Wednesday, November 04, 2009

Rape, Murder, Rumor, and Rhetoric: The Strange Case of Glenn Beck

I started posting articles at The Brown Tweed Society a couple months ago, which I will blame for the lack of content here. The latest and greatest is a three-part series on the Glenn Beck raping-and-murdering saga, and Beck's challenge to the registration of the domain

Part 1: Factual background
Part 2: Glenn Beck's arguments and the merits of each
Part 3: The domain owner's response.


Monday, September 21, 2009

9th Circuit Decides "Unauthorized Access" Issue

Ars reports on a case from the 9th Circuit that is not unlike a case previously discussed here. Basically, I thought it was ludicrous for a person to be guilty of hacking where they were entitled to have access to the computer being hacked. In other words, you can't be guilty of obtaining unauthorized access when your access was authorized. Fortunately, the 9th Circuit appears to agree:
We hold that a person uses a computer 'without authorization'... when the person has not received permission to use the computer for any purpose (such as when a hacker accesses someone’s computer without any permission), or when the employer has rescinded permission to access the computer and the defendant uses the computer anyway.
Whew! Glad we got that one squared away!

Friday, May 08, 2009

Viewing Porn At Work Is Hacking?

Wired's Threat Level has a very interesting article about Richard Wolf, an Ohio man who was convicted under the state's hacking law as a result of viewing pornographic material while at the office. Wolf lost his appeal of this particular charge.

Wired quotes part of the statute as follows:
No person, in any manner and by any means, including, but not limited to, computer hacking, shall knowingly gain access to, attempt to gain access to, or cause access to be gained to any computer, . . . without the consent of, or beyond the scope of the express or implied consent of, the owner of the computer, . . . or other person authorized to give consent.
First, keep in mind the original intent of hacking statutes - it's the digital equivalent of breaking & entering. A person gains access to someone's computer and noses around where their nose doesn't belong. For instance, you certainly need the power to prosecute strangers who hack into your personal computer and review your private files. And while perhaps not quite as clear cut, perhaps it should also be criminal for an employee to get into his employer's 'trade secrets file' where that employee has no authorization to do so (though one might think there are plenty of private actions available in such a situation without relying on hacking laws).

What happened in Wolf's case, however, appears to turn the intent of the law on its head. He did not gain unauthorized access to his employer's computer; he did not even gain unauthorized access to the porn site's computer. His access was legitimate - it was only Wolf's use of the computer that exceeded his authorization.

Think about it: The statute prevents people from getting access to a particular computer that is either unauthorized or exceeds the authorization regarding that same computer. Wolf might have exceeded his authorized use of the computer, but what access to that computer did he get as a result of the unauthorized use? NONE!

Wolf was allowed to use his computer. He exceeded that authorization by using his computer to check out an adult website. However, the adult website was not owned by his employer and the adult website owner presumably had no problem's with Wolf's visits. Therefore, there was nothing that he accessed that was unauthorized. The state wholly failed to establish a predicate to the crime: There was unauthorized use but no unauthorized access.

Wolf may be a freakish dude or an average joe caught in a bad circumstance. Regardless, he is getting railroaded by a law that is in no way intended to punish his sort of activity. I hope that his attorneys appeal to the Ohio Supreme Court and that the justices have some greater understanding of the laws they are interpreting.

Tuesday, May 05, 2009

Former Wilco Member Sues Tweedy - Bad Idea?

Jay Bennett, former member of Wilco, sued frontman Jeff Tweedy in Illinois state court yesterday.  Bennett was in Wilco from 1994 through 2001.

In his complaint, Bennett claims that he is due record and song royalties, both for the time he was in the band as well as after.  He also alleges that he is owed compensation for his appearance in the 2002 DVD, "I'm Trying To Break Your Heart."

I will admit being partial, as I am a huge fan of both Wilco and Tweedy.  I will also acknowledge that I have no familiarity with the facts surrounding Bennett's complaint or the relationship of the parties.  However, based solely on what Bennett submits in his complaint, it appears that he is desperate and is likely to lose.

As an initial matter, Bennett alleges that he is a beneficiary to a written agreement to which he is neither a party nor (it appears) an intended third-party beneficiary.  While this is by no means fatal, it certainly is not a hallmark of a strong case.

