Leading-Edge Law Group, PLC

California loses, Virginia wins. Congress rushed passage of its "Can Spam Act" to enable President Bush to sign it before California's tough anti-spam law went into effect on Jan. 1.

The federal law will nullify all state laws that regulate spam, except for state laws that prohibit falsity or deception in e-mail solicitations, such as forging e-mail headers to get past spam filters.

California's new law had prohibited all unsolicited commercial e-mail to its residents. Advertising e-mail could be sent only when requested or when based upon an existing business relationship.

The Direct Marketing Association and its allies howled in protest. The federal law will pre-empt this California law.

On the other hand, Virginia's anti-spam law will survive. Until passage of California's act, the Direct Marketing Association called Virginia's act "the toughest anti-spam law in the nation."

Virginia's law doesn't try to regulate all spam. Instead, it criminalizes falsity and deception in the technical aspects of spam, in addition to authorizing lawsuits by Internet service providers and spam recipients, and providing for civil forfeiture of spammers' technical assets.

Indeed, Virginia should be flattered by how the federal statute mimics the state's focused but tough approach. Like Virginia's law, the federal law makes it a felony, punishable by up to five years in prison, to use electronic falsity or deception to propagate spam.

Opt-out advocates defeat opt-in advocates. In anti-spam debates, a heated disagreement exists between "opt-in" and "opt-out" forces. For now, the opt-out forces have won.

Opt-in advocates contend that no one should be permitted to send a commercial solicitation by e-mail unless the sender has prior, I-checked-the-box approval from the recipient. Some in this camp don't stop at commercial e-mail and would apply this prohibition to all mass e-mail, including political and religious items.

Opt-out advocates will permit unsolicited commercial e-mails on the first sending but would require the sender to honor any request for deletion from the mailing list and would require that the sender have a user-friendly way of opting out.

The federal law follows the opt-out approach. The emasculated California law and a coming European Union law follow the opt-in approach. Yet, even if the federal law had adopted the opt-in approach, there's a good chance that it would have been found to be an unconstitutional restriction of commercial speech.

A national do-not-e-mail registry, maybe. The federal law permits the Federal Trade Commission to create a do-not-spam list, but does not require it and leaves the door open for Congress to stymie it.

The law requires the FTC to create a plan and timetable for such a list within six months, and gives permission to (but does not require) the FTC to implement such a list no sooner than within nine months. Yet, if the FTC proposes such a list, it's hard to see Congress or the president killing it, especially if the FTC moves to launch one on the eve of the 2004 election.

Laws alone won't work. Legislation alone, no matter how draconian, cannot end spam. Indeed, the new federal act says so in its preamble.

For instance, on Dec. 11, I received an e-mail from the Virginia Attorney General's office touting the first felony charges lodged against spammers under Virginia's anti-spam law. That same day, I received 13 e-mails that each violated the criminal portions of the law because of their forged e-mail headers.

I've received such felonious e-mails every day since Virginia's law took effect on July 1.

All of the players in the spam debate agree that unwanted e-mail can only be reduced, not eliminated, and that doing so requires a four-part strategy: use of criminal and civil enforcement against illegal spam; use of anti-spam technology, such as filters; education of e-mail users about e-mail practices that unwittingly facilitate spamming; and a continued market demand for relief from spam.

A lot depends on the FTC. The new federal act gives the FTC a lot of power to affect the law's strength. For example, the FTC will decide by regulation when an e mail has the primary purpose of soliciting a commercial transaction. E-mails that don't have such a primary purpose aren't regulated.

The FTC will be the primary agency for enforcing the non-criminal aspects of the law, namely any failure to include a sufficient opt-out opportunity and to honor opt-outs.

Instead of legislating, it ordered the FTC to study whether bounty hunters should be allowed to share in civil penalties that the FTC imposes against illegal spammers. Congress also instructed the FTC to study whether the law should require that the characters "ADV" (short for "advertising") be placed in the subject line of all spam.

In the Federal Trade Commission’s eyes, the U.S. patent system is producing many low-quality patents, doing it too slowly, and the patent litigation is too expensive to weed out “bad patents.”

The FTC recently advocated a bag of proposals intended to toughen and speed up the scrutiny of patent applications and to make it easier to invalidate bad patents in infringement litigation.

Some bad apples do escape inspectors. The U.S. Patent and Trademark Office still gets gibes for issuing a patent in April 2002 on a method of swinging on a swing (patent number 6,368,227). With the aid of his patent-attorney father, 7-year-old Steven Olsen won a patent on swinging on a swing from side to side by standing on the seat and alternating inward arm pulls on the right and left chains.

A criterion of patentability is that an invention must be new – in other words, it must not have been previously invented. I recall swinging in this manner as a young boy and remember seeing other children doing it too. It makes one wonder whether patent examiners ever went out to play as kids.

But is the infamous swing patent representative of poor patent examination practices or just an odd duck?

The FTC builds its case for widespread bad patenting primarily on its assessment that the patent examination and litigation system is stacked in favor of issuing and upholding (or, at least, not challenging) bad patents.

The FTC argues that patent examiners are overwhelmed with work and, thus, don’t have time to strenuously test all patent applications. It’s true that the Patent and Trademark Office must process about 300,000 applications annually (growing about 10 percent a year) using only about 3,000 patent examiners.

The FTC asserts that the Patent and Trademark Office needs far more money to do its job effectively, such as to hire more examiners. Patent application fees in the United States are multiples lower than in Japan and (collectively) in Europe.

The U.S. presently diverts part of patent fees from the Patent and Trademark Office to fund other governmental spending, and the FTC insinuates that such diversion should end at the least.

