Welcome To MyCyberLawyer!

Please feel to look around my Blawg. I recently restarted my blog and recentered it on a more specific topic that I have been working in for several years. I love Internet Law, Privacy Law, IT Security and the constantly developing issues involving Tech Law. I Twitter most relevant and developing links out there and when I get the bug I blawg about it. Feel free to post your thoughts, opinions or ideas.

Tuesday, August 28, 2012

Professionals Against Cyber-Slander & Cyber-Bullying

Please take the time to follow the link below and join my Group on LinkedIn. 

Professionals Against Cyber-Slander & Cyber-Bullying

This Group was formed to connect and bolster those of us who want to enjoy the freedoms of speech afforded by the U.S. Constitution, but who also recognize that often uncontrolable damage is created by Online Defamation, Online Bullying and Online Harrassment at the hands of known or unknown users.

Our collective effort can be used to inform one another of certain tactics and strategies to combat this area of the law that is grossly underdeveloped and which is still too young to address much of the slander and libel that is published online.

Come here and tell your story, help others to deal with the online defamation or bullying of which they are a victim. Hopefully, we can help one another in tracking, stopping and pursuing these online polluters for the damage they create.

Announcement from Professionals Against Cyber-Slander & Cyber-Bullying

Please take the time to refer this Group to as many Professionals and Businesses, as you have time.

I believe that we are seeing a new tort develop in popularity. It's not that the tort of defamation is new, but that the tort of defamation via the Internet is aggressively growing, just as car accident tort claims grew with the invention of the motorized vehicle. Prior to the motorized vehicle, car accident lawsuits were limited to a few horse and buggy claims (do the research).

Just like the turn into the 20th Century increased the motorized vehicle accident claims for the tort of negligence, the turn into the 21st Century has brought about a way for EVERY person to easily express themselves, positively and negatively, thereby increasing instances for the tort of defamation to occur. Most of us remember when the only way to defame someone was to have it printed in the newspaper or to print leaflets and pass them around. In school, maybe some graffitti on the bathroom wall was viewed. That is all gone. The Internet and smartphones provide an unprescedented vehicle for the destruction of lives (literally in some cases death), businesses & careers, via the defamatory comments on the Internet.

What most people don't know: defamation is usually covered under a homeowner's insurance policy, just as car accidents are covered under car insurance policies. Thus, I predict, the rate at which these claims will grow in the courts will be drastic as the courts realize the validity of the actual damage to its victim and as the victims make claims against the antagonists' insurance policies.

This Group is interested in growth, your input, your ideas, education, your community outreach, and helping to stop or curb the proliferation of defamation and bullying on the Internet.

Please share this Group, it impacts everyone from Professionals to children. As Professionals, we have a unique position to influence our communities, enforcement and laws. Grab a shovel and help dig us out of this problem; be part of the solution.

Monday, May 28, 2012

How Long Before Anonymity Is Gone...Or Will It Ever Die??

This is really an area that reveals my split personality.  There are so many negatives to anonymity, yet so many positives.  If it were not for the massive amount of false spew that I've witnessed damage so many lives, I'd be much more likely to be in favor of anonymity on the Internet.  However, what was a good idea is 230(c) is no longer so and the anonymouns user on the Internet being protected by their ISP's lack of liability has turned many parts of the Internet into a junk yard of false information.  What people would never say in person, they now say in public...not just public...but they announce it to the world.  What's worse is that a schoolyard lie, is now common tactic on the Internet and at social media sits.  Sure its been great to hook back up with old friends that I would have NEVER found.  But, with this benefit has come too large of a negative, too much of a harm.  If you have an antagonist on the Internet that stalks or harasses you, then you understand.  If you don't, you likely won't understand. 

