Archive for the 'Gaming & Digital Media' Category
By Richard Stobbe
It’s always exciting when there’s a new decision about an obscure 5-year old subsection of the Copyright Act! Back in 2012, Canada changed its Copyright Act to try and drag it into the 21st century. Among the 2012 changes were provisions to prohibit the circumvention of TPMs. In plain English, this means that breaking digital locks would be a breach of the Copyright Act.
In Nintendo of America Inc. v. King and Go Cyber Shopping (2005) Ltd. the Federal Court reviewed subsections 41 and 41.1 of the Act. In this case, the defendant Go Cyber Shopping was sued for circumvention of the TPMs which protected Nintendo’s well-known handheld video game consoles known as the Nintendo DS and 3DS, and the Wii home video game console. Specifically, Nintendo’s TPMs were designed to protect the code in Nintendo’s game cards (in the case of DS and 3DS games) and discs (in the case of Wii games).
The defendants were sued for copyright infringement (for the copying of the code and data files in the game cards and discs) and for circumvention of the TPMs. Interestingly (for copyright lawyers), the claim was based on “secondary infringement” which resulted from the authorization of infringing acts when Go Cyber Shopping provided its customers with instructions on how to copy Nintendo’s data.
The Court agreed that Nintendo’s digital locks qualified as “technological protection measures” for the purposes of the Act. The open-ended language of the TPM definition permits copyright owners to protect their business models with “any technological tool at their disposal.” This is an important acknowledgement for copyright owners, as it expands the range of technical possibilities, based on the principle of “technological neutrality” which avoids discrimination against any particular type of technology, device, or component. To put this another way, a copyright owner should be able to fit into the definition of a TPM fairly easily since there is no specific technical criteria, aside from the general reference to an “effective technology, device or component that, in the ordinary course of its operation, controls access to a work…”
Next, the court agreed with Nintendo that Go Cyber Shopping has engaged in “circumvention” which means “to descramble a scrambled work or decrypt an encrypted work or to otherwise avoid, bypass, remove, deactivate or impair the technological protection measure…”
Lastly, Nintendo sought statutory damages, which avoids the need to show actual damages, and instead relies on automatic damages at a set amount. The court has a range from which to pick. Nintendo suggested statutory damages between $294,000 to $11,700,000 for TPM circumvention of 585 different Nintendo Games, based on a statutorily mandated range between $500 and $20,000 per work. For copyright infringement, the evidence showed infringement of 3 so-called “Header Data” files. The court was convinced to award damages at the highest level of the range.
In the end the court made an award in favour of Nintendo, setting statutory damages at $11,700,000 for TPM circumvention in respect of its 585 Nintendo Games, and of $60,000 for copyright infringement in respect of the three Header Data works. This shows that TPM circumvention, as a remedy for copyright owners, has real teeth and may, in the right circumstances, easily surpass the damages awarded for copyright infringement. On top of this, the court awarded punitive damages of $1,000,000 in light of the “strong need to deter and denounce such activities.” Total… $12.7 million.
Calgary – 07:00 MT
By Richard Stobbe
Ever wanted to remove something after it had been swallowed up in the gaping maw of the internet? Then you will relate to this story about an individual’s struggle to have certain content deleted from the self-appointed memory banks of the web.
The Federal Court recently rendered a procedural decision in the case of Davydiuk v. Internet Archive Canada and Internet Archive 2016 FC 1313 (for background, visit the Wayback Machine… or see our original post Copyright Implications of a “Right to be Forgotten”? Or How to Take-Down the Internet Archive).
For those who forget the details, this case relates to a long-running plan by Mr. Davydiuk to remove certain adult video content in which he appeared about a dozen years ago. He secured the copyright in the videos and all related material including images and photographs, and went about using copyright to remove the online reproductions of the content. In 2009, he discovered that Internet Archive, a defendant in these proceedings, was hosting some of this video material as part of its web archive collection. It is Mr. Davydiuk’s apparent goal to remove all of the content from the Internet Archive – not only the video but also associated images, photos, and screenshots taken from the video.
The merits of the case are still to be decided, but the Federal Court has decided a procedural matter which touches upon an interesting copyright question:
When a screenshot is taken from a video, is there sufficient originality for copyright to extend to that screenshot? Or is it a “purely mechanical exercise not capable of copyright protection”?