The FTC also contends that the patent law and Patent and Trademark Office examination procedure mandates various presumptions that favor the granting of patent applications instead of vigorous scrutiny. The FTC adds that the requirement that a defendant in a patent infringement suit prove that a patent is invalid by a high standard of proof is unfair given the presumptions that make patent issuance favored during examination.

For these reasons, the FTC proposes many changes that would make it tougher for patent applicants and owners at every turn.

The FTC wants to give examiners additional procedural powers to permit them to be more aggressive in examination and to allow more examiner time per application.

The FTC wants to create a new process, after the patent examiner has approved the application in final form, for third parties to challenge the patent. Such a practice exists in Europe and already exists in the trademark registration process (the other half of the Patent and Trademark Office’s duties).

Unless controls are put in place, this review process could turn into an opportunity for bullying and delay by wealthy opponents. The FTC recognizes the need for such protections. With such protections, it makes sense to have a relatively low-cost opportunity to nip bad patents in the bud.

Otherwise, interested third parties generally don’t critique patents until patent infringement litigation arises, and that’s the most expensive litigation known to man.

The FTC also wants to make it easier for patent infringement defendants to demonstrate that issued patents are invalid. The FTC wants to lower this standard from “clear and convincing evidence” to just “a preponderance of the evidence” (in other words, to a standard where the party with the strongest evidence and argument wins).

This proposal will generate the biggest controversy. Patent holders will rightly complain that the patenting process is made nearly meaningless, and that patents won’t be regarded as much of a property interest, if a court can invalidate them merely by having a different opinion than the patent examiner.

Those hamstrung by the patents of others can counter that few property rights come insulated against successful attack in litigation. Ownership of tangible property (land, cars, money) often is tested only when someone files a lawsuit to do so.

Overall, one cannot predict comfortably how the FTC’s proposals will fare. Powerful constituencies have a strong interest in the patent status quo – patent lawyers, holders of large patent portfolios and, arguably, some Patent and Trademark Office employees.

Yet, powerful forces advocate change, such as business of all sizes that claim to be stymied or cowed by a purported thicket of bad patents. Thus, Congress could swing either way on these proposals.

In the technical and legal world, the increasingly global span of business transactions can make convenience a necessity and can inspire the creation of global systems previously considered impossible.

In the technical world, the love of surfing inspired Norm Abramson to create the first wireless computer network.

In the late 1960s, Abramson was an engineering professor at Stanford University. Because he also was an avid surfer, he sought and obtained a professorship at the University of Hawaii’s engineering school so he could pursue his hobby and career simultaneously.

Working in Hawaii, he took on the challenge of establishing effective computer communications between the Hawaiian Islands.

Until Abramson arrived on the scene, computer communications had occurred by fixed telephone line and a device similar to an analog modem. While any two computers might be able to communicate, there was no real-time network.

Abramson invented a technology that allowed the operator of any computer in a network of Hawaiian computers to send data via radio signal to any other computer in the network.

The kernel of his invention was a means of enabling the computers to communicate with each other at any time without simultaneous radio transmissions canceling each other out.

Abramson named his first-of-its-kind Hawaiian computer network “Alohanet.” Perhaps that’s why we say that people “surf” the Internet.

For U.S. businesses, a legal breakthrough of similar import will occur on Nov. 2 when the United States becomes an active member of the Madrid Protocol, an international treaty concerning trademarks.

A crucial asset for selling any product is having a registered trademark for the product’s name (such as “Coca-Cola” for a soft drink).

You can use that trademark registration to prevent would-be imitators from free-riding on your brand name’s goodwill by giving their similar products confusingly similar names.

Despite our increasingly global marketplace, trademarks mostly are earned and registered on a country-by-country basis. Thus, until now, if a U.S. business wanted to sell its product in 10 other countries, it would need to apply for trademark registration in each of those 10 countries.

This piecemeal application process is cumbersome and expensive. It necessitates hiring an attorney specializing in trademarks in each country and a U.S.-based attorney to coordinate and keep track of the overall effort.

On Nov. 2, the United States will become an operational member of the Madrid Protocol, which offers the opportunity to file a single international trademark application that can lead to individual trademark registrations in each country that participates in the protocol.

Most first-world countries participate in the protocol, although, regrettably, neither Canada nor Mexico are members yet.

To use the protocol, a U.S. business must base its international application upon an existing U.S. trademark application or registration. The company can request that any of a list of foreign countries grant a trademark registration, albeit one no broader in the goods or services it covers than the related U.S. trademark registration.

After the U.S. Trademark Office and an international trademark organization check certain procedural matters, the application will be forwarded to each requested country for consideration.

If a designated country raises a problem, only then must the U.S. company hire an attorney in that country to attend to the matter. If no problem arises, that country will issue a trademark registration to the U.S. company.

Total filing fees and attorneys’ fees should be substantially lower under the centralized protocol scheme than under the country-by-country approach.

Also, when using the protocol, the country-specific trademark registrations gained will be easier to administer because there will be one single date for renewal for all of them rather than a different renewal date for each foreign country.

In addition, taking certain administrative actions to maintain trademark registrations, such as changing the address of the registered owner, can now be accomplished through one central filing instead of having to make individual filings in each country.

Yet, the protocol might not be the perfect international trademark vehicle for all U.S. companies. Some parts of the world, such as the European Community, offer regional trademarking processes that allow for less scrutiny by each member country.

Protocol applications are fully scrutinized by each country in which the applicant seeks protection. Also, the U.S. Trademark Office requires a more specific and narrower description of the trademarked goods or services than most foreign countries.

Yet, under the protocol, your foreign applications cannot be any broader in coverage than your U.S. trademark registration.

For that reason, some companies might choose to not use the protocol, or might try to utilize the protocol via a branch office in another country, in order to avoid the narrowness of U.S. trademark registrations.

