Category: testimony

Testimony — including expert reports as well as public comments, submissions to rule-making proceedings, public comments, and other filings with government bodies

Posted on

Methods and Effects of Spyware

Methods and Effects of Spyware (PDF) is my written response to the FTC‘s call for comments (PDF), leading up to their April 19 workshop on spyware. In this document, I explain how spyware works, including presenting specific personal information transmitted by both Gator and WhenU. (The WhenU transmissions are particularly notable because these transmissions seem to violate WhenU’s own privacy policy.) Other sections of the document discuss installation methods of spyware (with special consideration of the technical methods used in drive-by downloads), frequency of advertisement display, and performance and security effects of spyware.

I hope to attend the FTC’s April workshop, and I would be particularly pleased to hear from others who will be there or who have comments on this issue.

Posted on

New Publications about Spyware Legislation and Regulation updated March 19, 2004

Some months have passed since my last work on spyware — Documentation of Gator Advertisements and Targeting (spring 2003) and my expert testimony in the matter of Quicken Loans and Wells Fargo v. WhenU (not available on the web) (summer 2003).

This week I’ve been working on a new subsection of this web site, “Spyware”: Research, Testing, Legislation, and Suits, for which two new entries are now available:

A Close Reading of the Spyware Control Act takes a careful look at the spyware legislation recently passed in Utah and now awaiting the governor’s signature. This legislation requires software that transmits users’ usage data (web sites visited, etc.) to provide appropriate disclosures in a license agreement (in plain language, actually presented to users, etc.), and to provide an uninstall routine. Seems pretty uncontroversial? That’s what I thought, but in fact the bill has raised some opposition from big .COM companies that seem to think the legislation is actually a bad idea — even as they are among the sites most intensively targeted by spyware pop-up ads. Have these companies missed the boat? Or have I? Check out the article — including their letter (PDF) and my paragraph-by-paragraph response — and decide for yourself.

Methods and Effects of Spyware (PDF) is my written response to the FTC‘s call for comments (PDF), leading up to their April 19 workshop on spyware. In this document, I explain how spyware works, including presenting specific personal information transmitted by both Gator and WhenU. (The WhenU transmissions are particularly notable because these transmissions seem to violate WhenU’s own privacy policy.) Other sections of the document discuss installation methods of spyware (with special consideration of the technical methods used in drive-by downloads), frequency of advertisement display, and performance and security effects of spyware.

I hope to attend the FTC’s April workshop, and I would be particularly pleased to hear from others who will be there or who have comments on this issue.

Posted on

Intentionally Invalid Whois Data

Edelman, Benjamin G. “Intentionally Invalid Whois Data.” US House of Representatives, Committee on the Judiciary, Subcommittee on Courts, the Internet, and Intellectual Property, September 2003.

As the DNS is currently structured, registrants are under only an honor system to provide accurate Whois data. Meanwhile, it makes no economic sense for registrars to enforce Whois accuracy. The result is that in terms of accuracy, when compared with other compilations of public data (such as driver’s licenses and trademark registrations), the Whois database is substantially fiction. I suggest 1) a reduction in the lenience of opportunity to “cure” intentionally invalid data, 2) for registrants with multiple domain names with intentionally invalid data, forfeiture of all domains when any are to be cancelled, 3) statistically valid surveys of registrars’ Whois accuracy, with public reporting of each registrar’s accuracy, 4) public reporting of Whois accuracy complaints and their dispositions, and 5) financial and other penalties to registrars with poor Whois accuracy records.

Posted on

Expert Declaration in Washingtonpost.Newsweek Interactive Company, LLC, et al. v. the Gator Corporation

I had the honor of preparing two expert declarations in Washingtonpost.Newsweek Interactive Company, LLC, et al. v. the Gator Corporation in federal court in the Eastern District of Virginia. My clients were the plaintiffs in the case, including the Washington Post Newsweek Interactive Company, Gannett Satellite Information Network, Media West-GSI, the New York Times Company, the Boston Globe Newspaper Company, Dow Jones, Smartmoney, the Chicago Tribute Interactive, Condenet, American City Business Journals, Cleveland Live, and Knight Riddler Digital.

Soon after my declarations, the case settled, and Gator stopped covering my clients’ sites with its popup advertising and other ads.

My declarations and other case documents.

Posted on

Shortcomings and Challenges in the Restriction of Internet Retransmissions of Over-the-Air Television Content to Canadian Internet Users

My expert memorandum Shortcomings and Challenges in the Restriction of Internet Retransmissions of Over-the-Air Television Content to Canadian Internet Users was attached to the National Association of Broadcasters’ submission to Industry Canada in its 2001 evaluation of retransmission of commercial television content over the Internet.

Posted on

Expert Declarations in National Football League, et al., v. TVRADIONOW Corporation (iCraveTV)

I had the honor of submitting testimony, both in two expert declarations and orally, in National Football League, et al., v. TVRADIONOW Corporation (iCraveTV), litigation in federal court as to the propriety of iCraveTV’s retransmission of certain American television video to users nationwide and worldwide. My initial expert declaration and supplemental expert declaration.