Tuesday, December 30, 2008

True innovators giving away life-changing innovation for free (as many times happens)

Two students created a mouse that allows people with total paralysis to manage a computer with their eyes. This development resulted in them receiving the award to Technological Innovation 2008, given by the Argentine-German Chamber of Commerce. The project, carried out by the school ORT located in Belgrano (a neighbourhood in Buenos Aires) is the continuation of work done two years ago when they developed a device aimed at people with paralysis called “Head Mouse”, which required head movements to operate the computer.

The new device, the “Eye Mouse”, allows controlling a computer with eye movements, which would let thousands of people that have amyotrophic lateral sclerosis to use a computer. The project started when a friend of one of the students’ father contacted them to access the “Head Mouse” but discovered that his disease did not allowed him to use it. That prompted the students to work on adapting it so it could be controlled using only the eyes.

As if the development wasn’t good enough, the students decided that that sort of device should be available for everyone that needs it and posted on the school’s blog how to build it and the necessary software, giving a de facto licence to everyone to use the fruit of their innovation royalty-free.

Now that there is a global crisis and that a new US president is going to be sworn in, many members of knowledge industries are using an obscene amount of resources to lobby almost everyone that have a saying on IP issues to convince them that innovation depends on strong and stronger IP rights and that the wealth that IP rights seem to guarantee are the necessary incentive for innovators…well, a couple of school students in the South of the planet are giving yet another example that the argument is simply not true. People innovate and create due to a very vast array of reasons and there is growing evidence that IP rights have gone quite beyond the point where they have become more a burden than an incentive to innovation…

Wednesday, December 17, 2008

Indentity, e-government and using ICT for judicial proceedings

Few weeks ago while living a talk about e-government at the MERCOSUR Conference for Computer Law in Cordoba, Argentina, I repeated my discontent with the overemphasis that Civil law jurisdiction place on the issue of identification and the constrains that the identification requirements place on the use of ICT for government and judicial business. The issue requires a quite long and deep analysis but, notwithstanding the long tradition of written documents in Civil law jurisdictions and leaving apart the scaremongering of identity theft in Internet (it does exist, it is growing but the sky is not falling), the issue is one of cost-benefit and usefulness. I have suggested for a while that even mobile phones should be allowed to transact with the recognition of the phone’s unique transmission identification as prove of identity, and finally a country, Estonia, has decided to move towards allowing its citizens to vote using their mobile phones. It ca be argued that not every country is like Estonia, but once the move is started there, studies should be conducted to adapt the idea to countries with other cultural backgrounds, but where participation and transparency could be greatly enhanced by the use of ICT. Those countries, while lacking extensive Internet and computer networks deployment, have an increasing number of mobile phones in the hands of their population.

Other example that shows that there is an excess of focus on the issue of identity in certain jurisdictions is the one given by the recent situation in Australia…there an Australian lawyer used Facebook to serve an eviction notice on a couple, move that was then approved by an Australian supreme court. The lawyer tried several times to contact the couple by other means without success, so he opted for Facebook. The lawyer's client had been given permission to repossess their house in Canberra, but Australian law requires anyone losing their home to be notified. In April, a lower Australian court ruled against documents being served by Facebook because the option of contacting a person via post was not exhausted, but in the latest ruling, the judge allowed it to happen but insisted that the documents must be attached to a private message sent via Facebook that could not be seen by other members.

Can you imagine that in most Civil law jurisdictions?...not by coincidence some countries are in the state they are…

Monday, December 08, 2008

Convicted for "assisting" suicide in Internet

The Correctional Tribunal of Guingamp, France, found the defendant Joel Avrillon guilty of "not assisting a person in danger" for his guidance and advice as to how to commit suicide given to a teenager in a Internet chat-room. The 16 year old teenager told the defendant that she was planning to commit suicide and Avrillon explained to her how to do it. When the girl committed suicide by taking an overdose of morphine, as suggested by the defendant, Avrillon was originally accused of "inducement to suicide" but the crime was changed (probably to secure a conviction)…not need to say that those encouraging others to commit suicide, especially when the “others” are vulnerable, don’t deserve much sympathy, but the issue is whether providing information constitutes a crime…In the last few years the law has been modified so the provision of information per se may imply criminal liability and posting in Internet information that can be used to commit crimes or even supporting a criminal cause can lead to prosecution. Although in this case it seems that the defendant did guide the victim towards committing suicide, it could be argued, as the mother of the victim has argued, that the pharmacy that provided the morphine is closer in the chain of causation than somebody that randomly met the victim and explained to her how to do what it seems she was planning to do beforehand…again, it is difficult to feel sympathy for the defendant, but this is the type of case that test where one stands on the assertion of criminal liability. What type of information is legal to provide? Does any information that can be used to commit a crime or may result in somebody suffering an injury or death attract criminal liability? Would it be correct to prosecute TV presenters that show how to drive car very fast (and dangerously) every time that somebody has an accident due to reckless or dangerous driving?...

Sunday, December 07, 2008

Visualizing networks: how information travels in Facebook

Palantir have created an application that allows the user seeing the social interactions of Facebook members, the efficacy of the adds and the actions within friends' networks...there could be many implications for such development, but for now, it seems a very cool thing (and quite more useful that one may think)...

Wednesday, December 03, 2008

Internet fraud and banking security gone mad

Few weeks ago I wrote about the steep rise in reports referring to Internet fraud and online banking fraud and how careful one needed to be when taking those things at face value. Even respected financial publications as the Financial Times enter into the trend of publishing and amplifying reports that talk about increasing Internet fraud but recognize “the absence of comparative data from previous years”, which makes extremely difficult to prove or disprove that what companies with vested interest in the topic are saying. But governments and companies react…and heavily handed (even stupidly)…and today I’ve had a clear and ridiculous example of how bad things are going. Taking into account that I have lived in several countries, keep family and banks accounts in most of them and I travel quite (very) often, my bank account receives and send money in a very international and sometimes strange pattern. You would expect that my bank, after six years of having an account there, would know that and would react to it accordingly. However, today after making some international transactions (for which I notified the bank before hand) my account was frozen. I spoke with the people in security (by phone) and they “defrost” my account. Some minutes later, after other transactions, it was frozen again, and there is when the situation turned Kafkaesque, surreal and very bizarre. I went to a branch of the bank to explain the situation and, after half an hour on hold (yes, while calling from inside the bank) a person told me that my account had been frozen due to suspicious activity but that she couldn’t tell me the exact reason why, she couldn’t unblock the account and she couldn’t connect me to anyone that could either unblock it or tell me what was going one…somebody would contact me….so, I decided to speak with a personal banker. The reason for that is very simple: banks don’t own the money, they hold it under a mandate from the owner, vg the client, vg me. So, if the client, vg me, appears in personam in a branch, has prove of identity and gives a mandate, that should be the end of the story, regardless what the situation could be, specially when the client, in personam, clarifies that all the suspicious transactions have been carried out by him/her…but it seems that is not anymore. Somebody in security told the personal banker that a special investigations unit had the case so there was nothing that anybody could do until that unit decided to contact me (?!), even after I certified that the transactions in question were genuine…so, what are they going to investigate? The thing went beyond surreal when I said that I wanted to close my account and they told me that I couldn’t until this mysterious unit decided that everything was OK…
The legal issues are more complex that one may think because one may tend to imagine that they are fulfilling some contractual obligations and that they have some rights given my me in the contract, but the buck stops when the client/owner is present and certifies the absence of fraud. Any contractual clause giving the right to the bank to not carry out the mandate of the client in order to “protect” the client against the wishes of the client would very likely to be deemed unfair under the UCTA 1977 and the subsequent European legislation. The problem is that it seems that the system is designed in such a way that there is no way to override it even when the legitimate owner of the money wants to do so. Is like having a plane in automatic pilot, the automatic pilot is going to crash the plane against a mountain by mistake and the pilot had no right to take the controls…total madness.
Some of the transactions that I will no be able to carry out involve foreign currency…will the bank be liable for the difference in exchange rate that may occur while its carry the unneeded investigation? (the pound keeps loosing value against almost any serious currency in the world) What about loss of enjoyment? Some trip may have to be cancelled…and the list is very long, but banks keep justifying that unacceptable behavior (is like having somebody’s money kidnapped) with the excuse that Internet and online banking fraud is on the rise…why not using some of the funds wasted in unnecessary investigations into educating the public so most of the fraud, which is based on convincing people more than actual technical expertise, never takes place…

