Saturday 16h00 [Video]

Moderator: Philippa Lawson

Speakers:

• Art Cockfield, Developments in Canadian Privacy Law
• Jonathan Weinberg, RFID Tags and Privacy Law

Nope, no notes on this one. it was good though. The Canadian privacy landscape is a weird one, but it’s better than having none I guess. I still feel statutory damages would really help this body of laws to get credibility though since actual losses are so hard to measure.

The RFID could modify the very concept of fungible goods. With Walmart imposing the use of RFID by it’s suppliers, there are just too many good things about that technology to prevent it from becoming widespread. Now will someone make a cue:CAT to read them?

Saturday 13h45 [Video]

Moderator: Michael Geist

Speakers:

• Ian Kerr, People Like Us
• Dan Hunter, Cyborg and Virtual World

This panel was very different from the rest of the symposium. It left me in a very meditative and dreamy state, due to both the topics and the schedule. Far fetched in many ways, but I always feel far fetched theories and hypothesis is what helps me to test my ideas in the field of cyberlaw. Therefore I feel it provided very good food for thoughts.

DH: The young inventor and the emperor of China: in compensation for the game of chess, the inventor asked for 1 grain of rice, doubled on each square.

Moore’s law: transistor density, the singularity…

Possibility of digital buddies.

Californication of commerce: various application of AI in ecommerce.
Aristotle, Descartes, Babbage/lovelace

Gilbert Ryle, Norbert Weiner, Turing, Deep blue, Kurzweil, Weizenbaum (Eliza)

Nativeminds.com and Nicole.

ELLEGirlBuddy (smarterchild/activebuddy)

Marketing push to create word of mouth/relationship. Virtual trust, virtual frienship.

Concerns: consumer law: truthful information, complete information, privacy implications.

An approach might be translating what we know about psychology into machine language and use that to obtain info about someone.

 Saturday 11h45 [Video]

Moderator: Jane Bailey

Speakers:

• Richard Gold, « The Reach of Patent Law and Institutional Competence »
• Jonathan Zittrain, Writing the Rules of War Between Free and Proprietary Software

RG: Patent and biotech. Talking of jurisdiction issues over questions of patent eligibility.

Don’t confuse eligibility, applicable to a class of inventions, with patentability, applicable to a particular invention.

Theories:

• It is question statutory interpretation only

  Hinges on the interpretation of « invention »: cannot limit to eligibility to what is known because then it’s not an invention

  Therefore, what is unknown in an invention unless legislature specifically says otherwise. BAD ARGUMENT: confuses a particular invention with type of invention.

• It is a technical and morally neutral

  To refuse a patent would be futile because in itself would not stop the invention bieng put to practical use.

  Patents may lead to accountability and spillover effects

  The very fact of allocating property rights alters the burden of persuasion re: limitation on use of invention

  Patents may provide holders with power over non economic decisions.

• It is essential to promote innovation. Courts should withold patents only when legislation specifically restricts it.

  Starting principle is that knowledge ought to be free unless a good reason exists to put it under private control.

  Lack of empirical evidence showing that patents actually encourage innovation and dissemination.

Example given using the reaction to the Harvard mouse.

JZ.

JZ is not behind the podium, he prefers to do his stuff standing in front. Just watch the video, he is, as always, a great speaker.

Today’s fire: free and proprietary software.

Software: lowers the barrier of entry for « inventors » (and explains bad software).

Taxonomy of software:

• Public domain
• Free (copyleft)
• Proprietary.

Analogy of the models using a cake/recipe metaphor. Software: it’s a cake, you eat it and it’s good.

But the recipe is usually given for public domain cakes. You always get it for Free cakes. Most often not for proprietary software (they could give you the recipe though and say if you do anything wth it you go to jail).

Licence terms: nope for public domain. Free: GNU licence. JZ give a How do deal with RMS 101. Viral threath, way overplayed: if you include GPL by accident, you never agreed to it, it’s only infringement and the viral clauses don’t apply to your proprietary code. Proprietary: well.. you all know how this goes.

SCO v. IBM.

Things at stake:

• 1. Free software is a way of producing social benefit. Not universal, but it matters in many areas. Yet because of work for hire agreements, there might be unvanted contamination.
• 2. Free software is too tasty a target for lawyers. e.g. easier to audit free software than proprietary software when stolen code is hidden.
• 3. Comparative IP and cyberlaw.
  Many people are trying to choose between linux and MS in LDCs. Or Linux and pirated MS. Attempt by MS and others to kill Free software so they don’t have to compete with it.

Saturday 10h15 [Video]

Moderator: Jane Bailey

Speakers:

• Joel Reidenberg , States and Internet Enforcement
• Jennifer Chandler , Internet Security

JC: Was infected by Blaster. It required no positive action by user: passive failure to patch.

Monetary losses from a general point of view, loss of confidence in a supposedly efficient system. 200 billion US$ is a figure often quoted for damages caused by security failures.

Not merely economic losses: also a problems when it affects critical infrastructure. e.g. power plants

Possibiliy of censorship on unpopular sites via DOS attacks. A risk in a digital democracy. It’s a concern to have: e.g. al jazeera english site during irak war. Hacking? Natural DoS?

She’ll focus on availabilty of ressources, in regard of distributed Dos attacks.

Underlying cause: bad software rushed to marked; users that do not patch, use a firewall, scan for viruses; ISPs that refuse to scan for zombies. The hacker who controls the zombies.

