My VoIP life

I've been using voice over internet protocol (VoIP) for a while now. What it means is that I don't use my phone line to talk to people.

So how do I dial my friends? I have cable internet, and I bought a little box (a Linksys 3102) for $AUD65. My normal phone connects to the box, as does an ethernet cable from my router. A picture would be better, but it's actually pretty simple.

Tonight I rang my partner who is on holidays in New Zealand (I'm meant to be there too, but work interfered). I spoke to her for 18 minutes, and it cost me $AUD0.45. Yes, less than half a dollar, and the quality was that of a normal phone line. If I'd been on a different plan with my VoIP provider it would have cost AUD0.08. Really.

There are a bunch of providers who can do this for you. I use www.pennytel.com, but you can use a number of others, including www.skype.com. All I know is that my call costs have dropped from $50 per month to $7.

In-house counsel briefing out

In an interesting interview by Law.com of Ken Massaroni, General Counsel at Seagate, Massaroni says:

Q: Other than IP litigation, what other kinds of matters do you typically send to outside counsel?

A: Pretty much all of our litigation -- including HR matters and commercial contract disputes -- goes to outside counsel.

Q: Approximately how big is Seagate's corporate law department? Has there been a recent trend in terms of either reducing or expanding the size of the law department?

A: Our department numbers approximately 50, including both lawyers and non-lawyer staff. Seagate has recently gone through some reductions, and the legal department was affected by that.

Q: What kinds of matters that you deal with are more efficiently and effectively handled in-house rather than by outside counsel?

A: There are a whole host of activities that I think are better handled by inside attorneys and that are also accomplished on a more cost-efficient basis. Those would include all of the counseling on HR matters, all general corporate matters and the negotiation of commercial contracts, to name just a few. These are the kinds of things where inside attorneys can work closely with our clients to the point where we understand the issues to a degree that would be impossible for outside counsel to achieve on anything like a cost-effective basis.

I see several reasons for briefing out:

• too much work and not enough lawyers
• insufficient expertise internally
  
• doing the work would be a poor utilisation of in-house lawyers

In-house counsel are uniquely placed to spend time getting to know the company's real business. Law firms will tell you they can do the same thing, but they can't. It follows that in-house counsel should do the work that requires that intimate knowledge, and it's only the other work that might be a candidate to send out.

Briefing out litigation is a good example of the last point - litigation is rarely part of core business (even if you're an insurance company) and your in-house lawyers have been hired on the basis of how they fit core business needs.

Litigation is also an example of the second point - a property company doesn't need to employ experienced litigators, because litigation is (hopefully) infrequent.

As for the first point, it seems that many large organsiations brief out about 60% of their legal work. That implies that the working hours of in-house lawyers are largely of their own choosing, since they could easily double their workload (and hours) and still not get all the legal work done. Therefore an in-house lawyer needs to decide what is an appropriate workload for his or her life.

Cyberspace September 2009

Watch out

I recently received a letter from "Domain Renewal Group" inviting me to renew my domain name with them. However, my registrar is a completely different company. On closer inspection it was actually an invitation to switch to them as my registrar and renew for $45 pa. However, I actually use GoDaddy, and I pay $12.75 pa. The letter also invited me to purchase a related .info domain for $75 for 2 years. GoDaddy sells .info domains for around $1. DRG is well known across the internet for these sorts of letters, and the letters are vaugely similar to those sent in 2003 by Domain Names Australia, for which it was sued by the ACCC (FCA v 926 of 2003). Moral of the story? Read the fine print (speaking of which, was literally 1mm high on the back of the letter).

Windows 7

As a Microsoft Technet subscriber I am now using Microsoft's latest operating system, Windows 7 on my main computer. It works well, even with old programs, seems to be as fast as Windows XP, and offers more security against malicious attacks. But should you upgrade when it's released in October? Don't upgrade existing business systems running Windows XP. Wait until you need to refresh your hardware and your new systems will have 7 pre-installed. Having said that, make sure you test all your software and confirm with your suppliers that they will support their software under Windows 7. Windows Vista users might be more interested in upgrading, as it is very likely that anything that runs on Vista will run on 7, and 7 is faster than Vista on the same hardware. The same warning about testing applies though.

Working online

I recently wrote about ways to save a lot of cash and use better systems when setting up a new office by using software (and telephony) as a service, rather than installing and maintaining your own software and hardware. I've also written about online wordprocessing using Google Docs or Zoho. Microsoft has just announced it is going to offer a similar online system which will allow you to access your Word, Excel, PowerPoint and OneNote files from anywhere. You'll be able to use the full Office applications (and this will be the main way you use it in the office), as well as less powerful versions in the web browser and on mobile phones and other devices. There will be a free but advert-laden version and a paid subscription. The latter may even be sufficient for many small businesses who don't use the complex features in Office.

Around the courts

Remedies, particularly in Trade Practices cases, can be inventive. In ACCC v Harvey Fresh (1994) Limited [2009] FCA 853 the Court ordered that the unsuccessful respondent publish a specified statement on its home page that was viewable immediately upon accessing the web site, include its logo and be at least 40% of the "images on the screen."

In Sands V Channel Seven Adelaide Pty Ltd & Anor [2009] SASC 215 the court considered the defamation common law defence of fair and accurate report where the publication ocurred on the Internet. This was an important point, as at the time South Australian legislation provided no statutory protection. The court held that the common law defence did apply to the Internet. Another interesting remark was that:

There is no presumption of law that there has been substantial publication in respect of an internet publication. It is for the plaintiff to prove that the material in question was accessed and downloaded. In this case there has been no “platform of facts” proved by the plaintiff from which an inference can be drawn that substantial publication of the website article occurred within South Australia.

The moral? Don't forget to subpoena or seek discovery of the web server logs!

Cyberspace August 2009

Learn it or lose it

The USA (land of the free, home of the armed) has a lot of case law in relation to electronic discovery. A large proportion of that relates to costs, and the recent case of Chen v Dougherty (USDC No. C04-987 MJP http://www.ediscoverylaw.com/uploads/file/Westlaw_Document_Chen.doc) is interesting because a lawyer had her costs reduced to USD$200/hour "for certain time spent on discovery... (as her) inhibited ability to participate meaningfully in electronic discovery tells the Court she has novice skills in this area and cannot command the rate of experienced counsel." On one level that is a fairly obvious conclusion - a junior lawyer or someone operating outside his area of expertise can't claim high rates, but "inhibited ability to participate meaningfully" suggests that the modern lawyer needs to engage in understanding technology just as much as the law.

Portability

Netbooks are very popular at the moment, and for good reason. This column is being written on my original Asus eeePC 701 (7" screen) which provided sterling performance around Asia and Europe last year. A member of the senior bar also contacted me and recently took his around Greece and Bulgaria. We both used Skype (http://www.skype.com) over Wi-Fi to make phone calls on it cheaply and easily. I'm convinced that these netbook computers have a long term place in computing history, due to the portability of the device (under 1kg) together with cheap 3G within Australia and wireless when overseas. Not only was it a very cheap phone using Skype, it also offered storage for our camera cards, listening to ABC streamed radio, Google maps, ticket purchasing, tourist attraction research, hotel bookings and more. Many of the more recent netbooks have a 10.1" screen together with more storage, power and battery life making them easier to use. However, I think that they won't be as useful unless they can remain comparable in size and weight. The 3G data option, using a dedicated card or USB device, is a good one as you can buy 1GB of data per month for under $14 if you look around. Sitting up the back of a lengthy Registrar's list might become a lot more productive.

An even more portable device I have come to appreciate is the iPod Touch (http://www.apple.com/au/ipodtouch/). With a headset or clip on microphone (http://www.macally.com/EN/Product/ArticleShow.asp?ArticleID=171) it becomes a VoIP phone using Fring or provider-specific applications such as Skype or Pennytel. It offers very good phone call quality on a wi-fi connection. If your computing needs are light, you could just travel with the Touch as it offers email, calendar, contacts, Google Maps, web browsing and entertainment whenever you have a Wi-Fi connection. I'll be in NZ shortly, and I suspect the Touch will be enough rather than my eeePC.

Maintaining lists

Managing lists of things is often a problem, because doing it in Microsoft Excel or Word is cumbersome and inherently single-user. Microsoft SharePoint (an add-on to Windows Server - http://sharepoint.microsoft.com) might be a solution for you. Although I recently wrote a blog post about why I don't think SharePoint is a viable document management system, I do think that SharePoint is great at maintaining lists. My company maintains a number of lists such as those for document executions, bank guarantees, and safe custody. SharePoint has improved the way we do that, and we are gradually moving more data over to it. Benefits over Excel include multi-user, drop down menus for data consistency, avoidance of accidental changes, sorting and filtering. Since it's web-based you don't need to have any extra applications on the PC, including Microsoft Office.

