Section 1201 Security Research Exemption

On October 26, 2018, based upon the recommendation of the Acting Register of Copyrights, the Librarian of Congress adopted exemptions to Section 1201 of the Digital Millennium Copyright Act (DMCA), which prohibits circumvention of technological measures that control access to copyrighted works. On behalf of its clients Ed Felten and Alex Halderman, and working together with the Center for Democracy and Technology, the TLPC helped secure a set of important changes to a pre-existing exemption for good-faith security research, expanding the ability for security researchers to legally test device and system software for cybersecurity vulnerabilities without violating the DMCA and risking criminal liability.

Important caveat: this post is intended only as general information and does not constitute legal advice. If readers wish to utilize the new exemptions granted by the Librarian, they should consult independent legal counsel before doing so.

Continue reading “Section 1201 Security Research Exemption”

Section 1201 Exemption for Disability Services Professionals

In 2017-2018, the TLPC, including student attorneys Sophia Galleher and John Schoppert, represented the Association of Transcribers and Speech-to-Text Providers (ATSP) before the U.S. Copyright Office’s Seventh Triennial Section 1201 Proceeding in Washington, DC. in an effort to empower disability services professionals to circumvent technological protections measures (TPMs) to provide accessible captioned and described video to students with disabilities . To do so, the Clinic argued in comments and at the hearing that  accessibility purposes were quintessential fair uses and should be the subject of an exemption from liability under Section 1201 of the Digital Millennium Copyright Act.

In late October 2018, the Copyright Office issued its Recommendation and the Librarian of Congress implemented final rules shortly thereafter, largely granting ATSP’s request, as summarized below.

Important caveat: this post is intended only as general information and does not constitute legal advice. If readers wish to utilize the new exemptions granted by the Librarian, they should consult independent legal counsel before doing so.

Continue reading “Section 1201 Exemption for Disability Services Professionals”

Municipal Drone Policy

TLPC student attorneys and Colorado Law 2Ls Kristine Roach, Trey Reed, and Jay Gurney recently finalized a white paper on municipal drone policy. The paper outlines some of the many drone applications for hobbyists, businesses, researchers and governments, while considering disruption and intrusion concerns.

Given these competing concerns and interests, the paper outlines different approaches to municipal drone policies and regulations, including the prospect of federal preemption. The paper also analyzes 4th Amendment limitations on municipal drone surveillance and open records requirements implicated by municipal drone use. While the analysis is most pertinent to Boulder, the drone policy considerations are intended to be applicable to municipalities across the United States.

Our thanks to Prof. Deborah Cantrell, Prof. Ann England, Prof. Margot Kaminski, Tom Carr, Boulder City Attorney, Julia Richman, Boulder Chief Information and Analytics Officer, and Cory Dixon, IRISS Chief Technologist for their help in the development of this paper.

Last Week 69: The Privacy Bargain

(by Jay Gurney, Colorado Law 2L)

“She sees you when you’re sleeping
She knows when you’re awake . . .”

Smart Home devices like Amazon’s Alexa or Google Home are increasingly prevalent in American homes. Users prime the device by uttering a trigger word, in Amazon’s case, “Alexa.” Upon activation Alexa lights up, listens to, records, and responds to user’s requests.

These devices are often asked to stream music, sync to other “smart home” devices or answer questions varying from “What is the weather?” to “What is the net worth of Cardi B?” After processing a user’s Spotify request, for example, Alexa’s light turns off—signaling it is not recording—while the music continues.

As with other technological products, the data gathered from smart home requests can be provided to third parties such as advertisers. It can also be used to tailor and improve user experiences. Furthermore, the data acts as inputs for complex artificial intelligence and machine learning algorithms, creating “smarter” products.

Continue reading “Last Week 69: The Privacy Bargain”

Last Week in Tech Policy #68B: The Olympics in Virtual Reality

(by Emily Caditz, Colorado Law 2L)

Last month, the world tuned into the XXIII Olympic Winter Games held in Pyeongchang, South Korea. The Olympics is one of the world’s most celebrated sports competitions and gives viewers from all around the world the opportunity to watch the most talented athletes from their home country compete head-to-head against athletes from other participating nations.

Generally, the public has watched television, listened to the radio, or read the newspaper to keep up with Olympic coverage. In Pyeongchang, however, Intel partnered with the Olympic Broadcasting Services to provide Olympic viewers with a different Olympic viewing experience: virtual reality (“VR”). Continue reading “Last Week in Tech Policy #68B: The Olympics in Virtual Reality”

Last Week in Tech Policy #68A: Who Needs the Right to be Forgotten?

(by Kristine Roach, Colorado Law 2L)

The right to erasure, colloquially known as the right be forgotten, has been adopted by the EU General Data Protection Regulation (GDPR). It gives individuals the right to have their personal data erased:

  • Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
  • When the individual withdraws consent.
  • When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
  • The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
  • The personal data has to be erased in order to comply with a legal obligation.
  • The personal data is processed in relation to the offer of information society services to a child.

However, the right is not absolute and the requestee can refuse to erase data of the requestor for the following reasons:

  • to exercise the right of freedom of expression and information;
  • to comply with a legal obligation for the performance of a public interest task or exercise of official authority.
  • for public health purposes in the public interest;
  • archiving purposes in the public interest, scientific research historical research or statistical purposes; or
  • the exercise or defense of legal claims.

Continue reading “Last Week in Tech Policy #68A: Who Needs the Right to be Forgotten?”

Last Week in Tech Policy #67: One Policy, Universal Service?

(by Galen Pospisil, Colorado Law 2L)

For most of the 20th Century, a single company provided telecommunications services in the United States. Under the slogan “one policy, one system, universal service,” AT&T provided local and long distance telephone service at uniform prices to almost every home and business in America.

Today, hundreds of companies provide telecommunications services under individual pricing policies. And yet, the goal of universal service remains.  Policymakers face the challenge of ensuring that all Americans have access to telecommunications services without the intricate system of regulated rates that the Bell System relied upon.

Continue reading “Last Week in Tech Policy #67: One Policy, Universal Service?”

TLPC Files Three DMCA Reply Comments for Disability Services, Multimedia E-Books, and Security Research

Today the TLPC filed three reply comments to the U.S. Copyright Office as part of the seventh triennial Section 1201 proceeding. Under Section 1201 of the DMCA, parties may petition the Copyright Office every three years to create or modify exemptions when the DMCA adversely affects noninfringing activities. Opponents filed public comments in February responding to the initial long form comments filed in December.

Continue reading “TLPC Files Three DMCA Reply Comments for Disability Services, Multimedia E-Books, and Security Research”

Last Week in Tech Policy #66: The Fate of Vertical Mergers

Mergers are often  met with skepticism, as intuitively there are less players in the game after the transaction is complete.  Due to the large infrastructure costs and high value of network effects, mergers play a significant role in the telecommunications industry. Pooling resources together can create efficiencies, but there is a fear of harmful effects on consumers- whether by an increase in price or a decline in product quality.

Mergers can be broken up into two categories, vertical and horizontal. A vertical merger occurs between two companies that operate at separate steps of production, typically where transactions costs have driven integration. In horizontal mergers, parties operate in the same market and the combination will eliminate a competitor.

Continue reading “Last Week in Tech Policy #66: The Fate of Vertical Mergers”