Welcome

  • Naked Law is written by technology lawyers from Mills & Reeve. Our team is (mostly) based in Cambridge, England. We write about the latest legal and regulatory developments relating to information and communication technology, e-commerce, and privacy.

    Please send us an email or post a comment if you want to join in the discussions on Naked Law.

 Subscribe in a reader

Subscribe to Naked Law by email

Disclaimer

  • The information on this blog is not legal advice. You should not rely on it and we don't accept liability in connection with it. Please read our full disclaimer and let us know if you would like us to advise on any legal issue.

Digital Britain - will it guarantee access?

The Government proposes to tax fixed phone lines for broadband roll out.  The big question remains for those with "theoretical" broadband access -- the ones who have it but at much less than the advertised rate, or intermittently, or both -- whether there will be a commitment to ensure that there is recourse for such consumers.  Despite the lack of concern from OFCOM about the poor service given by many broadband providers because apparently few complain, there are many out there who are simply resigned to a service which is below the advertised speeds.

Human right to internet access?

Yesterday I went to the CUTEC conference here in Cambridge which provided a forum for encouraging innovation and entrepreneurship. One of the major themes this year was around social responsibility and empowering individuals - big aims for a room of techies and ambitious PhD students.

In particular cloud computing was very much viewed as the way forward and the democratisation of information and accessibility to services - resulting, for example, in the wife of one panelist being able to get real time advice on breast feeding at 4am from other mothers via her iPhone.

In this context I was interested to see that the French courts have refused to uphold a new law allowing officials to cut off the internet connection of persistent online infringers. The Constitutional Court held that only a court could do that - on the basis that access to online services is a human right.

That's the first time I've heard of internet access being referred to as a human right, and I question whether an English court would reach the same view - and clearly on one level it's not in the same league as the rights to life, to freedom of thought and religious beliefs.

But there were many inspirational (as well as aspirational) stories at the CUTEC conference about precisely this issue - that internet and mobile technologies do change lives and communities; that widespread access to and democratisation of services could be the catalyst for social change and improvement in developing nations.

I suspect there's a fundamental tension here between the increasing attempts to regulate the online world (with admitedly varying degrees of success) and the desire to fully exploit its potential and enable people all over the world participate in the online revolution.

One Tough Cookie?

When you visit a website, more often than not, a small text file called a "cookie" is sent to your computer.  Now, what possible use is a cookie without a glass of milk, this Naked Lawyer asks?

 

Well, the purpose of a cookie is to store data.  For example, if you log onto a website and give details such as your name and e-mail address, the cookie will maintain your log-in details so that you do not have to log back in the next time you visit the site.  A shrewd advertising tactic? Yes. An invasion of privacy?  Potentially.

 

Cookies are currently regulated by the 2002 European Communities Directive on Privacy and Electronic Communications.  Under the Directive, provided website users are given “clear and comprehensive information” about the purposes of cookies and are given the opportunity to refuse to have cookies stored on their equipment, cookies can be used for activities such as advertising, analysing website effectiveness and identifying online purchasers.  Currently website owners comply with this requirement by putting information about cookies in a privacy policy and then adding a link to the policy to every page of their website.

 

Now proposed amendments to the law on cookies suggests that users may have to give prior consent in order to allow cookies.  (This is subject to an exemption if the cookies are “strictly necessary” i.e. they enable a specific service explicitly requested by the user.)  At this stage it is completely unclear what prior consent under the new proposals will mean in practical terms.  A website owner could perhaps consider the following pop-up message on entry to their site: "click here for a cookie (non chocolate chip variety)".  However, a pop-up message is arguably very cumbersome and not least rather off-putting to passing website traffic.  This Naked Lawyer awaits the developments...

Plan-it Law

Plan-it-Law2

You might be forgiven for thinking that the Naked Law team had drifted into a sun-induced torpor for the last few weeks, what with the scarcity of posts and the welcome arrival of summer.  Not true!  We've just been busy, partly with the inevitable rush of year-end work - but partly also working with our colleagues on their nascent planning blog "Plan-it Law".

For those familiar with Naked Law over the past few years, the layout of the blog will be familiar - though the subject matter entirely different.  We are now a two blog family.  For those with an interest in legal blogging generally, please take a look at Plan-it Law and leave us a comment letting us know what you think.

Also - watch this space for a number of impending Naked Law posts about more traditional tech-law issues ...


Virtual friend fires employee

Here's a story for those that were interested to read that making a comment such as "ma job it pointLESS" on Facebook might lead to dismissal.

It's a salutary tale from Switzerland, that epitome of neutrality, about a woman who lost her job after her employers noted she was using Facebook whilst allegedly suffering from a migraine.

The woman admitted to accessing Facebook from her iPhone whilst lying in bed, but complained that Nationale Suisse had created a fictitious Facebook persona in order to become her "friend" and that the company had spied on her once she accepted this virtual friend. Whilst this begs the question as to why the woman accepted the Facebook friendship of a complete stranger, the story does highlight the potentially dire consequences of using communication networks at inappropriate times or in inappropriate ways. See the BBC's report here.

