February 25, 2010


By Hibah Yousuf, staff reporterFebruary 24, 2010: 7:52 AM ET
NEW YORK (CNNMoney.com)

A judge in Milan found three Google executives guilty Wednesday of violating Italy's privacy code over a video that was uploaded on the search giant's video platform, the company said.
After being notified about the video -- which showed students bullying an autistic classmate -- by Italian police in 2006, Google took the video down within hours, said Matt Sucherman, the company's vice president and deputy general counsel for Europe, the Middle East and Africa, in a blog post.

He added that the company continued to work with authorities to help identify the student who uploaded the video, and she and other students involved were sentenced to 10 months of community service by a court in Turin, Italy. The video was uploaded to Google Video, prior to the company's purchase of YouTube. Sucherman said a public prosecutor in Milan then indicted four Google executives -- senior vice president and chief legal officer David Drummond, chief privacy counsel Peter Fleischer, marketing executive Arvind Desikan and former chief financial officer George Reyes -- for criminal defamation and violation of the country's privacy code. All but Desikan were found guilty of the privacy charge, and the judge found all four executives not guilty of criminal defamation.

Google said it plans to appeal the court's decision because its employees "had nothing to to do with the video in question" and for its implications on Internet freedom and censorship."In essence this ruling means that employees of hosting platforms like Google Video are criminally responsible for content that users upload," Sucherman said. "Common sense dictates that only the person who films and uploads a video to a hosting platform could take the steps necessary to protect the privacy and obtain the consent of the people they are filming."

Following the sentencing, Google's lawyer Giuseppe Banan told reporters that legal codes do not require Google, the Internet or any other company to control content before it is uploaded to the Web. But prosecutor Alfredo Robledo said "the right of enterprise cannot rule over that of dignity of the human being," and expressed his satisfaction with the judge's ruling.

February 19, 2010


Ten former White House advisors and other top officials joined forces in a rare public cyber war game designed to highlight the potential vulnerability of the nation’s digital infrastructure to crippling attack. The results were hardly reassuring.
Read the article: http://gigalaw.com/2010/02/17/internet-crashes-in-mock-cyber-war/ (Source: Los Angeles Times)



Hackers in Europe and China successfully broke into computers at nearly 2,500 companies and government agencies over the last 18 months in a coordinated global attack that exposed vast amounts of personal and corporate secrets to theft, according to a computer-security company that discovered the breach. The damage from the latest cyberattack is still being assessed, and affected companies are still being notified. But data compiled by NetWitness, the closely held firm that discovered the breaches, showed that hackers gained access to a wide array of data at 2,411 companies, from credit-card transactions to intellectual property.

The hacking operation, the latest of several major hacks that have raised alarms for companies and government officials, is still running and it isn't clear to what extent it has been contained, NetWitness said. Also unclear is the full amount of data stolen and how it was used. Two companies that were infiltrated, pharmaceutical giant Merck & Co. and Cardinal Health Inc., said they had isolated and contained the problem. Starting in late 2008, hackers operating a command center in Germany got into corporate networks by enticing employees to click on contaminated Web sites, email attachments or ads purporting to clean up viruses, NetWitness found. In more than 100 cases, the hackers gained access to corporate servers that store large quantities of business data, such as company files, databases and email.

They also broke into computers at 10 U.S. government agencies. In one case, they obtained the user name and password of a soldier's military email account, NetWitness found. A Pentagon spokesman said the military didn't comment on specific threats or intrusions. At one company, the hackers gained access to a corporate server used for processing online credit-card payments. At others, stolen passwords provided access to computers used to store and swap proprietary corporate documents, presentations, contracts and even upcoming versions of software products, NetWitness said.

Data stolen from another U.S. company pointed to an employee's apparent involvement in criminal activities; authorities have been called in to investigate, NetWitness said. Criminal groups have used such information to extort sensitive information from employees in the past. The spyware used in this attack allows hackers to control computers remotely, said Amit Yoran, chief executive of NetWitness. NetWitness engineer Alex Cox said he uncovered the scheme Jan. 26 while installing technology for a large corporation to hunt for cyberattacks.

