SPRING 2006
Cyberlaw
Course No.:  9200-710-001
Course ID:  17105
Tu, Th 4:45 - 6:15 p.m.
Room W-206
Professor Jay Dratler, Jr.
Room 231D (IP Alcove)
(330) 972-7972
dratler@uakron.edu,
dratler@neo.rr.com
Copyright © 2000, 2001, 2002, 2003, 2004, 2005, 2006   Jay Dratler, Jr.  

Cyberlaw, Spring 2006

FINAL EXAMINATION

Instructions

1.  E-mail At-home Examination.  This is an e-mail, at-home examination.  Subject to the limitations stated below, you are free to take it at any time and place of your choosing.

2.  Limitations.  Your completion of this examination is subject to the following limitations:
    a.  Time-spent limitation: four hours.  You may work a total of no more than four hours on this examination (including any related research and thinking), from the time you begin to read the instructions until the time you send in your answers.  Except under extraordinary circumstances, such as an intervening family emergency, your work time should be continuous and uninterrupted.  Each question has a suggested time limit, and the weight of each question for grading is proportional to the suggested time for answering it.
    b.  Elapsed-time limitation: 36 hours.  Your answers will be due by noon, Sunday, May 7, 2006, no more than thirty-six hours after the exam is made available to you by e-mail or on the Web.
    c.  Word limit: 2,500 words.  Your answers for all questions together must total no more than 2,500 words.  If your answers exceed this limit, I will arbitrarily stop reading after the 2,500th word, and you will lose points for any and all material thereafter.
    If you inadvertently exceed the word limit, it will be to your advantage to delete less important material and to keep more important material that is likely to garner you more points.  (Most word-processing programs count words automatically; check "Properties" under "File" or consult your program's "Help" screens.)
    d.  No Consultation.  During the entire examination interval (from the time you receive the examination until you submit your answers), you may not consult with anyone regarding the examination, this course, the subject matter of this course, or any related case, regulation, or statute.
    e.  No "canned" answers.  These questions are designed to elicit specific answers in response to specific fact patterns and specific queries.  Nonresponsive material, no matter how correct, cogent, or even brilliant, will receive no credit whatsoever.  I will enforce this rule even more strictly than usual, in order to discourage anyone from using "canned" material prepared in anticipation of the questions to be asked.
    f.  Honor system.  Please include the usual honor-system oath in your examination.  (Your exam number— at the end of your exam file—and your return e-mail address will constitute your electronic signature under the Uniform Electronic Transactions Act.)
3.  Materials.  Because this is an at-home exam, you may use any written materials that you have on hand, provided they are: (1) published or (2) prepared by you.  You may also use your computer to browse the Web, including the material posted for this course on the Law School's Website.  However, the questions have been designed so that the following materials should be sufficient: (1) the casebook (if any), supplement (if any), and Website for this class (including any materials from it that you have downloaded, printed out and annotated), (2) any statutory supplement that you have used for this class (including your own, but no one else's, annotations); and (3) an outline that you have prepared.  I encourage you to make your outline short, both so it will be usable and so you will have an "overview" of the course.

