Tag Archive for: Laws

Stupid Patent Of The Month: Veripath Patents Following Privacy Laws

/in

What if we allowed some people to patent the law and then demand money from the rest of us just for following it?

As anyone with a basic understanding of democratic principles can see, that is a terrible idea. In a democracy, elected representatives write laws that apply to everyone, ideally, based on the public interest. We shouldn’t let private parties “own” legal principles or use technical jargon to re-cast those principles as “inventions.” 

But that’s exactly what the U.S. Patent Office has allowed two inventors, Nicholas Hall and Steven Eakin, to do. Last September, the government proclaimed that Hall and Eakin are the inventors of “Methods and Systems for User Opt-In to Data Privacy Agreements,” U.S. Patent No. 10,075,451

The owner of this patent, a company called “Veripath,” is already filing lawsuits against companies that make privacy compliance software. With Congress and many states actively engaged in debates over consumer privacy laws, Veripath might soon be using this patent to extract licensing cash from U.S. companies as well.

Privacy-For-Functionality isn’t an “Invention,” it’s a Policy Debate

Claim 1 of the ‘451 patent describes a basic data privacy agreement. An API provides personal information from a software application; then the user is asked for a “required permission” for the use of that information. There’s one add-on to the privacy deal: in exchange for the permission, the user gets access to “at least one enhanced function.”

The next several claims go on to describe minor variations on this theme. Claim 2 specifies that the “enhanced function” won’t be available to other users. Claim 3 describes the enhanced function as being fewer advertisements; Claim 4 describes offering the enhanced function in exchange for a monetary payment.

To say this “method” is well-known is a major understatement. The idea of exchanging privacy for enhanced functionality or better service is so widespread that it has been codified in law. For example, last year’s California Consumer Privacy Act (CCPA) specifically allows a business to offer “incentives” to a user to collect and sell their data. That includes “financial incentives,” or “a different price, rate, level, or quality of goods or services.” The fact that state legislators were familiar enough with these concepts to write them into law is a sign of just how ubiquitous and uninventive they are. This is not technology this is policy.

(An important aside: EFF strongly opposes pay-for-privacy, and is working to remove it from the CCPA. Pay-for-privacy undermines the law’s non-discrimination provisions, and more broadly, creates a world of privacy “haves” and “have-nots.” We’ve long sought this change to the CCPA.) 

Follow the Law, Infringe this Patent

Veripath has already sued two companies that help website owners comply with Europe’s General Data Protection Regulation, or GDPR, saying they infringe its patent. Netherlands-based Faktor was sued [PDF] on Feb. 15, and France-based Didomi was sued [PDF] on Feb. 22

Some background: Venpath, Inc., a company with a New York address that appears to be a virtual office, assigned the rights in the ‘451 patent to VeriPath just days before the patent issued in September last year. As it happens, the FTC began enforcement proceedings against VenPath last September. The FTC’s complaint [PDF] alleged that VenPath’s website represented that “VenPath participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.” The FTC alleged a count of “privacy misrepresentation.” It claimed that VenPath “did not complete the steps necessary to renew its participation in the EU-U.S. Privacy Shield framework after that certification expired in October 2017.” The FTC issued a Decision and Order [PDF] requiring VenPath to remove the misrepresentations. 

An exhibit [PDF] attached to the complaint shows that one of the named inventors on the patent, Nick Hall, contacted Faktor to ask what its prices were. Hall identified himself as the CEO of VenPath. Once Faktor responded, Veripath sued Faktor in federal court in New York.

In its lawsuits, Veripath claims that basic warnings about cookies on websites, a now-common method of complying with the GDPR, violate its patent. The lawsuit against Faktor notes that Faktor’s own website “might not work properly” unless a user consents to having her browser accept cookies.

Veripath and its legal team argue that this simple deal—accepting cookie use, in order to visit websites—is enough to infringe the patent. They also claim that Faktor’s Privacy Manager software infringes at least Claim 1 of the patent, and facilitates infringement by others. 

