Helping Users Avoid Fraud Sites and Get the Real Firefox

A while back I posted on some of the various Firefox fraud schemes and deceptive sites that trick users into paying for Firefox or downloading malware branded as Firefox. The goal was to explain how we analyze these matters and discuss the tools available to address the problem.  Gerv recently posted on this as well – which was great.

What my last post on this subject didn’t do was talk about the specifics of particular cases. I can’t do that for a number of reasons – there are legal implications and in some cases what we say is constrained by law. However, we can do a better job of keeping those that submit reports informed, and a general update is long over-due, so here goes:

Over the past nine months, these are some of the activities we’ve undertaken in response to user reports we’ve received and activities we’ve discovered:

• Asserted claims that caused 15 European (mostly German) sites to discontinue their deceptive practices involving Firefox and Thunderbird. These were the result of injunctions or cease and desist efforts (German courts have issued seven legal injunctions in response to our applications);
• Reviewed more than 4,300 sites;
• Reported a host of sites to regional consumer protection agencies;
• Recovered 50 or so domains that were engaged in questionable activities (i.e. subscription traps or distributing malware);
• Caused 122 US sites to discontinue unauthorized or infringing  practices in response to our requests; and
• Alerted search engines to these practices when we thought they would act.

More info on European and US activities is available here. While this is really good, there’s more to be done.  Ultimately, we’ll need to address some of the even larger syndicates using legal tools. It seems operators of some of these sites are making so much money from the scams that they will spend even more money to assert frivolous defenses to keep it going.   Fortunately, the courts have to date, seen through these technical defenses.

Cease and desist campaigns, or filing injunctions where possible, is not a scalable or cost effective approach in the long run however.  Already, about 30% of Mozilla’s legal matters are trademark enforcement related.  Long term, to really scale to meet this problem, we’re going to need to explore alternative approaches that utilize organizations like Stopbadware.org, so users can be notified in advance when they end up on these sites.  In combination, we may also need more messaging to warn users about the subscription traps that exist. In the interim, however, we’ll continue to utilize the tools we have so fewer users are scammed and more get the really great product contributors have created.

As Asa Dotzler Tweeted recently: “If you’re being asked to pay for Firefox, it’s a scam! Firefox is absolutely 100% free. Always get Firefox from http://mozilla.com Please RT”

More to come.

Upcoming Lecture by Paul Krugman

Interesting historical economic analysis by Paul Krugman on monetary and fiscal crisis. See “draft lecture” notes here. The conclusion is sadly telling about human nature when he describes how the long term fix is viewed as too radical and thus we opt for partial measures which avail us nothing.

CDT Comments in Federal Trade Commission Privacy Roundtable

Just had some plane time and a chance to read the Center for Democracy and Technology’s  comments submitted to the FTC on business practices for the collection and use of consumer data. If you haven’t already read it -and you’re interested in privacy- it’s very informative and raises some compelling points.

The FTC is conducting a public roundtable discussion to explore this topic further and gather views and recommendations. A host of other parties have also submitted comments and the first discussion is in Washington, D.C. on December 7, 2009.

In short, the CDT argues that the current framework of notice, consent, and security is insufficient because consumers are still left exposed to unfair practices even though they were technically informed by the privacy policy of the service provider.  CDT goes on to urge the FTC to adopt a more comprehensive privacy framework described as Fair Information Practice Principles.

CDT also makes a number of specific recommendations for FTC action, including:

• The FTC should reaffirm that violating FIPs can result in consumer harm. The Commission should pursue enforcement actions against those engaged in unfair practices, not just in the spyware space, but in the general realm of online consumer privacy.  The FTC should use these actions to highlight violations of any or all of the FIPs, not merely notice, choice, and security. Query whether this would provide a cause of action for toolbars or add-ons that furtively change user preferences?
  
