Category Archives: Technology

Discovery of Facebook Accounts

by: Robert Wagner, intellectual property attorney at Picadio Sneath Miller & Norton, P.C. ()

With the incredible rise of social networking websites (an estimated half of Americans use these sites), litigators are beginning in earnest to seek discovery of parties’ social networking accounts and postings (such as Facebook, LinkedIn, MySpace, Twitter). Frequently, statements made or photographs shown on a person’s “wall” or page made be relevant to issues in a lawsuit. For example, in a personal injury action where a plaintiff claims to be disabled or physically restricted because of an accident, a photograph showing the plaintiff engaged in a physical activity after the injury, such as skiing or running, may shed light on the true extent of his or her injuries. Litigators want to obtain access to these social networking sites as part of the discovery process.

The question facing Courts is whether to allow such access and, if so, are there limits on what must be revealed. Senior Judge R. Stanton Wettick, Jr. of the Court of Common Pleas of Allegheny County (which includes Pittsburgh) recently issued an opinion where he extensively discusses the case law surrounding when a litigant is entitled to access an individual’s social networking site and what must be produced if it is. Because Judge Wettick handles most discovery disputes in Allegheny County, this decision is particularly important for practitioners in Pittsburgh and Pennsylvania state courts.

In his opinion, he notes that information from an individual’s social networking site is not protected by any privileges, either because there is no basis for the privilege or it has been waived by sharing the information with others. Despite that, he concludes that the information is not per se discoverable. Rather, the party seeking the discovery must make some threshold showing that there is likely to be relevant information on the social network site before it is entitled to discovery. He concludes that such a test adequately balances the need for relevant discovery with the intrusion of giving access to a great deal of personal information that is unrelated to the issues in the lawsuit.

Picking Better Passwords

by: Robert Wagner, intellectual property attorney at Picadio Sneath Miller & Norton, P.C. ()

With the news that millions of LinkedIn passwords were compromised last week, we should all reconsider what passwords we are using and whether they are secure enough for our needs. As with most security issues, there is always a balance between having a password that is easy enough for you to remember but too difficult for someone else to guess. This article discusses some strategies and tips for creating and managing stronger passwords.

What Is a Bad Password?

Not all passwords are equal, and there are many that should simply be avoided for most applications. It goes without saying that “password” and “12345” are terrible passwords. A good lists of these “bad” passwords can be found here. In general, though, a bad password is one that is:

  • short (less than 8 characters)
  • a single word (in any language) that can be found in a dictionary
  • something that is readily identified with you (e.g., your name or your spouse’s, children’s, or parents’ name; the street you live on or the city you live in, etc.)
  • a variation on your login or username
  • adjacent letters or numbers (e.g., qwerty, 12345, abcde, etc.)

Looking through lists of bad passwords can be very enlightening and can give you some ideas of passwords to avoid.

What Is a Good Password?

Now that we know what types of passwords are not great, what types of passwords are better? A good password likely will have many of the following characteristics:

  • longer than 8 characters (generally, the longer the better)
  • have a mix of upper and lowercase letters, numbers, and symbols
  • be unrelated to any readily identifiable information about you

Again, there is always a balance between ease of use (i.e., something you can remember) and the strength of the password. A long string of random letters, numbers, and symbols is potentially very secure, but is, counterintuitively, not likely to be a good password if you can’t remember it. If you have to write down your password on a piece of paper in order to use it, your password is only as good as the security you have in place to protect that piece of paper.

Thankfully, there are a number of techniques you can use to create stronger passwords that you can remember. One of the most common is to use the first letters of a phrase. For example, if you choose the phrase “To be or not to be, that is the question,” the password would become “Tbontb,titq”. That seemingly random set of letters and symbols would not be susceptible to a dictionary attack (in which the attacker simply tries all the words in the dictionary), but would still be easily remembered. [For the record, this is such a common phrase, that it is likely a bad password. Choose a more obscure sentence or phrase to use, instead.] We could make this password stronger by changing some of the letters to numbers. For example, the “o” could become a zero and the “i” could become a one—so, the password would be “Tb0ntb,t1tq”.

