Articles by mjlst

Apple Inc. Under Continued Scrutiny After iPhone Throttling Admission

MJLST Staffer, Alex Eschenroeder

While innovative tech companies typically receive widespread attention for increasing the speed and performance of a given device, Apple Inc. has received attention in the past few weeks for exactly the opposite reason. Apple’s actions have caught the attention of consumers and consumer advocates around the world, and recently, they have caught the attention of the US Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) as well.

 

The action at issue is Apple’s intentional throttling, or slowing down, of iPhone performance. Apple apologized for its intentional throttling on December 28, 2017, in reaction to building pressure from “users and tech analysts” who noticed iPhone slowdowns. In its apology message, Apple focused on the risk of unexpected phone shutdowns resulting from the fact that “[a] chemically aged battery also becomes less capable of delivering peak energy loads, especially in a low state of charge.” Apple asserted that it addressed this risk by delivering an iOS (iPhone operating system) update that “dynamically manages the maximum performance of some system components when needed to prevent a shutdown.” In addition to providing its explanation behind the throttling in its message, Apple announced a fifty dollar discount for iPhone battery replacements. However, replacement availability has been limited, and the discount has not stopped investigations and inquiries from multiple parties.

 

Shortly after Apple’s admission, consumer and watchdog groups in France, Italy, and China, submitted questions to Apple. The French consumer group, “Stop Programmed Obsolescence,” filed a complaint in December alleging “that Apple pressures customers to buy new phones by timing the release of new models with operating system upgrades that cause older ones to perform less well.” This complaint sparked an investigation by the Paris prosecutor’s office. Another source of questioning has been from within the US Senate, as South Dakota Senator John Thune wrote a letter to Apple CEO Tim Cook that “pressed Apple for answers to a series of questions about how the company decided to throttle back iPhone processing performance in phones with older batteries.”

 

In addition to these sources of pressure, the latest major development is that the SEC and DOJ have initiated their own probes. Both the SEC and the DOJ declined to comment about their investigations. Further, “Apple acknowledged in a statement that it is responding to questions from some government agencies, though it declined to disclose which agencies or any details regarding the questions.” Thus, very little is known at this point about the substance of the investigations. Current speculation includes that, in this type of case, “the SEC could try to fault a public company for failing to make timely disclosures about material information that would affect the stock price.”

 

While a more superficial investigation is possible, it would likely leave critical questions unaddressed. Some questions I would like to vent to Apple are as follows: If Apple’s battery issues cause peak energy load delivery problems primarily in a low state of charge, why does the dynamic management system coded into iOS slow down app launch times even at or near full charge? If the iOS update manages max performance of system components when needed to prevent a shutdown, does that mean a phone that takes longer to launch any given app on any given launch is constantly at risk for shutting down? What would it mean when Apple releases code to deactivate throttling and an iPhone with previously slow app launch times doesn’t turn off immediately? How many other devices does Apple throttling apply to, and when might Apple admit to them? Looking at you, Apple Watch.

 

These questions are not expertly devised, but they represent a reality that Apple will have to grapple with in the coming months: when so many people use your product frequently, there are mountains of user experiences that could be referenced to throw any “explanation” into question. These experiences may help to debunk any likely stories that vary significantly from the truth.


E-Threat: Imminent Danger in the Information Age

MJLST Staffer, Jacob Weindling

 

One of the basic guarantees of the First Amendment is the right to free speech. This right protects the individual from restrictions on speech by the government, but is often invoked as a rhetorical weapon against private individuals or organizations declining to publish another’s words. On the internet, these organizations include some of the most popular discussion platforms in the U.S. including Facebook, Reddit, Yahoo, and Twitter. A key feature of these organizations is their lack of government control. As recenty as 2017, the Supreme Court has identified First Amendment grounds for overturning prohibitions on social media access. Indeed, one of the only major government prohibitions on speech currently in force is the ban on child pornography. Violent rhetoric, meanwhile, continues to fall under the Constitutional protections identified by the Court.

Historically, the Supreme Court has taken a nuanced view of violent speech as it relates to the First Amendment. The Court held in Brandenburg v. Ohio that “the constitutional guarantees of free speech and free press do not permit a State to forbid or proscribe advocacy of the use of force or of law violation except where such advocacy is directed to inciting or producing imminent lawless action and is likely to incite or produce such action.” Contrast this with discussion of a moral responsibility to resort to violence, which the Supreme Court has held to be distinct from preparing a group for imminent violent acts.