Going after the hackers and the ISPs is not her focus.

From the point of view of end users: patches are poorly written and tend to break stuff. People are weary. Rapid rate of patches. Fake security alerts that try to install trojans. Changes to licensing agreements. It’s an exterrnality problem: there are no consequences for you. It’s too much pain to patch though.

Solutions:

• Fine and disablement from ISP/corporate/school nwtwork.
• Liability of compromised users
• Mandatory automatic updates from MS

Biology analogies: crapware = innoculation to ensure we’re not too dependant on software that can, in the end, never be totally secure. Monoculture = vulnerable.

Liability of software developers:

• The target of DDoS has clean hands.
• The target has damages (usually high profile corp).
• The target has no contract with MS (or other corp).

a) you need a duty of care from the defendant (a duty not to create situations of unsual risk e.g. landlords liable for unsecure premises when there are attacks by 3rd parties).

b) peer economic loss, policy analysis

JR: Malicious code can be good: they offer the opportunity for states to focus on issues of jurisdiction.

The french Yahoo case: the failure by a country to enforce it’s democratically chosen policy is an abdication of it’s duties to it’s citizens.

Code == lex informatica

There has always been a policy injected into the architecture: ARPA and the Internet.

Public reengineering: ex ante automatic enforcment. DRM

.NET passport: collect data from users to manage passwords. MS was able to collect a mass of data. Legal in the US: no one care about privacy in the US. Problem in the EU. MS reengineered the product design.

Successful efforts to get Paypal to refuse to process payment from online casinos

Porn in the US: CIPA. Architecture to enforce policy decision.

Using intermediaries as enforcers: DMCA notice and takedown, going after the money, orders to ISP to block sites.

Worms and viruses have police power. e.g. attacking MS update site. Spam blacklists being shut down by Ddos. Same devices could be used by states.

Tools:

• Electronic border: China’s firewall. Yahoo french border. Indias’s yahoo NG shutdown.
• electronic blocaderestrain violator: interception of packets
• electronic sanctions: actions to shut down/disable

We should aim for the least intrusive device to achieve sanctions: consider magnitude of threat relative to public order. Urgency of the threat. Effectivness of the tool. Identification of the ultimate goal

JZ asks: Should we block ports used by windows networking for example? Should the ISPs be allowed/encouraged to police their networks in that way?

The answer was not as concise and to the point than the question. It is indeed tough to find the sweet spot between end-to-end and attribution of liability (and the defensive measures by potentially liable parties).

Saturday 8h30 [Video]

Moderator: Michael Geist

Speakers:

• Peggy Radin, Property and Contract in the Digital Environment
• Vincent Gautrais, The Colour of Electronic Consent

PR: Regulation by contract, regulation by machines

• 1. legal and policy discourse

  Three streams of legal culture in confluence:

  • Propertization policy: more isn’t better. Too much is as bad as having too little.
    Shouldn’t assume legislative rules are in the common benefit and appropriate
  • competition policy: there is a barrier to market in order to lover barrier to market
  • Free speech: rethoric: commodified content that when propertized… […]

• 2. Court’s ingenious methods to get around the debate.

  Database protection: what is the anticompetitive branch » ebay, verio: invasion of hard drive, and harm and trespass. removing information that you don’t want your competition to get. Using state tord law to construct a database protection doctrine.

  Using contract to extend copyright:
  ProCD: 7th circuit. Not the law outside 7th circuit.
  Clickwrap/browserwrap.
  Which parts of the copyright regime are « default » and waivable. and which are inalienable? Should we impose mandatory rules/inalienable rules?

  We have to consider if treating the property regime as a set of default rule is itself a default rule and if society should consider changing that default rule.

  In a chicago perspective: Blanket non waivability for certain category could be less costly to judicial review of case by case basic. Mandatory arbitration for example.

• 3 cat for attention:
  • 1. waiving legal enforcement
  • 2. human rights
  • 3. rights that are politically weak (most likely to be undercut by interest groups and not protected similarly: e.g. fair use rights)

  The machine control is like an injunction. There is no choice to infringe and then ask for court review. Irreparable harm to recipied will be without recourse.

  DRM will make even non waivable rights irrelevant.

  Plea for limitation on such systems.

VG: my notes here are terrible again…

Ecommerce and contract law are a nascent field of law. There are new laws and new concepts to discover.

Technological neutrality is an unattainable target.

There are precedents in legislative redaction in order to adapt to techonology.
e.g. in the Quebec law, there are many neologisms, new concepts. It’s a law for engineers.

New economy contrats are often illegal. Old contract principles should still apply to electronic environments.

E-consent and legibility:

• The criterias to judge informed consent should be adapted:
  Legibility is different on paper and on screen.
  The relation between lenght of contract and speed of contractual process is disproportionate.

• Ethan Katsh: paper contract is an act. Electronic contract is a process.

E-consent and demonstration of will.

• Different means of expressing consent, both in the physical and digital world.

  Vincent is preaching to the choir.

• The click should be explicit and clearly significant.

In conclusion: the contract should be more formal to compensate the loss of the materiality of paper.
It appropriate to draft standard contracts to be drafted and approved.

The consumer, the weakest party, shoud be protected. The practice of manifesting consent in ecommerce is still problematic. We need to care about the consumer to enhance consumer confidence.

Both participants expressed concern with consumer choice and freedom of contracting.