Friday, November 11, 2005

Stewart Baker on DRM Tactics

Stewart Baker, a (now former?) member of our Committee, recently spoke at a conference and commented on the recent DRM tactics of some record labels. Here's a juicy quote:

"It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days."

Watch the Webcast here.

Monday, August 08, 2005

Cyberspace Plenary Session and Hot Topics

The Committee's Meeting in full was held at 8 AM Saturday. Not surprisingly, this committee attended en masse notwithstanding the early hour (and, in some cases, whatever any of us were doing in Chicago on a Friday night...).

Vince Polley [picture] spoke for a few moments, discussing some Section news. He noted that this Annual is very well attended -- approximately 2200 Business Law members are here -- and that the Section is putting on 22 programs, which is far and away the most prolific of the ABA's sections. Of those 22, Cyberspace is putting on (directly or as a co-sponsor) six. On the publishing side, the Committee has produced 3 new book titles over the past year. In other words, we continue to be amongst the most productive committees in the most productive section.

Vince rattled off the upcoming meetings through the section, including Tampa in April 2006, and Honolulu in August 2006. Vince noted that the Hawaii meeting will have a modified format, including early start and stop times during the days and a smaller set of programs.

Vince handed the podium to Candace Jones, [picture] who will chair the committee going forward. Candace spoke briefly about the coming plans for 2005-2006. The Winter Working Meeting for January 2006 will be held in Wilmington, Delaware. Wilmington is a short ride from the Philadelphia airport, and can be reasonably reached from Baltimore as well. Also, Wilmington is on the Amtrak Acela train, so those in Boston, New York and D.C. (and points in between) have easy access.

Candace noted a few leadership and sub-group changes. Michael Fleming [picture] will be Vice Chairing the Committee, Juliet Moringiello will be Chair of the Publications Subcommittee, and Mattias Hallendorf will be the Co-Chair of the Transferability of Electronic Financial Assets Working Group (a joint project with the UCC Committee).

The Working Group on Spam will be re-purposed to a degree and renamed as the Working Group on Malware. Elizabeth Bowles [picture] will continue to chair the WG. It will expand its portfolio beyond spam and into the wider concept of 'malware' -- put in quotes because task one is probably how to define it.

A new Subcommittee on Privacy, Security & Data Management will be co-chaired by Peter McLaughlin and Michael Power.

After the short remarks, Candace handed off the meeting to our five (!!!) hot topics speakers, who each had to compress their remarkably dense topics into about 15-20 minutes each.

Rhea Fredericks gave a short synopsis of the recent decisions in the Zubulake and similar matters concerning electronic discovery, and particularly corporate obligations to retain and preserve evidence.

Michael Geist spoke on his views of the WGIG report on Internet governance, which included a short history of the governance of the Internet that led up to today's concerns.

John Ottaviani reviewed the Grokster decision and had some thoughts on where we go from here in the P2P world.

Elizabeth Bowles presented some early thoughts on the malware concept, including the ideas around how we can start to define the idea.

Steven Middlebrook spoke on his own personal views of the current controversies on patenting within the financial industry.

Sunday, August 07, 2005

Committee Face Book

To help new members know who's who, we have created a sister blog that contains good "face shots" of committee members. Please check out the pictures.

If any of you are not pictured, and you'd like your picture added, please track down Fleming or me, and we'll take a photo of you and add it.

If any of you who are pictured don't want to be, let us know, and we'll take down your picture.

And the coffee was excellent

Fleming and I made the pilgramage to Chicago's coffee palace, Intelligentsia. The coffee was so good, we didn't even mind the $20.00 we spent in cab fare to get there and back.

We started with an order that confused the gal behind the counter; we each ordered a single espresso and a single macchiato. We quaffed those very quickly, and immediately followed up with another order. Fleming went for the latte pictured here. I ordered a traditinal cappuccino.

We sat and enjoyed the place for a bit, and then we headed back. I couldn't leave without taking a bit more of the store with me. We'll see how well the pound of whole bean espresso does in my home espresso machine.

Vince Polley's "Retirement/Thank You" Gift

At the Cyberspace Dinner, the Committee presented a retirement/thank you gift to Vince Polley to say thanks for his tremendous service as a member, and then Chair, of the Cyberspace Law Committee. As Hank and Michael Fleming described in lengthy detail (see earlier post), the group finally agreed upon a very low-tech gift--a book!

Food, Friends and Free Flowing Beverages

The Cyberspace Dinner was one of the best ever. The evening started with (SURPRISE!) an open bar, courtesy of the law firm Gordon & Glickson. (Thanks Steve). A big thanks also goes to Jackie Scheib for all the hard work she put into setting up the dinner at Wildfire.

Rotenberg Accepts Cyberspace Excellence Award

Last night, Marc Rotenberg of EPIC, graciously accepted the third annual Cyberspace Law Excellence Award. I had the privilege of sitting with Marc at dinner. We had a very lively conversation about privacy, security, notification of consumers about security breaches, goings-on at the Department of Homeland Security, and my reporter friend Declan McCullagh.

It was a thoroughly enjoyable evening.

Cyberspace Committee Dinner

A great time was had by all, as we awarded the Cyberspace Award for Excellence, honored our departing chief, and welcomed the new boss. Let us remember the night with a few photos.

Marc Rotenberg

Mark, Michael, Candace and Vince

Susan and Jason Epstein brought along their new twins

Jason holds our Committee's newest member

John and Chris

Don, Jackie and Don's spouse Diane

Elizabeth and Rafael

John, Elizabeth Cole (Australian attorney practicing in Shanghai), and Hank

Brad and Jane

[more to come...}

Wi No WiFi in Chi?

Actually, we have plenty of WiFi in our meeting space (thank you Business Section!). What I refer to is the new op-ed (registration required) from the NY Times about the town of Hermiston, Oregon and surrounding environs. The city has contracted with a private provider to set up what appears to be the world's largest WiFi Hotspot -- no cost service over a 600 square mile area.
Driving along the road here, I used my laptop to get e-mail and download video - and you can do that while cruising at 70 miles per hour, mile after mile after mile, at a transmission speed several times as fast as a T-1 line. (Note: it's preferable to do this with someone else driving.)

Author Nicholas Kristof noted the irony of a rural area in Eastern Oregon pulling this off while bigger cities are still stuck in the mud. I suspect we shall see this issue (or similar concerns about next generation wireless broadband such as WiMax) coming up more and more in the next years.

Saturday, August 06, 2005

CLE PROGRAM: Sailing in Dangerous Waters

E. Michael Power, Roland Trope, Francoise Gilbert

The panel members used the metaphor of a submarine to describe data management and its risks to members of boards of directors. The panel provided a good overview of the various sources of law that make data security an increasingly important issue for companies. Moreover, the panel argued for increased attention to these issues by Boards of Directors of large and small companies.

This session demonstrated how data, its management, and security, is a common thread that runs through many of the programs at this year's meeting. The lack of attention to data management is a common source of many coroprate challenges:

  • data privacy issues
  • the difficulty of many companies to cope with the challenges of ediscovery
  • data security breaches and the obligation to notify consumers of the breaches

Michael Power made my favorite comment of the session. To paraphrase: "You can batten every hatch on your boat, and it's still going to get in. That's what bilge pumps are for. Data is just like water. You may think you've got a handle on where your data is stored and how it is secured, but, just like water, it goes everywhere."