Monday, December 01, 2008

Prize to innovation for Coloriuris

Last June, during a presentation at the European Intellectual Property Teachers Network workshop in Newcastle, when I mentioned ColorIuris as one of the forms of alternative licensing I could see that most attendants made notes about the tool (leading me to assume that they had never heard about it before). Well, ColorIuris is an alternative form of licensing but goes far beyond that: it is actually a form of administering protected content, putting the holder of the right in control of what can and cannot be done with the creation in question. It relies on a series of well-crafted contracts that allow the right-holder to express in a clear and precise form what she/he wants the user to do with a work. The legal analysis of the tools has always made me, and others, think that it could represent the solution that other forms are not providing, but it now has gone a step further with the recognition given by the Ministry of Industry, Tourism and Trade of Spain that awarded to ColorIuris one of the FICOD 08 Prizes to Innovation for its creation of a “simple tool for self-managing copyrights”…more than very well done! A proper celebration would provide another excuse to go to Zaragoza in winter…

Monday, November 10, 2008

The hypocritical hypocrisy of the hypocrites

I normally prefer the straightforward style of writing exemplified, between others, by Unamuno, but I do recognize the need of sometimes resorting to the baroque form chosen by Borges in his “Universal History of Iniquity” or by Umberto Eco in “The Island of the Day Before”. The later used it to adequate his writings to the style prevailing in the time when the story occurred, while Borges used it to both show the flaunting and squandering of art, and illustrate by rhetorical exaggeration and adjectivation how things and people had gone wrong. The title of this post enters into the last category, where hypocrisy is elevated to unsuspected heights by a mass of hypocrite citizens and politicians.
Few weeks ago, that now seem centuries, two comedians during the recording of a radio programme made some allegedly not tasteful, not funny and out of place remarks, which were left in other comedian’s answering machine. The whole phone call is there and it seems that originated when Russell Brand called Andrew Sachs for a previously agreed on-air (not exactly because it was recorded) conversation. The fact is that it looks like Andrew Sachs was not at home to answer the phone as expected (agreed?) and then Brand and Jonathan Ross started to fill the time by making what they thought were funny remarks and leaving them in Sachs’ answering machine.
The whole “incident” was part of a pre-recorded programme and, therefore, before going on air the programme was supposed to be edited and vetted by some sort of editor/producer, who seemed to have thought that there was nothing wrong with the phone “conversation”. After airing it there were some complaints about the tone of the programme and there is when the hypocrisy’s pandemonium started.
It seems that there were about 37,000 complaints, but what some newslets forget to mention is that most of the complaints were made after the issue became news and not after the complainers originally listened to the programme (the original number was 1,585). Now, let’s assume that, out of an estimated regular audience of 400,000 (and the more than 1,300,000 that have listened to the tape via YouTube), the original number was 37,000 complaints ; do those people, representing less than 10% of the audience have the right to impose their sense of what is right or wrong on the rest of them and onto the BBC? One has to be very carefully with the answer because if the answer is “yes”, then there are many minorities that would have the right to stop main stream speech in the country…But this is still assuming that there were originally 37,000, which was not the case. It can be easily argued that those that complained after the situation hit the news had either never heard the programme or they heard it after the situation become public, which would imply that they had no right whatsoever to be offended for listening material that they previously knew that was likely to offend them (has anyone heard the principle of volenti non fit injuria?). What it seems that has actually happened is that we have a large but minority group that is acting out of unhappiness with both the TV licence fee and the way the BBC uses it, but that should not, one would say must not, influence the editorial line of any programme. If people have an issue with the licence fee should contact their MP and or send a petition to Downing Street Number 10; if people are envious of how much Jonathan Ross earns, well, they may need to see a doctor...
Then we have the legal issues. There is no much doubt that the programme has not infringed in any way the Obscene Publications Act 1959 (or the 1964 version). There the test is very straightforward and the publication would be deemed obscene if it tends to deprave and corrupt the readers/listeners and, regardless how much you may dislike either of the presenters or both, what they say could not be deemed to deprave and corrupt anyone. If someone, really trying to vent his/her anger through accusing the presenters or the BBC of something, claims that the messages left can deprave or corrupt I would invite that person to check any day any TV channel or even go around the city where you will see plenty of adds of a brand that, although having another meaning, has a very close resemblance to the offensive word in question (so much that the brand’s advertisement has been suppressed in countries with quite stronger freedom of expression laws than the ones in England). So, claiming obscenity under OPA 1959 seems out of place.
Some people have made reference to Section 127 of the Communications Act 2003, but, strangely enough, misquoting the act in question. S 127 does not “prohibit using the phone to send offensive messages” but it criminalizes the use of a phone to send a message that is grossly offensive or of an indecent, obscene or menacing character, and the test for grossly offensive has been established by the House of Lords in DPP v. Collins [2006] 1 WLR 2223, a test that the calls in question clearly don’t satisfy. The fact that there were several calls would not attract the liability referred to in s 127 (2) because due to the nature of the people involved it is unlikely that any court would seriously accept that the receiver of the call could be annoyed, inconvenienced or needless anxious. Although there has been a big fuzz about the age of the recepient of the call and how could have been affected by the call, it is important to remember that we are talking about a person that is famous for being a comedian that played a role that misrepresented the character of Spanish people in general and Barcelona in particular and that was constantly subjected and accepted to be subjected to physical and verbal abuse from his boss (with many references to being not only not able with English but also a “thick”, vg not smart, person, as when it got a common rat thinking that it was a Siberian hamster) , and there are no many records of him apologising to Spanish people (probably what makes the whole situation more hypocritical is the fact that his portrayal of a Spanish waiter is deem to be one of the most iconic characters of British comedy). It should be notted that his characterisation was funny and that it would be wrong to ask him to apologize to the Spanish people, because comedy sometimes could offend (and it is right if it does so).
Other issue to take into account is whether publizicing that Russell Brand had sexual relations with Andrew Sachs grandaughter violated or not the rights established in art 8 of the European Convention of Human Rights, incorporated into UK law by the Human Rights Act 1998. It is quite surprinsing to read several lawyers affirming that there is a “clearly a breach of Article 8 of the Human Rights Act in relation to her privacy over sexual relations and bears comparison to the recent Mosley case”, because if there is something clear here is that nothing is clear. The first thing that needs to be properly clarified is that the situation bears no comparison whatsoever with the recent Mosley case: in that case there was a clandestine recording, a publication of the information and still photographies and the placing of the video extracts on the News of the World website, while in the case of Brand and Ross, Ross is a third party that received the information from one of the participants of the consensual sexual relation, who seemed to not object to that information being made public. The legal authorities seem to support quite the opposite of what many lawyers have said. In the Garry Flitcroft case the Court of Appeal supported the view that not all relationships deserve the protection of the law and in Theakston v MGM Ltd it was clearly stated that “the very concept of a relationship for the purpose of confidentiality is simple inapplicable to […] transitory or commercial relations”. Furthermore, while in CC v AB (2006) it was recognized that there was a reasonable expectation of privacy in personal and sexual relationships, the court also said that a fleeting one-night encounter would attract less protection. So, not very clear counsellor…
Finally, what is at stake here it freedom of expression, for which I refer to the words of former Chief Justice of the US in Hustler Magazine and Larry C. Flynt v. Jerry Falwell,

