Autodesk and the First Sale Doctrine

September 11th, 2010

Autodesk, Inc. and Timothy Vernor have gotten into a dispute over Mr. Vernor’s resale of Autodesk’s AutoCAD software on eBay.  Autodesk kept filing DMCA take down notices for each of Mr. Vernor’s auctions of AutoCAD software that Mr. Vernor had started on eBay.  After this happened a few times, Mr. Vernor hired a lawyer and sued Autodesk under the Declaratory Judgment Act, seeking a declaration of rights from a federal court within the 9th Circuit that Mr. Vernor had the right to resell Autodesk’s software.

Mr. Vernor won at the trial level.  A copy of the opinion is found at Vernor v. Autodesk, Inc., 555 F.Supp. 2d 1164 (2008).  At the heart of Mr. Vernor’s argument is the protections afforded by the Copyright Act under section 109, known as the “first sale doctrine.”  That section states: “Notwithstanding the provisions of section 106(3), the owner of a particular copy or phonorecord lawfully made under this title, or any person authorized by such owner, is entitled, without the authority of the copyright owner, to sell or otherwise dispose of the possession of that copy or phonorecord.”  17 U.S.C. § 109(a).  Mr. Vernor argued that his purchase at yard sales of copies of the AutoCAD software could have only occurred if AutoCAD had already sold copies of its software to another party prior to Mr. Vernor’s purchases.  Therefore, the first sale doctrine would immunize Mr. Vernor from further liability under the Copyright Act.

Autodesk, on the other hand, argued that effectively it had never sold a copy of its software to anyone, because any sale of its software is subject to a licensing agreement that specifically forbids transfer of the software, and the software in Mr. Vernor’s possession was not sold but was transferred to the prior holder via a settlement agreement between the prior entity and Autodesk.  Furthermore, the software itself is only offered for sale via a restrictive license, making the subsequent holder of the copy of the software a licensee.  As a result, section 109 provides such a person, such as Mr. Vernor, any defense.

After the trial court entered judgment for Mr. Vernor, Autodesk appealed.  The Ninth Circuit reversed the trial court.  A copy of their opinion is here: 09-35969, and is found at Vernor v. Autodesk, Inc., No. 09-35969 (9th Cir. Sep. 10, 2010).  The Ninth Circuit established a three part test for determining if the subsequent holder of a copy of software owns the software or is merely a licensee: “We hold today that a software user is a licensee rather than an owner of a copy where the copyright owner (1) specifies that the user is granted a license; (2) significantly restricts the user’s ability to transfer the software; and (3) imposes notable use restrictions.”

For fun, I downloaded a copy of the End User License Agreement that Microsoft licenses its Office Suite, which you can read here: clientallup_eula_english.  I know that you will be surprised to discover that Microsoft licenses but does not sell its software to end users.  Section 7 of this agreement provides a whole host of restrictions on use and resale of its software.  So I checked on ebay to see if anyone would sell me a copy of Microsoft Office, and this morning I found 9,623 offers.  Searching for Autocad turned up over 2,400 copies for sale. Apparently many people who possess copies of software don’t pay much attention to the license agreement that makes them licensees rather than owners, and that now makes them into copyright infringers when they started offering these software packages for sale on sites like eBay.

The licensing terms for the Microsoft EULA do suggest that “use of the software” constitutes acceptance of the agreement.  Mr. Vernor indicated that he never used the copies of AutoCAD, and therefore he wasn’t bound by the agreement with AutoCAD, but this was not dispositive for the Ninth Circuit, as he bought the software from a prior holder that could not be called an “owner” based on the agreement between that entity, CTA, and Autodesk.  I’d expect this ruling from the Ninth Circuit to cause some trouble for licensees, many of whom have probably never thought when they bought that shrink-wrapped CD that they could not re-sell it later, given how common limited licensing agreements are in the world of proprietary software today.  Open Source, here we come!

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, News, Technology | No Comments »

Software Licensing for Businesses

December 21st, 2009

Here was a very good article on software license auditing for businesses: (click here for story).  The issues for businesses are twofold: (a) keeping track of the licensing that the business has purchased, and (b) keeping track and understanding the licensing agreements that control the software.  The former can be handled by software.  For example, Microsoft publishes Systems Management Server (SMS), which includes a software audit and metering tool.  I understand that Altiris also offers a solution, and undoubtedly there are other packages out there that can tell you what’s running on your network.

The latter, however, requires a human being to review the software licensing agreement terms, and then analyze purchase history against the usage from the audit/metering tool.  And the software license agreements themselves are often as clear as mud, especially if you have multiple, overlapping agreements for a variety of software packages.  Even small businesses may have a substantial number of software packages and licenses they have acquired over time, so keeping up with this to avoid an audit can take real effort and concentration.

