Companies use a variety of causes of actions to protect their websites from competitors or others wanting to “scrape” data from their site using automated tools. Over the years, legal doctrines such as copyright infringement, misappropriation, unjust enrichment, breach of contract, and trespass to chattels have all been asserted, though many of them have limited applicability or are otherwise imperfect options for site owners. One of the most commonly used tools to protect against scraping has been a federal statute: the Computer Fraud and Abuse Act (CFAA). The CFAA is a cybersecurity law passed in 1986 as an amendment to the Comprehensive Crime Control Act of 1894. Originally drafted to address more traditional computer “hacking,” the CFAA prohibits intentional access to a computer without authorization, or in excess of authorization. Due to both the criminal and civil liability that it imposes, the CFAA has been an effective tool to discourage scraping, with website operators arguing that by simply stating on the site that automated scraping is prohibited, any such activity is unauthorized and gives rise to CFAA liability. An ongoing case between data analytics company hiQ Labs Inc. and LinkedIn questions the extent to which companies may invoke the CFAA as it pertains to scraping of this type of data.
Be you a founder, would-be investor or acquirer, correctly valuing the intellectual property of a company is rarely a simple task, but it can be even more challenging when that IP involves artificial intelligence or machine learning. See what our colleague Josh Tucker has to say about the challenges and importance of protecting underlying IP on 7 Mile Advisors’ Deal Talk podcast, “How Patents, AI and Machine Learning Affect Value.”
We’ve previously written about doxing and how it can be used by both vigilante social activists and malicious cyber bullies. Recently, in a first-of-its-kind ruling, the U.S. District Court for the District of Columbia concluded that white supremacists using social media to target and harass American University’s first female African-American student body president were liable to her for over $725,000 in damages.
Pretty much from the introduction of Satoshi’s cleverly constructed currency, industry players and observers alike have waited to see how exactly the increasing population of digital assets would be categorized and regulated. Slotting “disruptive” technologies into existing regulatory regimes is hardly a swift process, but there has been some recent movement on behalf of U.S. regulators and Congress. In “All Eyes Are on Regulation of Digital Assets as Federal Agencies and Lawmakers Seek to Bring Clarity,” colleagues Cassie Lentchner, Daniel N. Budofsky and Aaron R. Hutman break down some of that activity. In the first of three alerts on the matter, they look in particular at the SEC’s recent no-action letter involving tokens released by the gaming company, A Pocketful of Quarters.
A sponsored post popped up on my Instagram last week that captured my obsession with statement jewelry and my periodic check on developments in facial recognition technology: “Artist Designs Metal Jewelry to Block Facial Recognition Software from Tracking You”. Statement jewelry? Check. An indication of how stressed out people are by facial recognition technology? I think so. While an experimental project, it’s not a far stretch to imagine the design actually being sold and purchased.
In case you don’t know, William Gibson is the prescient science fiction author who effectively coined the terms “the matrix” and “cyberspace” as we currently use them, way back in the early 1980s. He also predicted augmented reality applications. In his 2007 novel, Spook Country, a character has taken to creating “locative art” installations in the real world that can be viewed only through mobile devices that use the GPS grid to create a virtual overlay on top of the real world as recorded through the device. For example, the artist recreates the scene of River Phoenix’s death, complete with annotations, that can be seen when the viewing device is brought to the real-world location where Phoenix died and aimed at the spot where his body was found. A character in the book describes such locative art this way: “Spatially tagged hypermedia. The artist annotating every centimeter of a place, of every physical thing. Visible to all, on devices such as these.” Today, we simply call that “augmented reality”—or AR for short.
It’s sometimes hard to gauge the full impact something “new” will have on an industry over the long term as it transitions from “What in the world?!” to “But of course!” in the minds of the general public. For investors, owners and other participants in the relatively new arena of esports, though, the question of whether or when its popularity will surpass that of traditional leagues like the NFL and NBA is less important than ensuring their businesses and business models are sufficiently protected. Over on Pillsbury’s Policyholder Pulse blog, our own Kim Buffington explores the “traditional” insurance needs of the competitive gaming industry in “As Investment in Esports Grows, Insurance Coverage Must Keep Up.”
Since January, Bureau of Industry (BIS) officials have been formulating an analytical framework for establishing controls on emerging technologies (which include biotechnology, artificial intelligence and machine learning technology, quantum information and sensing technology, additive manufacturing, and robotics). Recently on the Global Trade & Sanctions Law blog, colleagues Nancy A. Fischer, Stephan E. Becker, Matthew R. Rabinowitz and Sahar J. Hafeez provided an update on the process, while explaining why the timing of the rule will matter for companies for which export controls (and CFIUS) are a concern.
Efforts to regulate cross-device tracking have increased since we last addressed the topic in 2017, following the release of the FTC’s Staff Report. Significant developments include the implementation and enforcement of the EU’s General Data Protection Regulations (GDPR), and the fast-approaching implementation deadline for the California Consumer Privacy Act (CCPA). These regulations, while not targeting cross-device tracking specifically, seek to limit the way in which consumer data is tracked and sold.