With the rise and maturation of the internet, public discourse has entered a new and relatively unchartered territory that the Supreme Court would have been hard-pressed to anticipate at the time of the Brandenburg and Noto decisions. Where once geography served to isolate Neo-Nazi groups and the Ku Klux Klan into small local chapters, the internet now provides a centralized meeting place for the dissemination and discussion of violent rhetoric. Historically, the Supreme Court concerned itself mightily with the distinction between an imminent call to action and a general discussion of moral imperatives, making clear delineations between the two.

The context of the Brandenburg decision was a pre-information age telecommunications regime. While large amounts of information could be transmitted around the world in relatively short order thanks to development of international commercial air travel, real-time communication was generally limited to telephone conversations between two individuals. An imminent call to action would require substantial real-world logistics, meetings, and preparation, all of which provide significant opportunities for detection and disruption by law enforcement. By comparison, internet forums today provide for near-instant communication between large groups of individuals across the entire world, likely narrowing the window that law enforcement would have to identify and act upon a credible, imminent threat.

At what point does Islamic State recruitment or militant Neo-Nazi organizing on the internet rise to the level of imminent threat? The Supreme Court has not yet decided the issue, many internet businesses have recently begun to take matters into their own hands. Facebook and Youtube have reportedly been more active in policing Islamic State propaganda, while Reddit has taken some steps to remove communities that advocate for rape and violence. Consequently, while the Supreme Court has not yet elected to draw (or redraw) a bright red line in the internet age, many businesses appear to be taking the first steps to draw the line themselves, on their terms.


USPTO Denies Beyoncé’s Attempt to Trademark Her Daughter’s Name … Again

MJLST Staffer, Tiffany Saez

In January 2016, Beyoncé’s trademark holding company, BGK Trademark Holdings, filed an application to register the name of the singer’s first child, “BLUE IVY CARTER,” in 14 different trademark classes, covering everything from fragrances to postcards to online video games. In May 2017, however, a Boston-based event planning firm, also named Blue Ivy, filed a notice of opposition with the US Patent and Trademark Office (USPTO) Trademark Trial and Appeal Board (TTAB) to challenge BGK’s trademark application.

Blue Ivy alleges, among other things that, BGK Trademark Holdings has no bonafide intent to use the BLUE IVY CARTER mark in commerce and that BGK is attempting to commit fraud on the USPTO by registering a trademark which it doesn’t intend on ever using.

Although Blue Ivy’s founder, Veronica Morales, already owns U.S. Trademark Registration No. 4224833, covering the standard character mark BLUE IVY for event planning and management services, Morales’ rights to Blue Ivy does not necessarily prevent Beyoncé from securing trademark rights in or a federal registration for BLUE IVY CARTER for goods or services that are not related to those covered by Morales’ mark. Trademark rights are jurisdictional. That is, the owner of a trademark owns it in the geographic region in which it is in use. Trademarks also do not apply to all goods and services worldwide, and instead apply only to the specific goods or services on which it is being used in commerce. Therefore, Morales does not have rights to the BLUE IVY mark for all goods and services, just event planning services.

The Blue Ivy trademark saga, however, does not mark the first time that a celebrity has tried to trademark a name or phrase.

In the United States, one’s name and likeness is generally protected through doctrines that rise out of common law or statute, such as the right of publicity or privacy. However, there are cases in which celebrities or other public figures might seek to protect their names under trademark in order to protect the financial integrity and use of their personal name in commercial activities. The USPTO’s website also notes that, one who attempts to register a trademark that includes one’s name, portrait, or signature (that could reasonably be perceived as that of a particular living individual) would need written consent from the identified individual in order to register the mark.

There are several types of trademarks (e.g., slogans, words, logos, phrases), but the essential function of a trademark is to exclusively identify the commercial origin of goods and services. The use of personal names can be registered as a trademark if the individual can establish that their name contains “secondary meaning,” also known as “acquired distinctiveness.” Secondary meaning is required when your mark is “descriptive,” but not “inherently distinctive” or “generic.” Secondary meaning is very fact-specific. Whether the mark in question has secondary meaning would therefore hinge on whether it has become closely associated with a particular good or service. Thus, in the Blue Ivy case, one’s personal name can acquire trademark protection if the public at large has identified the name with certain products or services.

Even though proof of secondary meaning is not always required, one’s own celebrity status or public persona is generally not enough to confer trademark protection upon a name. The name itself actually has to be associated with certain goods or services. This requirement may be problematic for those who endorse a particular product or intend on developing their own brand of goods, such as clothing.

It is highly unlikely that the general public has identified and closely associated the name of Beyoncé’s six-year-old daughter with certain goods, such as radio pagers. Yet Beyoncé is seeking trademark to prevent others from exploiting and cashing in on little Blue Ivy’s name.


