Author: Administrator

Fake Cell Towers Remain A Mystery

April 25, 2014 Administrator Leave a comment Security

Cities reluctant to reveal whether they’re using fake cell tower devices (ArsTechnica, 25 March 2014) – For some time now, the American Civil Liberties Union (ACLU) has been on a quest to better understand the use and legality of “stingrays.” These devices, which are also known as international mobile subscriber identity (IMSI) catchers, or fake cell towers, can be used to track phones or, in some cases, intercept calls and text messages. The “Stingray” itself is a trademarked product manufactured by a Florida-based company, the Harris Corporation. (It has since come to be used as a generic term, like Xerox or Kleenex.) Harris is notoriously secretive about the capabilities of its devices and generally won’t talk to the press about their capabilities or deployments. Earlier in March, the ACLU filed a motion for public access request , requesting documents and information related to stingray use by nearly 30 Florida police and sheriff’s departments. Among the responses published for the first time on Tuesday was the curious reply from the city of Sunrise, Florida, a town of about 88,000 people, just northwest of Miami. Through its lawyers, Sunrise officially denied the request , noting that the city would neither confirm nor deny “whether any records responsive to the Request exist and, if any responsive records do exist, cannot and will not public disclose those records.” (In a footnote, the lawyers also cited this Ars story from September 2013 detailing stingrays and other related surveillance devices.) The ACLU published its response to the city’s denial on Tuesday. As the ACLU points out in a Tuesday blog post , the city of Sunrise has already published an invoice from Harris on its own website dated March 13, 2013, showing that the city paid over $65,000 for a stingray. That document clearly states, in all-caps on each page, that “disclosure of this document and the information it contains are strictly prohibited by Federal Law.”

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/photoexplorer.

Not So Kid-Friendly Facebook Contracts

April 23, 2014 Administrator Leave a comment News

Court rules that kids can be bound by Facebook’s member agreement (Venkat Balasubramani, 4 April 2014) – The status of kids’ ability to form contracts via online terms of service was somewhat uncertain over the last several years, with a few Facebook-related rulings raising questions. A group of minor plaintiffs who opted out of the Fraley v. Facebook Sponsored Stories settlement brought suit for violation of their publicity rights under an Illinois statute. A recent ruling shuts out their claims, and gives some clarity to the online contracting landscape for minors. The key question in front of Judge Seeborg was whether the contract at issue between minors and Facebook – essentially granting a publicity rights release—was one of the narrow types of contracts with minors that were void, or if the contract was merely voidable under California Family Code 6701, et seq. * * * With the caveat that this is just a district court ruling, and plaintiffs will continue to attack these terms in far-flung jurisdictions, this is a very helpful ruling for Facebook in that it removes some uncertainty as to a big category of potentially lucrative users: users who are old enough to not pose COPPA-problems but those who haven’t yet reached the age of majority. Networks for the most part took a don’t-ask/don’t-tell type of approach with this group, but were hesitant to enter into deeper economic and legally uncertain relationships.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/basketman.

Law Firm Under Pressure On Security

April 21, 2014 Administrator Leave a comment Security

Law firms are pressed on security for data (NYT, 26 March 2014) – A growing number of big corporate clients are demanding that their law firms take more steps to guard against online intrusions that could compromise sensitive information as global concerns about hacker threats mount. Wall Street banks are pressing outside law firms to demonstrate that their computer systems are employing top-tier technologies to detect and deter attacks from hackers bent on getting their hands on corporate secrets either for their own use or sale to others, said people briefed on the matter who spoke on the condition of anonymity. Some financial institutions are asking law firms to fill out lengthy 60-page questionnaires detailing their cybersecurity measures, while others are doing on-site inspections. In some cases, banks and companies are threatening to withhold legal work from law firms that balk at the increased scrutiny or requesting that firms add insurance coverage for data breaches to their malpractice policies. The vulnerability of American law firms to online attacks is a particular concern to law enforcement agencies because the firms are a rich repository of corporate secrets, business strategies and intellectual property. One concern is the potential for hackers to access information about potential corporate deals before they get announced. Law enforcement has long worried that law firms are not doing enough to guard against intrusions by hackers. Despite the concern, it’s hard to gauge just how vulnerable law firms are to attacks from hackers. There are few rules requiring firms to make public any breaches, and because the firms have little direct interaction with consumers, there is no need for them to publicly report a hacking incident the way a bank or a retailer would. In 2012, Mandiant, a security consulting firm, put out a report estimating that 80 percent of the 100 largest American law firms had some malicious computer breach in 2011. Actual reports of confidential information hacked from a law firm computer system and later winding up on some overseas server are rare, however. Representatives for several large law firms, all of whom declined to discuss the topic publicly, said privately that the threat assessments from the F.B.I. and consulting firms were overstated. The law firm representatives said hacker attacks were usually email “phishing” schemes seeking to access personal information or account passwords, the kind of intrusions that have become commonplace and are easily contained. But Vincent I. Polley, a lawyer and co-author of recent book for the American Bar Association on cybersecurity, said many law firms were not even aware they had been hacked. He said a lot of law firm managers were in denial about the potential threat. “A lot of firms have been hacked, and like most entities that are hacked, they don’t know that for some period of time,” said Mr. Polley. “Sometimes, it may not be discovered for a minute or months and even years.” [ Polley : The referenced book is “The ABA Cybersecurity Handbook: A Resource for Attorneys, Law Firms and Business Professionals”, available here .]