Cyberspace July 2009

On 17 February 2009 the Federal government released a document "An Australian Consumer Law. Fair markets - Confident consumers" (http://www.treasury.gov.au/documents/1484/PDF/An_Australian_Consumer_Law.pdf). In May it released "The Australian Consumer Law – Consultation on Draft Provisions on Unfair Contract Terms" These, together with a recent agreement by all State & Federal governments to have one national consumer affairs law, signal impending major changes in consumer law.

The February report notes

"Unfair terms are more likely to be found in standard form contracts, presented to consumers as a 'take it or leave it' offer... such contracts are increasingly used in relation to online services."

How does this affect technology? If you've ever read an End User Licence Agreement from Apple, Microsoft, EBay, and many other technology companies you will see that they contain some outrageous terms. But, if you want the product or service then you simply must agree to it. For example, I'm going to pick on Apple. The iTunes Store Terms & Conditions (http://www.apple.com/legal/itunes/au/terms.html#SALES) is a rather fragmented document which states in the Terms of Sale:

"IF YOU DO NOT AGREE TO THESE TERMS... DO NOT USE THE SERVICE... YOU MUST ACCEPT AND ABIDE BY THESE TERMS AS PRESENTED TO YOU;"

"CANCELLATION POLICY All Sales and rentals (as applicable) are final... you will not have a right to cancel your contract once the service commences."

That's it. Bad luck if the software is buggy, or the music is poorly recorded. The term may also be contrary to Div 2 Part V of the Trade Practices Act or the Fair Trading Act. Buried much further down in another agreement (Terms of Service) in 19 c is a term which deals explicitly with the TPA. However, the"cancellation policy" appears in the first few centimetres of the Terms of Sale agreement and the TPA clause is a long way down and only refers to the Terms of Service, not the Terms of Sale!

And there's more:

"Termination by iTunes. If ... iTunes suspects that you have failed to comply with any of the provisions of this Agreement ... iTunes, at its sole discretion... may... terminate... your account."

"iTunes reserves the right to change the terms and conditions of sale at the iTunes Store at any time."

The proposed Australian Consumer Law will introduce a national unfair contract terms provision which will apply to standard form contracts. The law can be invoked even if there is only significant likelihood that detriment will occur. The paper notes a number of types of terms that "are likely to cause consumer detriment", including some familiar(!) ones:

• clauses that attempt to exclude implied terms for consumer goods and services.
• clauses that prevent the consumer from cancelling a contract.
• clauses that permit the supplier to unilaterally determine whether a breach of the contract has occurred.
• clauses that permit the supplier to unilaterally vary the terms of the contract.

Remedies will be available where a claimant or class shows actual or substantial likelihood of detriment, not limited to financial detriment. Non-financial detriment could arguably include the inability to purchase and use the software or service. Civil penalties will be able to be imposed (distinct from the now largely criminal) as well as compensation claims on behalf of consumers. Disqualification orders can ban or restrict individuals from participating in organisations for a time without the need for a criminal conviction. An interesting reform is the ability for a consumer regulator to issue a Substantiation Notice requiring a supplier to substantiate claims it makes in relation to goods and services.

Vendors do need to protect their rights. However, these standard form contracts have swung so far in their favour that we now need legislation to remedy it. The Consumer Law may commence on 1 January 2010, so now might be a good time to help your clients draft better agreements, or perhaps dust off your class action skills.

Apple stealing from iTunes accounts?

I had an interesting experience the other day (3 June 2009). Apple Inc reduced my iTunes account balance to zero and disabled my account. The explanation included:

Your account was disabled because the purchaser of an iTunes Gift Certificate redeemed to your account has refuted the charges with his or her credit card company.

When charges are reported as unauthorized, any remaining iTunes Store credit from the disputed purchase is considered unauthorized and is removed from the account.

Now, I purchased some gift certificates several years ago from an online vendor. Given that was literally years ago I doubt that that is the problem. If it is then Apple has some serious problems with its fraud detection systems.

If that isn't the problem, then Apple obviously has some serious problems with its fraud detection systems anyway! But the problem remains that I have had a couple of hundred dollars removed from my account unilaterally and without notice. The email I received from "Support" (ironic) didn't tell me anything about the "problem gift card", such as the amount, date redeemed, vendor etc. Naturally I have asked for this but I doubt I will receive a response.

This is likely to be an interesting journey. Apple's Terms of Service won't assist them here as it doesn't directly deal with the problem. Therefore a simple small claims court action for a liquidated sum should get me a default judgement against Apple fairly easily. I say this because I suspect they will ignore me until I start judgement debt recovery procedures. Ah, it's fun being a lawyer...

A law firm who thinks about why it has a web presence

Pinsent Masons has published an interesting short article on the philosophy behind its Out-Law web site. Worth a read here http://www.out-law.com//default.aspx?page=10000

Cyberspace June 2009

Censorship in Australia

Australian governments have a history of introducing knee-jerk regulation and it appears that the regulators are following suit. Electronic Frontiers Australia recently stated it received a Final Link Deletion Notice (http://tinyurl.com/psbo5b) from ACMA (http://acma.gov.au) in relation to a link to a web page that contained a set of images of aborted foetuses. The page is on a site that is anti-abortion, but my argument here is about freedom of information.

ACMA stated the content was classified R18+ which includes "depictions of simulated sexual activity, material containing strong, realistic violence and other material dealing with intense adult
themes."

"Violence"? Let's assume that these photos were of the results of medical procedures; one camp will argue that violence occurred while others will argue it was a medical procedure. "Adult themes" might get them across the line, but unfortunately not everyone who gets pregnant is an adult.

Should ACMA censor the material that Australians can view? There are very persuasive arguments for blocking anything that either is a crime or can very directly lead to a crime. However, that's not what we're talking about here - this is a legal activity in Australia. This has removed material that can assist Australians to form opinions about a very serious topic. You might not like the photos, but a heart operation is pretty grisly too.

ACMA can get it strangely wrong. In relation to the ACMA black lists, the ABC reported (http://tinyurl.com/d7hez9) Senator Stephen Conroy (who is responsible for ACMA) to have said in relation to errors:

"... the Henson website was a "technical error" by an ACMA official, and the other two were the result of Russian mafia infiltrating the websites' servers and planting child pornography there."

The Russian Mafia?

Finally, the ABC reported:

"He says the internet filter - which is only in a trial phase - will not limit political content as many critics have said."

"If something is refused classification - if it promotes rape, promotes incest, or similar - it makes it onto the blacklist... The Government makes no apologies for that. No political contentwill be blocked, that is not the intention and in fact the law would have to be changed in order for that to happen."

At an industry conference he was reported to have said

"There is no political content banned in the existing Broadcasting Services Act," he said. "We are not building the Great Wall of China. We are going after the filth - like child pornography. Its been done around the world and it can be done here." (http://tinyurl.com/d8ese5)

Ok, Senator, in the light of that, explain why the anti-abortion site was blocked? And what else are you blocking not in the category of "promotes rape, promotes incest, or similar"?

This leads us to the current filtering controversy. Having worked in two large well-funded enterprises I can say that the filtering software I have seen is rubbish. They rely on combinations of manual indexing of sites (unfeasible and inaccurate anyway), and automatic filters, which get it wrong all the time. These tools are meant to be aids to safe surfing, not the arbiter of what I can and can't look at. The judge is me, not the software.

Self-control is fundamental to adulthood, at a personal and State level. On a personal level, my kitchen is full of knives, and it's only one step from that to a stabbing. On a State level, alcohol sale is not heavily restricted in, say, France, unlike Australia yet they are a world power.

Mr Controy, let us exercise self control in relation to what we consume, and let us teach our kids to do the same. We'll be better adults for it.

Cyberspace May 2009

Discovery

I've recently been trawling discovery-related cases in the USA and there is now a great deal of case law on the subject. The law in Australia and the USA frequently converges, but the issue of preservation of documents after litigation is anticipated is not one of those areas. Forest Labs., Inc. v. Caraco Pharm. Labs., Ltd., 2009 WL 998402 (E.D. Mich. Apr. 14, 2009) discussed the issue of backup tapes that are used purely for disaster recovery (rather than archiving) and are regularly overwritten. In Australia one would normally immediately advise your client to stop rotation of tapes if relevant may be on them. However, in Forest the court discussed Zubulake v. UBS Warburg, 2004 WL 1620866 (S.D.N.Y. July 20, 2004) which stated

"that litigation hold does not apply to inaccessible backup tapes (e.g.,
those typically maintained solely for the purpose of disaster
recovery), which may continue to be recycled on the schedule set forth
in the company's policy".

While there are nuances to this position, such as acting in bad faith, it seems likely that valuable evidence could be easily destroyed.