• The FTC should encourage Congress to pass general consumer privacy legislation that is based on a full set of FIPS. Self-regulation cannot adequately protect consumer privacy…
• The FTC should consider drafting its own set of consumer privacy rules if it is granted standard rule making authority to clarify basic privacy expectations for consumers and businesses alike.
• The FTC should explore creating benchmarks and metrics for evaluating company privacy polices.

Although very subjective, this notion of “fairness” really resonates and may have (should have) broader implications.  There is plenty of room to better incorporate such principles in privacy policies, terms of use, and new web services that are presented to users, but at the same time fairness should also include some reasonable balance between the interests of both users and service providers.  No doubt there’s going to be a lot more discussion on this topic and more to learn here.

Creative Commons Research & Findings on Non-commercial

Creative Commons released the results of an interesting survey to “explore understandings of the terms “commercial use” and “noncommercial use” among Internet users when used in the context of content found online.” Read and enjoy here.

This is some good work that can create a better understanding of what “non-commercial” means. I know many folks, including myself, have struggled from time to time with what it means exactly, as in “is this use commercial?”  The survey seems to confirm that the definition is a function of the circumstances and numerous factors around the use, but people seem to share at least a general understanding.  Look forward to further analysis of the findings.

Bay Bridge Engineering

This weekend they’re taking out a 3,200 ton section of the Bay Bridge that connects San Francisco to Oakland and replacing it with a new section connecting to an alternate road. (needless to say the bridge is closed until Tuesday 5am)

I know this is geeky, but this is pretty cool. Although a bit of a traffic nightmare, sometimes you gotta let go of what you have to get what you want.  Pretty excited to see this happen around 1pm PST, Friday.  There are some web cams here with more detailed info:

http://baybridge360.org/

http://baybridgeinfo.org/1/index.html

Better, Faster, Cheaper Negotiations? Take the Survey and Let Us Know

Click here to take the survey

One topic that many legal practitioners have talked about lately (and for years actually) is legal friction. Legal friction can describe many kinds of obstacles from regulatory to course of dealing, but most often it describes the impediments (delay and fees) encountered when negotiating transactions whether for software, services, or any form of property. More specifically legal friction happens when the commercial terms are generally agreed but prolonged negotiations continue while each party attempts to work out the legal terms. No doubt this is a pain point for both the business owners and counsel.

The legal terms effectively allocate risk between the two parties based on some perception of likely contingencies and risk profiles.  Sometimes they’re really important and form key parts of the deal, but most often not.  Unfortunately the problem is exacerbated by the fact that everyone drafts their own terms in a manner they think is best and often most favorable to their own interest. Since each term is handcrafted to perfection, the other party has to examine each term to determine if it comports with their own requirements. This adds unnecessary time and expense and delays starting on the actual commercial arrangement which is the whole point.

In the FOSS space, the open source licenses themselves reduce legal friction to the extent the rights and obligations of the parties are known, immutable, and seemingly well understood. Thus, there’s no negotiation over the terms. Creative Commons has also done this really well so the focus is on the exchange of the creative and the actual agreement doesn’t get in the way.  Recently there were some standard venture capital terms published by TheFunded as reported by Venture  Beat that serve the same purpose.  In each of these cases, the standardized agreements represented a clustered set of terms with values of simplicity and market norm, that work for some set of transactions.

Given the above, it seems like the same concepts could be extended for other kinds of software and technology transactions with just a little modification.

• Suppose there were a set of reference terms (atomic v. whole licenses) that were available for transactions that were widely adopted. In this setting, parties could incorporate the standard terms to reduce negotiation friction and uncertainty.
• Ideally the terms would represent a range of values, including the compromise positions that are fair to both parties.  Such terms could even be used in online terms of service agreements.
• In the maritime world when shipping goods was the thing and property was “real” the INCO terms were heavily used to allocate risk, i.e. FOB.  So in this context, imagine a set of terms that worked for IP and service based transactions that could be incorporated into agreements to varying degrees.

