Last Week in Tech Law and Policy, Vol. 13: Digital Technologies and Innovation in the Distribution of Music

Last week, rapper and business mogul Jay Z reintroduced Tidal in a press conference highlighting the platform as an artist-owned, subscription-based music service. The service boasts a movement to “change the status quo” and “reestablish the value of music.” Tidal values music at $19.99 per month for high fidelity (lossless/CD-Quality) streaming, or $9.99 per month—comparable to other music streaming services like Spotify.

The re-emergence of Tidal as a music streaming service owned by artists themselves in order to procure greater profits for their music begs the question: how are artists doing now?

This infographic from data journalist and information designer David McCandless shows how many plays from each music service an artist needs to earn a monthly minimum wage of $1,260.

As we previously discussed, digital technologies have changed the way consumers receive all entertainment content. Some argue that the rise of music piracy and peer-to-peer sharing in the digital age have impacted profits, but the migration to streaming services may also have a countervailing impact on piracy.

Spotify claims that their free model shifts consumers away from piracy to a platform they can simply listen to music for free, and then drives them to the paid subscription ($120 per year), doubling the amount these average consumers spend on music (supposedly, $55 per year), and generating more royalties for the artists. Some artists, notably Taylor Swift, have qualms with the free tier service Spotify provides.

Last Week in Tech Law and Policy, Vol. 12: Privacy and the Right to be Forgotten

(by Andy Sayler, Student Technologist)

Last week, the tension between privacy rights and free expression rights in the digital realm found itself back in the news when the Italian Privacy Authority issued a ruling helping to clarify when search engines must remove links to content under the European Union’s “Right to be Forgotten” rules. The ruling confirmed the idea that such requests must be balanced against the freedom of the press when the content in question is recent news that the public has a strong interest in accessing.

The “Right to be Forgotten”

The EU “Right to be Forgotten” is a concept that dates back to 2012 stating that individuals have the right to erase their personal digital information from search engines and other metadata aggregators online. The “right” was given legal force in 2014 with the Court of Justice of the European Union (CJEU) found it to be valid and enforceable. The ruling applies only to the meta-content carried by search engines, not to the original content to which such engines link.

Over the last year, search engines such as Google and Bing have created processes through which European Union users can request that the links to content related to them be removed from search indexes. According to its regularly updated transparency report, Google has thus far received requests to remove over 850,000 URLs, of which about 40% have been granted. Organization such as and HiddenFromGoogle have also begun tracking such removal requests.

Questions Remain

The “right to be forgotten” raises a number of difficult questions regarding an individual’s privacy and ability to control their digital reputation vs the public’s right to know and the freedom of expression of the press, search engines, and individuals online. When does the public interest in accessing information outweigh an individual’s interest in privacy? To what extend can the “right to be forgotten” be used to suppress accurate and truthful information? How much privacy does such a ruling really afford since it allows the original content to remain in place?

Last week’s ruling starts to provide some clarification as to the scope of this “right” and reaffirms the fact that the right does not apply in cases where the public interest outweighs an individual’s privacy. And yet many question still remain. Perhaps the biggest of which is to what extend search engines must censor results outside of their EU-targeted sites.

Currently, Google only removes contest listings from its EU-facing sites: e.g.,,, etc. The US (and often most popular) version of the search engine,, remains uneffected. EU regulators have asserted that this must change and that Google must censor all of its sites, even those intended for non-EU audiences. Yet no such “right to be forgotten” exists under US law, and such a “right” is unlikely to stand up to the strong free speech protections afforded by the First  Amendment. To what extend can the EU force US-based search engines to censor data that is protected under US law? The answer to such questions remains contested.

A Tool for Censorship?

Since the 2014 CJEU ruling, the “right to be forgotten” has been heavily criticized by a number of individuals and organizations on the grounds that it allows individuals too much power to censor legitimate speech that happens to be critical of their person or actions. Prominent UK newspaper The Guardian has noted that numerous legitimate news articles on its site have been suppressed by Google in response to “right to be forgotten” requests. The Washington Post has received a request to remove unfavorable concert reviews (a request that is arguably invalid since the Washington Post is not search engine and thus is not directly subject to the 2014 ruling). Jimmy Wales, co-founder and former chairmen of Wikipedia and the Wikimedia Foundation, has criticized the ruling as being unnecessary and dangerous.

