Facebook asserts trademark on word "book" in new user agreementBy Jon Brodkin | Published 2 days agoFacebook asserts trademark on word "book" in new user agreementFacebook has trademarks on its name and many variations of it—including the letter "F". The company is expanding its claim over the word "book".Facebook is trying to expand its trademark rights over the word "book" by adding the claim to a newly revised version of its "Statement of Rights and Responsibilities," the agreement all users implicitly consent to by using or accessing Facebook.You may recall that Facebook has launched multiple lawsuits against websites incorporating the word "book" into their names. Facebook, as far as we can tell, doesn't have a registered trademark on "book." But trademark rights can be asserted based on use of a term, even if the trademark isn't registered, and adding the claim to Facebook's user agreement could boost the company's standing in future lawsuits filed against sites that use the word."Unregistered marks are quite common in the US," University of Minnesota Law Professor William McGeveran told Ars. "Rights arise from use, not registration (though registration does give you some other advantages). That's how Facebook can try to claim 'book.'" If you see a ™ next to a name, that indicates an unregistered, claimed trademark, whereas an R in a circle signifies a registered one, McGeveran notes.So, what exactly is Facebook changing? If you view the current Statement of Rights and Responsibilities, you'll find this sentence: "You will not use our copyrights or trademarks (including Facebook, the Facebook and F Logos, FB, Face, Poke, Wall and 32665), or any confusingly similar marks, without our written permission." If you're wondering, 32665 is the number allowing Facebook users to update their pages through text message. The newly revised user agreement reads as follows (emphasis ours): "You will not use our copyrights or trademarks (including Facebook, the Facebook and F Logos, FB, Face, Poke, Book and Wall), or any confusingly similar marks, except as expressly permitted by our Brand Usage Guidelines or with our prior written permission."Not accepting the terms isn't really an option for anyone with a Facebook account. "By using or accessing Facebook, you agree to this Statement," the document says.Facebook gobbles up trademarks on variations of its nameA search of the trademark database maintained by the US Patent and Trademark Office shows Facebook with 73 active trademarks, many of them covering different uses of the words "Facebook" and "like." Other registered trademarks cover the letter "F," "Face," "FB," the number "0" with a period, "F8," "Facebook Developer Garage," "Wall," "Facepile," "Nextstop.com," "Facebook for good," "Friendfeed," Facebook Insights," "Facebook Pages," and "Facebook Ads.""Book" doesn't appear on the US list. In November 2010, the Los Angeles Times reported that Facebook was successful in trademarking "Face," but might have a tougher time gaining rights to the word "book." A company called myEworkBook filed an application to get the "Book" trademark in the US, but abandoned the application in February 2012 after an unfavorable decision by the trademark review board.Facebook has a pending trademark application on "book" listed in the European Union's trademark database, but the current status is "application opposed" with "likelihood of confusion" listed as the reason for opposition. There are already numerous European trademark claims over "book," but in different contexts than the social media one claimed by Facebook.Status of lawsuits Facebook filed against other "books"We contacted Facebook yesterday afternoon, and haven't heard back from the company. Facebook has had mixed results when asserting trademark rights over "book" in court. Facebook's lawsuit against "Teachbook" is still pending. Facebook settled a suit it filed against Lamebook, allowing the parody site to continue operating. Facebook gained control of a porn site domain called "FacebookOfSex.com." A travel site called Placebook changed its name in 2010, choosing not to fight—no surprise given the large expense of litigation."Maybe I was being naïve, but I thought I could convince the lawyers at Facebook that our site was totally impossible to confuse with theirs," the Placebook site owner wrote in a blog.How the new user agreement helps Facebook assert the trademarkClearly, Facebook wasn't shy about asserting trademark rights on "book" before today. But updating its user agreement gives the company added ammunition in litigation. The updated Statement of Rights and Obligations hasn't taken effect yet, but a comment period expired yesterday."They hope that by putting it in TOS (terms of service) they can improve the enforceability of their asserted trademark rights," McGeveran said.The "book" addition to the user agreement isn't as strong as a registered trademark or copyright, but provides extra protection, says intellectual property attorney Denis Ticak of Benesch, Friedlander, Coplan & Aronoff LLP in Cleveland, Ohio. The difference is that instead of extending to anyone who infringes upon the trademark, the user agreement covers only people who actually use Facebook—which, of course, is a substantial percentage of the population of Earth."Adding that term merely changes the agreement we all become a party to when we accept the terms of service/use the site/etc.," Ticak told Ars. "So, it offers some layer of protection against use of 'book' in, say, a company or website name. But, it only extends to those who accept the statement of rights and responsibilities.' Let's say you go out and create 'Brodkinbook.' Whether or not they have a registered trademark on 'book,' since you in all likelihood use Facebook and shttp://arstechnica.com/tech-policy/news/2012/03/facebook-asserts-trademark-on-word-book-in-new-user-agreement.arsI really have to wonder how APPLE feels about this as they have had the iBOOK, MacBOOK Pro, Power BOOK for quite some time now... sheesh
