1 Cyberspace Law Institute and Winter Working Meeting January 31-February 1, 2014, Denver, CO Agenda Cyberspace Law Institute and WWM, Agenda, Day 1 January 31, 2014 Day 1: January 31, :00-8:30 am: CONTINENTAL BREAKFAST in Aspen, 2 nd Fl. 8:15-8:50 am: OPENING PLENARY (CLC Chair Jon Rubens presents welcome, introductions, housekeeping) -- A, 2 nd Fl. 8:50-2:50 pm: CYBERSPACE LAW INSTITUTE-- A, 2 nd Fl. TIME TITLE PRESENTER(S) DESCRIPTION 8:55-9:25 AM Ubiquitous Computing and the State of the Third- Party Doctrine Jeffrey L. Vagle, Attorney, Pepper Hamilton LLP, Philadelphia, PA In the context of Fourth Amendment searches and seizures, the third-party doctrine stands for the proposition that a person does not have a reasonable expectation of privacy in information that he or she has voluntarily exposed or communicated to a third party. When the third-party doctrine was first articulated in the courts, the data it covered included the address information on the outside of envelopes, landline telephone billing records, paper bank records, and the like. Today, it is much more common to send an or text message than mail a letter, and the phones we now use share a great deal more information with the carrier, including detailed GPS location data. Since the advent of smartphones, many of us are carrying an Internet-connected computer in our pocket at all times. Thus, while the data covered by the third-party doctrine today still may not include the actual content of messages, the data that it does apply to, often called metadata, can yield just as much and sometimes more information about the message than the actual content. Where does that leave the third-party doctrine? This CLE will summarize the current state of the third-party doctrine in today s law. This topic has become especially important in light of recent cases involving government use of cell site data, text messages, and metadata, and the recent revelations of wide-scale government surveillance. Topics covered will include: What is the basis for the third-party doctrine, and where are courts finding friction points with the current use of technology? Does it matter whether customers know how much and what kind of data they are sharing with their carriers and ISPs? Where do and text messages fall under third-party doctrine? Where does third-party doctrine fit with the concept of big data analytics?
2 9:30-10:00 AM 10:05-10:35 AM 10:35-10:45AM When Past Performance May Be Indicative of Future Results Legal Implications of Using Location-Based Services Data to Predict Future Behavior Brainspray and the Law Bruce Antley, Assistant General Counsel, America Online Line, Washington, DC Ted F. Claypoole, Attorney, Womble Carlyle Sandridge & Rice, LLP, Charlotte, NC Location-based services (LBS) such as navigation and check-in apps particularly those delivered through smart phones are increasingly becoming a part of everyday life. The ability to know specifically where a person is located is a powerful asset for businesses. That information can be used to help deliver relevant services such as traffic and weather reports and even advertising for nearby businesses. Even more powerful, though, is the ability to use current location data combined with historical location data to make predictions about a person s future behavior and deliver services that are relevant to what the person will be doing. This use of LBS technology and data, however, raises critical issues, including data and privacy protection. Join a lawyer from MapQuest/AOL to discuss the implications of these services. Fueled in part by the astronomical growth in sales of smart phones and other devices that track location, businesses are able to tap into an enormous supply of LBS data concerning the whereabouts of their customers. This data is being used to provide services based on the current location of users, but as businesses begin to combine current location data with past location and other data, they will be able to make predictions about future behavior. Existing laws and regulations, written before the boom in LBS, do not provide clear guidance on how this data may be collected and used, but the potential risks to businesses may be enormous. Over the past ten years, scientists, technologists and businesses have begun to develop technology that can externally read and interpret brain signals, or brainspray. Numerous experiments have demonstrated that the power of thought can be harnessed for replacing lost limbs or even training others without a word. Businesses have been founded to allow human/computer interaction based only on directed thoughts. The U.S. military is experimenting with ways to harness the direct brain power of its pilots, soldiers and sailors. Before the commercial use of brainspray becomes commonplace, lawyers should understand the implications for privacy and intellectual property. There are currently no rules restricting invasive use of the technology or protecting intellectual property from being drawn directly from the heads of others, but conflicts in these areas are coming. The presentation will show the scientific, technical and legal issues raised by the harvesting of brainspray for medical or commercial purposes, and will discuss what lawyers can do to direct the rules into the right direction. BREAK in Aspen, 2 nd Fl. 10:45-11:15 AM Bitcoins: Where They Came From and Where They Are Headed Andrew Shipe, Attorney at Law, Arnold & Porter LLP, Washington, DC Presentation will cover highlights in the evolution of bitcoin from an algorithm generated by a group of anonymous computer geeks to a digital currency that has captured international attention. Key developments include the rise of bitcoin exchanges, intensive competition in mining new bitcoins, increasing venture capital investment in all sorts of companies related to bitcoin, and the regulatory framework in which bitcoin operates. Then we examine the future of bitcoin, including the SEC filing for a bitcoin trust issuing ETFs backed by bitcoin and the developing alternative digital currencies, such as Peer Coin and Litecoin.
