Category: University of Washington School of Law

New Copyright Rules Protect Filmmakers, Artists and Students

WASHINGTON — The Library of Congress today added five new exemptions to the Digital Millennium Copyright Act (DMCA) to protect consumers who modify their cell phones, artists who remix videos, documentary filmmakers, and students. The exemptions lift the prohibition in 17 U.S.C. section 1201(a)(1) against circumvention of technological measures that control access to copyrighted works.

DMCA is a US copyright law that criminalizes attempts to bypass digital copyrights. The 1998 Act is revisited every three years, with new exceptions added based on changing technology. These landmark exceptions were carved out for  consumers who modify their cell phones, artists who remix videos, documentary filmmakers, and students who, until now, could have been liable for non-infringing or fair use.

The immediate effect of these key new exemptions is to permit: (1) jailbreaking cell phones (2) college professors, students, and documentary filmmakers to circumvent DVD copyright protection for “criticism or comment” (3) breaking e-book protection to enable text to speech and (4) breaking video game protection for testing. The exemptions also define obsolete computer software more clearly.

The headline-grabbing change is the legalization of jailbreaking, or the process by which cell-phone users can modify their software to bypass copyright protection and customize their phones. Users can now legally break copyright protection to execute software applications if circumvention is solely for enabling interoperability. One significant effect is that cell-phone users will be able to unlock their phones to make them compatible with different wireless networks.

The new exemption will stifle Apple’s efforts to shut down so-called “jailbreak” sites that offer alternative software and customization for the popular i-Phone. Apple had fought hard to argue jailbreaking violated copyright law. But the Copyright Office rejected Apple’s claim that copyright law prevents installing unapproved programs on iPhones: “When one jailbreaks a smartphone in order to make the operating system on that phone interoperable with an independently created application that has not been approved by the maker of the smartphone or the maker of its operating system, the modifications that are made purely for the purpose of such interoperability are fair uses.”

Apple could still potentially ban jailbreaking indirectly by add new conditions to its user agreement.  But those agreements, governed by contract, would force Apple to sue its own customers to recover any actual damages. Meanwhile, unofficial “app” stores like Cydia and RockYourPhone are poised to grown in popularity as a result of the new exemptions.

Another important change is that college professors, students, documentary filmmakers, and those making noncommercial videos are now able to circumvent copyright protection on DVDs “in order to accomplish the incorporation of short portions of motion pictures into new works for the purpose of criticism or comment, and where the person engaging in circumvention believes and has reasonable grounds for believing that circumvention is necessary . . .” The exemption, which previously only applied to professors, has now been expanded to include students and filmmakers. The new rules will also likely protect video remix artists who rework commercial videos on websites like YouTube. These artists will no longer violate the DMCA when they use short clips from DVDs to create new, noncommercial works for purposes of criticism or comment. The exemption rejects Hollywood’s longstanding argument that “ripping” DVDs always violates the DMCA.

The user may take only a “short portion” of the original work for purposes of criticism and commentary, and the user must reasonably believe it is necessary to break the digital rights management. The exemptions doe not apply to K-12 educators and students who aren’t in film and media studies classes. The bottom line, however, is that it is clearly fair use to use short portions of a movie for purposes of criticism or comment in a noncommercial video.

Another new exception to the DMCA allows users to break copyright protection on e-books in order to enable text-to-speech functionality. Text-to-speech functionality of the Kindle was an issue with the Authors Guild who felt it took away from potential audio book sales. The exemption does not apply if a publisher offers an option for an audio version. Nevertheless the exception is a significant victim for individuals with visual impairment and other disabilities.

The last new exemptions allows breaking copyright protection on video games “when circumvention is accomplished solely for the purpose of good faith testing, for investigating or correcting security flaws or vulnerabilities.” This addition was added specifically to advance research in the area of SecuROM and SafeDisc.

Fourth Circuit Holds It Unconstitutional for Virginia to Ban Posting Publicly-Available Social Security Numbers to Internet

RICHMOND–Betty Ostergren is allowed to post personal information, including Social Security Numbers, on her website The Virginia Watchdog because the personal data is already publicly-available through government websites and unredacted court records, the Fourth Circuit today ruled.

The state attorney general had tried to prosecute Ostergren for violating a state law barring intentional communication of another’s Social Security Number. But the Fourth Circuit in Ostergren v. Cuccinelli, No. 09-1723, 09-1796 (9th Cir. July, 26, 2010) held there is a first amendment right to post social security numbers and other information made available on public, government-run websites. The Court overturned the trial court’s permanent injunction against the prosecution because the lower court did not provide enough relief for Ostergren, a privacy advocate who began posting Social Security Numbers of public officials in an effort to prod her state Legislature to crack down on the use and public posting of personal records online and with clerks of court.

The trial court criticized the state for prosecuting Ostergren when the state itself had failed to redact Social Security Numbers from its own records. The Court of Appeals held that while Virginia had “a statement interest of the highest order” in protecting individual privacy, the state’s prosecution of Ostergren was not narrowly tailored in support of that interest “when Virginia makes those same records available through a secure remote access without having redacted SSNs.” Therefore the state statute was unconstitutional as applied to Ostegren.

Moreover the trial court’s grant of injunctive relief was too limited because it failed to protect Ostergren’s right to also republish publicly available SSNs of private individuals and public officials from states other than Virginia: “Ostergren’s constitutional right to publish Virginia land records containing unredacted SSNs does not depend on the political status of people whose SSNs are compromised.” The appeals court reversed the trial court’s injunction and remanded the case for issuance of a new permanent injunction in light of its findings. Freedom to Tinker has an excellent discussion of the decision.