Another common technique is to use unrelated words separated by numbers or symbols. The key to this approach is taking advantage of using the strength of longer passwords and introducing numbers and symbols to avoid dictionary attacks. For example, you could use “fruit25lawnmower#%”. For added strength, you could capitalize some of the letters and change some to numbers—“fRU1t25LawnM0wer#%”.

This is an interesting website where you can enter passwords, and it will assess their relative strengths. As always, you should be cautious about entering any passwords you actually use or intend to use. You can, however, enter similar passwords and begin to get a sense of what makes a stronger or weaker password.

More Dos and Don’ts

Now that we have talked about good and bad passwords, there are a few other points you should consider in managing your passwords.

The strength of your password should reflect the importance of that account to you (or your employer). Very important accounts, like your bank account, should be given the strongest password you can reasonably remember that is different from any other passwords you use. You should also consider regularly changing it in case it becomes compromised without your knowledge.

E-mail accounts should be considered important accounts and given stronger passwords. There can be a real danger if someone gains access to your e-mail account. For example, once you know someone’s username, many websites will allow you to reset the password by sending an e-mail to the registered address. If an attacker gains control of your e-mail, he or she can then reset the password to your bank account (or any other account).

Ideally, you should have a different password for every account or website. That way, if one password is compromised, it won’t compromise your others. Unfortunately, it can be difficult to remember which password you used with which account. To help with this problem, you should consider using a password management program that stores all of your passwords in one location (and is often designed to easily enter those passwords into website forms). These programs then use one master password to unlock all of your passwords. They can be very convenient and useful programs because they allow you to keep track of all of your passwords in a secure way. But, you are putting all your eggs in one basket, so the master password you choose should be strong and access to the program limited.

Finally, don’t write your passwords down on post-it notes on your computer monitor or in other easy-to-find places. If your password is too hard to remember, think about creating a different one that you can remember. On the other hand, it can make good sense to keep your passwords written down in a secure location in case you forget them, especially if the account provides no way to reset the password. Ideally, you should keep them in a locked location, though.

Parting Thoughts

Having a good password requires some discipline and can be inconvenient at times. However, it can be far more inconvenient to have your account hacked and your money or information stolen. Taking a little time now to really think about how to create and manage your passwords can save you a lot of hassle in the future.

Top 10 Smart Phone PINs to Avoid (Updated)

by: Robert Wagner, intellectual property attorney at Picadio Sneath Miller & Norton, P.C.

iPhones and other smart phones are becoming ubiquitous among legal (and other) professionals. The ability to access your e-mail and documents outside the office is extraordinarily convenient. As attorneys, though, we must temper that convenience with our obligation to preserve our clients’ confidences. Most smart phones offer the ability to password protect the phone, often with a 4-digit PIN or passcode, before you can access the information on the phone. They also often have a feature that will wipe the phone’s data if a certain number of incorrect PINs are entered in a row (with the iPhone that number is 10). But just how secure is your phone?

In this blog post by Daniel Amitay, he looked at the most common 4-digit PINs from over 200,000 users for a program he wrote for the iPhone. Startlingly, the top 10 most common PINs represent 15% of all the PINs people actually use (instead of 0.1% if the PINs were uniformly distributed). While the PINs people use for a program on their phone, as opposed to the phone’s PIN itself, may not be the same, the findings are interesting nonetheless. If they were the same or even a large percentage were, this means that someone who finds (or steals) an iPhone would have around a 1 in 7 chance of unlocking the phone before it is wiped automatically! Smart phone users would be well advised to take a look at the list and consider whether the PINs they have chosen are really as secure as they should be given what information is on (or accessible from) their phones.

For a similar article about computer passwords, check out this NY Times article.

Update: There is another very interesting article on DataGenetics website that explores this issue in even more detail. It looks at not only 4-digits PINs, but also up to 10-digit PINs and identifies some of the more common ones used.  It provides even more insight into common PINs to avoid, and it is well worth the read.