This case is really about the use of copyright in aid of personal information and privacy goals. The Internet Archive argued that it shouldn’t be obliged to remove material for which there is no copyright. Remember, for copyright to attach to a work, it must be “original”. The Supreme Court of Canada (SCC) has made it clear that:
For a work to be “original” within the meaning of the Copyright Act, it must be more than a mere copy of another work. At the same time, it need not be creative, in the sense of being novel or unique. What is required to attract copyright protection in the expression of an idea is an exercise of skill and judgment. By skill, I mean the use of one’s knowledge, developed aptitude or practised ability in producing the work. By judgment, I mean the use of one’s capacity for discernment or ability to form an opinion or evaluation by comparing different possible options in producing the work. This exercise of skill and judgment will necessarily involve intellectual effort. The exercise of skill and judgment required to produce the work must not be so trivial that it could be characterized as a purely mechanical exercise. For example, any skill and judgment that might be involved in simply changing the font of a work to produce “another” work would be too trivial to merit copyright protection as an “original” work. [Emphasis added]
From this, we know that changing font (without more) is NOT sufficient to qualify for the purposes of originality. Making a “mere copy” of another work is also not considered original. For example, an exact replica photo of a photo is not original, and the replica photo will not enjoy copyright protection. So where does a screenshot fall?
The Internet Archive argued that the video screenshots were not like original photographs, but more like a photo of a photo – a mere unoriginal copy of a work requiring a trivial effort.
On the other side, the plaintiff argued that someone had to make a decision in selecting which screenshots to extract from the original video, and this represented an exercise of sufficient “skill and judgment”. The SCC did not say that the bar for “skill and judgment” is very high – it just has to be higher than a purely mechanical exercise.
At this stage in the lawsuit, the court merely found that there was enough evidence to show that this is a genuine issue. In other words, the issue is a live one, and it has to be assessed with the benefit of all the evidence. So far, the issue of copyright in a screenshot is still undetermined, but we can see from the court’s reasoning that if there is evidence of the exercise of “skill and judgment” involved in the decision-making process as to which particular screenshots to take, then these screenshots will be capable of supporting copyright protection.
Calgary – 07:00 MTNo comments
By Richard Stobbe
There are dozens of online photo-sharing platforms. When using such photo-sharing venues, photographers should take care not to make the same mistake as Art Drauglis, who posted a photo to his online account through the photo-sharing site Flickr, and then discovered that it had been published on the cover of someone else’s book. Mr. Drauglis made his photo available through a Creative Commons CC BY-SA 2.0 license, which permitted reproduction of his photo, even for commercial purposes.
You might be surprised to find out how much online content is licensed through the “Creative Commons” licensing regime. According to recent estimates, adoption of Creative Commons (CC) has expanded from 140 million licensed works in 2006, to over 1 billion today, including hundreds of millions of images and videos.
In the decision in Drauglis v. Kappa Map Group LLC (U.S. District Court D.C., cv-14-1043, Aug. 18, 2015), the federal court acknowledged that, under the terms of the CC BY-SA 2.0 license, the photo was licensed for commercial use, so long as proper attribution was given according to the technical requirements in the license. The court found that Kappa Map Group complied with the attribution requirements by listing the essential information on the back cover. The publisher’s use of the photo did not exceed the scope of the CC license; the copyright claim was dismissed.
There are several flavours of CC license:
- The Attribution License (known as CC BY)
- The Attribution-ShareAlike License (CC BY-SA)
- The Attribution-NoDerivs License (CC BY-ND)
- The Attribution-NonCommercial License (CC BY-NC)
- The Attribution-NonCommercial-ShareAlike License (CC BY-NC-SA)
- The Attribution-NonCommercial-NoDerivs License (CC BY-NC-ND)
- Lastly, a so-called Public Domain (CC0) designation permits the owner of a work to make it available with “No Rights Reserved”, essentially waiving all copyright claims.
Looks confusing? Even within these categories, there are variations and iterations. For example, there is a version 1.0, all the way up to version 4.0 of each license. The licenses are also translated into multiple languages.
Remember: “available on the internet” is not the same as “free for the taking”. Get advice on the use of content which is made available under any Creative Commons license.
Calgary – 07:00 MSTNo comments
By Richard Stobbe
The Vancouver Aquarium brought an injunction application to stop the online publication of a critical video entitled “Vancouver Aquarium Uncovered”, which used the Aquarium’s copyright-protected materials in a “derogatory manner”, according to the Aquarium.
In the fascinating case of Vancouver Aquarium Marine Science Centre v. Charbonneau, 2016 BCSC 625 (CanLII), the court weighed the Aquarium’s effort to prevent the unauthorized use of their copyright-protected video clips, against the movie producer’s argument that the exposé is on a topic of public interest and shouldn’t be silenced.