Today, the first place an employer goes to assess their candidates is the Internet (so does you date, your new friend, your family, any contact, period).  So, if there is false information out there is can and will most likely be devastating and you won't even know it sometimes.  All it takes is one report by an anonymous 'hater' and your integrity is in question.  The reader has no idea what is true or not.  They don't know if you are actually a sham, a scam, a hack, a thief or a person of character, compassion, drive, intelligence and efficiency.  The fact that it is called into question will make the reader question and more than likely back away from associating with you.  Put it this way, if you hear a rumor around the neighborhood that the single guy living on the corner is a child molester, you would NEVER let your kids even walk in front of the house.  Now that would just be in the neighborhood.  Take the same rumor and put it on the Internet and this man on the corner is now globally named and even if he is the head of the Salvation Army, his integrity will be calleld into question by whomever reads the rumor.  Why?  Because we don't want to take chances on it being true.  The reader has reason to have caution, the subject has reason to be distraught.  The only solution is to uncover the masked commentor, unless 230(c) is repealed.  If you want to keep you anonymity, we need to have another level of screening.  The private sector will do it.  They will filter the false information on the Internet, if we hold them accountable for the content they provide.  You can kick and scream about it all you want, but there is only two solutions to this problem, either expose the anonymous commentor or hold the website accountable the host (website, ISP, whatever) will make sure the the information is correct or take it down. 

What if 230(c) stated that the host (website, ISP, whatever) was liable for all content posted on their site, UNLESS they required non-anonymous posts.  Of course it would cost more, it would take more resources to verify whether someone is who they say they are.  However, it can be done, even if it might not be 100%, it could become the norm and the Internet could be a place of more than just spew competing with truth.  Do you remember the days before the CAN-SPAM Act?  It was getting so bad that it was not worth having an email account anymore.  Just to check your email from a friend you had to sift through 40 emails a day from porn and medication sites.  That is no longer the case, is it?  Now you have to opt in to much of that & the source must tell you who they are and how to get off the list...in other words, there is no anonymity allowed in spamming.  The result has been a huge improvement.  Spam is not dead, but it has become controllable.  Of course, the majority of the problem comes from overseas, but its an improvement.  If we ever want to cut down that CRAP that is posted on the Internet, this route is going to need to be confronted.  The fact that Congress and the Senate is fighting over how to approach this issue right now is positive & negative.  I'll bet they will not get it right, though I hope they do. 

Take for example the New York competing bills attempting to ban anonymous comments from websites.  (S.6779 and A.8688).  While I think the legislation is proposed with good intentions, it does not seem to be well thought out.  Both sides of the bill can site case law and example after example as to why they are right.  The truth is keeping anonymity causes damage and getting rid of it causes damage.  Which damage is worse.  Well, that's when it gets personal.  Unfortunately, this is one of those issues that will never be 100% agreed upon.  Until then, the Internet is still the Wild Wild West and if you are gonna shoot someone, you just may get away with it, you may get lynched or you may feel the power of the law.  Who knows?


For more information on some of the activity out there on this issue:
-  Arizona Looks to Outlaw Internet Trolling
- the Electronic Frontier Foundations notes
- McIntyre v. Ohio Elections Commission
- Talley v. California
- an opinion piece by New York Republican Assemblyman Jim Conte
Betabeat reports that the bill started with New York Assemblyman Dean Murray
http://techland.time.com/2012/05/24/the-new-york-bill-that-would-ban-anonymous-online-speech/
- You Are Not Your IP Address

Thursday, April 12, 2012

How to Identify An Anonymous Online Speaker And Gather Admissible Evidence Of Online Activity


Anonymous Internet speakers are not immortal beings that can say whatever they want, when ever they want, about whom ever they want.  They are individuals that are accountable for what they say and write just like the rest of us.  Often referred to as Anony's, anonymous Internet speakers often use the Internet as a forum to spew false and defaming information about various people, topics, businesses and sometimes themselves.  While unmasking an Anony may seem impossible, even to lawyers, it is not impossible. However, the list of questions regarding how to reveal an Anony is more likely to be longer than your list of answers, at this point.  So, let's do something about that. 

Pursuant to what is commonly referred to as Section 230(c) Immunity, Internet service providers, hosts, Web sites, and other relevant carriers (ISPs) are generally exempt from liability for the speech that is posted on their Web sites, blogs, chat rooms, and even the speech republished through their search engines. The Communications Decency Act (CDA) states, “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” 47 U.S.C. § 230(c)(1) (2008). In other words, the providers of the Internet itself, where anyone can generate all manner of speech, are not “publishers” of content as traditionally understood in the context of the print media.

