Comments supporting DMCA jailbreaking exemption

Every three years the US Copyright office, examines whether it will renew certain exemptions to the DMCA. In 2009 we submitted arguments supporting the EFF’s petition for the exemption of  jailbreaking from the DMCA. The Copyright office granted the exemption in 2010 which now expires at the end of 2012.

Although it seems a bit silly to have to do this every three years, we’re going to again file a brief supporting the exemption for jailbreaking, also known as “rooting.” EFF has more information here on the arguments and the process.

Based on feedback from developers around the Mozilla project, the brief will contend that rooting is important because it’s necessary to achieve competitive application performance on Android mobile platforms, to effectively debug applications, and for regression testing.  In addition, it’s even more critical now as mobile devices surpass desktop, and Internet access increasingly comes from mobile platforms.

We plan to file our comments on Friday afternoon. If you have ideas or thoughts that could be incorporated in the brief, please let us know. Alternatively, you can file your own comments, or if your flavor is petitions go here.

New European Commission Privacy Recommendations

The EC released its new privacy recommendations on Thursday to update the 15 year old EU privacy regime.  The report contains the Commission’s findings from their analysis over the past year and announces an intention to investigate a number areas in more depth with the goal of proposing legislation in 2011.  The impetus as described by the Commission is that today’s challenges “require the EU to develop a comprehensive and coherent approach guaranteeing that the fundamental right to data protection for individuals is fully respected within the EU and beyond.”

I suspect that for some the principles may be perceived as new administrative overhead and obstacles to an “optimum user experience.”  My quick take (personal opinion) is that the findings and areas of study represent a move in the right direction.  Ofcourse, the devil is in the details which will evolve over the coming year, so we’ll see. As the EC develops its new framework, finding reasonable and practical ways to implement the proposals will be essential to their success.

This is even more interesting given that the US Federal Trade Commission has indicated its coming out with recommendations soon. These would also likely result in legislation next year as well.  It would be great (if not just common sense) to see as much harmonization between the two frameworks as possible. We can still dream.

Welcome any thoughts or observations about the proposal. Some highlights from the report are shown below, but the report is worth the read.

  • The Commission will consider how to ensure a coherent application of data protection rules, taking into account the impact of new technologies on individuals’ rights and freedoms and the objective of ensuring the free circulation of personal data within the internal market.
  • The Commission will examine ways of clarifying and strengthening the rules on consent.
  • The Commission will consider:
    • introducing a general principle of transparent processing of personal data in the legal framework;
    • introducing specific obligations for data controllers on the type of information to be provided and on the modalities for providing it, including in relation to children;
    • drawing up one or more EU standard forms (‘privacy information notices’) to be used by data controllers.
  • The Commission will therefore examine ways of:
    • strengthening the principle of data minimisation;
    • improving the modalities for the actual exercise of the rights of access, rectification, erasure or blocking of data (e.g., by introducing deadlines for responding to individuals’ requests, by allowing the exercise of rights by electronic means or by providing that right of access should be ensured free of charge as a principle);
    • clarifying the so-called ‘right to be forgotten’, i.e. the right of individuals to have their data no longer processed and deleted when they are no longer needed for legitimate purposes. This is the case, for example, when processing is based on the person’s consent and when he or she withdraws consent or when the storage period has expired;
    • complementing the rights of data subjects by ensuring ’data portability’, i.e., providing the explicit right for an individual to withdraw his/her own data (e.g., his/her photos or a list of friends) from an application or service so that the withdrawn data can be transferred into another application or service, as far as technically feasible, without hindrance from the data controllers.
  • The Commission will examine the following elements to enhance data controllers’

    • making the appointment of an independent Data Protection Officer mandatory and harmonising the rules related to their tasks and competences31, while reflecting on the appropriate threshold to avoid undue administrative burdens, particularly on small and micro-enterprises;
    • including in the legal framework an obligation for data controllers to carry out a data protection impact assessment in specific cases, for instance, when sensitive data are being processed, or when the type of processing otherwise involves specific risks, in particular when using specific technologies, mechanisms or procedures, including profiling or video surveillance;
    • further promoting the use of PETs and the possibilities for the concrete implementation of the concept of ‘Privacy by Design’.

Better, Faster, Cheaper Negotiations? Take the Survey and Let Us Know

Click here to take the survey

One topic that many legal practitioners have talked about lately (and for years actually) is legal friction. Legal friction can describe many kinds of obstacles from regulatory to course of dealing, but most often it describes the impediments (delay and fees) encountered when negotiating transactions whether for software, services, or any form of property. More specifically legal friction happens when the commercial terms are generally agreed but prolonged negotiations continue while each party attempts to work out the legal terms. No doubt this is a pain point for both the business owners and counsel.

The legal terms effectively allocate risk between the two parties based on some perception of likely contingencies and risk profiles.  Sometimes they’re really important and form key parts of the deal, but most often not.  Unfortunately the problem is exacerbated by the fact that everyone drafts their own terms in a manner they think is best and often most favorable to their own interest. Since each term is handcrafted to perfection, the other party has to examine each term to determine if it comports with their own requirements. This adds unnecessary time and expense and delays starting on the actual commercial arrangement which is the whole point.

In the FOSS space, the open source licenses themselves reduce legal friction to the extent the rights and obligations of the parties are known, immutable, and seemingly well understood. Thus, there’s no negotiation over the terms. Creative Commons has also done this really well so the focus is on the exchange of the creative and the actual agreement doesn’t get in the way.  Recently there were some standard venture capital terms published by TheFunded as reported by Venture  Beat that serve the same purpose.  In each of these cases, the standardized agreements represented a clustered set of terms with values of simplicity and market norm, that work for some set of transactions.

Given the above, it seems like the same concepts could be extended for other kinds of software and technology transactions with just a little modification.

  • Suppose there were a set of reference terms (atomic v. whole licenses) that were available for transactions that were widely adopted. In this setting, parties could incorporate the standard terms to reduce negotiation friction and uncertainty.
  • Ideally the terms would represent a range of values, including the compromise positions that are fair to both parties.  Such terms could even be used in online terms of service agreements.
  • In the maritime world when shipping goods was the thing and property was “real” the INCO terms were heavily used to allocate risk, i.e. FOB.  So in this context, imagine a set of terms that worked for IP and service based transactions that could be incorporated into agreements to varying degrees.

Obviously there are a few small details like developing the reference terms and getting adoption, but it seems like there is a fair amount of pain in this area so I suspect there are folks who would want to work on the solution.  If this has already been done or tried, please advise, but if not, would welcome feedback via the survey below or post a comment if it works better for you. The goal is to determine if any of these assumptions are correct and to test the viability of potential solutions.

Click Here to take survey