Seminar Materials are available here. [ABA ID Required]

Ecommerce Subcommittee Meeting

The Ecommerce Subcommittee meeting ran at breakneck pace as we tried to cover the substance-packed agenda in the one-hour time allotment. Luckily, no other group was scheduled for the conference room so we could continue for an extra half-hour.

The meeting opened with the announcement that Juliet Moringiello is stepping down as Co-Chair, having reached the end of her three-year term. In her new role as Co-Chair of the Programs and Publications Subcommittee, the entire Cyberspace Committee will reap the benefits of her leadership talents and enthusiasm. Chris Kunz will be the new Co-Chair of the Ecommerce Subcommittee. Chris has been the driving force behind the impressive body of work on "click wrap" and "browse wrap" agreements produced by the Working Group on Econtracting Practices during her tenure as its Co-Chair. The timing is especially good for Chris to shift into the Ecommerce Subcommittee because of her interest in the Model Trading Partner Agreement and the Subcommittee's newest project, the Model Electronic Transaction Routing Services Agreement.

The meeting proceeded with a round-up of the Subcommittee's on-going projects. We were fortunate that Co-Chairs of all five Working Groups were in attendance to present status reports.

  • Linda Rusch summarized the progress that the Working Group on Transferable Records has been making on their attempt to give practical direction on how to establish "control" over electronic chattel paper.
  • Kathy Porter explained the Working Group on Electronic Contracting Practices' upcoming article on modification of standard form electronic contracts. Their next project will be a comprehensive review of the recently-published model website in anticipation of version 2.
  • Ben Beard reported on the annotations to Model Trading Partner Agreement, proposing that the Agreement be harmonized with the Model Electronic Transactions Routing Services Agreement, and that the two be published together.
  • Don Clifford discussed the revisions that the Consumer Protection Working Group is making to the ABA-sponsored website for consumers,, which still contains content from its 1999 launch.
  • Jon Rubens brought us up-to-date on, a proposed ABA-sponsored website for new Internet entrepreneurs .

Elaine Ziff made a presentation on two ecommerce decisions which were handed down in the past year. The first was Cairo v. Crossmedia Services, wherein the N.D. California upheld a choice of forum clause contained in terms and conditions posted on a site, despite the fact that the action meant to indicate assent, i.e., using the site, was undertaken by a robot which was not programmed to read the terms and conditions. The second case was Batesville Casket v. Funeral Depot, wherein in the S.D. Indianapolis suggested that the general rule that a website can link to another without liability for copyright infringements on the linked site does not necessarily apply where the linking site controls the content of the linked site.

The remainder of the meeting was dedicated to discussing the Model Electronic Transactions Routing Services Agreement. Phillip Schmandt and Chris Kunz led the group through their list of key conceptual questions, including, what is the difference between data and content, and what intellectual property, if any, will be created in the parties' relationship and who should own it? Between now and the Winter Working Meeting, a series of conference calls will be scheduled to go over the Model Electronic Transaction Routing Services Agreement in greater detail and focus on the actual language of the Agreement. If you would like to participate, please let Phillip or Chris know at and

Elaine Ziff, Co-Chair, Electronic Commerce Subcommittee

CLE PROGRAM: Information Security and Dealing with Information Security Breaches

Information Security Panel

This panel included speakers with a wealth of information about the current state of information security breach notification laws, the experiences of companies who have suffered a breach, and the legislative response to this situation.

Here are a few highpoints of many of the presentations.

Julie Brill
Assistant Attorney General, Vermont

Ms. Brill briefly reviewed some of the litigation filed by state Attorneys General in response to companies failing to provide notification to citizens of a state when the companies suffer security breaches. The CDRom for the Annual Meeting contains the testimony presented by the State Attorneys Generals at the recent hearings on consumer notification. That testimony includes a comprehensive list of the known security breaches that affected consumer accounts. She estimated that approximately 50 million consumers have been affected by security breaches.

Ms. Brill encouraged everyone to read the new state breach notification laws to ensure they can appreciate the subtle variety in the laws. She also commented that some of press reports about the new states laws have contain inaccuracies. To the extent the state notification laws differ, she felt the differences were largely in respect to how much of the OCC guidance was included in the state law.

Ms. Brill also summarized what she thought were the differences between the OCC Guidance and the majority of the state laws:
  • The definition of the information that triggers an obligation to notify is broader in the OCC Guidance
  • The language that describes whether notice must be given is more ambiguous
  • The OCC Guidance requires notification whether the information acquired was encrypted or not
  • The OCC Guidance also covers paper information as well as computerized information

She commented that the argument that the state laws lack uniformity is a red herring. She believes the state laws are similar enough that we have, effectively, uniform legislation.

She also does not agree there is a risk that consumers may become “numb” from receiving security breach notifications too often. She believes consumers are responding appropriately and that they are right to be very concerned about these breaches. She believes the breach notifications are an incredible educational tool that are beginning to help consumers learn what they must do to protect themselves from the risks of Identity Theft. Until American business changes its practices and improves the security of consumer information, the breach notifications will continue to be a good tool that has value.

She commented that most of the states want a federal security breach notification law. They believe the federal law should address two important points. First, the trigger for providing notice ought to be objective, not subjective, like the OCC Guidance. The states don’t want the entity that suffered a breach to decide if notice must be given. Second, the states don’t believe preemption is necessary.

Finally, she commented that the states want an expansion of the Safeguards Rule. They do not believe the current rule is strong enough, and should be modified to cover all entities that store or process sensitive consumer information, not just financial institutions that are currently covered by GLB.

[More to follow after lunch]

Friday, August 05, 2005

Working Group on Electronic Payment Systems

Sarah Jane Hughes and Bob Ledig opened discussion of the FDIC's forthcoming proposals regarding stored value cards and the deposit insurance coverage (if any) of the underlying funds. A fascinating discussion followed with the group continuing to work out the implications. The group is going to provide some further detail in a followup e-mail to the Committee, and suggest that many of the members could be interested in providing their own comments to FDIC.

Working Group on Electronic Evidence

John Lunseth and Rae Cogar opened the meeting.

John reminded us that Rhea Fredrics from Kroll Ontrack will be speaking to the plenary session on Saturday morning -- one of the Hot Topics will be some recent electronic discovery matters.

John solicited further volunteers for the series of monographs that the WG plans to produce. In light of the Zubalake decisions, he thinks that a great opening would be a monograph for companies on their policies for preserving evidence in the face of potential litigation. The group spent some time discussing the concepts -- Including some who noted their frustration with trying to advise clients who are going to be unhappy with the practical results of these new rules. John says that the issues for the monograph should be:

1) When does the duty attach?

2) What do we need to preserve?

Interested persons should get directly in touch with John Lunseth (see link above).

Mona Lisa's Smile was Nothing

Vince Polley -- Finally at peace after reaching the end of his term.

CLE PROGRAM: Outsourcing - Getting it Right the First Time

The Committee's first program for the 2005 meeting has begun -- Outsourcing: Getting it Right the First Time. CLC member Stephen Hollman chairs the program, and is speaking on, using his phrasing, Service Level Arrangements. He points out the many ways that attorneys can, in their zeal to get the most they can out of a vendor, have often created static and non-relevant SLAs that lead to problems such as Stephen's concept of "Death by Metrics." Stephen pointed out an amazing statistic given by an Accenture analyst -- That 70% of outsourcing contracts are re-negotiated within 3 years, which demonstrates to some degree that many of those contracts were not written with the idea of 'partnership' between the vendor and buyer but were written as an adversarial exercise.

