By Henry M. Sneath, Esq. – Chair of the Picadio Sneath Miller & Norton, P.C. Intellectual Property Group. Contact him at firstname.lastname@example.org
Last week a Pittsburgh federal court jury found on behalf of local university CMU against hard drive chip maker Marvell (See attached photo) on claims of patent infringement and willfulness. The $1.17 Billion award was huge by any standards and still faces post trial motions which could vacate the verdict or increase it for willfulness, which the jury found. Judge Fischer could grant any number of what will surely be multiple post trial motions including a motion for mistrial, which was made by Marvell counsel during CMU’s closing argument and on which she denied the motion without prejudice to rule on it after the announcement of a verdict. In other words, she could still grant a mistrial and vacate the one month trial and verdict. She could also increase the verdict by as much as threefold based on the willfulness finding. The article attached below indicates that no tech verdict this large has ever stood the test on appeal. Here is one of a number of good descriptions of the case as it has been written about extensively over the last week: http://arstechnica.com/tech-policy/2012/12/jury-slams-marvell-with-mammoth-1-17-billion-patent-verdict/
Here also is an interesting video take on the case. http://www.bloomberg.com/video/david-martin-on-carnegie-mellon-marvell-patent-case-er1U0P~yQXC616MuXqU_Hw.html
On December 17, 2012, U.S. District Judge Koh denied Apple’s request for a permanent injunction against Samsung. As a reminder, a jury awarded Apple $1.05 billion in damages in August after finding that Samsung had copied certain features of Apple’s iPhone and iPad. (See our earlier blog post summarizing this verdict). With respect to the court’s most recent ruling, Judge Koh followed the Federal Circuit’s heightened standard that requires patent-holders to show a direct link between lost market-share and a specific infringing feature of a competitor’s product. In fact, in a previous ruling related to another lawsuit between Apple and Samsung over the patented search technology used in Apple’s Siri feature, the Federal Circuit overturned Jodge Koh’s decision to grant a preliminary injunction against Samsung’s Galaxy Nexus phone. In the present matter, Judge Koh found that Apple’s evidence for injunctive relief fell short of the strict “causal nexus” standard because the lawyers did not prove that the copied features specifically drove consumers to buy Samsung devices.
Some attorneys believe that Apple’s main objective was to block Samsung’s sale of its products and not to obtain a financial remedy. In this regard, attorneys are of the opinion that the record verdict was a mere slap on the wrist to Samsung, which generates approximately $100 billion in annual revenues. Nonetheless, this recent ruling has a significant impact on the parties’ leverage in the mobile patent litigation arena.
On behalf of our firm, I would like to thank The Pittsburgh Technology Council for hosting such a spectacular event last evening. Also, I would like to congratulate all of the award winners who were recognized by the Council as leaders in technology and innovation within the Pittsburgh area.
The Pittsburgh Technology Council holds an annual Tech 50 awards presentation as a way to honor companies that have demonstrated an ability to grow and succeed as technology-oriented companies in Pittsburgh. The event last evening provided an excellent opportunity for business leaders to come together and recognize and celebrate all of the creative contributions made by these companies on a local, national and global stage. The Tech 50 award winners are as follows:
Calgon Carbon Corporation – Advanced Manufacturer of the Year
Epiphany Solar Water Systems, LLC – Innovator of the Year
ERT, formerly invivodata, inc. – Life Sciences Company of the Year
TrueFit – New Media Company of the Year
Summa Technologies – Solution Provider of the Year
Branding Brand – Start-Up of the Year
ANSYS, Inc. – Tech Titan of the Year
Scott Pearson, Aquion Energy, Inc. – CEO of the Year
Again, congratulations! We wish you and all of the other Pittsburgh tech companies the best.
As a follow up to Robert Wagner’s post, “Discovery of Facebook Accounts,” I will take a closer look at the analysis by Judge Wettick in Trail v. Lesko, No. GD-10-0172249 (July 3, 2012) for determining what a party needs to establish before Judge Wettick will order disclosure of non-public Facebook, or other social networking, content. I will also provide an update on whether other courts have relied upon Judge Wettick’s opinion.