I recently discussed document retention and destruction, and the importance of established business rules. When establishing business practices, whether your own or your clients, you might bear in mind the following from Phillip M. Adams & Assoc., LLC v. Dell, Inc., 2009 WL 910801 (D. Utah Mar. 30, 2009)

"The culpability in this case appears at this time to be founded in ASUS' questionable information management practices. A court--and more importantly, a litigant--is not required to simply accept whatever information management practices a party may have. A practice may be unreasonable, given responsibilities to third parties. While a party may design its information management practices to suit its business purposes, one of those business purposes must be accountability to third parties... [U]tilizing a system of record-keeping which conceals rather than discloses relevant records, or makes it unduly difficult to identify or locate them, [renders] the production of the documents an excessively burdensome and costly expedition. To allow a defendant whose business generates massive records to frustrate discovery by creating an inadequate filing system, and then claiming undue burden, would defeat the purposes of the discovery rules."

Another case highlights the problems arising from the practice of not providing electronic discovery in its native form. Some firms seem to think that they can produce PDF versions of, say, emails rather than the email itself - a position I have successfully opposed on several occasions. In White v. Graceland Coll. Ctr. 2009 WL 722056 (D. Kan. Mar. 18, 2009) the defendant produced PDF versions of emails, which inherently obscured some information. The plaintiff applied for an order for production of native emails and was successful.

Producing only relevant email from a mailbox that may contain tens of thousands of emails can be difficult and extremely costly. The only practical answer may be to use search tools to find relevant information. However, the search terms themselves need to be agreed between the parties. In William A. Gross. Constr. Assocs., Inc. v. Am. Mfrs. Mut. Ins. Co., 2009 WL 724954 (S.D.N.Y. Mar. 19, 2009) the court said

"While keyword searches have long been recognized as appropriate and helpful for ESI search and retrieval, there are well-know limitations and risks associated with them, and proper selection and implementation obviously involves technical, if not scientific knowledge... Selection of the appropriate search and information retrieval technique requires careful advance planning by persons qualified to design effective search methodology. The implementation of the methodology selected should be tested for quality assurance; and the party selecting the methodology must be prepared to explain the rationale for the method chosen to the court, demonstrate that it is appropriate for the task, and show that it was properly implemented."

Stephen Conroy - getting dumber?

So an Australian Senator comments on an active civil case before the Federal Court of Australia... The man not only doesn't have a policy, he also doesn't have any discretion. Why is this man in the Australian Parliament?

Conroy admits blacklist error, blames "Russian mob"

The [Australian Federal] Communications Minister, Stephen Conroy, has admitted that Bill Henson images were added to the communications regulator's list of prohibited websites in error, while blaming the addition of a dentist's site to the blacklist on the "Russian mob".

Meanwhile, the website of the Federal Government's censorship body, the Classification Board, was hacked last night and defaced with an anti-censorship screed.

The admission by Senator Conroy on ABC television's Q&A program last night casts significant doubt on the Government's ability to filter the internet without inadvertently blocking legitimate websites.

Q&A was inundated with 2000 questions from the public about the Government's hugely unpopular policy, and the audience last night ridiculed Senator Conroy by laughing at a number of his responses.

Near Blois, France

Travelling along the Loire River is a pretty nice experience...

Cyberspace March 2009

It's not easy being a lawyer sometimes. Peter Fleischer, Google's Privacy Counsel, was recently picked up by the Polizia when he went to Italy to deliver a speech. He and three other Google staff have been charged with defamation over the posting of a YouTube video in September 2006. The video showed taunting of a teenager by four others, was up for a month and taken down the same day a take-down notice was received. The perpertrators were eventually prosecuted and Google Italia assisted in investigations leading to the prosecution.

If this case was successful then it would probably mean the end of user content on the Internet in Italy - no comments on blogs or newspaper articles, YouTube would withdraw, social networking sites would block Italian users and so on. They would need to do this because they would have to vet every single contribution from the public, and in YouTube's case it would involve watching 200,000 videos a day.

Luckily for Google, EU Directive 2000/31/EC dealt with this issue in Article 42, which provides an exemption from liability where the service provider's "activity is of a mere technical, automatic and passive nature, which implies that the information society service provider has neither knowledge of nor control over the information which is transmitted or stored." Fortunately for Google Italy transposed that Directive into local law in 2003. Although we'll consider the EU version here, my rough Italian translation suggests the transposed Legislative Decree is even more favourable to Google.

There are a few arguable issues here, since Google does have control in the sense it can take down a video, but Articles 43-44 put things in context.

(43) A service provider can benefit from the exemptions for "mere conduit" and for "caching" when he is in no way involved with the information transmitted; this requires among other things that he does not modify the information that he transmits...

"(44) A service provider who deliberately collaborates with one of the recipients of his service in order to undertake illegal acts goes beyond the activities of "mere conduit" or "caching" and as a result cannot benefit from the liability exemptions established for these activities."

So Article 44 provides a test of "collaboration", and there is no suggestion of anything of the sort by Google. However, the final shot to the collective Polizia foot is Article 46:

"(46) In order to benefit from a limitation of liability, the provider of an information society service, consisting of the storage of information, upon obtaining actual knowledge or awareness of illegal activities has to act expeditiously to remove or to disable access to the information concerned..." which Google actually did.

This matters to us how? There are a few reasons... Australia has some laws relating to the protection of ISPs and other service providers, but there is little case law yet. In relation to copyright law Roadshow Films Pty Ltd & Ors v iiNet Ltd (FCA NSD1802/2008) will probably change that. People have been posting bad things on the Internet for many years, but the ability for search engines to crawl comments, blogs and even audio and video now means others are more likely to find and read that information. And we need to think ahead - the bulk of information on the Internet is no older than 15 years. By the time I die there will be (I hope) 55 years or more of searchable data... and we think there's a lot there now! What will have been said about me in that immense amount of data? It seems likely that information laws will continue to be drafted with an eye to internationalisation, and APEC and treaties will see harmonisation of laws such as these "safe harbour" provisions.

Cyberspace February 2009

Document management

Too much information can be a bad thing for many reasons - you experience this when you do a search on the Internet and can't find useful information because of the vast amount of useless information.

Corporate information is the same, and so it may be prudent to destroy information that is wrong, misleading or of no commercial value. There are, however, a number of issues to consider before destroying information. Some information must be kept pursuant to specific legislation (eg s286 Corporations Act 2001, Crimes (Document Destruction) Act 2006 (Vic) and Evidence (Document Unavailability Act), 2006 (Vic)) or the general law relating to destruction of documents which may be required for legal or other proceedings (eg Registrar of Supreme Court of New South Wales v. McPherson [1980] 1 NSWLR 688).

Having useless information in information systems can lead to acting on wrong information, increased costs of storage, increased backup periods (or even the inability to backup within a reasonable window), and difficulty in finding useful information. It therefore makes a lot of sense to have well-crafted retention and destruction rules. This implies that you consider triggers that will start a sentence prior to destruction. For example, you might decide that employee records shall be maintained until the relationship is terminated. The termination triggers the start of a retention period of, say, seven years, after which the documents will be destroyed.

If you legitimately destroy documents you should probably consider the adequacy of destruction. Just deleting them from a live IT system doesn't mean they disappear from backups or disaster recovery systems. Those records or documents may exist on dozens of backup tapes or other media. That information is now of no use to you and there is no legal requirement to keep it, but is still capable of being caught by discovery or similar processes. Recovering information from such systems is almost always very expensive and consumes valuable employee resources.

The USA Court of Appeals dealt with a case (In Re: Fannie Mae Securities Litigation No. 08-5014 (6 Jan 2009)) where the regulator of Fannie Mae (a participant in the USA mortgage market) was required to disclose certain documents on live and backup systems. It hired 50 contract lawyers, spent USD$6m (9% of its annual budget) on the process and was still found not to have tried hard enough! Litigation support service providers have told me of similar examples in Australia.

It follows that if you are going to destroy out of date information legitimately you will want to maximise the benefit of such destruction. If a document is removed from a live system yet is retained on backups or disaster recovery systems then all you have done is increase the expense of providing that document pursuant to subpoena or discovery. Retrieving information from backup tapes is, without exaggeration, extraordinarily cumbersome.

Comprehensive destruction can avoid expensive discovery exercises, provided you ensure that you have business processes in place to ensure that you do not destroy anything you should keep, but otherwise destroy all copies. Those processes need to address common law, statutory and prudent commercial retention requirements, including "holds" or "freezes" on documents that may be required for judicial or other inquiries.

If you have a good document management system and get retention right you will be able to readily locate responsive documents and easily determine whether documents have been destroyed pursuant to business rules, and know, without expensive searching, that they do not exist anywhere else. This implies that you have carefully considered what your backup regime should be, whether it involves backup tapes (there are options), and, where appropriate, how often media is rotated. Getting this right involves a thorough understanding of your IT systems and taking a fresh approach to backup and disaster recovery - not just blindly doing what has been done in the past.

Spam by Optus?

