Well, not yet anyway, but it makes me wonder what daring lawmaker will introduce that piece of legislation at some point in the near future.  (Hopefully it won’t be anyone in Massachusetts.)  However, Carl Kruger, a state legislator in New York, has recently introduced a bill to make it illegal for pedestrians to use an “electronic device” while crossing the street.  So if you use your cell phone or iPod while crossing, you face a $100 fine.

The rationale for the bill?  I suppose that depends on how cynical you are.  The stated rationale according to Kruger is to minimize the casualties that distracted pedestrians cause.  The more cynical among us may believe that such an “interesting” piece of legislation garners Kruger a great deal of publicity that he would have otherwise never received.  And the most cynical among us may even believe that such a law would do nothing but generate tons of revenue for the cash-strapped state.  But I’m a lawyer so I could never be that cynical.  Ahem. 

But let’s give the state senator the benefit of the doubt and say that the law is meant only to punish and deter distracted pedestrians.  Is it any more distracting than say, looking down at your feet while walking?  Or talking to a colleague who’s walking with you?  Or being engaged in deep thought?  Or doing any number of other things?  I would even argue that talking on the phone or listening to your iPod (at a reasonable volume) while walking is perhaps even less distracting than looking down at your feet or talking to someone you’re walking with, because at least you can still keep your eyes ahead on where you’re going. 

Many of us have seen the recent video of the woman in the mall who walked into a fountain while texting.  And let’s face it … it’s funny.  The type of funny that could best be categorized as “I’m-glad-it-wasn’t-me-because-it-easily-could-have-been” funny.  Having been a distracted pedestrian on more than one occasion—and who hasn’t?—I can relate.  In fact, given the apparent upsurge of this phenomenon, let’s even coin a new term for it.  Let’s call those texting-while-walking folks, ”Petextians.” (Hey, it’s the best I can do this late in the day.) 

Bad sniglets aside, do we really need laws against it?  Doesn’t a good cautionary laugh and widespread circulation in the media and on the Internet help to achieve the same result?  Seriously, who wants to be that woman (or for that matter, the lawyer who’s representing her in the ensuing ridiculous lawsuit).  It highlights the problem better than any law ever could.  And no matter what anyone may say, it’s just not the same thing as laws which seek to restrict such activities by drivers (or even bicyclists).

First of all, while talking on the phone or texting or even listening to an iPod while walking can certainly be dangerous in some instances, it just doesn’t rise to the same level of danger as someone doing so while driving a car.  I suppose the question is this:  To whom is it dangerous?  We’ve all heard stories of distracted or drunk drivers killing entire families or multiple people in accidents, but oftentimes walking away without injury themselves.  Cars can be lethal weapons that can hurt a lot of people.  (Even a speeding bicyclist can hurt a few people if distracted.)  So laws that attempt to punish and deter distracted driving make sense because of the magnitude of harm that they seek to prevent.

But distracted pedestrians?  In most instances, these folks will really only kill or injure themselves.  I’m not saying that some poor driver wouldn’t be traumatized if a “petextian” walked in front of his car and got hit, but it’s really hard to save people from themselves especially in this fast-paced, multi-tasking existence that all of us seem to have now.  I’m also not arguing that minimizing these sorts of individual casualties is an unworthy legislative goal, but just how much should government micro-manage the daily affairs of an individual?  We all walk, after all.  Just how big should the “nanny state” get?

Given how widespread this prospectively prohibited conduct is in a city as big as New York, the potential for abuse and selective enforcement of such laws is enormous.  Just wait until these laws pass and then a ton of videos are posted on YouTube showing cops, politicians, and celebrities crossing the street on the phone or listening to their iPods without ever once having to pay a fine.  Or maybe police officers will just target  the “pretty” girls.  Or better yet, maybe states will just “re-purpose” those ubiquitous traffic cameras with face recognition technology and folks will receive their $100 fines in the mail.  What a great revenue generator that’ll be for a state.

Such laws may sound ridiculous, but don’t count New York out just yet.  Remember that it was the first state to pass a ban of handheld cell phone use while driving.  And all it takes is just one state—particularly a large populous state like New York or California—to open the floodgates to all sorts of new laws.  So when will some enterprising politician introduce the “No Looking Down at Your Feet While Walking” Act?