These criticisms note that free speech limits related to slander and defamation are already well established in most countries, and additional rulings targeted specifically at forcing search engines to remove otherwise legal content are unnecessary and overly limiting of free expression. They also note that the ability to enforce such a right is going to be difficult, if not impossible. The Internet is a global place, the the ruling of a single regulatory entity (e.g. the EU) within that space can never be fully applied to actors outside that entity’s jurisdiction. While large multi-national corporations such as Google and Microsoft can likely be forced to comply with such a ruling (at least domestically), smaller organisations with no business presence in the EU can easily skirt such requirements. And as larger search engines such as Google and Microsoft remove such listings, the market for smaller search engines to directly provide such results as a service grows.

All of this raises yet more questions. How far are countries such as those in the EU willing to go to enforce such rights? Will they be forced to start blocking large swaths of the Internet that refuse to comply with EU rulings, similar to what China does with the Great Firewall? Do such rulings bring legitimacy to the more totalitarian-oriented Internet censorship policies in place in countries around the world? Do attempts to enforce such a “right” accelerate the balkanization of the Internet into a series of multiple state-controlled Internets?

Such questions will need to be answered over the coming years. The state-less nature of the Internet, coupled with tensions between countries like the US that tend to favor free expression over privacy and countries like those in the EU that tend to favor privacy over free expression, make answering such questions complicated. Yet the ramifications of these answers will have far reaching consequences for the Internet, as well as privacy and free speech rights, for many years to come.

Last Week in Tech Law and Policy, Vol. 10: Digital Technologies and Innovation in the Distribution of Content

(by Sam Moodie, Student Attorney)

This past Thursday, Colorado Law’s Silicon Flatirons Center hosted a conference focusing on the current state of innovation in the creation and distribution of content.  The conference hosted well-known artists in music, film, television, and photography as well as major players in content distribution to discuss in part, how digital technologies are either enhancing or challenging traditional structures of creation and distribution.


Music has long been the stage to exemplify how digital technologies can frustrate and disrupt an entire content industry.  Some have argued that the rise of music piracy, peer-to-peer sharing, and pay-per-track have drastically reduced profits for music executives, song writers, and performing artists alike.  The new wave in music distribution is streaming—a technology made possible through licensing and advertising revenues.  However, artists claim that this model drastically under-compensates them  for their work, to the point where an artists song earning a million streams may not even earn the profit of $100.  In response, some popular artists like Taylor Swift has removed her work from Spotify, one of the most successful music streaming sites.

Many now question whether streaming has fundamentally shaken the music industry at its core, or if the traditional business structure simply needs to adapt slightly in order to remain relevant. Some take the perspective that users need to be retrained on the value of content, and how to interact with it.


Digital technology in the television industry has quickly stepped in to answer users’ demands to control their content.  The most notable means through which this has happened are subscription networks like Netflix and Amazon Prime.  This distribution model arguably assists in the democratization of television because producers can work directly with distribution companies instead of working within the traditional broadcast television structure.

Similarly, the interfaces used by these entities provide a wealth of content and allow users to interact and search for content on their own terms.  The subscription model allows for a wider array of content, often much edgier than can be found on mainstream television, and at a vastly lower price compared to cabe subscriptions.

This leads to the question of whether cable and broadcast are still relevant, and if so, if they can remain relevant in the future.  Some consider the current price of cable subscriptions to be unsustainable given the success and popularity on online streaming television.

Some see traditional and digital entities as being able to work together.  As noted at the conference,  cable providers and producers see themselves as the leaders in providing up-to-date and new content.  Coupling with entities like Netflix that provide past seasons of television shows all at once, allowing viewers to binge watch and catch up on past content, may be a perfect marriage for complete access to content.  However, with Netflix now creating its own series, how long will cable have a relevant role in this relationship?

Regardless, it is increasingly clear that these technologies are giving a considerable amount of leverage to users. The point where the balance has shifted, and industry executives are losing more and more control over their content.

Last Week in Tech Law and Policy, Vol. 9: International Hacking

(by Jeff Ward-Bailey, student technologist)

Government surveillance has been a frequent news items ever since the summer of 2013, when Edward Snowden leaked his first set of documents to journalists, explaining the software tools the NSA uses to monitor communications in the United States and abroad. But governments have employed shadowy means to gather intelligence about their own citizens and those of other countries, and have even attempted to disrupt the operations of governments perceived to be hostile to their interests, for many years.