madness
On Facebook, deleting an app doesn't delete your data from their systemFacebook's proposed changes to its Data Use Policy give third parties a lot of flexibility.by Casey Johnston - May 13 2012, 1:00pm SAWST Privacy The Web39Facebook announced some intended changes to its data use policy to "enhance transparency", according to a Friday post on its Facebook and Privacy page. The updates include better explanations, examples, and "tips" denoted in the text with a lightbulb, as well as some revelations about how third parties deal with users' data.In the revised data use policy, Facebook makes explicit that any time one of your Facebook friends starts using an app, game, or partner website (that, is a site where you can log in using Facebook credentials), Facebook hands that service all of the "publicly available" information on that user. Information that is always publicly available only includes basic stuff like your name or cover photo, but users can have their entire profile publicly available, and thus handed to a service.However, Facebook also clarifies that "if you’ve removed an application and want them to delete the information you’ve already shared with them, you should contact the application and ask them to delete it." This implies that, even if you change Facebook's privacy settings since beginning to use a third-party service, or no longer user the service at all, the service may keep your data on hand unless directly asked to delete it. That is, Facebook won't be your middle man in data cleanup; however, Facebook does note in the policy that apps are contractually obligated to delete data if asked.Not only does this data dance apply to direct users, it seems to apply to users' friends as well. Applications are also able to access the publicly available information of friends of users, and can ask their users to share non-public information from their friends. Facebook provides this example: Your friend might also want to share the music you “like” on Facebook. If you have made that information public, then the application can access it just like anyone else. But if you’ve shared your likes with just your friends, the application could ask your friend for permission to share them.There are no special provisions for the storage of this information, either, that separate this, policy-wise, from direct sharing. To our reading, this means unless you contact the app directly for removal, it could hold onto that data forever. Facebook does point out that users can blanket-command Facebook not to share its information on a friends-of-friends basis by turning off all Platform (third-party) applications. But this means you don't get to use any applications of your own choosing, either.When Facebook was dinged by the FTC and privacy groups in 2009 and 2010 for sharing more information than its privacy policy said it would, the company said it would make changes so information-sharing with third-parties would be "opt-in." The framework described above is, at its base, compliant with opt-in, but saying "I want to play FarmVille, so that app is allowed to have my data" and "I want to play FarmVille, so all the third-party apps my friends use are allowed to have, and retain, my public data, unless I explicitly ask for its removal" are virtually the same thing. It's a subtle relationship, but important for users to grasp.Facebook also addresses the issue of data retention once users have deleted their or other information—something we've noticed the site has had trouble with in the past, particularly when it comes to photos. Facebook says that while deleted accounts should be gone within 90 days, any content that is external to your account, like posts to a Facebook group or private messages to another person, will be retained in the service.
Confirmed: US and Israel created Stuxnet, lost control of itStuxnet was never meant to propagate in the wild.by Nate Anderson - June 1 2012, 6:00am SAWST Hacking National Security137The new account is unlikely to alter Iran's view of the US, seen here in a mural on the old US embassy in TehranDavid HoltIn 2011, the US government rolled out its "International Strategy for Cyberspace," which reminded us that "interconnected networks link nations more closely, so an attack on one nation’s networks may have impact far beyond its borders." An in-depth report today from the New York Times confirms the truth of that statement as it finally lays bare the history and development of the Stuxnet virus—and how it accidentally escaped from the Iranian nuclear facility that was its target.The article is adapted from journalist David Sanger's forthcoming book, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power, and it confirms that both the US and Israeli governments developed and deployed Stuxnet. The goal of the worm was to break Iranian nuclear centrifuge equipment by issuing specific commands to the industrial control hardware responsible for their spin rate. By doing so, both governments hoped to set back the Iranian research program—and the US hoped to keep Israel from launching a pre-emptive military attack.The code was only supposed to work within Iran's Natanz refining facility, which was air-gapped from outside networks and thus difficult to penetrate. But computers and memory cards could be carried between the public Internet and the private Natanz network, and a preliminary bit of "beacon" code was used to map out all the network connections within the plant and report them back to the NSA.That program, first authorized by George W. Bush, worked well