Airbnb Regulations Spark Controversy, but Have Limited Effect on Super Bowl Market

MJLST Staffer, Sam Louwagie

 

As Super Bowl LII descends upon Minneapolis, many Twin Cities residents are hoping to receive a windfall by renting out their homes to visiting Eagles and Patriots fans. City regulations placed last fall on online short-term rental platforms such as AirBnB, which prompted an outcry from those platforms, do not appear to be having much of an effect on the dramatic surge in supply.

The short-term rental market in Minneapolis has been a renter’s market in the opening days since the Super Bowl matchup was set. There are 5,000 placements in the Twin Cities on AirBnB this week, as compared to 1,000 at this time last year, according to the Star Tribune. The flood of posted housing options has limited prices, as the average listing has cost $240 per night—more than usual, but much less than the thousands of dollars some would-be renters had hoped for. One homeowner told the Star Tribune that she had gotten no interest in her 4,000-square-foot, six-bedroom house just five blocks from U.S. Bank Stadium, and had “cut the price drastically.”

The surge in AirBnB listings comes despite ordinances that went into effect in December in both Minneapolis and St. Paul. The cities joined a growing list of major U.S. cities that are passing regulations aimed at ensuring guest safety and making a small cut of tax revenue from the rentals. Minneapolis’ ordinance requires a short-term renter to apply for a license with the city, which costs $46 annually. St. Paul’s license costs $40 per year. As of mid-December, according to MinnPost, only 18 applications had been submitted in Minneapolis and only 32 in St. Paul. That would suggest that many of the thousands of listings during Super Bowl week are likely unlicensed. The cities both say they will notify renters they are not in compliance before taking any enforcement action, but a violation will cost $500 in Minneapolis and $300 in St. Paul.

The online rental platforms themselves had strongly objected to the passage of the ordinances, which would require Airbnb to apply for a short-term rental platform license. This would bring a $10,000 annual fee in St. Paul and a $5,000 large platform fee in Minneapolis. According to MinnPost, as of mid-December, no platforms had submitted an application and it was “unclear whether they [would] comply.” Airbnb said in a statement that it believes the regulations violate the 1996 federal Communications Decency Act, and that “the ordinance violates the legal rights of Airbnb and its community.”

While the city ordinances created controversy in the legal world, they do not seem to be having a similar effect on the ground in Minneapolis, as Super Bowl guests still have a dramatic surplus of renting options.


Fi-ARRR-E & Fury: Why Even Reading the Pirated Copy of Michael Wolff’s New Book Is Probably Copyright Infringement

By Tim Joyce, MJLST EIC-Emeritus

 

THE SITUATION

Lately I’ve seen several Facebook links to a pirated copy of Fire & Fury: Inside the Trump White House, the juicy Michael Wolff expose documenting the first nine months of the President’s tenure. The book reportedly gives deep, behind-the-scenes perspectives on many of Mr. Trump’s most controversial actions, including firing James Comey and accusing President Obama of wiretapping Trump Tower.

 

It was therefore not surprising when Trump lawyers slapped a cease & desist letter on Wolff and his publisher. While there are probably volumes yet to be written about the merits of those claims (in my humble opinion: “sorry, bros, that’s not how defamation of a public figure works”), this blog post deals with the copyright implications of sharing and reading the pirated copy of the book, and the ethical quandaries it creates. I’ll start with the straightforward part.

 

THE APPLICABLE LAW

First, it should almost go without saying that the person who initially created the PDF copy of the 300+ page book broke the law. (Full disclosure: I did click on the Google link, but only to verify that it was indeed the book and not just a cover page. It was. Even including the page with copyright information!) I’ll briefly connect the dots for any copyright-novices reading along:

 

    • Wolff is the “author” of the book, a “literary work” that constitutes an “original works of authorship fixed in any tangible medium of expression” [see 17 USC 102’].
    • As the author, one of his copyrights is to control … well … copying. The US Code calls that “reproduction” [see 17 USC 106].
    • He also gets exclusive right to “display” the literary work “by means of a film, slide, television image, or any other device or process” [see 17 USC 101]. Basically, he controls display in any medium like, say, via a Google Drive folder.
    • Unauthorized reproduction, display, and/or distribution is called “infringement” [see 17 USC 501]. There are several specific exceptions carved into the copyright code for different types of creative works, uses, audiences, and other situations. But this doesn’t fall into one of those exceptions.

 

  • So, the anonymous infringer has broken the law.

 

  • [It’s not clear, yet, whether this person is also a criminal under 17 USC 506, because I haven’t seen any evidence of fraudulent intent or acting “for purposes of commercial advantage or private financial gain.”]

 

Next, anyone who downloads a copy of the book onto their smartphone or laptop is also an infringer. The same analysis applies as above, only with a different starting point. The underlying material’s copyright is still held by Wolff as the author. Downloading creates a “reproduction,” which is still unauthorized by the copyright owner. Unauthorized exercise of rights held exclusively by the author + no applicable exceptions = infringement.