That discovery points to the growing number of attacks in recent years that have drafted computers into cyber armies known as botnets—intrusions not blocked by standard antivirus software. Researchers estimate millions of computers are conscripted into these armies. "It highlights the weaknesses in cyber security right now," said Adam Meyers, a senior engineer at government contractor SRA International Inc. who reviewed the NetWitness data. "If you're a Fortune 500 company or a government agency or a home DSL user, you could be successfully victimized."

Disclosure of the attack comes on the heels of Google Inc.'s allegation that it and more than 20 other companies were breached by Chinese hackers. This operation appears to be more far-reaching, infiltrating some 75,000 computers and touching 196 countries. The highest concentrations of infected computers are in Egypt, Mexico, Saudi Arabia, Turkey and the U.S.
NetWitness, based in Herndon, Va., said it was sharing information with the companies infected. Mr. Yoran declined to name them. The company provides computer security for U.S. government agencies and companies. Mr. Yoran is a former Air Force officer who also served as cyber security chief at the Department of Homeland Security.

Besides Merck and Cardinal Health, people familiar with the attack named several other companies infiltrated, including Paramount Pictures and software company Juniper Networks Inc. Merck said in a statement that one computer had been infected. It said it had isolated the attack and that "no sensitive information was compromised." Cardinal said it removed the infected computer from its network. Paramount declined to comment. Juniper's security chief, Barry Greene, wouldn't speak about any specific incidents but said the company worked aggressively to counter infections.

February 6, 2010


By David Kravets (WIRED)

A leading Australian internet service provider was cleared of copyright allegations Thursday when a federal judge ruled against Hollywood’s lawsuit that iiNet was responsible for infringing BitTorrent data traveling its pipes. The Australian Federal Court decision siding with the country’s third-largest ISP was a legal blow to worldwide efforts to make ISPs liable for the unlawful behavior of their customers.

“I find that the mere provision of access to the internet is not the means of infringement,” Federal Court Justice Dennis Cowdroy ruled. “If the ISPs become responsible for the acts of their customers, essentially they become this giant and very cheap mechanism for anyone with any sort of legal claim.”

However, the judge’s ruling against the studios’ consortium called Australian Federation Against Copyright Theft comes amid deepening pressure from the Recording Industry Association of America and the Motion Picture Association of America for internet service providers to take some copyright responsibility. The ISP said in a statement that “this case has been important not just for iiNet, but the entire internet industry.” (.pdf) Almost all BitTorrent traffic consists of infringing material.

Meanwhile, the Anti-Counterfeiting Trade Agreement secretly being negotiated between the United States, European Union and others might require ISPs to terminate copyright scofflaws’ internet access or assume copyright liability for their customers’ behavior, according to leaked documents. What’s more, Italy this week announced proposed new measures that would make YouTube and other video-sharing sites liable for infringing material posted by their customers.

Similar claims are being made in the United States, where Viacom is suing YouTube, accusing it of being vicariously liable for the infringing activity of its users. That 2007 case is pending. Viacom alleges that Google-owned Viacom undertakes a “brazen disregard of intellectual property laws.”

February 3, 2010


Demonstrators in Berlin in September protesting the storage of personal details by Internet companies, which they call ‘‘data octopuses.’’

Published: February 1, 2010

Google has a problem in China. But it may have bigger headaches in Europe.

On issues as varied as privacy, copyright protection and the dominance of Google’s Internet search engine, the company is clashing with lawmakers, regulators and consumer advocates. And the fights are escalating across Western Europe. The stakes are high — potentially higher for Google than anything that happens in China — because Google’s operations in Europe are so much larger and more lucrative. In Britain alone, Google has roughly 10 times its estimated sales in China. Across most of the Continent, Google is by far the most popular search engine, with a substantially larger market share over its rivals than it has over those in the United States.

