Lessig Prevails on Little Used DMCA Provision, and Fourth Amendment Protection of Cell Phones

Way back in August of 2013, I wrote a blog post documenting a legal dispute between law professor Lawrence Lessig and Liberation Music (https://nicoterablawg.wordpress.com/2013/08/23/dmca-overreach-how-a-little-used-provision-makes-a-big-difference/).  Liberation owned the rights to a song by the band Phoenix called Lisztomania, which Lessig used in a Creative Commons conference.  Recently, Lessig and Liberation settled (http://torrentfreak.com/lawrence-lessig-wins-damages-for-bogus-youtube-takedown-140228/).  The settlement involved Liberation paying an undisclosed amount to the Electronic Frontier Foundation and “fixing” its DMCA takedown policies to account for fair use.

Anyone with knowledge of fair use provisions could have seen this result coming.  As stated in the earlier article, I liked this case for two reasons.  First, it served as an illustration of how fair use operates as an exception to normal copyright protection (it helps when the defendant is a law professor talking about fair use).  Second, it highlighted a little used provision of the DMCA (512(f) specifically) designed to discourage takedowns where the copyright owner knowingly misrepresents either their ownership of the material or the infringing nature of the use.  The previous article covered 512(f) is a lot of detail, so I will only summarize how that provision works here.  Basically, the copyright holder is liable for damages if they knew or should have known that they either did not own the rights to the work at issue or that no infringement occurred.  The difficulty lies in proving that “knowing” standard, since fair use usually involves some rather complicated analysis.  In this case, the educational use of Lisztomania likely met the “knowing” standard.  Defendants invoke 512(f) so rarely that there is very little case law explaining it further.  I actually hoped for a court case simply to provide some case law, but the settlement reminding people at the DMCA does contain a provision that gives wrongful takedown victims some recourse.

Since today’s post is rather short, I figure I’ll also highlight a case to follow going into the upcoming Supreme Court session.  The Supreme Court is going to hear two cases dealing with whether individuals have a reasonable expectation of privacy in the contents of their cell phones after arrest (http://arstechnica.com/tech-policy/2014/01/supreme-court-will-hear-case-on-police-search-of-cell-phones/).  A third case, from the Texas Court of Criminal Appeals, recently held that individual’s do possess a reasonable expectation of privacy in the contents of their cell phones after they have been arrested (http://arstechnica.com/tech-policy/2014/02/texas-appeals-court-says-police-cant-search-your-phone-after-youre-jailed/).  The Texas Court’s majority held that a cell phone was similar to the “papers and effects” that the Fourth Amendment grants people a right of security.  The logic stems from electronic devices containing documents and information that would previously been confined to places already granted Fourth Amendment protection (such as filing cabinets, desks, and folders).  Whether five justices on the Supreme Court accept this argument should be interesting to see.  At any rate, this is a case to follow going forward.

Update (11:00 AM):  It appears that Phoenix, the band whose song is at the heart of the lawsuit, issued a statement supporting the fair use of their music: http://wearephoenix.tumblr.com/post/78111467465/we-support-fair-use-of-our-music-we-were-upset-to#disqus_thread.  The statement includes an embedded YouTube video of Lessig’s lecture as well.

Unintended Consequences: How the Visual Effects Industry Put Copyright to Use

Before I get to the topic at hand, let me first provide a short update.  King, the makers of Candy Crush, opted to withdraw their trademark request for the word candy.  They will still maintain a trademark over the word in Europe, but will not own a trademark over the word in the US.

Today’s entry details an interesting development in the realm of copyright law.  As anyone following the news the past few decades knows, many companies have sent a number of jobs to other countries.  Recently, movie studios began sending visual effects jobs to other countries.  This development resulted in a number of visual effects studios have gone out of business, including a some award winning ones.  As a result, a number of these visual effects artists have sought ways to combat what they view as a “bleeding” of their industry.

The Motion Picture Association of America (MPAA) recently filed a document with the International Trade Commission (ITC) regarding 3D printing.  In the document, the MPAA argued that digital goods should receive the same respect (and protections) as physical goods in international trade.  Some of these visual effects activists noticed the filing, and began arguing that this argument should also apply to post-production work.  This would render post-production work subject to many of the same protections that domestically produced movies receive, as well as Department of Commerce requirements to impose a punitive tax on companies that benefit from foreign subsidies that undercut a domestic industry.