The ‘451 patent should never have been granted. In our view, its claims are clearly ineligible for patent protection under Alice v. CLS Bank. In Alice, the Supreme Court held that an abstract idea (like privacy-for-functionality) doesn’t become eligible for a patent simply because it is implemented using generic technology. Courts have struck down similar claims, like a patent on the idea of conditioning access to content on viewing ads. 

Even when a patent is invalid, defendants face pressure to settle. Patent litigation is expensive and it can cost tens or hundreds of thousands of dollars just to get through the early stages. To really protect innovation we have to ensure that patents like the ‘451 patent are never issued in the first place. The fact that this patent was granted shows the Patent Office is failing to apply the law.

We are currently urging the public to tell the Patent Office to stop issuing abstract software patents. You can use our Action Center to submit comments.

Republished from the EFF’s Stupid Patent of the Month series.

Permalink | Comments | Email This Story

Techdirt.

Opinion: One year on, our mandatory data breach laws have failed – CIO Australia

/in

Opinion: One year on, our mandatory data breach laws have failed  CIO Australia

OAIC’s mandatory data breach legislation, which came into effect a year ago last Friday, has so far proven to be a flop, says Michael Connory.

“data breach” – read more

The Laws Of War Are Still Trying To Solve The Quandary Of Legal Nukes – Deadspin

/in

The Laws Of War Are Still Trying To Solve The Quandary Of Legal Nukes  Deadspin

This piece is part of a recurring series that aims to be a complete guide to the laws of war. You can read previous entries here.

“cyber warfare news” – read more

Australian MP Pushes Back Against Expanded Site And Search Blocking Laws

/in

We’ve been talking for several months now about the amendments to Australian copyright law currently under consideration by the government there. As a refresher, Australia put a site-blocking policy in place several years ago. That policy has been praised by both government and rightsholders as effective, even as those same interests insist that it doesn’t do enough to stop piracy down under. As a result, the government is currently considering amendments to Australian copyright law that would make it easier for extra-judicial blocks of “piracy sites” and their mirrors, and includes demands that search engines like Google participate in this censorship as well, despite the fact that blocking search returns relevant to a user request is the opposite of what Google does. Predictably, the amendments to the law have wide support across political parties in Australia, and pretty much everyone is sure it’s going to pass as is.

A key aspect of this is that all of the focus is on piracy and how to stop or minimize it, regardless of whatever negative effects that might have on ISPs and a free and open internet. There has been zero focus thus far on whether these legal mechanisms are really the optimal route to addressing this problem. This week, however, one Australian MP decided to grab a microphone and finally take rightsholders to task.

An expansion of Australia’s piracy site-block laws is “a form of regulatory hallucinogen”, Labor MP Ed Husic has said, adding that the voice of the consumer needs to be heard and rights holders should be less “resistant” to digitisation and reforming their systems.

“The big challenge is the freeing-up of copyright to ensure that innovation can spread more widely and to face up to big rights holders and the types of hysterical arguments we get in this space,” Husic said. “These rights holders think that by constantly using legal mechanisms through this place and elsewhere, piracy will disappear. The reality is that piracy is a reflection of a market failure.”

It’s rare that a member of government gets things so absolutely correct on this subject. Far too many rightsholders seem to only have one arrow in their quiver, and that’s the legislative or judicial arrow. What has actually occurred is that a disruptive force, the internet, has changed the possibilities and demand for certain types of content. Does anyone remember the consumers of these products, legitimate and otherwise? They are supposed to have a voice in government as well, and yet they are consistently ignored. But, really, it’s the public and the internet that are driving this whole discussion. How is it possible that they don’t have a seat at the table?

Husic goes on to ask the same question, all while poking lawmakers in the eye for bowing to the wrong constituency.

“As lawmakers, just because we might get a selfie with Richard Roxburgh — I love Rake as much as anyone else — or a political party gets a donation from a rights holder, does not mean that we should stop looking at how to make the types of reforms that balance the needs of creatives and the needs of producers versus the needs of consumers,” he said.

The sad part of all of this is that Husic is the exception, not the rule. When you read that these amendments will almost certainly pass in Australia, that prediction is almost certainly correct. And, when that happens, exactly whose interests will be served? The answer, I think, cannot possibly be “the public’s.”

Permalink | Comments | Email This Story

Techdirt.