Chicago's own Diana McKenzie from Neal Gerber and Jonathan Kaplan from Accenture both spoke to processes of how to get into an outsourcing program. Diana pointed out the value of doing much of the ground work before sending out an RFP, keeping the vendors on their toes by maintaining dual track negotiations, and controlling the agenda by such tactics as having the proposed contracts in the RFP. While many buying companies think they are saving time or costs by putting off those things, Diana clearly felt that those savings were illusory because the deals that result are usually favorable only to the vendor (or worse, only to the vendor's sales person's pocket).

Stephen Mathias, attorney from Kochar & Company of Bangalore, India, gave a wealth of practical tips on contract points that need to be addressed with offshore outsourcing. His written materials for the program should be consulted as part of any lawyer's checklist if a deal is being struck with an Indian vendor -- If only for learning the significantly different legal rules for transfer and assignment of intellectual property between US and Indian systems.

Stephen Gold -- Who completes the trifecta of Stephens -- Joined the panel from Gordon and Glickson of Chicago (which firm is also a sponsor of our Cyberspace meeting this summer). He had a number of tips on avoiding further pitfalls if one is buying an outsourced service. One of his mantras was the idea that one "cannot outsource responsibility." The buyer remains holding the bag when it comes to internal controls necessary for SarbOx, the obligations of confidentiality for GLBA, and any number of other things. He pointed out that the first response to that is frequently a vendor claiming SAS-70 compliance, but that this by itself is not enough given that some SAS70s will be very shallow, and may actually do nothing more than memorialize how poor the vendor's own internal controls are.

Finally -- The program concluded with a mock negotiation over a hypothetical outsourcing contract. One side of the room advised the buyer, the other side advised the seller. Rather than devolve into a food fight lobbed over the aisle, the audience negotiated together with their counterparts on the podium. Much emphasis was placed on concepts of actually making a deal that works rather than simply proving which side could beat up the other. We might never find out if this hypothetical company would succeed in this deal, but the panel certainly put it in a better position.

Wednesday, August 03, 2005

International Policy Working Group

Hal Burman, who chairs the International (a/k/a Global) Policy working group, tells us of his plans for their meeting (Westin, Windsor Room 2nd Floor, 4:00 to 5:00 PM FRIDAY):
I just got back from an extended set of meetings, the first of which was a two-week negotiation that concluded the new Uncitral E-Commerce Convention. [For the Chicago meeting,] we have two main topics.

First, whether Cyberspace should support implementation of the new UN Convention, and if so, what position would we consider on any possible changes to UETA but especially the Federal E-Sign and Global E-Commerce Act? Are there "fixes" to the Federal Act we should promote?

Secondly, should we seek to use the new convention to harmonize e-commerce basic law within Native American or other US-related territories?

Hal (Burman, Harold S [])

Outsourcing Program -- Some Pre-Reading for You!

Stephen Hollman, who is looking forward to seeing each and every one of you (ahem) at the Outsourcing Program on Friday morning, has passed along a couple of items for you to review prior to the program.
  1. A flyer that discusses a bit more detail on what you can expect; and
  2. A copy of the hypothetical that will underlie the mock negotiation.
Prior reading is not mandatory (you can let go your fears of returning to law school...). But, Stephen thinks that you will be further intrigued by the hypo, and hopefully that will bring you to the program!

Tuesday, August 02, 2005

Intelligentsia--This Year's Coffee Event

To keep up with the tradition, I am scheduling a "Coffee Event" for interested members and friends of the Committee while we're in Chicago. Intelligentsia, a "famous" Chicago espresso shop is only 3.4 miles up LakeShore Drive from the Drake Hotel.

Those of you who've joined me on these coffee excursions in the past know that I try to seek out only the best espresso, and this year's destinatin should meet or exceed that standard. Barristas from Intelligentsia recently took first, second, fourth, and fifth place in the Great Lakes Regional Barrista Championship. And, Intelligentsia was selected Best of Chicago in the annual Citysearch poll. People, we're in for some good espresso.

I'll review the schedule, poll some of our members, and select a good time slot for the visit. As of now, I think a good time would be after the Committee Dinner on Saturday night. Use the Comment feature if you'd like to offer up an alternative time slot.

Here are some links if you're interested in learning more:
Intelligentsia Coffee House
Directions from the Drake to Intelligentsia's Broadway Store
CitySearch.Com's Poll Results on Coffee Houses
Intelligentsia's Articles on Latte Art

Extracurricular Activity -- Chicago Gold Coast Art Fair

During your free time on August 5-7 you might consider visiting this annual event, held along LaSalle Street at the intersections of Erie, Huron, and Superior (not far from our Committee dinner Saturday night, which will put pressure on nearby parking, if you were planning on driving).

"Heralded as the 'Grand Daddy' of American art festivals, the Gold Coast River North Art Fair embarks this summer on its 48th year of wowing Chicago. As one of the most highly attended art fairs in the city, The Gold Coast River North Art Fair annually attracts over 400 juried artists and 600,000 visitors from locations around the world. The free festival is set along city streets and sidewalks in the gallery-filled River North neighborhood; a world-class creative and cultural experience!"

For more information, visit


Eric Goldman Challenges Elliot Spitzer

OK, so it's not an "Over the Top Battle Royal" match. Yet. But for those of you who are interested, take a look at Eric's article in CNET's today. Eric points out that the New York Attorneys General's threats against advertisers who run ads with adware vendors represent "a novel and unprecedented application of current law," and have negative policy implications.

[from John E. Ottaviani (]

Transport Options to Hotels -- Trains, Cabs and Feet

For those of you coming in through the airports, don't forget that Chicago has a pretty good train system.

Unfortunately, the Drake and Westin are a bit north of the "Loop" and so they don't quite get to the trains themselves.* Still, a ride on the Blue Line from O'Hare or the Orange Line from Midway, followed by a short (relatively) cheap cab ride to the hotel (Chicago is a "hail a cab" town, so just get out on the curb and gesture wildly), will probably be a money saver compared to cabs all the way from the airport. And, speaking from experience, if you come in during any rush periods the trains will often get you downtown faster (particularly from O'Hare), even with the transfer to a cab at the end of the ride.

* If you really want to go on the train all the way, you can transfer to the Red Line, which is a subway that connects from the Loop trains -- watch the signs and figure out how to do the transfer. However, you'll have about a 7 block walk to go from the Chicago Street stop on the Red Line to get to the Drake Hotel.

Monday, August 01, 2005

You Want CLE? You Got It!

By my count, your CLE Passport can net you (approximately) 12 hours of CLE without even leaving the Cyberspace sphere of influence. Come out and support your colleagues from the Committee, and surprise yourself at how good we all really are at this stuff.

Friday 10:00 a.m.- 12:00 p.m.

Program: Outsourcing: Doing it Right the First Time and Every Time
Westin Michigan Avenue: Governor’s Suite, 3rd Floor
Presented by the Technology Committee
Co-Sponsored by the Cyberspace
Program Chair: Steven N. Hollman

Five distinguished leaders in the outsourcing field, including a leading attorney from Bangalore, India, will discuss steps to take when presented with a proposal for outsourcing, constructing service level agreements, special issues in off-shore outsourcing, and disclosure and compliance with U.S. laws. The panel will then engage in mock (unrehearsed) negotiation of a hypothetical outsourcing transaction.

Saturday 10:30 a.m.- 12:30 p.m.