3 11:20-11:55 AM Copyrightability of APIs Jeremy Smith, Registered Patent Attorney, Huntsville, AL The copyrightability of software has always been a contentious issue, both in legal circles as well as among developers. As developers realized that their creations were artistic and elegant (and highly valuable) they sought to protect their creation often through copyright protection. One particularly thorny issue has always been the copyrightability of APIs (or application programming interfaces) which allow software programs to communicate with one another. In Google v. Oracle, the District Court Northern District of California, held that APIs were not copyrightable and thereby invalidated several copyrights held by Oracle. This decision is currently on appeal to the Federal Circuit Court of Appeals. This CLE will review the District Court s opinion, the arguments on appeal, the practical implications for software companies seeking to protect their software, and if an opinion has been rendered, the Federal Circuit s opinion. 12:00-1:10 PM INSTITUTE LUNCH Aspen, 2 nd Fl. TIME TITLE PRESENTER DESCRIPTION 1:15-2:00 PM Snooping, Spying, and Cyber Espionage: Civil Liberties vs. Theft of Trade Secrets Konrad L. Trope, Attorney, Centurion Law Group, P.C., Beverly Hills, CA Jim Spertus, Attorney, Spertus, Landes & Umhofer, LLP. Los Angeles, CA The various cyber-security scandals of recent months involving former NSA contractor Eric Snowden, have caused the press and related media to focus on violations of civil liberties by governments seeking to counter the threats from terrorists. However, subsequent revelations about cyber-espionage attacks by China and Iran have shown that the theft of trade secrets and other electronic data from private industry may be the bigger threat. Indeed, the standards imposed by various governments upon telecommunications systems to assist law enforcement, pose a major threat to the data networks of every industry: from defense and aerospace to health care companies and law firms. This presentation will look at the history of wiretapping by governments around the world and then assess the current technology protocols imposed by world governments for facilitating government eavesdropping, and how those protocols might be the very reason that rogue regimes so often bombard the Internet security walls of private industry.
4 2:05-2:50 PM 2:50-3:00 PM Theft of Trade Secrets Through Cyberspace Roundtable/Breakout Promotion Mark Mermelstein, Attorney, Orrick, Herrington & Sutcliffe LLP, Los Angeles, CA Michael Weil, Attorney, Orrick, Herrington & Sutcliffe LLP, Los Angeles, CA Andy Crain, Vice President of Forensics and Collections, Discovia, San Francisco, CA Theft of IP and trade secrets, whether by an insider or a hacker, has emerged as a significant threat to our nation s businesses, not only in terms of the loss of the stolen IP but also the collateral consequences such as the reputational impact on the company for failure to safeguard its own or client secrets, and the regulatory and civil lawsuits that follow. During this presentation we will discuss: The impact that IP Theft has on companies What to do if it happens to a company; and Steps that a company can take to help prevent IP theft Jon Rubens will highlight the upcoming Roundtables and the breakouts that will follow them in A, 2 nd Fl. Phil Weiser Dean, Law School University of Colorado Aspen, 2 nd Fl. 3:00-3:45 PM Phil Weiser is Dean of the Law School, a Thomson Professor of Law, and Executive Director and Founder of the Silicon Flatirons Center for Law, Technology, and Entrepreneurship at the University of Colorado. Dean Weiser joined the Colorado faculty in January 1999, where he served until July From July 2009-April 2010, he served as the Deputy Assistant Attorney General at the United States Department of Justice s Antitrust Division. From April 2010-June 2011, he served as the Senior Advisor for Technology and Innovation to the National Economic Council Director at the White House. He became Dean of the Law School in July, Dean Weiser graduated with high honors from both the New York University School of Law and Swarthmore College. He served as a law clerk to Justices Byron R. White and Ruth Bader Ginsburg at the United States Supreme Court and to Judge David Ebel at the Tenth Circuit Court of Appeals. Prior to joining the Colorado Law faculty, Dean Weiser served as senior counsel to the Assistant Attorney General in charge of the Antitrust Division at the United States Department of Justice, advising him primarily on telecommunications matters.