Obviously there are a few small details like developing the reference terms and getting adoption, but it seems like there is a fair amount of pain in this area so I suspect there are folks who would want to work on the solution.  If this has already been done or tried, please advise, but if not, would welcome feedback via the survey below or post a comment if it works better for you. The goal is to determine if any of these assumptions are correct and to test the viability of potential solutions.

Click Here to take survey

Thoughts on Microsoft’s Settlement Proposal in the European Commission’s Tying Investigation

When the European Commission (EC) investigation started we articulated some principles we thought were essential for any remedy. Asa Dotzler did an exhaustive comparison of those principles against Microsoft’s proposal that can be found here. We’ve had some time to think more about Microsoft’s settlement proposal with the benefit of further clarifications from Microsoft about their intent. Overall, the proposal is a good step forward that if earnestly executed could improve browser choice and reduce the likelihood that non-IE choices are undermined by operating system behavior. The ultimate success of the proposal,  however, will depend on Microsoft’s long-term commitment to realize not just the words of the proposal, but its spirit, so a lot still remains to be seen.

Mitchell Baker provides some big picture observations about the proposal here. In the material below we’ve tried to articulate in detail those key aspects of the proposal that need modification (Protecting User Choices and the Ballot Mechanism). Our assumption is that the EC and Microsoft may be close to a resolution; thus, the ability to radically change the proposal may be constrained as a practical matter, but I’d welcome feedback on other essential terms or clarifications that may be missing.

Protecting User Choice of Non-IE Browsers:

Our most urgent concerns in the EC investigation related to protecting a user’s choice of a non-IE browser. The proposal largely addresses those concerns and should merit support if certain deficiencies are corrected.  These are described below:

Windows Update.  Not offering updates through Windows Update to an off-switched IE is a good start.  But most users won’t have IE turned off, even if they have other browsers as their default.  When IE is not the default, any launch of IE, user intended/initiated or not, may prompt the user to restore IE as his default browser. This may be a reasonable action for an intentional user-initiated launch of IE, but it’s an abuse when it’s not user-initiated and has the impact of undoing user choice.  Perhaps the language in Section 1, Paragraph 1 which states that “it [IE] can only be turned on through user action specifically aimed at turning on Internet Explorer” is designed to capture this, but it could be clarified to eliminate any uncertainty. Thus, the proposal should be modified to expressly state that Microsoft cannot use Windows Update to trigger any “Make IE the default” consideration unless the user launched IE intentionally and not just as a requirement of another process.

Tie-ins with Microsoft Applications.  Not including links, shortcuts, or icons for launching an install or download inside of Office 2007 is a good start; however, it’s just not enough.  Microsoft Office 2007 and other Microsoft programs should not “hard code” links, shortcuts, or icons to launch an already installed IE when IE is not the default browser.  If Microsoft applications need to launch a browser, they should only launch the user’s default browser.  Otherwise, with every launch of IE from its other applications, Microsoft is prompting the user to restore IE to the default status.  This has the effect of pressuring users to undo their default browser choice.  Thus, the proposal should be modified such that this provision applies to all Microsoft desktop software, and certainly to the already announced Office 2010.

Ballot Mechanism:

If a ballot is going to help provide consumers a meaningful choice, the proposal needs to be modified a bit. Below are some key aspects of the ballot that are currently not addressed sufficiently or that need modification.

Ballot Application.  The proposal states in Section 2, Paragraph 7 that “Microsoft will distribute a Ballot Screen software update to users within the EEA of Windows XP, Windows Vista and Windows Client PC Operating Systems, by means of Windows Update as described hereafter:..” The proposal later states in Section 2, Paragraph 8 that “The Ballot Screen will give those users who have set Internet Explorer as their default web browser an opportunity to choose whether and which competing web browser(s) to install in addition to the one(s) they already have.” It is unclear how this applies in the OEM channel. If Microsoft or other 3^rd parties have paid for pre-installation of IE (or an IE derivative) in the OEM channel, the ballot mechanism should still apply. As currently drafted the ballot mechanism seems to only apply to “those users who have set Internet Explorer as their default web browser.” Does this include users who bought a PC with IE pre-installed? If not, it should. Perhaps this is an oversight or unintentional ambiguity.  Nonetheless, this aspect of the proposal should be modified such that it is clear that the ballot mechanism applies if IE is pre-installed by OEMs.

