BizLawTech

URGENT:Blog and RSS Feed Relocated

The BizLawTech Blog and accompanying RSS feed have been relocated to their new permanent home on the Touro Law Center Web site. The URL for the Blog is now:

http://iblt.tourolaw.edu/blog

and the RSS feed may be found at:

http://iblt.tourolaw.edu/blog/index.rdf

Please change your bookmarks, Favorite Places and links, and I look forward to providing you with more content at the site's new home! {Jonathan}

posted by Prof. Jonathan I. Ezor # 5/30/2003 02:07:00 PM

Electronic Signatures: Small Steps Toward a Huge Hurdle

BusinessWeek's Stephen H. Wildstrom has an article where he discusses the adoption by the National Notary Association of an electronic signature recordation system to replace the existing paper logs notaries use. Wildstrom's article does a good job of discussing why this system, although combining electronic storage and signatures, is a far cry from what legislators envisioned when they enacted federal and state electronic signature laws.

Having served on the advisory board of a now-defunct startup creating digital signature technology, as well as having worked for an Internet-based document printing firm, I've gotten my hands dirty in the issues involved in electronic signatures. The reason we don't have usable digital signatures today is not legal--it's practical: the technology is simply not consumer-friendly.

The point of a signature is to uniquely identify the person putting it on the document. That way, a legitimate signer cannot later deny having agreed to the contract or whatever is being signed, and a forgery can (in theory) be detected by comparing the forged signature to the real person's actual signature. Any legally-binding electronic signature method must function in the same way, to uniquely identify each "signer" and to allow forgeries to be discovered. Today, you've got two main choices for this type of unique identifier: either biometrics (fingerprint, retina or other biological identification methods) or through public key infrastructure (PKI) encryption systems. (The National Notary Association discusses PKI systems and digital signature laws in this position paper.)

Biometrics require special hardware, have a major cultural hurdle of "Big Brotherism" to overcome, and are generally limited to high-security industry and governmental needs. PKI in theory works on every computer, and in fact (as Wildstrom correctly points out) is in use in almost every Web browser program, but that version of PKI merely provides security, not identification. To add identification, each user must either be given or create his or her own unique private digital "key", and then install and use it to generate public keys on each machine where the signature will be issued. Most people simply do not have the knowledge to do this, nor to figure out issues related to backing up keys in the event of power failure or machine theft. For that matter, even computer-savvy people have trouble getting PKI systems to work, and generally find even when they do that there's no one else with whom to use the systems. Until software and hardware developers can make the creation and use of unique encryption keys or biometric identifiers both easy and comfortable for the average consumer, including the average businessperson, digital signatures will remain a marginalized methodology at best.

I'd appreciate your thoughts. {Jonathan}

posted by Prof. Jonathan I. Ezor # 5/28/2003 12:23:00 PM

North Dakota Internet Libel Case and a Parallel With an Older Medium

The National Law Journal had an article by Dee McAree last week, discussing a case called Wagner v. Miskin out of the North Dakota Supreme Court. The point of the article was that the court found jurisdiction where an out-of-state Web site run by Miskin targeted Wagner, an in-state resident and former professor, with defamatory statements. The N.D. Supreme Court upheld a $3 million judgment won by Wagner.

I find it extremely interesting that the most groundbreaking Internet jurisdictional questions are arising not in a strictly commercial context, but in the greyer area of libel law. One reason is because libel laws differ so greatly in terms of standards of proof and available damages depending on the jurisdiction. As a result, allegedly defamed plaintiffs can forum shop literally anywhere in the world, although US courts may disagree. Additionally, libel is one of the major torts that can happen instantaneously throughout the world the moment content is placed online. About the only other legal areas where these type of jurisdictional claims are happening in such large numbers are intellectual property matters like copyright and trademark infringement actions.

It occured to me while thinking about this case and the issues it raises that there is another medium where any individual has the potential to communicate to a large portion of the world essentially instantaneously: shortwave radio. Shortwave and the Internet are often compared, and both are used to get messages out of disaster-stricken areas where telephone lines and traditional broadcasting stations are unavailable. I would love to find out whether anyone ever tried to bring a libel action against something said over a shortwave broadcast in another country. It would also be interesting to see if such a case would be used as a precedent in an Internet-based libel action.