5 3:45-5:00 ROUNDTABLES PM ROOM TABLE TOPIC MODERATOR TOPIC B, 2 nd Fl. A, 2 nd Fl. The Patentability of Software When the CFAA and the SCA cause 'Digital Death' Phong Nguyen, Jeremy Smith Christina Kunz The world relies on computers and also the software that controls those computers. It was accepted law in the United States that computer software was, if novel and non-obvious, protectable under the patent law. However, in 2010, the United States Supreme Court issued the Bilski v. Kappos decision which, in many ways, turned the law concerning the patentability of computer software on its head. The courts, the United States Patent Office, litigants and inventors are still grappling with guidance (or lack thereof) set forth in the Bilski decision. This roundtable will discuss the current state of the patentability of software and the implications of the current trends in the law. When a natural person or decedent is represented by a conservator, POA, or personal representative (a "fiduciary"), the fiduciary's attempts to access the online accounts of the represented person or decedent are within the definition of "unauthorized access" (essentially hacking) under the Computer Fraud and Abuse Act. In addition, the Stored Communications Act forbids many (but not all) online service providers from disclosing the account content or allowing account access to fiduciaries. To address some of these concerns, the Uniform Law Commission is drafting a uniform law on Fiduciary Access to Digital Assets. The current draft proposes some interesting state law provisions that try to work around or avoid the federal statutory obstacles. Chris Kunz, the ABA Business Law Section Advisor to the drafting committee, will lead a discussion focused on the internet law issues and solutions being considered by the drafting committee. For the most recent draft, go to Don't avoid this discussion just because you can't remember anything about wills and trust law--it won't matter. Questions regarding the harm caused by violations of expectations of privacy loom large in debates over privacy law. How are people injured when information about them is collected, disclosed, or used in ways that defy their expectations, existing agreements, or established rules or norms? Which of these harms should privacy laws be designed to prevent? And how should those laws go about doing so? These questions are often answered skeptically. Elm, 2 nd Fl. Revisiting Privacy Harm Jason Haislmaier Whether from digital advertisers, developers of new technologies, or our own government, arguments against the notion of harm abound and resistance to reforms runs high. At the same time, new technologies, practices, and techniques of data collection and analysis continue to raise ever newer and potentially greater threats of harm. As regulators and lawmakers consider adopting new ways of talking about harm, and while some privacy advocates move toward more abstract notions of harm or even away from harm entirely, this roundtable will revisit the conversation about harm and discuss how privacy harm is being applied in the privacy laws and standards of today and those looming on the horizon.
6 Ash, 2 nd Fl. Long-term Post- Snowden Reform Proposals for the Executive and Legislative Branches David Delaney President Obama and Congress must jointly begin a multi-year strategic effort to address systemic issues in cyber intelligence programs to improve the nation s strategic posture for the next era of the Information Age. Strategic reform of Congress, the military and intelligence entities has been crucial to prepare for the Cold War, correct excesses of the 1970s and 80s, and meet the demands of protracted counterterrorism undertakings overseas since 9/11. At a time when military, intelligence, and law enforcement communities are significantly expanding and integrating their cyber operations to amass, analyze, and share data on unprecedented scales, it is particularly important to consider changes that can better accomplish strategic national interests while preserving the rule of law through legitimizing organizations and processes. In this discussion Professor Delaney will suggest long-term reform objectives and comment on proposals from Congress, the President s Review Group on Intelligence and Communications Technology, and the Privacy and Civil Liberties Oversight Board. 5:00-6:00 PM Winter Working Meeting Breakout Sessions LOCATION A, 2 nd Fl. SUBCOMMITTEE / PROJECT Authorship Opportunities: Corporate Toolkit Project and Wolters Kluwer e-compliance Chapter Project LEADER(S) Sarah Jane Hughes / Jon Rubens DESCRIPTION Corporate Toolkit Project : For some years, the Corporate Counsel Committee has produced a treatise entitled The Corporate Tool Kit. The book is ready for its next revision, which was delayed from 2013 to At the 2013 WWM, we recruited volunteers to handle some of the "chapters" that the Tool Kit project leaders had identified as needing CLC contributors, and we now expect that Corporate Counsel would like to proceed with the project with chapters due in late May for Fall 2014 publication. This project is separate from, but not necessarily in conflict with, the project for which many CLC members have volunteered to revise the Wolter Kluwer volume. Indeed, there could be useful overlap. Participants who can contribute a section or a full chapter or more are encouraged to attend. Wolters Kluwer e-compliance Chapter Project: We have been asked to help update this ecompliance deskbook chapter. The sections are quite short a few paragraphs to a couple pages. Please consider helping on one of this sections. The unassigned sections are not yet spoken for. Here is a list of sections that may still be available: Advertising - B2B and Antitrust - and Electronic Documents - Spam and Spyware - Securities Law - Tax - Net Neutrality -