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, Intellectual Property, News, Technology | 1 Comment »

Google’s Not the Only Online Book Deal

November 20th, 2009

The academics have been working on digitizing their book collections with Google’s help.  (See Article here)  I suspect that, in spite of the fact that Google is ahead of the pack in total books digitized today, there may be a fair number of other groups that get together to digitize collections down the road, and as new books are written and published, most will be available electronically anyway.

In spite of the Copyright Office’s current objections to the original Google book deal, my bet is that the market in the future will push changes in how copyright ownership is managed, or perhaps streamline the management of these interests (for example, by requiring a statutory fee for access payable to the copyright owner).

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, News, Technology | No Comments »

Psystar’s Star Dims a Bit

November 15th, 2009

Psystar and Apple have been in a tech law tango based on Apple’s allegations that Psystar violated the end user licensing agreement when it started releasing the OS X operating system on non-Apple manufactured clone computers.  The federal court ruled in favor of Apple on its claims on a motion for summary judgment.  (See article here)  (You can find a copy of the judge’s decision here)

The Court’s decision to grant summary judgment for Apple is primarily based on Apple’s copyright infringement claims against Psystar.  The Court addresses the exclusive reproduction, distribution, and preparation of derivative work rights under the Copyright Act that are exclusive to Apple.  Apple alleged that Psystar, by taking a copy of OS X, modifying it so that it would boot on a non-Apple made computer, and selling that modified work to the public, had violated Apple’s copyright in OS X.  The Court examines the possibility of a section 117 defense under the Copyright Act which does grant the owner of a copy of a copyrighted work a limited right to make an additional copy of adaptation of the work.  17 U.S.C. § 117(a).  There are two possibilities under section 117: a copy of the work is made as an “essential step” in using the computer program, or the copy is made for archival purposes.

The Court held that Psystar had essentially waived this defense by not timely raising it.  In any case, Psystar had been making a lot more than a single copy of OS X when it cloned its modified copy of the operating system and installed it to computers that Psystar offered for sale to the public.  The language in section 117 is more geared towards us consumers that might make a backup copy of our OS X disk, or backup the operating system to our Time Machines in the event of a failure of our prized Macbooks.

The Court briefly addresses section 107, fair use, noting only that Psystar doesn’t attempt to justify its use as a “fair use” under section 107.  Most likely, that Psystar offered a copy of OS X for sale with its computers without paying the “customary” licensing price to Apple would have doomed such a defense anyway under the first element of this test.

Psystar then raised the first sale doctrine as a defense, under section 109.  Under this section, I have the right to resell a copyrighted work I have purchased to the general public, without responsibility to the copyright owner (for example, to resell at a set price).  So, if I were to buy a legitimate copy of Snow Leopard for $100, and offer it on ebay for $50, I have that right under section 109.  The Court found that Psystar was not doing this at all in modifying OS X and then selling this modified copy on computers to which it was installed.  Section 109 does not really help Psystar.

The Court next addressed whether Psystar was creating a derivative work of OS X, by modifying certain operating system files so that OS X would load onto a non-Apple manufactured computer.  Psystar tries to assert that because it did not modify the kernel of OS X, only the bootloader file and certain kernel extensions (disabling Apple extensions and adding its own extensions for the software to run on non-Apple hardware), it had not created a derivative work.  Again, the Court sides with Apple.  Even the modification of such humble files is the preparation of a derivative work, which was unauthorized under the Copyright Act.

Psystar also alleged that Apple was misusing its copyright.  This doctrine addresses a copyright holder who attempts to leverage his limited copyright monopoly to control areas outside of the monopoly.  For example, if I write blog software, and license it under an agreement that requires that you never write blog software, I am misusing my copyright in the work.  I don’t have the right to prevent you from writing a competing software package.

Psystar is arguing that Apple is unfairly limiting where its operating system can be installed, which is perhaps anti-competitive.  Unlike Windows, which can run on a broad range of hardware that Microsoft does not manufacture, Apple limits OS X to Apple-made hardware.  Psystar is essentially arguing that Apple should do what Microsoft does with its operating system, to allow for competition.  The Court sided with Apple on this argument as well, reasoning that Apple was only trying to control the subject matter of its copyright – the software itself.  I don’t think the Court was persuaded that Apple must license its software as others have in the market.  Apple may also have a legitimate reason for controlling the hardware on which the software is operated, given the drivers mess that is created with most Microsoft operating system releases.  Older versions of Linux also struggled with this problem, in spite of the many volunteer developers who write drivers for the Linux system in its many flavors.

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, News, Technology | No Comments »

Linden Labs and Virtual Sex Toys? Huh?