Program: Information Security and Dealing with Security Breaches
Westin Michigan Avenue: Cotillion Ballroom North & South, 2nd Floor
Presented by the Consumer Financial Services Committee
Co-Sponsored by Cyberspace
Program Chair: Joan P. Warrington

In this program, which was developed in conjunction with the Electronic Financial Services Subcommittee, representatives from Congress, the FTC, a state Attorney General and the private sector will discuss the latest laws, regulatory guidance, enforcement action and pending legislation relating to the protection of information and the obligations of entities that experience an information security breach.

: If you are interested in these issues, please plan to attend the meeting of the Electronic Financial Services Subcommittee.

Saturday 2:30 p.m. – 4:30 p.m.

Program: Data Governance for Company Directors
Westin Michigan Avenue: Wellington Ballroom Two, 2nd Floor
Program Co-Chairs: Roland Trope and Michael Power

This program coincides with the ABA’s release of a book of the same title written by the program co-chairs. The panel will describe the impending “perfect storm” in the information security environment, identify trends contributing to its formation and review emerging legal requirements that create data governance obligations for directors. The panel will suggest questions directors should ask management to fulfill director obligations and provide guidance for assessing management’s response.

: If you are interested in these issues, plan to attend the meeting of the Subcommittee on Privacy, Security and Data Management.

Sunday 8:00 a.m.- 10:00 a.m.

Program: Protecting Organizations’ Intellectual Property and Confidential Data in Outsourcing Transactions
The Drake Hotel: Michigan Room, West Mezzanine
Presented by the Intellectual Property Committee. Co-Sponsored by Cyberspace
Program Chair: Patrick J. Whalen

This program will present the risk to an organization’s IP and other private data when pursuing outsourcing and will outline strategies that companies may adopt to address these risks. Topics include an interdisciplinary strategic framework for structuring outsourcing deals, protocols for privacy protection, dispute resolution procedures and host nations’ treatment of IP.

Sunday 2:30 p.m. – 4:30 p.m.

Program: RiskEContracts: How On Line Consumer Contracts are Treated in Foreign Jurisdictions
Westin Michigan Avenue: Wellington Ballroom Two, 2nd Floor
Program Co-Chairs: John Gregory and Don Clifford

Do your consumer online contract forms travel well? Terms and conditions normal in U.S. consumer contracts may be doubtful, invalid or even illegal in countries whose legal systems you may think are familiar. Lawyers practicing in France, the UK and Canada show you the risks and how to minimize them.

: If you are interested in these issues, plan to attend the meetings of the Internet Jurisdiction and Global eCommerce Policy Subcommittee and the Working Group on Consumer Protection.

Monday 2:30 p.m. – 4:30 p.m.
Program: The Wonderful – And No Longer Exotic – World of Electronic Payment
The Drake Hotel: Drake Room, Upper Level
Presented by the Developments in Business Financing Committee
Co-Sponsored by Cyberspace
Program Chair: Martin Fingerhut

This program will provide a basic overview of the nature of payment obligations that are created through the Internet and other electronic media. The panel will also discuss a number of current legal and business issues, including enforceability under state and federal law, taking security on and securitizing these obligations and unique opinion issues.

: If you are interested in these issues, plan to attend the meeting of the Working Group on transferability of Electronic Financial Assets.

E-Commerce Consumer Protection Working Group

The latest draft of the update of the ABA Website is attached here.

All comments and suggestions will be enthusiastically considered. Send them to or print out a copy, mark it up on the airplane and turn it in at the Westin hotel desk for Don Clifford. The draft will be discussed at the meeting of the E-Commerce Consumer Protection working group on Saturday morning. All are welcome.

Internet Law Subcommittee Meeting

The Internet Law Subcommittee will be meeting on Monday, August 8, from 8am to 9am at the Westin Michigan Avenue, in Consulate Room One, 2nd Floor. Here is our agenda for the meeting. It's a very full plate and lots of interesting opportunities to get involved in cutting edge Projects, Programs and Articles.

Tom Laudise ( and Hank Judy ( are the Co-Chairs of the Subcommittee and they very much welcome your participation.

Working Group on Electronic Contracting Practices

If you are coming to the Chicago ABA Annual Meeting, please join us at the Cyberspace Committee's Working Group on Electronic Contracting Practices, which is part of the Electronic Commerce Subcommittee.

The Working Group will meet in our Sunday, August 7th, from 3:30 to 4:30 a.m. in the Windsor Room (Westin Michigan Avenue, 2nd Floor).

Our successful Spring meeting program on modifications of electronic form agreements will become an article for the Business Lawyer. Join us to discuss our progress on the article. We will also have a number of new projects under consideration, including analyzing the types of provisions needed for nonpublic or private suite websites, offering some e-contract assistance to the model website committee, looking at the enforceability and operability of email disclaimers, and discussing whether and how bots might be bound by website terms of use. Finally, we will discuss a recent Massachusetts appellate case involving the refusal to enforce a forum selection clause in a cruise ticket. Please join us.

If you cannot join us in person, we have set up a dial in number for our meeting - contact Chris or Kathy below or post a comment to the blog to get the details.

We look forward to seeing you in Chicago! Please let us know if you have any questions or suggestions!

Co-chairs: Kathy Porter ( and Chris Kunz (

Sunday, July 31, 2005

Cyberspace Committee dinner (Saturday, August 6, 2005)

It's six days before our annual Committee dinner in Chicago, and I'm excited about seeing all of you again, as my term as Chair of the Cyberspace Law Committee concludes.

Some tickets for the dinner will still be available at the Westin hotel on Thursday and Friday (this year's event is supported by generous support from Chicago’s own Gordon & Glickson, a premier law firm celebrating 25 years of specialized IT law).

If you're free Saturday night, please come to welcome Candace Jones as the incoming Committee chair, and to meet Marc Rotenberg, the executive director of the Electronic Privacy Information Center (, who is this year's recipient of the ABA's Cyberspace Law Excellence Award, recognizing substantial contributions to the development of the law of cyberspace through scholarship, participation in the legislative process or litigation.

Dinner will be at the Wildfire Restaurant, 159 W. Erie Street, 312-787-9000 (, starting at 7:30 pm (the Business Law Section reception precedes the dinner at 6:00 pm, at the Drake Hotel).

Vince Polley

Friday, July 29, 2005

Internet Jurisdiction and Global E‑Commerce Subcommittee

For anybody who may have received information to the contrary, please note the following:

  • The meeting of the Internet Jurisdiction and Global E‑Commerce Subcommittee will be held on SATURDAY from 10 AM until 11 AM, at the Westin Michigan Avenue, Huron Room, 3rd Floor.

This is a room change from what was in Candace's earlier e-mail to the membership. There have also been some materials from ABA that stated the meeting is on Sunday, and these should be disregarded.

John Gregory reminds us of the following as well:

There will be a recap of recent international developments, enthusiasm about the two CLE programs that were developed by the subcommittee (Data Governance on Saturday afternoon and RiskECOntracts on Sunday afternoon) and brainstorming about how we can have as good a year next year. What should a Subcommittee of our title and scope be thinking about/working on? The leadership (Michael Geist and I) may have some ideas, but we'd like yours too (since we'll ask you to lead or join the work...)

Intellectual Property Subcommittee

For those of you attending the ABA Annual Meeting in Chicago, please join us at the Cyberspace Committee's Intellectual Property Subcommittee meeting. The Subcommittee will meet in our traditional time slot, Sunday, August 7th, from 8:00 to 9:00 a.m. in the Huron Room (Westin Michigan Avenue, 3rd Floor).