Agree To License Or Else

by: Joseph R. Carnicella, intellectual property attorney with Picadio Sneath Miller & Norton, P.C.

According to Law.com and Law Technology News, an e-discovery company, Recommind, is in the early stages of negotiating licenses to various competitors for both its already patented technology and its “expected-to-be” patented technology.  Recommind will then decide, based on the final outcome of such negotiations, whether to file lawsuits against its competitors.  While the pre-suit negotiations may serve as an effective method for the different companies to attempt to save costs invariably associated with patent litigation, such approach is unique in the sense that Recommind is negotiating with technology that may or may not be protected by patents.  Click here for the complete article.

Social Media and IP Protection

by: Joseph R. Carnicella, intellectual property attorney with Picadio Sneath Miller & Norton, P.C.

You may have seen the photograph of the space shuttle Endeavour taken by Stefanie Gordon from her airplane seat.  Well, Ms. Gordon never quite realized exactly what was to come with a simple tweet.  MSN posted a very interesting article this morning exploring the intricacies of copyright protection afforded to those who capture and share fortuitous famous photographs instantly with the public through social media.

Update: What You Need to Know About PDF/A ECF Filings in Federal Court

by: Robert Wagner, intellectual property attorney at Picadio Sneath Miller & Norton, P.C.

As discussed in an earlier post on this blog, the federal courts will be requiring all electronic filers to move to the PDF/A standard for ECF filings. The Western District of Pennsylvania announced that it is beginning its transition to this format now, and all filings starting on January 1, 2012 must be in the PDF/A standard (link to Court’s PDF announcement).

The PDF/A format should be a longer lasting file format that will allow attorneys and the public to access these records well into the future. The PDF/A standard requires that the files be self-contained and not refer to use any information outside of the file itself. So, all the fonts and other information will be embedded inside the file. There are two types of PDF/A formats—the PDF/A-1a and PDF/A-1b formats. The “a” format requires strict tagging of information, while the “b” format is less stringent. As a practical matter, one will likely need the original source file (for example, the original Microsoft Word file) to create a PDF/A-1a file. This will make it more difficult to convert standard PDF files into PDF/A-1a files. On the other hand, because the PDF/A-1b format is more forgiving, and it should be possible to convert standard PDF files into this format. It appears that the federal courts will accept either PDF/A format.

There are a variety of websites offering advice and tutorials to help ease the transition to the PDF/A format. The Adobe Acrobat for Legal Professionals website recently posted a tutorial on using the save as feature in Acrobat 9 and X to create or convert files into the PDF/A format. It also hosted a webcast on the topic that can be viewed here.

For additional information:

  • Federal Court FAQ regarding PDF/A change
  • past Adobe Acrobat for Legal Professionals blog posts on this topic 1, 2, 3, 4
  • ISO 19005-1:2005 FAQ describing the standard (downloads FAQ)
  • PDF/A compliance organization FAQ

Oral Arguments in Microsoft v. i4i Limited on the Burden of Proof for Invalidity

by: Robert Wagner, intellectual property attorney at Picadio Sneath Miller & Norton, P.C.

The United States Supreme Court heard oral arguments today in Microsoft Corp. v. i4i Limited Partnership, Case No. 10-290, a case that calls into question what the proper burden of proof is to invalidate a patent claim. Microsoft challenges the long-standing standard of clear and convincing evidence and argued today that the proper standard of proof is merely by a preponderance of the evidence. Both i4i and the government argued that clear and convincing status quo should be maintained.

As is their custom, the Justices peppered both sides with questions about what the burden should be, and the Justices did not seem to clearly favor either side. While initially arguing in its briefs that the Court should adopt a hybrid approach—clear and convincing evidence for anything considered by the Patent Office during prosecution and preponderance for everything else—that position was largely ignored today during oral arguments. Instead the parties and the Court focused on a uniform standard and what it should be.