September 18th, 2009

Oh, yeah, there is a lot of kinky virtual sex going on in Second Life.  And to support all of that activity, there are apparently a lot of vendors selling knock-offs of the “real” virtual sex toys of one vendor who is mad enough to sue.  (See Wired Article)

Yes, a few years ago, Linden Labs set up a special “mature” designation for areas in its virtual worlds that were aimed at “adult” conduct, so those under 18 and others with sensitive eyes  would not be offended by what they found.  However, probably much like the real world, virtual sex is rampant in Second Life.  As a consequence, there is a heavy trade in sex-related objects.  According to the plaintiff, Eros Products LLC, his SexGen products line has sold about $1 million (that’s U.S. dollars) within Second Life over the past five years.  (A copy of the Complaint is here)

Vicarious and contributory liability for copyright infringement is recognized by the courts as a cause of action under federal law.  This kind of liability has been raised in recent years by the various music file sharing services that came and went, such as Napster (originally a file sharing service without any copyright licensing from the music companies that owned the music being shared), Gnutella, and Limewire.  Each of these services were held to be liable for the file sharing of their users, in part based on the notion of vicarious liability.  Cases prior to Napster et al. that addressed this kind of liability along two lines: landlord-tenants where the landlord exercised no control over the leased premises, and dance-hall cases where the operator of the hall controlled the premises and obtained a direct financial benefit from the infringing performances.  Fonovisa, Inc. v. Cherry Auction, Inc., 76 F.3d 259 (9th Cir. 1996).  Under common law, landlords have not been held to have copyright liability where dance-hall operators have.

In Fonovisa, the defendant operated a “swap meet” where the operator rented stalls to individuals who were selling unlicensed copies of bootlegged music owned by the plaintiff.    For the swap meet operator to be liable, the plaintiff had to prove that the operator controlled the marketplace and obtained a direct financial benefit from the sales of infringing works.  The Court sided with the plaintiff in this case, even though Cherry Auction did not receive a commission from the sales of the infringing materials.

Assuming that Eros Products LLC (and other plaintiffs that may join the suit should the court certify this as a class action) can prove that they are the valid owner of the copyrighted works, the question for the court is whether Linden Labs can meet the standard for contributory liability.  Linden Labs is a virtual landlord in the sense that users of Second Life pay an annual subscription in order to “own” virtual real estate within the virtual world.  The right to own this virtual property is limited by payment of the subscription.  You will note, however, that there are plenty of users that do not acquire any virtual real estate in Second Life – and for them, there is no fee to participate.

However, Linden Labs also charges fees for the conversion of Linden Dollars into U.S. Dollars through the Linden Exchange.  For infringers seeking to sell pirated works in the virtual world, the real benefit to them is the ability to take the proceeds of those sales and convert them back into hard currency for use in the real world.  Approximately 250 Linden Dollars are worth a U.S. Dollar (the trading in this currency fluctuates).  In order to convert Linden Dollars back to U.S. Dollars, Linden Labs charges a fee of 3.5% of the value of the transaction.  So, indirectly, Linden Labs benefits from the sale of infringing goods every time that the infringer converts his Linden Dollar proceeds to hard currency.

There is a question, however, of whether Linden Labs is merely a landlord who relinquished control to his infringing tenant.  Eros Products LLC claims that Linden Labs did exercise control over the activities of its users because all of the virtual worlds within Second Life are ultimately housed on servers controlled by Linden Labs.  Pl.’s Complaint at ¶ 127-128.  And furthermore, Linden Labs has ultimate control over its software that operates Second Life, and I suppose that Linden Labs could alter its software to prevent copyright infringement if it wished to do so (how, exactly, is another story).  Factually, however, I think this is going to be tough to prove.  Unlike Grokster, who marketed itself as the successor to Napster for those looking to willfully infringe on the copyrights of others, Linden Labs has not marketed itself as a safe haven for willful copyright infringers.  On the contrary, Linden Labs gave some thought to copyright in its license agreement, granting its users rights in the works they create in-world.  (See Terms of Service here at section 3.2)

The other question is whether Linden Labs, in light of the DMCA, fits within the safe harbor established for internet service providers, shielding it from liability for the infringing acts of its users.  More on that in another post.  Stay tuned!

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, Intellectual Property, News, Technology | No Comments »

Google: The New Public Library?

September 1st, 2009

I suspect a fair number of people are really struggling with the proposed settlement between Google and the Author’s Guild over the wholesale scanning of more than 10 million copyrighted works.  At the heart of the settlement is a compromise that would allow authors to financially benefit from the sale of their works as a result of the Google index.  This would in turn allow Google to provide an index to these works that would be searchable using the google search engine.

The original thesis that permitted, according to Google, an “opt out” system for scanning and indexing these books was that Google’s use was a “fair use” as that phrase is defined within U.S. copyright law.  See 15 U.S.C. § 107.  Libraries, for example, acquire and make paper books available to the general reading public for loan.  Academics and journalists are specifically identified as “fair users” of the copyrighted works of others within the statute; these kinds of uses are recognized by federal law as having general utility that should be encouraged, in spite of the monopoly otherwise enjoyed by authors of works.  Google probably does not fit within any of the specifically mentioned groups.  Google is a very large, international, for-profit company that provides web search and related web services to internet users.