Optus has been issued with $110,000 worth of infringment notices pursuant to the Australian Spam Act 2003. When the Spam Act was introduced I predicted that it would do nothing to prevent the proliferation of spam throughout the world, and so far I've been right, despite gaol terms and millions of USD in fines in the USA. However, Optus has been fined for failing to "provide clear and accurate sender identification" for SMS advertising its mobile portal "Optus Zoo" (the sender ID was "966" which on the phone keypad spells "Zoo"). Any Optus mobile subscriber would be aware of the product, which is largely free to Optus users.

Now, I really don't like spam, but this would have to be the most marginal infringement I have ever seen. As a result, my home telecom provider now has to recoup $110,000 after tax from its customers somehow. Yet I have received genuinely nasty SMS spam (which I have reported and followed up with that carrier) and despite being a follower of such things I am not aware of a prosecution. Admittedly, ACMA did take another company to task, EMX Pty Limited, which advertises "health and other products in mens magazines..." That settlement was for an undertaking and $10,000. However, the Optus fines seem to be disproportionate and a bit of a soft target, rather than the spammers that cause real damage, such as those that can run up extraordinary mobile premium service bills without full consent.

Cyberspace December 2008

Feeling flush?

Disgruntled that you can't get the .com or .com.au domain name you want? There are only 21 non-country top level domains, so ICANN (http://www.icann.org) has released an explanatory memorandum on a global top level domain (gTLD) program that could see me registering .calvin for a mere USD$185,000 plus extensive annual costs. So, let's say I was an apparel and cologne manufacturer I could then have web sites at cologne.calvin, shirts.calvin, briefs.calvin and so on.

ICANN thinks that there might initially be 500 applications - I imagine many of these would be from global organisations keen to protect their branding. However, setting up and maintaining a gTLD is a very complex and expensive task, so the business case for an application to protect intellectual property alone would be a tough call. So are there other reasons for having your own gTLD?

Let's say you are a member of a world-wide organisation such as Rotary International with 1.2 million members... If the .rotary domain existed you, as a proud member, might be happy to pay $50 a year to be sally@au.rotary (assuming Sally lives in Australia) and have a permanent email address for life. If 50,000 members signed up, and Rotary partnered with Google to host the mail (http://www.google.com/apps/intl/en/business/), Rotary might see a gross income of $2,500,000 pa. Now it starts to look a bit more interesting...

Obviously there is potentially a lot of money at stake, and so the domain squatters/entrepreneurs will be watching closely. The opportunities for disputes abound (the late Felix Wankel, inventor of the rotary engine, might otherwise have been in competition with Rotary International), so a draft dispute policy exists for public comment. It seems that if you want to object to an application you must pay a filing fee - that seems a bit much if someone else is going to be infringing your IP rights!

Another possibility is a geographical name - imagine if someone registered .australia, and then set up state or regional subdomains, such as .nsw.australia, theShire.australia or sports-based sites, such as mariners.australia. Again, Bill the soccer fan would be happy with bill@mariners.australia! It appears that ICANN will require the applicant to provide some sort of government approval before such an application will be successful.

Some names will be ruled out, such as those consisting only of numbers (bad luck for the mobile operator 3) or reserved words (no .test for the cricket fans) but names with non-english characters will be permitted.

Yeah, right

The European Court of Justice has held that companies' web sites must provide for a way for consumers to contact them. They must "allow him to be contacted rapidly and communicated with in a direct and effective manner." (Article 5(1) of the E-Commerce Directive). The actual method of communication is not prescribed, so it could be telephone or it could be a web form inquiry where answers are supplied within 60 minutes. Of course this would be hilarious in Australia if it applied to most banks or telecommunication companies...

Dumb

Some people want to post their own material on the Internet, but don't want anyone to be able to find it. Gordon Parker sued Yahoo! and Microsoft (he had previously sued Google) in the USA (07-2757 Eastern District of Pennsylvania) for copyright infringement by indexing and caching copies of his content. The court followed the Google case and held that by not using usual webmaster opt-out techniques, Parker gave search engines an implied licence to index and cache the content.

Cyberspace - November 2008

Law Society Journal 

Wireless

 

Some years ago I wrote about the widespread availability of free Internet access because people were buying wireless modems and not turning on the security settings. This is handy for holiday makers who can sneak a few emails or make a Skype (http://www.skype.com) phone call for free. In Sydney it's hard to find an unsecured wireless network, although in the USA they are much more common because many ISPs in the USA have download caps of 250GB or more (eg http://www.comcast.com). Australians with only 10 to 60 GB are a bit more jealous of our bandwidth and want to keep freeloaders out.

 

However, the main reason to secure your wireless network is security. Casual users can access files, alter your router settings (even lock you out!), use your network to download illegal items and do other damage. If you log into your wireless router you'll see that it offers at least WEP encryption, although you should also see WPA or WPA2. WEP encryption is thoroughly broken, and can be hacked in a few minutes, so the credit card industry is is going to ban WEP on any wireless merchant device from April 2009 (http://tinyurl.com/58tf7a). The standard also deals with many other issues designed to protect cardholder data, such as firewalls, not using default passwords, auditing and security testing.

 

Discovery

 

I have been reflecting on the way we do discovery in large matters. I think that the days of the huge discovery with carefully indexed documents are numbered. If I was faced with more than a hundred thousand documents I would make an application to the Court at an early stage with a view to crafting careful orders for a custom discovery regime. Of course I would first attempt to agree the approach with my opponent and seek consent orders, but experience has shown that the lack of understanding of technology amongst the profession would make that very difficult. I suspect that the application could be expensive and involve expert evidence, but would produce a better result for all concerned.

Review of volumes of electronic documents to remove privilege can be a difficult task. One usually starts by set up full text indexes and doing keyword searches. Searching for the names of regularly retained law firms and their solicitors usually locates a lot of the material, but after that it's trial and error. The USA is trying to address inadvertent waiver by a new Federal Rule of Evidence (502) that provides that disclosure of privileged material does not amount to a waiver if it is inadvertent and reasonable steps were taken to avoid and rectify it. Of course, that only keeps the document out of evidence and your opponent will be on notice of the subject matter.

 

That is just one issue that you might address in a custom discovery regime. The Court has the power to make directions and orders for the conduct of proceedings (UCPR 2.1), and in the light of recent judicial comment about the cost of litigation it is probably timely that solicitors consider carefully how they can best deal with expensive, but procedural, matters such as discovery and inspection.

 

As an example, a series of related price-fixing cases in the USA (USD$731 million in fines!) involved 1,500 boxes of paper (2.5 million pages) and 280 GB of data (19 million files). This was clearly a task that could not be handled in the way we handle electronic discovery today. For a story on how one firm handled this see the article at Law.com (http://tinyurl.com/3v4o6y). I think that the lessons learned in these huge matters should be applied to much smaller matters.

 

 

 

 

 

Starship Troopers

I have to say that Robert A Heinlein's book found a place in my heart. He was a preacher in every way, but he just didn't know what religion he was.

Verhoeven made the first movie which was vaguely related to the book, in the sense that they used the same words. The second movie was, honestly, nasty, but the third movie is a piece of excrement that tools cannot be used to hide. Look after yourself and your loved ones and read Robert's book and stay away from these nasty movies.

Cyberspace October 2008

Discovery can affect you too

Your client's child is sick, but her health fund won't pay for treatment. The child suffers from anorexia nervosa and the insurer wants proof that it is a biological, not psychological illness. Finally you start proceedings against the insurer and suddenly the child is hit with an order for discovery covering the child's diary, emails, instant messenger conversations, Facebook and MySpace profiles and communications, blog posts and other online activity. Suddenly you are now retaining a computer forensic specialist to examine her home computer, mobile phone for SMS, school computer, HotMail account and anything else she's ever touched.

This isn't pure speculation - parts of it happened in Beye v Horizon Blue Cross Blue Shield Of New Jersey, Inc (New Jersey District Court 2:2006cv05337) and another matter which was consolidated for discovery purposes. The court had ordered that the child not be deposed, so the defendant had to look elsewhere for indications as to the cause of the disorder. Initially the order dealt with communications with others, but it was later widened to include any writing, such as diaries. There was naturally opposition to this, and particularly the diaries, as these could be theraputic tools for the child and not necessarily of probative value.

One plaintiff claimed that they had no responsive documentation, but the insurer responded that it had seen copies of emails from the family's Yahoo! email account to a treating doctor and therefore the plaintiff was either hiding information or not diligently searching for documents.

It's easy to see how costs could go well beyond that normally expected in such a case. The cost of forensically imaging relevant computers, inspecting them for responsive documents, trawling the internet for postings, and possibly dealing with mobile phone carriers for SMS remaining on their systems is likely to be very significant. If proper care of the computers is not taken (probable for a home computer) then the defendant is likely to be able to rely on adverse inferences and the whole claim is in disarray. This is happening to defendants in music-sharing cases today, who being unrepresented when a statement of claim arrives, immediately react by wiping their computer. Such destruction of obviously relevant material gives rise to significant adverse inferences under common law, and statute law in Victoria.