4.  Strategy for Answering the Questions.  
    a.  Outlines.  To the extent intelligible, outlines will receive partial credit, but you should have time to write complete answers.
    b.   Additional facts.  Please do not assume or make up additional facts.  Although the stated facts may resemble real situations, all of the stated facts are fictitious (except as noted).  All facts needed to answer each question should appear in the question itself.  If you think you need additional information to answer a question fully, state what additional information you need, how you would use it, and how it would affect your conclusions, but please be brief.  Do not waste time answering questions or addressing issues not fairly presented by the given facts.
    c.  Organization. Especially in view of the word limit, try to make every word count.  Well-organized answers will receive extra credit, and poor organization may result in a loss of points.
    d.  Legal authority.  You will receive points for identifying specific and relevant legal authority, such as a particular statutory section, subsection, or decision.  You may use reasonable abbreviations, as long as they are clear.  For example, you may refer to Metro-Goldwyn-Mayer Studios Inc. v. Grokster, Ltd. as "Grokster" or "the Supreme Court's file-sharing case."
    e.  Fact pattern questions: using IRAC.  Most questions are typical law-school examination questions involving complex fact patterns.  You should answer them by identifying relevant issues and applying the IRAC formula (issue, rule, analysis, and conclusion).  Do not forget to state a conclusion, as well as your confidence in its certainty, for each issue and subissue.  You should be aware, however, that a correct conclusion with little analysis will garner you less points than an incorrect conclusion with thoughtful and thorough analysis.
    Try to weave as many specific facts as possible into your analysis, make and evaluate arguments for both sides, and determine the relative importance of issues and arguments.  Where alternative legal rules exist, you should state them and indicate which is the majority view, the current trend, or otherwise the better rule, and why.  (Stating why one variant rule is better than another often involves policy.)
    You will not have enough time or space to cover all issues or arguments in exhaustive detail.  Therefore you should focus your discussion on the issues, rules, and arguments that are most important.  Grading will be based in part on your judgments of relative importance and how specifically you address the stated facts.  Analogies to and distinctions from precedent, if useful and relevant, will receive extra points.
    f.  Logical "Trees."  Do not neglect to analyze all relevant branches of a logical tree, even if your analysis suggests that one branch should be cut off.  That is, try to cover all important issues, even if you think that the resolution of a single issue should control the result.  For example, you should discuss infringement—insofar as the facts permit—even if you conclude it is doubtful that the plaintiff has a valid copyright. (In other words, pretend that you are a district court, which might be reversed on any point, rather than a court of last resort.)
    If an issue clearly raised by the facts is easy to resolve, you may say so without extensive discussion, as long as you say why.  You should not waste time and space elaborating "giveaway" issues.   Where the issues are close or not clearly resolved, however, you should analyze them completely.
    g.  Policy.  Please discuss policy only where the question calls for a discussion of policy, or where discussion of policy is necessary to resolve a legal issue.  You should always discuss the "law" first, including black letter law, trends, and minority views, before turning to policy for confirmation or to resolve doubt.  Where the resolution of an issue is unclear, however, you should analyze how applicable policy affects your conclusion.  (The last question here calls for discussion of policy and should be treated accordingly.)
5.  Call of the Question.  BE SURE TO READ THE CALL OF EACH QUESTION CAREFULLY AND TO ANSWER ONLY THE QUESTION(S) ASKED.

6.  Submitting your Answers.  Detailed instructions for submitting your answers are at the end of the examination.  Please follow them carefully.

Good luck!



Question 1
(ninety minutes)

A

It is the year 2011.  After the Great Chemical Terror attack on Los Angeles in 2008, Americans lost confidence in their government’s ability to protect them from terrorists’ plots.  So the private sector took over.  A large and rapidly growing industry of private businesses began offering comprehensive security services.  These services partly targeted crime, but their main purpose was to prevent and mitigate the possible consequences of terrorist activity.


B

Harry Hacker is a brilliant computer nerd.  In his younger days, he secretly hacked into computers owned by banks, the government, major businesses, and even national intelligence agencies, all without detection.  He just got married, however, and he now wants to use his considerable talents for remunerative purposes.  So he and a friend with business experience have set up a private security firm called Dark Measures Security (“DMS”).

Harry’s plan for DMS is very simple.  Using his formidable computer skills, he will hack into various computers in order to monitor traffic on the Internet for hints of terrorist activity.  He believes he can do this without detection for the foreseeable future.

Through Harry’s hacks, DMS will gain surreptitious and undetected access to the server computers of major Internet nodes, Internet service providers such as AOL, Earthlink and Time Warner, and portals such as Google, Yahoo, and MSN.  DMS’ computer programs then will automatically copy all traffic on these servers that passes through physical communication lines or nodes in a particular geographic area.  (The geographic limitation is only for purposes of economy; if the business succeeds, DMS plans to monitor Internet traffic nationwide. )

Once traffic on these servers has been copied to DMS’ computers, programs on DMS’ computers will “analyze” it for evidence of terrorist threats.  Most of the analysis will be done automatically, by a computer program that Harry developed called “Omnivore.”