 

Third, I found myself stuck as to whether I, as a person who had intentionally clicked through into the Google Drive hosting the PDF file, had also technically violated copyright law. Here, I hadn’t downloaded, but merely clicked the link which launched the PDF in a new Chrome tab. The issue I got hung up on was whether that had created a “copy,” that is a “material objects … in which a work is fixed by any method now known or later developed, and from which the work can be perceived, reproduced, or otherwise communicated, either directly or with the aid of a machine or device.” [17 USC 101]

 

Computer reproductions are tricky, in part because US courts lately haven’t exactly given clear guidance on the matter. (Because I was curious — In Europe and the UK, it seems like there’s an exception for temporary virtual copies, but only when incidental to lawful uses.) There’s some debate as to whether it’s infringement if only the computer is reading the file, and for a purpose different than perceiving the artistic expression. (You may remember the Google Books cases…) However, when it’s humans doing the reading, that “purpose of the copying” argument seems to fall by the wayside.

 

Cases like  Cartoon Network v. CSC Holdings have attempted to solve the problem of temporary copies (as when a new browser window opens), but the outcome there (i.e., temporary copies = ok) was based in part on the fact that the streaming service being sued had the right to air the media in question. Their copy-making was merely for the purposes of increasing speed and reducing buffering for their paid subscribers. Here, where the right to distribute the work is decidedly absent, the outcome seems like it should be the opposite. There may be a case out there that deals squarely with this situation, but it’s been awhile since copyright class (yay, graduation!) and I don’t have free access to Westlaw anymore. It’s the best I could do in an afternoon.

 

Of course, an efficient solution here would be to first crack down on the entities and individuals that first make the infringement possible – ISPs and content distributors. The Digital Millennium Copyright Act already gives copyright owners a process to make Facebook take bootleg copies of their stuff down. But that only solves half the problem, in my opinion. We have to reconcile our individual ethics of infringement too.

 

ETHICAL ISSUES, FOR ARTISTS IN PARTICULAR

One of the more troubling aspects of this pirateering that I saw was that the link-shares came from people who make their living in the arts. These are the folks who–rightly, in my opinion–rail against potential “employers” offering “exposure” instead of cold hard cash when they agree to perform. To expect to be paid for your art, while at the same time sharing an illegal copy of someone else’s, is logically inconsistent to me.

 

As a former theater actor and director (read: professional almost-broke person) myself, I can understand the desire to save a few dollars by reading the pirated copy. The economics of making a living performing are tough – often you agree to take certain very-low-paying artistic jobs as loss-leaders toward future jobs. But I have only met a very few of us willing to perform for free, and even fewer who would tolerate rehearsing with the promise of pay only to be stiffed after the performance is done. That’s essentially what’s happening when folks share this bootleg copy of Michael Wolff’s book.

 

I’ve heard some relativistic views on the matter, saying that THIS book containing THIS information is so important NOW, that a little infringement shouldn’t matter. But you could argue that Hamilton, the hit musical about the founding of our nation and government, has equally urgent messages regarding democracy, totalitarianism, individual rights, etc. Should anyone, therefore, be allowed to just walk into the theater and see the show without paying? Should the cast be forced to continue performing even when there is no longer ticket revenue flowing to pay for their efforts? I say that in order to protect justice at all times, we have to protect justice this time.

 

tl;dr

Creating, downloading, and possibly even just viewing the bootleg copy of Michael Wolff’s book linking around Facebook is copyright infringement. We cannot violate this author’s rights now if we expect to have our artistic rights protected tomorrow.

 

Contact Me!

These were just some quick thoughts, and I’m sure there’s more to say on the matter. If you’d like to discuss any copyright issues further, I’m all ears.


Fi-ARRR-E & Fury: Why Even Reading the Pirated Copy of Michael Wolff’s New Book Is Probably Copyright Infringement

By Tim Joyce, MJLST EIC-Emeritus

 

THE SITUATION

Lately I’ve seen several Facebook links to a pirated copy of Fire & Fury: Inside the Trump White House, the juicy Michael Wolff expose documenting the first nine months of the President’s tenure. The book reportedly gives deep, behind-the-scenes perspectives on many of Mr. Trump’s most controversial actions, including firing James Comey and accusing President Obama of wiretapping Trump Tower.

 

It was therefore not surprising when Trump lawyers slapped a cease & desist letter on Wolff and his publisher. While there are probably volumes yet to be written about the merits of those claims (in my humble opinion: “sorry, bros, that’s not how defamation of a public figure works”), this blog post deals with the copyright implications of sharing and reading the pirated copy of the book, and the ethical quandaries it creates. I’ll start with the straightforward part.