Jury trials

New Zealand District Court Judge David Harvey recently ordered that online media not publish the names of two accused. This resulted in The New Zealand Herald being able to publish the names in the print version on 26 August 2008 (and evening tv news named them as well), but not able to place the same information on its web site.

A lot of internet commentators laughed at the judge, but he had a very good point. Jurors regularly, despite warning to the contrary, carry out their own research. This makes it easy to find out if accused have prior charges or convictions. I have a close friend who was called up for jury duty in the trial of Bruce Burrell for the murder of Dorothy Davis. I knew, but she didn't, that he had previously been convicted of the murder of Kerry Whelan. A quick Google would have set her straight, and one wonders how that would have affected jury deliberations.

Careful

I've warned in the past about the consequences of putting your profile up on sites such as MySpace or Facebook - one has to consider the effect they may have on your employability or reputation. In the USA some prosecutors are using unflattering photographs from such sites during sentencing or character cross-examination. Photographs of drunken defendants on a wild night out are being put to witnesses in drink-driving cases, and they probably carry more weight than the obligatory character reference from the local priest and school teacher.

Cyberspace September 2008

Not interested

Have you ever been at a web site and filled out a form requesting further information about the site's products and services, never receiving a reply? I recently read that over 40% of these go unanswered, and that rings true for me. I recently contacted two superannuation funds through their web forms and neither had the courtesy to reply.

One of the projects I'm working on involves purchasing AUD$500-750k worth of software. There are probably four or five vendors who I will short list, and I have contacted two of them several times using their web site and I haven't received a response; either the web form sends the inquiry to an unmonitored email address (most likely) or they have sales staff who don't want a bonus this year.

Does your firm have a web contact form? Do your clients have them? Have you ever tried submitting a request yourself to see if it still works? Give it a try - you might be shocked to find out what (doesn't) happen.

Managing a team

Your team has a bunch of tasks to do; you're busy too and your firm or business doesn't use timesheets. How do you monitor how much work is being done and regularly review your team members? Some people ask for a summary from staff at month end, but there might be easier ways. One answer is ididwork (http://www.ididwork.com/).

It's a web site that lets you and your team record short descriptions of what you did, and optionally tag it (say, matter number or name) and add time spent on the task. Users can ask to see what their fellow members are up to. Reviews can be automatically scheduled by the team or the manager, and the manager is prompted about outstanding reviews. For each review the manager will receive a work summary and can then enter feedback.

You can analyse how you've spent your time in a couple of charts, and export it all to Excel. It currently has a bug related to time zones and I've not used it in a team so I can't vouch for its long term effectiveness, but I think it has a place in some people's lives. I currently use Microsoft OneNote for exactly this purpose, but am on the lookout for something better.

Evidence

We leave a lot of debris behind us every day, and teenagers more so, but not in the way you think. Digital cameras and mobile phones create vast amounts of information, as a lawyer in Texas discovered (http://tinyurl.com/64l9ge). After a university student died from alcohol poisoning in a fraternity induction the fraternity met and agreed to destroy all their photos.

However, the family's lawyer went to the dead man's My Space (http://www.myspace.com) account and found names of people posting condolences. They tracked down those people and found that many photographs and videos hadn't been destroyed. As they found more photos they found more potential witnesses. The photos had date/time stamps on them so the order of events of the night could be assembled in a database that recorded names and times. Eventually they identified 99 defendants and settled the claim for USD$4.2M.

You could take this approach even further today. Mobile phone records can of course establish times and rough locations, but some (and some digital cameras) now have built in GPS which tag the location of the photograph to within 10 metres. Software (eg http://www.acdsee.com or http://picasa.google.com) can easily take photographs from many sources, tag them by user name, and sort them in time/date order. Even if you knew little about the events of the night initially, viewing the photographs sorted in this way would quickly convey the events to any investigator.

Bitter old has-been

Paul Keating should stick to what he knows - oh, he has been doing that - giving gratuitous advice on things he knows nothing about. What a poor old bitter man.

Further erosion of civil rights in NSW

When you have a government that wants to sit in the pocket of the police commissioner, you end up with a premier like Morris Iemma. Is he a dill or a dilemma?

Is the NSW Labor Government Retarded?

Three judges of the Federal Court of Australia have held that recent regulations intended to be used against NSW citizens by Morris Iemma's government were ultra vires, and therefore invalid. In Evans v State of New South Wales [2008] FCAFC 130 (15 July 2008) (http://www.austlii.edu.au/au/cases/cth/FCAFC/2008/130.html) the Court ordered that:

1. It be hereby declared that Clause 7(1)(b) of the World Youth Day Regulation 2008 is invalid, as beyond the regulation making power conferred by s 58 of the World Youth Day Act 2006 (NSW), to the extent that it purports to empower an authorised person to direct a person within a World Youth Day declared area to cease engaging in conduct that causes annoyance to participants in a World Youth Day event.

2. The application be otherwise dismissed.

Now, I've never drafted a regulation (although I wrote the first draft of a Supreme Court Practice Note), but you'd think either Parliamentary Counsel wrote this under duress, or just wasn't thinking.

Of course, this is just another episode in the story of the NSW Labor government giving the Police whatever they want, and removing the rights of NSW citizens. Gee, and all this in a month when five NSW police officers have been charged with assault...

Cyberspace August 2008

Hilarity ensued

I spend a lot of time trying to make agreements logical, readable and concise. I suspect you do the same. However, some companies take a different approach... I recently purchased a subscription to Microsoft Technet (http://technet.microsoft.com) for AUD$307. If you are an IT tinkerer this is a good thing to do, as it provides you with access to almost every operating system, server and most business applications by Microsoft. The operating systems can be installed and activated up to 10 times, so it's not a bad investment every few years.

I installed Vista Ultimate which includes Windows Media Center (WMC). WMC is designed to display video, photos and music details on your TV. During set-up of my digital TV receiver (Compro U100 - AUD$75) in WMC I selected "Australia" as my region for local television guide services. It then displayed "downloading the most up-to-date TV setup options for your region." Next, I was asked to read 68 screens of licence information for the TV Program Guide, and was told I should print it out. Unfortunately WMC has no print function at all, so it is physically impossible to do what is required by the licence. Apparently the licence is available on the web, but that means you must write down the URL, quit WMC so you can access a web browser, and then start over (or go to another PC). There is also no guarantee that what is on the web is the same text as that you agree to in WMC.

It's obvious that most people are just going to click through without reading anything. I wonder if the licence would be set aside by the Court due to the unwieldy nature of the process? It also said (in all capitals -the equivalent of shouting) "ALL OF THE TERMS OF THIS AGREEMENT ARE VERY IMPORTANT, SO YOU MUST READ AND AGREE TO THIS ENTIRE AGREEMENT." Unfortunately, this nugget of wisdom was on screen 5 of 68, so I remain the sole person on Earth who has seen it. "If you accept these terms and conditions we recommend that you print a copy for your records" (see above) and "Microsoft may prove your agreement of consent to the terms and conditions of this Agreement in any manner..." Oh really?

On screen 11 of 68 it told us where we might find the agreement (as amended, not as agreed during this procedure) on the Internet. So, we get out a pen and paper, write down the URL, go to another PC and type in the link to find out what was going on. I kept reading, AND THERE WERE LOTS OF CAPITAL LETTERS RANDOMLY distributed throughout THE AGREEMENT. On 60 of 68 it stated "The parties... confirm that this Agreement... has been and shall be drawn up in the English language only." On 61 of 68 it suddenly launches into one sentence which appears to be French. Hmm...

I eventually decided I could pretend I agreed with all this and clicked "I agree". I was then asked for my postal code (I had previously indicated I was in Australia), which I entered, and clicked "Next" and was told "TV Program Guide listings are not available for your country or region." Umm... they could have asked me that before spending time on the licence, and then aborted the whole procedure... Not only do we have a ridiculous agreement, we also have a ridiculous process that should never have been unleashed on the public.

Oh, and the privacy statement was a comparatively concise 38 screens. It also provided an address on the last screen to give privacy feedback, although you couldn't click on it - you had to write it down and wander off to another computer.