At the outset, Judge Wettick notes that no appellate court in Pennsylvania has addressed discovery requests for information contained within an individual’s Facebook profile. He reviews the approach of other trial judges in Pennsylvania to date and concludes that most Pennsylvania “courts recognize the need for a threshold showing of relevance prior to discovery of any kind, and have nearly all required a party seeking discovery in these cases to articulate some facts that suggest relevant information may be contained within the non-public portions of the profile. To this end, the courts have relied on information contained in the publicly available portions of a user’s profile to form a basis for further discovery.”
Judge Wettick also found the decisions of other state and federal courts to be largely in line with Pennsylvania case law. As in Pennsylvania, other courts agree that the content posted by someone on Facebook is not privileged, either because communications with “Friends” are not privileged or because, if the communications were privileged, such privilege was waived by sharing the content with others. On the other hand, the courts disfavor “fishing expeditions” and tend to require some evidence suggesting the existence of relevant information prior to ordering access to a person’s non-public social media information. According to Judge Wettick, courts from other jurisdictions have taken more steps than Pennsylvania courts, however, to require more narrowly tailored discovery orders or have even relied on counsel to review his or her client’s profile for relevant information in the first instance.
Trail v. Lesko was a personal injury case arising from a motor vehicle accident which was allegedly caused by defendant’s drunk driving. Judge Wettick indicated that he was basing his rulings on Pennsylvania Rule of Civil Procedure 4011(b), which provides that “[n]o discovery or deposition shall be permitted which . . . (b) would cause unreasonable annoyance, embarrassment, oppression, burden or expense to the deponent or any person or party . . . .” Judge Wettick reasoned that a court order that gives an opposing party access to another’s non-public Facebook page “is intrusive because the opposing party is likely to gain access to a great deal of information that has nothing to do with the litigation and may cause embarrassment if viewed by persons who are not “Friends.” Because such discovery is intrusive, it is protected by Rule 4011 “where the party seeking discovery has not shown a sufficient likelihood that such discovery will provide relevant evidence, not otherwise available, that will support the case of the party seeking discovery.”
However, Judge Wettick did acknowledge that the level of intrusiveness for a Facebook page, containing information made available to others who have no obligation to keep it confidential, is likely to be low. Therefore, someone seeking to obtain such information will only need to show that the discovery “is reasonably likely to furnish relevant evidence, not available elsewhere, that will have an impact on the outcome of the case.”
Applying this reasoning to the facts of the case before him, Judge Wettick found that neither party had shown sufficient need for discovery of each other’s non-public Facebook pages. Plaintiff was not entitled to the information because defendant had already made admissions in response to requests for admissions that made the request for Facebook content unnecessary, and defendant was not entitled to the information because the photos from plaintiff’s public page did not contain any information that suggested plaintiff’s personal injury claims were called into question.
With this opinion, Judge Wettick is informing litigators that while he is not opposed to permitting discovery of non-public social media, parties need to show that the social media that a person otherwise assumes is directed solely to a limited audience, i.e. their “friends,” is reasonably likely to be relevant to the claims in the case and is not available elsewhere. In short, Judge Wettick attempts to balance a person’s privacy interests with those of a party seeking to prove or defend his or her case.
So far, no other courts have cited Judge Wettick’s opinion. We will continue to watch for Pennsylvania court opinions following or rejecting Judge Wettick’s approach and for any rulings from the Pennsylvania appellate courts on the issue of discovery of social media.
Earlier this week, an interesting story emerged that Bruce Willis was considering suing Apple over whether his children could inherit his iTunes collection after his death. The story turned out to be a hoax, but the questions it raises regarding ownership and rights in this digital age are very interesting.
Decades ago, music, movies, and books were exclusively purchased in a tangible form—records or CDs, videotapes or DVDs, and paperback or hardback books. While these formats are still largely available, more and more people are purchasing this type of content in an intangible digital format through services like Apple’s iTunes and Amazon’s Kindle stores.
In the past, the purchase of a tangible product like a record or book made transferring the product easy. Under the first sale doctrine, one simply could give or sell the record or book to another without any constraints. Thus, inheriting the record or the book did not pose any problems from an intellectual property or legal perspective. (Whether anyone wanted grandma’s or grandpa’s record or book collection is another matter).
When one purchases a song from iTunes or a book for Amazon’s Kindle store, the issue gets more complicated. One is actually purchasing a limited license to listen to the song or read the book on a limited number of devices. No physical, tangible products are purchased. Normally, the license is limited to the purchaser and is arguably valid only during the lifetime of the purchaser (assuming there are no other restrictions, as there sometimes are with video “purchases”). Thus, there is nothing tangible to give to another. Indeed, the licenses often explicitly restrict the giving or selling of the product to another.
