by Catherine M. Gray, Associate Manuscripts Editor

Just before Valentine’s Day, a Racine County Circuit Court judge banned a Wisconsin resident from using the Internet for thirty months.¹ Jason Willis, a thirty-one year old resident of Waterford, created a Craigslist ad requesting “nude male suitors” using his neighbor’s picture and address.² As one might imagine, Willis’ neighbor “Dawn” was shocked when several men arrived at her door, one wearing only a trench coat.³ In banning Willis from the Internet, Judge Allen Torhost declared, “[i]f you want to drive drunk, you’re not allowed to drive. To me, a public availability of the internet [sic]—to use it the way he did—is unconscionable.”⁴

But did Judge Torhost’s violate Willis’ human rights? A 2011 United Nations report declared “that disconnecting people from the internet [sic] is a human rights violation and against international law.”⁵ While the report focused on the United Kingdom and France’s efforts to block individuals accused of illegal file sharing and countries who would block Internet access to “quell political unrest,” it calls into question whether Judge Torhost’s decision in some way violated Willis’ fundamental rights in modern society.⁶ In the United States, higher courts than Judge Torhost’s have declared banning an individual from the Internet is an appropriate remedy.⁷ Nevertheless, there is a question of whether, in a society and work industry so intrinsically linked to the Internet, banning an individual from being online constitutes a human rights violation. Will the individual be able to secure and maintain employment? Does the answer to that question really matter?

Despite the United Nations’ assertion that the Internet is a human right, I’m inclined to agree with Judge Torhost and the Eleventh Circuit here. Recently, Miranda Barbour admitted to killing more than twenty individuals across the United States, lured to their deaths through Craigslist.⁸ The use of the Internet for the purposes of harassment, child pornography, and even murder does much to counter the U.N.’s argument for a human right to the World Wide Web. In these cases, I see little wrong with banning convicted offenders from using the Internet, even permanently. Part of being a productive, contributing member of society is acting responsibly, and Judge Torhost got it right when he likened use of the Internet to driving. The Internet, like the driving, is a privilege, not a right, and abuse of a privilege means it’s revoked.

By: Jasmine McKinney, Associate Manuscripts Editor   

By now, most of us probably know that Facebook is no stranger to lawsuits.  Just a mere two years ago, Facebook was involved in a class-action lawsuit where the social networking giant was found to have used members’ images without their permission in advertisements commonly called “sponsored stories”.[1]  Facebook users involved in the suit reported that Facebook had used their personal images shared on the website for various commercial activities.[2]  Though at the time users had no choice to opt out of being featured in sponsored stories, they could configure their privacy settings to share information with only certain people.[3]  The suit that was settled in 2012 cost Facebook a whopping $10 million.[4]

Fast-forward to today and throngs of people are still up in arms over Facebook’s lackadaisical privacy policies.  The settlement has yet to take effect due to the large number of appeals making their way through court.  However, under the settlement, Facebook agreed to change its privacy policies so that Facebook users between the ages of thirteen and eighteen could indication whether their parents were also Facebook users and give the parents control over the use of their children’s ‘likes’ and comments for advertising purposes.[5]  For children whose parents were not Facebook users, the site promised to opt their children out of social advertising until age eighteen.[6]  Still many are unsatisfied.

Now, a group of parents as well as child advocacy and privacy groups are asking a federal appeals court to throw out the 2012 settlement with Facebook over the website’s use of children’s images in these advertisements or sponsored stories.[7]  The plaintiffs and other public interest groups claim that despite the 2012 action, Facebook still uses children’s images without the proper authorization.[8]  Though parents have the ability to ask Facebook, to remove an image used in advertisements on the site, many still believe Facebook should ask for permission first.[9]  Plaintiffs in the case claim that Facebook’s practices continue to violate laws prohibiting the use of a minor’s image without parental permission in several states, including: California, Florida, New York, Oklahoma, Tennessee, Virginia, and Wisconsin.[10]