The purpose of this blog is to hopefully inform and educate people about legal issues in technology, intellectual property, the Internet, and other areas of the law.  So I therefore try to avoid being political, but sometimes it’s hard to do.  And it’s really hard to do when the Republican brand—and isn’t it really all about branding these days?—has drifted so far from its roots that I would be remiss in not mentioning it.

There was a time, before September 11th at least, that Republicans—and the newly minted Tea Party—were for the concept of small and less intrusive government.  I’m all for that for reasons too numerous to mention here.  But I’m especially for it in areas of privacy, particularly on the Internet where personal data about people flows like water.  But alas, so much has changed in the world that up is down, small is big, and privacy now means data retention.

So to say I was disappointed when I read that the Republicans’ first major technology initiative in the House of Representatives was to introduce a bill to require Internet companies to keep track and store user data, would be an understatement.  The new bill, if it becomes law, would require ISPs and other Internet companies to store the Internet Protocol (“IP”) addresses and other records of users’ online activities for 2 years.  This goes far beyond what the Electronic Communication Transactional Records Act (“ECTRA”) passed in 1996 requires, which is for ISPs to retain any “record” for up to 180 days (in two 90 day increments) upon request by a “governmental entity.”  So where’s the smaller and less intrusive government we were promised?

The biggest backers of the bill are—no surprise here—law enforcement and prosecutors.  Of course they want the ability to fully investigate crimes on the Internet.  Who could realistically be against going after pedophiles, identity thieves, and scam artists?  But the potential for abuse by law enforcement remains a real one and a 2 year retention requirement (as opposed to companies who voluntarily save user data for a set period of time) strikes me as excessive.  Just ask these folks in Chicago who are being victimized by the police and prosecutors over the state’s absurd wiretap law.  So overreaching by law enforcement occurs in many different contexts.

As a practical common sense matter, do records on EVERYONE really need to be retained for at least 2 years?  Perhaps ECTRA has the more reasoned approach (dare I say) which requires preservation pursuant to a court order issued “only if the governmental entity offers specific and articulable facts showing that there are reasonable grounds to believe that the contents of a wire or electronic communication, or the records or other information sought, are relevant and material to an ongoing criminal investigation.”  18 U.S.C. § 2703(d). 

But to retain records on everyone so that the police and law enforcement can cull through them at a later time and at their leisure seems particularly ripe for all sorts of abuse.  Hopefully, the Democrat-controlled Senate will be far more thoughtful in the consideration of such sweeping legislation (assuming it gets that far).  And if they’re not, then I’ll criticize the Democrats too, who are supposed to be more concerned about the “common man.”  Well, the common man needs his privacy too.  Rumor has it that he’s got the Internet now.

Okay, maybe I’m being a bit sarcastic with the title.  But according to a recent article and study (i.e., the Sophos Security Threat Report), spam, phishing, and malware attacks on social networking sites doubled from 2009 to 2010.  Not surprisingly, identity theft and third party use of personal information were primary goals of cybercriminals.

This is hardly shocking and it wouldn’t be surprising if these numbers doubled again from 2010 to 2011 given the increasing importance of social media—for better or worse—in our personal and business lives.  But what do people really expect?  Criminals go where the people are and when Facebook has 600 million users, that’s a big crowd to fleece.  And criminals can do so in the comfort of their own homes and in foreign countries knowing full well that their chances of getting nabbed are about as likely as Apple stopping production of the iPhone.  What do they really have to lose?

Not surprisingly according to the article, users want sites like Facebook to take stronger security measures.  And while sites can certainly do so in some instances voluntarily, it may take a court ruling (as it often does) to force a company to implement more substantive protections. But first you have to get past those nasty contractual disclaimers that we lawyers put into practically all user agreements about not holding the site liable for almost anything that happens on it:  “Identity theft be damned—so sorry, but it’s just not our problem!” 

Remember when you clicked “I AGREE” on that user agreement?  You can be sure Facebook does, because that’s an enforceable contract in most instances.  (No need to thank us, by the way—the public’s opinion of lawyers is thanks enough!)  Very tough to challenge, but not impossible if the right facts present themselves.  Combined with the right judge, of course.  Sometimes the lottery’s easier to win though.

The fact is that while social media sites have to do more, especially those that operate on the massive scale Facebook does, we have ourselves to blame also.  How much personal information do we really need to disclose about ourselves?  I’ve always believed that less is usually more, but perhaps because I’m over 40 (which is 95 in cyberyears), many young ’uns believe that more is more.  And that even more is still not enough.  I forget:  Does TMI stand for “Too Much Information” or “Too Many Idiots” when we  ”overshare?”  Because cybercriminals count on both meanings to do their dirty work.