Getting back to the situation that Bruce Willis was supposedly concerned about—what would happen to all of the music he purchased after he died? Most of the time, families will likely not be particularly concerned about whether they inherit grandpa’s music collection, but not always. For instance, what if the father or mother dies prematurely, and everything that the family was listening to or watching on a regular basis was purchased through that person’s iTunes account? The shift to a digital medium could have a very real and expensive consequence (in addition to whatever emotional trauma the family has to deal with from the untimely death).
I think a more concerning issue is the potential effect on a family’s photographs and letters, which can be some of the most treasured possessions a family has. With the shift to storing photographs on-line and corresponding through e-mail rather than letters, we are moving some of our most prized possessions and memories from tangible forms that can easily be preserved and given to others to an intangible form that may have unexpected and unanticipated restrictions. For example, if an individual stores all of his or her photographs on-line, what happens when that person dies? Will the account be closed and all the files deleted once the annual payments stop? Even if it is not, who will be allowed to access it, especially if the passwords were never written down or are lost?
We are still in the infancy of the digital age in many respects and questions like these are only beginning to be considered, and many companies’ terms and conditions are simply not designed to deal with circumstances like these. So, what should one do?
Where possible and when the ability to transfer the item to your spouse, children, or others is important, then efforts should be made to make sure the item is in a tangible form or resides on a computer in a way that is accessible regardless of whether you are alive or whether you fail to make an annual payment to a particular cloud service. In the case of pictures, that could mean having them printed out or storing them in a folder on your hard drive (instead of in the cloud). The same is true of e-mails. If there are particularly important e-mails, make sure that they have been saved on your hard drive, instead of leaving them in the cloud, or print them out.
Finally, it is a good practice to leave instructions as to what important on-line accounts you have (e-mail, Facebook, iTunes, cloud storage, banking, etc.) and how to access them so that others can get access to these accounts where appropriate if you are no longer able to. Given the important nature of these accounts, you should only leave this information with people you trust or in a location that is secure (e.g., a bank box).
It will be interesting to see how companies respond to issues like the one that Bruce Willis supposedly raised (even though he didn’t actually). The cloud provides many great conveniences, but as is often true with new technologies and ways of doing things, there are many unexpected issues that emerge. Hopefully, people, companies, and the law will find solutions to preserve those family treasures without too many hassles.
The USDC for the Western District of Pennsylvania enacted local patent rules in 2005. The court has also been designated as one of a number of courts in the country that are part of a Pilot Program where patent filings will be monitored and wherein participating courts will establish certain practices for the administration of Patent cases. While patent filings have been rather flat in the Pa. Western District in the last few years, the number has skyrocketed in 2012. There were 11 Patent cases filed in 2011, but this year, through July, there have already been 28 filings, or more properly, 11 actual filings and 17 transfers of cases from the Eastern District of Texas, or which relate to those transferred cases.
These latter 17 cases have related to the same or similar patents held by a company called Maxim Integrated Products, which is suing numerous big name companies, and which is being sued in declaratory judgment actions by many other big name companies. Many of their suits were filed, not surprisingly in Texas Eastern, but were transferred to Pa. Western.
Declaratory Judgment actions followed and have been filed here by other companies whom Maxim allegedly threatened with suit. The patent (s) at issue relate to the transfer of “cash” between secure devices (eg: mobile to mobile). The Summary of the Invention in this ‘510 patent is set forth as:
“The present invention is an apparatus, system and method for communicating a cash equivalent electronically to and from a portable module. The portable module can be used as a cash equivalent when buying products and services in the market place. The present invention comprises a portable module that can communicate to a secure module via a microprocessor based device. The portable module can be carried by a consumer, filled with electronic money at an add-money station, and be debited by a merchant when a product or service is purchased by the consumer. As a result of a purchase, the merchant’s cash drawer will indicate an increase in cash value.”
We will follow these cases and report more in the future.
