Wikipedia Joins the Fight for Fair Use in Australia (Electronic Frontier Foundation)

Australia's ongoing debate over the introduction of a new fair use right took a turn last week when Wikipedia joined the fray. The world's largest online encyclopedia now displays a banner to its Australian users encouraging them to support a joint campaign of Australia's major digital rights groups to modernize its dated copyright law by legalizing the fair use of copyright works.

As the campaign points out, the adoption of fair use would not harm copyright owners, but would simply authorize many everyday uses of copyright material that are currently technically infringing, such as forwarding emails, backing up movies, and sharing memes or mash-ups. That's one reason why Australia's Productivity Commission recommended the adoption of fair use as an improvement to Australia's patchwork of technologically-specific exceptions, such as a rule that allows format shifting from VHS tapes, but not from DVDs.

Libraries and educators would also benefit. Perversely, under current Australian copyright law, educational institutions are required to pay royalties for copying even freely-available online materials such as publicly accessible webpages for use by students. The adoption of fair use could see an end to such anomalies, with flow-on benefits across Australian society.

Why has Wikipedia, which is hosted in the U.S., jumped into this debate? Because the online encyclopedia provides an excellent example of the opportunity that the fair use doctrine creates for valuable information to be shared, without damaging the interests of creators. For example, in an article on Australian band Crowded House, you can hear a few bars of some of their most well-known tracks, and in a page about Aboriginal artist Albert Namatjira, a small representation of his art can be found.

Would anyone wishing to listen to Crowded House forgo purchasing their album because they can hear a few seconds of the same music on Wikipedia? Of course not, and that's one of the factors that make Wikipedia's partial reproduction of their music fair. But because Australia lacks a fair use right, Wikipedia could not be hosted in Australia without risking being found to infringe copyright. It's high time for this to change, for the sake of Australian users, creators, and innovators alike.

Other countries around the world are recognizing the benefits of fair use. South Africa is currently proposing to introduce a new fair use right into its own copyright law, adding to a growing list of countries that have done the same, including Israel, Malaysia, the Philippines, Thailand, Taiwan, Singapore, and South Korea.

Australians can join this growing movement and support the campaign for fair copyright by emailing their politicians, or by sharing the #faircopyrightoz hashtag on social media.

Posted in Uncategorized Tagged

Stupid Patent of the Month: Ford Patents a Windshield (Electronic Frontier Foundation)

The Supreme Court’s recent decision in Impression Products v. Lexmark International was a big win for individuals’ right to repair and modify the products they own. While we’re delighted by this decision, we expect manufacturers to attempt other methods of controlling the market for resale and repair. That’s one reason we’re giving this month’s Stupid Patent of the Month award to Ford’s patent on a vehicle windshield design.

image

D786,157 is a design patent assigned to a subsidiary of Ford Motor Company. While utility patents are issued for new and useful inventions, design patents cover non-functional, ornamental aspects of a product.

Unlike utility patents, design patents have only one claim and usually have little or no written description. The patent only covers the non-functional design of a certain product. But design and utility patents are alike in an important way: both are intended to reward novelty. According to U.S. law, the Patent Office should issue design patents only for sufficiently new and original designs. By that test alone, it’s easy to see that the windshield patent should never have been issued.

Why did Ford apply for the patent on its windshield design? One possible reason is that it’s the automotive industry’s latest attempt to control the market for repair. If the shape of your windshield is patented by Ford, then no one else can replace it without risking costly patent litigation.

Ford has a troublesome history with independent repair shops: in 2015, it sued the manufacturer of an independent diagnostics tool under Section 1201 of the Digital Millennium Copyright Act, the infamous law that makes it illegal to circumvent digital locks on products you own. Later in 2015, the Librarian of Congress granted an exception to 1201 for some forms of auto repair, but manufacturers have continued to seek out creative ways to close out the market, whether it’s through copyright, contract clauses, or patents.

In the Supreme Court Lexmark opinion, Justice John Roberts specifically noted the danger of automobile manufacturers shutting out competition in the repair space:

Take a shop that restores and sells used cars. The business works because the shop can rest assured that, so long as those bringing in the cars own them, the shop is free to repair and resell those vehicles. That smooth flow of commerce would sputter if companies that make the thousands of parts that go into a vehicle could keep their patent rights after the first sale. Those companies might, for instance, restrict resale rights and sue the shop owner for patent infringement. And even if they refrained from imposing such restrictions, the very threat of patent liability would force the shop to invest in efforts to protect itself from hidden lawsuits.

If the Patent Office continues to issue stupid design patents like Ford's windshield patent, it risks giving manufacturers carte blanche to decide who can repair their products. And customers will pay the price.

Posted in Uncategorized Tagged

California Senate Passes Surveillance Transparency Bill (Electronic Frontier Foundation)

A bill to shine light on law enforcement surveillance technology has passed out of the California State Senate. Now the battle begins in the California Assembly. 

S.B. 21 would require all police surveillance technology purchases and policies to go through a public approval process. That means a city council or board of supervisors could veto a proposed technology or demand a change in policy, whether it be for drones, license plate readers, or face recognition. Under the bill, law enforcement agencies would also produce transparency reports every two years regarding the equipment they've acquired. If we're successful, California will lead the country in accountability for police technology. 

More than 800 Californians sent emails to their state senators urging support for S.B. 21, and it paid off. The bill passed on a solid 21-15 margin.

Now let's do it again. 