Cyberspace July 2008

Virtuality

The Lawyer (http://www.thelawyer.com) recently reported "Linklaters is set to launch a series of virtual offices based in London as it axes its real offices in Bratislava, Bucharest, Budapest and Prague. The firm will install ­country desks in London for Ukraine, Kazakhstan, Turkey and Saudi Arabia." I assume that one has to speak in the relevant language when hovering around a country desk, but it does raise a few thoughts... What are the local admission requirements? Do they have an empty serviced office in each country with a table, chair, monitor, web-cam and a microphone for virtual meetings with clients? Or perhaps it's cheaper to fly there on a regular basis rather than maintain a regular office? It certainly solves some expatriate business migration problems. I wonder how that could work in the wide open spaces of Australia? A number of firms have occasionally attended offices in smaller centres, and I doubt that it would be cost efficient to do anything except jump in the car once a fortnight. But what if you could build a virtual office in Collarenabri (http://www.nnsw.com.au/collarenebri/tourism.html)? Your clients could attend an office, opening the door via a one-time keypad PIN that you had given them over the phone. Once inside there would be a room with a table, chairs, 32" screen, web cam and microphone, a document scanner, printer and a computer screen that you can control and share with the clients. After discussing a contract which was viewed on the computer screen, you could print out the document you just collaboratively amended, ask your clients to sign it and drop it into the feeder on the scanner. A few minutes later you have a high-resolution image of the document in your office, your client has a copy they can keep (or post if necessary), and everybody's happy. All you need now is a credit-card reader for them to swipe so they can open the door to exit.

Cybercrime

The Council of Europe's Convention on Cybercrime (http://conventions.coe.int/Treaty/EN/Treaties/Html/185.htm) isn't something you're likely to have read much about, although it was recently reported that the Federal Government is considering becoming a signatory to it. The Convention requires member countries to pass legislation dealing with specified issues, such as making certain activities criminal offences, such as copyright infringement, access to computer systems without permission and creating software cracks. It also requires the enactment of enabling powers, such as preservation of evidence and the tracking of data. The implications of Articles 16 and 17 are huge, as it will require ISPs to log and maintain a great deal of information about their clients. It also requires the expeditious disclosure to an authority of data enable the identification of ISPs involved in transmission of data. Like all wide-ranging laws these could be used for great good, and could be manifiestly misused as well. I wouldn't like to see them enacted in places where political dissidents are arrested and imprisoned. Fortunately we don't currently live in a place like that, but I deeply trust that the Federal Government will engage in wide consultation before becoming a signatory to the Convention.

It's mine

A USA District Court upheld the right of a man to sell software that he had purchased. Sounds self-evident, doesn't it? Autodesk, the manufacturer of AutoCAD, tried to stop him selling the software on the basis that he didn't own his copy of the software - it was merely licensed to him. The Court held that he owned his copies of the software and was entitled to sell them on eBay, even though the original licence forbade the sale or transfer of the licence. Imagine buying a car, and then when you wanted to buy a new one you had to give the old one back!

Cyberspace June 2008

Job satisfaction

Some people like routine, and, more importantly, repeating a process usually makes you better at it until you become an expert. However, some tasks in practice are repetitive, and you might consider whether they're candidates for some sort of automation. You probably know that most lending institutions or debt collection agencies have armies of clerical staff, technology, and only one lawyer to prepare documentation. At the same time, it's obvious to us that many things require the attention of a lawyer on an individual basis.

Large corporations with in-house legal teams face the same issues. A property developer retains consultants such as surveyors, water experts, interior decorators and others on a daily (sometimes hourly) basis. These agreements are usually in the tens of thousands of dollars, so must be managed. However, the risk in these contracts is usually relatively low (the risk usually arises in the selection of the consultant and the wording of the brief - not the terms upon which it is engaged).

Preparing documents can be tedious, but it's capable of automation. Microsoft Word has rudimentary document assembly in its merge feature. However, real document assembly software such as HotDocs (http://www.hotdocs.com) or Rapidocs (http://www.rapidocs.net) goes much further. You build "interviews" which collect information from the user to fill in blanks and customise the document. The interviews can change dynamically, adding or removing questions dependant on previous answers, and pull in clauses from a central library.

The ability to fill out a "package" of forms at once is a great feature if you have to prepare a few court forms at once. You can even fill in as much as you know now, and go back and fill in the blanks later. I can imagine that some lawyers are probably filling in the details during an interview with a client, resulting in a part or fully completed document by the time the client leaves the office.

You can set rules, such as "You can only retain a surveyor for less than $50,000 - after that you must get individual advice on the contract." The software might ask a question about whether one of the parties is a trust entity - if so, stop the process and get the legal department involved. Working out these rules is a critical component of the process, as is integrating with other systems you have. There's no point in re-typing a client's name or address when it's already stored in your practice management system.

Risk arises when non-legal staff amend precedent agreements or use them in ways not intended by the draughtsman. That means that you either have to remove the risk in allowing laymen to prepare contracts, or keep all contracting in the legal team. The latter will result in low job satisfaction for the lawyers, who will spend a disproportionate amount of time on low-value work. It also means that there is a delay to the business - they have to brief the legal team, await legal deliberation and finally use the resulting documents (which may require further amendment). However, if you don't adequately remove risk in delegating control over routine contract matters to the business units you end up with the legal team enhancing the likelihood of poor outcomes.

In a similar way, as a private practitioner you may have a steady stream of such work from a client or type of client. It's easy to do, low risk and pays the bills (eg: some Family Court documents might be candidates). Your client gets a useful document and knows that there is PI insurance standing behind you. You both benefit. If you can safely automate document production you reduce the time and risk spent, feel happier, and charge a per-unit rate that reflects the benefit to your client - not the hours you spent on it.

Cyberspace May 2008

Privacy

My recent jaunt through the European Union gave me an education on privacy law; in short, we don't take it very seriously in Australia, and despite a lot of EU law, EU business don't either, as evidenced by the number of data blunders recently. APEC has also been fiddling around with a privacy framework for at least the last four years, with little impact on law or commerce. Cross-border data transfer doesn't sound very exciting or even relevant, but you might like to consider the last time you rang your bank or telco and ended up with an operator in Asian region. How did your data get there? Who is adminstering it? What legislative and contractual controls exist to protect you? Is your data exposed to subpoenas, or perhaps government inquiry without judicial process, in that country? You might have a right to privacy, but who is it that has the obligation to provide it? Many countries have legislation on privacy, including Australia (http://tinyurl.com/6e5eeb) and Canada (http://www.canlii.org/ca/sta/p-8.6/), but we are now seeing the rise of data retention laws, which some see as the opposite of data privacy. The EU has a Data Retention Directive (DRD) (currently being challeneged by Ireland and others in the European Court of Justice), which requires, among other things, telcos to retain records of who rang who for how long and when for up to two years. One basis of challenge is Article 8 of the European Convention on Human Rights (http://tinyurl.com/5hhvvr), which states that "Everyone has the right to respect for his private and family life, his home and his correspondence." This is of course topical because of current Australian intentions to amend the Telecommunications (Interception) Act, 1979 (although workplace surveillance is already legal in Australia subject to conditions).

The EU muddle

The EU also has a Data Protection Directive (DPD), and a group named the Article 29 Working Party, which recently stated that search engine companies such as Google should delete data after it has been used for its intended purpose, and at any rate delete the data after six months (http://tinyurl.com/6kedsf). Google is now in the position of working out how it can comply with the DRD, the DPD, and the Working Party's opinion while achieving its commercial goals (Google currently keeps search logs for 18 months). A key statement by the Working Party is that the DPD applies to organisations doing business in the EU, even when their headquarters are outside the EU. The Working Party also stated that IP addresses (routinely collected by web sites, including corporate extranets) are personal information, and must be protected accordingly. My employer has a subsidiary in the UK, and therefore the DPD applies to it, and getting a handle on EU data retention and privacy is now of major interest to me; but what is it to you? One lesson is that the area is a minefield for conflicting legislation and obligations, and Australia doesn't seem to have a coherent, unified approach to dealing with privacy, retention, FOI and national security (if we do, it's probably an accident). We have the common law and some State codification on data retention, Federal and State privacy and FOI legislation, and recent privacy intrusions based on claims of national security. Other lessons abound: if you have a client in NSW who does business in Victoria then it is possible that it may have a higher standard of document retention where litigation is anticipated. If you use a laptop with a wireless network you should consider how secure that communication is. Public networks at airports and coffee shops are inherently insecure, and you should get advice on how to use them securely. Finally, your client may be subject to foreign privacy law if its website is more than just "brochure-ware" (http://tinyurl.com/5dbc9e).

Loss of legal professional privilege in NSW

It seems that Morris Iemma approves the bugging of conversations between lawyers and their clients. How can you trust a government that ignores infrastructure needs and due process? http://www.smh.com.au/articles/2008/03/23/1206206927430.html

Cyberspace March 2008

As you read this I am probably somewhere in Europe, "between jobs", trying to put on weight by sampling every cuisine I encounter. While this has its attractions, it can make contacting loved ones a little challenging. Phone cards now make phoning home an incredibly cheap exercise (once you choose a card from the thousands available - try http://www.cloncom.com/), but I need more. So I took a long hard look at the Asus eee PC (http://eeepc.asus.com), which is a $500 laptop that weighs 0.95 kg, uses memory cards instead of a hard disc, and has built in ethernet and wireless networking, microphone, stereo speakers and video camera. You'll find reviews of this thing all over the Internet, but here's my take:

Provided you have an employer and can salary sacrifice it you will pay for it in pre-tax dollars, making it pretty cheap (I paid AUD$250 post-tax). It has lots of applications installed, including an office suite, Skype, instant messaging, links to Gmail, Hotmail and others, Firefox web browser, Thunderbird email and so on. It also has what I need to copy files up to my web site. One final bit of preparation was to purchase Skype Out credits (http://skype.com). Skype Out lets me use the Skype application on the laptop to ring any phone number in the world from anywhere that I'm on the Internet. It costs 1.7 euro cents per minute to call Australian landlines. One can just use the built-in microphone and speakers, or plug in a $5 headset.