Scott Michelman, a lawyer for the nonprofit group Public Citizen argues that Facebook is currently exercising a backwards approach to privacy concerning it’s younger users.  “The default should be that a minor’s image should not be used for advertising unless the parent opts in.  Putting the burden on the parent to opt the child out gets it exactly backward.”[11]  Another group known as the Campaign for Commercial-Free Childhood has also concluded that the previous settlement offers little protection to children and has taken the same stance as Public Citizen on the issue.[12]

Over the years, Facebook has continued to emphasize that its takes the privacy of its users seriously, but many may question how this can be true given the company’s history of frequently making changes to its privacy policy (some of which have not always been the best in terms of privacy).[13]  The safety of minors online is undoubtedly an important issue and the result of this new suit is bound to show Facebook’s true stance on protecting the privacy of its younger users.

By Jessica Ertel, Associate Articles Editor

The D.C. Court of Appeals recently turned down federal net neutrality legislation, thus allowing Internet service providers to charge Internet companies fees for faster delivery of Internet content.

Net neutrality legislation requires that broadband providers treat all Internet traffic equally. The Federal Communications Commission also calls this “Internet openness.” The FCC supports an open Internet because without net neutrality legislation, broadband providers might prevent their subscribers from accessing certain websites altogether or degrade the quality of these sites in order to direct Internet traffic towards their own competing services, or to collect fees from these websites.¹ The Commission’s purpose in the net neutrality legislation was to prevent broadband providers from blocking or discriminating against certain Internet site providers.

By throwing out net neutrality legislation, the decision opens the door for Internet Services providers to charge fees to companies who want their Internet content to be delivered to consumers more quickly. Internet services providers, such as petitioner Verizon, applaud the ruling, because it means that they can make money off of Internet companies who want the information from their sites delivered “first class.” The Internet companies who deliver streaming content are the ones most distressed by the U.S. Court of Appeals’ decision. Netflix is one such company. The CEO of Netflix, Reed Hastings, responded to the outcome of the case: “Were this draconian scenario to unfold with some [Internet Service Provider], we would vigorously protest and encourage our members to demand the open Internet they are paying their ISP to deliver.”²

Big companies such as Netflix would be the ones most hurt by this ruling, and the company estimates that it would potentially be forced to pay as much as 10 percent of its annual revenue to broadband providers.³ This could in turn be pushed onto the consumers in the form of higher prices to access sites like Netflix. Yet such a price increase is unlikely to happen soon, and further, Internet service providers have expressed their commitment to their consumers’ ability to freely access Internet sites.⁴

In spite of this roadblock for the FCC, it has promised to find other ways to pursue Internet openness. The Appeals Court did find that the FCC had the authority to regulate broadband providers’ treatment of Internet traffic.⁵ The FCC appears ready for the challenge to find other ways to promote Internet openness.

by Dylan Denslow, Associate Technology and Public Relations Editor

          Since its launch in September 2011, Snapchat has amassed some 26 million users who together send an average 400 million “snaps” each day.[1]  To say the app is popular is an understatement.  However, Snapchat’s reputation has been primarily as an outlet for teenagers and college students to send scandalous or embarrassing photos of themselves.  Recently however, a new app named Confide has taken the idea behind Snapchat, the notion of a disappearing message, and brought it to Wall Street.[2]  

            Confide is a “new ‘off-the-record’ messaging app” that has raised $1.9 million in seed funding, and was initially referred to as “Snapchat for business”.[3]  Business people commonly run into a situation where they do not want to create a paper trail of emails discussing a particular subject – instead they prefer to talk over the phone where their discussions aren’t recorded and may not bring about as many legal consequences.  Confide is meant to alleviate this situation where phone tag is frequent and an unnecessary impediment to transacting business.[4] 

            On its face, this seems like a great idea that could cure business problems faced on a daily basis.  However, the app is ripe for abuse and potentially provides a mechanism by which employees may be able to skirt or break state and federal laws.  Insider trading immediately comes to mind.  For example, an executive with a stock tip could send a message through Confide to an investor knowing that the record of that message would soon disappear.[5]  The messages sent on Confide are not stored on servers, and the company has put in place protections to avoid users taking screenshots of the messages themselves.[6]  This seems like a perfect mechanism to help exec’s and employees send messages without worrying about later consequences of their statements.