Bennett states that he is a songwriter and entitled to royalties under the agreement that he didn't sign.  That provision provides, in part: "In the event that a song is wholly owned by one Member, the non-owning Members shall be entitled to an aggregate 15% of the income generated by sales and performances of the Group's recordings of the song earned during each non-owning Member's Term."

Bennett seems to admit that he received a pro rata share of song royalties during the term.  What is not clear is whether he is claiming that he actually co-wrote any songs or merely that he should still receive a portion of the 15% allocated to non-writing members.  If the former, why would Tweedy be the one to sue?  Did Bennett assign his interest in his songs to Tweedy in exchange for a royalty?  Does Tweedy administer his copyrights?  Why, if he was a writer, would Bennett not be receiving his performance money from his own PRO and his mechanicals from the labels directly, and why would those not be the parties to pursue?

If, however, Bennett is claiming that he is only a writer insofar as the agreement provides a payment to non-writing members then he is very mistaken.  The agreement clearly does not contemplate assigning any copyright interest to non-writing members; they only have a right to participate in the income.  Moreover, the agreement is very clear that non-writing members will only be paid for income earned while they are members, which is wholly different from paying out a share for all songs written and recorded during that time (thus giving rise to a continuing obligation to pay).

There are two overarching problems in Bennett's complaint.  First, in no circumstance does Tweedy appear to be the proper party.  If Bennett was not paid properly according to either the document he signed or the subsequent agreement then it is the corporate body that is responsible.  Bennett attaches exhibits to show that he was a shareholder in Wilco World Tours as evidence of his equal interest in Wilco - if that entity owes him money, why not name it as a party?  What about the loan-out entity for recording?  What about the record labels?  Anyone but Tweedy!

The second big problem is the copyright statute of limitations.  In fact, Bennett does not even specifically allege copyright infringement, which certainly would be my first approach if I were a co-writer on any of the songs.  Of course, he is in the wrong court for that, anyway.  Nonetheless, it seems any potential copyright claim would be barred by the statute of limitations.  (I'm not familiar with the Illinois statute of limitations on contracts but my guess is that Bennett is really close to that deadline as well.)

All in all, my guess is that Bennett is barking up the wrong tree.

Friday, March 06, 2009

Are Darknets a bad thing?

Ars Technica has an article today regarding the growing popularity of darknets, and how LimeWire's new service enables even the unsophisticated folk to get in on the action:

Darknets have been on the increase for some time, but as they get ever simpler to use and deploy, they could make it more difficult for content industry investigators to gather data for use in court cases or for "graduated response" schemes with ISPs. Massive darknets can be infiltrated, but networks of 10 friends? 20 friends? An extended family? It will be nearly impossible to know what's being transferred there.
I've been hearing about darknets since around 2005 and never thought of them as a threat to creative folks.  They're far more analogous to how people used to share and explore music before file sharing - a group of people with common interests share what they have.  As I've discussed plenty before, my friends and I will often burn CDs for one another whenever we get a new album.  And no, the recipient of the burned disc oftentimes doesn't go out and buy that same record again.  However, if they like the music, they will most certainly buy the next album.  They will also spread the word to others, who will buy the album.

I doubt anyone in the industry would (legitimately) argue that an individual burning a CD for a friend is a bad thing.  Consumer 1 buys Record A and burns for Consumer 2.  Consumer 2 buys Record B and burns for Consumer 1.  It all works out in the end, so long as Consumers 1 and 2 don't then make their purchased records available to Consumers 3 through 6,000,000 on an open p2p site.

So should the labels be concerned about darknets, especially those consisting of 10-20 people?  No way.  They may be virtually impossible to infiltrate but there's no reason to; groups of that size are intimate and replicate what people do in the real world.  If the group gets large and impersonal, thereby creating a microcosm of what's on large file sharing networks, then the darknet isn't so dark.  The larger a group gets, the easier it is to find, thus making it easier to break up.  In other words, there is a direct correlation between the ability to break up a darknet and the need to do so.

As to any concerns about college campuses and the likelihood of a collection of students forming a darknet that's big enough to make an impact - labels are already working towards creating paid, open file-sharing options at various schools.  If you can get every song you want for free through a user-friendly interface, why worry about digging through the tens or hundreds of individual collections of your classmates?

Labels should keep their eyes fixed on large-scale infringers; those who are making money off of the free distribution of others' work or making it available on a mass scale.  Darknets only mimic what people do ordinarily and, if anything, are a great viral marketing tool to help sell more records.