimed, “and most places didn’t even give it that!”
(I empathized with Kevin’s situation. Over Canadian Thanksgiving, while I was sitting before the computer in a state of turkey-induced lethargy, I was suddenly roused from my stupor by the discovery that the domain name “pamelapengelley.com” could be registered for the low, low price of just $10 a year. I may soon write a post that is entitled “How I learned the hard way that just because you can make a hideously tacky personal flash website dedicated to your glorious self doesn’t mean that you should make one.” But I digress…)
Kevin’s dilemma got me thinking – is this what is known as “cybersquatting”? Is there any remedy for this sort of thing? Does Kevin have any recourse?
In fact, there are a couple of different mechanisms for resolving a cybersquatting dispute, and my understanding of them was greatly assisted by some basic knowledge about the development of the Internet and some tech-related acronyms like “DNS”, “IP” and “ccTLD”. If these terms are unfamiliar to you, then I ask for your indulgence while I lay out some of the basic IT background. It’s a bit lengthy so if you are computer-savvy, you may just want to skip part 1. Read the rest of this entry »
“Since time immemorial” and “time out of mind” are phrases that we throw around with little thought as to their meaning. We mean, of course, a very long time ago, or way, way back. Few know that, by a statute of Edward I in 1276, legal memory was actually fixed to begin with the reign of Richard I (yes, the Lionheart himself) on July 6th, 1189.
The point of this discursis into the mists of time? Well eight hundred plus years, back to the accession of King Richard, is undoubtedly a very long time. Try finding a statute from his reign, or even the one I’ve referred to from that of Edward I, 61 years after Magna Carta. You’d think it would be easy. Finding English legislation, no matter how old, on the Web these days? “No problem”, you might think. Well…actually yes, problem. It’s not that easy. Try it. Oh, and then try and find any relevant secondary material. And cases…okay, well there wasn’t all that much anyway, since Richard was way more interested in walloping Saladin and trying to recapture Jerusalem, not to mention avoiding his mom who was trying to get him hitched.
Flash forward to the early twenty-first century and there’s nothing you can’t find. Every law. Every piece of background information. Every piece of interpretation. Every comment. Every case. Every piece of utterly boring pointless minutiae blogged and twitted by millions of netizens. Heavens, just think. In eight hundred years time, scholars researching the first (only?) Obama presidency will be able to read every single word written about the proposed healthcare reform legislation. Golly! Won’t they be lucky.
Of course, from the lofty pinnacle of the far distant future, a land of peace and unqualified respect for human rights, where a World government runs the planet in perfect harmony, they’ll also be trying to discover the truth buried beneath all the spin. Whose view to respect? That of the old United States? Or perhaps that of the Peoples Republic of China? What was this Google thing and just who hacked who? Just what was an iPad and who was this Jobs guy? Who will care?
…Or, maybe, just maybe, they’ll be looking back on this time in wonder. The time when, so its said, someone pressed the giant reset button and wiped the Internet clean. There’ll be a huge gap in history because no-one wrote anything down. Maybe they’ll know more about Richard the Lionheart than they know about us.
The risk of cyberattacks is real and growing. While many of us theorize and speak in hypotheticals about the possibility of a major and potentially devastating cyberattack (or twenty), those considered most “in the know” are taking these risks seriously. And for good reason.
A January 29, 2010 study commissioned by McAfee, Inc and authored by the Center for Strategic and International Studies (CSIS) reports that over one-third (37%) of the IT security executives surveyed believe that critical infrastructure such as electrical grids, oil and gas production, water supply, telecommunications and transportation networks has become increasingly vulnerable to a cyberattack. Moreover, 40% of the 600 executives from 14 countries who responded predict a major security incident in their sector within the next year. Only 20% believe their sector is secure and will successfully avoid a serious cyberattack over the next five years.
The respondents work in critical infrastructure enterprises across seven sectors in 14 countries (including the US, UK, Japan, China, Germany, France, Italy, Russia, Spain, Brazil, Mexico, Australia and Saudi Arabia). Most problematic, over half of the respondents admitted that their concerns are not without foundation. Indeed, 54% acknowledged that their companies already have experienced infiltrations or large-scale cyberattacks from terrorists, organized crime gangs, and/or nation-states. The average cost of resultant downtime is estimated to be $6.3 million per day. Not chump-change by any means.
