Wednesday, December 11, 2013

Raise the Small Claims Court Limit

Today the NYTimes ran an article, entitled Rule Change Could Ease ‘Justice Gap’ for the Poor,
with the lede:
Lawyers who work for big corporations in New York but are not licensed to practice law in the state will be allowed to do pro bono work under a new rule meant to ease an acute shortage of legal representation for the poor, the state’s chief judge, Jonathan Lippman, announced on Monday.
It followed:
Providing help to the indigent in civil cases has become Judge Lippman’s signature issue, and will likely underpin his legacy after he retires in 2015. He set aside $55 million in the current budget for such services, and has taken steps to encourage lawyers to take on more civil pro bono cases, requiring law students to put in 50 hours of volunteer work before taking the bar exam and making law firms file biannual reports showing how much charitable work they have done.
I will not in any way disagree that this is a very serious need, nor that these are not extremely laudable accomplishments and initiatives. However, I'd like to point out that there is also a tremendous problem of access to the courts for the middle class here in New York State, and it can be traced almost directly to one, single factor here in New York State:

The maximum claim in small claims court is $5,000, except in Town and Village Courts, where it is $3,000. For claims above that amount, the New York Courts page offers the following friendly advice:
Q. Do I need a lawyer for these types of cases?
A. You are allowed to handle a case without a lawyer, although these kinds of cases are often complicated. It's up to you to decide. A person going to court without a lawyer is called "self-represented" or "pro se."
In other words, you're pretty much on your own. Additionally, according to, here are some of the average costs of civil litigation taken to verdict:
  • Automobile: $43,000
  • Premises Liability (slip and fall, injuries in offices, etc.): $54,000
  • Real Property: $66,000
  • Employment: $88,000
  • Contract: $91,000
  • Malpractice: $122,000
Let's compare this to the historical limits of Small Claims court here in New York City†, adjusted for inflation to 2013 dollars using the Inflation Calculator from the BLS:
YearAmount2013 Dollars
At this point it should be patently obvious that there is a huge, huge problem of access to the legal system for anyone but the wealthy. Simply raising the small claims limit to something more sensible, say, $25,000, as it is in Tennessee, or maybe even $50,000, would greatly increase access to the civil court system for many tens of thousands. Small claims court is highly informal and very forgiving to pro se litigants. Supreme Court, however, is not.

Quite simply, the problem is this: If you have a legal claim that is more than $5,000, but less than $100,000, it may be all but impossible to find a lawyer to take your case.

If we want to increase access to the legal system, rather than simply throwing more lawyers at the problem, how about we lower the cost of entry instead?

† From the Supplementary Practice Comments to McKinney's, NY City Civ. Ct. Act § 1801. Small Claims Defined

Sunday, November 24, 2013

GoldieBlox Sues Beastie Boys for Declaratory Judgment of Non-Infringement

Earlier this week, a new product out on Kickstarter called GoldieBlox - a toy aimed at engaging young girls in engineering - made a pretty brilliant music video as an advertisement. The video features a parody of the song "Girls" by the Beastie Boys:

As reported by TechDirt:
The whole point is to mock the message of the original song, with its famous refrain: "Girls - to do the dishes; Girls - to clean up my room; Girls - to do the laundry; Girls - and in the bathroom; Girls - that's all I really want is girls." The new one switches it to: Girls - to build the spaceship; Girls - to code the new app; Girls - to grow up knowing; That they can engineer that; Girls - That’s all we really need is Girls." The point is pretty clear. Parody the original song to highlight how ridiculous that stereotypical image of girls is -- and, of course, highlight how the kinds of toys that GoldieBlox makes can be useful in learning. 
I'd like to reference, once again, what is likely one of the controlling case in this instance - the famous Campbell v. Acuff-Rose. Centrally, in that case, 2 Live Crew sampled Roy Orbison's "Pretty Woman" in a highly parodic fashion. The Supreme Court performed a fair use analysis, which has the following four factors:

(1) the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;
(2) the nature of the copyrighted work;
(3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and
(4) the effect of the use upon the potential market for or value of the copyrighted work.

The Court relied heavily on factor four in remanding the case to a lower court to make a better fair use determination. Specifically, the Court determined that a hip-hop parody of a country song would likely have negligible effect on the market for the original song. The lower court, however, basically glossed this analysis in finding for infringement. The case was sent back down, and it was settled, likely because Orbison knew he was fighting a losing battle.

I genuinely cannot conceive of a negative market influence on the original Beastie Boys song as a result of the GoldieBlox remake. That, in addition to the fact that this GoldieBlox is explicitly an educational toy should weigh very heavily in favor of GoldieBlox.

The Beastie Boys' lawyers would be wise to very, very quickly issue a sincere apology, withdraw their threat, offer a zero cost royalty, and make a contribution to the GoldieBlox kickstarter. Either that or come off looking like a bunch of misogynist bullies - and hypocrites, as they are still defending a copyright infringment lawsuit over that same album. I very, very sincerely hope that the original threat letter sent to GoldieBlox was the result of an overzealous (and clueless) lawyer acting without approval from the band members - because if the band members were involved, well, that could conceivably have a market impact on the Beastie Boys, and a very negative one at that.

You can read the complaint here. Note that GoldieBlox is represented by Orrick, who are not to be trifled with, and they have requested a jury trial. I cannot imagine trying to argue to a jury that GoldieBlox was not a fair use of Girls, and I would certainly have a panic attack when the lyrics comparison charts came out:

Friday, November 8, 2013

Artist Suing Jay-z Over Sample - I Hope it Goes to Trial

The long-short of it is that some artist is suing Jay-z over a sample included in Blueprint III. The details are almost irrelevant, because I cannot fathom how this falls outside of the scope of fair use. From what I've seen, and correct me if I'm wrong, the only reason people get away with suing in nonsense cases like this is because it is easier and cheaper to settle than to actually litigate to verdict.

HOV has the resources to litigate, however, and it would be nice to see copyright sample trolling of this sort simply put to bed altogether. It's a nonsense claim and very frustrating to see it reported on as if Jay-z was somehow a bad actor. It would be great if Campbell v. Acuff-Rose was unambiguously expanded to samples of all sorts, not merely parodic samples.

