9th Circuit Clarifies Hacking Statute in Employment Context

An employee's use of a work computer “without authorization” for purposes of the Computer Fraud and Abuse Act [18 U.S.C. Section 1030(a)] depends on the employer's policies and definitions of acceptable use, not the employee's state of mind, the U.S. Court of Appeals for the Ninth Circuit held Sept. 15 (LVRC Holdings LLC v. Brekka, 9th Cir., No. 07-17116, 9/15/09) (opinion available at http://tinyurl.com/n362nz).

The court held: "Because Brekka was authorized to use LVRC’s computers while he was employed at LVRC, he did not access a computer “without authorization” in violation of § 1030(a)(2) or § 1030(a)(4) when he emailed documents to himself and to his wife prior to leaving LVRC. Nor did emailing the documents “exceed authorized access,” because Brekka was entitled to obtain the documents. Further, LVRC failed to establish the existence of a genuine issue of material fact as to whether Brekka accessed the LVRC website without authorization after he left the company."

Moral: Have good employee policies regarding email practices and authorizations!

New Hyperwrap Case

Court holds that an online contract that uses a combination of three hyperlinks to reference an external contract and which is encountered pre-checkout is binding. See
http://tinyurl.com/n362nz.

Judge Rules IP Addresses are Not PII

A federal court judge in Washington ruled in favor of Microsoft (surprise!) recently, holding that Microsoft had not breached a software license because IP addresses were not "personally identifiable information" ("PII"). Those of you familiar with most web privacy policies know that PII is a big deal and most of you know enough to be wary of what third parties are doing with your PII. But apparently, at least according to this case, when you visit a site and your IP is captured, that is not PII and thus is perhaps not covered by the site's privacy policy. Browsers beware! See the case here: http://www.hawleytroxell.com/News___Events/Resources/

Fair Use Should be Considered Before Sending DMCA

The ND Cal recently held that a copyright owner should consider the alleged infringer's fair use defenses before sending a DMCA take-down notice. Case is Lenz v. Universal. I posted a copy of the decision here: http://www.keepandshare.com/doc/view.php?id=1282333&da=y

Facebook Personalized Usernames

If you or one of your companies has had a Facebook account since before June 9, you can register, e.g., http://www.facebook.com/[companyname] as a Facebook username starting tonight at 10:01 p.m. MDT. See http://www.facebook.com/help.php?page=897. If you qualify, you may wish to register that (those) username(s) with Facebook to prevent third parties from doing so. If you did not have an account before June 9, the window opens for a company or person to register personalized usernames on June 28.

To be clear, anyone who had an account before June 9 can register a personalized username starting tonight, so you personally could go in and register, e.g., http://www.facebook.com/[companyname] if you wished and if you had an account before June 9 and if you meet Facebook's other qualifications for a personalized username.

All trademark owners will likely also want to complete the form here: http://www.facebook.com/help/contact.php?show_form=username_rights to stop third parties from registering one or more of their trademarks as usernames. You may do this even if you do not have a Facebook account.

Update on Using Proxies as Evidence of Sophistication in Crimes

Not today, apparently . . .

http://www.siliconvalley.com/news/ci_12152466?nclick_check=1

Use of Proxies to Show "Sophistication" in Crimes?

The Washington Post reports on a key vote on new US federal sentencing guidelines that would classify the use of Internet proxies in crimes as evidence of "sophistication," increasing sentences by about 25 percent, which could mean years or even decades longer behind bars, depending on the crime. Digital-rights advocates are worried, complaining that the proposal is so broad it could lead to unnecessarily harsh sentences for tech neophytes who did not know they were using proxies in the first place or who were simply engaging in a practice often encouraged as a safer way of using the Internet. http://www.keepandshare.com/doc/view.php?id=1158409&da=y

Do you proxy at work to hide from the boss? If so, watch out?