On the eve of launching lawsuits against folks posting and downloading copyrighted music files over peer-to-peer (P2P) networks, the Recording Industry Association of America announced a blanket “amnesty” offer for everyone who promises to stop illegal music file sharing.

Some commentators have sowed confusion on the liability of P2P users with loose talk about “fair use” and what they believe the law should condone. Don’t be confused. Uploading and downloading copyrighted music files absolutely violates the law.

The courts handling lawsuits against P2P services such as Grokster have stated unequivocally that the underlying music file-sharing conduct of individual users constitutes copyright infringement. These courts are right.

When you download a copyrighted song from someone else’s computer, you make a copy without the permission of the copyright owner. When you post a song for downloading by others (or, at the least, when someone later downloads it), you distribute that song without the permission of the copyright owner.

The copyright owners have the exclusive right to authorize copying and distribution of their works, so using P2P to post and copy songs is copyright infringement.

Such conduct isn’t “fair use.” Under the Fair Use Doctrine, in some cases, partial or (rarely) total copying of someone’s copyrighted work without permission isn’t copyright infringement. But our copyright law limits that exemption to situations such as parody, public commentary, news reporting and teaching.

Courts hold that copying that tends to displace commercial sales of copyrighted works generally isn’t a fair use. The sales of music CDs have declined 25 percent since 1999 because of P2P networks.

Some folks counter with lame justifications, such as claiming that they use P2P to listen to music before making the decision to buy, or that they use P2P to obtain hard-to-find tunes, or that CDs cost too much. None of these excuses makes file sharing into fair use.

Perhaps you have heard that the RIAA has run into problems in subpoenaing the identities of music posters from Internet service providers. Some courts have yet to resolve procedural issues, such as where such subpoenas must be filed. Yet, there is no ultimate legal bar to these subpoenas and, given the dire financial straits of the recording industry, it will press on.

Most importantly, the deal doesn’t guarantee that anyone who could sue you will never sue you. The RIAA promises only that it will not “support or assist” in any copyright-infringement suit against you. Nothing prevents a record label or other music-copyright holder from suing you without the RIAA’s help.

Yet it’s unlikely someone else would sue you. The RIAA is the enforcement arm (and general bad cop) of the record labels.

Theoretically, anyone who ever illegally downloaded or uploaded music is exposed. But having that affidavit notarized will be embarrassing, so is the protection worth it?

So far, the RIAA has focused its lawsuits on people who have posted many illegally copied music files for download by others – on average, more than 1000 songs. You can set your P2P software so others cannot download from you (instructions are on www.musicunited.org). The default setting allows others to download.

Also, the RIAA didn’t get rolling on subpoenaing illegal posters until this summer. Thus, as of the beginning of the summer, if you had lots of illegally downloaded songs available for downloading by others, you are a prime target.

If you disabled downloading by others before the beginning of the summer, you’re probably in the clear, because the technology used by the RIAA looks for illegally posted songs.

If you didn’t disable downloading but also didn’t grab many songs – perhaps only a couple of hundred or less – then you could be identified and sued, but you are smaller than the average RIAA target, so far.

If you get sued, the law authorizes the awarding of up to $150,000 in damages for each workyou infringe – meaning each song you illegally download or post.

Yet the RIAA probably would settle with you for much less. It settled four suits against college students in the $13,000 to $17,000 range, and each of them ran mini-Napster-like networks at his or her school.

In the end, it’s ironic that singers who glorify thug life in their music condemn theft via P2P networks. For example, rapper Eminem denounces file sharing and mocks “those little sissies on TV, talking about how 'the working people should just get music for free.’”

Yet the lyrics to his “songs” are peppered with hosannas for robbery and worse, such as this tame example: “Stole your mom’s Acura, wrecked it, then sold it back to her” (from “Wake Up Show Freestyle”). Doesn’t that lyric sum up nicely what P2P is doing to the recording industry?

Will companies be held liable for the consequences of theft of identifying information belonging to their employees and customers?

Long ago, companies sometimes gave away such information voluntarily. Indeed, the largest case ever of misuse of a Social Security number resulted from an employer’s disclosure.

In 1938, a wallet manufacturer, the E. H. Ferree Co., placed a sample Social Security card in each wallet to promote the wallet’s functionality. The card had the word “specimen” written across its face and was printed entirely in red. Still, the card contained the actual Social Security number of Hilda Whitcher, the secretary of the wallet company’s vice president.

Many people adopted the Social Security number on the card as their own. In 1943, a peak number of 5,755 people were using Whitcher’s number and, in total, more than 40,000 people did so.

While no modern-day employer would be so reckless, companies can be data gold mines for identity thieves. Companies possess the Social Security numbers of their employees and, sometimes, their customers. They often have account numbers and credit-card numbers on file.

Identity thieves try to access this information by computer hacking and dumpster diving. Some rogues even seek jobs with financial-services firms just to position themselves to steal identities.

Across the country, the law is moving toward creating a duty on companies to create safeguards against identity theft.

For example, California recently enacted a statute that requires a business to disclose any breach of its computer security that enables someone to obtain the name of a person coupled with certain other information, such as a Social Security number, account number or credit-card number.

When unauthorized access occurs, the law requires the company to notify promptly all affected people so that they can be vigilant for misuse of the information. The law permits people harmed by undisclosed theft to sue the company for damages, and California is permissive to class-action suits.

This statute might cover some Virginia companies because it can be interpreted to apply to any company with protected information in its database about even a single Californian. Eventually, litigation will test whether California can exercise jurisdiction over companies in other states on such a thin basis.

Other state legislatures may follow California’s lead. Georgia recently enacted a statute requiring businesses that discard sensitive identifying information to make reasonable efforts to destroy it first.