There’s another more complex question of whether the ballot should apply to any browser pre-installed with OEM distributions.  Some would say it should, since there are only a few parties who can compete economically in the distribution game, so why tie Microsoft and leave everyone else free to engage in the same behavior. Conversely, such other parties are unlikely to have monopoly power in the operating system market, nor are they the subjects of an investigation based on practices found to be anti-competitive. In the absence of an overwhelming and compelling justification, it seems unwise to tinker with this any more than is necessary, but it still doesn’t seem quite right.  I suspect these are exactly the kind of unintended consequences Mitchell Baker expressed concern about initially.

Download Process. A download link is insufficient for fulfilling user intent.  If a user clicks the download Opera link in the ballot, he is signaling intent to, at a minimum, try out Opera. Our data shows that only ~55% of users who click a download link will be able to complete the process of downloading and installing so that they may at least try out the new browser.  A download link, therefore, is insufficient to fulfill user intent. The most valuable change to promote the likelihood of fulfilling user intent would be to have the link trigger both the download and the execution of the installer at download complete. The second most important change would be to have the download also launch the vendor’s instruction page for completing download and install of the new browser.  Obviously this is a complex process that will take some thinking, and to make it really work, we would strongly recommend that the proposal include a Microsoft commitment to work with browser vendors directly in an informal group (including the EC) so the ballot implementation can be informed by the knowledge and experience of other browser providers. To date, Dave Heiner, Microsoft’s Vice President and Deputy General Counsel, has been receptive to comments from those outside of Microsoft. We hope this continues as the development teams engage more fully in making the ballot work as intended.

Ballot Screenshot.  The ballot as described in the screenshot is not unbiased as MS claims in the written proposal. It suffers from two major bias issues.

The first is that IE may become the default browser in more scenarios than the alternative browsers. IE may become the default by being selected. It may also become the default if the user simply ignores the ballot. It may also become the default if the user is unable to figure out how to use the ballot. Finally, it may become the default even if the user expresses a desire to try one of the other browsers but fails to achieve an alternative browser install (point 1. above.) The other browsers have only one, difficult and failure prone scenario to becoming the default. I don’t know how one would remedy this except partially by requiring the user to make a choice rather than treating no choice as a user preference for IE.

The second issue of bias is the ordering of the browser choices on the ballot. When presented with a question that interrupts the user’s “flow” the most common user response is to take actions, without serious consideration, that will remove the interruption. That often results in users simply closing the Window containing the interruption or in choosing the button or option they believe is most likely to remove the Window.  We strongly suspect that placement matters, and being the farthest most left position has some inherent advantage. Thus, having a mechanism to equitably mitigate this inherent advantage would make this a much better remedy. This will likely require further evaluation and testing, so the notion that the proposal can be adopted, implemented, and filed away, without subsequent iteration doesn’t seem plausible.

De-selection of IE. Section 2, Paragraph 8 further states that “Microsoft shall ensure that in the Ballot screen users will be informed in an unbiased way that they can turn Internet Explorer off.” Merely advising the user with text on how to turn IE off in the ballot is simply not enough to achieve the intended purpose of the remedy. The commitment should be modified so that IE is turned off seamlessly when the user selects a non-IE browser through the ballot screen, rather than through a separate procedure.  Even if a user does succeed in choosing and successfully installing an alternative browser as his default, IE will still occupy prominent real estate on the Desktop and Start Menu. The other browsers do not have this luxury and the advertising opportunity it provides merely through placement.  Consequently, the best way to ameliorate this is to offer the user the opportunity to _replace_ IE rather than to simply join it on the desktop. This could take the form of a “make this browser the new default and turn IE off when that’s done” option in the ballot.  Alternatively, Microsoft could provide an API to the IE off switch that could be used in the installers of other browsers to effect the same change.