The recent cyberattack on Google is just one example. According to CSIS’s report, however, there have been scores more. With additional attacks to come. Of most concern, perhaps, over half of those surveyed believe that the U.S., China and Russia as the three most vulnerable countries.
The report, entitled “In the Crossfire: Critical Infrastructure in the Age of Cyberwar,” goes on to state that more than one-third of the executives who responded feel their respective sectors are unprepared for a major attack and that two-thirds believe the ongoing recession has caused companies to reduce resources devoted to cyber protection.
This situation harkens back to the adage “one man’s suffering is another man’s gain.” The opportunities for cyber/tech underwriters are there. Go get ‘em, ladies and gentlemen.
To the contrary, virtually every country worldwide is increasingly faced with the problem of having to deal with the hard social and legal issues presented by a rapidly evolving cyber world. So too, policyholders and the insurers who typically grant worldwide coverage under their policies must recognize that the risks faced are not exclusive to the U.S. or our Canadian cousins. The risks are global in nature and policyholders and insurers alike need to stay current with what’s happening outside our cocoon of the Western Hemisphere.
I am certain every reader is aware of the socio-political dispute whereby Google has threatened to withdraw from China amid claims that the Chinese government has hacked into Google’s and other third-parties’ databases, spied on Google email accounts, and tightened blocks on tens of thousands of internet sites, including Facebook, Twitter and YouTube. U.S. Secretary of State Hillary Clinton has spoken on the subject, advocating that companies such as Google refuse to support “politically motivated censorship.” Secretary Clinton also accused China, Tunisia and Uzbekistan of boosting censorship and called on Beijing to investigate the recent cyber attacks on Google and others. (On a side note, just last week, Europe’s principal security and human rights watchdog accused Turkey of blocking 3700 internet sites for “arbitrary and political reasons.”).
With the report of another data security-related lawsuit involving online banking (another 2009 lawsuit referenced here involved an alleged loss of over $500,000), and a recent victory for a plaintiff on a summary judgment motion in a similar online banking data security breach case, the question arises whether online banking breaches will yield some substantive case law on the issue of “reasonable” security procedures as a matter of law.
Ironically, this question may be answered by reference to a 20 year old model code (UCC 4A) originally drafted to address technological advances from that era. This post explores two complaints recently filed against banks for online banking (Patco Construction Co. v. People’s United Bank (“PATCO”) and JM Test Systems, Inc. v. Capital One Bank (“JMT”)) and a court’s ruling on a motion for summary judgment in similar lawsuit (Shames-Yeakel v. Citizens Bank Memo and Memo Order on Motion for Summary Judgment – “Shames-Yeakel” case). In short, since the Shames-Yeakel case proceeded past the “damages” pleading phase, it (and possibly these other online breach suits) reveals how some courts view security “standards” and approach the question of whether a company has achieved “reasonable security.” I also believe they demonstrate the difficulty defendants face if they have to defend their security measures in a litigation context after a security breach.
Let us say, speaking hypothetically, that a grossly negligent individual (who, since we are speaking hypothetically, is named…”Mr. X”) has accidentally uninstalled my favorite computer game, “Sid Meyers Civilization IV” (for which, by the way, I paid good money and patiently waited three whole hypothetical hours to legally download onto my computer).
Let us further hypothesize that I was twelve hours into a very successful game which has now gone the way of the passenger pigeon. Is the loss of my computer software considered “damage to property” for the purpose of a negligence action, or is it just a form of pure economic loss? “Of course it’s property damage!” I thought to myself, “and a most egregious form at that!”
Yet, in law, as in life, few things are certain. I was compelled to learn more, and so I conducted a brief review of the case law from Canada, the United States and Australia to satisfy my curiosity. What I have learned is that, notwithstanding that we live in the age of the internet, it is far from clear whether we can sue for the loss of electronic data in a negligence action.