With the incredible rise of social networking websites (an estimated half of Americans use these sites), litigators are beginning in earnest to seek discovery of parties’ social networking accounts and postings (such as Facebook, LinkedIn, MySpace, Twitter). Frequently, statements made or photographs shown on a person’s “wall” or page made be relevant to issues in a lawsuit. For example, in a personal injury action where a plaintiff claims to be disabled or physically restricted because of an accident, a photograph showing the plaintiff engaged in a physical activity after the injury, such as skiing or running, may shed light on the true extent of his or her injuries. Litigators want to obtain access to these social networking sites as part of the discovery process.
The question facing Courts is whether to allow such access and, if so, are there limits on what must be revealed. Senior Judge R. Stanton Wettick, Jr. of the Court of Common Pleas of Allegheny County (which includes Pittsburgh) recently issued an opinion where he extensively discusses the case law surrounding when a litigant is entitled to access an individual’s social networking site and what must be produced if it is. Because Judge Wettick handles most discovery disputes in Allegheny County, this decision is particularly important for practitioners in Pittsburgh and Pennsylvania state courts.
In his opinion, he notes that information from an individual’s social networking site is not protected by any privileges, either because there is no basis for the privilege or it has been waived by sharing the information with others. Despite that, he concludes that the information is not per se discoverable. Rather, the party seeking the discovery must make some threshold showing that there is likely to be relevant information on the social network site before it is entitled to discovery. He concludes that such a test adequately balances the need for relevant discovery with the intrusion of giving access to a great deal of personal information that is unrelated to the issues in the lawsuit.
With the news that millions of LinkedIn passwords were compromised last week, we should all reconsider what passwords we are using and whether they are secure enough for our needs. As with most security issues, there is always a balance between having a password that is easy enough for you to remember but too difficult for someone else to guess. This article discusses some strategies and tips for creating and managing stronger passwords.
What Is a Bad Password?
Not all passwords are equal, and there are many that should simply be avoided for most applications. It goes without saying that “password” and “12345” are terrible passwords. A good lists of these “bad” passwords can be found here. In general, though, a bad password is one that is:
short (less than 8 characters)
a single word (in any language) that can be found in a dictionary
something that is readily identified with you (e.g., your name or your spouse’s, children’s, or parents’ name; the street you live on or the city you live in, etc.)
a variation on your login or username
adjacent letters or numbers (e.g., qwerty, 12345, abcde, etc.)
Looking through lists of bad passwords can be very enlightening and can give you some ideas of passwords to avoid.
What Is a Good Password?
Now that we know what types of passwords are not great, what types of passwords are better? A good password likely will have many of the following characteristics:
longer than 8 characters (generally, the longer the better)
have a mix of upper and lowercase letters, numbers, and symbols
be unrelated to any readily identifiable information about you
Again, there is always a balance between ease of use (i.e., something you can remember) and the strength of the password. A long string of random letters, numbers, and symbols is potentially very secure, but is, counterintuitively, not likely to be a good password if you can’t remember it. If you have to write down your password on a piece of paper in order to use it, your password is only as good as the security you have in place to protect that piece of paper.
Thankfully, there are a number of techniques you can use to create stronger passwords that you can remember. One of the most common is to use the first letters of a phrase. For example, if you choose the phrase “To be or not to be, that is the question,” the password would become “Tbontb,titq”. That seemingly random set of letters and symbols would not be susceptible to a dictionary attack (in which the attacker simply tries all the words in the dictionary), but would still be easily remembered. [For the record, this is such a common phrase, that it is likely a bad password. Choose a more obscure sentence or phrase to use, instead.] We could make this password stronger by changing some of the letters to numbers. For example, the “o” could become a zero and the “i” could become a one—so, the password would be “Tb0ntb,t1tq”.
Another common technique is to use unrelated words separated by numbers or symbols. The key to this approach is taking advantage of using the strength of longer passwords and introducing numbers and symbols to avoid dictionary attacks. For example, you could use “fruit25lawnmower#%”. For added strength, you could capitalize some of the letters and change some to numbers—“fRU1t25LawnM0wer#%”.
This is an interesting website where you can enter passwords, and it will assess their relative strengths. As always, you should be cautious about entering any passwords you actually use or intend to use. You can, however, enter similar passwords and begin to get a sense of what makes a stronger or weaker password.
More Dos and Don’ts
Now that we have talked about good and bad passwords, there are a few other points you should consider in managing your passwords.