One more case to raise with my Cyberlaw class this fall. {Jonathan}

posted by Prof. Jonathan I. Ezor # 5/28/2003 12:23:00 PM

The Blogging Experience
I decided early on in my tenure here at the Institute for Business, Law and Technology that I wanted to incorporate a Blog into my activities. I started out with Blogger and BlogSpot, and announced my new Blog to a number of tech law e-mail lists. Lo and behold, I was immediately hit with requests to add an RSS feed to my Blog so it could be listed and syndicated by sites including Blawg and The Daily Whirl. Great, except that when I used a publicly accessible Blogger-to-RSS converter, it didn't work well. I've kludged something together, but am finding it almost impossible to get Blogger to let me into my own account to edit my Blog. I have installed and am now configuring MoveableType, and will shortly move my Blog over to a personal Web host. Please stay tuned for yet another configuration change. {Jonathan}

posted by Prof. Jonathan I. Ezor # 5/27/2003 01:46:00 PM

Anti-Spam Method Patent Lawsuit Filed: Method Itself Seems Flawed According to this press release, Mailblocks, Inc. filed a patent suit last week against Earthlink, claiming that Earthlink's spam blocking infringed on a patent held by Mailblocks for its "Challenge/Response" technology. I can't say whether the suit itself has any merit, but I question the methodology of the supposedly-infringed spam blocking method. According to the release, the technology relies on a "whitelist": if the sender is not listed in the recipient's address book, a verification query is automatically sent out to the sender to ensure it's a real person and not a machine. Users must give a special e-mail address to subscribe to electronic newsletters and other desired e-mails sent by machines. Even assuming the user remembers to do this, and remembers what the special address is, many newsletter subscriptions require an *e-mail* to be sent from the subscribing address. In order to do that with Mailblocks, you must use their Web-based e-mail service to send out the subscription requests, which eliminates the "Click Here to Subscribe" features of many lists. The Mailblocks site also says it works only with IE; I use Netscape Navigator, so I'm already turned off. While I applaud Mailblocks' efforts to help users deal with the scourge of spam, the notion of a whitelist, particularly one with challenge/response features, strikes me as a non-starter for most users. I think we'll all know when these whitelist challenge/authentication programs become popular: We'll begin to see tens of these automated messages on every discussion list we receive, the same way that a mis-sent mass e-mail can often generate a flood of "why did I get this, please unsubscribe me" messages also sent to every one on the list. What do you think?

posted by Prof. Jonathan I. Ezor # 5/27/2003 01:45:00 PM

RSS Feed of IBLT Blog has Changed For reasons of bandwidth availability, the RSS feed for this Blog has changed. The new RSS feed is at: http://www.panix.com/~jezor/rssify.php?url=http://iblt.blogspot.com I hope this is of use to you. {Jonathan}

posted by Prof. Jonathan I. Ezor # 5/22/2003 10:59:00 AM

Spam Laws' Unwitting Victim: Sponsored E-mail Lists I was reading an article by Gary Young in the National Law Journal that quoted Professor David Sorkin as wishing for a law to prohibit all unsolicited commercial e-mail. Setting aside Sorkin's admitted difficulty in defining "unsolicited" and "commercial" to properly deal with spam while allowing through "desired" e-mails, it got me to thinking: what about unsolicited commercial messages from one party that come in another's e-mail message? We all can think of examples of this, from the ads attached to Yahoogroups messages to those e-mail newsletters like those from Adventive that only survive because they sell advertising space within the text. The argument can be made that, even if the recipient "opted in" to the publication or message, he or she did not opt in to the specific advertisement being included; therefore, the ad is unsolicited commercial e-mail. I am concerned that any law prohibiting unsolicted commercial messages delivered via e-mail may mean that all of those other advertising-funded e-mail publications may face serious business problems. For example, suppose a law states that any unsolicited commercial e-mail message must label itself with "ADV", must properly identify the sender, and must have explicit and accurate unsubscribe instructions in the body of the advertisement. How do you do that with a banner ad, and how do you enable a recipient to unsubscribe from a single text ad placed within the body of a newsletter without unsubscribing to the entire newsletter? I remain convinced that while laws should be enforced, or new ones enacted, to combat actual fraud in spam (forged headers or illegitimate opt-out instructions that instead verify the address for future spam, for example), anti-spam laws as a whole are not only probably unworkable, but a bad idea. It is far better to encourage education of users and the development of open-source antispam tools to cut down on the true villains, the bulk e-mailers of patent nostrums and fraudulent financial promises. {Jonathan} Your thoughts?