Do we really need to tell everyone when we won’t be home, thereby inadvertently notifying criminals when the best time to rob us is?  Or are we so egotistical that we have to “friend” a ton of people so we can brag about how big our network is, only to unwittingly let in unsavory characters? Or to post a lot of personal details until the inevitable privacy breach thereby exposing all of that information to the world—and to sophisticated criminals who can then make use of it in all sorts of ways that decent law-abiding people have never thought of.

I often wonder where the proper practical balance is.  Because if you’re expecting the law to catch up to address some of these informational privacy and security issues, we’ll be on Web 5.0 at that point … and on Cybercriminal 7.0.  And do you really want to be the “test case” anyway?

Hopefully by now, most people who have upgraded to a smartphone (such as an iPhone, Blackberry, or Android) have realized that it’s not simply a phone, but a powerful mobile computer which just happens to be about the size of a 3″ x 5″ index card.  And just like your big heavy personal computer or laptop, it contains all sorts of personal information—perhaps too much information—about you and what you do.  If you haven’t come to that conclusion yet, the increasing police power of the state may soon force you to.  It should also force you to take steps to protect yourself from what could become an overzealous police officer should you ever find yourself in the unfortunate situation of being arrested (even for a misdemeanor).

For me, a big part of being a technology and internet lawyer is privacy law.  While privacy appears to have all but  disappeared in this 24/7 networked world where everyone posts a whole lot of information about themselves, it’s easy to forget that not everything is everyone’s business—especially the police, who may seek to use such information against you for violations of laws that you may not have realized even existed.  Think it can’t happen?  As a lawyer, I’ve seen many overzealous police officers, state agents, and prosecutors looking to establish a name for themselves.  Civil liberties be damned.  (Of course, there are many good ones too, but it’s often the other ones we hear about.)

An insightful article by Ryan Radia discusses the recent California Supreme Court decision in People v. Diaz, which held that police officers can lawfully search a mobile phone on a person they arrest without first obtaining a search warrant.  The court found that mobile phones, like cigarette packs and wallets, fall under the “search incident to arrest” exception of the Fourth Amendment.  While the Supreme Court may have the final say as to whether this is legal, many state courts have come to the same conclusion as California has.

Most significantly, Radia discusses the importance of taking measures to make your smartphone as secure as possible, such as full disk encryption of all content on the device.  He notes that password protection—which is certainly an important first step—may not be enough and is easy to bypass due not only to the rise of digital forensics, but the vulnerabilities in your smartphone’s own operating system that a forensic expert can exploit easily.  While Radia notes that no mobile encryption system at the moment is perfect or especially secure, this will hopefully change.

If you have a few minutes, the article is definitely worth a read.  Whether people realize it or not, privacy is one of the most daunting issues facing us (and lawyers) in this information age, and the law has difficulty keeping up.  And as the Diaz case shows when the law does catch up, it’s usually not in our favor, but works to the benefit of the state’s police power.  At least for now.

Sigh.  Although I’m not surprised–especially given this pernicious and false belief that if it’s on the internet then it must be free–it’s been estimated that 43 sites which engage in digital piracy account for about 21 billion visits per year.  That’s roughly 3 times the current population of the Earth.  As an intellectual property attorney, I always find such statistics sobering given the rampant copyright and trademark infringement which occurs on the internet.  Predictable, but sobering nonetheless.  And no doubt the public hates those lawyers who pursue the infinitesimally small percentage of infringers that they’re able to find and sue, let alone actually stop or collect against.  The battle continues!

I’m not sure whether to be amused or upset by this story, but I thought it was worth a quick post.  It seems that a petulant 19 year-old in Florida took the law into his own hands when he was told by a Starbucks customer that he couldn’t use the customer’s laptop to check his Facebook account. 

So what did this genius do?  What anyone would do, of course.  Wait a little while and check his account from home, you ask?  No, that would take too long.  And since we live in a society of instant gratification, he decided to snatch the laptop and run out of Starbucks.  Needless to say, he was apprehended in the parking lot and arrested.  Now he’s been charged with robbery (which is a felony). 