The Pando article linked above does note a number of difficulties.  For one, the visual effects industry has no union and very little organization.  As a result, getting everyone on the same page to present a legal argument could be difficult.  The article also notes the political influence of the MPAA, particularly given their connections in the relevant political agencies (including the ITC).  There are some more basic problems with this argument though.  This argument that the digital versions of physical products deserve equal protection is still just an argument.  The ITC hasn’t adopted this legal argument and there is no indication that their administrative judges will find this argument to be valid. 

There is more to this, particularly given a review of the feasibility study.  It should be interesting to see how this develops in the future.

Short Net Neutrality Update

Today’s post is going to be rather short.  There is one particularly big piece of news today: Comcast’s deal with Netflix allowing for Netflix to have direct access to Comcast’s network (http://gizmodo.com/report-netflix-agrees-to-pay-comcast-for-access-to-bro-1529115565?rev=1393178465&utm_campaign=socialflow_gizmodo_facebook&utm_source=gizmodo_facebook&utm_medium=socialflow).  There’s even some talk that Verizon has a similar deal with Netflix in the works (http://www.cnbc.com/id/101439383).  I’d be remiss to not mention this deal, because this deal makes any future attempts at Net Neutrality unlikely to succeed.

Here is the nature of the deal.  Netflix originally contracted with other companies referred to as backbone providers) to provide the necessary bandwidth for their streaming service to the Internet Service Providers (ISPs, like Comcast and Verizon).  Now, Netflix will pay Comcast to receive direct access to Comcast’s network.

How this affects consumers is an open question (though it’s a fair guess that Netflix’s higher overhead costs will get passed to subscribers).  The FCC’s ability to impose some kind of net neutrality scheme, in contrast, suddenly appears to be much more limited.  The net neutrality debate revolved primarily around the idea of “tiered access”, or charging different entities different prices (often depending on bandwidth usage).  The ISPs argued that higher bandwidth services should pay more due to the expense of providing bandwidth, while net neutrality supporters worry that the practice could become discriminatory (with ISPs favoring certain content that aligns with their business or political interests) or create barriers to entry for new web services (there’s an interesting blog post on Google’s Public Policy blog about this debate: http://googlepublicpolicy.blogspot.com/search/label/Net%20Neutrality?updated-max=2007-08-30T16%3A58%3A00-04%3A00&max-results=20).  The issue, as pointed out in a Washington Post article from yesterday (http://www.washingtonpost.com/blogs/the-switch/wp/2014/02/23/comcasts-deal-with-netflix-makes-network-neutrality-obsolete/) is that Netflix’s deal highly resembles the kinds of tiered pricing arrangements net neutrality regulations were supposed to prevent.  As the article points out, Netflix’s traffic will now arrive through its own pipe.  Other major service providers might seek the same deal, which essentially segregates their traffic from each other.  Previously, the traffic would arrive through one of the backbone providers as one giant chunk of traffic.  It is much easier to determine if everyone is getting the same benefit from that giant chunk of traffic.  It is harder to make that same determination when everyone has their own direct pipe.  Also, as the Post article points out, net neutrality regulations potentially require the FCC to wade into contractual agreements and pricing arrangements.  This could result in some messy regulation.

For what it’s worth, the FCC has proposed new net neutrality regulations (http://news.cnet.com/8301-13578_3-57619113-38/fcc-to-rewrite-net-neutrality-rules/).  So far, FCC Commissioner Tom Wheeler opted against common carrier regulations and will instead have the FCC re-write the Open Internet order.  Whether this new Open Internet Order has any appreciable effect on internet regulation is unclear.

Valve and Cheating, Plus An Update On The NSA Trademark Case

A few months ago, I wrote about a case involving a man making t-shirts parodying the NSA’s seal (https://nicoterablawg.wordpress.com/2013/11/06/security-agency-trademarks-and-fair-use/).  That case involved a graphic artist named Dan McCall making a t-shirt using the NSA’s seal and the NSA claiming trademark protection of that seal.  The NSA recently admitted that McCall was correct.  The shirt did represent a parody and thus received the appropriate First Amendment protection (http://arstechnica.com/tech-policy/2014/02/its-ok-to-parody-the-nsa/).

As many gamers know, there was a big debate that erupted this week over Valve’s use of VAC (Valve Anti-Cheating) services on their Steam software distribution platform.  Some users posted on Reddit that they’d discovered that VAC pulls a great deal of information from the user’s computer.  Namely, the user accused VAC of pulling the computer’s DNS cache entries (http://www.reddit.com/r/GlobalOffensive/comments/1y0kc1/vac_now_reads_all_the_domains_you_have_visited/).  The DNS (Domain Name System), to put it simply, assigns a website a name that the system can read and recognize.  Websites normally possess a number, called an Internet Protocol (IP) address, that operates as the address for a particular website.  Since people generally have trouble remembering long strings of numbers, DNS provides a much easier method of internet navigation.  For example, you can reach Google’s homepage through either http://www.google.com (DNS) or type in Google’s IP (  The user’s computer stores the DNSs of sites the user has visited in the DNS cache.  As a result, Reddit users were accusing Valve’s VAC service of recording every website a user visited.