This represents the first judicial review of Section 29.21 of the Copyright Act, first introduced in 2012, which covers “non-commercial user-generated content”. In the injunction application the court skimmed over this issue, preferring to leave it to trial. However, the court made passing comments about the availability of a defence which relies on showing that the copyright-protected content was used “solely for non-commercial purposes”. In this case, there was evidence before the court that the movie had recently been screened in Vancouver where attendees had been charged a $10 entry fee. The court also made reference to an Indiegogo fundraising campaign related to the movie production.
Ultimately, the court restricted publication of 15 images and video clips – about 4 minutes worth of content – which the Aquarium claimed to own. The injunction stopped short of attempting to enjoin publication of the whole video, but rather ordered that the defendants remove the 15 contested segments from the video.
If it proceeds to trial, this will be one to watch.
Calgary – 07:00 MSTNo comments
By Richard Stobbe
When a copyright owner suspects online infringement, but lacks evidence of the identity of the alleged infringers, it can seek an order to disclose those details. Canadian law is clear that “A court order is required in every case as a condition precedent to the release of subscriber information.”
A Norwich order is a “litigation tool requiring non-parties to a litigation to be subject to discovery or being compelled to provide information.” In a recent case, Voltage Pictures LLC v. John Doe, 2014 FC 161, a decision released in February, 2015, this tool was used by the Plaintiff (Voltage) to obtain the names and addresses of some 2,000 subscribers of an ISP known TekSavvy Solutions Inc.
Teksavvy said it would only disclose subscriber information if Voltage obtained a court order compelling disclosure. Voltage did obtain its so-called Norwich order, and Teksavvy was compelled to release subscriber information to Voltage, with some controls.
Then Voltage and Teksavvy argued about who should bear the costs for correlating and compiling the subscriber info. The resulting court opinion in Voltage Pictures LLC v. Teksavvy Solutions Inc. 2015 FC 339, makes for interesting reading (if you’re into this sort of thing) regarding best practices for copyright owners and ISPs to manage costs:
- The copyright owner should first ascertain, in advance “with clarity and precision”, the method used by the ISP to correlate IP addresses with subscriber information, and the investment in time and costs based on a hypothetical number of IP addresses. In other words, the copyright owner should ask the ISP: “What methods do you use, how long would it take and how much would it cost if we wanted you to correlate 100 or 1000 IP addresses?”
- Next, the copyright owner and ISP should agree on these timelines and costs in advance (in writing if possible) before the copyright owner files and serves its motion for a Norwich order.
- For smaller ISPs, the copyright owner should not make the assumption that the smaller ISP will handle IP address and subscriber info in the same way as larger ISPs, where such processes are likely automated.
Calgary – 07:00 MST
By Richard Stobbe
In Part 1 we looked at some basic concepts. In Part 2, we look at “enhanced disclosure” requirements.
If the computer program that is to be installed performs one or more of the functions listed below, the person who seeks express consent must disclose additional information. This disclosure must be made “clearly and prominently, and separately and apart from the licence agreement”. In this additional or enhanced disclosure, the software vendor must describe the program’s “material elements” including the nature and purpose of the program, and the impact on the user’s computer system. A software vendor must bring this info to the attention of the user. This applies if you, as the software vendor, want to install a program that does any of the following things, and causes the computer system to operate in a manner that “is contrary to the reasonable expectations of the owner”. (You have to guess at the reasonable expectations of the user.) These are the functions that the legislation is aimed at:
- collecting personal information stored on the computer system;
- interfering with the owner’s or an authorized user’s control of the computer system;
- changing or interfering with settings, preferences or commands already installed or stored on the computer system without the knowledge of the owner or an authorized user of the computer system;
- changing or interfering with data that is stored on the computer system in a manner that obstructs, interrupts or interferes with lawful access to or use of that data by the owner or an authorized user of the computer system;
- causing the computer system to communicate with another computer system, or other device, without the authorization of the owner or an authorized user of the computer system;
- installing a computer program that may be activated by a third party without the knowledge of the owner or an authorized user of the computer system.
If the computer program or app that you, as the software vendor, want to install does any of these things, then you need to comply with the enhanced disclosure obligations, as well as get express consent.
There are some exceptions: A user is considered to have given express consent if the program is
an operating system,
any other program that is executable only through the use of another computer program whose installation or use the person has previously expressly consented to, or
a program that is necessary to correct a failure in the operation of the computer system or a program installed on it and is installed solely for that purpose; AND
the person’s conduct is such that it is reasonable to believe that they consent to the program’s installation.