Tuesday, November 5, 2013

3D Printing 'Encryption' to Hide Contraband Objects Seems Really Overhyped

Tl;dr Yesterday, on, this article ran about using 'encryption' to hide contraband objects in 3D printer blueprints. I think this claim is designed to incite moral panic, and is also an incorrect one. Centrally, distribution channels for contraband already exist online, and this so-called 'encryption' will add no value to that ecosystem.

The central claim of the Forbes article:
If 3D printing companies and government agencies hope to police the spread of dangerous or pirated digital shapes, their task is about to get much more complicated. 
Late last month Matthew Plummer-Fernandez, the 31-year-old creative technologist for Goldsmith College’s Interaction Research Studio at the University of London, released what he’s calling ‘Disarming Corruptor,’ a piece of free software designed to distort 3D-printable blueprints such that only another user with the app and the knowledge of a certain key combination can reverse the distortion and print the object. That means any controversial file–say, a figurine based on Mickey Mouse or another copyrighted or patented shape, or the 3D-printable gun created earlier this year known as the Liberator–could be ‘encrypted’ and made available on a public repository for 3D-printing blueprints like the popular site Thingiverse without tipping off those who would try to remove the file.

On the left are the blueprints for the now-notorious "Liberator," the first 3D printable gun. (Note: it is a really crappy gun.) On the right is the 'encrypted' version of those blueprints. Using the software created by Plummer-Ferndandez, if you have the correct decryption key, you can turn the blobby thing on the right into the gun on the left. And, because the blobby thing on the right is visually meaningless, MakerBot would never ever realize it was a gun, so they would never take it down from ThingiVerse.

However, if MakerBot doesn't recognize that the thing on the right is a Liberator... then how are other users, who want to find the Liberator, going to realize this either?

They are already going to have to know, somehow, that this particular file is the Liberator. Which means they will already have to have been given this information, and, supposedly, the decryption key from a third party. Likely on an online forum of some sort. Where people can post files.

So why not just post the Liberator blueprints to that forum in the first place? There are already myriad places on the internet where people can and do post contraband material that are well beyond the reach of US corporations and law enforcement. So encrypting the file is a wholly unnecessary step.

Here's an analogy: I would never go to the iTunes store to download 35 minutes of static that becomes an episode of VEEP with a magic key. So why would I go to Thingiverse to do the same? And why would someone who knows they are selling illegal goods would want to do it in someone else's store - a store with security? No one is selling knockoff iPhones at the Apple store. And it is not like this filetype can only be posted to Thingiverse - it can be posted anywhere. So there is actually a disincentive to post known contraband to Thingiverse - even if encrypted.

Distribution channels for contraband material already exist. They are called black markets - or, in internet parlance, pirate sites. Adding this 'encryption' is a completely redundant step. When you go up to an unlabeled white van and buy a pair of speakers you aren't handed a mess of shattered plastic and a glue gun with the instructions "some assembly required." Rather, they take your money, hand you a pair of Harmon Kardons, and drive off. Similarly, try searching for your favorite show online: I bet you can find it and no encryption will be involved. Accordingly, encryption is not necessary for sharing .stl files, the filetype used for 3D meshes. There is no reason that .stl should be unique as compared with literally every other file type currently being illegally distributed.

Additionally, it is not the mission of 3D printing companies to police the actions of all of their end-users. Though they have a strong policy goal and public interest in trying to prevent the spread of contraband 3D blueprints over the internet, it is their primary legal goal not to become suppliers of infringing or illegal material themselves. If MakerBot discovers that a particular weird blob looking thing is getting downloaded with alarming regularity, or based on a user report, my suspicion is that MakerBot has the capacity to perform an investigation and remove the questionable material from Thingiverse.

This 'encryption' adds absolutely nothing novel to the ecosystem of transporting contraband across the internet. Forbes may, in fact, be right that it will be increasingly difficult for law enforcement to police the production of contraband with 3D printers in the near future. However, this 'encryption' will have probably have played no role. Rather, as 3D printers spread, so will 3D printing.

Monday, November 4, 2013

Third Party IP Infringement Liability & You: What You, as a Contract Developer, Should Know

A while back I had a post on Contract Drafting for Software Development Agreements. Today's post is a followup, specifically about the issue of Third Party IP Infringement Liability.

If you are someone who offers engineering or design services on a contractor basis, or work for a firm that does, there will almost certainly be a series of clauses in your contract regarding third party IP infringement indemnification. That's a big legalese mouthful, but it is potentially the most expensive part of your agreement, so it should be negotiated carefully.

Essentially, when a service provider indemnifies a client over third party IP infringement claims, the provider is stating that the work-product it delivers doesn't infringe anyone else's copyright, trademarks or patents. Copyright and trademark is pretty easy to cover, as long as you are not using uncredited stock photos or rival company's logos.

Patent infringement is much trickier. There are millions upon millions of patents issued, and as we learned from This American Life, a patent from 1999, predating the first podcast by several years, actually apparently does cover podcasts themselves. As a result, it is very, very hard to know if one is infringing third party patents.

And patent damages can be extraordinary. Many, many multiple times the value of an underlying services contract. This is why you need to be particularly careful when making representations about third party IP infringement. So, from the point of view of a service provider, here are a few ways to limit your exposure (if you are a client, then you will be coming at this from roughly the opposite perspective):

1. Disclaim all third-party IP infringement warranties. If you can get this provision, you probably don't need any further advice, because you are well known in your field and have substantial bargaining power. However, sometimes a client will be willing to accept this condition, so if the initial contract is silent on this issue, this may be the place to start negotiation.

2. Offer third-party IP infringement indemnification only over knowing or negligent violations. Basically, this means that you will not be on the hook for "strict liability" infringement. This is essentially the situation in the podcast story above, where no one had any idea that their techniques fell into the scope of the patent until they were hit with a demand letter. You'll only be on the hook for infringing patents you know about or should have known about. That latter part can get tricky, because then the question is "well should you have known about that?" This inquiry will get into how much of an expert you are in your particular field, how much a particular patent or lawsuit has been in the news, etc. However, it is still a pretty strong standard.