posted by Prof. Jonathan I. Ezor # 5/21/2003 10:55:00 AM

When Isn't Electronic Communication Appropriate? I caught this "human interest" piece here on the CNN Web site about an Australian traffic controller who sued after he was fired via a text message to his cellphone. What is interesting to me is the quote from the New South Wales Industrial Relations Commissioner who heard the case, Elizabeth Bishop. CNN stated that Commissioner Bishop said that E-mails, text messages and answering machines were inappropriate for important official business communication. She then ordered the parties to try to reconcile. E-mails inappropriate for important business communication? That would come as a major shock to businesses here in the United States, and certainly elsewhere in the world too. I understand the point in connection with text messages (particularly the shorthand kind), but it seems overbroad to extend the analogy to full e-mail messages written with proper grammar and care. {Jonathan}

posted by Prof. Jonathan I. Ezor # 5/20/2003 01:32:00 PM

Anti-Spam Method Patent Lawsuit Filed: Method Itself Seems Flawed According to this press release, Mailblocks, Inc. filed a patent suit last week against Earthlink, claiming that Earthlink's spam blocking infringed on a patent held by Mailblocks for its "Challenge/Response" technology. I can't say whether the suit itself has any merit, but I question the methodology of the supposedly-infringed spam blocking method. According to the release, the technology relies on a "whitelist": if the sender is not listed in the recipient's address book, a verification query is automatically sent out to the sender to ensure it's a real person and not a machine. Users must give a special e-mail address to subscribe to electronic newsletters and other desired e-mails sent by machines. Even assuming the user remembers to do this, and remembers what the special address is, many newsletter subscriptions require an *e-mail* to be sent from the subscribing address. In order to do that with Mailblocks, you must use their Web-based e-mail service to send out the subscription requests, which eliminates the "Click Here to Subscribe" features of many lists. The Mailblocks site also says it works only with IE; I use Netscape Navigator, so I'm already turned off. While I applaud Mailblocks' efforts to help users deal with the scourge of spam, the notion of a whitelist, particularly one with challenge/response features, strikes me as a non-starter for most users. I think we'll all know when these whitelist challenge/authentication programs become popular: We'll begin to see tens of these automated messages on every discussion list we receive, the same way that a mis-sent mass e-mail can often generate a flood of "why did I get this, please unsubscribe me" messages also sent to every one on the list. What do you think?

posted by Prof. Jonathan I. Ezor # 5/20/2003 10:46:00 AM

Somewhat Off-Topic: Trade-In Deal on New Palm Handhelds As you'll see in this Blog, I am a heavy user of PalmOS handhelds, having started with the Pilot 1000 back in 1996 and currently pushing my Palm IIIxe well past the design specs. In fact, most of my book was written on my Palm handhelds, using a combination of Graffiti and the available keyboards. If any of you, like me, are looking at the newest Tungsten and Zire models, you might be interested to know that Palm is currently offering a $50 rebate on one of the newer models if you mail in a working old one. Find out more here. {Jonathan, thinking about the new Tungsten|C}

posted by Prof. Jonathan I. Ezor # 5/19/2003 05:47:00 PM

Welcome to BizLawTech! Welcome to the BizLawTech Blog, published by the Institute for Business, Law and Technology (IBLT) at Touro Law Center in Huntington, NY. I'm

Jonathan Ezor, a business technology attorney and the Director of the IBLT. I'm also the author of CLICKING THROUGH: A Survival Guide for Bringing Your Company Online (Bloomberg Press 2000), as well as numerous other articles on issues of business and technology law. The IBLT was founded with a simple mission: To serve as the source of information and best practices in business and technology law for our students, attorneys and businesspeople throughout Long Island and far beyond. The word "Business" in our name is not accidental: from the initial planning of the IBLT more than two years ago, this was meant to be a business-focused program, rather than one specializing in more esoteric policy discussions. To be sure, we'll have our share of debates about whether information is meant to be free, copyright as an offensive tool, and free speech online, but we will also be talking and teaching about joint ventures, contract provisions, online advertising, and the practical issues of privacy protection and information use on the Internet. This blog has a number of purposes. First, it will serve to highlight legal decisions, new laws and rules, and general articles on relevant topics. Our sources will include not only government sites such as Thomas but technology-related discussions such as the oft-quoted Slashdot. I also hope to use this blog as a forum for my own musings on the intersection of business, law and technology, especially in emerging areas like wireless networking. Finally, the blog will allow me to announce programs that we're running here at Touro that might be of interest to you. Check back frequently, and make sure you write me to let me know what you think, tell me about new articles, or just join the conversation. Although written for many Web sites, and maintained a few as well, this is my first voyage into Blogdom, so I'll be learning as I go along. I hope we can enjoy the adventure together. {Jonathan}

posted by Prof. Jonathan I. Ezor # 5/19/2003 04:34:00 PM

BizLawTech

5/30/2003

5/28/2003

5/27/2003

5/22/2003

5/21/2003

5/20/2003

5/19/2003

Archives