And, as has been spelled out in a number of federal cases on fair use, exploiting the works of another protected by copyright for profit and without paying the “customary fee” to the author almost always spells “not fair use.”  In this case, Google has reproduced wholesale into digital form the works of others without paying them any compensation.  Google’s activities are presumably part of its mission as a for profit entity.  One would anticipate that Google would be able to expand its AdWords presence to searches that turn up digital copies of the works that it scanned, and that Google could therefore gain a profit from these ads, without necessarily compensating the owner of the work whose content helped Google in getting its ad revenue.  Not fair use if we are all reading the same statute.

Nor is the phrase “opt out” found anywhere in the statute on fair use.  A copyright owner is not required to “opt out” of an infringer’s database in order to protect or reserve his rights in restricting how the work is reproduced or duplicated.  Implementing such an opt out system does not necessarily make the subsequent use a “fair use” under the Copyright Act.  For Google, I’m presuming that they would have argued that there were other overriding policy objectives that supported their project of scanning and indexing all of these books and placing them into the hands of internet searchers.  Perhaps chief among these is that Google was simply creating version 2.0 of the local public library, bringing more content to the more than one billion internet users that might be looking for an otherwise unretrievable work.  We actually pay (through taxes, at least for public libraries) the use that our brick and mortar libraries make of copyrighted works, why not tolerate a better library that its users by and large do not pay for (except by tolerating the ads that appear unctuously alongside search results)?

From a technical perspective, Google is absolutely right about its search engine as compared to the typical card catalog at the local library.  Google wins hands down.  When you consider that the majority of these books are out of print and hard to come by (about 3-4 million books are in print at any one time in the world), the settlement proposed would put back into “print” of a sort a whole lot of books that are otherwise hard to find unless you go to some “old school” library and use their card catalog.  Google’s index, however, improves the library card catalog, because the card catalogs are generally useful if you are already aware of the work, or the work happens to be cross-indexed in a meaningful way in relation to how you are searching the catalog.  Most catalogs in libraries are not full text indexes of the individual works in the library, so a google index would represent a huge leap forward for finding material online.

However, the legal argument (to the extent one has been made – Google entered into settlement negotiations promptly with the plaintiff such that Google has not had to file much in response to the Complaint) appears a little wanting.  Financially, most authors will probably be satisfied with the relatively small settlement amount per book, and the potential share of revenue for actual book sales through the Google service.  But the problem with the settlement for some is that they can get a better financial deal than Google is going to offer them.  Hopefully these authors will simply opt out of it to allow those authors that want to participate the option to do so.  But I think there is trouble ahead for this group of authors in the longer term as a consequence of what Google has been doing with its indexing.

This project poses a larger question that is aimed at the fundamental structure of what the Copyright Act protects in intellectual property: how authors can actually get paid for writing works in light of the free availability of huge amounts of information on the internet.  In years past, it was much easier to control access to information published in books, which provided a way to get paid via book sales.  I’m sure more popular books were plagiarized and reproduced without authorization of the publisher, but mass reproductions of a popular book would generally cost real money, which would limit the number of persons willing to engage in such wholesale theft.  Generally, in a paper world, authors had a way to generate revenue from book sales and royalties that was protected by the Copyright Act.

The internet has altered the level of accessibility to information.  Post 9/11, many U.S. government agencies and larger private companies began slimming down the amount of information available online (I guess posting our nuclear launch codes on the interweb was not so smart!) that was posted as part of transparent governance and the culture of openness encouraged by the internet.  However, in spite of a more security-conscious culture, the overall internet’s content continues to grow.  The information available in the written works of the world’s authors, especially highly searchable content from these works, would add substantially to the value and utility of the internet.  But can authors make a living if the information in their works is free?  Will authors continue to write works as a “hobby” and will this reduce the extent and value of works written in the future?  Can new works be written that are supported by advertising (e.g., Google Adwords on blogs)?

The “free” value of things available on the internet is challenging many of us to make a living in a new way.  And I think as a result, authors may need to seriously reconsider how they will survive as well.  To a certain extent, those that sit down to write a book must have (or develop through writing) some expertise in the subject matter for the book to have utility (not always true, but more often than not there is a correlation between authorship and subject matter expertise).  Our economy is benefitted by the high availability of specialists and experts that can help us beyond what we might self-educate ourselves about via internet research.  So there is value to the economy as a whole to the extent that authorship encourages the development of expertise.

The works created through this process also have intrinsic value to the economy to the extent that they are available for public consumption.  I certainly learned a fair amount about virtualization, for example, by reading white papers and other freely available articles online.  However, in spite of my self-education online, I would not have been comfortable implementing virtualization in a production environment without help.  Our project was benefitted greatly by the wisdom and experience of a technology professional that implemented these systems on a regular basis.  Perhaps this is how authors can make a living – by reselling their expertise in their field to more educated internet users that found the author through a Google book search.  But for those of you counting on royalty payments to make a living until 70 years after your death, I think Google is going to put you out on the street looking for a job!

Here are some links to several CNET stories that discuss the details of the proposed Google settlement.