In response, Valve owner and CEO Gabe Newell posted that, while Steam did possess this capability, they invoked it rarely (http://www.reddit.com/r/gaming/comments/1y70ej/valve_vac_and_trust/).  Newell insisted that they only pulled the DNS cache if the user visited a website known to host for purchase cheating software (for example, a program called an aimbot that allows the user to get a headshot every single time in Counter-Strike).  VAC would check the computer’s server logs for contact with servers known to host cheating software, specifically looking for the software’s attempt to contact its host server.  If VAC discovered such a log entry, the service would then pull the DNS cache in order to verify the use of the cheating software and ban the player.  Newell stated that Valve has banned 570 users through this method.  Newell also stated that this method of tracking cheaters was no longer active, since Valve has to cycle its methods of catching cheaters frequently.

The legal issue here is relatively simple.  Valve can acquire consent to these actions through their terms of service.  The larger issue is whether they should conduct such actions.  Newell’s response stresses, correctly, the fine line that Valve must walk to make such a system work.  If there were no anti-cheating countermeasures in place, users would likely quit using steam out of frustration.  It is no fun to play a game when other users have an unwarranted advantage over others, but a company should maintain some respect for the user’s privacy.  Even better, a degree of openness with customers never hurts.  Newell responded quickly to redditors’ accusations of privacy violations and explained how and why his system pulled DNS cache information.  That acted as a much better method of assuaging firms than better contracting could provide.

Comcast-Time Warner, In Summary

First, I have something of a followup to my sampling article from Wednesday.  De La Soul is giving away their entire catalog today (http://www.okayplayer.com/news/de-la-soul-give-away-entire-catalog-for-free.html).  I felt this was appropriate to mention given the sample heavy nature of De La Soul’s music.  As the linked article (along with this one: http://www.idolator.com/237302/de-la-souls-digital-availability-grounded-by-sample-clearance-delays) indicates, De La Soul’s music is difficult to find in MP3 form.  A lot of the original sample clearance contracts only applied to the original CD release, so any online release requires a new contract with the appropriate parties.  De La Soul’s move to give away their entire catalog (for 24 hours at least) is an inventive way to keep interest in their music alive.

The other big news of the hour is Comcast’s offer to purchase Time Warner Cable for $45.2 billion.  If this merger happens (and there’s absolutely no guarantee that it will), it would provide Comcast with an incredible presence in the market.  Comcast, according to Free Press, would control “would give Comcast control of more than a third of the US pay-TV market and more than half of the US triple-play market for video, voice, and Internet service” (http://www.freepress.net/blog/2014/02/13/comcast-time-warner-cable-disaster).  Comcast stated that they will divest themselves of three million subscribers to bring themselves under that 30 percent threshold.

There really isn’t too much to say that hasn’t already been said.  The deal has a lot of issues, from a competition standpoint in particular.  One of the major worries is that Comcast will have a significant amount of leverage with content providers when negotiating with content providers.  As anyone who remembers CBS’s dispute with Time Warner Cable (http://www.hollywoodreporter.com/news/time-warner-cable-loses-306000-652131) that resulted in blacking out CBS owned channels for many subscribers in New York City, cable companies and content companies periodically clash over fee agreements and pricing.  This issue becomes even stickier when taking into account that Comcast is a content company as well, through their ownership of NBCUniversal.  The merger thus potentially gives Comcast significant leverage over their competition, which raises significant antitrust concerns.  An interesting side note to that concern, though, is that Comcast offered to abide by the recently overturned Open Internet Order as a condition for the FCC approving Comcast’s purchase of NBC.

How the FCC and FTC rule on this merger should be particularly fascinating as it moves forward.  This acquisition invites a great deal of scrutiny and criticism.

For everyone still snowed in, enjoy any time off and stay safe.