 

THE APPLICABLE LAW

First, it should almost go without saying that the person who initially created the PDF copy of the 300+ page book broke the law. (Full disclosure: I did click on the Google link, but only to verify that it was indeed the book and not just a cover page. It was. Even including the page with copyright information!) I’ll briefly connect the dots for any copyright-novices reading along:

 

    • Wolff is the “author” of the book, a “literary work” that constitutes an “original works of authorship fixed in any tangible medium of expression” [see 17 USC 102’].
    • As the author, one of his copyrights is to control … well … copying. The US Code calls that “reproduction” [see 17 USC 106].
    • He also gets exclusive right to “display” the literary work “by means of a film, slide, television image, or any other device or process” [see 17 USC 101]. Basically, he controls display in any medium like, say, via a Google Drive folder.
    • Unauthorized reproduction, display, and/or distribution is called “infringement” [see 17 USC 501]. There are several specific exceptions carved into the copyright code for different types of creative works, uses, audiences, and other situations. But this doesn’t fall into one of those exceptions.

 

  • So, the anonymous infringer has broken the law.

 

  • [It’s not clear, yet, whether this person is also a criminal under 17 USC 506, because I haven’t seen any evidence of fraudulent intent or acting “for purposes of commercial advantage or private financial gain.”]

 

Next, anyone who downloads a copy of the book onto their smartphone or laptop is also an infringer. The same analysis applies as above, only with a different starting point. The underlying material’s copyright is still held by Wolff as the author. Downloading creates a “reproduction,” which is still unauthorized by the copyright owner. Unauthorized exercise of rights held exclusively by the author + no applicable exceptions = infringement.

 

Third, I found myself stuck as to whether I, as a person who had intentionally clicked through into the Google Drive hosting the PDF file, had also technically violated copyright law. Here, I hadn’t downloaded, but merely clicked the link which launched the PDF in a new Chrome tab. The issue I got hung up on was whether that had created a “copy,” that is a “material objects … in which a work is fixed by any method now known or later developed, and from which the work can be perceived, reproduced, or otherwise communicated, either directly or with the aid of a machine or device.” [17 USC 101]

 

Computer reproductions are tricky, in part because US courts lately haven’t exactly given clear guidance on the matter. (Because I was curious — In Europe and the UK, it seems like there’s an exception for temporary virtual copies, but only when incidental to lawful uses.) There’s some debate as to whether it’s infringement if only the computer is reading the file, and for a purpose different than perceiving the artistic expression. (You may remember the Google Books cases…) However, when it’s humans doing the reading, that “purpose of the copying” argument seems to fall by the wayside.

 

Cases like  Cartoon Network v. CSC Holdings have attempted to solve the problem of temporary copies (as when a new browser window opens), but the outcome there (i.e., temporary copies = ok) was based in part on the fact that the streaming service being sued had the right to air the media in question. Their copy-making was merely for the purposes of increasing speed and reducing buffering for their paid subscribers. Here, where the right to distribute the work is decidedly absent, the outcome seems like it should be the opposite. There may be a case out there that deals squarely with this situation, but it’s been awhile since copyright class (yay, graduation!) and I don’t have free access to Westlaw anymore. It’s the best I could do in an afternoon.

 

Of course, an efficient solution here would be to first crack down on the entities and individuals that first make the infringement possible – ISPs and content distributors. The Digital Millennium Copyright Act already gives copyright owners a process to make Facebook take bootleg copies of their stuff down. But that only solves half the problem, in my opinion. We have to reconcile our individual ethics of infringement too.

 

ETHICAL ISSUES, FOR ARTISTS IN PARTICULAR

One of the more troubling aspects of this pirateering that I saw was that the link-shares came from people who make their living in the arts. These are the folks who–rightly, in my opinion–rail against potential “employers” offering “exposure” instead of cold hard cash when they agree to perform. To expect to be paid for your art, while at the same time sharing an illegal copy of someone else’s, is logically inconsistent to me.

 

As a former theater actor and director (read: professional almost-broke person) myself, I can understand the desire to save a few dollars by reading the pirated copy. The economics of making a living performing are tough – often you agree to take certain very-low-paying artistic jobs as loss-leaders toward future jobs. But I have only met a very few of us willing to perform for free, and even fewer who would tolerate rehearsing with the promise of pay only to be stiffed after the performance is done. That’s essentially what’s happening when folks share this bootleg copy of Michael Wolff’s book.