It is axiomatic that it is much easier to find almost any information in the age of the Internet, thanks to the vast quantity of material that has been scanned and made available, and which is searchable through the likes of Google.
What is of concern, but only occasionally mentioned, is what we have lost.
The original manuscript of Charles Dickens’s Christmas Carol has recently been exhibited. The manuscript is covered in edits made in the great author’s own handwriting that give us insights into the way in which he worked and thought. We can look at early works like this by any number of famous authors: Mark Twain, Conan Doyle, Jane Austen. But what author, writing today, keeps earlier drafts? They go into electronic limbo, get deleted and lost forever. Will anyone in a hundred years be able to examine Ian McEwan’s work the way we can that of Dickens?
Take another example. I have just read a collected edition of letters written to T.E. Lawrence (Lawrence of Arabia); by the likes of Winston Churchill, Ezra Pound and George Bernard Shaw. These letters provide wonderful insights into Lawrence’s character and thinking on a variety of issues, as well as fascinating revelations about the process of writing his great book, Seven Pillars of Wisdom. Flash forward eighty years. Would these letters have been written in the Internet age? Or would the correspondence have been sent via email? If so, would it still exist? Probably not. To the world’s great loss.
Because of the Internet, much of the process of human creativity is gone forever. If there is an answer to this, I have not seen it discussed. And what of human creativity itself? The Internet, and the forms of entertainment available via it, can be far more absorbing and consuming than television ever was. People have died while gaming, unable to tear themselves away from their computers to eat, drink or sleep. But how much is lost to the time people now spend lost in the World of Warcraft and its ilk, let alone IM-ing, downloading videos from Youtube and blogging the mind-numbingly boring minutiae of their daily lives. Time that would once have been spent writing, painting, learning a musical instrument or a language? A serious concern? Or am I echoing the cry of my parents who once told me that I would get square eyes if I spent too much time in front of the television?
Intuitively, it might appear that loss of information in the internet age is less of a concern with respect to the law. We can now locate and retrieve cases and legislation more easily than at any time in the past. The same goes for government and legislative documents of all kinds. It is a trait of the profession; lawyers and government agencies tend to keep everything. Correspondence, even though compiled electronically, is usually kept, and stored digitally. As well as the end product, everything to do with the process of creating legislation, or conducting litigation, is retained. That said, how secure is this information? Richard Bortnick recently posted an interesting article on cloud computing which discusses the need to be cognizant of data corruption and other risks of electronic data storage.
It is interesting, if quite appalling, to muse, that post the Apocalypse, long-in-the-future archaeologists and anthropologists will write studies and hypothesize about our society based on the treasure troves they uncover of ancient legal documents. Oh, and our blogs and tweets
Emailing. Instant messaging. Texting. On-line gaming. Ten years ago, even five years ago, such words and concepts were alien to the typical luddite. Now, these terms are not just parts of the common parlance; a vast majority of us actually use these resources on a daily basis (in some cases, with our childrens’ guidance and assistance).
Consider, then, the relatively new concept of “cloud computing.” In lay terms, cloud computing is the on-line or internet-based use of a third-party vendors’ or service providers’ off-site (and hopefully secure) servers for data storage and/or management. Hotmail, Facebook, LinkedIn, YouTube and Google all use cloud computing to serve their members, often at no cost. At the same time, there are a growing number of vendors (like Apple) which “host” or “back-up” at-home and business computer systems by storing a consumer’s data or facilitating their use of cost-effective business solutions for a monthly or annual fee. Users typically do not have to incur fixed costs or purchase hardware or even software programs. All they need is access to a computer and the internet. And with that, voila! Cloud computing is just a click away.
Needless to say, the advent of cloud computing has opened up a world of opportunity for entrepreneurial software developers, hardware providers, and data storage companies around the globe. At the same time, it has created new business segments with a keen need for insurance products. Cyber insurance. Tech insurance. Property/All-Risk insurance. Business Interruption insurance. Professional Services/E&O insurance. Fidelity/Crime insurance. And, in some cases, personal injury/advertising injury coverage.