And, as we stated in FCC v. Pacifica Foundation, 438 U.S. 726, 98 S.Ct. 3026, 57
L.Ed.2d 1073 (1978):

"[T]he fact that society may find speech offensive is not a sufficient reason for suppressing it. Indeed, if it is the speaker's opinion that gives offense, that consequence is a reason for according it constitutional protection […] government must remain neutral in the marketplace of ideas." Id., at 745-746, 98 S.Ct., at 3038.

See also
Street v. New York, 394 U.S. 576, 592, 89 S.Ct. 1354, 1366, 22 L.Ed.2d 572
(1969) ("It is firmly settled that . . . the public expression of ideas may not
be prohibited merely because the ideas are themselves offensive to some of their

What probably constitutes the apotheosis of hypocrisy is that the same people that believe that speech that is deeply offensive to a minority of the population should not be restricted seem to be quite happy with firing two comedians for their “excesses” (which don’t seem to be so exceeded). Is that the standard that these 37,000 people want for British freedom of expression? Would they agree when a minority objects the showing of women skin on TV because it offends their sense of religiosity?
The comments of the Prime Minister and other politicians don’t deserve a comment…I assume that they are also concerned with the manifest obscenity of some of the things happening under their watch…

Wednesday, November 05, 2008

IP homework for Obama

The show is over and we finally have a winner, and the process of reuniting the US with the rest of the planet started even before that: it seemed quite clear that most non-Americans wanted Barack Obama to win the elections and, after 8 years of discrepancy, the American people concurred with the rest of the world. After the 21st of January president-elect Obama will have to deal with a couple of wars, international conflicts and a quite complicated economic/financial situation, but it will also have to deal with more mundane issues, which may have longer term effect on the rest of the world and in American competitiveness. One of them is IP policy and legislation.
It has been argued for quite long that IP policy and legislation in the US has been captured by a small group of lobbyists with very deep wallets, who then convinced Washington that those policies needed to be exported for the benefit of the country’s wealth and competitive advantaged, but that the real effect of the current IP policies has been, at best, completely unknown. The numbers and recommendations of those lobbyists and the “independent” researchers hired by them have been taken by successive governments at face value, without the state fulfilling its duty to act as an arbiter between competing interests and truly establishing the value of different assertions. It can be sustained with certain degree of certainty that the current level of protection for intellectual property rights benefits some companies (the same certainty could not be applied to whole industries) and that the real effect on countries wealth is uncertain. There enters president-elect Obama.
In a interview with the Rolling Stone magazine, the then candidate Obama responded affirmatively to whether legislation had been outsourced to private interest and also said that the degree to which the US had had “drug companies writing drug legislation, without regard for the public interest [had] to change”. He also referred to the need for a 21st Century New Deal involving the use of technology for people’s participation in government and have campaigned on a platform promising more funds for research and education. And all that leads to IP rights. The current, ideologically-charged lobbyists-created answer would be that more protection would be needed to ensure that the researchers get rewarded and more technology is developed…but is that true? Always not friend of anecdotal evidence, I need to say that while being in St Louis, MO, last year I met several of the most prominent people in industry and research dealing with biotechnology and pharmaceuticals, and off the record they recognized that they did not have an idea whether the increased protection had given them any benefits (it could be) but they were sure that it created an extra burden to navigate through the net of patents already existing. As said before in previous posts, it is to expect that after bailing out banks for hundred of billions, their claims of wealth-creation will not be taken at face value and, taking into account that the cost that IP protection represents for society (not only on enforcement but the more dynamic costs of tolerating a monopoly), the same should be applied to IP, which leads us back to the new president.
What would be a sensible agenda for IP? The first and more important measure, and the one that should precede setting up any agenda is to get the state to become a independent third-party assessing the real needs of the industries and society and the costs and benefit of each option, and for that the solution seems quite straightforward: president Obama’s IP policy should certainly start with a Gowers style assessment and report that clarifies the current state of the policy and legislation, considers the cost and benefit of different options and propose a way forward taking into account the interests of society and industries alike.

Monday, October 20, 2008

E-banking, online security and ID databases: getting the picture right

It has been widely reported that fraudsters have hacked the online account of French President Nicholas Sarkozy and there were also mentions to the hacking of Sarah Palin’s personal email account, which all has been linked to the raise in online banking fraud, but, were they really hacked? There are probably too many meanings of hacking and they all refer back to hacker as that who “uses his skill with computers to try to gain unauthorized access to computer files or networks” (English Oxford Dictionary), so the question is whether we are confronting an army of skilled computer geeks trying to make millions (which deserves a particular policy and legal response) or if we are actually dealing with a large (very large) group of inept users being conned by common thiefs using common techniques (which would imply a completely different policy and legal answer).
The press and some public officials have jumped to the bandwagon of tougher measures and more control over the activities people carry out online but it seems that we need more information to be able to engage seriously with the topic and devise a propery policy and legal answer. The information provided in the Sarkozy’s case is more than insufficient, but does not seem to lead to what people commonly understand as hacking: it seems that the criminal got their hands on the President’s password in the same way the they were able to guess Governor Palin’s secret question, which does not suggest any use of a particular computing skill or breach of any netwrok’s security measure (if you loose the key to your house and somebody uses it to enter and steal things, you can claim that the person entered unlawfully but not the he/she picked yout lock). Of course somebody may point out that the news don’t specifically say that the electronic security systems were hacked, but the news are normally closely related (and linked) to the rise in online banking fraud and the need of tighter online and offline ID schemes. But they may actually prove the opposite…
A proper report on how the crime is committed can be found in an Argentine newspaper and there you see that this type of crime has nothing to do with the use of online banking but with pure and old crooks and too much data in the wrongs hands. The link takes you to an audio report, which, lossely translated, refers to the crime been committed by intercepting people’s correspondence (bank statements), having an insider in the section of the Police dealing with IDs who would make copies of passports, bugging the telephone line of the account holder to listen the conversations with the bank, disconnecting the customers’ phone line and replacing it by one of the criminal’s phone, requesting the transfer of the balance to the criminal’s bank account by phone, sending by fax proof of ID and, once having the money in the criminals' accounts, reconnecting the original customer’s phone line. So, it seems that it is a little more complicated than “hacking” a bank account and that the proposed policy and legal responses are not quite the ones needed. For example, tt can be argued that if the whole transaction was conducted online and no bank statements had been sent, no telephone conversations carried out and no central ID data base existed, the whole scam wouldn’t work. However, these are the types of news used to justify national IDs and security services rights to monitor/interfere electronic communications. One may argue that taking into account the perceived unreliability of Argentine security forces and their past behaviour they are not a good example to be used to judge developed countries’ policies, but that argument would be fatally flawed due to ignorance (the security forces are quite more efficient than many in developed countries taking into account the resources they have) and due to the fact that one of two criminal inside the organization copied national IDs cannot be compared to the many times that personal data, even sensitive personal data, has been “lost” in, for example, the UK. Furthermore, if the president of one of the powers of the world or his security services cannot keep his password safe, you can imagine how much we can rely on them keeping our data out of unfriendly eyes’ sight…So, a president and a governor’s loss may make good headlines, but it seems to be bad guideline to judge online security and the need of stricter measures to identify people…

