Jan 23, 2015 | Law
Unfortunately, few people ever read the end user license agreement (EULA) for software or cloud-based services. Those that do may find surprises like this gem from Amazon’s AWS cloud contracts.
From Gigaom:
Basically, AWS is invoking its rights not to be sued for patent infringement by its customers not only for the time you’re using its service, but going forward — in theory — in perpetuity.
. . .
First, neither the Microsoft Azure license nor Google Cloud contracts include similar limitations, the lawyers said. The overall “broad covenant not to sue” is not unusual in and of itself, said a Seattle-based attorney, but the extensions of limitations beyond the term of contract was striking.
. . .
What’s interesting here is that, in theory, this 8.5 provision could allow Amazon to defend itself against customers (or former customers) if it ends up using their IP down the road.
via In AWS cloud contracts (as in life), read before signing — Tech News and Analysis.
Jan 9, 2015 | Law, Science and Tech, Security
The Computer Fraud and Abuse Act (CFAA) essentially deals with unauthorized access of computers and the Digital Millennium Copyright Act (DMCA), among other things, protects copyrighted material through criminalizing efforts to circumvent digital rights management. Each offers important protections; however, in a recent article, lawyer Jonathon W. Penney writes about how these laws are shaping the ethics of code and security research. For me, this illustrates how difficult it is to balance the legitimate interests of various stakeholders. Legislators, judges, and lawyers routinely struggle with rules and their varied exceptions.
From Slate:
In late July 2014, the information security world was on edge. Researchers from Carnegie Mellon University—who work “closely with the (US) Department of Homeland Security”—were scheduled to give a talk at the Black Hat USA information security conference on a simple method to “de-anonymize” Tor users.
. . .
But the talk never happened. It was pulled from the conference program at the last minute, with the CMU researchers, as reported in the Washington Post, claiming the materials they planned to present had “not yet been approved by CMU/SEI for public release.”
. . .
Expansive laws like the Computer Fraud and Abuse Act and the Digital Millennium Copyright Act, coupled with aggressive enforcement by state authorities and corporate interests, have subjected an increasing array of online activities to criminal and civil penalty. What was once considered “full disclosure” may today constitute a criminal act under the CFAA or DMCA.
. . .
“Code is law,” the aphorism Larry Lessig popularized, spoke to the importance of computer code as a central regulating force in the Internet age. That remains true, but today, overreaching laws are also increasingly subjugating important social and ethics questions raised by code to the domain of law. Those laws—like the CFAA and DMCA—need to be curtailed or their zealous enforcement reigned; they deter not only legitimate research but also important related social and ethics questions.
via CFAA reform: How laws are determining the ethics of code. Check out Mr. Penney’s entire piece — it’s worth reading.
Jan 9, 2015 | Law
From ACLU:
Since 1986, technology has advanced at breakneck speed while electronic privacy law remained at a standstill. The outdated Electronic Communications Privacy Act (ECPA) allows the government to intercept and access a treasure trove of information about who you are, where you go, and what you do, which is being collected by cell phone providers, search engines, social networking sites, and other websites every day.
via Modernizing the Electronic Communications Privacy Act (ECPA) | American Civil Liberties Union.
The ACLU has put together this eye-opening infographic that succinctly demonstrates the need to update outdated laws.
The longer that existing laws remain unchanged, the harder it will be to change them later. A certain inertia develops when the status quo is maintained.
Jan 9, 2015 | Law
Free speech is the cornerstone of democratic governments, so it is troubling when a government’s actions results in chilling free speech.
From EFF:
The latest survey found that writers living in liberal democratic countries “have begun to engage in self-censorship at levels approaching those seen in non-democratic countries, indicating that mass surveillance has badly shaken writers’ faith that democratic governments will respect their rights to privacy and freedom of expression, and that—because of pervasive surveillance—writers are concerned that expressing certain views even privately or researching certain topics may lead to negative consequences.”
via PEN America: “The Harm Caused by Surveillance…is Unmistakable” | Electronic Frontier Foundation.
Jan 8, 2015 | Law, Science and Tech
Interesting legal arguments are coming out of a case involving Microsoft and a warrant issued by the US. Others in the tech industry like Apple, AT&T, Cisco, and Verizon are taking Microsoft’s side. The ultimate outcome may have profound legal repercussions, so this is one to watch.
From Ars Technica:
Microsoft’s fight against the US position that it may search its overseas servers with a valid US warrant is getting nasty.
Microsoft, which is fighting a US warrant that it hand over e-mail to the US from its Ireland servers, wants the Obama administration to ponder a scenario where the “shoe is on the other foot.”
via Microsoft tells US: The world’s servers are not yours for the taking | Ars Technica.
Jan 8, 2015 | Law, Science and Tech
It looks like the FTC has learned from oversight lapses at the dawn of social media:
“[The Internet of Things] has the potential to provide enormous benefits for consumers, but it also has significant privacy and security implications,” warned Ramirez.
“Connected devices that provide increased convenience and improve health services are also collecting, transmitting, storing, and often sharing vast amounts of consumer data, some of it highly personal, thereby creating a number of privacy risks.”
via The FTC Warns Internet Of Things Businesses To Bake In Privacy And Security | TechCrunch.