So who is liable for the massive amount of false, defamatory, and libelous information published on the Internet daily? The original speaker is…whoever that person or entity may be. Allowing an ISP to be free from any liability, while it provides third-party speakers the tools to defame and harass at-will, likely sounds far-fetched and radical to many experienced lawyers, given the body of law regarding print, radio, and televised media. However, to an entire generation of attorneys and other young web surfers this ideology is the norm.

Since Section 230(c) was enacted, a whole new body of law has had to be interpreted by the courts to deal with this new enigma, the Internet. Generally, publishers and reporters find themselves at the center of libel suits when false information is published. A strong incentive exists for newspapers, magazines, and radio/television to protect their reputation and their “sources.” “Sources” have rarely been sued because they can not be identified. The popularized “Deep Throat” from the Watergate scandal can likely attest to the way things “used to be.” Although ISPs closely resemble their publisher cousin, an effort to not limit commercial activity on the Internet created Section 230(c). However, there is one great distinction between the print/televised media and the Internet: the Internet Protocol Address (IP Address).

The IP Address allows the ISP to identify each individual user on the Internet and log their activity. While an IP Address can be masked and proxy servers can be used by the Anony, which often involves interstate and international activity, often the un-savvy Anony has no idea that their ISP is keeping track of their activity. More importantly, even to the “black hat” or experienced user, it only takes one login without a proxy server for an experienced expert to capture the legitimate IP Address. Likewise, since Section 230(c) grants the ISP immunity, there is little incentive for the ISP to protect the identity or Internet activity of the Anony. For obvious reasons, the ability of litigants to get access to the ISP logs has become the center of the legal discussion. 

So how does one legally get Internet Surfing logs, IP Addresses, and other relevant information to support your case and identify the tortfeasor (or criminal) Anony?

1.  Pursue Pre-Litigation Discovery If Available In Your Jurisdiction:  Texas has the best and most detailed pre-litigation discovery rules.  In my opinion, every jurisdiction should look into their procedures and either adopt them or allow some form of them.  This would allow the glut of lawsuits being filed currently singly for the purposes of identifying Anony's to stop.  Lawyers should be able to file pre-litigation discovery requests from ISP's regarding IP Addresses in an effort to identify parties that would be parties to litigation.  The Courts cannot function without society’s ability to identify tortfeasors.  For some reason, Internet users often think they should be able to have private-public discourse...NO.  If you are going to enter the public discourse, you should not be an Anony.  Stand behind what you say and if one spews lies ruining lives and ending careers, one should be accountable, just as if they had committed a battery or assault.  There is no difference.  Illinois and New York also provide some descent procedures for pre-litigation discovery.

2.  If No Pre-Litigation Discovery Available, Sue “John/Jane Doe”:  It only takes about three seconds of legal analysis to recognize that it is impossible to serve a subpoena on a person you can’t identify, but it may take quite a bit longer for you to realize you can sue them. What Section 230(c) immunity has created is an enormous need for “John Doe” lawsuits. Since the Federal Rules of Civil Procedure only allow for limited pre-litigation discovery under Rule 27 and since Texas is the single state to have extensive pre-litigation investigatory procedures, most of the other jurisdictions must file “John Doe” lawsuits. While traditionally these lawsuits have been discouraged by the courts, the ease with which anyone with an Internet connection can anonymize themselves and create a path of fraud, libel and destruction has necessitated the courts’ relaxation and allowance of “John Doe” actions.

Given that Anonys post tortious statements both on their own Web sites and Web sites owned and operated by others protected by 230(c), the IP address of the originated tortious activity must be identifiable as a foundational and evidentiary matter. Once the lawsuit is filed, service needs to occur. The only way to identify and serve an unknown party is through additional investigation of the owner of certain websites, email addresses, IP Addresses and other information that you may have available to you.