At the meeting, we will discuss our current projects, including an update of the status of our Open Source project, and discuss current topics and issues (Grokster, 1-800-Contacts, Perfect 10, and anything else for which we have time). We will also discuss taking on several new projects on a variety of emerging cyberspace/intellectual property issues, including "blog law," use of the DMCA as a competitive weapon, and legislation tracking, as well as potential projects on practice related issues such as "cool toys" and "how to develop an Internet law practice". Do you have other ideas? Bring them along! As usual, there is plenty of opportunity for anyone who is interested!

We look forward to seeing you in Chicago! Please let us know if you have any questions or suggestions!

  • John E. Ottaviani (
  • Eric Goldman (
Co-Chairs, Intellectual Property Subcommittee

Participate in the ABA's Toy and Book Drive

The Business Law Section's Committee on Pro Bono, Committee on Business and Corporate Litigation Subcommittee on Pro Bono and Public Service, the Young Lawyer Forum and the ABA Young Lawyers Division have joined forces to collect books and toys at the Annual Meeting for donation to a local shelter. You may drop off items at the Section's Satellite Registration Desk at the Westin Michigan Avenue hotel. Don't forget to include a toy and/or book when packing for Chicago. Or if you do forget, pick up a doll at the American Girl Store and hop across the street to Borders and buy a couple of books. Please help support this important endeavor as we give back to the City hosting our wonderful Annual Meeting.

Karen Hagewood
Cyberspace committee liaison to the Pro Bono Committee

Tuesday, July 26, 2005

Meeting Planner for Cyberspace Events at the Annual Meeting

Dear Committee Member,

To help you plan your schedule for Chicago, I am attaching a chronological list of Cyberspace Committee meetings and programs. We are presenting or co-sponsoring 7 programs in Chicago, including an outsourcing panel that will feature a leading legal expert from Bangalore, India, and an international panel to discuss the enforceability of online consumer contracts outside the U.S. The ABA will also be releasing a new book, Data Governance for Company Directors by Committee members Michael Power and Roland Trope. Michael and Roland will present a companion program on Saturday afternoon.

If you have not yet gotten tickets for the Committee dinner, please check at the Satellite Registration desk at the Westin Michigan Avenue. Thanks to the generous support of the Chicago IT law firm, Gordon & Glickson, sponsor of the Committee Dinner, tickets are only $50 per person. The Committee Dinner will feature the presentation of the third Cyberspace Law Excellence Award to Marc Rotenberg, Executive Director of EPIC (the Electronic Privacy Information Center).

We look forward to seeing you in Chicago.

Candace M. Jones, Esq.
Hahn Loeser & Parks LLP
3300 BP Tower
200 Public Square
Cleveland, OH 44114
Ph: 216.274.2433
Fax: 216.241.2824

Saturday, July 23, 2005

New ABA Project: Model Electronic Data Agreement for Third-Party

The Electronic Commerce Subcommittee of the ABA's Committee of Cyberspace Law is sponsoring a new project: The drafting of a Model Electronic Data Agreement for Third-Party Service Providers. Introduced at the Spring Meeting in Nashville, this project is now ready to be taken to the next level at the Ecommerce Subcommittee Meeting in Chicago on Saturday August 6th. You are invited to participate.

This Model Agreement will cover third-party providers that transmit, store, or transform unencrypted electronic data for one or more trading partners. The Model Agreement is intended to be industry- and technology-neutral, but structured to easily incorporate requirements unique to any industry or technology.

The Model Electronic Data Agreement for Third Party Service Providers will complement the 1990 "Model Trading Partner Agreement," which is used in relationships between trading partners using electronic data interchange (EDI). The new Model Electronic Data Agreement will govern third parties hired by one or both of those trading partners and would address the emerging use of XML electronic transactions.

Issues To Be Addressed
The scope of the model agreement will be determined by the Electronic Commerce Subcommittee. However, it is expected that the drafters will consider issues such as:
(1) standards or warranties applicable to services;
(2) permitted and prohibited use of electronic data;
(3) ownership of data;
(4) differentiating a third-party provider's duties to its customers from its duties to other
trading partners who may have no privity of contract with the third-party provider but whose data is held by the third-party provider;
(5) security standards;
(6) implications of Sarbanes-Oxley; and
(7) liability issues.

A Balanced Perspective Needed
This project will succeed if it attracts project members who have experience representing third-party service providers, trading partners who hire third-party service providers, and trading partners whose data is held by third-party providers not hired by that trading partner. All three perspectives are needed in order to produce a balanced Model Agreement that will gain acceptance in commercial use.

Work Plan
The Subcommittee plans to distribute a "talking paper" in advance of the annual meeting of the ABA in Chicago (August 5-9) and to discuss the draft at a Subcommittee meeting at the annual meeting. Although your attendance is by no means required in order to participate in this project, if you are able to make arrangements to attend, it would be constructive to have as any participants as possible at the August meeting.

How to Sign Up
We welcome your participation in this project. If you would like to participate, contact either of the persons listed below. Also seriously consider attending the August meeting in Chicago
(register at ).

Phillip Schmandt
McGinnis, Lochridge & Kilgore, LLP
1300 Capital Center
919 Congress Avenue
Austin, Texas 78701
Phone: (512) 495 - 6087

Christina Kunz
William Mitchell College of Law
875 Summit Ave.
Saint Paul, MN 55105-3076
Phone: (651) 290 - 6340

More Detailed Descriptions
Copies of the original project proposal and a preliminary outline of possible issues will be available by link soon. We distributed both documents at the ABA Section of Business Law Committee meeting in Nashville in April 2005. Both remain subject to change based on the direction of the Electronic Commerce Subcommittee.

Elaine D. Ziff
Intellectual Property & Technology Group
Skadden, Arps, Slate, Meagher & Flom LLP
Four Times Square
New York, New York 10036
(212) 735-2656 (Telephone)
(212) 735-2000 (Facsimile)
EZIFF (Email)

Thursday, April 21, 2005

Early Registration for 2005 Annual Meeting Has Begun

The ABA has opened the registration site for the ABA Annual Meeting. Visit here.

Hey, Privacy Gurus, Catch This!

The San Francisco Chronicle's David Lazarus reports that tax prep software from H&R Block and Intuit reportedly used web bugs in their software to gather data about the use of their software by customers. David reports that this may violate Section 17530.5 of the California Business and Professions Code, which makes it a misdemeanor:

"to disclose any information obtained in the business of preparing federal or state income tax returns or assisting taxpayers in preparing those returns, including any instance in which this information is obtained through an electronic medium."

Check out David's article here.

Monday, April 11, 2005

Looking Forward to the Second City

If you have not already made your plans, here's the link to the ABA Annual Meeting home page -- Chicago in early August.

Chicago ABA Annual Aug 5-9, 2005

Ah -- The Windy City in the summertime...

Maybe take in a game or two*? Have a listen, have a taste of the original, learn something, mingle with the dolphins, or see what's happening at the zoo**?

OH -- And we also plan to have a great set of programs and conferences for CLC members and friends -- Schedules come out in early May. On tap already -- a program on practice tips and issues from the outsourcing industries, featuring counsel from the U.S. as well as from India.

* Yes, I know the Cubbies won't play until Monday the 8th, when many of us are likely to be back home after the meeting. Still, who's to say that we might not stay?

** Orangutans are skeptical of changes in their cages.

Sunday, April 03, 2005

Whither Coffee?

Did no one search for an upscale coffee joint and keep up the tradition?