Education. The ballot, as proposed, does nothing to educate the user as to what a Web browser is or how different browsers might offer different experiences. A user with no understanding of what a browser is and no explanation in the ballot to educate him will likely just dismiss the window as an unexplainable interruption. The ballot should introduce the user to at least a simple definition of what a browser is before offering the user a choice in browsers. It should probably go one step further and explain that the different browsers compete for superiority in the areas of ease of use, security, and customizability. A two-sentence introduction with this information will help users make a meaningful choice.

Testing and Evaluation. The term of the proposal is five years; however, there are no interim evaluation milestones. To evaluate the efficacy of the remedy, there must be some ongoing evaluation, otherwise how will we know if the ballot proposal made a difference, and if so, what did it actually change. Thus, an annual review by the EC should be part of the proposal. The review should include only data derived from public sources and Microsoft that comports with all applicable privacy directives.

——————-

For now, these seem to be the minimum set of changes required for an effective remedy. There are numerous other terms that could be adjusted, but these key points should be considered and addressed before adopting the proposal.

I’d like to thank Asa Dotzler who made significant contributions to this post.

What’s the Problem with Theora?

So what’s the problem with the Theora decoder? From what I can see, there is no problem.  The story ranges from it’s not good enough to some unnamed “IP” problem that supposedly lurks down the proverbial dark alley.  Theora serves the purpose of a good quality, open, general-purpose web video decoder that everyone can use today without taking licenses.  Sure, there may be other codecs for different use cases, but for now we need at least one good, open, and unencumbered codec.

Two objections come up: one related to quality at given bit rates, the other related to unspecified IP encumbrances.  As to the first, there are ample discussions on quality by folks far more qualified than myself.  As to the second, I don’t see a problem and here’s why.

Does Theora comply with the W3C licensing policy? Yes. The licensing goals articulated by the W3C in Section 2 of the Patent Policy are to promote the widest adoption of Web standards that can be implemented on a Royalty-Free (RF) basis.  Thus, to qualify to be a W3C standard for the HTML 5 video tag, any codec must comply with the W3C Royalty-Free (RF) Licensing Requirements. (At the risk of over-simplifying, a bunch of folks who know alot and have many valid opinions have to agree as well).  The RF requirements provide in relevant part that “With respect to a Recommendation developed under this policy, a W3C Royalty-Free license shall mean a non-assignable, non-sublicensable license to make, have made, use, sell, have sold, offer to sell, import, and distribute and dispose of implementations of the Recommendation…” The policy further enumerates ten conditions that define detailed terms of the license requirements.

In this case, we know that Theora was derived directly from the VP3 codec originally developed by On2. In 2001, On2 open-sourced the VP3 codec and gave xiph.org a license to further develop and redistribute VP3 as part of Ogg under a BSD license.  The VP3 codec is what we now know as Theora. See FAQ on VP3 and Theora.  It’s nearly identical to VP3, varying only in framing headers.  At about the same time On2 open sourced VP3, On2 issued an express and unequivocal patent non-assertion statement related to VP3.  The statement, shown below, can be found publicly in the  VP3 libraries under libtheora 1.0:

“In addition to and irrespective of the copyright license associated with this software, On2 Technologies, Inc. makes the following statement regarding technology used in this software: On2 represents and warrants that it shall not assert any rights relating to infringement of On2’s registered patents, nor initiate any litigation asserting such rights, against any person who, or  entity which utilizes the On2 VP3 Codec Software, including any use, distribution, and sale of said Software; which make changes, modifications, and improvements in said Software; and to use, distribute, and sell said changes as well as applications for other fields of use. This reference implementation is originally derived from the On2 VP3 Codec Software, and the Theora video format is essentially compatible with the VP3 video format, consisting of a backward-compatible superset. On2 represents and warrants that it shall not assert any rights relating to infringement of On2’s registered patents, nor initiate any litigation asserting such rights, against any person who, or entity which utilizes the On2 VP3 Codec Software, including any use, distribution, and sale of said Software; which make changes, modifications, and improvements in said Software; and to use, distribute, and sell said changes as well as applications for other fields of use.”