7 Elm, 2 nd Fl. Ash, 2 nd Fl. Cybersecurity Checklist Internet Governance Task Force Lisa Lifshitz/ Ariane Siegel David Satola and Michael Kelly The Cloud Security Checklist Project (co-led by Lisa R. Lifshitz and Ariane Siegel) will continue to work on and finalize the draft Cloud Computing Security Checklist that was initially prepared by the Working Group this year. We will be looking for comments and anticipate some good discussions around Cloud Security best practices. We will also discuss the proposed dissemination of the Checklist. The Task Force will report on the proceedings of the recent Internet Governance Forum held in Bali, Indonesia, in October In this working session, the Task Force will also examine the potential impact other recent developments around international efforts at Internet governance in the wake of the Snowden affair, especially the call by the Governments of Brazil, India and South Africa, together with ICANN, to host a summit on the future of multi-stakeholders in Internet governance and the formation of a high-level Panel On the Future of Global Internet Cooperation. One report suggests, for example, that these efforts might result in requirements of ISPs to host data on a country-by-country basis, trending towards a Balkanization of the Internet, reinforcing control of nation states over the Internet. 6:00-10:00 PM COMMITTEE RECEPTION AND DINNER TIME DESCRIPTION LOCATION 6:00 - Cocktail Hour Four Seasons Hotel Bar 7:30 PM 7:30-10:00 PM Official Cyberspace Law Committee Dinner B, 2 nd Fl., Four Seasons Hotel Day 2: February 1, :30-9:00 am: CONTINENTAL BREAKFAST in Aspen, 2 nd Fl. Sponsored by General Dynamics Fidelis Cybersecurity Solutions, Inc 9:00-10:15 AM Winter Working Meeting Breakout Sessions LOCATION TITLE LEADER(S) DESCRIPTION Ash, 2 nd Fl. B, 2 nd Fl. Consumer International Trade John Rothchild / James Nehf John Gregory and Hal Burman The Consumer Protection will host a presentation entitled "Consumers and the Internet of Things." The "Internet of things" refers to the growing number and range of everyday physical objects that are linked through wireless networks, allowing them to communicate with us and with each other. Home thermostats, wi-fi video cameras, the bathroom scale, smart refrigerators, and personal exercise monitoring devices are examples of the limitless sorts of devices that make up the Internet of Things. Privacy and security are the main consumer protection issues that this technology raises. (A) Top item and short turn-around time after the WWM will be recommendations on the latest draft Framework Agreement on E-Commerce of the UN Economic and Social Commission for Asia and the Pacific.
8 A tight time squeeze, but an opportunity for Cyberspace folks to continue to have a meaningful impact on this process in the Asian-Pacific area. There will be a new draft just out and likely be a final UNESCAP working meeting late February which means we can get WWM comments and proposed changes onto that table but will not have much turnaround time after the WWM. By the time it reaches their plenary meeting if it does in May 2014 there won t be as much room to get changes made, so the push would be now and the WWM is situated date-wise to do that. The latest draft will be available online (link will be sent out) or thru co-chairs John Gregory and Hal Burman. (B) Proposals for on-line dispute proceedings for cross border e-commerce and whether that can cover both B2B and B2C. Recommendations can be made in time for the next meeting of UNCITRAL s Working Group III in mid-march at New York (possible coverage of that and the Working Group IV meetings can be discussed). The concepts of how to create meaningful access to enforcement for small and medium size businesses and smaller claims, which constitute a much larger volume of e- commerce, are potentially more difficult than coming to agreement on draft rules for handling online disputes. Whether that should also cover B2C claims is controversial so input on that would be timely. (C ) The status of draft standards on signature authentication, cross-border use of e-documents, etc. at the UN Economic Commission for Europe (UNECE) Centre for Trade Facilitation and Electronic Business (CEFACT), and the draft standards on cross-border transfer of interests in goods at UNCITRAL s Working Group IV, plus the time table for comments/recommendations. (D)Time permitting) current e-commerce projects underway or to be proposed at several international bodies will be considered to see if tracking those and possibly adding some to the s action items would be appropriate. These include the International Telecommunications Union (ITU), and two African regional bodies, OHADA (Organization for the Harmonization of Business Law in Africa) and SADC (Southern African Development Community).
