Digital Britain - will it guarantee access?

The Government proposes to tax fixed phone lines for broadband roll out.  The big question remains for those with "theoretical" broadband access -- the ones who have it but at much less than the advertised rate, or intermittently, or both -- whether there will be a commitment to ensure that there is recourse for such consumers.  Despite the lack of concern from OFCOM about the poor service given by many broadband providers because apparently few complain, there are many out there who are simply resigned to a service which is below the advertised speeds.

Human right to internet access?

Yesterday I went to the CUTEC conference here in Cambridge which provided a forum for encouraging innovation and entrepreneurship. One of the major themes this year was around social responsibility and empowering individuals - big aims for a room of techies and ambitious PhD students.

In particular cloud computing was very much viewed as the way forward and the democratisation of information and accessibility to services - resulting, for example, in the wife of one panelist being able to get real time advice on breast feeding at 4am from other mothers via her iPhone.

In this context I was interested to see that the French courts have refused to uphold a new law allowing officials to cut off the internet connection of persistent online infringers. The Constitutional Court held that only a court could do that - on the basis that access to online services is a human right.

That's the first time I've heard of internet access being referred to as a human right, and I question whether an English court would reach the same view - and clearly on one level it's not in the same league as the rights to life, to freedom of thought and religious beliefs.

But there were many inspirational (as well as aspirational) stories at the CUTEC conference about precisely this issue - that internet and mobile technologies do change lives and communities; that widespread access to and democratisation of services could be the catalyst for social change and improvement in developing nations.

I suspect there's a fundamental tension here between the increasing attempts to regulate the online world (with admitedly varying degrees of success) and the desire to fully exploit its potential and enable people all over the world participate in the online revolution.

One Tough Cookie?

When you visit a website, more often than not, a small text file called a "cookie" is sent to your computer.  Now, what possible use is a cookie without a glass of milk, this Naked Lawyer asks?

 

Well, the purpose of a cookie is to store data.  For example, if you log onto a website and give details such as your name and e-mail address, the cookie will maintain your log-in details so that you do not have to log back in the next time you visit the site.  A shrewd advertising tactic? Yes. An invasion of privacy?  Potentially.

 

Cookies are currently regulated by the 2002 European Communities Directive on Privacy and Electronic Communications.  Under the Directive, provided website users are given “clear and comprehensive information” about the purposes of cookies and are given the opportunity to refuse to have cookies stored on their equipment, cookies can be used for activities such as advertising, analysing website effectiveness and identifying online purchasers.  Currently website owners comply with this requirement by putting information about cookies in a privacy policy and then adding a link to the policy to every page of their website.

 

Now proposed amendments to the law on cookies suggests that users may have to give prior consent in order to allow cookies.  (This is subject to an exemption if the cookies are “strictly necessary” i.e. they enable a specific service explicitly requested by the user.)  At this stage it is completely unclear what prior consent under the new proposals will mean in practical terms.  A website owner could perhaps consider the following pop-up message on entry to their site: "click here for a cookie (non chocolate chip variety)".  However, a pop-up message is arguably very cumbersome and not least rather off-putting to passing website traffic.  This Naked Lawyer awaits the developments...

Virtual friend fires employee

Here's a story for those that were interested to read that making a comment such as "ma job it pointLESS" on Facebook might lead to dismissal.

It's a salutary tale from Switzerland, that epitome of neutrality, about a woman who lost her job after her employers noted she was using Facebook whilst allegedly suffering from a migraine.

The woman admitted to accessing Facebook from her iPhone whilst lying in bed, but complained that Nationale Suisse had created a fictitious Facebook persona in order to become her "friend" and that the company had spied on her once she accepted this virtual friend. Whilst this begs the question as to why the woman accepted the Facebook friendship of a complete stranger, the story does highlight the potentially dire consequences of using communication networks at inappropriate times or in inappropriate ways. See the BBC's report here.

Whilst the government has decided not to set up a single centralised database, it does intend to ask internet service providers and mobile phone networks, amongst others, to extend the range of information they currently hold on their subscribers and to organise it in a manner that is more easily used by the police, MI5 and other public bodies investigating crime and terrorism. So, for those thinking along Orwellian lines, it is more "Surveillance Siblings" than "Big Brother".

The consultation period runs until 20 July 2009. Legislation to ensure that all data that public authorities might need, including third party data, is collected and retained by communications service providers may follow.

Those employed in the private sector should note that, under the current proposals, only the collecting communications firm and certain public authorities would have access to the information collected; to monitor an employee's Facebook usage, companies such as National Suisse will still need to create friendly fictitious Facebook personae and become virtual friends with their staff.

The story caught this Naked Lawyer's eye because it almost ties in with the announcement

on 27 April that the UK government wishes to have more information about communications, including visits to online chatrooms and social network sites such as Facebook, collected by communications firms for use by UK security services. The consultation document is called "Protecting the Public in a Changing Communications Environment".