For an interesting counter-argument, University of Washington School of Law Professor Peter A. Winn has an interesting article on judicial information management. Winn argues that restoring a balance between legitimate privacy and publicity interests does not require replacing established common law standards, but will require adoption of new legal procedures, better use of information technologies, more careful training of judges and lawyers, and supplementing the common law adversarial system of information management with an administrative model.

Federal Court: Copyright Law Might Protect Stock Market Indices

NEW YORK–Yesterday the U.S. District Court for the Southern District of New York ruled that copyright law may protect indices that measure rates and performance in U.S. banking and mortgage markets.

BanxQuote compiled select banking, mortgage, and loan data and then licensed this information to allow Capitol One to measure performance of various U.S. markets. Capitol One then entered into an agreement with Costco Wholesale Corp. to provide a co-branded banking services with high yield savings accounts and CD accounts. BanxQuote alleged Capitol One breached the licensing agreement by redistributing the BanxQuote indices to Costco.

BanxQuote alleged copyright infringement, violation of the DMCA, misappropriation of the time-sensitive data, fraud, breach of contract, unfair competition, and unjust enrichment. Costco and Capitol One responded with a motion to dismiss all claims by arguing the raw data in BanxQuote’s indices were facts and therefore not protected by copyright law. BanxQuote argued it had a copyright in the final values and calculations, because such final values are not facts.

First the court pointed out the problems with obtaining copyright protection for financial market indices. Plaintiff could not seek copyright protection for raw data about interest rates because such data would fail to meet requisite originality requirements under copyright law. Second, the rates paid by investors on negotiable certificates of deposit and high yield savings were objective facts about the banking market, also lacking requisite elements of originality. Third, the information was not protectable even when compiling the data was expensive and time-consuming. Evidence that the indices were authoritative also undercut BankQuote’s case because it suggested the indices had achieved industry-wide acceptance.

The remaining question was whether BanxQuote had pled sufficient facts to allege originality in the method of converting this raw data into final values. BanxQuote argued its method for creating the indices involved complex proprietary algorithm. But the court emphasized the issue was originality, not difficulty of deriving the data. It was relevant that BanxQuate independently developed its methodology for deriving the indicies. But that independence was not sufficient to establish originality because purely objective methodologies could be developed independently.

The court also ruled copyright protection was not barred by the merger doctrine—which ensures that expression is not protected in those instances where there is only one or so few ways of expressing an idea that protection of the expression would effectively accord protection to the idea itself. It is plausible the BanxQuote Indices were sufficiently subjective that a wide range of potential final values would be possible. Thus, the court denied Costco’s motion to dismiss the copyright infringement claims.

The decision to deny Costco’s motion to dismiss copyright infringement claims, written by Judge Kenneth M. Karas, is BanxCorp d/b/a BanxQuote v. Costco Wholesale Corp., S.D.N.Y., No. 09-cv-1783 (July, 13, 2010).

FTC Settles First Privacy Case Against Social-Networking Site

WASHINGTON–The Federal Trade Commission today announced Twitter settled charges of deceiving consumers and putting privacy at risk by failing to safeguard personal information, an announcement that marks the agency’s first such case against a social networking service.

Twitter has operated since July 2006. The social networking website allows users to send brief 140-character updates to those who sign up to receive such messages. FTC charged Twitter with violating FTC Act §5 after intruders obtained unauthorized administrative control of the Twitter system to send unauthorized messages from accounts including one message, purportedly from Barack Obama, that offered more than 150,000 followers a chance to win $500 in free gasoline for filling out a survey. Unauthorized messages also were sent from eight other accounts, including Fox News.

FTC’s pursuit of Twitter signals the agency may be expanding the scope of its enforcement actions to include more than just identity theft and theft of personal financial data. The proposed consent order prohibits Twitter from misrepresenting the security, privacy, confidentiality, or integrity of any “nonpublic consumer information.” The proposed order would also require Twitter to establish and maintain a comprehensive information security program in writing.

The FTC would also require this security program “to contain administrative, technical, and physical safeguards appropriate to Twitter’s size and complexity, the nature and scope of its activities, and the sensitivity of the nonpublic consumer information.” This would include recordkeeping requirements to enable the commission to monitor compliance over the 20-year life of the order. The commission vote to accept the proposed consent order was 5-0.

The case is In re Twitter, Inc., FTC File No. 092 3093 (June 24, 2010).

States, Feds Probe Google’s Unauthorized Wi-Fi Tracking

HARTFORD–Thirty state attorneys general have launched an investigation into Google’s practices of gathering Wi-Fi “payload” data. “My office will lead a multistate investigation — expected to involve a significant number of states — into Google’s deeply disturbing invasion of personal privacy,” Connecticut Attorney General Richard Blumenthal said.

In May Google started getting sued around the country over its practice of collecting Wi-Fi data from potentially millions of people as the company photographed streets for Google maps.  In May, the House Energy Committee launched an inquiry into Google’s practice of gathering Wi-Fi data. The Electronic Privacy Foundation also wrote a letter to the FCC calling for a full investigation of the matter.

In June, the FCC said Google had clearly infringed on consumer privacy: “Whether intentional or not, collecting information sent over WiFi networks clearly infringes on consumer privacy.” On June 9 Google responded to the Congressional probe by stating that “being lawful and doing the right thing are two separate things.”

Blumenthal’s inquiry seeks records from Google including:

  • Copies of the company’s internal procedures and protocols for Street View cars and data collected by them;
  • What steps Google has taken to keep unauthorized code out of its products in the future;
  • Whether Google conducted internal or external audits, analysis or performance reviews of its Street View program and data collected;
  • How and when Google learned that its Street View cars were capturing data sent over unencrypted networks;
  • Why Google Street View cars recorded the signal strength and quality of personal and business wireless networks.