Sampling (as Explained Through Frank Ocean and Daft Punk)

Sampling is an interesting practice within the music industry for copyright attorneys.  For those unfamiliar with the practice, sampling involves taking a little snippet of a recording for use in a different song.  This practice is exceedingly common, especially in hip-hop and the various permutations of techno.  Recently, Frank Ocean got in some legal trouble for a sampled used in his song “Super Rich Kids.”  The actual case (found here: http://www.avclub.com/article/frank-ocean-is-being-sued-for-using-a-sample-of-a-107662) is a rather fascinating one.  Ocean used a sample partially claimed by a label called TufAmerica, which owns 3.15 percent of a Mary J. Blige song from which Ocean allegedly sampled.  TufAmerica’s ownership derives from suing over Blige’s sampling of another song (Audio Two’s “Top Billin'”) that sampled from a song TufAmerica owns (The Honey Drippers’ “Impeach the President”).  The fascination partially comes from that long and convoluted ownership chain.

Sampling provides an interesting look into how convoluted copyright can get when trying to keep up with a creative industry’s practice.  Theoretically, even the shortest sample requires the rights holders’ permission to use.  This can get particularly difficult in the case of music sampling, because the sound recording and the song get treated as separate works for copyright purposes.  A different entity can (and often does) own the rights to the sound recording, whereas the original composer often owns the song itself.  If the artist can obtain permission from these owners, then they can use the sample.  It is not uncommon for the owners to charge a licensing fee to use their sample.

Where things get tricky is what happens when a group alters their sample.  There was a video that went viral about a month ago explaining how Daft Punk changed around a sample from “More Spell on You” by Eddie Johns for their famous opening riff  for “One More Time” (here’s a YouTube video explaining the technical aspects of how they did this: https://www.youtube.com/watch?v=9sdtOpE_3aQ).  If you listen to the video, there is one part that becomes apparent very quickly: the riff from “One More Time” bears little resemblance to the original song when all is said and done.  The question becomes how similar either Daft Punk or Frank Ocean’s sample is to the plaintiff’s song.

This issue becomes more important when one considers the substantial similarity standard for copyright infringement, as far as music is concerned: Arnstein v. Porter (1946).  This case involved a plaintiff (named Arnstein) who claimed that Cole Porter infringed on one of their songs.  Substantial similarity has two requirements: 1. access to the original work and 2. a level of similarity that indicates that infringement occurred.  Arnstein adds a few more important wrinkles to this standard, such as stating that access is not required if the similarity between the songs is such that direct infringement is the only viable explanation and stating that the determination must be made from the perspective of non-experts.  The court makes this determination using a number of factors, such as looking for idiosyncrasies or mistakes in the original work and whether they appear in the alleged infringing work (which some people intentionally add, just to easily catch infringers).  Access to the original work is almost a comically easy argument to make at this point.  Even discounting file sharing, there are plenty of legal methods of listening to practically every commercially available song.

This determination isn’t so hard to make when the songs resemble each other to the point of being obvious.  In the case of both Daft Punk and Frank Ocean, the artists made changes to their sample that might make the use of such a sample less obvious to the average listener.  Ocean’s case is a little less convoluted than Daft Punk’s (though Daft Punk acquired permission to use their sample), since Frank Ocean’s drum beat resembles the drum beat from the Audio Two song (I couldn’t find The Honey Drippers’ song when researching this post).  However, the Audio Two song uses a different percussive instrument when compared to Frank Ocean’s song.  The only part the two songs have in common is a similar drum pattern running underneath them.  Daft Punk’s “One More Time” riff takes a few notes from the original Eddie Johns’ song, and distorts them further.  I doubt many people would hear the similarity without help from someone familiar with such sampling techniques.  Sometimes, these determinations remind me of an old comedy bit I saw regarding Pachelbel’s Cannon (found here: https://www.youtube.com/watch?v=JdxkVQy7QLM).  The skit notes that many people copy the chord progression from Pachelbel’s Cannon in various kinds of pop music (including, apparently, the entirety of punk) which makes the comedian joke that the song is stalking him.

How this turns out for Frank Ocean is an open question.  His case merely demonstrates how convoluted ownership of sound recordings can get, as labels go under and sell their assets.  His case also demonstrates how difficult infringement can be when there is some similarity between a sample from his song to a sample from another, and whether that rises to the level of being substantial.  Daft Punk demonstrates a second phenomenon in sampling: how the sample can changed so much that it hardly resembles its original.  It can (and has: http://www.ted.com/talks/lessig_nyed.html) been argued that the law should consider such works original at that point.  Given the prevalence of sampling within two of the dominant genres of music, such a move would make a certain amount of sense.