Monday, October 13, 2008

IP in the Times of the Crunch

Some 20 years ago the English translation of Nobel Prize winner Garcia Marquez work El Amor en los tiempos del colera (Love in the Time of Cholera) was greeted with all the expectation and enthusiasm that a translation of a great (superb?) novel was supposed to generate. And it did not disappoint its fans. The novel dealt with universal issues as love as disease (both emotional and physical), aging and death and suffering for love and ones’ love, having the cholera as literal background in the form of the speciality of the main character’s husband and as metaphorical tread that assimilated love as a cholera-like disease.
It was also in 1988 that the world of IP saw some developments that planted the seeds for current situations that spread around the globe in following years, and also with pandemic proportions. In the Uruguay Round of GATT the parties failed to reach and agreement on the topics that the then proposed Agreement on Trade Related Aspects of Intellectual Property Rights, TRIPS, should have, and was one of the last times that the developing countries would stick together and refuse to agree to a legal instrument too focused on the rights holders side of the equation and not on the users of intellectual property rights, which implied going to the Montreal meeting the following year without any agreement. In the domestic side, the UK Parliament passed the Copyright, Designs and Patents Act 1988, which reformed intellectual property rights in the UK in quite radical form, doting right holders with more and stronger rights. The twenty years that followed have been a never-ending story of giving more and stronger rights to rights holders and one of a modification of the collective unconscious from the realization that IP rights are a state-given privilege towards the fictitious situation where they are recognized as almost real property.
All that comes together when twenty years later we are going through a period where a credit crisis of pandemic proportions seems to propagate and affect the weak and the strong as a cholera epidemic would do. In time of the crunch everyone gets affected, even those that have taken care of their health and have made preparations for it. It could be argued that, as with the cholera, those that are stronger and fitter stand better chances to survive it, but it seems unlikely that even them would leave the situation unscathed. And this refers to IP rights holders too.
One of the first victims of the credit pandemic is greed and the twisted ethics that it is fine to make any amount of profits without caring of the social impact of the business/economic decisions. In addition to the sensation of having been ripped off by banks and bankers (many times, if not most, this sensation matches the reality), since it is society the one that will have to bail out those that have lived as if there were no future and spending dozens of thousands in champagne per night (a gross generalization but there have been plenty of cases like that) it seems only fair that from now on (at least for a long while) every business decisions would have to be vetted for social impact more than for profitability (in any case society will pay for the losses anyway). This will clearly affect IP rights holders and it is very likely that society would look for the social value of a right and, expectedly, request stronger evidence from those claiming that stronger IP rights do encourage innovation and creativity resulting in a benefit to society. It seems that after bailing out those that have been claiming that they were leading society in wealth creation, society will be right to expect that anyone looking for using the law to extract profits that its business model does not seem to guarantee anymore should give very compelling evidence on that respect. So, if the first casualty is greed the second would/should be the current low standard of proof for claims of social benefit from those ripping fortunes with help from the law.
Another likely effect on the IP rights holders from the current crisis could be seen in the risk-aversion that investors will have to show from now on. There are several reasons for this but we could focus on the losses that investors may suffer for taking risks and the potential lawsuits from institutional investors even when the investment has been sound. IP rights were used by rights holders as both defensive and offensive weapons and many companies would recognize having a vast number of, for example, patents, in order to force competitors to negotiate non IP rights issues with the threat of litigation. In a risk-adverse scenario, investors would run away from companies that base their business strategy in litigation (or the threat of), which would imply that IP rights holders will have to do what IP rights were supposed to encourage: be creative and innovative if they want a market advantage and not using IP rights to stifle creativity and innovation in the market.
The credit crunch may also mean that resorting to litigation becomes the very last resort. Many companies will have to sharpen their pencil to make sure that they can survive in a cash-dry environment and putting a lot of it into a lawsuit and lawyers’ fees may not seem very advisable. It is also unlikely that companies will be able to get financing as the one available until not long ago to bear the financial cost of litigation. It could be suggested that the crunch may induce companies to defend their IP rights even in stronger fashion, but that logic may hit the wall of a new reality where cash is rationed for anything outside the core operations of a firm.
Finally, the summits that we are seeing between the leaders of developed countries, which will soon probably incorporate some of the most advanced developing countries, are been heralded as leading towards a Bretton Woods II and including topics of finance and trade. It seems implausible that, based on the previous reasons, governments would scorn one group of greedy businesspeople to keep giving a carte blanche to other one (and the impact of the later goes from access to knowledge to public health).
In time of the cholera it is important to stay clean and healthy and you may still fall ill; and in time of the crunch it is likely that you may fall ill even while being clean, but to get the necessary help you may need to look cleaner than pristine, and there the IP rights holders have a lot of work to do…

Thursday, October 09, 2008

TelePresence. A technology to beat the credit crunch and global warming or having a third party peaking at your meetings?

Today’s Financial Times runs an article referring to the benefits of using TelePresence technologies, to both cut costs and reduce companies’ carbon footprint. The technology seems quite amazing and gives users the opportunity to carry out meeting that seem real while the participants are scattered around the globe. By using this technology, millions are saved in travelling cost and workers’ time, keeping the vilified use of planes and cars to a minimum (I stress vilified because despite the huge media fuss, if we forget the costs, airlines produce only 3% of CO2 emissions in Europe). The idea is that big companies, that can afford it, will buy the whole system (hardware and software) while smaller ones will either lease it or pay per use in dedicated TelePresence centres, and here is where things get complicated. I have spent some time looking for the terms of service without finding any reference to anything looking like legal issues, and these legal matters could be quite serious for companies using the technology by leasing it or on pay per use basis.
The first and most obvious issue relates to data protection, privacy and security. Will the provider of the service put in place the technological and legal safeguards to make sure that only the participants of the meeting have access to the data that the meeting generates? Will the company paying for the services have access to such a data? If that is the case and some of the participants are in England, will the company have to inform the meeting participants about such monitoring and data retention as requested by RIPA 2000? Just a general notification or one each time that a meeting starts?
It seems unlikely that companies using the service as lessee or on pay per use basis would accept the owner of the system to monitor the meeting and/or retain the data resulting from it, but it the provider of the service does not do so and the system is used for illegal purposes, would the provider be liable? While the answer seems to be no, we are facing a very strong attack against third party’s immunity, which may end in making intermediaries liable for almost anything that happens in their systems.
Other important issue relates to the differences between the need of a warrant to bug a real-life meeting and the potentially easier access that the authorities would have to tap into electronic communications (without mentioning the possibilities of hacking).
I have always suggested that one of the ways to deal with rising costs and rising emissions is the use of technologies like the proposed, but unless there is a clear message towards stronger privacy and third party/intermediary immunity laws, we may better start planting more trees…

Monday, October 06, 2008

Girls Aloud blogger on trial: a case of obscene prosecution?