C

While developing these methods, Harry discovered that it was too hard to monitor message traffic in the random-access memory (RAM) of target computers.  Instead, Harry took advantage of the fact that every server system “backs up” message traffic, at least temporarily, by storing it on hard disk drives.  Harry found a way secretly to determine each computer’s backup cycle and secretly to copy all the contents of the server’s backup hard drive to hard drives attached to DMS’s own server.  This transfer would occur at least once during each backup cycle.  In that way, DMS could obtain complete copies of all message packets going into and out of each targeted server.

Each server that DMS intends to target has password protection.  That is, a normal user who seeks to extract data from the server’s hard drives must have a proper password to so do.  Harry’s hacking techniques gain access without the passwords and without detection by any operator or user of the target server.  Yet all of the message packets on the backup drives represent Internet traffic.  They have all been received from, or are to be sent to, somewhere else.  The targeted server of course has no control over what happens to the message packets while they are elsewhere on the Internet.

The Internet traffic so copied to DMS’ own server would contain all communications within the designated geographic area.  So DMS could analyze, for example, e-mails, files sent by peer-to-peer technology, downloaded Web pages, search requests transmitted to search engines such as Google, each search engine’s responses to those search requests, and the particular Web pages from the responses that users actually visited.


D

Using Omnivore and the power of high-speed computers with multiple processors, DMS would “analyze” all this traffic—automatically and almost in real time—for evidence of possible terrorist threats.  For example, if Acme Co. were a client of DMS, DMS would configure Omnivore to look for all references to Acme Co., its products, the addresses of its plants and offices, the streets on which they are located, the names of its key executives, etc.  Any traffic with such a reference would then be scanned for words such as “attack,” “bomb,” “explosion,” “device,” “security,” etc., in several languages.

All traffic with both references to a client and suspicious language would then be sent to an artificial-intelligence routine (a subroutine of Omnivore) that Harry devised.  That routine uses sophisticated human-language analysis to classify each item as (1) doubtful, (2) suspicious, or (3) dangerous.

Omnivore would handle the three categories of material as follows: “Doubtful” material it would store in a special library for each client, to be used to compare with future traffic to develop cumulative suspicion.  “Suspicious” material it would automatically transmit over the Internet to computers at the client’s own security department for analysis, using secure (encrypted) transmission.  DMS’ own analysts would personally review each “dangerous” item, print it out, and analyze it to eliminate false alarms and determine the nature and level of the threat.  They would then fax the item (verbatim), along with their own analysis, to the client’s (private) chief security officer.

The sophisticated analysis routine in Omnivore uses artificial intelligence not only to analyze the contents of each message or other item of traffic. It also compares and collates the contents of that message with other items of Internet traffic.  That is the reason why Harry wants DMS to collect all Internet traffic for analysis.  Only by doing so can Omnivore “connect the dots” of possible terrorist threats reflected in different items with different senders and recipients sent at different times.


E

Harry also has conceived of a clever way to advertise DMS’ services and, at the same time, perform a “public service” function.  Harry calls it the “shame” program.  The point of this program is to “shame” Internet participants into taking more effective measures to reduce their unwitting participation in possible terrorist activity. 

The program would work as follows.  In addition to monitoring for possible terrorist activity related to DMS’ own clients, Harry would set Omnivore to work looking for possible terrorist threats generally.  When it found particularly “dangerous” items, DMS’ analysts would review them just as if they related to clients.  Yet instead of directing these dangerous items to security officials, DMS would publish them, in full and verbatim, on DMS’ own Website. 