Even without new statutes, a recent court ruling of the New Hampshire Supreme Court could trigger other courts to hold companies responsible for negligence that leads to identity theft.

In the New Hampshire case, a stalker utilized an Internet-based private investigative service to locate a woman’s place of employment and later killed her at her workplace. The New Hampshire Supreme Court held that the investigative service might be liable for not being careful in screening its customers.

This decision may be seminal because it departs from the general rule regarding responsibility for criminal acts and does so in the field of identifying information.

Ordinarily, the law doesn’t impose a duty on private companies to protect people from crime, even if the possibility of crime is foreseeable. For example, under Virginia law, landlords don’t have a duty to protect renters from muggers, even in dangerous parts of town, unless the landlord knows of a specific, likely threat.

Yet, the New Hampshire Supreme Court noted that you have a duty to guard others from crime when a “special relationship” or “special circumstances” exist. Most states (including Virginia) have a similar theme in their law.

Applying that principle, the court held that the prevalence of identity theft and stalking created special circumstances for investigative services, so they have an obligation to be discerning in deciding to whom to sell identifying information.

This analysis fits the employer-employee and the merchant-customer relationship. Employees and customers can’t control the handling of their identifying information once it’s been provided to a company – only the company can.

Certainly this dependency creates a “special relationship,” so the employer or merchant should have a legal duty to be careful in handling identifying information.

So what precautions can a company take against identity theft? Consider these suggestions:

After she became famous for her stolen Social Security number, Hilda Whitcher came back from lunch one day to find her co-workers serenading her with a popular song titled “Here Comes the Million Dollar Baby from the Five-and-Ten-Cent Store.” Companies that do not take precautions against the theft of identifying information could be pregnant with potential million-dollar jury verdicts just waiting to be born.

Can an employer use the law to stop a disgruntled former employee from sending e-mails to current company employees?

Recently, the California Supreme Court held that the law does not create blanket power of employers to stop such e-mails. This case concerned Kourosh Kenneth Hamidi, a former Intel employee who managed to sustain his ire for Intel for several years after his employment ended. During a two-year span in the late 1990s, Hamidi sent six e‑mails each to about 30,000 Intel employees, criticizing Intel’s employment practices.

Intel tried to block Hamidi’s e-mails by instructing its servers to not deliver messages coming from Internet protocol addresses used by him. (Every computer attached to the Net has a unique Internet protocol address). Hamidi, however, kept circumventing this blockage by switching computers. Rankled, Intel eventually sued, arguing that the law prohibited Hamidi from using Intel’s property (its computer system) after Intel forbade him to do so.

Intel tried to use a legal theory that other companies have used successfully to obtain injunctions against spammers. Intel argued that Hamidi had committed “trespass to chattels,” which is lawyer-speak for using someone else’s personal property without permission and causing damage to it.

The court acknowledged the validity of the spam cases but found Hamidi’s case was different. With spam cases, spammers often send millions of e-mails through the servers of other companies, such as Internet service providers. The volume of spam degrades the performance of the companies’ servers and raises their cost of computing. Yet, an occasional batch of 30,000 e-mails was not technologically significant to a company the size of Intel.

The court said that the volume of e-mail must be so significant that it impairs the value of the owner’s computer system; otherwise, the law isn’t broken.

Unquestionably, this ruling is a victory for former employees looking to cause commotion or vent frustration via e-mail. Other modern means of electronic protest, such as Web sites and Web logs (“blogs” in Web lingo), require the target audience to look up the material; cranky e-mail needs only to be opened.

Yet, even if Intel had won the legal battle, would it have been worth fighting at all?

Intel employs about 78,500 people according to The Wall Street Journal. Certainly Intel has faced incidents where a former employee has appeared at a company facility to complain about being fired or to generally stir trouble. Yet, I could not find a single news article mentioning such a situation, such as an arrest for trespassing.

Conversely, this lawsuit generated extensive publicity and made Intel appear to be a bullying censor. In response to a Google search for “Intel employment practices,” four of the top five results relate to this lawsuit. The fourth highest search result is for a Web site (faceintel.com) maintained by Hamidi that contains an extensive rant against Intel’s employment practices. Without the publicity caused by Intel’s litigation, perhaps Hamidi would have been ignored as a time-wasting annoyance and would not have appeared on Google’s radar screen.

Regardless of the business soundness of Intel’s strategy, what are the implications of its legal defeat?

First, most former employees will not have the technological resources of Hamidi, so their former employers probably would not consider it to be cost effective to smack back with a lawsuit. Someone gave Hamidi a list of 30,000 e-mail addresses of Intel employees. Most former employees will know the e-mail addresses of only some of their former colleagues. Sensible management is unlikely to sue to squelch e-mails that reach only a few employees unless those e-mails do much more than whine.

Second, Intel could have controlled the situation with a contract. If it had required Hamidi to sign an employment contract when he joined Intel, Intel could have required Hamidi to agree to not send e-mail to Intel employees after his job ended unless Intel gave him permission. Likewise, Intel could have imposed this condition in any severance agreement with Hamidi, assuming such an agreement was achievable.

Finally, the Hamidi ruling does not immunize former employees from any liability for what they might say in e-mails. This case only holds that the mere act of sending e-mail into the former employer’s computer system does not violate the law unless the volume is substantial enough to impair the system. If former employees use e-mail to defame the company or to divulge its trade secrets, then they can be sued for damages and stopped by an injunction.

And if true defamation or trade secret theft is at issue, the litigating company may be able to win at a lower legal cost (and less negative publicity) than Intel did in tilting unsuccessfully at the grousing Hamidi.

Until recently, the music industry hasn’t sued users of music file-sharing services such as KaZaA, with the exception of four college students. Those students were sued after they made massive quantities of copyrighted songs available for download.