Take Action

Tell your member of the state Assembly to support S.B. 21.

If you used our tool already to contact your state senator,  we thank you, but you should take the action a second time. Now our tool will direct you to your member of the California Assembly. 

If this is your first time hearing about S.B. 21, I recommend EFF's recent op-ed in the San Diego Union-Tribune. For a firsthand account of surveillance oversight, check out this illuminating letter from former Lemon Grove Mayor Mary Sessom in support of S.B. 21. 

Posted in Uncategorized Tagged

Consumer Genetic Testing: Beginning to Assess Privacy Practices (Future of Privacy Forum)

Genetic testing is becoming more widely available to consumers; such testing can be an exciting new opportunity to help individuals flesh out family histories, discover cultural connections, and learn about their personal backgrounds.  The availability of low-cost genetic sequencing and analysis has led to numerous businesses offering a variety of services, including some that provide detailed health and wellness reports that explain how genetics can influence risks for certain diseases.  The enthusiastic public response demonstrates that there is great demand for this knowledge.

But, as with so many new technologies, this new data analysis also raises privacy questions.  DNA can be immensely revealing. And by its nature, DNA includes information about an individual’s close relatives – not just data about the person tested.  The broad US law protecting health privacy, HIPAA, only protects health information when handled by specific types of entities, such as health care providers or health insurers.  If your doctor orders a genetic test, all the providers involved are bound by HIPAA requirements.  But if you order a consumer genetic test on your own, those restrictions are not applicable.

To ensure that genetic information isn’t misused, Congress acted, providing protections in some areas.  The Genetic Information Nondiscrimination Act of 2008 (GINA) prohibits the use of genetic information to make health insurance and employment decisions.  GINA was a landmark when it passed, but it does not provide comprehensive protections.  For example, GINA does not apply to decisions about schools, mortgage lending, or housing. And it excludes other forms of insurance like life insurance, long-term care, and disability insurance, although some states do provide some additional protections in these areas.

Given the gaps in legal protection, it is particularly important that companies offering genetic testing to consumers provide rock solid, legally enforceable commitments to consumers that ensure their data won’t be used to harm them.  And consumers need to look for commitments by companies not to share genetic information without explicit permission, the ability to delete their information, and promises to only use the data for the expected purposes.  FPF has begun discussions with a number of consumer genetics companies and hopes to share best practices guidance in the upcoming months.

But before we begin, there are some useful lessons that FPF can share from our work in other sectors.  It’s useful to understand some of the language that is common to the legal construction of policies and terms of service, as well as the underling protections provided by federal and state consumer protection laws.

  1. Companies do not own your data when they claim a perpetual license to use your information. When you provide a company with data – whether that data is DNA, user comments, profile pictures, or other content that the company needs to hold and use to provide services – the company will often declare that it has a perpetual, royalty-free, worldwide license to use your information.  Corporate intellectual property lawyers insist on this language to give themselves the rights to use the data on an ongoing basis, subject to the restrictions they place on themselves – such restrictions can include commitments to only use data for the services described a company’s policies, and users’ right to demand deletion of the data.  Search the phrase “perpetual license,”  and you will find it in the policies of almost every online service that allows the submission of user content.  This does not mean the company owns your data and can use it for any purpose it pleases –companies typically cannot make a book out of your private photos or publish your DNA.  But several times a year, someone reads “perpetual license” and sounds an alarm that is picked up by the media.  The fact that reporters own publications have the same language in their online policies is typically not considered.  Often, a company will respond by making a cosmetic amendment to its terms, explaining that indeed it does not own consumers’ data.  This story is the Groundhog Day story of privacy.  In 2008, Google’s terms were debated. In 2011, Dropbox was critiqued. In 2012, Twitter and Facebook came under scrutiny. In 2015, it was Microsoft .  Last week, AncestryDNA was the latest company to encounter this flap and accordingly updated its terms to explain that it had never asserted legal ownership of consumers data.  Companies can get ahead of this issue by using clear terms from the outset.  Smart consumers and critics should recognize this legal language by now and appreciate that it does not grant a company  “ownership rights to user data.”  Look for the limitations on what a company can actually do or not do with the data and your rights to opt-in or out.
  2. All bets are not off when a company is sold. The Federal Trade Commission (FTC) has repeatedly made clear that it will hold a successor company responsible to use data only in ways compatible with the original privacy policy.  Back in the ToySmart case, where sensitive childrens’ data was involved, the FTC required that ToySmart’s buyer abide by the terms of the Toysmart privacy statement. If the buyer wanted to make changes to that policy, it could not change how the information previously collected by Toysmart was used, unless it provided notice to consumers and obtained their affirmative consent (“opt-in”) to the new uses. The FTC will surely hold companies that collect and process DNA to this standard
  3. Policies cannot be changed at any time. The FTC has been clear that material changes to consumer privacy policies can’t be made without first providing prominent notice to consumers and providing them with choices before data is used in any manner inconsistent with terms they were initially provided. So if a company holds sensitive data, it should not claim that it may change its policy at any time and immediately apply the new terms to data it previously collected.  If the change is material, a company may not apply it retroactively without consumers’ express, affirmative consent.

These are just some of the baseline issues that are worth understanding before beginning to think through the important commitments genetics companies can make to promote trust and responsible data use in this emerging industry.  Stay tuned for that effort!

The post Consumer Genetic Testing: Beginning to Assess Privacy Practices appeared first on Future of Privacy Forum.

Posted in Uncategorized Tagged