Thus, we have an affirmative non-assertion statement by On2 declaring the use of VP3 (Theora) free of any patents owned by On2.  The statement is unconditioned and unqualified, unlike most actual licenses (meaning you can’t breach their non-assertion statement) and in substance it meets all of the W3C Royalty Free (RF) Licensing Requirements. The RF policy expressly allows the grant of a license to be “limited to implementations of the Recommendation and to what is required by the Recommendation.” Thus, it’s my interpretation the non-assertion statement applies to any and all On2 patents that cover the Theora reference implementation.

It seems clear that On2 intended that VP3 (implemented as Theora) would be available on an unencumbered basis for anyone to use. Perhaps On2 will further clarify or restate its intentions. Conversely, I don’t see a scenario where On2 could successfully assert a patent claim against anyone for implementing Theora (not to mention that it would contravene their good intentions).

Is Theora encumbered by patents? The process generally consists of looking at any patents held by the creator of the specification.  We did that and found On2 relinquished any claims on the Theora implementation consistent with the W3C policy.  The inquiry usually ends here.

Additional investigation further suggests that Theora is not encumbered. Theora has been around for a long time absent any claims as far we know.  Undoubtedly, VP3 has also received significant due diligence from customers of On2.  More importantly, VP3 was designed specifically to avoid any relevant patent thickets.   For more on this point, see the video from a recent Mozilla brown-bag discussion featuring Dan Miller, a co-founder of On2, along with Davis Freeberg, a video codec enthusiast, where Dan talks about the genesis of Theora. We also know that several companies have distributed Theora, including Apple which at one time made VP3 available for download as a Quicktime component.

Some additional precepts also inform the resulting conclusion. First, no recommendation or standard is ever “patent proof.”  At best, participants of the working group grant licenses, but that only covers participants. Similarly there are patent pools that grant licenses, but again, those only cover rights for the participants in the pool. So there’s always the possibility of a claim from those outside the standards group or patent pool.  Note, this is not to say in any way, that there’s no value in such groups, but the perception that they operate as a guaranteed prophylactic is false.

Based on what we actually know, Theora looks good.  It complies with the W3C patent policy and goals, and there haven’t been any patent claims that would indicate otherwise.  I welcome any comments, or better yet, anyone that wants to shed some further light in that dark alley.

40th Anniversary of EOP and Marquette Alumni Reunion

This weekend is alumni reunion weekend at Marquette University. For me its for my 25th reunion – yet another I’m going to miss, but this one feels different.  I want to be there.  It also marks the 40th anniversary of the Educational Opportunity Program, a federally funded TRiO program.  TRiO, is an academic program that motivates and enables low-income and first generation students, whose parents generally didn’t go to college, to attend and graduate from post-secondary educational institutions. I’m a Marquette EOP graduate and grateful.

I can’t begin to describe the impact the folks at EOP had on me and the other students in the program.  At the time, the program was designed to help ethnic students graduate from predominantly white institutions.  Admission was one thing, but matriculation was another.  The idea was to provide both academic support and counseling to fill the gap as necessary.  There were 100-200 students from all ethnic backgrounds in the program when I was there. At first, I didn’t get the cultural gap that some folks experienced when they first arrived on campus. For some who came from segregated urban environments, they had rarely interacted with people outside their ethnic group and community, much less in a rigorous academic environment.  There was tuition aid as well, but that wasn’t the half of it.  In addition to providing tactical and academic support, what they really did was help us realize our potential and get out of our own way.