The potential third-party exposures are endless. Consider, for example, the legal (and regulatory) implications (and concomitant need for insurance) when an unauthorized user hacks into a “cloud” database storing personally identifiable or proprietary business information. Or think about the possibility of liability for a software developer or data storage vendor who has a customer that uses the cloud to host viruses or illegal content. Or who simply release information about their clients to marketers, advertisers or other third-parties without considering the impact or legal ramifications of their doing so. And how about power outages or other crises or service interruptions that prevent customers from accessing their accounts or critical business information that may be the key to closing an all-important business deal (resulting in privacy claims, claims of lost income, lost profits and business interruption expense and other alleged third-party injury).
So too, first-party cyber/tech risks are well known in other contexts and would apply with equal force and effect to cloud computing. The threat of service interruptions, data corruption and the like all necessitate the need for insurance.
The bottom line, as always, is that underwriters need to constantly stay ahead of the curve and tailor their products (and marketing strategies) to address the ever-changing landscape of new and innovative technology resources. Today cloud computing. Tomorrow? Ask me tomorrow night….
An article in today’s Independent extols the wonders of a new service from the British Library, British Newspapers 1800-1900, which promises the ability to search the full text of 49 long defunct newspapers, with some two million pages of text.
Although some content is free, everything can be accessed on payment of a relatively modest fee. A quick search on just the free content, though, turned up some wonderful advertisements for the “Carbolic Smoke Ball”. Remember the case from Contracts 101? Carlill v. Carbolic Smoke Ball Co., one of the most significant cases in English law, arose in 1891 and establishes an important precedent in English law. An epidemic of influenza had affected all parts of the British Isles, and the Carbolic Smoke Ball Company offered:
£100 reward will be paid by the Carbolic Smoke Ball Co to any person who contracts the increasing epidemic influenza, colds, or any diseases caused by taking cold, after having used the ball daily for two weeks according to the printed directions supplied with each ball. £1000 is deposited with the Alliance Bank, Regent Street, showing our sincerity in the matter. During the last epidemic of influenza many thousand Carbolic Smoke Balls were sold as preventives against this disease, and in no ascertained case was the disease contracted by those using the Carbolic Smoke Ball.
In an attempt to avoid catching the illness, Ms Carlill bought a Carbolic Smoke Ball as advertised in the Pall Mall Gazette, used it according to instructions and promptly caught influenza. She sued the Carbolic Smoke Ball Company and the lawsuit resulted in substantial changes as to what constituted the terms of a contract. Advertisements would never be the same again!
Running the search “copyright” against the free content turned up this little item, from the Penny Illustrated Paper, of August 23, 1862:
THE NEW LAW ON COPYRIGHT: A week or two ago the new Act was printed to amend the law relating to copyright in works of the Fine Arts and for repressing the commission of fraud in the production and sale. Before the Act was passed, paintings, drawings and photographs, had no copyright; and it is now provided “That copyright in such works shall vest in the author for his life, and for seven years after his death. … A register is to be kept at Stationer’s Hall of all proprietors of copyright in paintings, drawings and photographs. Penalties of £10, with forfeiture of copies made, can be summarily imposed, and the importation of pirated works stopped, under the Customs Acts.”
Mildly amusing and quaint of course, but to someone researching the history of copyright law, the newly available resource from the British Library hugely expands the possibilities for examining social attitudes by reading contemporary articles and editorial commentary. In the period leading up to the passing of this amendment a huge debate raged in the Parliament, which was furiously lobbied by special interests. Sound familiar? Read all about it. Incidentally, don’t expect a search on “cyberlaw” to turn up anything.
Join the forum discussion on this post - (1) Posts
The risk of cyberattacks is real and growing. While many of us theorize and speak in hypotheticals about the possibility of a major and potentially devastating cyberattack (or twenty), those considered most “in the know” are taking these risks seriously. And for good reason.
With the 
Let us say, speaking hypothetically, that a grossly negligent individual (who, since we are speaking hypothetically, is named…”Mr. X”) has accidentally uninstalled my favorite computer game, “Sid Meyers Civilization IV” (for which, by the way, I paid good money and patiently waited three whole hypothetical hours to legally download onto my computer). 
An article in 