3.  Identify The Owner Of A Web Site, Email, IP Address, Etc.:  Every Anony who gains access to the Internet or has a web address is assigned an IP Address. Even when using your email, you must go through an assigned IP Address that identifies a connection.  The IP Address is tied to an ISP or a Host.  As stated, this includes activity on web addresses/Web sites and e-mails. The Internet Corporation for Assigned Names and Numbers (ICANN) requires that every web address be owned and tied to a name, address, and e-mail. The owner of any web address can allow a “proxy” to be listed in their stead, maintaining the owner’s anonymity. The name, address, and e-mail of the proxy must be public information listed with ICANN for service of process and billing. Thus, by researching ICANN, one can find the proxy/owner of any web address where tortious activity may be occuring.  However, since the proxy is created for the exclusive purpose of masking the identity of the true owner, the proxy will generally not provide the identity of the IP Address owner without a Court Order, some will respond to a simple subpoena.

4.  Identifying The Owner Of A Statement On A Website Or From An Email:  The retention of an expert who has the ability to forensically track IP Addresses tied to websites or emails will be required in identifying the owner of a given statement. A forensic Internet expert will be able to gather valuable information that ties certain web addresses, e-mails, or other identifying information to other statements. Though not simple, once the relevant technical information is gathered that connects the IP Address to the tortious activity and a profile is created around the IP Address, connecting it to the tortious activity, one has the support for the “John Doe” lawsuit. In other words, you may not have a name, but you have an IP Address and there is an ISP out there that has an actual name and contact information.

5.  File Suit & Petition The Court To Conduct Pre-Discovery Investigation To Identify The Tortfeasor:  Given that we have no specific procedure allowing for this type of a subpoena generally across the states, a Complaint must first be filed, immediately followed by a Petition for Pre-Discovery Subpoenas should be made to the court in order to demonstrate the necessity for issuance of subpoenas prior to discovery. In other words, one need request from the court authority to conduct pre-discovery subpoenas to identify the tortfeasor.  However, it should be noted that this better not be your first attempt to identify the Anony.  It is suggested that you take several other actions prior to filing the petition so the judge understands that this is the last resort.  Prior actions include: attempting to serve the owner of the website or the proxy, attempted service on the ISP of the Website with a copy of the complaint; drafting request letters to the Website owner seeking the identity of the “John Doe”; emailing the tortfeasor with the Complaint if emails are known; and requesting the identifying information from the ISP.

Be prepared, though.  As you attempt some of these actions, these “John Does” may actually appear and file a motion to quash or dismiss; the ISP may appear to file a motion to quash; if one is lucky, though, the party will appear (not specially) and subject themselves to your jurisdiction.  If so, job done, you may proceed with the lawsuit.

If "John Doe" does not appear, one can take a default against the “John Doe,” in the event one can substantially establish Website or email ownership via a proxy and adequately perform service. Often times, these activities alone provide the identity needed to uncover an identity.  Once the ISP receives the subpoena or court order, they in turn forward it to the owner or proxy. The ISP will generally provide the personal identifying information, unless the owner files a motion to quash the subpoena. Matching the IP Addresses provided by the forensic expert and the ISP log information gathered via subpoena or court order will allow connection of activity to identity of the tortfeasor.

6. Watch Out For The Motion To Quash:  In the wake of the “John Doe” lawsuits and the resulting subpoenas, jurisdictions have had to wrestle with various Motions to Quash. In response to promptings from the California Court of Appeals, the California legislature enacted California Code of Civil Procedure Section 1987.2, drastically changing the “John Doe” subpoena landscape and setting the standard for which a subpoena to a California ISP must contain. In a nutshell, Section 1987.2 provides that when out of state subpoenas are issued in California “for personally identifying information…for use in an action pending in another state…and that subpoena has been served on any Internet service provider,” if a motion to quash is granted, if the “underlying action arises from the moving party’s exercise of free speech rights on the Internet,” and if the subpoenaing party fails to “make a prima facie showing of a cause of action,” the court “shall” award attorney’s fees and costs incurred by the moving party. WOW!  Yes, you heard that right.  Since so many ISP’s are located in California, significant compliance with local procedure is necessary or your clients risk paying an ISP's or Anony 's fees and costs that file a Motion to Quash.