Between Lawyers (Way Cool New Blog)

A number of technology savvy lawyers have banded together to create a new blog called Between Lawyers. A quick review of the site reveals a lot of content that members of our committee will enjoy. Check these out:

LawCasting with Podcast

Robert Ambrogi's LawSites reports on a new service called Blawgcast where they provide one-stop browsing for law-related Pod and Vlog casts. Check it out. If you don't know what a podcast is, read Robert Ambrogi's LawSite's Technology News article, Podcasting: CLE's New Wave?

CLE Program: Spam-Fighting Technologies and Their Legal Implications


The Saturday Morning Panel Posted by Hello

Elizabeth Bowles, Chair of the Working Group on Spam and Unsolicited Electronic Marketing, led the CLE program on Saturday morning concerning Spam technologies and how they can lead to under-appreciated legal implications.

Program materials are available here (ABA membership required). A copy of the program slides can be found here. A copy of the Complaint filed in the Ambrogi suit mentioned during the presentation can be found here.

Joining Elizabeth were:
  • Michael F. Fleming, Attorney, (a/k/a your humble reporter), Larkin Hoffman Daly & Lindgren Ltd., Minneapolis, MN
  • Henry L. (Hank) Judy, Of Counsel, Kirkpatrick & Lockhart Nicholson Graham, LLP, Washington, D.C.,
  • John R. Levine, Principal, Taughannock Networks, Trumansburg, NY
  • Colleen B. Robbins, Staff Attorney, Federal Trade Commission, Marketing Practices, Washington, D.C.,
  • Michael Spooner, Senior Market Analyst, Vircom, Montreal, Quebec, Canada
Our three guests brought their various perspectives to the problem. Ms. Robbins discussed her views on the current CAN SPAM efforts at the FTC as well as future enforcement possibilities. Mr. Spooner discussed the current technologies offered by companies such as his own, and how they work and the pitfalls one gets in relying on them. Mr. Levine looked forward to technologies of the near future, but also cautioned that we still have no silver bullet for the problem (if anything because, to quote Mr. Spooner, "One guy's spam is another guy's ham.").

Finally, Hank and Michael made the jump from the technologies to the practice of law -- what presumptions of fact should we drop, what strategies can we implement? Hank primarily concentrated on the single biggest problem that e-mail inherently has (that it's always had, but which is made worse with the growth in the use of spam filtering technology) -- Did it get there in the first place? If so, when? What evidence might we have to show that it did? Michael went through a contract-based strategy that might be used where parties to a communication have strong need for proving receipt or the like (see the materials!) -- and then made clear that all of this strategy presumes that the parties have, one way or the other, been willing to cooperate with each other outside of the e-mail system alone. None of the contract strategy means a thing in a transaction that is purely e-mail based.

Saturday, April 02, 2005

Committee Dinner at the Wildhorse Saloon -- A Wild Time for All

Plenary Session of Cyberspace Posted by Hello

The plenary meeting was well attended, despite the lack of chairs.

Rapt Attention Posted by Hello

Cyberspace Lawyers Meet Reality Again

After the Gun Fight Posted by Hello

Elizabeth, Elaine and John

Global Jurisdiction and e-Commerce Subcommittee

John Gregory reported on the Global Jurisdiction Subcommittee's meeting:

The Global Jurisdiction and e-Commerce Subcommittee met on Friday April 1st. It discussed five main topics: five related to possible programs at the annual or other meetings, and one work project.
  1. At the Winter Working Meeting, the subcommittee had developed ideas on the fate of online consumer contracts faced with foreign law. Brad Joslove of Paris had presented a Hot Topics item today as a foretaste of the program. The subcommittee maintained its sponsorship of this proposal, in conjunction with the Consumer Protection working group. Brad had developed materials that would be the basis of what would be made available at the CLE session. There was some discussion of what other countries' laws should be represented at such a session. The UK and Canada were proposed - leaving open whether adding others would be confusing or helpful, notably Latin American jurisdictions.

  2. Also at the WWM, there had been discussion of a program developed out of Roland Trope's Checkpoints in Cyberspace book, which had now been published. This aimed at international business transactions and the risks that doing business electronically either created or aggravated in such matters. A co-sponsorship with the International Law Section was probably desirable on the point.

  3. The other Hot Topic today was Roland Trope and Michael Power's presentation on directors' duties of data governance: privacy, information security, and related issues. Judging from the reception of the presentation, there was considerable interest in pursuing the topic at greater depth. Michael and Roland were publishing a book with the ABA on the topic, expected to be available by the annual meeting. This was thought not to overlap with the prior topic, since this one was more domestically focused (though international considerations were not irrelevant) and not aimed at transactions.

  4. Irwin Schwartz suggested some work on protection of copyright online, based on some of his experience in dealing with hackers and unauthorized publishers of proprietary web content. This involved a number of other subcommittee and possibly committees or even sections, but seemed likely to involve more issues than just the file-sharing that was attracting headlines. It was not clear whether the international aspects of the topic were sufficient to justify primary carriage by this subcommittee, but there was some recognition that a topic should be developed and members of this subcommittee would be invited to help out.

  5. Hal Burman promoted the idea of a "recent developments" topic for a presentation. Some international features would include the new (July 2005) UNCITRAL convention on the use of electronic communications in international contracts. Recent case law could also be mentioned - even the AOL France case that Brad had spoken to, and Google's recent (mis)adventures with French trade mark law. This topic was developed further at the general leadership meeting of the Committee. No specific responsibilities were assigned at this meeting.

Hal also brought to the meeting the prospect that the Organization of American States would adopt a project to develop harmonized rules on consumer protection in e-commerce. Hal circulated a uniform provision on such jurisdiction adopted last year by the Uniform Law Conference of Canada, and an FTC proposal on money transactions. If the OAS does adopt such a project, there would be a role for a working group of this subcommittee in analysing documents and possibly making submissions on that work.

It was also noted that Hal's international policy working group would meet with the International Coordinating Committee of the Section on Saturday. Any last minute proposals for change to the UNCITRAL e-communication Convention would be welcome at that meeting.

[After the meeting there was an expression of interest in jurisdiction questions generally and an inquiry as to the follow-up, if any, to the jurisdiction work of Michael Geist's subcommittee reported on in 2004. This would be the subject of online and offline discussion to be reported to the subcommittee through the usual electronic channels.]

Ecommerce Subcommittee

Elaine Ziff from Skadden, Arps, Slate, Meagher & Flom, NYC, and Chair of the Subcommittee, gives us the following report:

The Ecommerce Subcommittee met on Friday afternoon and considered two projects. The first, proposed by Cris Kunz and Philip Schmandt, is to prepare a "Model Electronic Data Agreement" with commentary. Picking up where the Model Trading Partner Agreement leaves off, the Model Electronic Data Agreement could potentially form the basis for standardizing the agreements between trading partners and their third party data processors. Currently, the number of vendors providing value-added data transmission and management services, and the disparity of contract forms, results in the expenditure of time and effort by trading partners attempting to harmonize the arrangements between their respective middlemen. If standardization could be achieved, it would streamline this process. An outline of key terms in existing data agreements was presented by Hank Judy, to stimulate discussion.

The second project discussed was This would be an ABA sponsored free- access website devoted to providing information on the common questions of entrepreneurs launching an on-line venture. The site would cover such topics as domain names, payment methods, taxation, terms and conditions, privacy, and security, in an FAQ format directed primarily at non-lawyers. The paradigm for this project is, a currently-operating ABA-sponsored website which provides tips to consumers regarding on-line shopping.

The Safeselling project is headed by Jon Rubens and co-sponsored by the ABA Small Business Committee. It is gaining momentum, with five sections of content already drafted. It is anticipated that, between now and the Annual Meeting in August, more content sections will be generated and circulated to the appropriate Subcommittees and Working Groups for their input.