CNET Story

CNET Story 2

CNET Story 3

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, Intellectual Property | No Comments »

Cloud Computing and Other Buzz Words

July 26th, 2009

The technology that drives health care today is changing in response to increase concerns about security and reliability, and external regulations like the security regulations in HIPAA.  In addition, the HiTech portion of the stimulus law this year has provided incentives for health care providers to adopt technology that allows for health data exchange and for quality reporting (which is a data driven process for providing outcome reporting for certain quality measures as defined by the Secretary of Health and Human Services).  There are a fair number of technology vendors that provide electronic health records (EHR) systems today, and also a fair number of vendors that have developed business intelligence or more sophisticated data reporting tools.  Health data exchange is a newer field; google and Microsoft have begun developing systems that allow users to establish a personal health record database, and some states have started planning for larger scale data repositories, but this concept is still at its beginning stages.

A buzz word today in technology is “cloud computing,” which is a fancy way of describing internet systems that businesses can rent from service providers to perform business tasks.  The idea is not new, even if the buzz word is; in days of yore, we called these “application service providers” or ASP’s for short.  I suppose that the IT marketing folks got sick of being compared with a nasty snake and thought clouds were better (or maybe more humorous if they had ever read Aristophanes).  Of course, the perjorative “vaporware” which roughly translates to a software vendor that markets a product it does not yet have to actually sell to people, also rings of clouds and things in the sky.  And the old “pie in the sky” as a way of saying “that’s a nice idea but has no hope of being useful down here where mere mortals live” could also relate to clouds.

That aside, there may be something to cloud computing for us mere mortals.  One of the important aspects of technology is how complex it actually is under the covers, and the degree and scope of support actually required to get the technology to work properly.  Larger businesses that have high concentrations of technology engineers and analysts are better equipped than the average business to deal with technology issues.  In this respect, cloud computing offers a business a way to “leverage” (another business term thrown casually around) the expertise of a fair number of technology experts without having to hire all of them on full time.  One of the dilemmas for business consumers, however, is the amount that one needs to be able to trust the technology partner they rent from.  This is the same problem that ASP’s originally faced years ago.  What happens to the data in the cloud when the cloud computing vendor either stops providing the service you are using, or just goes out of business?  How do the businesses work together on transitioning from one cloud to another, or from the cloud back in-house?  What if the business wants to host its own cloud onsite or at its existing hosting facility?  How are changes to the hosted application controlled and tested?  How often are backups performed, how often are they tested?  How “highly available” is the highly available system hosted?  How are disasters mitigated and what is the service provider’s disaster recovery/business continuity plan?  How are service provider staff hired and what clearance procedures are employed to ensure that staff aren’t felons that regularly steal identities?  The list of issues is a long one.

The other dilemma for businesses that want to use cloud computing services is that many of these services have a standard form contract that may not be negotiable, or essential parts of it may not be negotiable.  For example, most cloud computing vendors have hired smart attorneys who have drafted a contract that puts all the liability on the customer if something goes wrong, or otherwise limited liability so severely that the business customer will need to buy a considerable amount of business insurance to offset the risks that exist with the cloud, should it ever fail, rain, or just leak into the basement.

On the other hand, businesses that have their own IT departments have the same set of risks.  The difference, I think, is that many businesses do not have liability contracts with their otherwise at-will IT staff.  So, if things go horribly wrong (e.g., think “negligence”), the most that might happen to the IT person responsible is immediate termination (except in cases of intentional property theft or destruction, both of which may lead to criminal but not automatic civil liability for the IT person involved).  How much time does a business have to invest to develop and implement effective system policies, the actual systems themselves, and the staff to maintain those systems?

The advent of more widely adopted EHR systems in the U.S. will likely heat up the debate over whether to use cloud computing services or virtualized desktops that are hosted centrally by a hosting company in order to roll out the functionality of these systems to a broader base of providers (currently estimated at 1 in 5 presently using some EHR).  Companies that can cost less than the Medicare benefit to providers while helping providers comply with the security regulations will likely have the most success in the next few years.  Stay tuned!

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, EHR, HIPAA, Information Security, Security Regulations, Technology | No Comments »

Google and Copyright Infringement

July 22nd, 2009

Google, back in 2004, began an endeavor to index the contents of an enormous number of books through its search engine, so that google users would be able to full text search books that were otherwise unpublished on the internet.  Under U.S. Copyright law, books that were published before the 1920′s (and certain texts published after that time that did not comply with the renewal requirements and were not saved by the Copyright Act of 1976) are in the public domain and can be freely copied without the need of prior consent or the paying of royalties to the author or his/her estate.  Hence, you can find a copy of Edward Gibbon’s Decline and Fall of the Roman Empire on google’s book search, because Mr. Gibbon originally wrote the manuscript well before the earliest date that the book could be protected by current U.S. Copyright law.  Of course, what got google into trouble was not long dead authors but very alive ones (or ones whose estate or a third party owned a valid copyright to the work), which led to a lawsuit against google in federal court in 2005 by several named plaintiffs and an association, the Author’s Guild, who represents over 8,000 other authors.  The Author’s Guild, et. al. v. Google, Inc., 05 CV 8136 (S.D.N.Y. Sep. 20, 2005).