3. Limit your total indemnification liability. This is often the easiest solution. Typically damages under an agreement, no matter what form in which they occur, should have a cap. Often times, however, indemnification liability is specifically exempted from this cap. So, for instance, if there is an liability cap of $1,000,000.00 on an agreement, and you show up to your client's office and blow up a $2,000,000.00 piece of machinery, you are only on the hook for the initial $1M. If, however, indemnification liability is exempted, and it turns out you deliver work that infringes a third party patent, your liability could be limitless. Liability caps commonly used in developer agreements range from a negotiated, fixed price, to the fees paid to the consultant over a given period of time (trailing twelve months, trailing two years), the total fees paid to the consultant, or a multiple of any one of those. Additionally, there should be a sunset provision on this indemnification liability, meaning you will no longer be on the hook for these types of claims two, three, five, etc., years out.

4. Negotiate at what point indemnification liability obligations become active. Some clients will want you to indemnify them for claims as they arise, which means you will be on the hook for every crank and potentially baseless infringement claim your client receives. Other possible solutions include having indemnification obligations become active upon the breach of an IP warranty, i.e., proof that you knowingly delivered infringing IP, after a claim has survived a motion to dismiss, or upon adjudication that IP was actually infringing.

It is very, very important to pay close attention to these provisions when you agree to develop software on a subcontracting basis. More than any other clause, this one can come back to bite you, years later, for enormous sums of money. To put it another way, if you give a client unlimited, strict liability third party IP infringement indemnification, your contract with them is no longer so much of a services contract as it is an insurance contract. Keep in mind, that as a developer makes more and more representations, the developer can argue it is entitled to higher fees, as it is bearing higher risk. The counterpoint is true from the point of view of the client. In any event, it is essential that before the commencement of services both client and service providers have negotiated this issue explicitly, so they understand their mutual responsibilities and obligations to each other.

Wednesday, August 7, 2013

AOL's Quarterly Earnings: Dialup and Advertising

As covered on TechCrunch, AOL's earnings beat analyst estimates today, coming in at $.035 per share, with a total income of $28.5M on a revenue of $540M.

Before we all pop the champagne, however, let's take a look at the actual numbers:

Of the $541M in revenue, $361.2 comes from advertising, or almost precisely 2/3 of all revenue. Further, an entire $166M comes from subscriptions, which is codeword for dial up subscribers. That's right, a full 30.6% of AOL's quarterly revenue comes from people with dial up modems. So, AOL generated 97.6% of its Q2 income from advertising and dialup. That means that all of AOL's other products, besides advertising and dialup, account for less than 3% of its income. That is not a good sign.

To be fair, AOL has many services that are advertising driven, so there are many different products that generate ad revenue. However, given that the cost of online ads is declining, affecting mega-giants like Google, it may be that services driven by online ads don't look to be long-term sustainable, and it appears that AOL's only way of generating revenue from its online properties is from advertising. It goes without saying that dialup subscriptions are not a long term plan.

Time for AOL to start diversifying its income streams.

Sunday, July 7, 2013

Bits Blog on Amazon - Apparently, Market Based Pricing is Evil

The NYTimes Bits Blog just had a post on book pricing and Amazon, and, well, it is a bit out to sea. For instance:

One consequence of this shift is that soon no one will know what a book’s “real” price is. Price will be determined by demand and perhaps by whim. 

The first sentence is pretty philosophical - what is anything's real price? The second sentence actually gives a pretty damn good answer: whatever the market will bear.

The entire piece is bemoans the fact that book prices now actually reflect market demand - and I am just scratching my head as to what the problem is here. In fact, the whole article is basically an implicit admission that the publishing houses are really pissed off that they no longer get to charge monopoly rents on books, artificially inflate prices, and take out a huge middleman fee. It is a de facto apologia of the really, really dated and anti-consumer practices of the publishing industry as a whole, draped in the sentimentality of losing the corner book store. Finally, if I never here the "people won't value _____ if they are cheap/free"argument again, it will be too soon.

Bits blog may want to consider changing its title to Luddite blog - I fully expect that next week will be a hagiography of the typewriter intertwined with the perils of touchscreen induced carpal tunnel syndrome.

Open Source is Totally Realistic: A reply to Rachelbythebay

Developer and author Rachel Kroll recently had kickstarter to fund development of a google reader replacement, which she named fred. She has just posted to her blog a response to the many comments "well why not just open source it?" She mentions a few points, and importantly reminds everyone that preparing software to be released into the wild as open source requires a whole bunch of work, which she would have to do for free.

Other than that, however, I think she misunderstands open source and how it works. She repeatedly states that she doesn't want to lose the ability to monetize her software - and that simply is irrelevant to open sourcing. If she were to release her software under a BSD or MIT license, she would still be 100% free to charge for distribution, access, support - all the normal things you charge for in software. Even if she chose to use the much more burdensome L/GPL, she would still be free to charge fees for licensing and distribution, she would just have more onerous conditions to live with. There is absolutely nothing stopping her from releasing the code as open source - and, quite possibly, to do so may actually encourage people to donate to another kickstarter. Open sourcing the results from her development would foster a sense of community ownership, and it would probably also speed development. In any event, whether or not software is open source is almost 100% irrelevant to whether you can charge for software.

Sunday, June 30, 2013

Permissive Licenses and Richard Stallman's Blindspot on the Rails Community

Recently, I had to go through a very, very difficult contract negotiation that hinged largely upon the inclusion of open source software in client deliverables. Suffice it to say, that at this point, I'm fairly convinced that L/GPL licensed software simply cannot be included in software deliverables if the client intends to a) distribute that software and b) include trade secrets or confidential information in that software. It may be technically possible, but it is a huge nightmare-headache. 

As a result, I took a second look at this essay, by Richard Stallman, arguing that LGPL is, in fact, too lenient in its requirements, and that people releasing open source libraries should really think about releasing them under GPL. The gravamen of his argument is this:

If we amass a collection of powerful GPL-covered libraries that have no parallel available to proprietary software, they will provide a range of useful modules to serve as building blocks in new free programs. This will be a significant advantage for further free software development, and some projects will decide to make software free in order to use these libraries. University projects can easily be influenced; nowadays, as companies begin to consider making software free, even some commercial projects can be influenced in this way. 
Proprietary software developers, seeking to deny the free competition an important advantage, will try to convince authors not to contribute libraries to the GPL-covered collection. For example, they may appeal to the ego, promising “more users for this library” if we let them use the code in proprietary software products. Popularity is tempting, and it is easy for a library developer to rationalize the idea that boosting the popularity of that one library is what the community needs above all.
In other words, Stallman is concerned that unless software is GPL licensed, then:

1. The free software movement will be left behind.
2. Proprietary software developers actively seek to crush the software industry, and won't contribute to free software.