Working Group on Electronic Payment Systems

The major project of this group is publication of a matrix of electronic payments products. This project is a joint project with the Banking Law subcommittee of the UCC committee and is ongoing. We are committed to speaking this week to work out how to get the existing matrix to publication, and to keep it updated regularly on an ongoing basis.

The primary participants from the UCC Payments group: Marina Adams, Stephanie Heller, Paul Turner and Steve Veltri. Bob Ledig and Sarah Jane Hughes contribute from the Cyberspace Law Committee. If you would to discuss the project, or discuss other issues with the WG, please contact Sarah at sjhughes (a)

CAIT Subcommittee Meeting

Don Cohn and Michael Fleming chaired the meeting of the Corporate Aspects of Information Technology subcommittee. The group discussed the upcoming projects for the Spam and Unsolicited Electronic Marketing Working Group, and then began solicitations for new projects. At this point, the group is primarily looking for members who are interested in using one of the following ideas as a springboard for a project, and asks that if you would be interested in taking on leadership of any such project that you get in touch with either Don (donald.a.cohn (a) or Michael (michael.f.fleming (a)

  1. Corporate Risk Analysis: Corporate legal practitioners have long experienced difficulty in matching the risk language of the law to the practices of business. Either the language and concepts of the law are viewed as esoteric 'legal issues' instead of important business concerns, or the risks are expressed in seemingly non-quantifiable forms such as "likely." The project would be to create a framework for one or both of those problems--one that would assist the lawyer in talking contract risk with the client in a way the client will appreciate. This project might either lend itself to a CLE presentation down the road, or an article at the magazine level (Business Law Today).

  2. Form Software Developer Agreement: It has been sometime (if ever?) since the Committee has issued a plain vanilla software development form agreement -- one which would have both a license element as well as a professional services element. An annotated agreement, which incorporates up-to-date thinking on some of the issues, and explores the negotiating points, would be helpful to many, particularly if it takes into account the diversity of client bases that this Committee's lawyers represent. Done well, with the right amount of substance, this would lend itself well to a book treatment combined with a CD Rom -- or may ultimately be part of a series of forms that this subcommittee and others in the CLC are working on (such as the form Web developer agreement being worked on by another subcommittee).

  3. Electronic Discovery Monographs: Most of the literature on electronic discovery is written to the litigators -- we feel that there is a lack of material written specifically with the in-house corporate counsel in mind. Rather than dealing with the lawsuit that has already happened, the in-house lawyer is in a better position to practice preventative medicine. Plus, when a problem occurs, the in-house lawyer who is savvy to electronic discovery issues can often provide valuable strategy to the outside lawyer who is less familiar with the company. We envision a series of 3-4 monographs -- 20 pagers or thereabout -- each talking about a particular slice of the e-discovery world. For example, we envision a monograph dedicated to the concept of litigation holds -- the practices that a company must undertake should litigation become likely. Such a monograph should discuss both preparations that might be done well before the problems arise, the costs that will need to be addressed, and how to institute a panic button should it become necessary. Since this project should lead to 3-4 related but different monographs, it lends itself to having a group of 3-4 drafters, each of whom could take an equal role in producing their own monograph, and together they would edit and produce a series of works. This might be publishable as a small book, or could be a candidate for an electronic distribution such as an e-book?

  4. Information Technology Danger Points in Divestitures: While there is no lack of generalized checklists that M&A practitioners might use in their deals, many of those checklists miss some of the IT-specific tricky points and how to resolve them. For example, if a divested subsidiary is the holder of a patent that is being used by the parent, how should the problems be raised, analyzed, negotiated and resolved? This should not be an attempt to re-write those things that have already been written, but rather it should concentrate on those things that are specific to our member's daily practices, distilling some of those things that we have saved our corporate colleagues from tripping on. A magazine article treatment is probably the best initial treatment for this.
Again -- These are ideas that we feel are both related to CAIT's mission of corporate practitioner assistance, and that should be well suited to CLC members looking for a project to start. Please call Don or Michael if you are interested in taking on any of these ideas, or any ideas of your own.

Friday, April 01, 2005

Meanwhile, Back on the Official Site

Props to Jim Frey and his co-horts at the ABA, who have done an outstanding job of putting the Spring Meeting schedule online.

So what you say? That's been done for years, right?

Not so fast, pardner. Look here at the interactive version. The schedule is now organized so you can look up by date, by Committee, or just limited to CLE programs. As you page through the programs, you can find full descriptions and the like, as well as links to the PDF files with the written materials where appropriate.

Best of all -- the thing is now updated in (essentially) real time. The paper slips with the changes to the meetings? No longer needed (although they continue to be posted). You can always check in and see what's next, and if the meeting has been changed, you'll see it online. There's even a section for cancelled meetings, which is updated as news arrives during the meeting.

What's next? I suggest the guys get to work on -- No longer will I need to transpose the sessions I want to attend from a paper book over to my computer calendar -- I'd like it to help me put together an itinerary for my days at the meeting (pointing out conflicts and the like), and then once I've figured it out, I could upload it all to my computer's calendar and/or phone and/or whatever. And, of course, if any changes occur in my chosen meetings, the thing would buzz my phone to let me know.

(I can dream, can't I?)

In the meantime, outstanding work guys and gals at the Association! Thanks!

Google Ups Storage Limits

Wow! Google increased storage limits for GMAIL to something they're calling infinity+1. Check it out.

The Well Turns 20

The Committee's friend Declan McCullagh posts an article on CNET today about the 20th Birthday of The Well. For those of you who aren't familiar with the Well, it was a very influential and very early force in the growth and development of the thing we all know of as the Internet.

Check out the story on CNET and an interesting account about the creation of the Well on the Well itself.

Wildhorse Saloon

LinedancersStart thinking now about Saturday's Committee dinner at the Wildhorse Saloon! If you have not already gotten a ticket, look up Jackie Scheib as soon as possible to see if you can get on the list for a mere $45. Bring your cowboy boots kids...

News of the World

(from Mike McGuire, reporting remotely from Minnesota, these stories in Steptoe & Johnson's E-Commerce Law Week, March 26, 2005)

Dear Feds, Send Money or the IT Infrastructure Could Get It

They say money makes the world go 'round . . . And now a group of experts are warning that without a serious cash infusion, the nation's information technology (IT) infrastructure world is at grave risk of being knocked off its axis by a terrorist or criminal attack. In a report entitled, "Cyber Security: A Crisis of Prioritization," the President’s Information Technology Advisory Committee (PITAC) -- an advisory body of IT leaders in academia and industry -- argues that the IT infrastructure of the US is "highly vulnerable to terrorist and criminal attacks." The report, made public on March 18, calls for a drastically increased federal role in supporting the development of new cybersecurity technologies. PITAC warns that short-term solutions to infrastructure vulnerability, like patching or retrofitting software, are inadequate and that only a massive deployment of money and manpower can successfully address the "large structural insecurities" of the nation's IT infrastructure. We've heard such dire warnings before, however, to little discernable effect. But perhaps the current spotlight on identity theft and data security breaches will lend some heft to the argument that the security of the nation's cyber infrastructure deserves at least as much attention as the data it carries.