Policy Update: Credit Card Companies to Phase Out Swipe and Sign Credit Cards

An increased focus on cybersecurity policy was an expected consequences of the high profile breaches at places like Target and Neiman Marcus.  So many people had their credit and identity information leaked that those companies had to do something, even if only to restore consumer confidence in their brand.  One of the first major changes, as reported by the Wall Street Journal, is a decision by Visa and Mastercard to begin phasing out their swipe and sign credit cards (http://blogs.wsj.com/corporate-intelligence/2014/02/06/october-2015-the-end-of-the-swipe-and-sign-credit-card/).

Visa and Mastercard will spend the next year and a half switching over to a new payment system called EMV (here is their website, if you’re interested in the technical aspects of the payment system: http://www.emvco.com/about_emv.aspx).  The card works by replacing the magnetic strip (which contains all the necessary payment information) with a computer chip (containing a microprocessor).  The chip requires power, which the card typically lacks.  The chip therefore only transmits its data when placed within a card reader, which powers up the chip and allows the transaction to proceed.  The user then verifies the transaction with a PIN.

The major advantage of this chip (from a technical standpoint) is that the card manufacturer can encrypt the information contained on the chip.  This means that if a hack like the Target hack occurs again (where the point of service (PoS) devices redirect the payment information to another service before routing to the credit card company), the hackers only have encrypted data.  They would need to decrypt the information before they can use it, so there’s an extra layer of security.

The Wall Street Journal article also mentioned another method that Visa and Mastercard intend to employ to reduce their legal liability during these breaches.  The article mentioned that the two companies intend to push a “liability shift” during the change over.  The idea behind that is to make the entity using the older technology liable for the data breaches.  The examples provided in the article are when merchants consciously maintain the older swipe and sign PoS devices or if a bank fails to issue the new chip and PIN cards.  The actual legal mechanisms aren’t stated, through they likely revolve around service agreements that exist between VISA, the banks, and the merchants.  Placing pressure on the other relevant parties to adopt the chip and PIN system appears to be the major motivating factor in this liability shift, though minimizing legal exposure during the changeover is not an insignificant concern as well.

From a policy standpoint, I think this is a good idea.  The liability shift will probably give some of the attorneys at retailers headaches, but the current credit cards are not particularly safe from a cybersecurity standpoint.  The fact that most of the rest of the world switched over to chip and PIN also means that most of the bugs with these systems should have been sorted out awhile ago.  Let’s just hope the process goes smoothly here.

Domain Names Are Not Property, According to Virginia Court

There was an interesting development in the Eastern District of Virginia.  There was a dispute between two surveying companies over the the assets of Alexandria Surveys International (ASI).  These companies, both located in Alexandria, Virginia, wanted the rights to ASI’s telephone number, web address, and domain.  One of these companies, Alexandria Surverys (Surveys) claimed to receive these items from Cox Communications (an Internet Service Provider in the area) through a special contract.  Another company, Alexandria Consulting Group (ACG), purchased the right to the domain at an estate sale.  When another court ordered ASL to turn over the domain to ACG, Surveys sued claiming that the domain was not a piece of property subject to being part of the bankruptcy estate.

The court made an interesting conclusion.  They held that a company’s interest in its domain is a contractual right, rather than a property right (and not subject to a bankruptcy sale).  The court’s logic for this is fairly straightforward.  The judge cited a Virginia Supreme Court case, Network Solutions v. Umbro, that held that creditors could not garnish debtor’s phone numbers and domain names because “neither one exists separate from its respective service that created it.” (Network Solutions, at 87).  Since that logic applies to domain names when dealing with bankruptcy (domain names do not suddenly become divisible from their provider because of bankruptcy), the court decided that ACG’s acquisition of the domain name through the bankruptcy sale was not valid.

What does this mean?  Well, the major result is that creditors cannot go after domain names as easily as they could before this ruling.  The other potentially interesting result is a potential conflict with California and the Ninth Circuit, which both found domain holders to possess a property right in their domain names (as mentioned in Eric Goldman’s blog).  The ruling also complicates some property based legal actions, like conversion (committing an act inconsistent with the property rights of another).  Placing domain names under contract law, as opposed to property law, also makes service agreements between the entities providing the domain name and the website owner much more important.  Terms involving what happens when breach occurs or bankruptcy become much more important.

Now there’s an important caveat to all of this: this ruling only applies to Virginia.  While the ruling was made in a federal court, the court applied Virginia law and precedent to reach their conclusion.  As a result, the idea that domain names are not property only applies to Virginia entities.  Whether this leads to a circuit conflict later, remains an open question.  That this ruling applies only in Virginia may have some additional unintended consequences, such as businesses choosing to register (or not register) their website in Virginia based on their legal preference.