While there are many cases on point in various jurisdictions relevant to what constitutes “a prima facie showing of a cause of action” that involves libelous speech on the Internet, the only way to push the weight of the evidence in one’s favor is to plead the Complaint with particularity, naming specific Websites, statements, actions, e-mails, etc. Essentially, plead one's cause of action for Internet libel the same way you would fraud.  This will provide the additional information necessary when an ISP of the Anony specially appears and files a Motion to Quash the subpoena.

7.  The Identity Of The Anony:  There is no way getting around the fact that putting an identity to an Anony is complicated, time consuming, computer expert necessitated, and court involved. Many times, identity can be discovered through simple online investigation, emails, phone calls or pure common sense. Other times, filing a “John Doe” lawsuit will be the only remedy. As the courts continue to amend procedural rules and the common Internet user continues to become more astute, hiding your identity online will continue to be an often litigated topic and the subject of much legal debate.  One thing is for sure, persistence will win this battle.  You need the right expert, with the right experience and with a smidge of luck.

Wednesday, February 1, 2012

Ontario Appellate Court Keep Up With Technology As It Recognizes The Tort of Invasion of Privacy

As publushed by Osler.com, a favorite site and one that should be on your watch list:

"On January 18, 2012, the Ontario Court of Appeal recognized a common law tort of “intrusion upon seclusion” in Ontario law in its decision in Jones v. Tsige1. This decision has potentially significant implications, not just for individuals who may have invaded another person’s private affairs, but for any organization that collects and/or uses personal health, financial and other information. In particular, the decision may increase the reputational and other risks of unauthorized use of personal information and the incidence and risk of privacy class actions.
While the full implications of Jones v. Tsige will only be known as the decision is applied in the lower courts, proactive organizations should consider reviewing their collection and/or use of personal information and ensuring the enforcement of privacy and data protection policies.
I. Jones v. Tsige
Both Jones and Tsige were employees at different branches of the Bank of Montreal. Neither woman knew each other personally, but Tsige had formed a common-law relationship with Jones’ ex-husband. In 2009, Jones discovered that Tsige had accessed Jones’ banking records at least 174 times over the course of four years. The information accessed included transaction details, as well as personal information such as Jones’ date of birth, marital status, and address.
Jones sued Tsige, claiming $70,000 for invasion of privacy and breach of fiduciary duty. A motions judge dismissed Jones’ claims in March 2011 after concluding there was no cause of action for invasion of privacy in Ontario2. Jones appealed. The Court of Appeal unanimously concluded that Ontario common law did recognize a cause of action for “intrusion upon seclusion” and reversed the lower court’s decision. The Court placed the case at the mid-point of the range of damages it identified as appropriate for this cause of action and awarded Jones damages of $10,000.
In reaching its decision, the Court stated that the tort was both a necessary and welcome “incremental step” consistent with developing the common law to the changing needs of society. The Court noted the importance of privacy interests in traditional causes of action, such as trespass, and under the Charter of Rights and Freedoms.
The Court of Appeal held that to succeed in a claim for intrusion upon seclusion, a plaintiff must prove the following elements, which the Court adopted from the U.S. Restatement (Second) of Torts (2010):
  1. The defendant’s conduct was intentional (which includes reckless conduct);
  2. The defendant invaded, without lawful justification, the plaintiff’s private affairs or concerns; and
  3. A reasonable person would regard the invasion as highly offensive causing distress, humiliation or anguish.
The Court made it clear that proof of actual loss is not an element of the cause of action, and so a plaintiff does not have to show an actual economic loss to succeed.
However, the Court of Appeal placed clear limits on the new tort:
  1. Claims can arise only for deliberate and significant invasions of personal privacy. As the intrusion must be “highly offensive” to a reasonable person, only intrusions into matters such as personal financial or health records, sexual practices and orientation, employment, diary or private correspondence will be actionable.