Justice Breyer noted the tension that exists between not giving legitimate inventions the protections they deserve and giving protection to inventions that do not deserve it. Counsel for i4i particularly stressed the need for protecting inventors and their inventions. In particular, he reminded the Justices that an inventor must completely describe his or her invention to the public in order to obtain a patent, which prevents the inventor from protecting his or her invention in other ways. The Justices also focused on the exact language of the statute (35 U.S.C. § 282) and the Court’s prior cases addressing the burden of proof. The parties also discussed how to instruct a jury about prior art that the Patent Office did consider.

  • A copy of the transcript can be downloaded here.
  • The Supreme Court docket for this case is located here.
  • The various briefs can be found here.

A decision is expected later this summer. Note that Chief Justice Roberts did not participate in the oral argument.

Patent Reissue as a Hedge Against Invalidity?

by: Robert Wagner, intellectual property attorney at Picadio Sneath Miller & Norton, P.C.

A recent decision from the Federal Circuit provides a boon for patent owners who are interested in filing suit against infringers but are concerned that their claims may be too broad to survive an invalidity attack. The decision in In re Takana (Case No. 2010-1262, April 15, 2011), allows a patent owner to file a reissue application before the US Patent and Trademark Office and add narrower claims to patent solely as a hedge against a potential invalidity challenge in future litigation.

A reissue application requires the patent owner to offer to surrender his or her patent and reopen the prosecution and amend the claims if the proposed changes were the result of an error and made without deceptive intent:

Whenever any patent is, through error without any deceptive intention, deemed wholly or partly inoperative or invalid, by reason of a defective specification or drawing, or by reason of the patentee claiming more or less than he had a right to claim in the patent.

The Patent Office determined that the patent owner could not simply add a dependent claim to his patent through the reissue process. The Federal Circuit disagreed and concluded that the patent owner’s desire to add a narrower dependent claim to his patent was an error–claiming less than he could have claimed during prosecution–and was not done with a deceptive intent. It found nothing improper with the reason for adding the narrower claim was a concern that a potential infringer might be able to invalidate the broad, original claims.

The decision creates a real opportunity for patent owners that want to enforce their patents through litigation, but are concerned that the claims were too broad as they were drafted to survive an invalidity attack. As with any such opportunity, there are drawbacks, however. A patent owner must offer to surrender the patent and reopen the prosecution of the patent. There is always the possibility that an examiner will discover a new reason the calls into question the validity of the patent. There are no guarantees that the surrendered patent will be allowed again. In addition, the patent statute provides for intervening rights that protect the public when a patent owner changes its patent after it has issued (either through reissue or reexamination). These intervening rights may grant absolute and equitable protections for products that were on sale before the patent owner added the new claims. Thus, a patent owner may not be able to enforce the patent against currently-selling products. Intervening rights generally provide fewer protections to future products, though.

This decision presents new opportunities for patent owners and an ability to correct older patents that contain novel ideas that may have been inartfully claimed.

i4i v. Microsoft: Patent Case of the Year? Supremes to Decide

Posted by Henry M. Sneath, a principal, shareholder and IP Group Chair, and  Robert Wagner, an intellectual property attorney, both at Picadio Sneath Miller & Norton, P.C.  in Pittsburgh, Pennsylvania.

All of a sudden, the burden of proof in patent invalidity claims is under review. Where did that come from? i4i beat Microsoft in an infringement case in Texas and now Microsoft wants to change the battlefield rules. They have appealed to the Supreme Court, which will hear argument this  Monday April 18, 2011, that the burden of proof on patent validity challenges should be lowered from “clear and convincing” to “preponderance of the evidence.” Clear and convincing means that the proof must be substantially more likely than not, that the evidence is true.” This is less than “beyond a reasonable doubt” employed in criminal cases, but more stringent than “preponderance” which means simply “more likely than not.” Judges will frequently tell the jury that this inquiry is best visualized like the ‘scales of justice’, and if the evidence tips ever so slightly in favor of one party, then the burden of “preponderance” is met. “Clear and convincing” is a much steeper burden than preponderance – at least according to the law. Microsoft believes that it is much too steep for patent invalidation evidence.