Some newslets have carried the news that Darryn Walker is being prosecuted under the Obscene Publications Act 1959 for “posting a comment on a fantasy [erotic website] which allegedly described the kidnap, mutilation, rape and murder of Girls Aloud members Cheryl Cole, Nadine Coyle, Sarah Harding, Nicola Roberts and Kimberley Walsh”. All the posts refer to allegations and it seems that none of those writing have actually read the post in question, excepting the Internet Watch Foundation that has made the complaint (it will be good to know if the fact that the foundation’s CEO has been member of the Obscene Publications Branch at Scotland Yard has had any bearing on the unit taking action in this case), so we can talk about it in very general terms (if you have time to look for it within all the archives of the site, let us know).
Starting with the law, most reports mention that the test under the OPA 1959 (section 1) is whether an article’s “effect or (where the article comprises two or more distinct items) the effect of any one of its items is, if taken as a whole, such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it.” The current statutory provision has been taken from earlier common law, as in R v Hicklin (1868) where it was defined as tending “to deprave and corrupt those whose minds are open to such immoral influences, and into whose hands a publication of [that]sort may fall”. So, there is no need to actual depravation or corruption but a tendency to do so and that has proven, rightfully, to be quite problematic. The first problem is that it assumes a patriarchical view that those reading a material are not depraved or corrupted already, to then follow it with the patronizing principle that people are easily corrupted and depraved by either images and/or written words. Strangenly enough, if the publication in question causes shock and disgust, that would constitute a defence under OPA 1959 because a shocked and disgusted person is unlikely to be corruped and depraved by the same material.
Again, we haven’t seein the blog in question, but it is difficult to imagine that it would go further than Marquis de Sade’s Justine (also know as Good Cutoms Well Chastisised or the Misfortunes of Virtue), and we don’t hear much about prosecuting publishers or sellers (this book, as all the other Marquis de Sade’s books, are available at Amazon.co.uk, which is subject to English jurisdiction). Does the fact of using real people in a fictional setting make the issue more serious? (we need to remember that more serious here means only more likely to tend to corrupt and deprave).
It is hard to see any argument, at least under OPA 1959, saying that the use of real life characters may imply a greater likehood of tending to deprave and corrupt. There may be other causes for action, including copyright infringement, but the basis of fan-fiction, real person fiction and, taking out the homosexual connotations, slash fiction is that readers know that is fiction and that no depiction of reality is pretended. Here the argument could be that the killings have the potential of encouraging a real will-be-killer to carry out the act, but there have been many works of fiction talking about killing real characters, including the current president of the US. Can a fantastic story targetted to adults, carried out on a fantasy porn site, tend to deprave and corrupt readers? (taking into account the nature of the site, only adults should be able to access it). Or wer are in front, once again, to another case where activities that are otherwise allowed are persecuted due to be carried out online?
Without even mentioning the fact that there is a very strong argument that there are far more obscene things being shown in Internet (famines, bombings, carnage, corrupt politicians and a long list of etceteras) and nobody seems to care…

Wednesday, September 24, 2008

GikIII starts

The autumn equinox has past and a horde of geeks, quasi-lawyers and other wild animals have landed on the Oxford Internet Institute to spend two days talking and discussing the cutting-edge topics of law, technology, science fiction and alike that will be the discussion topics some years from now…yes, it is Gikii time. Once again, the coolest legal conference on earth is taking place and the participants and topics are as top-notch as ever…if you have one international conference to attend, this must be the one or risk keep tallking about yesterday news…you’ve been warned…

Monday, September 22, 2008

Blogger that posted ex-girlfriend’s porn photos jailed in Argentina

The Criminal Court N 1 of Bahia Blanca found a defendant guilty of attempted murder and criminal publication of pornographic images, for which sentenced him to five years in prison. The defendant took pornographic photos of his then girlfriend and published them on a blog in Terra.com once the relation ended in November 2006. Then, in January 2007, the defendant rammed into the girls new boyfriend’s car when the girl was inside, forcing the car out of the road and to hit a lamppost. The three-judge panel found the defendant “criminally responsible for the divulgation of sexually explicit images” in addition to the attempted murder charges…

Sunday, September 21, 2008

Technology companies’ valuation, the credit crunch and keeping an eye on legal issues

There is an argument to be made that the “market value” of a company is some sort of fiction that transforms the whole stock-based valuation in a constant self-sustaining bubble. In the case of technology companies the situation is sometimes quite clear and easier to understand. If you take a company that has a market value of 128 billion dollars and gives a net profit of 4.83 billion dollars, forgetting the business that is buying and selling the stock, you would be crazy to spend such a huge amount of money to get 3.77% annual return. But the market value of the company represents the value that investors are willing to pay with the expectation that the value will increase (quite more than 3.77%) and sell it at a profit. And, as far as the company has a proper business model and some profits that allow it to expand and recruit the best talents, the market value is justified because other people will want to buy the stocks too and the original buyer will see the price of his/her stocks raising, so, while to use 128 billion dollars to buy Google and live out of its net profits would be crazy, to use several thousands, millions or billions to buy its stock is not crazy and it may even be advisable. It is easy to use the example of Google because it has a clear business model that deliver profits consistently and because has not given any reasons to investors to doubt about the future value of their stock, but the idea of the expectations-bubble applies to most technology companies and not all may have the same solidity. Sometimes their business model is good and solid and some even have products to sell and some “hardware” that make part of their valuation, but not paying proper attention to legal issues, even those looking small, may prove fatal.

The issue of the relation between companies’ valuation and legal issues refers to institutional investors, hedge funds and other financial-world wild-animals. Those investors normally use other-people’s money and, although there are big disclaimers telling to that “other-people” that the value of the investment may go either up or down, when it goes down pronouncedly the real owners of the money start to ask questions, and when the losses are substantial (big, huge), those owners are willing to (and normally do) go to court to recover some of the losses they have suffered, allegedly due to the lack of care of the investors. During credit crunches and stock markets meltdowns that type of lawsuits become far too common, which make institutional investors to run away from any stock belonging to a company that even smell of having a legal problem, not because that stock in particular would be the cause of the losses in the portfolio (the losses may be purely due to market conditions and unrelated to the stocks in the fund) but because once the losses have accrued the owners of the money would look for any potential pitfall to take the fund’s administrators to court. Accordingly, the impact that a legal issue may have on the valuation of a company does not relate to the monetary value of the damages that the company may have to pay in case of loosing a lawsuit, but it relates to investors shying away from it due to their need to be protected in case of lawsuits. Thus, in uncertain markets funds administrator give (or should give) as much importance to the analysis of the legal issues surrounding their investments as they give to the financial and economic ones, and become very conservative.

In that context, it seems surprising when big, prestigious and good companies rush products to the market creating the possibility of putting themselves in situations that, due to the particular characteristics of their market valuation and the current financial environment, can hurt them in a way that no product-launch delay could and, on top of that, to not take proper measures to ensure that, if a problem occurs, the situation can be controlled and isolated promptly.