            Although geared towards the business world, it is also likely that the app will eventually fall into other hands as well.  This in itself creates a number of potential legal issues.  For example, imagine a drug dealer with use of the app.  No longer is there a record of his texts to buyers, instead his messages are deleted immediately, making it more difficult for law enforcement to connect him with his past activities.  Although this violates the terms of Confide’s user agreement, it is unlikely that such an agreement would deter someone already involved with such criminal activity.[7]

            Snapchat has certainly brought value to its users, primarily through its ability to allow them to share fun experiences.  However, there have already been allegations that Snapchat is being used for insider trading, even when its reputation typically involves a drunken “selfie” at a bar or college party.[8]  Now, Confide brings a similar product to market specifically geared at the business community.  A user agreement prohibiting illegal activity will not be enough to deter law breaking.  As this technology moves into the business arena, messages will have more serious financial effects than the seemingly harmless Snapchats.  Lawmakers should be poised to monitor and regulate use of this technology in order to avoid any potentially serious legal issues that may arise.

       by Cate Gray, Associate Manuscripts Editor

     On January 5, 2014, PBS premiered season four of critically acclaimed period drama Downton Abbey to record-breaking ratings in the United States.[1]  The problem for diehard fans truly committed to knowing the trials and tribulations of the Crawley family?  In the United Kingdom, the season four finale already aired on December 25, 2013.[2]  Fans of BBC One’s Sherlock can sympathize; season three premiered nearly a month later here in the US than in the UK.[3]

            So, devoted US fans, why not utilize one of the many websites devoted to allowing viewers to stream these shows and stay up to date with our neighbors across the pond?  Simply put, it’s illegal.  In an effort to combat copyright infringement online, Congress defined all such websites as “dedicated to infringing activities” and therefore in violation of title 17 of the United States Code.[4]  But should it be? 

PBS, the Public Broadcasting Service, is available to any viewer with a digital antenna, so watching programming on the network doesn’t require a paid cable or satellite subscription.  The network itself is funded largely through private donations.[5]  Therefore, because the public does not pay for the ability to watch the channel, there is a question as to whether there is actual harm done to PBS.  Does streaming content from the United Kingdom that is not yet available to those of us in the United States truly harm PBS?

The more important question, however, is when will the law, and technology, catch up to an increasingly global society?   Television shows no longer have fans based solely in one country, and for those of us behind in broadcasts due to our geographic location, the Internet is a minefield of countless spoilers for episodes yet to air on our local networks.  The delay in airing shows in other counties with large fan bases creates a market for online streaming, and all but encourages fans to engage in a technically illegal activity in order to stay up to date with viewers in other locales.  Such a result places both the U.S. law and television networks in a difficult situation, and only time will tell whether they take steps to decrease the time between premiers in different regions, thereby reducing the need for online streaming.

     by Peter Sloan, Husch Blackwell LLP

February 5, 2014

If anything cries out for organizational governance today, surely it is information.   Data volumes are rising relentlessly; information is flowing in and out of organizations more pervasively than ever; and mobile computing, cloud services, big data analytics, and social networking are fundamentally transforming the organization’s relationship with information.  Meanwhile, the compliance environment grows yet more complicated, as organizations, regulators, and the courts wrestle with the repercussions of massive data breaches, the evolving scope of e-discovery, and allocation of responsibility for the retention and protection of information.  Shortcomings of the traditional practices used by organizations to deal with information are becoming clear, as is the need for a new, comprehensive approach.  And that fresh approach has been dubbed “Information Governance.”