The purposes of that publication would be to shame the private firms that were responsible for originating, forwarding and/or transmitting the “dangerous” messages.  For example, if DMS found five dangerous messages on the servers of the Internet Service Provider “Groundlink” in a single week, it might print them verbatim under the following message:

    “Last week Groundlink forwarded the five messages printed below, all of which suggest a growing terrorist plot.  We think private firms should be more responsible in monitoring their Internet traffic to weed out suspicious matter.  We can help.  Click here for more information on our automatic ‘Terror Alert’ program.”
Verbatim copies of the five messages, with suspicious parts highlighted in red, would follow, complete with any headers naming the sender and recipient of each.

Since the purpose of this program is both to reveal lapses in security and to advertise DMS’ services, these “public service announcements” would name names.  In preparing them, DMS’ analysts would be instructed to select examples of messages that called private companies and their products by name, in order to cause maximum embarrassment to private firms that might be shamed into becoming clients of DMS.


F

Although Harry has already developed his hacking techniques and the program Omnivore, DMS will need a lot of money to buy the huge computers and hire the analysts needed to realize this plan.  DMS has approached an investment adviser for assistance, and the adviser has hired you as special cyberlaw counsel to analyze the plan’s legal risks.

Assuming that applicable law in 2011 is the same as it is today, analyze Harry’s and DMS’ exposure to civil and criminal liability if they proceed with this plan.  Based on your analysis, recommend a course of action for the investment adviser and DMS.  Be sure to consider all relevant causes of action discussed in this course, relevant civil and criminal sanctions, and all reasonable defenses.  Do not discuss contractual liability or trade secrets.



Question 2
(ninety minutes)

A

Image Analysis, Inc. (IAI) has developed software that can “recognize” various aspects of images in common digital formats such as .bmp, .gif, and .jpg.  The general problem of image recognition is extremely difficult, but IAI’s researchers have developed some bold new algorithms and programming techniques, which they have patented.

One application for IAI’s image-analysis software is recognizing sexually explicit images.  The software can be programmed, for example, to spot images of human erogenous zones and to detect whether they are clothed or unclothed.  IAI has tested its software for this purpose, and it works well.

IAI is located in a conservative state (State).  It has lobbied the state legislature to pass a law requiring every Internet Service Provider (ISP) doing business in State, and every library receiving monies from State, to install IAI’s software.

The proposed law would require every covered ISP to offer its customers an option to “screen out” erotic images using IAI’s software.  It would also require every covered library to use IAI’s software, configured to screen out erotic images, on every Internet terminal open to the public.  An exception in the law would permit library patrons 21 years of age or older to have the screening turned off, upon request to library staff and proof of age. 

Due to the distributed nature of the Internet, many ISPs that do business in State have no substantial physical presence in State and are not incorporated there.  Assuming that the First Amendment applies to the several states through the Fourteenth, analyze whether the proposed state law would survive scrutiny under the First Amendment.  Would it make any difference in your analysis if testing showed that IAI’s software made mistakes (for example, mistaking a bare shoulder or arm as a bare female breast) at least five percent of the time?  Could you suggest any way to improve the bill’s chances of surviving First Amendment scrutiny?  (Do not discuss commerce-clause issues.)


B

Peerless Cars, Inc. (PCI) sells hand made sports cars priced at $200,000 and up.  Its cars are filled with electronic gadgets, including voice-operated electronic door locks.

PCI’s door locks work as follows.  The customer simply says the name of the lock out loud, plus a four-digit combination, and the requested door opens.  For example, the customer might say, “Trunk, five, two, eight, five.”  If the combination has been set to 5285, the trunk opens.

The customer can set a new combination orally at any time simply by saying “reset” followed by the old combination and then the new one.  When the car is new, the customer first sets the combination by means of hidden digital thumbwheels under the dash board.  If the customer ever forgets the current combination, she can open a lock or reset the combination by saying “default” first and then voicing the appropriate command (using the “default” combination set in the thumbwheels) to open a lock or reset the current combination. 

PCI’s voice-operated lock technology has three elements: (1) an amplifier, (2) a voice-recognition device, and (3) a computer program stored in read-only memory (ROM), with rewritable storage for the current combination.  The amplifier augments sound around the car and allows the customer to use a very soft voice.  The voice recognition device recognizes only the word “default,” the names of the locks, and the ten decimal digits.  When it recognizes one of these few words, it transmits an appropriate digital signal (a number from zero to ten) to the program. 