I can now wander into one of the many free (or paid) wireless hotspots in Europe, and call Australia for an hour and pay AUD$1.60. The quality is the same as a normal phone. Of course, while I'm there I can send and receive emails, use instant messenger, write the April edition of this column in Google Docs (http://docs.google.com) and read the newspaper. I can also carry a tiny USB 80 GB hard disc with me that just plugs into the laptop. That is useful for a few reasons: I can store PDFs of all my travel docs, purchased videos and music to entertain, and other important information. In addition, because the laptop has a memory card reader that uses the same cards as my camera I can back up my photos to the hard disc as well as view and cull them on the road.

Finally, because I can easily record video with audio, I can create video "emails" of me and the surrounds which can be either emailed, or uploaded to YouTube (http://youtube.com) or my web site and just the links emailed to friends and family, who I trust will be pleased to hear my voice and see my smiling face.

Any downsides? If you remember what this laptop is all about then there are very few. No CD or DVD drive, small screen (800 x 480), small keyboard (fat fingers need not apply), but what did you expect? It's the size of a paperback book. Not that you could easily tell, but it runs Linux (Xandros to be specific) although you can install Windows XP if you insist, but you'll need to upgrade the RAM from 512 MB to 1 GB (easy to do). It has a nice simple interface that sits over Xandros making it easy for anyone to use. The office suite is OpenOffice (http://openoffice.org), which produces files compatible with Microsoft Office. You can't run Outlook, but there are good options to replace it and even connect to an Exchange server. In effect, it's the answer for someone who travels and needs web-based email (if your organisation uses Exchange, the Outlook Web Access pages work really well) and wordprocessing without carrying around a smart phone or a normal laptop. Your children will want one too.

Why I have cable internet

The Australian newspaper reported in January 2008 that Telstra (the main Australian phone provider) fixed and/or waterproofed telephone cables with plastic bags (see link above).

That might explain why my ADSL 2+ connection to my local exchange 1,200 m away usually ran at about 1.2 Mb instead of the expected 18 Mb. It also might explain why it acted as a rain detector - every time it rained the connection dropped every few minutes, and I was lucky if I got 256 Kb. I used to be assigned a new IP address every hour or so on sunny days, and dozens of times per day if it rained.

My ISP was stuck in the hands of Telstra, who said it had checked the line and found no fault. After several episodes of Telstra saying that it was all good, I cancelled my otherwise excellent Internode account, and am now in the clutches of Optus Cable, which works flawlessly...

Cyberspace February 2008

Knowing your responsibilities

The obligation to provide discovery has existed for many years, and it has taken on a new dimension with the advent of computer records. If you're not particularly technology aware then you may find yourself and your client missing discoverable documents, which may lead to some hot water. In Qualcomm v Broadcom (USDC, 05cv1958-B (BLM)) the court ordered sanctions against the plaintiff, as well as referring six of its lawyers to their Bar Association for failing to disclose some electronic documents that they came across during the proceedings.

The judgement referred to above was in relation to applications made after the substantive trial. The history was that a lawyer for Qualcomm was preparing depositions and searched for documents on a witness's laptop. He found some highly relevant emails that had not been discovered, and chose not to discover them. The firm also did not search certain email archives, and in those that were searched, they did not search using certain keywords (that were significant). The attorneys ended up apologising to the judge

"for not having discovered these documents sooner and for asserting positions that [they] would not have taken had [they] known of the existence of these documents."

A few months later Qualcomm searched the email archives of 21 employees and located more than 46,000 documents (300,000 pages), which had been requested but not produced in discovery. It kept searching and found even more documents ... The court ultimately drew very adverse inferences, awarded costs (unusual in the USA) of USD$8.5m, and made some very instructive comments:

"The Committee’s concerns are heightened in this age of electronic discovery when attorneys may not physically touch and read every document within the client’s custody and control. For the current “good faith” discovery system to function in the electronic age, attorneys and clients must work together to ensure that both understand how and where electronic documents, records and emails are maintained and to determine how best to locate, review, and produce responsive documents. Attorneys must take responsibility for ensuring that their clients conduct a comprehensive and appropriate document search. Producing 1.2 million pages of marginally relevant documents while hiding 46,000 critically important ones does not constitute good faith and does not satisfy either the client’s or attorney’s discovery obligations."

Qualcomm's attorneys kept good records of which computers were searched, and what the search terms were. However, the court noted that several searches were conducted late in the proceedings and "the fact that Qualcomm did not perform these basic searches at any time before the completion of trial indicates that Qualcomm intentionally withheld the documents" (one of several adverse inferences drawn). Another adverse inference was

"Qualcomm’s claim that it inadvertently failed to find and produce these documents also is negated by the massive volume and direct relevance of the hidden documents."

The Court found

"it likely that... one or more of the retained lawyers chose not to look in the correct locations for the correct documents, to accept the unsubstantiated assurances of an important client that its search was sufficient, to ignore the warning signs that the document search and production were inadequate, not to press Qualcomm employees for the truth, and/or to encourage employees to provide the information (or lack of information) that Qualcomm needed to assert its non-participation argument and to succeed in this lawsuit."

In addition to the disciplinary referral, the Court ordered the lawyers involved to prepare (supervised by the Court) a lengthy document setting out a detailed analysis of why it all occurred and how it could have been prevented. It also noted that it did not impose a fine on them partially because their client may look to them for compensation.

While writing this column I had a meeting with another lawyer in my firm to discuss electronic discovery obligations in a new matter, and it took over an hour just to outline the important issues. Take care to either get educated, or consider retaining an expert to deal with electronic discovery.

Social networking sites and business

I recently wrote a discussion paper for the Executive team of my law firm on the utility of social networking sites for our business. It seems now that others would benefit from a similar (but much shorter and heavily summarised) paper aimed at a wider audience, so here it is...

I don't think that a law firm needs to worry about being involved in FaceBook, MySpace, Bebo, Orkut or other social networking sites. That's not to say that they shouldn't use them from time to time in limited circumstances, but basically they have no relevance to our business.

I say this for several reasons:

• it's not an efficient use of marketing resources and budget
• your firm may end up being associated with advertising and other material that is not complementary
• unless your client base is youth with time on their hands you won't find clients there
• the software is inefficient to use compared to email or even instant messaging
• they are minefields of phishing and spyware and social engineering
• prospective employees can shoot themselves in the foot by mixing social talk with business credentials
• There's nothing like meeting people and talking to them on the phone.

My recommendation is that you limit employee access to these sites in the same way you might limit access to, say, Hotmail or Yahoo! mail (whether by policies or software management).

While I know that there are some groups on FaceBook (for example) based on law firms, these are usually very uncomplementary, or there is no clear reason for their existence. One group based on an international law firm has over 800 members - and you can only join using an inhouse email address! It makes you wonder what they're saying in that group that they can't say internally... or perhaps the firm's IT resources are so lacking that the members have to go outside the firm. I trust those people realise they do not own the data, traffic, friends lists or anything else, and it may be retained by FaceBook indefinitely... I hope none of them go on to public office one day and find this material in the press!

Party politics

It's interesting and instructive to see how quickly a party can swap one deeply held tenet for the opposite, depending on who's in power. The NSW State Labor Government under Morris Iemma is trying to privatise the NSW electricity generation assets to fund other projects, yet it wasn't that long ago that Labor strenuously opposed the privatisation of Telstra. Of course, the Federal Labor Government under Paul Keating sold off QANTAS to British Airways...

Another issue hidden in the electricity privatisation is that Iemma's government appears to have no commitment to reduction in greenhouse gases; it is approving new coal mines and constructing new coal-fired power stations. Perhaps after he sells them off he can just blame private industry.

Cyberspace December 2007

Technology in trouble

The recent fires in western USA showed how technology can help the displaced urban dweller, provided that the authorities are moving with the times as well. In October 2007 over 250,000 residents in San Diego were displaced into shelters such as schools and football stadiums.

Many residents took their mobile phones and laptop computers with them when they evacuated. Some shelters set up dedicated computer rooms together with Wi-Fi systems connected to the internet. Evacuees could email relatives and friends, as well as keep up-to-date on the news about the fires. This reduced a lot of stress.