Whilst the government has decided not to set up a single centralised database, it does intend to ask internet service providers and mobile phone networks, amongst others, to extend the range of information they currently hold on their subscribers and to organise it in a manner that is more easily used by the police, MI5 and other public bodies investigating crime and terrorism. So, for those thinking along Orwellian lines, it is more "Surveillance Siblings" than "Big Brother".

The consultation period runs until 20 July 2009. Legislation to ensure that all data that public authorities might need, including third party data, is collected and retained by communications service providers may follow.

Those employed in the private sector should note that, under the current proposals, only the collecting communications firm and certain public authorities would have access to the information collected; to monitor an employee's Facebook usage, companies such as National Suisse will still need to create friendly fictitious Facebook personae and become virtual friends with their staff.

The story caught this Naked Lawyer's eye because it almost ties in with the announcement

on 27 April that the UK government wishes to have more information about communications, including visits to online chatrooms and social network sites such as Facebook, collected by communications firms for use by UK security services. The consultation document is called "Protecting the Public in a Changing Communications Environment".

Phorm here to obscurity?

Phorm is a behavioural advertising tool that can be used to analyse a customer's web surfing habits to enable targeted advertising.  The use of Phorm has resulted in a number of concerns being raised within the technology sector over individual privacy and data protection.  The Open Rights Group being particularly vocal.

The EU have, on 14 April, launched legal proceedings against the UK over problems with the UK's implementation of EU ePrivacy and personal data protection rules.  They have concluded that there are "problems in the way the UK has implemented parts of EU rules on the confidentiality of communications" and have asked the UK to respond to their questions in this first stage of the proceedings within 2 months of 14 April 2009.  The full press release can be found on the Europa website.

The Open Rights Group wrote to to the biggest users of the Internet (namely Amazon, eBay, Facebook, Google, Microsoft and Yahoo!) asking them to opt-out of the use of Phom technology.  Webwise, the name Phorm is being marketed under, does enable ISPs to opt-out of its monitoring services, however, due to the way the system works the contents of all websites visited will still be mirrored to the Phorm system but not analysed.

Both Amazon and Wikipedia have chosen to opt-out of Webwise.  Amazon stated simply that "We have contacted Webwise requesting that we opt-out for all our domains".  Wikipedia's statement was slightly more enlightening.  Wikipedia stated "After some internal discussion on whether opting out of the Phorm user-profiling system in the UK would legitimize it, we're going ahead and requesting an opt-out for all the domains under the Wikimedia Foundation's control".

Maybe Phorm will not prove as controversial as first thought if other major users of the Internet (and then maybe all of them) opt-out.  We wait for further developments.

Forever and a day...

Defamation cases and the internet have been comfortable bedfellows, particularly given the proliferation in user generated content on the internet. The internet affords the average person (and the commerical publisher) the ability to insult any number of people with the least amount of effort. Defamation is regarded as a necessary qualification of free speech: you can see what you like about someone, as long as you are willing to be held accountable if what you say is defamatory.

The law on defamation in the UK has changed a little in relation to the developing technological landscape, but many of the fundamentals of the law of defamation haven't changed in quite some time. Several Victorian and early 20th century cases have influenced how the law applies in an internet context. One effect of applying these historic tests to publishers of material on the internet has caused particular concern, that of multiple publication.

If an allegedly defamatory statement is published, the wronged party has one year from the date of publication to bring an action against the relevant wrongdoer, under UK law. This limitation period enhances legal certainty; if a statement is published and nothing has happend within 12 months, no cause of action can be initiated against that particular publication.

The peculiar problem on the internet is how long statements linger. If a web page with a defamatory statement is published online, it is usually accessible for quite a long time. The Courts here have applied the traditional rule; 'publication' takes place every time material is made available, with no exception for materials on the internet (see Loutchansky below).

This is not great for online publishers, as it means potential liability for a defamatory statement for an extended period. The Times recently asked the European Court of Human Rights to look at this. The Times' view was that this extendable limitation was an unreasonable restriction on free speech, as protected by article 10 of the European Convention on Human Rights. The European Court of Human Rights disagreed, hence someone can still potentially be liable for defamation in the UK for publication of a defamatory statement more than a year after it is first published.

I think this is pretty unfair as it means online publishers are subject to the degree of uncertainty that a potentially indefinite right of action creates. I also feel quite sorry for the Times, who were the unsuccessful defendant in one of the main cases on this point of law in the UK, Louchantsky v Times, and then lost before the European Court of Human Rights when citing the same case.

Cyber-squatting on the rise

A recent survey by brand protection firm MarkMonitor reported that the number of cyber-squatting incidents rose by 18% in 2008 to a whopping 1,722,133. 

It came as no surprise then when WIPO reported on 16 March that it had received a record number of complaints under its dispute resolution procedure in relation to domain names registered in bad faith during 2008. 2,329 people or companies reported instances of cyber-squatting, including Arsenal Football Club, Google, Nestle and Scarlett Johansson.