In 2008 a sophisticated piece of malware called “Regin” began spying on governments and individuals in Russia, Saudi Arabia, Ireland, and a handful of other countries. Security researchers didn’t notice Regin until 2014, but the software hadn’t done any damage to infected systems: it had simply run in the background, watching its targets. Researchers initially surmised that Regin had been written by the US, Israel, or the UK to gather intelligence on foreign governments, and further investigation suggested that the British GCHQ spy agency had written the malware.

In 2010 the Stuxnet computer worm was discovered, which targeted industrial controllers in Iran and caused centrifuges used for the enrichment of nuclear material to tear themselves apart. It’s still not known for certain who wrote Stuxnet, but in 2011 Wired reported that it was “believed to have been created by the United States,” and in 2012 The New York Times reported that it was the product of a joint US-Israeli intelligence operation.

 Earlier this year security researchers uncovered a suite of surveillance platforms nicknamed EquationLaser, EquationDrug, and GrayFish. Circumstantial evidence suggests that the tools may be connected with the NSA (for example, the tools in the platforms match the names of tools in an NSA spy tool catalog leaked in 2013). Five Iranian companies who were previously infected by Stuxnet were also infected by the “Equation Group” tools.

Few would argue that when a government intentionally infects another government’s systems with malware in an effort to spy on them that practice is, at least, in an ethical grey area. But is such cyberspying (some would call it cyberwarfare, especially when the destruction of property is involved) necessary to protect against attacks? Does the potential for mitigating harm outweigh the ethical implications of spying? And does a government’s mandate to protect the safety of its citizens justify the practice of hacking or spying on other governments?

Last Week in Tech Law & Policy, Vol. 8: Consumer Privacy Bill of Rights

(By Paul Garboczi, Student Attorney)

On Friday, the White House released a draft of the Consumer Privacy Bill of Rights Act of 2015. This Wall Street Journal article summarizes the bill fairly well. The bill essentially sets forth a set of industry best practices that the Federal Trade Commission would enforce on the private sector. Private sector firms would be encouraged to create privacy codes of conduct, and if they broke their own codes the FTC could take action (although the FTC would not be given rulemaking authority). The bill attempts to give consumers the right to access their information by requesting it from companies. However, companies could refuse such a request if it was “frivolous or vexatious.” The bill is unclear on who would decide if such requests were frivolous. It basically calls on companies to respect and protect consumer privacy without creating a robust enforcement mechanism for consumer privacy.

Since the draft was released on Friday, criticism of the bill has been swift. Consumer privacy advocates are denouncing it for not going far enough in protecting privacy. Opposers of top down regulatory schemes are criticizing it for attempting a one-size-fits-all solution to a problem that requires a flexible approach, and burdening American innovation. The FTC itself released a statement criticizing the bill for lacking “strong and enforceable protections” for consumer privacy. There is also a concern that the bill would preempt state laws, some of which provide stronger privacy protections for consumers.

Tech Law & You #2: Honoring Fair Use Week

(by Chelsea E. Brooks, Student Attorney, and Jeffrey Ward-Bailey, Student Technologist)

This Monday, February 23rd through Friday the 27th is Fair Use week, a celebration of the doctrine which, in certain circumstances, permits the use of copyrighted materials without the authorization of the copyright holder.

In honor of this celebration, and this semester’s inaugural Tech Law & You episode, we present an interview with Ian Hales, a new media artist and designer who is currently an instructor at the University of Colorado, Boulder, in the Technology, Arts, & Media Program. We talk with Ian about his experiences with fair use as a professor, and discuss lessons for students and designers on the boundaries of fair use.

We also provide background to the legal aspects of fair use with the help of Kristelia García, an associate professor at Colorado Law, teaching trademark, property, and copyright-related courses and working with the Silicon Flatirons Center for Law, Technology, and Entrepreneurship.

Theme music is by The Carols. Tech Law and You is distributed under a Creative Commons Attribution-ShareAlike license.