 

I’ve heard some relativistic views on the matter, saying that THIS book containing THIS information is so important NOW, that a little infringement shouldn’t matter. But you could argue that Hamilton, the hit musical about the founding of our nation and government, has equally urgent messages regarding democracy, totalitarianism, individual rights, etc. Should anyone, therefore, be allowed to just walk into the theater and see the show without paying? Should the cast be forced to continue performing even when there is no longer ticket revenue flowing to pay for their efforts? I say that in order to protect justice at all times, we have to protect justice this time.

 

tl;dr

Creating, downloading, and possibly even just viewing the bootleg copy of Michael Wolff’s book linking around Facebook is copyright infringement. We cannot violate this author’s rights now if we expect to have our artistic rights protected tomorrow.

 

Contact Me!

These were just some quick thoughts, and I’m sure there’s more to say on the matter. If you’d like to discuss any copyright issues further, I’m all ears.


Car Wreck: Data Breach at Uber Underscores Legal Dangers of Cybersecurity Failures

Matthew McCord, MJSLT Staffer

 

This past week, Uber’s annus horribilis and the everincreasing reminders of corporate cybersecurity’s persistent relevance reached singularity. Uber, once praised as a transformative savior of the economy by technology-minded businesses and government officials for its effective service delivery model and capitalization on an exponentially-expanding internet, has found itself impaled on the sword that spurred its meteoric rise. Uber recently disclosed that hackers were able to access the personal information of 57 million riders and drivers last year. It then paid hackers $100,000 to destroy the compromised data, and failed to inform its users or sector regulators of the breach at the time. These hackers apparently compromised a trove of personally identifiable information, including names, telephone numbers, email addresses, and driver’s licenses of users and drivers through a flaw in their company’s GitHub security.

Uber, a Delaware corporation, is required to present notice of a data breach in the “most expedient time possible and without unreasonable delay” to affected customers per Delaware statutes. Most other states have adopted similar legislation which affects companies doing business in those states, which could allow those regulators and customers to bring actions against the company. By allegedly failing to provide timely notification, Uber opened itself to the parade of announced investigations from regulators into the breach: the United Kingdom’s Information Commissioner, for instance, has threatened fines following an inquiry, and U.S. state regulators are similarly considering investigations and regulatory action.

Though regulatory action is not a certainty, the possibility of legal action and the dangers of lost reputation are all too real. Anthem, a health insurer subject to far stricter federal regulation under HIPAA and its various amendments, lost $115 million to settlement of a class action suit over its infamous data breach. Short-term impacts on reputation rattle companies (especially those who respond less vigorously), with Target having seen its sales fall by almost 50% in 2013 Q4 after its data breach. The cost of correcting poor data security on a technical level also weighs on companies.

This latest breach underscores key problems facing businesses in the continuing era of exponential digital innovation. The first, most practical problem that companies must address is the seriousness with which companies approach information security governance. An increasing number of data sources and applications, and increasing complexity of systems and vectors, similarly increases the potential avenues to exposure for attack. One decade ago, most companies used at least somewhat isolated, internal systems to handle a comparatively small amount of data and operations. Now, risk assessments must reflect the sheer quantity of both internal and external devices touching networks, the innumerable ways services interact with one another (and thus expose each service and its data to possible breaches), and the increasing competence of organized actors in breaching digital defenses. Information security and information governance are no longer niches, relegated to one silo of a company, but necessarily permeate most every business area of an enterprise. Skimping on investment in adequate infrastructure far widens the regulatory and civil liability of even the most traditional companies for data breaches, as Uber very likely will find.

Paying off data hostage-takers and thieves is a particularly concerning practice, especially from a large corporation. This simply creates a perverse incentive for malignant actors to continue trying to siphon off and extort data from businesses and individuals alike. These actors have grown from operations of small, disorganized groups and individuals to organized criminal groups and rogue states allegedly seeking to circumvent sanctions to fund their regimes. Acquiescing to the demands of these actors invites the conga line of serious breaches to continue and intensify into the future.

Invoking a new, federal legislative scheme is a much-discussed and little-acted upon solution for disparate and uncoordinated regulation of business data practices. Though 18 U.S.C. § 1030 provides for criminal penalties for the bad actors, there is little federal regulation or legislation on the subject of liability or minimum standards for breached PII-handling companies generally. The federal government has left the bulk of this work to each state as it leaves much of business regulation. However, internet services are recognized as critical infrastructure by the Department of Homeland Security under Presidential Policy Directive 21. Data breaches and other cyber attacks result in data and intellectual property theft costing the global economy hundreds of billions of dollars annually, with widespread disruption potentially disrupting government and critical private sector operations, like the provision of utilities, food, and essential services, turning cybersecurity into a definite critical national risk requiring a coordinated response. Careful crafting of legislation authorizing federal coordination of cybersecurity best practices and adequately punitive federal action for negligence of information governance systems, would incentivize the private and public sectors to take better care of sensitive information, reducing the substantial potential for serious attacks to compromise the nation’s infrastructure and the economic well-being of its citizens and industries.