9 Elm, 2 nd Fl. Cloud Computing Checklist Philip Schmandt / Bill Denny The Cloud and IT Services is preparing a Cloud Computing Checklist, intended to aid practitioners when reviewing and negotiating cloud computing contracts or explaining them to clients. This is not, however, a typical checklist. Typically, the purpose of a checklist is to lead the reader through a list of all of the issues or questions that should be considered for the particular transaction. We did not feel this would be possible for a cloud computing checklist due to the multiple different types and purposes of cloud computing contracts. The purpose of this checklist is not to be all-encompassing. Instead, its purpose is to stimulate the reader to ask what other questions may be applicable to the commercial transaction at hand that is being contemplated for the cloud. The checklist will provide direction as to where to find resources and will in some cases provide sample clauses. We are inviting subcommittee members to assist in developing the checklist and to prepare thematically-linked short written pieces that can be packaged together to provide commentary to the checklist. 10:15-10:45 BREAK in Aspen, 2 nd Fl. AM 10:45-12:00 pm: Winter Working Meeting Breakout Sessions LOCATION TITLE LEADER(S) DESCRIPTION Elm, 2 nd Fl. Ash, 2 nd Fl. Digital Media mcommerce Jon Garon Ted Claypoole / Richard Balough The Digital Media will be updating the working group on the status of the Goodlatte Comprehensive Copyright Reform process and discussing whether the committee would like to prepare any written materials for the hearings. Second, the committee will discuss the Department of Commerce s Internet Policy Task Force Green Paper on Copyright Policy, Creativity, and Innovation in the Digital Economy released on July 31, Third, the committee will look into publishing a paper or developing a CLE on the future of TV/Video, particularly in light of the split whether micro-antennae constitute public transmission. Of course, there will also be an opportunity to entertain any other projects suggested by participants. Join the M-Commerce to discuss our upcoming panel presentation on the Internet of Things, and help decide what topics and speakers should be featured. We will be continuing discussion of our Bring-Your-Own-Device white paper and seeking ideas and writers for that project. Time permitting, we will update the team on the latest in mobile tracking technology law, mobile app licensing, and take suggestions for upcoming presentations and projects. B, 2 nd Fl. International Trade John Gregory and Hal Burman Continuation of the 9 am meeting. 12:00-1:15 PM LUNCH--ON YOUR OWN
10 1:15-2:30 pm: Winter Working Meeting Breakout Sessions Block 2 LOCATION TITLE LEADER(S) DESCRIPTION B, 2 nd Fl. Elm, 2 nd Fl. Ash, 2 nd Fl. Criminalization of Technology Task Force Professional Responsibility and Technology Task Force Electronic Financial Services Cathy Gellis Lois Mermelstein/ Juliet Moringello Steve Middlebrook The Criminalization of Technology Task Force will meet again to revisit the ideas discussed last year in Los Angeles. In particular, we'll consider what sorts of written materials we might produce, such as the primer we had earlier considered doing to give business lawyers some guidance on how to identify, prepare for, and respond to government actions taken against their clients' technology use and development, as well as whatever other ideas we might brainstorm. The Task Force on Professional Responsibility and Technology, co-chaired by Lois Mermelstein and Juliet Moringiello, will meet at the Winter Working Meeting in Denver to discuss some "clean up " work involving the Ethics 20/20 amendments related to technology. Some of you provided comments to the Ethics 20/20 Commission regarding these changes, and you may remember that not all of them were adopted. Charlie McCallum, the chair of the Section's Professional Responsibility Committee has asked for our help in explaining to the Standing Committee on Ethics and Professional Responsibility why some of the technology- related amendments were not handled appropriately and in suggesting other technology-related areas in which a formal opinion from the Standing Committee might be helpful. The Electronic Financial Services subcommittee will meet to discuss bitcoin and other virtual currencies. Topics will include FinCEN regulations, law enforcement actions against Liberty Reserve and Mt. Gox, recent Congressional hearings, foreign regulation, bitcoin price volatility, business models and private investment activity. We will discuss potential subcommittee projects related to virtual currencies. 2:30-3:00 PM Plenary Wrap up A, 2 nd Fl. (Chair Jon Rubens: housekeeping, discuss plans for evening)