Google’s border-straddling scale and its brash ambitions raise alarms with some European politicians. The government of Prime Minister Silvio Berlusconi of Italy has proposed a law making online video services like YouTube liable for invasions of privacy, violations of copyright and other transgressions that occur in user-generated content. Meanwhile Google is contesting a copyright lawsuit from Mediaset, Mr. Berlusconi’s family company, which is the largest commercial television broadcaster in the country. “It’s a full-scale battle against Google in Italy,” said Paolo Brini, a spokesman based in Perugia for ScambioEtico, a group that campaigns for civil liberties online.

In Germany, the minister of justice, Sabine Leutheusser-Schnarrenberger, complained recently about Google’s instinct for “pressing ahead” and its “megalomania.” She said the company was tearing down privacy protections. “On the whole, I see a giant monopoly developing, largely unnoticed, similar to Microsoft,” she said in an interview with the magazine Der Spiegel. A spokesman later clarified that she had not meant to express an opinion on antitrust matters, which are outside her jurisdiction.

Google says that ordinary Europeans do not have similar fears. It says the complaints are from competitors like Microsoft and media companies whose longtime business models are threatened by technological change. “We love being in Europe, and we have many users across many countries who enjoy our products,” the company, which threatened last month to withdraw from China in response to an attack on its computer systems, said in a statement. “Our popularity means some people will complain. The important thing for us is to do the right thing, and that means not locking our users into our products and working well with our partners.”

Google’s most immediate challenges may be in Italy. This month, a decision is expected in a trial in Milan, where four Google executives were charged with defamation and privacy violations in a case involving videos posted on a Google Web site that showed the bullying of a boy with autism. The company says a guilty verdict might require it to edit content on YouTube before it is posted, which it says, would be incompatible with the open spirit of the Internet, as well as European Union guidelines. Prosecutors say Google was too slow to remove the video.

On another front, Italian authorities last summer raided the company’s offices in Milan, opening an investigation of Google News, which displays excerpts from online news articles. Italian publishers contend that Google News violates their copyrights, but say they cannot remove their articles from the service without slipping in Google’s search rankings, which would cost them ad revenue. Google says there is no such link between Google News and the search engine.

German newspaper and magazine publishers have complained to their government, saying that all of their Web sites together earn only about 100 million euros a year from advertising, while Google generates an estimated 1.2 billion euros from search advertising in Germany. The federal anticartel agency is gathering information, but has not yet decided whether to open a formal investigation. German publishers have persuaded the government of Chancellor Angela Merkel to support a new kind of copyright protecting journalistic content on the Web. Analysts say the measure, which has not yet been introduced, could require Web companies like Google to buy special licenses to cite content published elsewhere.

Attitudes toward Google in Germany have been colored by a heated debate over privacy. Several German towns and cities have moved to block Google from taking pictures of storefronts and homes for its Street View service, which links street-level pictures to maps — though not yet in Germany. While Street View has been popular in some European countries, Swiss data protection authorities recently sued Google to try to press it to increase privacy protections.

The European Commission in Brussels has pushed Google and other American Internet companies to shorten the period for which they retain consumer data. But Google has largely avoided run-ins with the commission’s powerful competition arm, which has struck fear in American boardrooms because of its dogged pursuit of antitrust cases against Microsoft, Intel and other American multinational companies.

With a new commission set to take office, rivals of Google, including Microsoft, are stepping up their lobbying efforts, highlighting the strength of Google’s position in Europe. “Whenever you have a company that has more than a 90 percent market share in a key market, it is inevitable that people will have questions to ask,” Brad Smith, Microsoft’s general counsel, told reporters in Brussels last week. “We say that with some experience.”

According to comScore, a research firm, Google handles 80 percent of European Web searches — compared with 65 percent in the United States. Yahoo with 17 percent, and Bing, from Microsoft, with 11 percent, offer modest competition in the United States, but they are nearly nonexistent in Europe, with less then 2 percent each, according to comScore.

Commission officials have said that a dominant market share is insufficient cause for an antitrust case; there must be evidence that a company is abusing this position to stifle competition. Analysts say the dearth of homegrown rivals to Google could also undermine any move to take regulatory action against the company. “Brussels may not want to pick a fight with Google,” said C. Evan Stewart, an antitrust expert at the law firm of Zuckerman Spaeder, “because there is no one to reward if they win.”