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/watcharakun.

Nature Authors “Waive” Goodbye To Moral Rights

April 18, 2014 Administrator Leave a comment Ethics

Nature publishing group requires faculty authors to waive ‘moral rights’ (Chronicle of Higher Ed, 31 March 2014) – Faculty authors who contract to write for the publisher of Nature, Scientific American, and many other journals should know that they could be signing away more than just the economic rights to their work, according to the director of the Office of Copyright and Scholarly Communication at Duke University. Kevin Smith, the Duke official, said he stumbled across a clause in the Nature Publishing Group’s license agreement last week that states that authors waive or agree not to assert “any and all moral rights they may now or in the future hold” related to their work. In the context of scholarly publishing, “moral rights” include the right of the author always to have his or her name associated with the work and the right to have the integrity of the work protected such that it is not changed in a way that could result in reputational harm. “In many countries, you can’t waive them as an author,” Mr. Smith said. “But in the Nature publishing agreement you are required to waive them, and if you are in a country where a waiver is not allowed, you have to assert in the contract you won’t insist on those rights.” Mr. Smith first questioned the details of the Nature Publishing Group’s license agreement on his blog on Thursday. Calling the moral-rights stipulation “bizarre” and an attack “on core academic values,” he wrote that in some countries authors are forbidden to waive those rights. “The United States is something of an outlier in that we do not have a formal recognition of moral rights in our copyright law, although we always assert that these values are protected by other laws,” he wrote. His comments were part of a longer post noting that the powerful scholarly publisher has apparently begun enforcing at Duke a requirement that authors at institutions with open-access policies secure waivers exempting their work from those policies.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

The End Of Dead Links?

April 17, 2014 Administrator Leave a comment All

Death to “link rot”: here’s where the Internet goes to live forever (Fast Company, 28 March 2014) – The phrase “link rot” probably summons many images for you–none of them good. And while clicking on a dead link isn’t quite as physically unpleasant as, say, touching a piece of slimy, disintegrating wood, bad links are weakening the web as surely as bad beams can compromise a building. When websites disappear or change, any piece of work–be it a blog post, book, or scholarly dissertation–that linked to those resources no longer makes quite as much sense. And some of these now-moldering links are structurally important to the fragile, enduring edifice of human knowledge: in fact, according to one recent study , half of the links in Supreme Court decisions either lead to pages with substantially altered content or no longer go anywhere, at all. In the face of this decay, the authors of that paper, the legal scholars Jonathan Zittrain, Kendra Albert, and Lawrence Lessig, floated one possible fix: create “a caching solution” that would help worthy links last forever. Now, this idea is being in practice by Perma.cc, a startup based out of the Harvard Law Library. Old-school institutions like law school libraries, it turns out, may be perfectly positioned to fight against the new-school problem of link rot. Libraries, after all, are “really good at archiving things,” as Perma’s lead developer, Matt Phillips, puts it. “We have quite a history of storing things safely that are important to people for a really long time,” says Phillips, a member of Harvard’s Library Innovation Lab. “It’s a failure if we’re not preserving what’s being created online.” To start with, Perma.cc’s small team of developers, librarians, and lawyers has designed an archiving tool that’s as easy to use as any link shortener. Stick in a link, and you’ll get a new Perma-link–along with an archive of all the information on the page that link leads to. Anyone can sign up as a user, and create links with a shelf life of two years, with an option to renew. A select group of users, though, can “vest” links–committing Perma.cc to store their contents indefinitely. Since launching last fall, the project has grown rapidly, signing up a couple thousand users and recruiting 45 libraries and dozens of law journals as partners. But only a fourth of Perma.cc’s users–472 “vesting members” and 113 “vesting managers,” at current count–have the power to grant links immortality (or as close to it as Perma.cc can manage). “The problem is, in practice, it’s a very serious commitment to say this will be kept forever,” says Jack Cushman, who started contributing to Perma.cc as volunteer, before joining formally as a Harvard Law School Library fellow. “It’s not something that we can promise to everyone in the world to begin with.”

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

How The Cloud Is Helping Small Firms

April 14, 2014 Administrator Leave a comment All

Cloud-based e-discovery can mean big savings for smaller firms (ABA Journal, 26 March 2014) – Smaller law firms may be able to save a significant amount of money by ‘renting’ e-discovery applications in the cloud rather than bringing a full-fledged hardware and software solution in-house. “Only a few years ago, e-discovery in the cloud wasn’t even available,” said Gareth Evans, an Irvine, Calif.-based partner at Gibson, Dunn & Crutcher, adding that these days, even the smallest law firms have a wide variety of e-discovery firms they can source. Evans spoke as part of a panel at LegalTech New York 2014 in February. Panelist Alan Winchester, a partner at the New York City firm Harris Beach, agreed: “For firms without robust IT departments, it grants them the experts to manage the technology operations and security.” While renting e-discovery services a sliver at a time may cause some firms to worry about the security of their data offsite, the panelists advised that with a good contract, those concerns can be minimized. [ Polley : Interesting story that sounds about right. This might just be a first step.]

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/atibodyphoto.