Both of these statements, in practice, have turned out to be false, and the proof is in the pudding:

The entire Ruby on Rails community is based on free software - either under the Ruby license, the MIT license or the BSD license, and almost never on the GPL license, probably for the reasons I explained above. Node.js is MIT Licensed. So is JQuery. Stackoverflow is brimming to the rafters with employees of the 'proprietary' software industry. These are the tools of choice for many of your favorite web services, and their users are very much in the for-profit business.

Richard Stallman's fears have simply failed to materialize. The modern web uses permissively licensed software as its lifeblood, and, quite frankly, copyleft licenses are often directly in tension with the perfectly reasonable goals of both public and private interests.

So, in the end, I believe the very mechanisms that Mr. Stallman envisioned would result in GPL licensed software becoming the norm for best coding practices and the gold standard for quality software, have in fact relegated GPL software to the domain of academics and those who do not have to deal in trade secrets or deal with covered information (note/update: however, that Linux is in fact GPL licensed - I should say specifically that we are talking about the world of commercially developed and provided SaaS). The upside is that the community of sharing that Mr. Stallman had envisioned has come to exist - it just so happens that it exists under permissive licenses, not copyleft licenses, and the community is populated by a whole lot of people who develop proprietary software.

Friday, June 21, 2013

Legalese or Plain English? Either Way, TechCrunch has it Wrong

There was a post today on TechCrunch about a VC that uses a plain english term sheet, as if this were some earth-shattering innovation. Well, first, it isn't, and, secondly, TechCrunch seems to really miss the larger point: This term sheet is a summary of a larger, totally standard contract. In other words, the whole goal that TechCrunch seems to be excited about - a contract that is in plain english, hooray! - is false. This is a memorandum of understanding, a letter, a summary, that precedes the formal agreement itself. So, basically, this is a non-story.

However, it does lead to the more interesting question of contract drafting in general, and whether it is a better practice to use plain english or stick to the legalese. As with all things, I argue that it depends highly on context, and the intended audience for a contract.

For instance, when drafting a Terms of Service, or End User License Agreement, it is probably the right thing to draft so that a normal human being can understand what you are writing. However, if you think for a moment that I am going to draft a funding instrument or insurance policy in plain english, you need your head examined. If for no other reason - and there are many - this is because it is the language written on the contract that gets tested in court, and you want to have predictable outcomes when drafting contracts. This means you use language that has already been reviewed and tested by courts, even if it is cumbersome and bulky. So, even in the example of a TOS or EULA, when it comes to HIPAA compliance, I'm going to stick with the language I know won't get me in trouble.

A good analogy is to code: why don't engineers just write their code so it is really easy to understand? Well, to anyone who knows anything about coding, this question should appear somewhat clueless: programming is a functional activity. Code is written so that it works, first and foremost. Good code is often - and sometimes must be - easy to understand, but there is plenty good code out there that is very difficult to understand, even for very experienced programmers. Of course, it is always good practice to try to make your code easy to understand, but the reality is that function must dominate over lay-person readability.

The same is true for contracts: when a complex deal is memorialized, the documents about that deal will also necessarily be complex. The problem is that most people assume that because contracts are written in english, and that they understand english, that a contract must be faulty if it is not easy to understand. Well, this is a huge misconception.

In the end, the term sheet that TechCrunch has talked about is basically something like very good documentation, or comments that are in code. And that is great - we should all endeavor to document and explain our agreements much more thoroughly. However, as any software developer knows, writing good documentation is in no way a replacement for writing software that works, and writing a good term sheet is in no way a replacement for writing a bullet-proof contract.

Monday, June 17, 2013

Open Source Licenses: When to Use Permissive v. Copyleft

If you work in any industry that heavily relies on software (read: all of them) you will eventually run into open source licenses. So let's take a look at a broad and growing divide between the two main types of open source licenses - copyleft v. permissive. Spoiler: if you are going to be including open source software in client deliverables, it is far easier to stick with permissive licenses, where copyleft licenses should are best used for academic projects, for developer tools or projects that are dedicated to some non-commercial, public good.

Open source licenses were first used in the mid-1980s, under the mantra that "information wants to be free" - not necessarily free in price, but in that it should be freely adaptable to different people's desires. Unsurprisingly, some of the earliest licenses came out of Berkeley and MIT, including the GNU Project, under Richard Stallman. The whole idea was to distribute software that was the result of - and useful for - academic activities, and to do so in such a way that guaranteed no downstream user would be able to co-opt the software and claim ownership over it. Rather, such software would remain available for people anywhere to implement, study, contribute to, etc. As a result, the the idea was to create a recursive license, so that any software built upon software licensed in this way would also be subject to that license. This license would further require that the original software, as well as all derivatives of the original software, would have to be freely distributable and usable without restriction. The license would also provide mechanisms for submitting improvements back to the original software codebase, potentially to be included with later releases. The first such license was the GNU GPL license, which set the whole open source phenomenon.

The requirements described above - that all derivative software and contributions be licensed under the original license, that source code be freely available, that there be a mechanism for contributing improvements back to the original codebase - form what is generally termed a "copyleft" license - so called for its difference from copyright, which typically locks up ownership and use.

The outcome of the combination of the above features is often (derogatorily) called the "viral effect": an entire code base may get 'infected' if a single LGPL component is included - meaning that all software that ships with an LGPL component may be subject to the above terms.

As a result, it shouldn't be that hard to see why using a true copyleft license in commercial software is sometimes untenable: granting access to source code necessarily means giving up claims to trade secrets embodied in that source code. Additionally, the right to re-distribute covered software is automatically granted to any recipient of copyleft licensed software. This can make commercialization tricky - not impossible, but tricky - because any recipient of copyleft licensed software can turn around and resell that software, or even give it away for free. Finally, there are still gray areas in interpretations of the L/GPL regarding how it applies differently to interpreted code as opposed to compiled code.