Because of the numbers of people brought together in small regions the mobile cell towers could not accommodate the number of users trying to make calls (you might know that Telstra installed a number of temporary transmitters around Sydney Olympic Park in 2000 for this reason - you can imagine 60,000 people calling friends after the 100m final). People were therefore encouraged to use SMS rather than voice calls, although those with VoIP phones such as Skype (recently now available from phone carrier 3) could use those over the Internet.

San Diego has "Reverse 911", which allows the authorities to automatically dial all phone numbers in specific areas with emergency information. This has been limited to land-lines to date, but it is conceivable that the same could occur to all mobile phone users in a given cell-tower range, subject to the capacity of that cell-tower. There might also be other issues with people getting multiple calls as they move into adjacent cells, but I'm sure someone can solve it.

Many people forgot or couldn't take their charging devices with them, or the mains power was out. With judicious use of the equipment many users were able to stay connected on and off for days, turning things completely off when not in use.

Some shelters used "mesh networks." These are Wi-Fi networks that don’t rely on a single transmitter and access point. Instead, each computer in the area becomes a little transmitter as well, meaning that if you had a line of 1000 people 10m apart you could have a network stretching out 100 km! Otherwise that 1,000 people would have to be clustered in a circle 100 m radius around the transmitter.

Of course, the relief workers benefited from this technology too, and their job was made easier because evacuees could be a little less anxious through access to information.

Sadly, many people went home to charred blocks of land. It's hard to imagine how many digital photos, financial records, letters and more disappeared. Some may have had backups, but they may have been destroyed as well unless they were kept off-site. You can do that using Internet services (there are dozens, and I use http://idrive.com for no particular reason) or just copy everything to an external USB hard disc once a week/month and leave it at work or at a relative's home. I like the convenience of Internet based services, as they just inspect my files each night and back up anything new or changed. I even get multiple versions so I can roll back to a previous version if necessary.

While considering what else may be of use in a disaster area, I thought about mobile broadband such as that offered by 3G phone providers or Unwired. You could be sitting in your car trying to evacuate and be able to see roadmaps or evacuation route advice. A GPS would be helpful too. An iPod would pass the time, but would otherwise be useless as it doesn't have a built-in radio, unlike, say, the Zune or many others.

What planet is Greens Senator Kerry Nettle from?

Greens Senator Kerry Nettle has allegedly said, referring to a leaking boatload of people who were ultimately rescued by the Royal Australian Navy

"They weren't able to rescue those people because of our strict immigration laws that prevent them from being able to rescue these people at sea,"

Does she really believe that we have laws against rescuing people in peril? That is so stupid. Yes, of course we have immigration laws, but they do not, in any way, stop a ship rescuing anyone. Rescue has nothing to do with immigration.

It's a shame that she thinks that she has to peddle this rubbish to try to obtain some political advantage.

To make it worse, this alleged lawmaker said according to the Sydney Morning Herald:

They were doing what they could to ensure that these people didn't drown.
I understand their nervousness in getting involved in these sorts of activities
particularly right before an election."

What sane person thinks that the law changes from week to week because an election is imminent? Probably a moron, actually. I'm very concerned that people like Nettle have any responsiblity for Australian law. It's people like her that demonstrate that the country runs itself in spite of its politicians.

Freedom of information in Australia?

... or should that be freedom from information in Australia?

More than 500 separate legal provisions in 335 different state and federal acts of Parliament are denying Australians access to a vast amount of information they should be able to see, a major new report says.

The Right to Know Coalition today released an audit on the state of free speech, which its authors say provides a damning picture of "how free speech and media freedom are being whittled away".

Now, it should be noted that the "Coalition" is a group of media interests, but nevertheless this is firm evidence of something many of us have probably suspected for some time - in fact, Background Briefing on ABC Radio National did a piece some years ago on "commercial in confidence" which basically meant that the government used that excuse to not be accountable to taxpayers and the electorate.

Cyberspace November 2007

Domains again

In an effort to increase the spend of international organisations on Internet domains, ICANN has approved several new top level domains, including .mobi, .asia and .jobs. Of these, the only one that seems to make sense to me is .asia, and even then I have to wonder. I can appreciate that in mainland Asia there might be an interest in limiting domain name registration and possibly searches to a given geographic region. The European Union has something similar to this in the .eu namespace. Registration in .asia is available to businesses in 73 countries ranging from New Zealand to Kyrgyzstan, Iran, Iraq and Syria. So... that's the other half of the planet covered. Between the .eu and .asia namespaces you might wonder why not have a world-wide namespace? Oh, that would be .com or .net. Yes, I'm a bit cynical about most of these new top-level-domains, but that's just me.

Anyway, this led me to reconsider brand and trademark protection generally (particularly since I look after my firm's domain names). There are probably at least eight different top-level-domains (TLDs) that a medium/large business in Australia/New Zealand might want to consider, including com, net, com.au, net.au, org, org.au, asia, and mobi. Given that it would cost under AUD$1,000 a year to maintain registration for these, why wouldn't you? Well, if your business name was "Sydney Law" or "Smith & Co" then I'd be registering as many TLDs as I could get my hands on. That's because a lot of organisations could legitimately lay claim to those names, and therefore there'll be a lot of competition. If your business name is "Walter & Durrham" then there's not going to be a lot of competition for walterdurrham.com (unregistered as I write). Of course, due to registration rules anyone could register that in the .com namespace, but only a business with a registered business name and ABN could do it in the .au namespace. After registering walterdurrham.com.au I'd be fairly relaxed about registering walterdurrham.net.au.

Online contracts

In the early days of email a lot of people got excited about having an image of their signature in emails to "sign" them. Regular readers will know that I thought that clumsy and unnecessary. The intention to bind oneself to correspondence or even agreements doesn't need to rely on a signature. One of the greatest examples of this in 2007 was the eBay case of Smythe v Thomas [2007] NSWSC 844 (3 August 2007) in which Rein AJ ordered that an eBay auction of a Wirraway Warbird aircraft for the reserve price of $150,000 was binding on the vendor. There was an eBay auction which concluded but things soon fell off the rails. There was a "Buy now" button for $275,000 ( i.e. buy now and avoid the auction), and it also turned out that the vendor said he had another expression of interest for $220,000. In general terms it is clear that the vendor was trying to get the best price for his rare aircraft from several avenues. The problem was that one of those avenues was eBay, and he purported to conduct an online auction.

The law applied was that of NSW, and in particular, s60 of the Sale of Goods Act 1923. The vendor's arguments generally revolved around lack of an agreement between him and the bidder due to uncertainty and lack of offer and acceptance; i.e. the eBay "auction" was no more than an invitation to treat. He also argued that any agreements which might have existed were between each party and eBay, not between the two parties directly. However, Rein AJ characterised the eBay auction (correctly in my view) as just an ordinary auction, albeit without an auctioneer (eBay claims not to be one) or a gavel. It had a method of ending the auction and it created a binding agreement, albeit in a non-traditional fashion. He ordered specific performance of the agreement, and I presume Mr Smythe flew off into the sunset.

Podcasts, iTunes and iPods

If you listen to podcasts a lot you may be puzzled by some options in iTunes to copy "new" podcasts to your iPod. There are three options:

1. Unplayed
2. New
3. All

So what's the difference between unplayed and new podcasts in iTunes? Generally speaking, you should always choose the "new" option. This means that any podcast that has never been played on your iPod or in iTunes will be copied to your iPod at the next sync. If you have played even a few seconds of a podcast it will be considered "not new" and will lose the blue dot next to its name.

That makes sense so far - but what is an unplayed podcast if it is not new? If you use the "unplayed" setting you will end up with podcasts on your iPod that you have already played, as well as new ones. Obviously "unplayed" doesn't mean that you haven't played them. Maybe it means that you haven't played them all the way to the end of the track? I'm still not sure, but by and large, unless you have plenty of free space on your iPod you will probably use the "new" setting and ignore "unplayed."

There are still some unusual things that happen on iPods - I've noticed that if you play a part of a video podcast (this is all tested on my dearly departed 80 GB video iPod), it becomes "not new." If you play part of it and then hit the Right button it will advance to the end of the track and mark it "new" again. I haven't tested this on my new 160 GB Classic yet, but I've noticed that at least both video and audio podcasts are now properly grouped together in the podcast menu.

However, iTunes 7.4.3 tells me that I have 87 podcasts (not all of which can play on my iPod); it also says my iPod has 75 podcasts on it, yet my iPod Classic screen says it has 35 podcasts on it! I think the iPod is referring to 35 publishers and iTunes is referring to 75 episodes, but that's not what it says. Steve Jobs, there is more quality control on the user interface required...

And finally, I was pleased to find that my Belkin TuneBase FM for car works, in spite of reports on the web that it doesn't work with the iPod classic. It plugged in, found the frequency I'd been using with the 5th Gen video, and just worked. Mind you, I haven't tried changing the frequency, but the frequency did display correctly on the iPod.