The most popular targets are successful brands and the most popular motive for cyber-squatting is to make money. But please do not admire the entrepreneurial spirit of cyber-squatters, as more often than not they infringe intellectual property rights by "passing off" (that is, they misrepresent that their site is in some way linked to, or endorsed by, the target brand owner).

Furthermore, some cyber-squatters also infringe registered trade marks (for example, Research in Motion's trade mark for 'Blackberry' has been referenced on a cyber-squatter's web site). The thinking seems to be that the more blatant the infringement, the more likely the brand owner is to cough up cash for the cyber-squatter's domain name.

Normally, brand owners would set their lawyers onto the cyber-squatters, with letters before action being sent threatening litigation unless the cyber-squatter ceases to infringe the brand owner's trade mark rights. However, cyber-squatters have become masters of disguise, using identity shields to mask their identities from the WHOIS searcher, which means that it is hard to identify where and to whom letters before action should be sent. This fact, along with the other benefits of resolving a domain name ownership dispute by dispute resolution, explains why brand owners are using the domain name dispute resolution routes such as the UDRP instead of bringing court proceedings against the infringer.

To combat the rise in cyber-squatting, WIPO is proposing to introduce a paperless dispute resolution procedure for .com, .net and .org domains, as well as a number of more recently introduced domains such as .aero, .asia, .biz, .cat, .coop, .info, .jobs, .mobi, .museum, .name and .travel (the eUDRP).  Nominet already uses its own paperless dispute resolution procedure. 

Google vs PRS - and pebbles on a beach

This Naked Lawyer is distressed to read that YouTube is to be stripped of music videos in the UK.  Everyone is up in arms: the public (check out some of the comments on the Guardian article) and journalists (including those at Radio 1, who say "it's a lose lose situation").  Google (owners of YouTube) blame the Performing Rights Society, following the breakdown of negotiations:

"PRS is now asking us to pay many, many times more for our licence than before. The costs are simply prohibitive for us - under PRS's proposed terms we would lose significant amounts of money with every playback."

Guess who the PRS blames?

"[We are] outraged on behalf of consumers and songwriters that Google has chosen to close down access to music videos on YouTube in the UK ... [Google wants] to pay significantly less than at present to the writers of the music on which their service relies."

It is disappointing that the battle for supremacy in the digital era between content owners (represented by the PRS) and content distributors (like Google) is being played out quite so publicly and so much to the detriment of users (and presumably artists, who won't receive anything from YouTube plays if no deal is reached with the PRS).  I am sure that there is a bit of posturing here and a deal will be done eventually - but in the meantime we all lose out.

I (hazily) remember a provocative presentation by Alexander Carter-Silk at the SCL conference last year in which he said that "content is no longer king" and talked about content as "pebbles on the beach":

"the content owner must de-facto control the means of replication and/or distribution to retain value in the copyright work ... if the creative work is a pebble on the beach no amount of legislation will make the pebble valuable".

I am particularly concerned about the likely detriment to the progress I was making in learning the open chords of the Kings of Convenience's back catalogue.  Know-how and Misread (and perhaps Paul Weller's Broken stones) might need to wait until Google and the PRS have finished squabbling.

Not a boring facebook story

You cannot say that working at Ivell Marketing & Logistics is boring, as one employee found out to her cost at the end of February. Ivell Marketing & Logistics is a firm with offices in Shanghai, Xiamen, Guangzhou, Kaohsiung and Clacton-on-sea. 

One employee, Kimberley Swann, 16, had been working in the Clacton office for three weeks when she was fired by the firm after sounding off on her Facebook page about her job being boring. The comments were brought to her employers' attention by the employee's Facebook friends who worked at the same firm. Her employer decided that the disrespect and dissatisfaction shown undermined the employer-employee relationship and made it untenable.

As Miss Swann had been employed for less than one year, she is unable to bring a claim for unfair dismissal. We will, therefore, never know whether an Employment Tribunal would have found the dismissal unfair. (Miss Swann's mother however is in no doubt that it was, pointing out that Kimberley "says Clacton is boring but we're not going to throw her out of the house for it.")

This case highlights that comments on social networking sites cannot be regarded as private. The BBC have published their report and interview with the employee in question on-line. 

One crumb of comfort for Miss Swann and other Facebook users is that Facebook has reverted to its original terms and conditions of use after a row erupted over changes proposed at the beginning of February which The Consumerist summarised as meaning that "anything you upload to Facebook can be used by Facebook in any way they deem fit, forever, no matter what you do later".

Mark Zuckerberg, the founder of Facebook, commented on 17 February "Over the past few days, we received a lot of questions and comments about the changes and what they mean for people and their information. Based on this feedback, we have decided to return to our previous terms of use while we resolve the issues that people have raised."  Which news is certainly welcomed by several members of the Naked Law team, amongst others.

Incidentally, for those that are interested, the actual comment made by Kimberley Swann was: "ma job it pointLESS". However, Ivell Marketing did not cite Miss Swann's blatant disregard for the English language as a reason for her dismissal.