Contrast these licenses with the so-called "permissive," such as the MIT and BSD: these licenses essentially only require that any software licensed under their terms includes an acknowledgment of prior authors, and they otherwise disclaim all warranties, restrictions and obligations. In addition, they are far, far simpler licenses: the MIT license is literally three sentences long, while the LGPL runs more than a few pages. To be fair, there are still unresolved issues about permissive licenses, such as how BSD interacts with hardware licensing, but by and large, the interpretation and use cases of permissive licenses are far less complicated than copyleft licenses.

The upshot of all this is that as more and more open source code gets built into commercial applications, we are seeing more and more open source code released on BSD and MIT licenses, and less on GPL and LGPL. Say what you will about the philosophy of the movement itself: I believe this is the inevitable outcome of the way that copyleft was originally designed.

Conclusion: If you are going to be integrating open source components into code that you intend to commercialize, it's probably safest to stick with permissively licensed components. If you are contributing to developer tools, utilities, mathematical libraries, projects for the public good, academic work, or the like, L/GPL may be more appropriate. Either way, you should probably consult your attorney.

Thursday, June 6, 2013

Followup on Console Gaming

I recently posted about how a Wired opinion piece seemed to really miss the boat on console gaming. Well, apparently, Sony agrees:

Kaz Hirai says the PS4 is 'first and foremost' a game console, more features to be revealed.

"The most important thing we need to do is agree and understand that the PS4 is a great video game console that appeals to video gamers," he said. "If we miss that part, I don't think we get the initial establishment of the console. That formula has worked for us with all our consoles, including the PS3."
Additionally, this just in from Reddit:

It was posted under the title "A concise list of all the problems with the PS4 (directly from the hardware architect Mark Cerny" and it's a list of features that gamers consider to be positive. In addition to this, the internet is currently exploding with reviews of The Last of Us, a PS3 exclusive, which is being haled as a "masterpiece." So we will see how that goes for Sony - but I think it's safe to say that Wired's critique is somewhat off the mark.

NSA and Your Digital Life

Right now the internet is on fire with the news that the NSA, through a project called PRISM, apparently has been tapping into a whole bunch of very large internet services for the better part of a decade.

I just wanted to note that we are going to have to wait a few days to get a clear look at this, because within about 90 minutes of each other, these two posts went up on Techcrunch:

Report: NSA Collects Data Directly From Servers Of Google, Apple, Microsoft, Facebook And More 

Google, Facebook, Yahoo, Microsoft And Apple Deny Participation In NSA PRISM Surveillance Program

You can read more at the NYTimes, its Editorial Board,  Guardian, Washington Post - the last two seem to have been the original source of this information.

Also, this is particularly great: NSA chief, two weeks ago: ‘We’re the only ones not spying on the American people.’

I'd encourage everyone to take the chance to read this essay, written by former Supreme Court Justices Brandeis and Warren about the Right to Privacy.

Friday, May 31, 2013

Business Insider's Bizarre Take on Musks's "Hyperloop"

Jay Yarrow at Business Insider just penned this piece about Elon Musk's "hyperloop" concept.

While I'm sure that Mr. Must has something very interesting up his sleeve, I just wanted to point out that the idea discussed in that article, an underground vacuum maglev system detailed in a 1972 RAND paper, is utter, fantastical nonsense. Not only are tunnels fantastically expensive and time consuming to build (Second Avenue Subway? LIRR / GCT connection? Anyone?) the idea of sustaining a vacuum in anything remotely that large is pure, unabashed science fiction. It is literally impossible. No amount of money or clever engineering could make that happen. It would literally be the most expensive engineering project in history by a few orders of magnitude, and it would still fail.

My guess is that Mr. Musk - a fully qualified engineer - has nothing of the sort in mind, simply because it is a child's fantasy. However, what Mr. Musk has described, a magnetically propelled super-sonic levitating train, is not much different than magnetic trains that are already all over the planet. The trick is to ensure stability past the sound barrier on the ground, a non-trivial problem, as well as ensuring that friction is low enough. My bet is about 100:1 that this is what is on the table, and not a gigantic vacuum tube system.

Tuesday, May 28, 2013

Wired Misinterprets the Market Failure in Console Gaming

Wired had an article recently about the new Xbox One announcement. The Xbox One announcement has been really, really panned, and for a whole lot of good reasons. I won't get into the details of all the criticisms, such as the fact that you may have to pay a subscription service to MSFT to play your pre-existing subscription cable, or that it is an 'always-on' service, etc. etc. However, I will talk about the fact that it seems that the Xbox One it isn't really for gamers. Wired's Chris Kohler notices this, but draws the wrong conclusions, stating that:

It’s not hard to figure out what the gaming-first crowd wants: a super-powered box that connects to the TV, has a handheld controller and has a huge library of games from the biggest-budget epics to the breakout indie hits. They don’t want a PC because they don’t want to mess with settings and deal with crashes; they want a standard platform that Just Works. It can do other things, sure, but games are the meat and everything else is somewhere between the gravy and the pepper shaker.
Hey, that sounds like an awesome product! Tuned precisely to our very needs. Say, do you know how many companies — in the entire world — currently offer such a product?
From there basically goes on to say that the above must be either impossible to do properly or not be worthwhile financially. He hypothesizes:
There may be no way to make money selling a bleeding-edge $500 games-only box with $60 games anymore. The expense of producing it all may be well out of whack with what players are willing to spend to get it.
This smacks of speculation, because no one is even bothering to try to implement that business model. And the frank reality is that the systems that are currently being produced are vastly overpowered - you can still get really great graphics out of consoles that are not nearly as beefy as the latest releases. Further, because so much groundwork has been laid into the development of gaming engines, it is cheaper to produce games now, and millions are willing to pay good money to play them. Just ask Gabe Newell

So, Kohler has missed two important points.

First off, the actual lesson is that there is a current market failure: up until a decade ago, Sony was raking in the money in console video games - I don't think those consumers all died, rather, I think they are older and probably have more purchasing power, economic downtown notwithstanding. I'd argue that Sony's failure to capitalize on this same market is because it is pushing bloated multifunction set-top boxes focused on media into the market, and has lost focus on its core audience of gamers and gaming consoles. In other words, as demonstrated by the above historical console sales, there is a demand and no one is delivering.