Cyber-squatting on the rise

A recent survey by brand protection firm MarkMonitor reported that the number of cyber-squatting incidents rose by 18% in 2008 to a whopping 1,722,133. 

It came as no surprise then when WIPO reported on 16 March that it had received a record number of complaints under its dispute resolution procedure in relation to domain names registered in bad faith during 2008. 2,329 people or companies reported instances of cyber-squatting, including Arsenal Football Club, Google, Nestle and Scarlett Johansson.

The most popular targets are successful brands and the most popular motive for cyber-squatting is to make money. But please do not admire the entrepreneurial spirit of cyber-squatters, as more often than not they infringe intellectual property rights by "passing off" (that is, they misrepresent that their site is in some way linked to, or endorsed by, the target brand owner).

Furthermore, some cyber-squatters also infringe registered trade marks (for example, Research in Motion's trade mark for 'Blackberry' has been referenced on a cyber-squatter's web site). The thinking seems to be that the more blatant the infringement, the more likely the brand owner is to cough up cash for the cyber-squatter's domain name.

Normally, brand owners would set their lawyers onto the cyber-squatters, with letters before action being sent threatening litigation unless the cyber-squatter ceases to infringe the brand owner's trade mark rights. However, cyber-squatters have become masters of disguise, using identity shields to mask their identities from the WHOIS searcher, which means that it is hard to identify where and to whom letters before action should be sent. This fact, along with the other benefits of resolving a domain name ownership dispute by dispute resolution, explains why brand owners are using the domain name dispute resolution routes such as the UDRP instead of bringing court proceedings against the infringer.

To combat the rise in cyber-squatting, WIPO is proposing to introduce a paperless dispute resolution procedure for .com, .net and .org domains, as well as a number of more recently introduced domains such as .aero, .asia, .biz, .cat, .coop, .info, .jobs, .mobi, .museum, .name and .travel (the eUDRP).  Nominet already uses its own paperless dispute resolution procedure. 

Google vs PRS - and pebbles on a beach

This Naked Lawyer is distressed to read that YouTube is to be stripped of music videos in the UK.  Everyone is up in arms: the public (check out some of the comments on the Guardian article) and journalists (including those at Radio 1, who say "it's a lose lose situation").  Google (owners of YouTube) blame the Performing Rights Society, following the breakdown of negotiations:

"PRS is now asking us to pay many, many times more for our licence than before. The costs are simply prohibitive for us - under PRS's proposed terms we would lose significant amounts of money with every playback."

Guess who the PRS blames?

"[We are] outraged on behalf of consumers and songwriters that Google has chosen to close down access to music videos on YouTube in the UK ... [Google wants] to pay significantly less than at present to the writers of the music on which their service relies."

It is disappointing that the battle for supremacy in the digital era between content owners (represented by the PRS) and content distributors (like Google) is being played out quite so publicly and so much to the detriment of users (and presumably artists, who won't receive anything from YouTube plays if no deal is reached with the PRS).  I am sure that there is a bit of posturing here and a deal will be done eventually - but in the meantime we all lose out.

I (hazily) remember a provocative presentation by Alexander Carter-Silk at the SCL conference last year in which he said that "content is no longer king" and talked about content as "pebbles on the beach":

"the content owner must de-facto control the means of replication and/or distribution to retain value in the copyright work ... if the creative work is a pebble on the beach no amount of legislation will make the pebble valuable".

I am particularly concerned about the likely detriment to the progress I was making in learning the open chords of the Kings of Convenience's back catalogue.  Know-how and Misread (and perhaps Paul Weller's Broken stones) might need to wait until Google and the PRS have finished squabbling.

What flavour of SAAS would you like?

Unsurprisingly, we have been drafting and reviewing a spate of agreements for the provision of "software as a service" recently.  Plenty has been written elsewhere about the increasing trend for software to be hosted by suppliers and delivered to customers "as a service" (see for example some of the predictions made through the SCL this year).

While reviewing the latest agreement designed to govern the provision of SAAS that has hit my desk, it occurred to me that I will again be discussing the distinction between a "hosted software" agreement (which essentially combines the features of a software licence with a hosting agreement) and a "software services" agreement (under which the supplier provides specified services using certain software).  And the flavour of SAAS does make a big difference.

I am currently looking at an example of the former - so, for example, the specification/performance warranty is time-limited (to 90 days); if the customer uses the "service" after this time and it does not perform in accordance with the spec, there is no claim against the supplier (though there might be through the support services/helpdesk).  This is quite different from a services agreement where the services happen to be delivered through software.  In this case, a customer might reasonably expect the services to perform in accordance with the spec whenever they are requested.