The computer program is very simple and short.  It consists of about 75 bytes.  It receives the command digit(s) first, followed by the combination; it then compares the combination with the one stored in its memory (or with the “default” combination on the digital thumbwheels if it receives the digit corresponding to the word “default”).  If the input combination matches the stored combination (or the one set on the digital thumbwheels for “default”), the program causes the appropriate lock(s) to open or the stored combination to be reset.

Delia, a rich gadget lover and experimenter, buys a PCI car and spends days fiddling with the locking device.  She soon discovers that a particular type of unusual sound causes the voice-recognition device to send a “minus one” (-1) signal to the computer program.  In normal voice operation, the voice-recognition device never sends a “minus one” signal.  Because of an obscure flaw in the computer program, this “minus one” signal causes the computer program to open all the car’s locks, regardless of the combination that follows.

Delia posts a recording of this peculiar sound on her Website and explains its use.  Anyone can download a digital file containing the sound and, by playing it back out loud near a PCI car, open all the locks on that car.

Analyze Delia’s potential liability under 17 U.S.C. § 1201, as added by the Digital Millennium Copyright Act, including any reasonably applicable defenses.

C

Daring Shopper (DS) is a shopping Website.  It offers an on-line comparison shopping service that looks like a search engine. 

The home page of DS’ Website has fields in which the user can type the name, trademark, or model number of a product and a desired price.  After the user clicks “Go,” DS’ electronic-agent software “crawls the Web” to find every available offering for sale of the same or similar products at or below the requested price.  From each relevant Web page DS’ Web crawler finds, it copies the product name, the product specifications, and the offered price from the “crawled” Website.

What next appears to the user of DS’ service is a comparison screen.  The screen shows the various competing products (that DS’ software found by crawling the Web) in a series of vertical columns (one per product) stretching horizontally.  Each vertical column has three rows.  The first row contains the product’s name and trademark, the name of the manufacturer, and the model number.  The second row contains the price offered on the “crawled” Website.

The third row contains the product’s specifications, copied verbatim from the crawled Website.  Usually, the specifications are no more than a few words or lines, or a short paragraph at most.  When the specifications on the crawled Website are longer than five lines, DS’ Website shows the first five lines in this third row, followed by a link.  Clicking on the link takes the user directly to the page of the crawled Website containing the product’s specifications.

Assuming that DS has no permission from anyone, analyze its potential liability (including defenses, where applicable) to owners of the “crawled” Websites and producers of the various products reported in DS’ comparison shopping service.


Question 3
(one hour)

    “Although Americans invented the Internet, the United States is rapidly becoming an Internet backwater.  A number of countries, such as Korea and Singapore, have much higher penetration of broadband Internet service than we do.  Furthermore, many make better use of the bandwidth they have.  Japan, for example, has had fully featured Internet services on cell phones for several years now; Japanese cell phones are way ahead of ours.”
    “There are many reasons for this lag, but American laziness is not one of them.  Perhaps the most important reason is our national regulatory structure, which can only be described as Byzantine.”
    “Not only does our regulatory structure fail to recognize the convergence of media.  It picks winners and losers.  Companies classified as ‘telecommunications services’ must give others access to their poles, networks and other physical infrastructure, at rates ultimately set by regulators.  They also must pay subsidies for “universal service,” 911 emergency services, and costly rural connections.  Other firms, such as cable companies and Internet service providers, are not subject to these burdens.  They therefore can offer the same sort of telecommunications services, including telephone service, much more cheaply and easily.”
    “This regulatory structure has three flaws.  First, it disadvantages the most experienced firms, the ones that built our telecommunications infrastructure.  Second, it wastes enormous resources on litigation, as firms fight in court over their regulatory classification and over the prices for mandated resource sharing.  Finally, the uncertain regulatory environment discourages investment in infrastructure, as firms worry about whether their huge investments will be subject to legally coerced ‘sharing’ with their rivals.”
    “The solution to this problem is simple: eliminate regulation for all forms of telecommunication except broadcast media.  Let anyone build, operate and compete at will, without regulatory burdens or obligations to the government or to competitors.  Today there are so many channels and so many modes of telecommunication that free competition in an unregulated environment would cause prices to drop drastically.  The best protection for the poor and most vulnerable is a truly free market, and a truly free market would goad us to catch up quickly with the rest of the world.”
Write an essay analyzing and/or criticizing this passage.  Be sure to address all aspects of it, including: (1) the underlying assumptions; (2) explicit or implied predictions of consequences; and (3) the passage’s judgments as to what is good policy and what is practically doable.  Discuss the probable consequences of complete deregulation, both in the short term and the long run.  Who would win and who would lose? Your grade will depend not upon your point of view, but upon how carefully and specifically you support and document your analysis, with reference to the materials that we have studied and the underlying factual trends that they reveal.  The more specific and focused your analysis, the better your grade will be.