The music industry desperately needs to reduce online music piracy. Music CD sales have declined since 2000. They previously had risen every year since 1980, when Nielsen Soundscan began keeping score.

The industry’s trade group, the Recording Industry Association of America, is mum about possible future legal action against individual music downloaders. Mitch Glazier, the RIAA’s senior vice president for government relations, says “nothing is off the table.”

Until recently, the RIAA focused its legal efforts on trying to unplug online file-sharing services. Recent litigation results and technological reality now force it to turn its legal attention to downloaders.

The RIAA lost a case against the operators of Morpheus and Grokster. The court held the way that these file-sharing networks function prevent the operators of them from controlling or even knowing (in real time) of copyright infringement activity, so they can’t be liable for the rampant copyright infringement conducted using them.

While the recording industry will appeal, this ruling is a reasonable application of copyright law and may stand. But even if it’s reversed and such companies are shut down, illegal downloading won’t be stopped as a result. Peer-to-peer file-sharing networks aren’t centralized, so the massive installed base of users can’t be disabled at any single point.

At almost the same time, the RIAA won a more important legal battle. It convinced a court that the federal Digital Millennium Copyright Act enables it to subpoena the identities of people engaging in illegal music swapping without having to first file “John Doe” lawsuits against the infringers. Verizon, the subpoenaed Internet service provider, vows to appeal but has little chance of success.

The RIAA victory against Verizon raises the financial feasibility of taking legal action against individual downloaders. It could be prohibitively slow and expensive to file numerous “John Doe” lawsuits against music swappers and then go through the ordinary subpoena process to try to identify the culprits. Now the RIAA doesn’t have to do so.

Internet service providers will fight the RIAA’s pre-lawsuit subpoena initiative vigorously. The ISPs profess to be fighting to preserve the privacy of their subscribers, although they have no financial incentive to do so. Yet, if these pre-lawsuit subpoenas proliferate, fear of copyright infringement liability could force ISPs to drop vast numbers of customers identified as engaging in online music piracy.

So what will the RIAA do with the identities of individual music pirates? Although one can only speculate, the RIAA probably will send notices threatening legal action and sue some music uploaders.

Manycasual users don’t realize that all major file-sharing software programs (such as Morpheus, KaZaA and Grokster) permit you to disable the ability of others to download files from your computer. The default setting in such software permits others to download files from your computer (KaZaA’s motto is “I share, therefore we are”), but you can change this setting and block such downloading (to learn how, visit MusicUnited.net).

If you disable the ability of others to download files from you, you won’t be legal, but you will have a better chance of avoiding the legal wrath of the RIAA. A small number of folks who make files available for download (“uploaders”) supply the vast majority of files downloaded, and the RIAA should have such uploaders at the top of its legal target list.

The RIAA is taking related technological steps to combat piracy. Glazier states that the RIAA uses the instant messaging function contained in file-sharing software such as KaZaA to send warning messages to folks downloading copyrighted music files.

Glazier says that record companies also employ “spoofing” – creating and posting for download files that appear to be copyrighted music but, in fact, are white noise or a bit of looped music. Such dummy files frustrate downloaders.

Some media sources report that record companies have utilized “port standing,” which occurs when someone intentionally makes overwhelming download requests so others cannot download from that source. Glazier says that record companies have such technological capability but have not deployed it.

Presently, technology alone cannot solve the piracy problem because taking action to destroy or disable illegally downloaded music files probably would violate laws such as the federal Computer Fraud and Abuse Act. Enabling low-cost, legal music services will not eliminate the trade in free music.

Only the fear of civil or criminal legal action against ordinary file swappers will stanch illegal music downloading. College and job applicants will not want to reveal lawsuits and criminal histories on applications. Expect such legal actions in the coming months.

In ancient text The Art of War Chinese general Sun Tzu wrote "the highest form of generalship is to balk the enemy's plans." Virginia's new anti-spam statute reflects supreme generalship by attacking with gusto the enabling characteristic of the worst spam rather than getting bogged down in trying control all mass e-mail.

Indeed, such anti-spam generalship has become a political mantle many seek to grasp.

Virginia's attorney general, Jerry W. Kilgore, teamed with state Sen. Kenneth W. Stolle, R-Virginia Beach, and Del. Jeannemarie Devolites, R-Fairfax, and with AOL and the rest of the Internet service provider (or ISP) community, to enact a tough anti-spam law in the 2003 General Assembly. When the Assembly watered down some criminal penalties in the bill, Gov. Mark R. Warner eagerly stepped in to push the penalties back up to felonies, and the General Assembly concurred.

Most spammers forge the header information in e-mails - "spoofing" in Web lingo. With spoofing, a spammer mislabels spam so it appears to come from another person's e-mail account.

Spammers use spoofing because every significant ISP prohibits account holders from sending spam. Such spammers also distort message content in an attempt to evade spam filters, which often screen based upon the presence and frequency of key words.

That's why spam often has odd spacing, misspellings and numbers in the message line. While ISPs frequently improve spam filters to respond to the latest spam disguises, spammers counter with new designs.

Many states try to corral spam by requiring spammers to be forthright and deferential. They require spammers to put "ADV" (short for "advertisement") in the subject line, require complete contact information to enable unsubscribing to spam, and create penalties for failing to honor an unsubscribe request. Yet, requiring hard-core spammers to employ such niceties is like requiring bank robbers to use proper grammar.

Spammers want to deceive you into opening their e-mails, they don't want to be found, and they use unsubscribe requests to confirm working e-mail addresses for future spam lists.