Remember: These additional provisions in CASL which deal with the installation of software come into effect on January 15, 2015, in less than 3 months. An offence under CASL can result in monetary penalties as high as $1 million for individuals and $10 million for businesses.
If you are a software vendor selling in Canada, get advice on the implications for automatic installs and updates, and how to structure consents, whether this is for business-to-business, business-to-consumer, or mobile apps. There are already more than 1,000 complaints under the anti-spam provisions of the law. You don’t want to be the test case for the computer program provisions.
Calgary – 07:00 MSTNo comments
By Richard Stobbe
It’s mid-October. Like many businesses in Canada, you may be weary of hearing about CASL compliance. Hopefully that weariness is due to all the hard work you did 3 months ago to bring your organization into compliance for the July 1st start-date.
If you’re a software vendor, then you should gird yourself for round two: Yes, there are additional provisions in CASL which deal with the installation of software, and those rules come on stream in 3 months on January 15, 2015.
Section 8 of CASL ostensibly deals with spyware and malware. Hackers are not the only problem; think of the Sony Rootkit case (See our earlier post here) as another example of the kind of thing that this law was designed to address.
This is the essence of Section 8: “A person must not, in the course of a commercial activity, install …a computer program on any other person’s computer system… unless the person has obtained the express consent of the owner …” This applies only if the computer system is located in Canada, or if the person either is in Canada at the relevant time or is acting under the direction of a person who is in Canada at the time when they give the directions.
This relatively simple idea – get consent if you want to install an application on someone else’s system in Canada – has far-reaching implications due to the way the legislation draws the definitions of “computer program” and “computer system” from the Criminal Code. As you can guess, the Criminal Code definitions are extremely broad. So, what does this mean in real life?
- Certain types of specified programs require “enhanced disclosure” by the software vendor. (I am saying ‘software vendors’ as those are the entities most likely to bring themselves into compliance. Of course, hackers and organized crime syndicates should also take note of the enhanced disclosure requirements);
- Express consent, under this law, means that the consent must be requested clearly and simply, and the purpose of the consent must be described;
- The software vendor requesting consent must describe the function and purpose of the computer program that is to be installed;
- The software vendor requesting consent must provide an electronic address so that the user can request, within a period of one year, that the program be removed or disabled;
- Note that if a computer program is installed before January 15, 2015, then the person’s consent is implied. This implied consent lasts until the user gives notice that they don’t want the installation anymore. Or until January 15, 2018, whichever comes first. I’m not making this stuff up, that’s what the Act says.
- One more thing: Enhanced disclosure does not apply if the computer program only collects, uses or communicates “transmission data”. Transmission data is what you might call envelope information. The Act defines it as data that deals with “dialling, routing, addressing or signalling” and although it might show info like “type, direction, date, time, duration, size, origin, destination or termination of the communication”, it does not reveal “the substance, meaning or purpose of the communication”. So there is effectively a carve-out for the tracking of this category info.
Don’t worry, Canadian anti-spam laws are kind of like Lord of the Rings: Sequels will keep coming whether you like it or not. Once we’re past January 15, 2015, you can look forward to July 1, 2017, which is the day on which sections 47 to 51, 55 of CASL come into force. These provisions institute a private right of action for any breach of the Act.
If you are a software vendor selling in Canada, get advice on the implications for automatic installs and updates, whether this is for business-to-business, business-to-consumer, or mobile apps. There are already more than 1,000 complaints under the anti-spam provisions of the law. You don’t want to be the test case for the computer program provisions.
Calgary – 07:00 MSTNo comments
By Richard Stobbe
In Nguyen v. Barnes & Noble, Inc., 2014 WL 4056549 (9th Cir. Aug. 18, 2014) the US Ninth Circuit wades into the subject of online contracting. Law professor Eric Goldman (ericgoldman.org) argues that these terms we’re accustomed to using, to describe ecommerce agreements, only contribute to the confusion. The term “browsewrap” derives from “clickwrap”, which is itself a portmanteau derived from the concept of a shrinkwrap license. As one court described it in 1996: “The ‘shrinkwrap license’ gets its name from the fact that retail software packages are covered in plastic or cellophane shrink wrap, and some vendors… have written licenses that become effective as soon as the customer tears the wrapping from the package.”
The enforceability of a browsewrap – it is argued – is based not on clicking, but on merely browsing the webpage in question. However, the term browsewrap is often used in the context of an online retailer hoping to enforce its terms, in a situation where they should have used a proper click-through agreement.