I guess when you need your hit, you need your hit.  And you won’t let something as trivial as the law stand in your way.  Just ask any drug addict.  Is Facebook really that addictive?  I haven’t yet experienced any tremors or nightmares from failing to check my various e-mail accounts, but maybe I’m just not hip enough.

While this guy is clearly an idiot, it does portend ominous things for the future.  Facebook junkies.  Social networking lifers.  Will they have entire wings in drug rehab centers or prisons for people like this?  I know it sounds ridiculous, but with social networking sites like Facebook growing by 4 to 5 million users a week, the power of the medium can’t be underestimated. 

Some people will obviously take it to the extreme.  Some always do, but it does make me wonder.  And I wonder what this guy will do when he can’t check Facebook from his prison cell.  The withdrawal pains may be incapacitating.

In today’s world, where fraud is just a mouse click away, it’s nice to know that every so often the good guys win.  Three international hackers were indicted by the Department of Justice (“DOJ”) last week for trying to steal and sell credit card information from customers of Dave & Buster’s, the popular restaurant/entertainment chain.

According to the indictment, the hackers were able to install “packet sniffers” on many of the company’s servers to copy credit card information as it traveled between restaurants and Dave & Buster’s corporate headquarters in Dallas.  The company detected the intrusion and alerted the authorities, but not before 5,000 credit/debit card numbers were stolen and sold to other criminals to make fraudulent purchases.

One of the foreign hackers was arrested in Miami.  No problem there.  The other two, however, were arrested in the Ukraine and in Germany by those countries’ authorities.  It’s certainly not a done deal yet.  The DOJ is seeking the extradition of the other two, but no word yet whether those efforts will be successful. 

While these sorts of arrests are still few and far between given the magnitude of data theft and online fraud, it’s a start.  The DOJ is obviously taking the problem seriously.  Hopefully, other countries will too and the cooperation will continue.  With any luck, if these hackers are extradited, tried, and found guilty, the court will make an example out of them. 

France once again reminds us how fortunate we are to live in a truly free country, where freedom of speech is often taken for granted.  Apparently, France is in the process of trying to pass a law to ban what it deems to be “pro-anorexia” websites and publications.  The new law would impose jail sentences of 2 to 3 years and impose fines of 30,000 euros ($47,400) to 45,000 euros ($71,100) on anyone who violates the law.  The legal standard is dubious (if not laughable):  ”Incitement to excessive thinness by publicising of any kind.”

According to the French health ministry, 90% of the country’s estimated 30,000 to 40,000 anorexics are young women, who are supposedly under constant pressure from the fashion, advertising, and movie industries to attain unhealthy weight levels.  No one will deny that encouraging young, impressionable girls to starve themselves, vomit, lie to doctors, and take appetite suppressants are bad things.  But the idea of trying to ban and fine websites—and jail the site operators—is a draconian cure that’s worse than the disease. 

And talk about a slippery slope.  What’s next?  How about sites that encourage excessive weight gain? Or consumption of fried foods?  Or excessive exercise (surely that’s killed quite a few people)?  And how does one even define “excessive thinness” anyway, let alone “incitement”?  The French ban doesn’t have quite the same urgency to it as the “incitement to imminent lawless action” standard articulated by the Supreme Court in Brandenburg v. Ohio to ban certain speech in extraordinary situations.  While encouraging anorexia is appalling, it certainly doesn’t rise to the level of mandating censorship.  The French government may be asking the right questions, but it’s getting the wrong answers. 

Of course such a law could never be passed in America.  Or rather, it could never go into effect.  It would be struck down by the courts so quickly on content discrimination, overbreadth, and/or vagueness grounds that the ink wouldn’t have time to dry.  Our democracy subscribes to the “marketplace of ideas” concept which provides that a free exchange of ideas will allow for the creation of the best policies and practices.  Quite simply, the cure for bad speech is good speech—or at least, more speech.  (While our government can curtail advertising for things such as smoking and alcohol, “commercial speech” is subject to some restriction and regulation.)

This isn’t the first time that France has demonstrated its tendency towards censorship.  In November of 2000, a French court ordered Yahoo! to stop selling Nazi memorabilia to French internet shoppers on auction sites due to France’s law that banned incitement of racial hatred.  (The French do like that “incitement” standard, don’t they?) Of course, this is the same country that passed a law banning the use of foreign words on television shows, radio broadcasts, business communications, and public service announcements if the French language had a “suitable local equivalent” which could be used instead.  What chutzpah!  What cojones!  Oh well, c’est la vie . . . .