Virginia's new anti-spam statute focuses on the defining characteristic of the worst spam - spoofing and related electronic fraud - and attacks vigorously. It limits its coverage to such fraudulent e-mail. It makes fraudulent spamming into a felony if the volume of spam exceeds a certain level or if it generates a certain amount of revenue. By staying away content regulation and attacking falsification, such legislation sidesteps the First Amendment hurdles that confront the content-regulators in other states. Courts have held consistently that the First Amendment doesn't protect false commercial speech.

Yet, the statute utilizes controversial tools to attack falsified spam. First, it criminalizes the distribution of software intended for use in falsifying e-mail routing information. In doing so, it copies a controversial component of the 1998 Digital Millennium Copyright Act that outlawed software tools used to crack technological protections on electronic systems, such as satellite television scramblers.

Some argue that this part of the act abridges free speech and fair use rights. While the statute has withstood legal and political attack so far, these battles aren't over.

Also, the statute provides for forfeiture in civil proceedings of all computer equipment used to send illegal spam and the proceeds earned from sending it, using the same forfeiture procedures Virginia employs in drug cases.

Civil libertarians criticize such statutes because they punish crime while ducking many protections offered to criminal defendants. For example, because forfeiture proceedings are civil, not criminal, the state doesn't have to prove its case beyond a reasonable doubt.

Because of tough budget times, the General Assembly did not provide new enforcement resources to utilize these powerful criminal tools - no new prosecutors or investigators. Because of eagerness in some parts of the Commonwealth to assist ISPs, especially AOL, expect to see a few high-profile spammer prosecutions. Yet, the statute also creates heightened civil penalties, so that those burdened by spam can strike back.

The new statute gives individuals who receive forged spam to right to sue the spammer for $10 per e-mail received, up to $25,000 per day, plus attorneys' fees. Yet, because unmasking a forging spammer, getting the person into court and collecting the judgment are hard work, this individual power alone won't do much.

The statute also empowers ISPs to sue for $1 for each forged e-mail or $25,000 per day, plus attorneys' fees. Hypothetically, such damages could be astronomical. For example, Earthlink won a case against a spammer who had sent about 825 million spam e-mails to Earthlink subscribers in one year.

Perhaps out of concern that disproportional damages could sink this part of the statute on First Amendment grounds, the Virginia statute lists factors a court can consider in adjusting these damages to fit the circumstances.

This new statute won't eliminate all fraudulent spam, but it should cause some fraudulent spammers to either change occupations, or move offshore.

Sometimes differences of minutes or inches can decide the direction of world events. Saddam Saddam's life (perhaps ended, as of this writing) contains several examples.

In 1958, Saddam was 22 years old when he took part in his first assassination attempt. Saddam and his Baathist friends attempted to kill General Abdel Karim Kassem, who then ruled Iraq. Overexcited at the opportunity, Saddam and his friends fired wildly. The general was shot, but not critically. In the exchange, Saddam received a bullet wound to the leg. But for a couple of feet, Saddam either could have risen to power earlier or died young.

After this failed assassination attempt, Saddam fled Iraq and attended law school in Cairo. The general eventually was assassinated, and Saddam returned to Iraq, slowly starting to take positions of power in the government.

For example, in the first Gulf War, some intelligence sources claim that the U.S. nearly killed Saddam while he was traveling in a convoy leaving Baghdad. Reacting to intelligence data, the U.S. warplanes bombed the convoy. The first and third cars were destroyed. Some sources claim Saddam was in the second car and, thus, survived.

Timing also is important when applying for a patent. Waiting just one day too long can create a legal bar to obtaining a patent.

Particularly, under our federal law, any one of several activities will bar an inventor from obtaining a patent if the event occurs more than one year before the inventor applies for patent protection.

So, for example, if an inventor files a patent application on April 28, 2003, then the clock-starting activities cannot have taken place before April 28, 2002, without resulting in loss of U.S. patent rights. This date, a year before the patent application filing, is called the "critical date" in patent-speak.

At least U.S. inventors get a year from the critical date to file an application. In most other countries, activities that merely are clock starters in the U.S. are patent killers in those countries. These other countries do not have our 12-month grace period.

Engaging in any of these activities before the "critical date" will result in loss of all U.S. patent rights.

The purpose of the patent system is to encourage capital investment in research and development, and to encourage the release of inventions into the body of public knowledge, in exchange for granting the inventor a monopoly on his invention for a limited time. Congress instituted these time limits on seeking patent protection because it would be unfair to allow someone to claim a patent monopoly after the invention has been incorporated in the body of public knowledge.

To be safe, an inventor should apply for a patent as soon as he completes his invention, because sometimes an event will start the one-year clock running without the inventor's knowledge. Generally, an occurrence of any of the clock-starting activities will count, even if done by someone other than the inventor and without the inventor's knowledge.

For example, there is at least one case where someone stole an invention without the inventor's knowledge and offered it for sale. The inventor was barred from obtaining a patent because he applied more than a year after the clock-starting activities of the thief.

In rare cases, public use of an invention will qualify as an experimental use and not start the one-year clock running. But courts carefully scrutinize these cases to make certain that the use was truly and primarily for experimental purposes.

At bottom, it's best to file a patent application as soon as possible. While doing so may mean spending legal dollars before knowing whether the invention has legs, the downside risk is a complete loss of patent rights.

Many things can go wrong because of waiting. Some unknown or unappreciated event might start the one-year clock running. Or a court might disagree with the inventor on whether the invention has been offered for sale or its public use really was experimental.

The patent case law is littered with the lost dreams of inventors who waited too long and got burned, sometimes only learning of lost patent rights after years of expensive patent infringement litigation. A day can make the difference between fortune and failure.

Sometimes the outcome of an obscure, technical calculation will determine the fate of an issue that we care about greatly.

For example, cosmologists debate whether our universe will expand forever or, instead, collapse back upon itself in a reverse of the Big Bang.