In Nguyen, the court dealt with a claim by a customer who ordered HP TouchPad tablets from the Barnes & Noble site. Although the customer entered an order through the shopping cart system, Barnes & Noble later cancelled that order. The customer sued. The resulting litigation turned on the enforceability of the online terms of service (TOS). The court reviewed the placement of the TOS link and found a species of unenforceable browsewrap – the TOS link was somewhere near the checkout button, but completion of the sale was not conditional upon acceptance of the TOS.
This leaves open the possibility that browsewrap terms (where no active step is required) could be enforceable if the user has notice (actual or constructive) of those terms.
The lessons for business?
The “browsewrap” is a passive attempt to impose terms on a site visitor or customer. Such passive terms should not be employed where the party seeking to enforce those terms requires certainty of enforceability. Even where there is a “conspicuous hyperlink” or “notice to users” or “close proximity of the hyperlink”, none of these factors should be relied upon, even if they might create an enforceable contract in special cases. Maybe it is time to retire the term “browsewrap” and replace it with “probably unenforceable”.
Now, do you still want to rely on a browsewrap agreement?
Related Reading: Online Terms – What Works, What Doesn’t
Calgary – 07:00 MST1 comment
Let’s say you pitch a story idea to a TV production company – and not just an idea, but a complete set of storyboards, characters and scripts. You would be surprised if one day you saw that story idea come to life in a TV production that gave no credit to you as the orginal creator of the materials. That’s what happened to Claude Robinson and his idea for a children’s TV program inspired by Robinson Crusoe.
One of the most important copyright decisions in 2013 was issued by the Supreme Court of Canada (SCC) in late December: In Cinar Corporation v. Robinson, 2013 SCC 73, the court reviewed Mr. Robinson’s claim that Cinar Corp. infringed copyright in his original story materials by copying a substantial part of those materials in the new TV production called “Robinson Sucroë”.
I am often asked when or why someone can copy the ideas of someone else. Ideas themselves are not protected by copyright law. Many features of a TV show or a movie are simply non-protectable, including ideas, elements drawn from the public domain or generic components of a story, like heroes, villains, conflict and resolution. However, in this case, the idea was articulated and expressed in a set of original written materials which resulted from the skill and judgement of the author.
The court framed this fascinating issue in this way: “The need to strike an appropriate balance between giving protection to the skill and judgement exercised by authors in the expression of their ideas, on the one hand, and leaving ideas and elements from the public domain free for all to draw upon, on the other, forms the background against which the arguments of the parties must be considered.”
In the end, the court rejected the notion that the two works must be compared piecemeal to determine if protectable elements of the original work were similar to the copy. Instead, the court reviewed the “cumulative effect” of the features copied from the original, to determine if those features amount to a substantial part of the original work as a whole. Thus the court approved a “qualitative and holistic assessment of the similarities between the works”, rather than dissecting both works to compare individual features in isolation.
This decision will be applied in other copyright infringement situations in Canada, including art, media, music and software.
Calgary – 05:00 MST1 comment
The app economy is, by most estimates, equivalent in size to the GDP of a small country: $15 billion in 2012, projected to mushroom to $74 billion by 2016. All that economic activity inevitably breeds litigation. In what appears to be a case of first impression in the US, a federal court looked at the issue of whether the app store is liable for the apps it distributes, or the app developer.
The case of Evans v. Hewlett-Packard Co., 2013 WL 4426359 (N.D. Cal. Aug. 15, 2013), the court looked at the liability of Hewlett-Packard for a third-party app which allegedly infringed trade-mark rights.
This case hinges on an interpretation of Section 230 of the Communications Decency Act (47 U.S.C. §230), 1996 legislation which provides immunity for providers of an “interactive computer service”, such as ISPs and website operators. The court decided that HP, as the operator of the app store, does qualify for immunity under this legislation, putting the app store into the same category as ISPs.
Remember, the Communications Decency Act is US legislation, not Canadian. However, Canadian app developers should take note of this decision, as most Canadian developers seek to market and sell their apps in the US.
Other app case are pending, such as this claim (Pirozzi v. Apple, Inc., 12-cv-01529-JST (N.D. Cal. Aug. 3, 2013)) which is proceeding against Apple, for violation of privacy rights. Stay tuned.
Calgary – 07:00 MDTNo comments
Playing next weekend at the Vancouver International Film Festival and Hot Docs Canadian International Documentary Festival.
Calgary – 07:00 MDTNo comments
When a user dies, who owns the contents of that user’s account?