Second, the point to take is that MSFT and Sony are both "out" of the gaming game and are in the middle of huge media plays. Right now they are trying to use their consoles as a way to shoehorn their media businesses into the living room, directly in competition with Apple. In fact, Sony's entire electronics division is losing money, while it is making most of its profits in media and insurance. Microsoft, in the meantime, has hired a former CBS executive, set up its own studio, and has signed a deal with the NFL. So the problem is that MSFT and Sony are competing with cable companies, HBO, Apple and Hollywood with this new generation of consoles, rather than competing with Nintendo and targeting gamers. Nintendo itself may have stumbled with the WiiU, because it is also crammed with distracting features, but the 3DS is doing fine and I'm sure the WiiU will hit its stride.

Currently, it seems that Sony and MSFT are more interested in getting your parents to watch the latest episode of Real Housewives of Microsoft, your siblings to watch HaloTV, the whole family to enjoy a movie from a wholly owned subsidiary, or the guys to socialcast their fantasy stats while they watch football, than to make a play at the core gaming audience once serviced by millions upon millions of, PSs, Xboxes, PS2s, and Xbox360s.

So fundamentally, where I see market failure and a big demand, Kohler has taken the fact that a) the market is being flooded with devices that intentionally address a totally different market segment - casual media consumers - to mean that b) that it is impossible to create a product that gamers do want, either because gamers aren't there or because it isn't profitable. Quite simply, b) does not follow from a).

I suspect the pendulum will swing back the other way, and not too long from now either. 

Sunday, May 26, 2013

Contract Drafting: Software Development Agreements

Recently, I was presented with a form software development Agreement. I asked a junior associate to give it a markup for outstanding issues as a learning exercise. It reminded me that many critical areas of contract drafting are simply not taught in law school, so consider this a first in a series of tips and pointers for drafting practical agreements.

Software development contracts are a lot like other creative development agreements, in that a person or corporation is creating a new work and transferring the IP rights to its employer. As a result, here are a few things to consider in any contract that controls the transfer of IP rights:

  • Clearly define "Intellectual Property." Make sure that such definition includes not just copyright, but trademark, trade secret, and all patent rights. This definition covers what will, and will not, be owned by the client at the end of the engagement. 
  • Work for Hire. As a client, you will want to ensure that all materials are being made as work for hire, and, if they are not deemed to be work for hire, then all IP rights are assigned to the employer.
  • Further Assurances. Again, as a client, you will want to ensure that the the party rendering the services will agree to execute any documentation acknowledging that the employer owns the IP created, assigning IP created, etc.
  • Further Assistance. Often, the developer's assistance will be needed in the future, whether for the purposes of litigation or aid in filing patents. Typically, such assistance is compensated at the averages rates paid during the original engagement.
  • Limitation of Liability. As a developer/contractor, you are going to want to waive all special and consequential damages, lost profits, interruption of services, and limit only to actual damages. Alternatively, you can limit to the fees paid to the contractor over the last [x] months, or a mutually agreed upon cap. It is not unusual for there to be a separate cap for indemnification liability over IP infringement, i.e., the general cap is at the fees paid over the last three years, but liability for indemnification provisions at 2x-3x those fees. There is often a lot of negotiation on this issue. 
  • Warranty. It is typical to disclaim any and all warranties, but often a client is going to want some sort of warranty that the work product is non-infringing. Carefully consider, either as contractor or client, the level of IP representations made: are you going to make a strict representation of non-infringement? One based on knowledge or negligence? As above, there will usually be negotiation on this issue. I find that, generally, as risk increases for the contractor / developer, rewards should increase as well. So it doesn't make a ton of sense to make a strict IP representation if you aren't getting well paid, as you are basically extending an insurance policy over the IP delivered for very little money.
  • Indemnification. largely the same considerations as the previous two. Consider what acts, either as a contractor or client, you want to indemnify the other party for. It is not unusual to indemnify the other party against third party claims made for breaches of the representations and warranties in the contract or due to your own negligence of willful misconduct.

A few things make software development, in particular, different than most other creative materials development contracts. Let's review them:

  • Pre-existing Materials. Often a contractor will include software developer prior to engagement, outside the scope of engagement, or generally applicable to the contractor's business, to the client. The contractor will want to retain ownership of this material, so they should make sure that the agreement specifies which software, if any, falls into this category, or specify which mechanisms will be used during the engagement for identifying such software. The client will want to consider how this affects pricing as well: essentially, the client will be leasing, and not buying, such software, so they should not expect to pay full freight for it. 
  • Open Source Materials. Contractors may include open source materials in final deliverables. Both parties will want to be up front about what open source agreements they are comfortable with (for instance, corporations tend to really dislike LGPL, for pretty understandable reasons), and make sure that both parties will have clearly established mechanisms for complying with the terms of such licenses. Additionally, the contractor must be sure that they are not incorrectly representing that they are transferring ownership of these materials, as that is simply not within their power.
  • Third party materials. Rather like open source materials, but privately owned software. For instance, if the developer delivers say, copies of Word® or OSX Server® to the client, the client will typically be responsible for procuring / maintaining such licenses. Again, as above, the developer must make sure that it is not incorrectly representing it has the power to transfer ownership of those materials.
  • Residuals. This one is often a big sticking point: typically, there are very strong non-disclosure provisions in software development agreements. Residuals clauses usually read something like this: 
    The Receiving Party shall be free to use for any purpose the Residuals resulting from access to or work with the Confidential Information of the Disclosing Party. "Residuals" means information retained in unaided memory by persons who have had access to the Confidential Information, including ideas, concepts, know-how or techniques contained therein. The Receiving Party shall not have any obligation to pay royalties for work resulting from the use of Residuals. However, this clause shall not be deemed to grant to the Receiving Party a license under the Disclosing Party’s copyrights or patents.
  • Often, developers gain a lot of important insight from complex projects. If clients are unwilling to agree to the above residuals clause, it may be worth considering if extra compensation is warranted.

Next time, I'll discuss how Statements of Work - the above notes are only for the Master Services Agreement. On top of that, in order to ensure that both parties are happy, there should be a detailed Statement of Work that explains what is being developed, milestones, testing criteria, etc. It is a document that requires as much careful thought as the underlying contract itself, and worthy of its own post. 

After that more to come on NDAs, Software Licenses, EULAs, TOS's...

In the meantime, happy drafting.