The issue arose at trial in Texas when Microsoft wanted to introduce the prior art of i4i’s own previously designed and used software, which Microsoft claimed invalidated the i4i patent in suit (on sale bar). By the time the lawsuit was filed, the original source code for this prior work was lost, so Microsoft had to rely on circumstantial evidence about what the prior art did. Ultimately, they did not win before the jury or the Courts, and they argued that this was because of the high burden of proof (clear and convincing).

Originally, Microsoft contended that there should be a lower burden of proof (preponderance) only for items not considered by the PTO. It did not attempt to lower the bar for everything. The case has now morphed into an overall attack on the burden of proof in all cases, not just where the PTO has not considered the prior art in question. Microsoft proposes that everything should be preponderance, and, only as a fallback, that things not considered by the PTO need only be proved by a preponderance.

We think the arguments are fairly compelling that the standard needs to apply to everything equally, whatever that standard may be. A hybrid approach where invalidity based on some items need only be proved by a preponderance, while other items would require clear and convincing will simply be unworkable.

Among the problems we see (and the numerous amicus briefers saw) with the hybrid approach are:

1. What counts as being considered by the PTO? If it was disclosed? If it was specifically mentioned by the examiner?

a. If it is everything disclosed in the record, patentees will absolute deluge the PTO with references, which will make the examiner’s job more difficult and will result in references being buried and examinations taking longer.

b. If it is only things discussed by the examiners, that will be unfair to patentees. Examiners are not required to address every reference. They only have to discuss the most relevant ones. Thus, a duplicative reference that still is important may not be mentioned, even though it contains material that the examiner thought highly relevant. Now that reference will be evaluated under a lower burden.

c. Also, examiners frequently look at a number of references in their searches that are never identified in the record. Do these count? How would you find out what was looked at?

2. What do you do with invalidity positions that involve some references that were considered and some that were not?

3. What do you do with a reference that was considered for one basis (anticipation), but not another (obviousness)?

We  think it likely that the Supreme Court will adopt a blanket approach, either preponderance or clear and convincing. If it maintains the status quo, which we think is the better argument, nothing will change in the patent world. As far as we know, this has not been a pressing or disputed issue for years. If they do change to a preponderance standard, we expect that there will be a significant shift in Courts granting summary judgment motions for invalidity. We’re not sure that juries really pay much attention to preponderance or clear and convincing, although it might make a difference in a few cases.

We think that the major corporations siding with Microsoft hope that a change will make it easier to beat back troll (NPE) cases. In particular, larger corporations are likely to be able to afford to draft better patents with more prior art searching that the individual inventors cannot do or afford. We think that they are banking on their own patents’ strength not being affected too much, but with the perhaps underfunded trolls taking a hit. Overall, a shift to preponderance will only weaken patents and their enforceability. It will likely also encourage competitors to take more risks in creating products that arguably infringe; knowing that their burden of proof for invalidity has gone down significantly. We think it is hard to say whether companies will stop applying for patents. In the end, for some products the only thing you can do to protect them is to get a patent. There really aren’t many alternatives for products that are easily reverse engineered.

For ongong coverage of this Supreme Court argument, please check back with us regularly. You may also want to follow a great source for Microsoft news at the Nick Eaton’s Microsoft Blog from Seattle PI: http://blog.seattlepi.com/microsoft/2011/04/14/microsoft-i4i-at-supreme-court-patent-law-at-a-crossroads/

Henry Sneath                  Robert Wagner

“Open Innovation” – Pittsburgh May Be The Perfect Place For it

Posted by Henry M. Sneath, a principal, shareholder and IP Group Chair at Picadio Sneath Miller & Norton, P.C. in Pittsburgh, Pennsylvania.

I take no credit for this post. We have been linking to a great site “Pittsblog” authored by Michael Madison, a UPitt Law Professor.  He has published a series of great articles on “Open Innovation” in Pittsburgh and his latest is a good read. Check it out: http://pittsblog.blogspot.com/