The complaint in 2005 alleged that google’s indexing of these books without paying a license fee to the individual authors with valid copyrights was copyright infringement writ large, and that the indexing was done in search of advertising revenue (an expressly commercial purpose).  Infringing the valid copyright of another without paying the customary license fee is the sine qua non of an unfair use, and I suspect that were we to see this tested in a court, google would likely have lost the suit.  However, the case didn’t get very far as the parties entered into negotiations to settle the matter.  In 2008, a proposed settlement was announced (see a CNET article here) which would have had google pay the Author’s Guild about $125 million in royalties for google to continue its “exploitation” of works that were probably protected by copyright.

This settlement has not set well with others that are concerned that google’s book collection looks a tad monopolistic (including the Department of Justice, who opened an antitrust investigation according to Reuters).  There is concern in the online community that google may have control of too much information which may ultimately stifle innovation by others.  Monopolizing a market generally violates the Sherman Anti-Trust Act, which can lead the Department of Justice to file suit against the alleged monopolizer.  Such suits have caused large companies like IBM and AT&T to either stop seeming to be monopolies, or to breakup outright into smaller units.  Last year, anti-trust concerns stopped google from establishing a search marketing relationship with yahoo, even though google was probably not trying to control the world of search but just trying to help yahoo fend off a purchase by Microsoft (which ultimately did fail and subsequently led to the ouster of Yahoo’s CEO and a founder Jerry Yang, later in 2008).

Ironically, holders of a valid copyright exercise a legalized monopoly over the thing copyrighted, which, while limited to the duration of the author’s life plus 70 years, is a relatively long time.  For highly valued items, such a monopoly could effectively stifle innovation, at least for those that wish to make derivative works from the copyrighted work but cannot afford to pay the “customary fee” to the copyright holder.  Effectively, the copyright holders represented by the Author’s Guild are one set of monopolists fighting with another alleged monopolist, google, which is probably far larger, but probably not otherwise more or less sympathetic.  On the other hand, the copyright monopoly does have limits built in to the rights granted under the Copyright Act itself, including fair use under section 107, which provides for some academic and non-profit expression by individuals who would otherwise be copyright infringers.  Against google’s alleged monopoly of online information, only a very large sum of money to invest in a competing search engine can offset the market that google now controls in search traffic and search advertisements.  There is no “fair use” exception to google’s alleged monopoly over information that would balance the playing field.

In years past, the anti-trust branch of the Department of Justice may have tried to break up a monopoly and/or have a governmental agency regulate the resulting company(ies).  For example, in Maryland, the Public Service Commission is responsible for watchdogging the utility and phone companies.  Verizon, which operates in several states including Maryland, is a smaller version of AT&T from the 1970s (or perhaps larger given the overall growth in telecommunications in the U.S. over the last thirty years).

The question to be answered is whether Verizon is any more responsive to customers today than AT&T was before the big break up, and whether Verizon is any less stifling of competition and innovation than its predecessor, AT&T.  Answering these questions may help to answer whether google ought, as a matter of policy, to be broken into smaller operating groups and/or regulated by the federal government like an “internet utility” company.

With regards to responsiveness, this is a hard question to answer.  A regulated utility like Verizon is still a very large entity, and as a matter of statistics, Verizon will make a substantial number of errors in service provision and billing that will lead to user complaints.  I don’t have any hard data on complaints over time or resolution rates to compare pre- and post-break up of the entity.  And as to google, I’m not sure that this is much of an issue.  The truth is that there are other search engines in the market today, and it is very easy for an internet user to access these search engines.  They may not have the same content indexed, but all of them use some form of search advertising to help subsidize your ability to freely search on them (or you have to pay a subscription fee to use them).  The state of search today may not really compare with the customer service issues of telecom customers of years past that were stuck working with the Baby Bell to get their phone to work properly.

With regards to the problem of stifling competition, the telecommunications bust at the beginning of this century was in part the result of the Baby Bells like Bell Atlantic/Verizon who controlled the last mile infrastructure that connected competing telecoms to customers.  After a century, the Baby Bells had so much more invested in the public phone and data networks that no small start up could possibly compete.  And whether court-ordered or not, the engineers at Verizon were not going to make a competitor’s service request a higher priority than servicing direct Verizon customers.

So, if the equivalent of this is for google to keep its database of indexed books but simply share access to other search engines, I doubt the outcome would be much different – most people trying to find a book would get a better response from google’s search engine than a competing search engine.  Alternatively, if google were required to publish its search engine algorithms and code, how long and how much money would it take for a competitor to grow to sufficient size to accumulate the scope and depth of data that google now handles every day?  Ten years?  Twenty?  And would the internet be a better place because there are two identical search engines? This is like when there were two different paper phone books.  Other than the additional tree casualties, I don’t think the public was better served with two phone books, and I doubt having two identical databases on the internet of web sites would be much better, either.