END OF EXAMINATION
INSTRUCTIONS FOR SUBMITTING YOUR ANSWERS APPEAR BELOW



CYBERLAW, SPRING 2006
INSTRUCTIONS FOR SUBMITTING YOUR ANSWERS



Please take all of the following steps in submitting your answers, before the deadline for submission:

1.  Include honor-code statement.  Make sure that your honor-code statement appears at the end of your answer file.  (Your examination number and e-mail header will constitute your signature under UETA.)

2.  Include your examination ID number.  Type your examination ID number at the end of your answer file and double-check it.  To avoid accidental breach of anonymity, make sure that your answer file contains no other identifying information.

3.  Spell-check and finalize.  Spell-check your answer file and make any necessary changes.  Check the total number of words and modify as necessary.

4.  Save answer file with anonymous ID.  Save your answer file on your hard drive, with your honor-code statement and examination ID number at the end of the file.  When you save your file, use the file name "2006 Cyberlaw Exam" and no other.  (If you use another file name, your anonymity may be compromised.)

5.  Save your file in a commonly used, compatible format.  Some word-processing formats have compatibility problems.  If you have experienced problems exchanging files with others in the past, please use a file format that you know is common and widely compatible.  If necessary, save your answer file in Rich Text Format.  (Use the "Save As" feature of your Word Processor; then click on the down arrow to the right of the "File Type" field in the "Save As" dialogue box and select "Rich Text Format (RTF)" or another widely compatible option.  Be sure to verify that this option appears in the "File Type" field before you click the "Save" button.  Then check to see that a file with the name "2006 Cyberlaw Exam" and a ".doc" or ".rtf" file extension appears in your file folder.  You may have to click on "View" : "Details" to see the file extension.)

6.  Attach your answer file to an e-mail message.  Send your answer file, in a compatible format, as an e-mail attachment to your message, not as part of the message itself.  The "Subject" line for your e-mail message should be "2006 Cyberlaw Exam," and the text of the message should read "Attached are my answers."

(I will use your e-mail cover messages only to check that everyone has submitted answers.  I will not grade any exam until an assistant has "anonymized" the answers by separating the attached files from the e-mail messages and sending the attachments to me with no identifying information other than the examination ID number included in each file at the end.)

7.  Submit your answers by e-mail.  Send your cover message, with your answer file attached, to all of the following addresses:

dratler@neo.rr.com

dratler@uakron.edu

abthong@yahoo.com

mrh5@uakron.edu

(To avoid typing errors, please cut and paste this list into your e-mail program's "address" or "TO" field; then double-check all addresses and punctuation.  You may wish to prepare an address list in advance.)

8.  Print and retain a paper copy of your answer file.  Immediately after sending your e-mail message, print out a copy of your answers and staple the pages together.  Then sign and date your answers and record the exact time of your printout on the title page.  (If there is an e-mail mixup, this paper copy will serve to demonstrate what you wrote and when, in accordance with the honor system.)


HAVE A GOOD SUMMER!