From the past 16 August the new Blackberry Bold is available in UK. Having had Blackberry for a while and having the mobile provider that introduced it to the market, I got mine on August 17th (I did have the machine on the 16th but due to certain issues with the provider they were not able to register it until the 17th). The phone is probably the best thing in the market and for business users the phrase stands without the “probably”. So, it was obviously visible that I was excited of having one in my hands…until things started to happen. The fact that the phone freezes many times without reason and that it fails to check automatically for signal quite often (you are underground without signal and when you go over ground the phone does not check for signal, so you have no signal until you turn it off and on) and things like that are not relevant to this post, so I’ll concentrate into the problems with the battery. Few days after start using the phone, I noticed that the battery life was quite short, even without using it, but I did not worry much until one day while teaching I felt something really hot inside my suit’s internal pocket, which was my phone. I turned the phone off and after the class I turned it on again assuming that it was related to some application not closing properly. Next day, after a full night of charge my battery died near the end of the afternoon and it was warm most of the day. Finally, the following day, and again after a full night of charging, the battery was burning hot for the whole morning until it went flat at noon (four hours after disconnecting it from the charger). With the exception of Toyota or Rolls Royce, lemons do exist in any industry, so I did not worry much and tried to contact the people of Blackberry to see whether it was a known issue and there I had to surprises: the first was that all those issues were the ones perfectly identified in trials and that had delayed the launch; and the second was that I had no way to contact Blackberry directly. The next day I went to my mobile service provider and when I told what had happened, they very promptly replaced the faulty device. So, that should be the end of the story, but it brings us back to the valuation, the credit crunch and legal issues.

Leaving apart the issues with the performance of the phone itself, the battery issue is not a minor one. Batteries not only get discharged early, but they also catch fire and explode, so you would imagine that if you put a new product in the market you are going to make sure that things like that cannot happen and, also, to have in place some sort of early warning system and costumer service to avoid any serious consequence of a failure, which through the mechanism briefly described before can have a severe impact on the valuation and access to finance of your company…delaying a product could be costly but facing a lawsuit for product liability in times of the crunch can cost far far more, so companies that depend on expectation to keep their valuation steady, like most technological companies, in this uncertain times should pay more attention to the lawyers than the financiers and marketers to keep their finances healthy.

Monday, September 08, 2008

Caring about cybersecurity or preparing the ground for an I-Patriot Act?

Few months ago in a talk given at the Institution of Engineering and Technology (very cool place) organised here in London by the Society for Computers and Law, Professor Lessig recounted a conversation he had with former US Counter Terrorism Czar Richard Clarke, where Larry asked the question that many had in mind...how the US Government managed to conceptualize, design and draft a piece of legislation as vast and complex as the USA PATRIOT Act in such a short period of time (a month and 15 days after 9/11), and the answer was what many people had imagined: that the act was ready in some desk’s drawer at the US Department of Justice from long before, just waiting for the action that would justify its implementation and that the attacks of September 11 gave that justification. Following that, Larry asked whether there was an I-Patriot Act dealing with Internet issues also ready and waiting for an action that justified its implementation and the answer was yes. However, since such an action is unlikely to happen in the way that would create the outrage necessary for people giving up privacy, data protection, 1st and 4th amendment rights, it seems that once in a while there are news created to instil, slowly and by stealth, the same level of fear that would justify the creation of such a law. Today, while scouting through technology news I’ve found a piece that fits exactly that profile.
Most of what the article says is true, but the combination and inferences may represent a “little” of overstretching to create the sensation that the US is in clear and present danger (the test created by the US Supreme Court in Near v Minnesota to justify the suppression of certain 1st Amendment rights)…
The first thing that one needs to take into account when reading/analysing articles like that is that those interviewed and giving their expert opinions have a vested interest in the matter. Some own Internet security companies that would benefit from an expansion in Internet security budgets, others are Internet security researchers who have to compete for research funds or justify those that already have been received. Of course, that doesn’t imply that they are wrong or they have any bad intentions; it should just lead us to ask for the facts that back up their assertions and to not take opinions by their face value (even if they are probably right).
Once that issue has been properly understood, it is necessary to dissect the arguments put forward to separate the wheat from the chaff, since it is true that cyberterrorism can cause havoc in a way that no plane or combination of them can, but it is not true that because something has happened in Georgia the same would happen in the US and, even if it did, it is not true that those are the actions to fear.
The story begins referring to some distributed denial of service attacks and some defacing directed to some Georgia’s government websites, to quickly link that to the US and the catastrophic consequences that such actions would have in the US…well, yes, denial of service attacks (specially distributed denial of service attacks that involve spoofing and/or smurfing) can cause damage and are a huge annoyance, but they can be controlled by a series of measures that, in the case of the US government, are supposed to be already in place (for example, I pay few pounds per month for my hosting and the measures to neutralize/limit the impact of at DdoS are supposed to be already in place in the hosting company). So, not much of Die Hard VI scenario there…but cyberterrorism could be nasty and very. In the mentioned Die Hard IV you can find some solutions to protect the critical national infrastructure from a cyberattack, like having the need of physical presence to modify certain features of power plants and the likes. Here, once again, the solution is regulation and making compulsory that companies dealing with resources deemed to be critical comply with some cyberterrorism protection scheme and that, instead of using resources to see who is downloading whose song, ISPs are put in charge of monitoring the existence of good practices within their users. However, there is no measure that can be effective if those in charge of the operation of the systems are not properly trained. The case of the English hacker mentioned few days ago gave place to some jurisdiction talk, but it was also the child poster of IT ineptitude: according with his original declaration, he entered into NASA and military computers by creating a very simple bot that looked for passwords that had been left blank (yes, a blank, empty password in NASA and the military, which means that you only need to hit enter to be inside)…so, not much hope of having grannies to deal with IT security if those in charge of securing the most powerful country in the planet leave the passwords of their systems blank (the most basic form of security). But this takes us to the grannies…
One of the central issues in Internet security is that the Net will not be secure enough until most, if not all, computers are also secure, which, taking into account that there are many people without the necessary knowledge to keep a system secure, implies that :
1) the computers by default must run safe and secure software
2) the software mustbe properly updated
3) everyone must have proper antivirus software
4) the antivirus must be always up to date
The first issue hits the wall when we realize that most computers in the world run software that is not very secure and that, every time that software developers/producers have been tried to be held responsible for their bad code, courts have ruled that due to the complexity of software it is expected that they would have mistakes and bugs…
The second, third and fourth issues interlink with developments in IP rights, their enforcement and the lack of coherence by many (most) governments in that respect (specially in developed countries and particularly the US). It is no secret that in many countries most computers run on software that has been copied, most times by the vendor, without acquiring the corresponding licence from the software producer. It is also publicly known that in order to counteract that trend, software producers have restricted to almost zero the updates available for those running non-official software, which leave them with the vulnerabilities that those pieces of software have had since they were originally made and that are later been discovered along the use of them. It is from those computers not running properly updated software that most attacks are perpetrated, without the owner being aware of it. So, you would imagine that, in a situation where governments are willing to trample over their own citizens constitutional rights to protect it national security , they would also be willing to interfere with the profits of these very large corporations (which are having profits reaching the obscene anyway) and make sure that the whole planet is running up-to-date and safe software in order to guarantee the safety of its citizens. However, while contending that the security of the nation is so important that 1st and/or 4th amendment rights can be set apart when needed, the US government also keeps pressing for stronger IP protection and enforcement around the world, which allows those same companies that produce faulty/unsafe software to not update it when in presence of a copy not complying with their licences (which have prices representing in some cases a sum representing almost the annual median income of some developing countries' families).
The solution could be found in having a global security standard for software security while having a multi-tiered Intellectual Property regime, where the level of IP protection relates to the level of development of a country and thus allowing updates on non-official software in developing countries , so the cyberterrorists have less, or none, unprotected computers where to prey on. This option could look like too interventionist and could be seeing as proposing that the governments and not the market make decisions about companies profits, but if that is the case, so be it: if when things go wrong the losses of huge corporations have to be paid and shared by the societies through their governments in order to prevent alleged bigger damage, it is only fair that the profits are also decided and shared by the society through their governments, specially if we take into account that we are not talking about preventing some market meltdown (although in my college years' textbook said correction of past excesses) but the security of whole nations…

Saturday, September 06, 2008

The end of the world and the Large Hadron Collider lawsuits: protecting us all, technophobia, or something else

Next week the CERN’s Large Hadron Collider will be switched on and there are those who believe that the action will trigger a sequence of events leading to the end of the world…yeap, as you read it, the end of the world. The scientific explanation is quite difficult and we need to be aware that we are dealing with some of the most complex and theoretical discussions in the world of physics, but there are those that have thought that their concerns have certain scientific entity and that the switching on has to be stopped until they are properly addressed…and they have gone to court to try to stop it.