Last Week in Tech Law & Policy Vol. 7: The Politics of Net Neutrality

By Austin Gaddis (Colorado Law 2L)

As the Federal Communications Commission (FCC) prepares for its much-anticipated vote on Chairman Wheeler’s net neutrality proposal on Thursday, Republicans on the Commission and in Congress are using the opportunity to stage one final battle before the votes are in and the lawsuits begin. Under the Chairman’s proposal, both fixed and mobile broadband services would be regulated under Title II of the Communications Act, which would ban throttling, blocking, and paid prioritization of Internet traffic by Internet service providers (ISPs).

Commissioner Ajit Pai, a Republican, has taken the helm as the chief critic of Wheeler’s plan, often dubbing it “the President’s plan” in a reference to President Obama’s public push to put pressure on the FCC—an independent regulatory agency—to adopt strong net neutrality regulations. Commissioner Pai’s foray into the debate represents the most high-profile opposition of his tenure at the Commission.

On Capitol Hill, Republican lawmakers are also using their platform (and gavels) to put implicit and explicit pressure on FCC as it prepares for Thursday’s vote. Currently, three congressional committees have lined up to investigate the White House’s influence on FCC’s decision-making process, especially since Chairman Wheeler seemed to be signaling a  different approach to the net neutrality proceedings before the President’s public campaign in support of strong Title II regulations late last year. One committee, the House Energy and Commerce Committee, has decided to delve even more into the commission’s operations, calling attention to Chairman Wheeler’s use of the agency’s “delegated authority.”

In an address at Colorado Law several weeks ago, Chairman Wheeler outlined his vision for the future of broadband under a Title II regime, delivering what TechCrunch called an “explanatory manifesto of the Chairman’s thinking.” In the speech, he attempted to respond to critics of his plan who think of Title II regulation as an outdated relic of the past, calling instead for a modernized Title II that addresses the unique opportunities and challenges that the Internet poses in the contemporary world.

Articles we’re reading:

TLPC Briefs Copyright Office on E-book Accessibility DMCA Exemption

(by James Frazier, Melissa S. Jensen, and Samantha Moodie, Student Attorneys)

Last Friday, the TLPC, the American Foundation for the Blind, the American Council of the Blind, and the Library Copyright Alliance filed a comment at the U.S. Copyright Office requesting a renewal of the exemption to Section 1201 of the Digital Millennium Copyright Act aimed at  making e-books more accessible to people who are blind, visually impaired, or print disabled and authorized entities. If renewed, the exemption would increase access to literary works and educational resources for people who are blind, visually impaired, or print disabled.

Take a look at the long-form comment attached here, and stay tuned for the Copyright Office’s decision later this year.




Last Week in Tech Law & Policy Vol. 6: Self-Driven Tech

(by James Frazier, Student Attorney)

Planes, automobiles, and artificial intelligence. This week, the FAA released new rules regulating drones, Apple and Sony threw their hats into the autonomous automobile arena, and Great Britain announced that it will release new rules governing driverless car testing in the UK. Mike Hean, a Swiss entrepreneur, suggested that driverless cars should be programed with advanced artificial intelligence that would allow an Uber-style ride sharing app. Indeed, Hean believes that driverless car should be able to own themselves, and even earn their own income. Tying these threads together, MIT’s Tech Review released an article this week outlining some contemporary concerns about artificial intelligence.

Continue reading “Last Week in Tech Law & Policy Vol. 6: Self-Driven Tech”

Last Week in Tech Law & Policy, Vol.5: Funding Privacy

(by Joseph de Raismes, Colorado Law 3L)

This week, I would like to look at internet privacy, how privacy tools are funded, and what  the future of privacy should look like.

Last week, ProPublica ran Julia Angwin’s excellent profile of GnuPG’s lead developer Werner Koch. Koch wrote the free email  encryption tool GNuPG in 1997, and has been keeping the project alive basically single-handedly ever since. In response to ProPublica’s profile, Koch received an outpouring of support in the form of private donations and grants.

Werner Koch’s situation drew the attention of cryptographer Matt Green, who questioned the entire framework of how we fund the long-term development of privacy tools.  In his post, Matt draws attention to the fact that the US government has been an extremely important funding source for key privacy tools, but questions the sustainability of the current framework for funding research and development in this area.

In light of the Snowden revelations, real name systems, perma-cookies, browser fingerprinting, and other sophisticated tracking measures, internet privacy seems more and more like a thing of the past. Is internet privacy a value that should be fostered (and funded) in a cohesive manner?