There are a few moments that I remember distinctly.  As a freshman, I wasn’t too focused on academics (a bit of an understatement). My counselor, Howard Fuller (a community activist, educator, secular leader), met with me every few weeks.  The end of quarter meeting was the most dreaded.  He sat me down and kept asking me why this, why that,  “why, why, why” demanding me to be honest about why my grades sucked.  He was brutal on me and others. He told me about the talented 10th and explained my obligations. He made it clear that being marginal was not acceptable.  He gave me specific tools and direction. Most of it turned out to be show up, show up on time, pay attention to your choices and the consequences, and work hard. He gave me everything I needed at that moment.

Later Sande Robinson, now the director of the Marquette EOP, continued to provide the same guidance and assistance. Most of all she believed in us and created opportunities for us to succeed and develop confidence.  The best was a night security job at one of the campus buildings that provided no other opportunity but to study while I “guarded” the rarely opened door.  A bit better than my other job working as a bouncer at a local bar.  Sande was always there to talk about what was going on in our lives. She recognized we were individuals, we would make mistakes, but she tried to help us avoid and mitigate those ill-advised decisions.

During that time I also got to know Dr. Arnold Mitchum (“Mitch”), then director of EOP, and head of the national association of Trio programs where he lobbied for educational funds at the national level.  Mitch also changed my life. I loved hanging out with him. He has a brilliant mind, an insightful knowledge of history, an infectious laugh, all combined with action. He brought me into his family, showed me that no matter what path you’re on, you can change it.

Mitch is a policy wonk as I aspired to be at the time.   He shared his reading list with me. I learned to ask people what they read.  I wanted to work on the Hill, but I didn’t know how to get a job there. He told me with confidence “walk the halls” every day.  I did.  I got my first job working for Senator Levin (D-MI). On my last day at Marquette, I was over at his house.  I was really scared as a new graduate heading back to D.C. The last thing he said was “it’s going to be all-right” with a warm smile radiating the confidence of his experience. He gave me what I did not have.

He was correct. There were a few more lessons to learn no doubt, but they did their job, rather their vocation, for which I am eternally grateful. For all of you folks at MU this weekend, especially you “ethnic alumni” as you’re now called, enjoy and thank you!

FOSS Projects Working Together to Invalidate Patents

As many of you may know, there are a number of initiatives around regarding prior art that all tackle the problem of software patents from different angles.  Whether its Open Invention Network’s  Linux Defenders, post issue P2P, or our own infant Prior Art Share project, each relies upon an underlying principle of cooperation.  The fact is that the ultimate defense – the way to eliminate a patent – is via prior art. It’s no doubt harder, but permanent, like sunlight to vampires.

Non-infringement arguments work, but only for the specific implementation. Ofcourse when you’re the defendant, you’ll gladly take either, but the real challenge is finding good prior art and developing it into admissible evidence within the time constraints of an actual patent case with a tight trial schedule. It can both invalidate the claims and/or narrow infringement arguments. Even if you can’t invalidate, prior art can establish safe zones — you can’t infringe by practicing what was “known” prior to the invention.

Notwithstanding the various projects, imagine a world where an attack on one is an attack on all, and developers across multiple FOSS communities responded to a call to action, in a coordinated and organized fashion, to find relevant non-patented prior art in response to the assertion of a patent against a FOSS project. Something like a NATO pact, but workable and without all the politics. The global hunt for prior art would happen not after the 3rd or “N” settlement, but in the first instance. In such a setting, a potential plaintiff would have to carefully evaluate the risk of asserting its patent because if found invalid, the asset would be worthless, and the licensing/royalty game would be over.  We did this once before years ago in the Wang v. Netscape patent case, and it worked. In response, developers provided a massive amount of prior art we would have never found on our own.

This theory is again in action, see Red Hat’s blog on the subject. If you want to contribute your knowledge on prior art related to the Tom Tom case (programs, documents, publications, prior to the date of the patent, that disclose the elements of the claims) they’re collecting prior art references here. Obviously, there are other long term techniques like defensive publications, advance tagging of software programs so prior art is found more easily, eliminating software patents via legislation, but in the short term, cooperation may be the most effective technique.  For those interested, the network is already in place, and if you’d like to get involved let me know.