In Ajemian v. Yahoo Inc. (May 7, 2013), a Massachusetts court considered this question. Two brothers, who administered their brother John’s estate, brought a lawsuit against Yahoo for access to email messages of their deceased brother, and a declaration that the email account was property of John’s estate. The court considered the Yahoo Terms of Service, which included this clause: “You agree that your Yahoo! account is non-transferable and any rights to your Yahoo! ID or contents within your account terminate upon your death. Upon receipt of a copy of a death certificate, your account may be terminated and all contents therein permanently deleted.”
The court looked at the central question of whether these terms – in particular, this “No Right of Survivorship and Non-Transferability” clause described above – was reasonably communicated to the user. The terms were amended before the time of death but the evidence was unclear on whether the deceased user had assented to this particular amendment. Because of the weak evidence on this point, the court decided that Yahoo could not rely on the forum selection clause which would have deflected the case to California.
The court took the view that the deceased user was a Massachusetts resident and courts in that state had a strong interest in the outcome of the case as it related to the assets of a deceased resident, as opposed to the nature of Yahoo’s services. The ultimate decision was remanded to the lower court, but we can take away a few important lessons:
- Corporate accounts may not impacted by the death of a user, but anyone making consumer sales should review their online terms to address survivorship issues. And there are many cases where even a “corporate” user is signing up as an individual, without any clarity on what happens to that account as an “asset” of the business after death.
Get advice from our licensing and internet law experts in this complex area.
Related Reading: Is There Life After Death for Your Digital Assets?
Calgary – 07:00 MDTNo comments
In Pelchat v. Zone 3 Inc., 2013 QCCS 78, a Quebec court decision has addressed the dichotomy between the idea for a TV show, and the “form and expression” of ideas, as embodied in a TV show. In this case, the defendant Zone 3 was sued for a claim of copyright infringement related to its makeover TV show called “Métamorphose”. The lawsuit was brought by Mr. Pelchat, who claimed that his own show “Look” (which aired in the late 1980s) was infringed by Zone 3’s show. Mr. Pelchat claimed his infringed work was a “beauty makeover of a woman on TV through hair, makeup and clothes”. Copyright law is clear that it will only protect original expressions of an idea, not the idea itself. Thus, there is no infringement where the ideas between two shows are similar, but there is no actual copying of protected original expression.
In this case, the court did review the overall expression of the two shows, the structure, dialogue, sets, characters and other elements of expression. It concluded that Zone 3 did not engage in any copyright infringement.
Contact Field Law’s Entertainment Law experts for advice in this area.
Calgary – 07:00 MDTNo comments
“The world has changed dramatically in the last two decades… An entity may now have a profound impact upon a foreign jurisdiction solely through its virtual projection via the Internet.”
This statement from the New York Court of Appeals in the recent decision in Overstock v. New York Taxation and Finance (PDF) paved the way for an interesting conclusion on the taxing power of New York State – and by extension, the sales tax that may be applied to many online sales, including sales by Canadian online business into the US market.
Traditionally, a state’s taxing authority was based on “economic activities” by the seller, for example, through its employees or sales agents in that state. The question faced by the court in this case was whether click-through links on a “local website” (that is, a website owned by a local state owner) would qualify to establish “economic activities” in that state. For example, a link to Amazon from a local New York State website has the effect of driving sales to Amazon. The court decided that by compensating the local New York State website owner who has signed-on to an affiliate agreement, Amazon is deemed to have established an “in-state sales force”. The site which hosts the link is paid a commission, flat fee or price-per-click, and this was considered enough to create a “substantial nexus” to the state. Passive advertisements, by contrast, would not by themselves create a substantial nexus.
It is not clear whether Overstock.com and Amazon will appeal the decision.
In other news, the U.S. Senate voted 74-20 to put The Marketplace Fairness Act of 2013 to a final vote, an Act which would allow states to collect online sales taxes. The OECD is also preparing guidelines on how to handle international value-added taxes, to deal with the current “uncertainty and risks of double taxation and unintended non-taxation”. The 2013 draft of the OECD Guidelines derives from the “neutrality” principle (the notion that value-added tax is a tax on final consumption that should be neutral for business), and the so-called “destination” principle (that tax should be paid in the jurisdiction of consumption).
In the meantime, Canadian online retailers selling into the US marketplace should consider reviewing their affiliate click-through agreements and assess sales-tax collection policies with tax advisors.