Our fate depends on whether the universe has sufficient matter to create enough inner gravity to cause it to contract eventually. Cosmologists are fairly certain that visible matter – stuff like stars and planets – account for only about 1 percent of what is needed to reach critical mass.

For that reason, cosmologists focus on the content of the universe’s dark matter – stuff that can’t be seen because it doesn’t emit energy. Of the dark matter candidates, scrutiny presently focuses on the neutrino, a type of subatomic particle with no charge.

Many cosmologists believe that if the neutrino has sufficient rest mass (i.e. if it weighs enough while still), then the universe just might have enough mass to eventually contract. If not, it will keep on expanding forever. So far, astronomical observations indicate that our universe not only continues to expand, but, amazingly, the pace of expansion is accelerating.

In a similar vein, the eventual resolution of a technical legal issue – the scope of copyright pre-emption – will determine whether many commercially valuable data collections will be made available to the public on the Internet for paid access.

For example, baseball fans might want to purchase online access to extensive baseball statistics for use in fantasy leagues. People relocating to other cities might want to go online to purchase detailed demographic information about new neighborhoods.

Whether a company will be willing to make the investment to create these databases will depend on whether that company can guard against unauthorized, unpaid redistribution of its data. If the company can’t capitalize on its investment, why make it?

Most content producers, such as book publishers and record companies, use their copyright ownership to combat pirates. Yet, under our copyright laws, only original, expressive material can be copyrighted, such as a book or song.

Databases have almost no expressive originality, so they don’t qualify for much, if any, copyright protection. For example, several years ago the Supreme Court held that telephone directory contents couldn’t be protected by copyright.

A company can deploy technical measures to limit database access to customers. Yet, if the data ultimately will be displayed in a form a human can understand on a computer screen, technological protection alone won’t keep that data secure.

Thus, database companies need to be able to limit use of their data by means of enforceable online contracts. You see these contracts online all the time. For example, when downloading software, you often are required to click “I agree” to online terms in order to complete the transaction.

But are such a contract’s restricting the use of uncopyrightable material enforceable?

Our federal copyright laws embody a balance between the interests of creators of new material and the public. For example, this balancing exempts pure data and ideas from copyright protection, under the premise that no one should own a monopoly on information.

To protect this balance, our federal Copyright Act pre-empts state laws that cover the same subject matter as the Copyright Act, especially laws that offer more protection to material than the limited protection provided by the federal law. For example, the Copyright Act would nullify a state law granting copyright-like protection to databases.

As a result of this doctrine of copyright pre-emption, federal courts around the country are debating whether a contract that protects uncopyrightable data is legally enforceable or, instead, preempted by the Copyright Act.

So far, most courts uphold the enforceability of such contracts. These courts hold that the Copyright Act does not preclude contracting away freedoms granted under the act. These freedoms include the right to use and distribute uncopyrightable data freely, or the right to make “fair use” of part of copyrightable material in some instances without compensation (such as for news reporting or parody).

Some courts disagree. They hold that the Copyright Act pre-empts using any legal mechanism, either a state law or a private contract, to reach a result that the federal law does not allow. In other words, private parties cannot agree to give up freedoms that the Copyright Act bestows.

This area will remain messy until the Supreme Court resolves it, unless Congress legislates the answer first. Congress has shown no inclination to do so.

We may not know in our lifetimes whether the physical universe will expand forever or collapse upon itself. Hopefully we’ll know much sooner whether creators of valuable, uncopyrightable databases can protect their investments by contracts.

Gary Forsee has defected twice. In recent years, the Virginia Supreme Court has made it easier for others to do the same.

Sprint Corp. recently hired Gary Forsee to be its new CEO, luring him from BellSouth where he was vice chairman. To do so, Sprint had to convince a Georgia state court judge that Forsee shouldn’t be bound by a non-compete agreement he had signed with BellSouth.

Forsee had signed a contract with BellSouth promising not to work for a competitor for 18 months. Yet, the Georgia judge recently ruled that this non-compete agreement was too broad to be legal and, consequently, invalidated it.

Perhaps BellSouth should have foreseen this defection. In 1989, Forsee wiggled free of a non-compete agreement he had signed with both BellSouth ancestor AT&T and its offspring Southwestern Bell in order to take an executive position with Sprint. (Forsee later left Sprint to take a higher job with BellSouth and now wants to rise further in returning to Sprint.)

One wonders if BellSouth noticed the irony that the recent Georgia ruling came a few days after Groundhog Day?

Regardless, the recent judicial invalidation of Forsee’s non-compete agreement focuses attention on the tenuous enforceability of such agreements at a time when many employees of all ranks are contemplating voluntary or involuntary job switches because of the prolonged economic slump.

Forsee’s legal victory isn’t an aberration. In recent years, the Supreme Court of Virginia and the courts of other states have raised the bar for the enforceability of non-compete agreements.

The Supreme Court of Virginia requires that each of three aspects of a non-compete agreement be no more extensive than necessary to protect the employer’s interests: geographic scope, time duration and subject matter.

While this legal test isn’t new, the Supreme Court of Virginia has gotten more aggressive in applying it. For example, the court now examines the literal wording of a non-compete agreement and interprets any ambiguity favorably to the employee. If the agreement’s literal language hypothetically would prevent a former employee from doing something that the interests of the employer don’t require, the court will declare the non-compete section invalid regardless of the nature of the job the employee takes with a competitor.

For example, last year, the court invalidated a non-compete agreement for a salesman because the document as written prohibited the former employee from taking any job with a competitor, such as being a janitor. Yet, the salesman went to work for the competitor as a salesman. A properly drafted non-compete agreement could have prevented him from doing so.

To pass inspection today, a non-compete agreement must be carved to the precise contours of an employee’s job with a surgeon’s precision. This rigorous review means many, perhaps most, non-compete agreements signed by Virginia employees probably are not enforceable.