The strength of your password should reflect the importance of that account to you (or your employer). Very important accounts, like your bank account, should be given the strongest password you can reasonably remember that is different from any other passwords you use. You should also consider regularly changing it in case it becomes compromised without your knowledge.
E-mail accounts should be considered important accounts and given stronger passwords. There can be a real danger if someone gains access to your e-mail account. For example, once you know someone’s username, many websites will allow you to reset the password by sending an e-mail to the registered address. If an attacker gains control of your e-mail, he or she can then reset the password to your bank account (or any other account).
Ideally, you should have a different password for every account or website. That way, if one password is compromised, it won’t compromise your others. Unfortunately, it can be difficult to remember which password you used with which account. To help with this problem, you should consider using a password management program that stores all of your passwords in one location (and is often designed to easily enter those passwords into website forms). These programs then use one master password to unlock all of your passwords. They can be very convenient and useful programs because they allow you to keep track of all of your passwords in a secure way. But, you are putting all your eggs in one basket, so the master password you choose should be strong and access to the program limited.
Finally, don’t write your passwords down on post-it notes on your computer monitor or in other easy-to-find places. If your password is too hard to remember, think about creating a different one that you can remember. On the other hand, it can make good sense to keep your passwords written down in a secure location in case you forget them, especially if the account provides no way to reset the password. Ideally, you should keep them in a locked location, though.
Having a good password requires some discipline and can be inconvenient at times. However, it can be far more inconvenient to have your account hacked and your money or information stolen. Taking a little time now to really think about how to create and manage your passwords can save you a lot of hassle in the future.
iPhones and other smart phones are becoming ubiquitous among legal (and other) professionals. The ability to access your e-mail and documents outside the office is extraordinarily convenient. As attorneys, though, we must temper that convenience with our obligation to preserve our clients’ confidences. Most smart phones offer the ability to password protect the phone, often with a 4-digit PIN or passcode, before you can access the information on the phone. They also often have a feature that will wipe the phone’s data if a certain number of incorrect PINs are entered in a row (with the iPhone that number is 10). But just how secure is your phone?
In this blog post by Daniel Amitay, he looked at the most common 4-digit PINs from over 200,000 users for a program he wrote for the iPhone. Startlingly, the top 10 most common PINs represent 15% of all the PINs people actually use (instead of 0.1% if the PINs were uniformly distributed). While the PINs people use for a program on their phone, as opposed to the phone’s PIN itself, may not be the same, the findings are interesting nonetheless. If they were the same or even a large percentage were, this means that someone who finds (or steals) an iPhone would have around a 1 in 7 chance of unlocking the phone before it is wiped automatically! Smart phone users would be well advised to take a look at the list and consider whether the PINs they have chosen are really as secure as they should be given what information is on (or accessible from) their phones.
For a similar article about computer passwords, check out this NY Times article.
Update: There is another very interesting article on DataGenetics website that explores this issue in even more detail. It looks at not only 4-digits PINs, but also up to 10-digit PINs and identifies some of the more common ones used. It provides even more insight into common PINs to avoid, and it is well worth the read.
According to Law.com and Law Technology News, an e-discovery company, Recommind, is in the early stages of negotiating licenses to various competitors for both its already patented technology and its “expected-to-be” patented technology. Recommind will then decide, based on the final outcome of such negotiations, whether to file lawsuits against its competitors. While the pre-suit negotiations may serve as an effective method for the different companies to attempt to save costs invariably associated with patent litigation, such approach is unique in the sense that Recommind is negotiating with technology that may or may not be protected by patents. Click here for the complete article.
Contact our Pittsburgh Intellectual Property, Cyber and Data Security, Trade Secret, DTSA and Technology Attorneys at Houston Harbaugh, P.C. through IP and Litigation Sections Chair Henry M. Sneath at 412-288-4013 or email@example.com. While focusing first on health care and prevention issues for family, friends and employees, we are also beginning to examine the overall Covid Law related issues in business litigation, contract force majeure, trusts and estates litigation and insurance coverage issues that will naturally follow the economic disruption of the Covid-19 pandemic.
Some posts herein are from the HH-Law resources of PSMN® and PSMNLaw®. Business Litigation. Pittsburgh Strong® and DTSALaw®, PSMN® and PSMNLaw® are federally registered trademarks of HH-Law. See Firm Website at: https://www.hh-law.com/Professionals/Henry-Sneath.shtml