What about an Internet Public Service Commission?  For the phone company, the PSC in each state is empowered to receive and investigate complaints from customers – typically about a billing problem, but the PSC investigators examine related issues as well.  My experiences with the PSC here have been positive.  The PSC’s opening of an investigation usually gets my complaint to the right person at Verizon, who is then able to resolve the problem that the customer service representative was either not empowered to resolve or unwilling to resolve.  What, then, would the IPSC be charged with handling from the public about google?  Lost documents in the internet cloud that were stored with google?  Google’s search crawler doesn’t search my site quickly enough?  My web site doesn’t show up in search results high enough based on my keywords?  Security breaches at google?

I suppose another solution would be to make google a national library and attach it to the Library of Congress, which could use the google revenue stream to pay for scanning and indexing everything in the Library of Congress to make it generally available to the public.  Unrelated parts of google could be spun off as private enterprises that would not operate with public money or public regulation (such as the cloud computing aspects of google).

Stay tuned for developments!

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, Intellectual Property, Technology | 1 Comment »

Health IT & Open Source

July 16th, 2009

The truth is that I may just be getting annoyed about this debate.  A recent blog posting on Wired (click here for the article) frames the debate over health technology in terms of open source versus legacy or proprietary code, the latter being the enemy to innovation, improved health outcomes, and usability.

First off, an open source program is merely governed by some version of the GPL, which means that other developers can reverse engineer, make derivate works, or otherwise include your open source code in their subsequent open source code.  Developers that freely work together to write something cool are developers writing code.  They aren’t necessarily health experts, physicians, efficiency gurus; in fact, they may not even have health insurance if they live in the U.S. (1 in 6 of us are uninsured).  The fact that code is open source does have a big impact on how U.S. copyright law protects the work, but it doesn’t mean that somehow an open source developer is more in tune with health IT requirements, how to best integrate the system into a physician’s practice, or even necessarily what the actual requirements are for a physician to see a patient and document the visit to avoid liability for fraud or malpractice.  That’s because for developers, requirements come from outside of the development community, from users.

And guess what – proprietary developers of software listen to their user community to understand their requirements.  It’s part of the job of developers, regardless of whether the code is open source or proprietary.  And, for everyone participating in the global economy, the people that pay for your product generally drive the features and functionality in it.  If you can’t deliver, then your user base will go find someone else who can deliver.

Now, for larger health organizations, health records systems are a multi-year investment.  This inherently locks that health organization into a longer term, and more conservative, relationship with their health IT vendor, which tends to reduce the amount of change introduced into a health records system over time – especially for the larger vendors that have a lot of big clients.  The little developer out there writing code at 3am is certainly going to respond to market changes far more quickly than a really big corporation with a health IT platform.  But you know what?  Try getting the little guy to support your 500 desktop installations of his software 24×7.  Do you really think he can afford to staff a help desk support function around the clock for your business?  What happens when he has two customers with emergencies?  Or he wants to get some sleep?  And what about change control?  Even big vendors stumble in testing their code to make sure it works and is secure before releasing it (think Microsoft).  Solo, open source developers, even working in informal teams, are going to miss at least as often as a larger vendor, and introducing a lot more changes just increases the frequency that an untested change becomes an “unpublished feature” aka “blue screen of death.”  Trust me on this one: the health care user base is not going to be very tolerant of that.

Repeatedly, I hear the refrain that this stimulus money is going to go to systems that can be put to a “meaningful use,” and that is going to exclude rogue open source Health IT developers from being funded, squelching innovation in the market place.  I imagine that complying with the security regulations under HIPAA probably hinder innovation, too, but they increase the reliability of the system vendors that remain in the market place and reduce the risk to the data of patients that might be in their computer systems.  Setting minimum standards for health records systems may favor incumbent systems, but honestly – is that so wrong?  Isn’t the trade off here that when someone buys a system that is certified, they can have the satisfaction of knowing that someone else without a vested interest in the product, thought it had certain features or a proven record of delivering certain outcomes?  Perhaps the certifiers aren’t neutral because they come from the industry of EHRs, but if I recall correctly, the people that run the internet have committees with representatives from the internet industry, yet I rarely hear that the standards for the POP3 protocol unfairly burden new or open source developers.

That someone set standards for EHRs like a government agency is a lot like the government setting the requirements for you to receive a driver’s license.  Everyone who drives needs to understand what the red, octogonal sign with the capital letters S T OP means.  On the other hand, you may never parallel park again, but you better learn how to do it if you want your license to drive in Maryland.   Standards are always a mixed bag of useful and not-so-useful rules, but I don’t think there are too many people out there arguing that the government should not set minimum standards for drivers.  A certification requirement for EHRs to establish minimum standards is no different.  Ask the JCAHO people about it.  Ask the HIPAA police.  Ask the IT people you know.  If you are going to develop an EHR, you better secure it, make sure the entries in the database are non-repudiatable, and have a disaster recovery approach.  Don’t know what these things are?  Do your homework before you write a computer system.