But what exactly is Information Governance?  Despite widespread use of the term,[1] few definitions have been offered.  With due deference to Shakespeare’s Juliet,[2] and also to Justice Stewart,[3] names and definitions matter. They are particularly important when the subject, unlike roses and pornography, has not been with us for a very long time.  And Information Governance indeed is a new approach for addressing information issues.  To be more precise, Information Governance involves a new reconciliation of departmental interests (such as those of IT, Legal, Compliance, Records Management, and lines of business) and of traditional information disciplines (such as records & information management, privacy & data security, and litigation preservation & discovery)—in essence, connecting familiar building blocks in a new, different, and more effective way, to better serve the organization as a whole.  So, definitional clarity is essential here, precisely because Information Governance involves a fundamental change in established perspectives and practices.

What definitions have been proffered for Information Governance?  According to Gartner, the global information technology research and advisory company, Information Governance is “the specification of decision rights and an accountability framework to ensure appropriate behavior in the valuation, creation, storage, use, archiving and deletion of information.  It includes the processes, roles and policies, standards and metrics that ensure the effective and efficient use of information in enabling an organization to achieve its goals.”[4]  ARMA International similarly defines Information Governance as “a strategic framework composed of standards, processes, roles and metrics that hold organizations and individuals accountable to create, organize, secure, maintain, use, and dispose of information in ways that align and contribute to the organization’s goals.”[5]

The Compliance, Governance, and Oversight Council (“CGOC”) has defined Information Governance as “the discipline of managing information according to its legal obligations and its business value, which enables defensible disposal of data and lowers the cost of legal compliance.”[6] 

Most recently, the Sedona Conference has defined Information Governance as “an organization’s coordinated, inter-disciplinary approach to satisfying information compliance requirements and managing information risks while optimizing information value.”[7] 

While each of these definitions has its strengths, here’s what I like about the Sedona Conference definition:[8] 

• Success with Information Governance requires strategic commitment by the organization’s leadership, which is best accomplished when clear benefits accrue to the organization.  Embedding compliance, risk management, and value into the definition communicates a clear “why” for pursuing Information Governance.  These words articulate concrete, strategic benefits for the organization as a whole, and they also anchor the endeavor’s purpose. 
• The terms “coordinated’ and “inter-disciplinary” succinctly capture the essence of Information Governance, addressing the strategic “what” that is being accomplished.  The most challenging aspect of adopting Information Governance is bridging across traditional information silos.  To be successful with Information Governance, the organization’s individual departments and functions such as Legal, IT, Records, Compliance, and lines of business must coordinate so that decisions about the organization’s information will reflect the needs of the organization as a whole, rather than parochial interests.  And success with Information Governance also requires inter-disciplinary assessment and decision-making, so that information decisions are not based solely on the limited perspectives of traditional disciplines such as records & information management, privacy & data security, and litigation preservation & discovery.  This is the essential feature of Information Governance, through which the organization expands its perspective to consider all aspects and angles of information compliance, risk, and value.

The Sedona definition does not prescribe the particulars of how Information Governance is implemented, referring instead to the organization’s “approach” to accomplishing this coordinated, inter-disciplinary effort, and leaving the specifics of the implementation “how” to supporting guidance.  I think that’s prudent, because there will be various approaches for implementing Information Governance, and the definition should not be too limiting.  Reality suggests that different organizations adopting the Information Governance approach will operate at different points on a maturity continuum.  Some, frankly, will begin by simply getting the right people together in the room to thoroughly explore all angles to information-related decisions at the organization before they are made.  Others will put in place elements of structure, direction, and resources to support Information Governance efforts, along with mechanisms for accountability.  Yet others will establish robust control systems for Information Governance, based upon applicable information-related standards[9] or modeled upon standards for internal control systems generally.[10] 

Years from now, perhaps most organizations will be well along the path of this maturity continuum, and hopefully so.  And yes, organizations certainly will need authoritative guidance on implementation frameworks, strategies, and options for building Information Governance programs. But my hunch is that, at least in the short term, different organizations will pursue Information Governance programming in a wide variety of ways.  While I may feel strongly about the importance of conducting Information Governance assessments and setting program objectives, followed by establishing structure, direction, resources, and accountability for an effective Information Governance program, these are specifics of implementation — the How, rather than the definitional What and Why.