A brief, and probably not entirely correct, summary of the facts is that:

1) The Large Hadron Collider (LHC) is

a gigantic scientific instrument near Geneva, where it spans the border between Switzerland and France about 100 m underground. It is a particle accelerator used by physicists to study the smallest known particles – the fundamental building blocks of all things. It will revolutionise our understanding, from the minuscule world deep within atoms to the vastness of the Universe.

Two beams of subatomic particles called 'hadrons' – either protons or lead ions – will travel in opposite directions inside the circular accelerator, gaining energy with every lap. Physicists will use the LHC to recreate the conditions just after the Big Bang, by colliding the two beams head-on at very high energy. Teams of physicists from around the world will analyse the particles created in the collisions using special detectors in a number of experiments dedicated to the LHC.

2) Nobody knows for sure what is going to happen (off course there are several theories that are being tested)

3) One of the sub products could be small black holes (tiny, mini, minuscule)

4) after that, most scientists (by most here I mean almost everyone in the planet) believe that, if these black holes happen to exist, they would “disappear” due to a series of very complicated reasons or, if they stay, it would take them several billion years before they grow to “eat” the earth

5) A quite small number of scientists (allegedly 1 or 2 or the groups surrounding them), believes that this black holes would grow and fast, so they would end eating the earth in 50 months and, although the probability is not easily quantified, the gravity of the potential result deserves to put the experiment on hold until a proper discussion takes places within the scientific community

6) Their concerns where addressed by CERN and dismissed

7) Two lawsuits were initiated, one in the European Court of Human Rights and other in the US Federal District Court in Honolulu. The first sought an emergency injunction based on the experiment violating the right to life of European citizens and pose a threat to the rule of law, and the second tried to force the U.S. government to withdraw its participation in the experiment. It is important to note that the European Court of Human Rights rejected the request for the injunction but will hear the case (after the experiment has started) and that the US case is pending.

Are we here in front of yet another group of technophobes trying to stop science? Are most scientists of the planet wrong while a group of them (mainly from Germany and Austria) are right? Is this another battle of egos, like the one seen at the Fifth Solvay Conference in Brussels? At least here we know that in few days we may know who is right (and can actually solve some of the discussions held in Brussels in 1927).

The legal issues are probably more straightforward than those seeking injunctions would like. The first of them is, as always, a question of jurisdiction. It is probably self-evident that the US Federal District Court in Honolulu has no jurisdiction over the CERN, which is based in Switzerland, unless the scientific/lawyer that presented the lawsuit had claimed that a crime against humanity might be committed, what would kick in the universality nexus accepted for those types of crimes (although the theory may not have a lot of adepts in Washington lately). Unfortunately, that type of jurisdiction would need the crime to be committed first, so it could be used only after we are all been devoured by an always growing black hole. So, its best shot is to stop US government participation, which would transform it in a lawsuit so meaningless as to almost constitute an abuse of process. If what the lawsuit alleges is really true, the lack of participation of the US government would not stop the end of the world, and if the experiment cannot cause such scenario, the lawsuit has not merits and is, at best, a frivolous one.

The European one deserves more attention, not only for the alleged breach of the European Convention of Human Rights, but also because the Court accepted the suit. The Court clearly states that in order to lodge an application the applicant has to have been directly and personally victim of the alleged violation of one of the rights protected by the European Convention of Humans Rights and in the present case, leaving apart that the violation only exists in the realm of very theoretical physics, the rights of the applicant have not been violated yet. It is true that in exceptional cases the court would grant interim measures when there is a serious risk of physical harm, but in this case, since the interim measure has been rejected it is fair to imply that there is no case at all (if there is risk of physical harm the interim measure should have been approved, if not, since the violation to the right has not occurred, there is no case at all). Regarding the issue of jurisdiction, the Court has jurisdiction over violations to the ECHR committed by Council of Europe's member states and all CERN members are also members of the ECHR, but the jurisdiction over the CERN itself, needs to be properly asserted.

On the subject matter of the suit, it could be argued that the answer is not as esoteric as one may think. Even here in UK Human Rights legislation has not have good press and the European Court of Human Rights is seen here as been quite soft and pro-applicant, in order to persuade the Court that a violation of the Convention has occurred the applicant has to produce a large amount of evidence and it is normally understood that, due to the high standard of proof to be met, when the effects of an action are not straightforward or not yet understood by scientists, the circumstantial or theoretical evidence would normally not suffice to find a violation to the ECHR. Here we are dealing with a purely theoretical situation and one where most scientists of the planet disagree with the observations made by the applicant. So, why did the Court take the case while dismissing others where the violation seemed more straightforward (like the distubing Thiermann and Others v. Norway)? We may never know, but by dismissing the interim measure and accepting to have a full hearing later the judges seem to make clear that they belong to the large group of those related to law that think that technology is inherently evil or that they also believe that there is no case to be heard but they leave the door open just in case something goes really wrong (but they shouldn’t care much in that case because in that situation we will have no much time to blame them).

Some may argue that as most legal decisions this one also has to address the issue of proportionality, so you ponder the requested measure, with the probability of the damage to occur and the gravity of the damage. In that case, and taking into account that here the resulting damage would imply the end of the world (having infinite value), you may be inclined to think that regardless how low the probability of that to happen, any measure would be justified. The problem is that if in one side of the equation we have infinite the only way of not having a very large value as result is having 0 in the other, which would translate into that the experiment shouldn’t be carried out unless there is absolute certainty that the risk is 0 and, if that is the standard of proof, that experiment and many others would never exist (to the argument that this case is different because the existence of the world is at stake, one may easily answer that no medicine would exist either because, even highly improbable, there is no 100% certainty that a modified virus cannot mutate and start a humanity-wiping pandemic). Had the court accepted that being the risk so big the experiment should have been stopped regardless the probability of the damage occurring, it would have created the dangerous precedent that any time somebody wanted to stop something it would only have to claim the existence of the risk of a great damage, without reference to the certainty of the materialization of that risk.

In any case, next Wednesday the experiment will start and we will have many scientific answers and, probably, two lawsuits less to care about (the battle in the press and in Wikipedia between those pro and against LHC deserve other post)

Tuesday, September 02, 2008

New portal on cybercrime for Latin America

A new portal dealing with cybercrime was launched yesterday and its yesterday’s press release reads (own translation):

Today has been officially launched the portal
Ciberdelincuencia.org, which has as principal mission to provide a practical and
useful tool with current and specialized information in the fields of law and
public policy tending to create and encourage a culture of information,
education and prevention in the fight against cybercrime in Latin America [yes,
sentences in Spanish are that long and have many ideas in them…].
Ciberdelincuencia. org is a non-for-profit portal partially financed through
donations from two non-for-profit organizations: the Internet Society (ISOC) and
the North American Consumer Project on Electronic Commercer (NACPEC), and other
private donations.