Now, another refrain has been that look at how all of these proprietary systems have failed the world of health provisioning.  For example, look at how more kids died at the Children’s Hospital ER in Pittsburg after the hospital implemented an EHR (I can feel a class action lawsuit in federal court).  Who implements EHR’s in ER’s?  So the doctor is standing there and a patient is having a heart attack.  What should the doctor’s first act be?  To register the patient into the EHR and record his vitals?  I would think the doctor should be getting out the paddles and worrying about the patient’s heart beat, but then, I am an attorney and systems guy, not a physician.  Look – dumb decisions to implement a computer system should not lead to subsequent critics blaming the computer system for not meeting the requirements of the installation.  EHR is not appropriate every place patients are seen or for every workflow in a health care provider’s facility.  No knock on the open source people, but I don’t want my ER physician clicking on their software when I am dying in the ER, either.  I don’t want my doctor clicking anything at all – I want her to be saving me.  That’s why I have been delivered to the ER.

Now, VistA is getting a lot of mileage these days as an open source, publicly funded, and successful example of EHR in action.  And it is free.  But in fairness, VistA is not a new piece of software recently written by three college kids in a garage somewhere in between World of Warcraft online gaming sessions.  This program has been in development for years.  And “free” is relative.

For example, if you want support, you need to pay for it.  If you want to run it in a production environment, you will need to buy equipment and probably get expert help.  If you want to implement it, you will need to form a committee, develop a project plan, implement the project intelligently with input from your users, and be prepared to make a lot of changes to fit this system (or any system) into your health facility’s workflows.  And if you find yourself writing anything approaching software, that will cost you something, too, as most health care providers do not have a team of developers available to them to modify any computer system.  So, “free” in this context is relative, and genuinely understates the scope and effort required to get any piece of software to work in your facility.  ”Less” may be a more appropriate adjective.  But then, that’s only true if you can avoid costly modifications to the software, and so far, there is no single EHR system that works in every setting, so expect to make modifications.

That’s my rant.  Happy EHR-ing!

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, EHR, HIPAA, Intellectual Property, Security Regulations, Technology | 1 Comment »

RIAA & Copyright: $2 Million Fine Whacky Consequence of Copyright Act

July 8th, 2009

The RIAA, in a new trial of an alleged copyright infringer who had shared 24 songs via the file-sharing service Kazaa, won almost $2 million in fines against the defendant calculated on the basis of statutory damages under the U.S. Copyright Act.  (See the Wired Story here)  This is an almost ten fold increase in the fines awarded to the RIAA against Thomas-Rassert from the original trial in 2007.  The basis for these fines is a provision of the Copyright Act, codified at 17 U.S.C. § 504(c)(2), which allows for a maximum fine of $150,000 on the finding of willful infringement by the defendant.  Statutory damages are available to a plaintiff who elects to not seek actual damages for the infringement proved during the trial.

In this case, the defendant Thomas-Rassert had been sharing 24 songs online.  Assuming that she had a typical aDSL connection where the upload speed is considerably slower than the download speed, and the average size of each file shared was about 3 megabytes, she would have been able to share about 0.22 songs per minute to other users of Kazaa.  If each song would have cost $1 to purchase as a single from a reputable vendor (like itunes), and she shared these 24 songs continuously for a year, the amount of lost sales to the music industry would have been about $115,632 (with about 20% of this going to the reseller and not the music companies), or about 1/20th of the damages award against her for her infringement of the plaintiff’s copyrights.  Thomas-Rassert’s own estimate of the actual damages proved by the plaintiff was even smaller – on the order of $150.  (See the filing seeking remittitur after the original trial resulted in a $222,000 verdict against her)

I certainly do not condone copyright infringement, but the damages sought by the RIAA in this case are highly disproportionate to the alleged injury to the copyright holders.  Seeking such a large fine against an individual reflects to me, at least, the frustration the RIAA has had in pursuing the makers of the file sharing platforms directly, many of whom are either out of the RIAA’s legal reach or otherwise judgment proof.  While I would not call Thomas-Rassert an “innocent infringer,” nor a “fair user” given the prior Supreme Court jurisprudence holding otherwise, I also would not call her a “pirate” worthy of the civil version of a hanging, either.  Let’s hope the judge has the good sense to reduce the fines to a more reasonable level.

Post to Twitter Tweet This Post

Digg This
Reddit This
Stumble Now!
Buzz This
Vote on DZone
Share on Facebook
Bookmark this on Delicious
Kick It on DotNetKicks.com
Shout it
Share on LinkedIn
Bookmark this on Technorati
Post on Twitter
Google Buzz (aka. Google Reader)

Posted in Copyright, Intellectual Property | 1 Comment »

« Older Entries