Calgary- 07:00 MDTNo comments
When a cloud privacy breach occurs in Canada, what happens? In some cases, businesses are subject to mandatory breach notification requirements. This means that a privacy breach – whether as a result of a hacker, a lost USB or some other human error – must by law be reported to the commissioner and to affected individuals. Ontario has implemented mandatory breach notification under its Personal Health Information Protection Act. In Alberta, organizations subject to the Personal Information Protection Act (PIPA) are required to report a breach to the commissioner “without unreasonable delay” where a “reasonable person would consider that there exists a real risk of significant harm to an individual as a result of the loss or unauthorized access or disclosure”.
The “real risk of significant harm” requires some analysis in the event of a breach and the Alberta commissioner’s Mandatory Breach Reporting Tool (PDF) has been released recently, to assist organizations determine if they are required to report a breach under section 34.1 of PIPA. This area of law may be changing further: a private members bill was recently introduced in Parliament to implement mandatory data breach reporting in the federal personal information protection law.
Here’s a recent case that illustrates the pitfalls of a cloud privacy breach in Canada:
- In the recently released decision relating to WhatsApp (Report of Findings: Investigation into the personal information handling practices of WhatsApp Inc.), the Canadian and Dutch privacy authorities investigated WhatsApp Inc. a US company operating “WhatsApp Messenger”, a cloud-based cross-platform mobile messaging app allowing the exchange of messages for iOS, BlackBerry, and Android platforms.
- The Commissioner launched an exhaustive review of the privacy aspects of the service after complaints regarding WhatsApp’s information-handling procedures, including the collection of more information than was necessary, the potential for privacy breach, the lack of encryption.
- While the story generated damaging headlines, WhatsApp did work with the Commissioner to resolve many of the privacy concerns.
- This investigation also shows the extent to which international privacy watchdogs will work together to launch an investigation that concerns personal information that crosses international borders.
The privacy lessons are clear: get advice on privacy implications of the cloud-based service, and don’t underestimate the importance of well-drafted privacy policies and user terms. Cloud service providers should also take time to understand the breach notification protocols that would apply in the event of a privacy breach.
- Calgary – 07:00 MDT
The Canadian Intellectual Property Office has released guidance on “Computer-Implemented Inventions” as planned, in the wake of the Federal Court of Appeal decision in Amazon. While “software” is technically not patentable, a “computer-implemented invention” is. Such an invention could fall into one of several categories: a method (art, process or method of manufacture), machine (generally, a device that relies on a computer for its operation), or product (an article of manufacture). As before, computer programs, data structures and computer-generated signals alone are not patent-eligible.
Calgary – 07:00 MDT
The court rejected the claims since there was no indication that the extra service paid for by premium users included enhanced security or encryption, since “paid” users and “free” users received the same level of security. It is clear that claims based on breach of privacy will face a uphill battle in the US, and this decision together with the decision in last year’s iPhone class action claim demonstrate the complexities and difficulties of this class of claims.
Calgary – 7:00 MDTNo comments
Are APIs protected by copyright?
In the long-running litigation (and hey, is there any litigation that isn’t “long-running”?) between Oracle and Google, a US court decided in 2012 that APIs in this case were not eligible for copyright protection. See our earlier post. This meant a complete loss for Oracle in its lawsuit against Google for infringement of the Java APIs used in Google’s Android software.
Copyright protects only original expression. Applied to software code (including API protocols), the law of copyright tells us that certain elements are not protectable by copyright since they lack originality. The US trial level decision in Oracle vs. Google has been appealed and the parties are now filing briefs in the US Federal Court of Appeals (a copy of Oracle’s brief is here). The briefs make fascinating reading for those interested in the finer points of copyright law and the history of the Java programming.
Oracle’s brief opens by sketching a scene: “Ann Droid wants to publish a bestseller. So she sits down with an advance copy of Harry Potter and the Order of the Phoenix —the fifth book—and proceeds to transcribe. She verbatim copies all the chapter titles—from Chapter 1 (“Dudley Demented”) to Chapter 38 (“The Second War Begins”). She copies verbatim the topic sentences of each paragraph, starting from the first (highly descriptive) one and continuing, in order, to the last, simple one (“Harry nodded.”). She then paraphrases the rest of each paragraph. She rushes the competing version to press before the original under the title: Ann Droid’s Harry Potter 5.0. The knockoff flies off the shelves.”
Does this constitute copyright infringement?
One of the big issues on appeal will be whether the appeals court accepts the notion that copyright infringement can occur without any actual direct copying of code. This is the so-called SSO argument – that the “structure, sequence and organization” of the software can attract copyright protection, regardless of whether specific code is cut-and-paste. As illustrated in the Harry Potter example above.
Stay tuned. This is one to watch in 2013.