Acquisitions of Our Lives

Zachary Currie, MJLST Staffer

 

Growing up, my mother was an avid consumer of soap operas, which aired during the daily drought of day-time television. I never watched any soap opera closely, but I occasionally stopped in the living room while one was on and caught a glimpse of the whirling melodrama—after all, the characters were beautiful, handsome, and belonged to a realm of luxury far removed from my paltry existence. The story was always the same; it was always about banal, dynastic feuding, resulting in predictable and outrageous tragedies. But never once did I think that the content of a soap opera was accurate, not in the sense of being based on a true story, but in the sense of being as realistic as a story written by Ernest Hemingway about fishing for marlin in the Gulf Stream. My perception of the quality of soap opera writing changed when I was introduced to the melodramatic world of telecommunication corporations, their acquisitions, and anti-trust law, through its latest garish episode: AT&T’s bid for Time Warner.

 

The latest episode of this soap opera involves players as glamorous, foolish, rich, and powerful as any soap opera cast. A takeover of Time Warner by AT&T would create America’s sixth largest firm by pre-tax profits; the Department of Justice has expressed its disapproval of the star-crossed lovers’ plans to elope. Some important socialites in ermine fur have hinted, with winks, that DoJ is motivated by the Donald’s hatred for CNN, a channel owned by Time Warner. Others belonging to the grapevine scoff at the match, deriding it as unsophisticated and gauche; after all, the marriage will cost over a $100 billion, return on capital is egregiously low, and attempting to increase returns by forcing Time Warner content on AT&T consumers would irritate the ever-watchful and puritanical anti-trust regulators.

So, the plot thickens: is the corporate tryst motivated by an intent to commit some dirty illegality? Well, the DoJ was suspicious and nosy enough to file a suit seeking to block the acquisition. The suit claims that after the acquisition, AT&T would be situated to force rivals to pay hundreds of millions of dollars more per year for Time Warner content, and the new formidable couple would dampen technological innovation. But is the DoJ being disingenuous? Perhaps it is motivated more by priggishness, or, maybe, political vengeance, than a concern to foster competition. Remember, this acquisition is vertical integration rather than horizontal integration; there can be good, healthy reasons for vertical integration. One way in which vertical integration can be efficient is through gaining economies of scale, when average total cost decreases with increasing output; surplus from gaining economies of scale may outweigh social costs caused by imperfect competition. Another advantage of vertical integration is the correction of market governance failures: integration allows firms to internalize the costs that arise from strategic and opportunistic behavior. Has the DoJ seriously considered all the consequences of acquisition? One anonymous attorney general claimed that the DoJ has not been forthcoming with any economic analysis helpful to decide whether to sue. Stay tuned to see the end of this Great American Corporate Love Story. Other juicy details include AT&T’s use of one of Trump’s former lawyers and Trump’s tweets about CNN (including an edited wrestling video showing Trump punching a man whose head is replaced by the CNN logo) for litigation.


Initial Coin Offerings: Buyer Beware

Kevin Cunningham, MJLST Staffer

 

Initial Coin Offerings, also known as ICOs or token sales, have become a new trend for startup companies raising capital using cryptocurrency and blockchain technology. ICOs are conducted online where purchasers use virtual currencies, like bitcoin or ether, or a flat currency, like the U.S. dollar, to pay for a new virtual coin or token created by the company looking to raise money. Promoters usually tell purchasers that the capital raised from the sales will be used to fund development of a digital platform, software, or other project and that the newly created virtual coin may be used to access the platform, use the software, or otherwise participate in the project. The companies that issue ICOs typically promote the offering through its own website or through various online blockchain and virtual currency forums. Some initial sellers may lead buyers of the virtual coins to expect a return on their investment or to participate in a share of the returns provided by the project. After the coins or tokens are issued, they may be resold to others in a secondary market.

 

Depending on the circumstances of each ICO, the virtual coins or tokens that are offered or sold may be considered to be securities. If they are classifiable as securities, the offer and sale of the coins or tokens are subject to the federal securities laws. In July 2017, the Securities Exchange Commission (SEC) issued a Report of Investigation under Section 21(a) of the Securities Exchange Act of 1934 stressing that any ICO that meets the definition of a security in the United States is required to comply with the federal securities law, regardless of whether the securities are purchased with virtual currencies or distributed with blockchain technology.