  2. The right of privacy is not absolute. The Court expressly noted that, in the right circumstances, competing claims for freedom of expression and freedom of the press will need to be reconciled with the right to privacy.  The Court did not provide any guidance on how these competing claims should be balanced.
  3. “Symbolic” or “moral” damages will rarely be more than $20,000. The Court found that damages for “inclusion upon seclusion” were properly considered “symbolic” or “moral” damages. The Court suggested that in all but exceptional circumstances these damages should be in a range up to $20,000.
The Court neither excluded, nor encouraged, awards of aggravated or punitive damages.
II. Risks and Mitigation
In light of the widespread availability, collection and use of personal financial, health and other information by businesses and other organizations, the recognition of a tort of intrusion upon seclusion may create new risks for these organizations:
  1. Class Actions – Certain features of the new tort - including the objective standard for determining whether the conduct is “highly offensive”, the fact that the requisite “intentional” element of the tort includes reckless behaviour (which could be very far-reaching), the absence of a requirement for actual economic loss, and the ability of a court to award “symbolic” or “moral” damages - may make it easier for Ontario courts to certify class actions against organizations that collect and/or use personal information in a manner that is alleged to be an invasion of privacy. If each individual affected by a data breach, for example, may be entitled to damages of up to $20,000 for invasion of their privacy, an organization may be exposed to a very substantial lawsuit, depending on the number of customers or other persons affected.
  2. Other Business Impact of Privacy Litigation - Although the primary remedy sought in the Jones case was damages, it is not inconceivable that a future plaintiff could seek an interlocutory injunction to restrain an organization’s collection and/or use of personal information pending a trial. Such an injunction could have a significant business impact on the organization, even if the organization’s collection and/or use was ultimately found to be lawful.
  3. Reputational Damage – Although the monetary risk of individual litigation is low given that damages will usually be limited to “moral” damages, claims for intrusion upon seclusion based on an organization’s collection and/or use of financial, health or other personal information may have a serious impact on the organization’s reputation and relationship with customers. Further, as the facts of the Jones v. Tsige case demonstrated, organizations face reputational risks from unauthorized misuse of personal information by “rogue” employees, even if the organization is not named as a party in litigation.
Proactive organizations that collect and/or use personal information in their activities and that wish to mitigate the potential risks in the wake of this decision should consider the following:
  1. Obtaining Consent - As the new cause of action requires an unlawful invasion of private affairs, evidence that shows that a plaintiff claiming damages for invasion of privacy expressly consented to the collection and/or use of his or her personal information could provide a strong defence to the claim.
  2. Data Protection and Privacy Policies – This case, and particularly the fact that the unauthorized misuse of information continued for four years, reinforces the need for organizations that collect, use and/or disclose personal information to not only enact sufficient privacy and data protection policies but to also ensure that these policies are adequately enforced.

1 2012 ONCA 32. The case may yet be appealed to the Supreme Court of Canada.
2 2011 ONSC 1475 (reasons delivered by Whitaker J.)."

Well written Osler and well expressed.

Thursday, September 1, 2011

10 Secrets of the Happiest People In The World

1. Have A Natural Zest for Life.
2. Love and Appreciate The People Around You.
3. Enjoy What You Do.
4. Know Who You Are.
5. Continually Live At A High And Positive Energy Level.
6. Unplug and Unwind.
7. Have Confidence And Know Your Potential.
8. Love to Give.
9. Know You Are Deserving Of The Great Things Life Offers.
10. Let Go And Let Things Unfold.

       (Source:  http://www.possibilityoftoday.com/2010/12/06/10-secrets-of-the-happiest-people-in-the-world/ ; see here for additional details and suggestions)

Tough times right now for most, tough times for most are ahead.  Do your best to stay positive, stay happy and healthy.  That is the first step in enjoying your life.  Note that "unplug & unwind" includes spending time surfing the Internet, Blogging and participating in Internet Forums.  You can get a lot of relief from it. 

Enjoy your Labor Day Weekend!!!