Calgary – 07:00 MST
Photo credit: Google, Inc.1 comment
The use of social means to engage in defamation is nothing new. Indeed, defamation requires the very social element of publication. Social media – Facebook pages or posts, tweets, blogs and online comments – merely make defamation easier and more pervasive.
Canadian courts have struggled to balance the interests of free speech with the interests of individuals who wish to challenge and find redress for defamatory statements. A recent Ontario case has framed the issue as follows:
“There are few things more cowardly and insidious than an anonymous blogger who posts spiteful and defamatory comments about reputable member of the public and then hides behind the electronic curtain provided by the Internet. The Defendant confuses freedom of speech with freedom of defamation. There are, undoubtedly, legitimate anonymous Internet posts: persons critical of autocratic or repressive regimes, for example, or legitimate whistleblowers. The Defendant is not one of those people. The law will afford his posts all the protection that they deserve, which is to say none.” Manson v. John Doe , 2013 ONSC 628 (CanLII),
The test laid out by the Supreme Court of Canada (Grant v. Torstar Corp., 2009 SCC 61 (CanLII)) is as follows: In order to establish a claim for defamation a plaintiff must establish that:
a) the impugned words are defamatory, in the sense that they would tend to lower the plaintiff’s reputation in the eyes of a reasonable person;
b) the words in fact refer to the plaintiff; and
c) the words were published, i.e., that they were communicated to at least one person other than the plaintiff.
In Manson, the court ordered the defendant to pay damages of $100,000 plus aggravated damages of $50,000 and costs. However, the defenant remains anonymous.
Another recent decision in Baglow v. Smith, 2012 ONCA 407 (CanLII), hints at the court’s willingness to permit parties to engage in a heated online political debate, without crossing the line of defamation. In that case, the court observed: “Commentators engaging in the cut and thrust of political discourse in the internet blogosphere can be fervent, if not florid, in the expression of their views.” In the lower court, the statements made in this “cut and thrust” were determined not to constitute defamation. However, on appeal, the court decided the matter was suitable for a full trial and overturned the lower court findings. This is one case to watch.
Related Reading: ipblog’s Defamation Archive
Calgary – 07:00 MSTNo comments
Here is the next case that illustrates the potential pitfalls when dealing with social media:
This recent US copyright decision involving Agence France Presse (AFP) and photographer Daniel Morel dealt with the rights of a news publisher to publish images posted to Twitter.
Mr. Morel is a photojournalist who took a number of images of the 2010 earthquake in Haiti. He then posted those images to Twitter. Those images were picked up by AFP who “licensed” the images on to Getty Images.
When Morel complained, steps were taken to have the images removed from the AFP / Getty system. But through series of mixups (of the kind that would be familiar to anyone dealing with information technology and complex organizations such as AFP and Getty Images), the pictures were not removed and were picked up and published by The Washington Post under their agreement with AFP/Getty.
The court ultimately had to decide whether Mr. Morel – the photographer – had granted a kind of license to AFP by posting his images to Twitter. This required an analysis of the Twitter Terms of Service. The court decided no, the Twitter Terms of Service do not grant such a license. The court stated that “even if some re-uses of content posted on Twitter may be permissible, this does not necessarily require a general license to use this content as AFP has.” Put another way, a copyright owner who posts content to Twitter is clearly giving up some rights to that content – the right, for example, to re-tweet, which is a fundamental part of Twitter and is contemplated (even encouraged) by Twitter’s Terms of Service. However, merely by posting to Twitter, that copyright owner is not giving others an unrestrained right or license to remove the content, copy it and redistribute it commercially.
The court says “…the Twitter TOS were not intended to confer a benefit on the world-at-large to remove content from Twitter and commercially distribute it…” This is an important reminder.
In the final analysis (and that is 58 pages of analysis if you want to read the judgement) AFP and The Washington Post were liable for copyright infringement for use of Morel’s images.
Lessons for business:
- This case confirms that any re-use of content from Twitter – and by extension, other social media streams – should be handled carefully.
- Re-tweets are clearly contemplated as being within the scope of permitted uses, but copying and republishing for commercial purposes clearly is not.
- Many situations will fall somewhere in the middle between those two ends of the spectrum. Before using or re-using content for commercial purposes, take time to review the specific situation, including the applicable social media terms of service. Before posting your own content to Twitter, be aware that the Twitter terms do contemplate certain re-uses (the scope of which is difficult to define precisely). Once it’s posted, it’s hard to stuff the genie back in the bottle
The case is Agence France Presse v. Morel.
Calgary – 07:00 MSTNo comments