Bank Regulators Beat Congress to the Punch on Security Breach Notifications

With all the Congressional activity on data security and identity theft these days, it's easy to forget that threats of new legislation are only half the story. In some industries, federal regulators are already setting guidelines for when companies should disclose security breaches. For example, the four federal financial industry regulators have issued "Interagency Guidance on Response Programs for Unauthorized Access to Customer Information and Customer Notice" to instruct financial institutions on when they will be expected to report security breaches of "sensitive customer information" -- whether that information is stored electronically or in paper form. The federal regulators will view a financial institution's failure to comply with the guidance as an unsafe and unsound information security practice.

Cyberspace CLE Program: Strategies for Modifying Electronic Agreements and Policies

Program: Strategies for Modifying Electronic Agreements and Policies Posted by Hello

(Please forgive the lousy photography...)

Kathy Porter, Chris Kunz, Jason Epstein (A new daddy as of about 36 hours ago! Twice Over!), Kristie Prinz, and Andrew Serwin presented the results of their research (ABA membership required) on how electronic contracts have been (purportedly) modified by various Web site providers.

Transferability of Electronic Assets

The Working Group on Transferability of Electronic Assets meeting on Friday morning. Posted by Hello

Mattias Hallendorff and Prof. Linda Rusch (both here from the Twin Cities, continuing the tradition of making sure that any law that actually makes a difference in Cyberspace actually comes out of Minnesota or passes through it...), are continuing the group's thoughts discussed in Palo Alto -- How can we actually create a working and functional system of Electronic Chattel Paper (ECP) that is contemplated under New Article 9 at Section 9-105?

Continuing a collaboration that initiated in Palo Alto with the technology experts at The Open Group, the WG has worked together with the technologists to try to work towards some recommendations. In particular, Mike Jerbic, Chair of The Open Group's Security Forum, has undertaken to work closely with the Working Group. His beat -- data security -- has particular relevance to ECP and its need for (relatively?) unassailable records.

Mike gave an early version of a slide presentation, where he began the effort to get the two worlds talking together. He noted that the tech world has largely concentrated on a concept they term as "command" -- which is fundamentally at odds with the UCC's requirement of "control." Command presumes that if we tell the system to do something, it's actually going to go ahead and do it. Control is not going to be happy with just assuming -- it needs to know that the machine did what it was ordered to do, a concept that is surprisingly foreign to current technology systems. Today, most technology systems rely more on redundancy and other similar concepts of just throwing the kitchen sink at everything to make sure the 'command' gets followed, which makes good sense where bandwidth and storage are cheap. But, for 'control' in the ECP world, the thought is that it needs to be done only once, and that one shot needs to be on target.

There was a lively debate over how to move the lawyers, the bankers, and the technologists to getting off the ball -- or if they should be moved. Prof. Ken Kettering raised a general theme of how the statute is unwilling to take a stand on HOW to get control. While he noted that there may be any number of technology answers that seemingly meet the requirements of the statute, the thousand bishops who might be willing to swear to its leading to control will not necessarily lead to an unassailable legal conclusion of control. He thinks we are being somewhat over-optimistic that any one of our systems will make the jump from good tech to good law.

Others still feel that the issue is not one of black and white, but trying to decide where the financial markets are going to be comfortable with the final system's degree of greyness. There are clear pressures to move this idea forward coming from the finance industries -- and this might push us to the point where we need to do it anyway. The 'pro' group's opinion could be summarized by John Gregory's thought that we need to compare this to the systems we've used in the past, and how we ultimately need to reach some degree of 'comfort' in whether that paper signature means something. The electronic world needs to figure out when the industry will get comfortable -- either for an agency to rate a deal, or for a law firm to offer an opinion.

Dina Moskowitz, Assistant General Counsel at Standard & Poor's (who will be lecturing -- guess where? -- Minnesota this coming month!), noted that law firms offering these opinions will be expected to have SOME degree of ability to do technical due dilligence. The opinion cannot rely on the raw assurances of the vendors. However, there is not going to be an expectation that law firms will become System Analysts -- the use of a good technology framework of analysis, combined with a level of technology understanding, should probably be an adequate basis for a meaningful opinion of counsel.

And, it is that framework that the Working Group is working to create.


I suppose I could accept the title BlogMaster? Or is Blogiapher Blographer better?

Life of a Prepaid Card presentation

The Committee Forum, this Spring on speaking on Prepaid Card issues. Posted by Hello

Too much great material for me to blog, but I can link you to the materials here. (ABA membership required)

CLCC Hot Topics

The Committee continues our new tradition of melding together a couple of then-current hot (or hotter...) topics for presentation to the crowds.

Brad Joslove spoke at the Committee Forum, detailing some of the recent case law in France as it relates to e-contracting, particularly in the consumer arena. Posted by Hello

E. Michael Power and Roland Trope spoke about their upcoming new book on data security issues, with a focus on director and officer liability, Sailing in Dangerous Waters: A Director's Guide to Data Governance. The book grew out of a project that originated and was supported by the Cyberspace Law Committee's Privacy and Security Subcommittee, chaired by Marc Pearl and Ray Gustini. There are plenty of good reasons as to why our clients continue to be subject to danger while they stick their heads in the sand. Posted by Hello

Working Group on Spam and Unsolicited Electronic Marketing

Elizabeth Bowles, chair of the Working Group on Spam and Unsolicited Electronic Marketing, leading the morning meeting of the WG on Friday morning. Posted by Hello

The group briefly discussed the coming program for Saturday morning (8 AM!!) concerning technology controls. The bulk of the hour was spent discussing future projects -- an initial consensus was to develop materials concerning Spyware and Phishing for a future program. There is pending federal legislation concerning Spyware in both houses, Senate Bill 687 and House of Rep Bill Bill 29. The thought is that this legislation, and general interest on the topic, as well as a smattering of pre-existing law that might apply, so the WG believes there will be plenty of material to work with.

Publication Opportunities

The cyberspace committee has a long history as a prolific source of material for the book publishing arm of the ABA. Suzy Bibko (ABA staff; head of the Section's publications group), told the committee this morning that the ABA already has published two works by committee members this calendar year; at least four other books are in the "approved for publication" pipeline, and a few more are under concept development.

If you, or your subcommittee, are working on a project or presentation that could yield a book, please see Vince or Candace Jones.

Blogging The CLCC Plenary Session

Vince, Candace and John (of Jones, Polley and Lunseth, LLP) opened the Spring Meeting plenary session for the Cyberspace Committee. We learned of the programs that are occurring here in Nashville, discussed the dinner coming up on Saturday night, and plugged the continuing need for publication materials.

Candace, Vince and John Posted by Hello

The Annual Meeting in Chicago, this coming August, will feature at least 3 main programs from CLCC and one hour-long forum. We have one of the main programs set already -- a very timely discussion of outsourcing concerns that will feature a star panel of lawyers including an attorney from India who will speak to the issues from his own perspective. There are other slots that are officially 'open' still -- but time is coming short on making final decisions, so those who are interested in getting a slot should get proposals to John Lunseth post haste.

Vince announced a couple of leadership issues. Mike McGuire has relinquished his role as the publication head, and the committee is soliciting volunteers for taking over the position (finishing the current term and presumably as well as picking up with the new 3 year cycle this coming August.) The committee thanks Mike for his hard work, so long as he continues to promise his efforts towards this blog going forward.

Finally, speaking of the new 3 year cycle coming up, Vince's term as The Boss is coming to a close as of August. The incoming chair of the Business Section appoints the Committee chair, and Vince was pleased to announce the appointment of Candace to take over the chair as of August. Applause. All of us should be sure to congratulate Candace on her new appointment -- and volunteer your respective behinds into assisting her with this huge task!

And with that -- We cut the Plenary short to allow enough time for the Committee Forum that followed.