Though this might seem like a niggly lawyers' point, it does mark a notable difference that may not always be picked up by customers.  Quite reasonably, customers not familiar with software contracts and the basis for the time-limited warranty might assume that the services will continue to perform as promised whenever the services are accessed.  In other words, some customers think they are buying "software services" when they are actually buying a right to access "hosted software".  Also quite reasonably, software suppliers will argue that unless they are to make unpopuler charging increases, they should not have an additional exposure in relation to the use of their software simply because it happens to be hosted by them instead of installed on a customer's system.

Savvy customers will have to get used to taste-testing their SAAS before they buy.

An attack on rights, or a necessity?

New law being implemented in March as part of an EC Directive, will require internet service providers (ISPs) to keep information about every e-mail sent or received by every person in the UK for a period 12 months.

 

Under the Regulation of Investigatory Powers Act passed in 2000 and the Anti-Terrorism Crime and Security Act 2001 (Part 11), companies like Telcos and some ISPs are already under an obligation to keep this information in case it is needed by a police or security service investigation.  The existing European Data Retention Directive also seeks to ensure that investigators have access to this information for the purpose of police investigation, as they do under UK law, but does not call for centralised, government-run databases as is predicted will evolve from the new e-mail laws.

Under the new provisions, details of which can be found in the Consultation pubslished in August 2008, not only will ISPs collate data from an estimate of three billion emails per day, but they will also be paid between £25 and £70 million to ensure that they obey the law.  Critics argue that spending billions to keep tabs on someone on the off chance that they may be a criminal is not a productive use of tax payer’s money.  It is interesting to note that although the data is said by the Home Office to be useful to combating crime, only the timing, number and location of each communication are kept; the content is not stored.  Although privacy laws would have something to say about it, what is the use or storing the emails for combatting crime if the content is not stored?  Is there in reality another purpose behind the measures?

 

To further exacerbate criticism, although on paper the new law will apply to all ISPs, the Home Office is apparently planning for small ISPs to be exempt.  But what happens when our criminal friend doesn’t get caught as he’s using a small ISP, after the government has spent billions in attempting to catch him?

Web campaign takes on MPs

An interesting story is brewing in the world of e-government, with its denouement expected tomorrow.  You may be familiar with websites such as TheyWorkForYou, which aim to improve transparency and accountability in Government by publishing information about the way MPs vote, what they are saying in Parliament, and how they spend public money.  These websites rely on public access to this information under the Freedom of Information Act.

This week, MPs are voting on whether to make a legislative change to withdraw access under the Act to information on their expenses payments.  MySociety (the charity behind TheyWorkForYou) is running a campaign to voice objections to the move (read more here); the UK Freedom of Information Blog is also running the story; and The Times and The Guardian have picked up on it too.  As The Times says, the change in law would:

"exempt [MPs] ... from parts of the Freedom of Information Act, meaning that they will never again be forced to publish receipts for their claims .... This would make MPs the only public sector employees with special privileges to protect them from disclosing their expenses."

The proposed changes to the law are surprising, would restrict the ability of e-government websites to analyse the actions of MPs and it is difficult to see how they will improve public confidence in Parliament.  It will be interesting to see whether the increasingly widespread criticism of the move has any effect on the result of the vote, pitting as it does contemporary e-campaigning (eg the lobbying of MPs through WriteToThem and mySociety's Facebook campaign) against traditional party politics.

Flower wars

Interflora is at war with Marks & Spencer and Flowers Direct for allegedly infringing its trade mark name. Interflora is claiming that M&S sponsored the word “Interflora” as a keyword in Google’s AdWords programme and is now suing them in the High Court in London. When users searched for Interflora and related misspelt names, the rival company claims that M&S and Flowers Direct appeared as sponsored links beside the official search results.

In May 2008, Google altered its terms and conditions so that almost any word is available for sponsorship, although the text of the adverts that the keywords trigger is still controlled so that the trade marked term is not used.

Interflora is claiming that its competitors gained an unfair advantage by riding upon the fame of its trade marks. While M&S are surprised by the action, arguing that it is industry wide practice to do this and is not unlawful, the decision that the UK court may come to is uncertain. The dispute could set a precedent as to how UK trade mark laws will apply to keyword advertising in the future and may change the way that companies advertise on the internet.

It will be interesting to see whether the Court takes the view that M&S and Flowers Direct should be held liable for any possible infringement of Interflora’s trade mark, or whether in fact Google should be held responsible for allowing it. For the time being it appears that M&S and Flowers Direct have both removed the sponsored links from Google.

A decision not in Interflora's favour would arguably not sit well in the context of the rest of trade mark law given that the use of a third party's registered trade mark without their consent in other scenarios would be trade mark infringement. Furthermore, such a decision could impact on the value of having a registered trade mark at all for use on the internet if proprietors must then go on to pay large amounts of money to outbid competitors to stop advertising alongside themselves on internet searches.