 

Since the SEC issued its July Report regarding ICOs, the Commission has charged two companies with defrauding investors. In the pair of ICOs purportedly backed by investments in real estate and diamonds, the SEC alleged that the owner of the companies, Maksim Zaslavskly, sold unregistered securities. In one instance, the SEC alleges that, despite the representations to investors of Diamond Reserve Club, Zaslavskly had not purchased any diamonds nor engaged in any business operations.

 

Issues with Initial Coin Offerings continue as the Tezos Foundation was hit with its second class-action lawsuit over its Initial Coin Offering after an ICO contributor alleged breaches of securities laws. The two cases have been filed in the California Superior Court in San Francisco and United States District Court in Florida. The Tezos ICO raised over $232 million just months ago and plaintiffs in the suit say that they have not received the promised tokens. Infighting amongst the owners of the company has led to a significant setback in the venture, which aims to create a computerized network for transactions using blockchain technology. The lawsuit alleges that contributors to the fundraiser were not told that it could take more than three years to purchase the ledger for the project’s source code. Additionally, the plaintiffs allege that the time frame was not disclosed to investors despite it being a material fact.

 

It is likely that many issuers of virtual coins and tokens will have a hard time convincing the SEC and other regulators that its coin is a merely a utility rather than a security. For many of the firms, including Diamond Reserve Club, the problem is that the tokens they are selling for the projects only exist on paper, and so they have no other function than to bring in money. Likewise, most investors currently buy tokens not for their utility, but because they are betting that on an increase in the value of the virtual currency. It seems that this will not be an issue that will be resolved quickly and it is likely that heightened regulatory scrutiny will come due to the continuing claims against ICOs for companies like Tezos.


The Electric Vehicle: A Microcosm for America’s Problem With Innovation

Zach Sibley, MJLST Staffer

 

Last year, former U.S. Patent and Trademark Office Director, David Kappos, criticized a series of changes in patent legislation and case law for weakening innovation protections and driving technology investments towards China. Since then it has become apparent that America’s problem with innovation runs deeper than just the strength of U.S. patent rights. State and federal policies toward new industries also appear to be trending against domestic innovation. One illustrative example is the electric vehicle (EV).

 

EVs offer better technological upsides than their internal combustion engine vehicle (ICEV) counterparts. Most notably, as our US grid system moves toward “smart” infrastructure that leverages the Internet of Things, EVs can interact with the grid and assist in maximizing the efficiency of its infrastructure in ways not possible with ICEVs. Additionally, with clean air and emission targets imminent—like those in the Clean Air Act or in more stringent state legislation—EVs offer the most immediate impact in reducing mobile source air pollutants, especially in a sector that recently became the highest carbon dioxide emitter. And finally, EVs present electrical utilities that are facing a “death spiral” an opportunity to recover profits by increasing electricity demand.   

 

Recent state and federal policy changes, however, may hinder efforts of EV innovators. Eighteen state legislators have enacted EV fees—including Wisconsin’s recent adoption, and the overturned fee in Oklahoma—ranging from $50 to $300 in some states. Proponents claim the fee creates parity between traditional ICEV drivers and the new EV drivers not paying fuel taxes that fund maintenance of transportation infrastructure. Recent findings, though, suggest EV drivers in some states with the fee were previously paying more upfront in taxes than their ICEV road-mates. The fee also only creates parity when solely focused on the wear and tear all vehicles cause on shared road infrastructure. The calculus for these fees often neglects that EV and ICEV drivers also share the same air resources and yet no tax accompanies EV fees that would also charge ICEVs for their share of wear and tear on air quality.

 

At the federal level, changes in administrative policy are poised to exacerbate the problem further. The freshly proposed GOP tax bill includes a provision to repeal a $7,500 rebate that has made lower cost EVs a more affordable option for middle class drivers. This change should be contrasted with foreign efforts, such as those in the European Union to increase CO2 reduction targets and offer credits for EV purchases. The contrast can be summed up with one commentator’s observation regarding The New York Times who reported, within the span of a few days, about the U.S. EPA’s rollback of the Clean Power Plan and then about General Motors moving toward a full electric line in response to the Chinese government. The latter story harkens back to Kappos’ comments at the beginning of this post, where again a changing U.S. legal and regulatory landscaping is driving innovation elsewhere.

 

It is a basic tenant of economics that incentives matter. Even in a state with a robust EV presence like California, critics question the wisdom of assessing fees and repealing incentives this early in a nascent industry offering a promising technological future. The U.S. used to be great because it was the world’s gold standard for innovation: the first light bulb, the first car, the first airplane, the first to the moon, and the first personal computers (to name a few). Our laws need to continue to reflect our innovative identity. Hopefully, with legislation like the STRONG Patents Act of 2017 and a series of state EV incentives on the horizon, we can return to our great innovative roots.