Tuesday, July 26, 2011

US Congress H.R. 1981 Should Be Passed As It Preserves Privacy

The Email
Many of you are probably getting this email, or one similar.  I did.  Two things are wrong in this email: 1) it never tells you what they are talking about in H.R. 1981 & 2) it makes false and misrepresentative claims about 'free speech' and 'privacy rights' relevant to H.R. 1981  The email reads:
Dear friend,

The U.S. House of Representatives is currently considering H.R. 1981, a bill that would order all of our online service providers to keep new logs about our online activities, logs to help the government identify the web sites we visit and the content we post online. This sweeping new "mandatory data retention" proposal treats every Internet user like a potential criminal and represents a clear and present danger to the online free speech and privacy rights of millions of innocent Americans.
The Bill: H.R. 1981
If you are going to call your US Congress Representative, tell him to vote in favor of this bill.  The truth about this bill is that it is a bill to assist law enforcement in stopping child pornography.  Yes that is right...STOPPING CHILD PORNOGRAPHY!!  The email never tells you that the text is added to the Protecting Children From Internet Pornographers Act of 2011.
The portion of the bill that is causing the biggest 'freak out' by many, many bloggers, including the EFF is the following language (See HERE):
SEC. 4. RETENTION OF CERTAIN RECORDS BY ELECTRONIC COMMUNICATION SERVICE PROVIDERS.
(a) In General- Section 2703 of title 18, United States Code, is amended by adding at the end the following:

"'(h) Retention of Certain Records - A provider of an electronic communication service or remote computing service shall retain for a period of at least 18 months the temporarily assigned network addresses the service assigns to each account [in other words the IP Adresses and contact information for the IP Address activity], unless that address is transmitted by radio communication (as defined in section 3 of the Communications Act of 1934).’. (Emphasis Added)

(b) Sense of Congress - It is the sense of Congress that records retained pursuant to section 2703(h) of title 18, United States Code, should be stored securely to protect customer privacy and prevent against breaches of the records.  (Emphasis Added)

Why is this the text of the amendment left out of so many of the blogs.  I don't think they want you to be educated about the facts.  They want you to be sheep. 
This amendment to the law will allow ISP's and Hosts to keep Internet Logs for 18 months now, instead of having them deleted after 6 months, which is the current norm.  So why is that important and why are so many of these bloggers out there YELLING...DOWN WITH HR 1981...while not explaining to you what the bill says?  I don't know why they don't want you to be informed.  Like I said, I think it has to do with sheep.  I like sheep herding as a way to protect our food supply, but not as a way of herding humans or the employment of a political strategy.  Read the amendment yourself, linked above.  Don't be a sheep.
Plain Speech
In plain speech, this amendment provides that ISP's, Hosts and other Internet Log 'keepers' will need to keep the Internet Logs for only 18 months and can't just delete them whenever they want.  Why?  The law is trying to catch criminals.  The criminals using the Internet have found a loophole for child pornography, amongst other criminal acts.  Since these logs are not kept very long, the criminals or 'wrong-doers' can do their thing (e.g. commit crimes, hurt people, libel others, invent schemes, scam others out of money) and if the activity is discovered, there is no evidence of the actions, as the Internet Logs are deleted shortly thereafter.  If the ISP's, Hosts, etc. are required to keep them for 18 months, then law enforcement, lawyers and the courts can will have the time to compile the evidence before it is gone forever. 
Given that currently the standard is about 6 months, the edge goes to the criminal, the wrong-doer (often called the 'antagonist' - See Rexxfield's various articles on topic).  Why do we want the logs kept?  No...it is not for spying, as the EFF and other rabid free speechers claim, how could it be?  If 18 months is spying, so is 6 months.  It is a completely illogical argument.
Just look at section 4(b), above, a duty is imposed on the ISP or records keeper to "securely...protect customer privacy and prevent against breaches of the records."  That's right, PRIVACY IS PROTECTED in the amendment.  So the truth is actually the opposite of the majority of the blogosphere. 
Again, the reason for the logs being kept for 18 months is so that law enforcement, lawyers and the courts can discover who says and does these illegal and harmful acts using the Internet to harm others.  It is to catch the child pornographer, identify the stalker, locate the anonymous bloggers that is libeling to short sell stock or spread false information, etc.  Six Months is just not enough time to get the information that is necessary to identify the law breakers.  Sometimes it takes 6 months just to locate the IP Addresses.  Eighteen Months will REALLY make a difference in finding these cretins.
Are You Still Not Convinced?
Ask yourself this question, is it the law breakers that want laws OR is it the law keepers? 
Do you even give DUI laws a second thought if you don't drink alcohol? 
Do you ever think about rape laws if you are not a rapist? 
I would venture to guess that people that oppose H.R. 1981 are the same people that are either breaking the relevant Internet Laws right now, or they are the same people that intend to break the Internet Laws in the future and don't want to get caught when H.R. 1981 has Internet Logs of their activity kept for 18 months, including their IP Address, their Internet activity and their contact information.  Just a guess, though.  Remember, this information is only accessible through the Courts (e.g. police investigation, subpoena, etc.).
One thing is for certain, we are not sheep.  We herd sheep.  So don't be a sheep.  Think for yourself and support keeping Internet Logs for 18 months...it is not spying.  This amendment will only make it easier to find those breaking laws and the evidence necessary to convict them.  Requiring ISP's and Hosts to preserve  evidence for 18 months is a very small thing to ask for something that will provide such big results.