Thursday, May 23, 2013

Entertaining List of Prohibited Businesses for Credit Card Processors

Examining the Stripe TOS today, I discovered that they have a very long list of businesses that they will not service, including:

(1) door-to-door sales, (2) offering substantial rebates or special incentives to the Cardholder subsequent to the original purchase, (3) negative response marketing, (4) engaging in deceptive marketing practices, (5) sharing Cardholder’s data with another merchant for payment of up-sell or cross-sell product or service, (6) evading Card Network’s chargeback monitoring programs, (7) engaging in any form of licensed or unlicensed aggregation or factoring, (8) airlines, (9) age verification, (10) age restricted products or services, (11) bail bonds, (12) bankruptcy lawyers, (13) bidding fee auctions, (14) collection agencies, (15) chain letters, (16) check cashing, wire transfers or money orders, (17) counterfeit goods, (18) currency exchanges or dealers, (19) embassies, foreign consulates or other foreign governments, (20) firms selling business opportunities, investment opportunities, mortgage consulting or reduction, credit counseling, repair or protection or real estate purchases with no money down, (21) credit card and identity theft protection, (22) cruise lines, (23) essay mills, (24) flea markets, (25) drug paraphernalia, (26) extended warranties, (27) fortune tellers, (28) “get rich quick” schemes; (28) gambling (including but not limited to lotteries, Internet gaming, contests, sweepstakes, or offering of prizes as an inducement to purchase goods or services), (29) sports forecasting or odds making, (30) illegal products or services, (31) mail-order brides, (32) marijuana dispensaries and related businesses, (33) money transmitters or money service businesses, (34) multi-level marketing or pyramid schemes, (35) online or other non-face-to-face pharmacies or pharmacy referral services, (36) prepaid phone cards, phone services or cell phones, (37) pseudo pharmaceuticals, (38) quasi-cash or stored value, (39) securities brokers, (40) sexually-oriented or pornographic products or services, (41) shipping or forwarding brokers, (42) substances designed to mimic illegal drugs, (43) telemarketing, (44) telecommunications equipment and telephone sales, (45) timeshares, (46) travel agencies or travel clubs, (47) online or other non-face-to-face tobacco or e-cigarette sales, (48) weapons and munitions (49) virtual currency that can be monetized, re-sold or converted to physical or digital goods or services or otherwise exit the virtual world, (50) personal computer technical support, (51) selling video game or virtual world credits (unless you are the operator of the video game or virtual world), (52) selling social media activity, such as Twitter followers, Facebook likes or Youtube views, (53) human hair, fake hair or hair-extensions, (54) any product or service that infringes upon the copyright, trademark or trade secrets of any third party, or (55) any product, service or activity that is deceptive, unfair, predatory or prohibited by one or more Card Networks.

Well where's the fun in that?

Wednesday, May 22, 2013

The Copyrightability of Databases

Recently, a colleague asked me about the copyrightability of information in a database, specifically, in this instance, a phonebook. My colleague wanted to know if you could claim copyright over a database: this is a really important question, as the internet is, by and large, a gigantic database. This is actually two separate questions: 1. Are the contents of databases copyrightable? 2. Are there copyrightable elements of databases in and of themselves? So let's break it down and treat each separate.

Contents of Databases
We do know copyright does not apply to facts, and it would be an unfortunate circumstance if simply putting a fact in a database gave you copyright over that fact. The case that everyone learns in law school that expresses the copyrightable elements of compilations is Feist V. Rural Telephone Co. According to Wikipedia:
Feist Publications, Inc., v. Rural Telephone Service Co., 499 U.S. 340 (1991),[1] commonly called Feist v. Rural, is an important United States Supreme Court case establishing that information alone without a minimum of original creativity cannot be protected by copyright. In the case appealed, Feist had copied information from Rural'stelephone listings to include in its own, after Rural had refused to license the information. Rural sued for copyright infringement. The Court ruled that information contained in Rural's phone directory was not copyrightable and that therefore no infringement existed.
If Feist had literally distributed photocopies of Rural's telephone book, there would be a claim of copyright information. However, merely reproducing the information in a phone did not constitute copyright information. This assertion was largely supported by the decision in Bellsouth V. Donnelly, which basically stated that the selection, arrangement and coordination of a phonebook were the only copyrightable elements of the phonebook. Contrast this, however, to CCC Info Services v. Maclean Hunter Market Reports, where it was held that the valuations of automobiles in the "Redbook" constituted creative, judgment based content, and not simply merely factual reporting. Similarly, in CDN v. Kapes, the coin prices in a guidebook were found to be copyrightable because they were the result of expert judgment, and not just mathematically computed facts. So, when looking at the contents of databases, the question to ask regarding their copyrightability is, "Is this content merely a list of facts? Or is this content the result of a process of creativity or judgment?" If the answer to the former is yes, it is probably not protectable; if the answer to the latter is yes, the content is probably protected by copyright.

Copyright of Databases Themselves
We know that copyright explicitly covers compilations, i.e., that the creative elements involved in the organization of other works (layout, selection, etc.), are also protectable by copyright. A magazine, for instance, has many artistic and creative choices made in its organization and appearance. As does a compilation of selected works, or a series of short stories, photo essays, coffee table art books, etc.
     Importantly, however, databases are not like other creative compilations. A database, is a functional data structure: most of the 'layout' is done by algorithms, and much of the 'creative' choices made are made out of mathematical necessity. At first glance, then, it looks like we may be lead into the uncomfortable position where copyright can be extended over the form of databases themselves - which would be disastrous for the internet, because it means that you would be able to 'own' a data structure (i.e., listing names cross referenced by phone numbers or email addresses, etc.) simply by being the first to commit it to a tangible form.
     This turns out not to be the case, largely due to the idea/expression dichotomy, also called merger doctrine. This doctrine states that one cannot extend copyright protection over expressions that are 'merged' with their underlying ideas, concepts, natural laws, etc. To put it another way, you cannot use copyright to make a claim of ownership over functional elements or to get ownership of concepts. The courts have been recognizing increasingly that  databases in and of themselves are merged structures: they are mathematical, programmatic structures designed to allow for rapid manipulation of data in many forms, i.e., they are fundamentally merged. Or, as stated by the Copyright Office:
In summary, very few of the post-Feist compilation cases have held entire works to be uncopyrightable. In fact, copyrightability of the entire work is seldom even contested. Disputes tend to focus instead on the scope of protection. Consistent with Feist’s pronouncement that copyright affords compilations only “thin” protection, most of the post-Feist appellate cases have found wholesale takings from copyrightable compilations to be non-infringing. This trend is carrying through to district courts as well.(70)
      Translated into normal human, that means that the Courts have recognized that even copying big chunks of other people's databases, verbatim, rarely rises to the level of copyright infringement, so long as the information being copied itself is not subject to copyright protection. The arguments that get into court over databases mostly concern how much copying is allowed, or whether the underlying information itself is subject to copyright. As a result, as that (very lengthy) paper by the Copyright Office goes on to explain, database protection is mostly accomplished these days through a combination of contracts (ever wonder what all those "Click Here to Agree" terms of service agreements are for?) or with technological protection measures, i.e., DRM. So, if you are interested in protecting your databases, you should investigate your terms of service and your security measures.