Most employment contracts, especially ones used for rank-and-file employees, are form documents.

Usually, the employer has not hired a good lawyer to tailor an employment contract to the particulars of any specific employee.

Indeed, in an effort to save money, often the employer has grabbed a form off the Web or recycled it from another use. Because these contracts haven’t been tailored, the non-compete agreements in them often have little chance of survival should the employee be willing to take the risk and pay the legal fees to challenge them.

Many employers attempt to guard against invalidation by having the employment contract state that the employee agrees that the non-compete provision is reasonable and sufficiently narrow. The Supreme Court of Virginia has held that such legal boilerplate will not save an invalid non-compete agreement.

As another line of defense, many non-compete agreements also provide that, if a court finds it to be overbroad, it will be scaled back automatically to reach only as far as the law allows. Yet, Virginia courts hold that they do not have the power to redraw the lines of legality. Either the non-compete agreement must be enforceable as written or it succumbs.

Nonetheless, Virginia’s highest court hasn’t ruled on a legal maneuver that could reshape the non-compete landscape. Hypothetically, an employment contract could state that the employer and employee agree that some non-compete provision must exist and pre-appoint a third party to craft a new clause should the original non-compete section be declared invalid.

On contract principles, this mechanism should work. This provision allows the intent of the parties to prevail should a court undo their first attempt to resolve the issue. But, because Virginia courts have been unwilling to redraw overbroad non-compete agreements even when contractually authorized to do so, one shouldn’t rely on this untested idea.

Ultimately, employers who require non-compete enforceability must be willing to invest in legal services to tailor non-compete agreements to specific employees. Otherwise, such clauses most likely will be speed bumps, not obstacles, to employee defections.

The first photocopy reproduced the phrase “10-22-38 Astoria” – the date and the city in New York where the event occurred.

Chester Carlson, a patent attorney, invented a photocopy process in his quest to find a speedy way to reproduce patent drawings. He worked out of makeshift labs in his kitchen and the back of a beauty salon.

Carlson made the first photocopy manually using a zinc plate, sulfur powder, India ink, a microscope slide and lycopodium power (the waxy spores from clubmoss). The copy was a blurry reproduction on wax paper.

Between 1938 and 1944, Carlson unsuccessfully sought investors for commercializing his process. Companies such as IBM, Kodak, General Electric and RCA turned him down.

Eventually, in 1947, Carlson contracted with the Haloid company to develop and market this invention. A year later, Haloid held a public demonstration. Making a single copy took fourteen steps and 45 seconds.

Haloid named the process “Xerography,” which means “dry writing” in Greek. The Rochester-based company later shortened the name to “Xerox” to mimic the trademark “Kodak” used by another famous Rochester company.

Like the Xerox machine, the World Wide Web enables cheap copying on a grand scale. Both facilitate massive copyright infringement. While copyright laws work well to protect physically published works (such as books) that one might photocopy, they struggle to provide meaningful protection against copying of Web site content.

You own a common-law copyright to a work, such as a Web site, from the moment you finish creating it. Yet, you must register your copyright with the U.S. Copyright Office to gain access to powerful remedies.

Generally, if you have registered your copyright, you can sue an infringer for “statutory damages.” These damages can be up to $30,000 per copyrighted work infringed, or up to $150,000 per work if the infringement was willful. Also, you may be able to recover your attorneys’ fees if you have registered your copyright.

Yet, in most cases, you can’t obtain these remedies unless you apply for registration before infringement begins. If statutory damages aren’t available, you can recover only your actual damages plus the profits of the infringer attributable to your copyrighted material. Sometimes these damages can be big bucks, but often they are incalculable or even zero. Thus, get your copyrights registered before trouble starts.

Unfortunately, it may not be easy to properly register the copyright to your Web content.

The process appears simple – download the right form from the Copyright Office Web site (www.loc.gov/copyright), fill it out, and file it with the Copyright Office along with a copy of your Web site and the filing fee (usually $30).

Beware that copyright registration forms contain traps for the novice. Many copyright infringement suits have foundered because of registration mistakes that laymen can make innocently.

More importantly, however, the copyright registration process isn’t geared to the evolutionary nature of Web sites. The Copyright Office believes you need to file a new registration application for each significant revision to your work that you publish. Doing so is a heavy burden for Web sites that morph frequently.

So how do you register evolving Web content? If it’s cost-effective and practical, you should file a new registration whenever you make any material change to your content. (If your Web site is an “automated database,” you might be able to file quarterly applications.)

Or you could elect to take some risk. Generally, once you publish a new work, you have a 90-day grace period during which you can file a registration application and have it protect you all the way back to the date of publication.

So you could file a new application every three months to catch all new content, even if you have updated your site more frequently and hope the courts smile on this economical approach. I’m not aware of any court ruling examining this method.

If it suits your business model, you could require registration, and use of user names and passwords, to allow access to your valuable material. Unfortunately, once someone gains access, that person has the technical ability to copy freely.

Also, you could deploy technology that uses image encryption and Java applications to prevent copying and pasting of images and text from your Web site. A good hacker can surmount these obstacles and copy eventually, but the hassle may not be worth the prize. Artistscope offers a product called “CopySafe” that performs this function.

Ultimately, you must decide how much you are willing to invest, in time and money, to protect your Web content. Chester Carlson’s years of sacrifice to invent photocopying ultimately netted him about $150 million ($100 million of which he gave to charity). What’s your electronic opus worth to you?

Your use of this Web site constitutes acceptance of our terms of use and privacy policy even if you choose not to view them. The information you obtain at this site is not, nor is it intended to be, legal advice. You should consult an attorney for individual advice regarding your own situation.