The portal is in Spanish and it represents an initiative that deserves to be praised and welcomed.

Friday, August 29, 2008


The University of Los Andes (http://derecho.uniandes.edu.co) School of Law, located in Bogotá, Colombia invites applications for SIX (6) full-time faculty positions in the areas of International Law, Criminal Law, Administrative Law, Public Law or Private Law.

Candidates must be prepared to teach three (3) courses per semester in any of the following areas: Constitution and Democracy, General Criminal Law, Specialized Criminal Law, Criminal Procedure, Comparative Law, Public International Law, International Economic Law, International Human Rights Law, International Moot Court Competition Seminar, Administrative Law, Public Actions, History of Legal Institutions, Legal Theory, Labor Relations, Social Security Law, Property Law and Antitrust Law . Candidates must also be willing to accept the responsibilities that are inherent to their research or teaching profiles as described in the Professor´s Statute.

Candidates must have a law degree and must have completed or be very close to completing the Ph.D., SJD, or JSD by Fall 2009. Candidates may be from any country but must be able to communicate in Spanish though some classes may be taught in English. Candidates with experience in teaching, research and publishing will be given preference. Final candidates will be requested to present a campus interview which includes a presentation of their research project for Los Andes faculty and staff.

Interested candidates should send the following documents:

1. Cover letter addressed to Dean Eduardo Cifuentes, indicating your area of interest (International, Criminal, Administrative, Public or Private Law), the courses that you would be prepared to teach and a corresponding summary of your relevant academic and professional experience.

2. Curriculum Vitae

3. Copy of undergraduate and graduate degree diplomas.

4. Certification of experience in teaching and/or research from an accredited law school or research center that states (a) courses taught and/or (b) research projects in which you have participated in.

5. Copy of your two most relevant publications.

6. Two (2) letters of recommendation from peers or supervisors that can evaluate your teaching and/or research work.

All documents must be submitted no later than October 5, 2008 to:

Faculty Search Committee

Apartado Aéreo 4976


The Search Comittee will inform pre-selected candidates on October 17, 2008. Interviews for final candidates will take place October 21-31, 2008. Final decisions on job offers will be taken by November 21, 2008. The Committee reserves the right to declare any of the positions vacant if no suitable candidates are found.

The University of los Andes is a center of recognised academic excellence in Colombia and Latin America. Founded in 1948, Los Andes is an autonomous and independent institution which fosters pluralism, diversity, dialogue and debate in search of academic excellence. It also offers students a critical and ethical formation designed to strengthen awareness of their social and civic responsibilities. The Law School was founded in 1968 as the first law school in Colombia organized by semesters on a credit-based system and that used the socratic method of teaching. In 1997 the school’s program went through an important reform that was again readjusted in 2005 to adopt to newer methods of teaching and changes in legal education. The Law School’s hosts 32 full-time professors, an LL.M. program, and a new doctoral program that began in August, 2008.

II Mercosur Conference of Computer Law

My friends of the Universidad Nacional de Cordoba and Ageia-Densi have posted a short video introducing the forthcoming II Mercosur Conference of Computer Law. Villa Carlos Paz in Cordoba, Argentina, is a very nice place...so, I may see you there in November...

Thursday, August 28, 2008

European Court of Human Rights, the hacker and the issue of jurisdiction in Cyberspace

Today has been widely reported that the European Court of Human Rights has refused to hear the case of Gary McKinnon, the hacker that few years ago penetrated NASA and other military systems and was indicted by the US Government, which requested the extradition of the hacker. There are many places that refer the story of McKinnon and the reasons he alleges motivated him to intrude the US defence systems, but it is important, however, to note that although it has been widely publicized that his intentions were to find out whether the US government was hiding evidence about the existence of UFOs, English courts have taken for proven that he

deleted data from them including critical operating system files from nine computers, the deletion of which shut down the entire US Army’s Military District of Washington network of over 2000 computers for 24 hours, significantly disrupting Governmental functions; 2,455 user accounts on a US Army computer that controlled access to an Army computer network, causing these computers to reboot and become inoperable; and logs from computers at US Naval Weapons Station Earle, one of which was used for monitoring the identity, location, physical condition, staffing and battle readiness of Navy ships, deletion of these files rendering the Base’s entire network of over 300 computers inoperable at a critical time immediately following 11 September 2001 and thereafter leaving the network vulnerable to other intruders” and that “He admitted leaving a note on one army computer reading:

“US foreign policy is akin to government-sponsored terrorism these days . . . It was not a mistake that there was a huge security stand down on September 11 last year . . . I am SOLO. I will continue to disrupt at the highest levels . . .”

So, not much of UFO searching there…

For those really interested in what actually happened and the judicial history of the case in UK, the House of Lords’ case summarizes it properly, but what the case brings back to the table is the issue of jurisdiction, not in civil cases but in crimes committed using Internet. According to Sky news, the hacker’s lawyer has said that his “client's case highlights a worrying trend where UK citizens are at the mercy of the ever-increasing tendency of overseas prosecutors to extend their jurisdiction to crimes allegedly committed in this country”, but is he correct? Has the crime been committed in this country?

The discussion permeates Internet and takes us back to two distinct but interrelated issues, like the principles of criminal jurisdiction in the international arena and the place where a crime is perpetrated. So, when a court has jurisdiction over a defendant accused of a crime? A court would normally have jurisdiction over an allege criminal if there is a connection (nexus) between either the crime or the defendant with the forum of the court, and the nexus could be established based on territoriality (the crime was committed in the court’s forum), nationality (the defendant is national of the forum), protective (a national or an interest of the forum is injured by the defendant actions), and/or universality (every court would have jurisdiction over defendant violating certain principles deemed fundamental by civilized nations). In the case in question, in principle it seems that the US would have jurisdiction over McKinnon based on the protective nexus, but since following these principles more than one country may have jurisdiction over a defendant, there are rules of law and comity that make some of the “prevail” over others. While not strictly true in this case, and mainly due to specific agreements between UK and the US, let’s assume that the territoriality nexus prevails over all the others and that the other forms of nexus should be set apart unless the courts of the territory in question refuse to try a case (like in the Spanish and Swedish intervention in human rights violation cases in Argentina and Chile for the lack of action from the later countries courts). In this hypothetical situation, the issue would be to decide where the crime has been committed and here there are mainly two theories: the initiatory or subjective theory and the terminatory or objective one, where the former understands that a crime is committed where the defendant carries out his actions, in the later the crime is seen as perpetrated where the injury or damage results.

During Imperial times English law has not been, in principle, very friendly to the notion of terminatory theories of criminal conduct and as Lord Halsbury said in Macleod v New South Wales [1891] AC 455, “all crime is local”, but the position changed for most of the 20th Century until the idea that a crime could be committed in parts was somehow rejected by the House of Lords in DPP v Treacy [1971] AC 537. However, the pervasiveness of information and communication technologies and the possibilities of committing crimes in multiple jurisdictions from a computer connected to Internet and located almost anywhere in the world, brings the necessity of recognizing that for certain types of crimes the objective theory is the only providing the protection to society and individuals that criminal law is supposed to confer. Accordingly, it seems that McKinnon’s lawyer is not right; if any crime has been committed, it is very, extremely likely, that it was committed in the US and he should probably be thinking how to deal with the US lawyer that advised him to not accept the original guilty plea bargain offered by the US Government in a meeting in London…