In the end, the question about copyrightability of databases comes down to this: is the information in the database itself protectable by copyright? If the information in the database is the result of a sophisticated judgment or a creative process, then the answer is almost certainly yes. However, if the database consists of simple facts, or the output of deterministic formulae with no creative input, the answer is very likely no. Unlike artistic compilations, like magazines, photo collections, excerpted and collected works, etc., databases, though they may appear similar to compilations, do not typically receive the same protection of copyright law. As above, this due to the merger doctrine, because databases are functional constructs. So, unfortunately, there is no bright line rule dictating whether a database is per se copyrightable: it will always be a highly fact specific determination. The basic lesson, in the end, is largely consistent with copyright law in general: creative elements get copyright protection, whether those elements are visually creative layout of someone else's works or a series of numbers that resulted from a creative process.

When in doubt, it is probably best to ask your lawyer.

Tuesday, May 21, 2013

YCombinator and Rigged Roulette

YCombinator has been making a lot of headlines recently. I am a huge fan of their work, PG is the man,  and I think that they have a well earned reputation for being one of the most productive and successful incu-VC's out there. However, I have to play the bear a bit here, and point out that I think that YC is being overly mythologized. So, in no particular order, let's take a look at some interesting YC factoids.

     A few weeks ago, a piece ran in the NYTimes magazine by Nat Rich, which was very interesting, but I feel highlighted some inherent problems with YC, exemplified perfectly by this quote:

“There are two things that people grumble about Y Combinator that are actually compliments,” [PG] told me. “One is that Y.C. start-ups are overvalued. The only way for a company to be overvalued is if there’s someone willing to pay that price. So what they’re saying is: Going through Y.C. causes companies to raise money on better terms than they would have otherwise. We wouldn’t have the barefacedness to make that claim ourselves! The other thing they say is that they can’t tell on Demo Day which are the good start-ups. Well, it’s not because the good start-ups look bad; it’s because the bad start-ups look good! Which means we’re doing our job."
In case you missed it, that is PG basically stating that YC's job is to get overvalued investment for companies without much of a promising future. That isn't particularly great. 
     Now, let's combine two important facts: YC only accepts highly, highly qualified founders - importantly, a non-trivial percentage of all startups founded by young, qualified tech entrepreneurs apply to YC - and, according to PG "if ... you discover the next Google, you can increase your investment by 'a thousand X.'” So, to make an analogy, imagine that the YC investment pool is a roulette board - except that the payout for a win is several orders of magnitude greater than the bet, and the odds of any one number 'winning' are a lot higher than investment in a random company 
     Viewed in this light, it doesn't take a whole lot of skill to place a huge number of inexpensive chips on a rigged roulette board. Especially when you have thousands of talented individuals throwing themselves at you for a $11,000 + $3000n investment for 2-10% of your company†- which, by the way, is a tremendously favorable deal for YC. Additionally note that just two companies, AirBnb and Dropbox, make up the lion's share - ~75% - of YC's 10B portfolio, which consists ~400 companies. 
     Finally, in the context of startups generally, tech is actually not even the most fertile field for new companies. The substantial majority of successful startups are not in tech. They are in a wide variety of industries, with the two most successful categories being consumer discretionary and industrials. 
     When viewed in the light of all these facts, I think it should be easy to agree that, though YC is hugely successful and deserves recognition and praise for its accomplishments, it is being mythologized to an unnecessary degree. They are positioned at a bottle neck in an industry that happens to be very sexy right now, and, as a result, they are inevitably investors in a few truly major companies. However, that does not mean they are mystical seers with insight greater than those in in similar positions other industries that are less sexy. It just means that YC gets the most ink.
† Note that in Mr. Rich's article, he talks about several companies that received six figure investments from YC, and does so in a manner that makes this sort of investment appear routine. As far as I know, this is highly unusual for YC, and I would like to know more about how these companies got this funding from YC, or if, in fact, YC is now in the habit of investing more than the 11+3n detailed above.

Wednesday, May 15, 2013

Some Interesting Patent Statistics from 2012 via StrutPatent

StrutPatent has some really great patent statistics. Let's take a look at some of the more interesting numbers from 2012:
  • The top 10 companies receiving patents were all tech companies, and they received a total of 27,930 patents, or almost exactly 10% of all patents granted. 
  • The individual with most patents granted in 2012 is Kia Silverbrook. He received 220 patents. Thinking this through, assuming he takes no vacations, that is about 4.25 patents per week. Forgive me for saying so, but the idea that any one human could be that productive is truly an absurdity. It is just poppycock. 
  • The top 10 inventors of 2012 received a total of 1481 patents, an average of 2.85 patents per inventor per week. Which, again, is total insanity. 
  • Total patents granted in 1990 numbered 99,275, up to 244,513 in 2010, for a CAGR of 4.61%. 
  • There were 542,815 patent applications in 2012. Given that patent applications take several years, it is not easy to calculate what percentage of patents are granted, but it looks to be approximately the 50% range, and possibly higher, because many patent applications that were not granted are probably still pending in office actions, and may be granted in later years.
More patent statistics coming soon - we will get into just what percentage of patents actually do cover the pharmaceutical industry. Spoiler: a lot less than you may think.

Friday, March 8, 2013

For Some Reason, In the Last Week My Blog Got More Viewers From China Than Anywhere Else

My traffic is pretty low, but, every once in a while, I check it, just to see what's what.

To be fair, we are not talking about tremendous volumes of traffic - but about 50% of those appear to be from China. I cannot imagine that this is anything but automated skimming from China - but that is pretty disconcerting.