Tuesday, May 31, 2011

Is Allowing Ads In Your Banking Something You Oppose?

It seems that pursuant to an article in the Washington Post by Ylan Q. Mui, “Banks allow ads in online checking accounts.”

Mui demonstrates how even in once thought of Social Networking sites such as Facebook, ads were considered demonic, as demonstrated in the recent Golden Globe winner film “Social Network”, the story of how Facebook came to be. Now ad are find their way into your checking account. Good or bad?

The banks are most certainly testing new efforts to bring in additional revenue and bring in new customers. According to Mui, “The charge for your breakfast at McDonald’s, for example, might be followed with an offer for 10 percent cash back on your next meal at the Golden Arches. There’s no need to print a coupon - just click the link, and the chain will recognize your debit card the next time it is swiped.” Is this really what we want?

The other issue, of course, is the continuation of a debate that has been going on for over a decade…the gathering of transaction and online behavioral data. I don’t care if someone is tracking my puchasing of the latest law journal article, plane ticket or Van’s shoes. It improves my ability to sift through all of the masses of information on the Internet. However, online banking? Doesn’t this cross the line? I’m telling you, if we don’t start creating some serious lines in the sand for what is appropriate tracking online, it will be imposed and that is not what anyone wants…well some want it.

Online, the big justification is “opt out” or “opt in”. I’m sure you can surmise which groups what which standard. I say it is near impossible for people to even understand or read the Terms of Service, let alone understand whether they are opting in when the “click”.

The advocates, and those most interested in the practice claim that the benefits outweigh any dangers. However, as our personal data depository grows online to mountains of personal information accessible to the general public (or those trusted to keep it safe), profit may very well beat out privacy without our knowledge. Just as Facebook about their constanst adjustments of the privacy settings, publishing browser habits, and the push back. It unfettered access really what is best for the general publich Zuckerman?

The result…the Federal Trade Commission is currently seeking to draft guidelines enumciating when and how companies can use personal data and when they should notify the users. I know, seems common sensical. It is rumored that “Sen. John F. Kerry (D-Mass.) has said he plans to introduce an online privacy bill.”

The question they are wrestling with…”How do we go and monetize this massive online banking channel?” “Let’s bring offers to people based on what they actually buy and what they’re interested in, and not a bunch of spam.” Everyone from DoubleClick, to Facebook, to Apple, to Microsoft, to the U.S. government is consistently mulling over this question. Will there be a time when the “mulling” is over and the access if seamless…or will this be some hodge podge maze of rules from state to state. One is for sure, there will never be a time when the collection of the data is cut off completely…there is too much money at stake to our love of all things technology and our hunger for information.