enough to provide a digital map of Natanz and its industrial control hardware. Soon, US national labs were testing different bits of the plan to sabotage Natanz (apparently without knowing what the work was for) using similar centrifuges that had come from Libya's Qadaffi regime. When the coders found the right sets of commands to literally shake the centrifuges apart, they knew that Stuxnet could work.When ready, Stuxnet was introduced to Natanz, perhaps by a double agent. Getting the worm into Natanz, however, was no easy trick. The United States and Israel would have to rely on engineers, maintenance workers and others—both spies and unwitting accomplices—with physical access to the plant. “That was our holy grail,” one of the architects of the plan said. “It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand.” In fact, thumb drives turned out to be critical in spreading the first variants of the computer worm; later, more sophisticated methods were developed to deliver the malicious code.When Barack Obama came to office, he continued the program—called "Olympic Games"—which unpredictably disabled bits of the Natanz plant even as it told controllers that everything was normal. But in 2010, Stuxnet escaped Natanz, probably on someone's laptop; once connected to the outside Internet, it did what it was designed not to do: spread in public. The blame game began about who had slipped up in the coding. “We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.” Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”Once released more widely, the Stuxnet code was found and then disassembled by security researchers.Please don't follow our exampleAs the International Strategy for Cyberspace notes, these sorts of electronic attacks are serious business. The US in fact reserves the right to use even military force to respond to similar attacks. "All states possess an inherent right to self-defense, and we recognize that certain hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners," says the report. "We reserve the right to use all necessary means—diplomatic, informational, military, and economic—as appropriate and consistent with applicable international law."Yet the US had just gone on the cyber-attack, and everyone knew it. Speculation has long swirled around government-backed hackers from nations like China and Russia, especially, who have been suspected of involvement in espionage, industrial trade secret theft, and much else. Would something like Stuxnet damage US credibility when it complained about such attacks? (China has long adopted the "you do it too!" defense on Internet issues, especially when it comes to censoring and filtering of Internet content.)Obama was at least aware of the likely answer—yes—but pressed ahead, even accelerating the Olympic Games program. [Obama] repeatedly expressed concerns that any American acknowledgment that it was using cyberweapons—even under the most careful and limited circumstances—could enable other countries, terrorists or hackers to justify their own attacks. “We discussed the irony, more than once,” one of his aides said.Stuxnet is old news by now. Even the newly discovered "Flame" malware was developed some time ago. While details about these two targeted attack packages are finally emerging, the next generation of attack tools has no doubt been developed and likely deployed.
SOPA opponents unveil "Digital Bill of Rights"Sen. Wyden and Rep. Issa want to protect digital citizens.by Nathan Mattise - June 12 2012, 4:07pm SAWST Government Privacy48SOPA Analysis: "Cybersecurity" bill endangers privacy rights Slow learner? MPAA chief hints at talks to revive SOPA White House IP czar: anti-piracy laws should not block free speechThe "Digital Bill of Rights" debuted at the Personal Democracy Forum in New York City on Monday. The document draft comes from Rep. Darrell Issa (R-CA) and Sen. Ron Wyden (D-OR), two key figures in the battle against SOPA.Issa and Wyden created the Digital Bill of Rights because they were concerned about what seemed like a legal oxymoron: lawmakers trying to regulate the Internet without understanding how individuals use it."Government is flying blind, interfering and regulating without understanding even the basics," Issa wrote on his website, KeepTheWebOpen.com (you can find a draft of the Digital Bill of Rights there). "Where can a digital citizen turn for protection against the powerful?"At the conference, Wyden likened this project to a digital version of the "Constitutional convention." It's a convention that Issa and Wyden hope Internet users will participate in. On Issa's site, he openly encourages readers to consider the current draft and suggest revisions (at the publication of this post, several individuals have already logged in to take that offer). Currently, the ten key rights are as follows: The right to a free and uncensored Internet. The right to an open, unobstructed Internet. The right to equality on the Internet. The right to gather and participate in online activities. The right to create and collaborate on the Internet. The right to freely share their ideas. The right to access the Internet equally, regardless of who they are or where they are. The right to freely associate on the Internet. The right to privacy on the Internet. The right to benefit from what they create.Have any edits for Issa and Wyden? Contribute directly (sign-up required) or add them in the comments below.
Retired judge joins fight against DoJ's "outrageous" Megaupload seizuresSays the government hasn't caught up to digital age.by David Kravets, wired.com - June 14 2012, 1:15pm SAWST Government Intellectual Property Lawsuits60Abraham David SofaerAbraham David SofaerAbraham David Sofaer, a former New York federal judge, recently was presenting a paper at the National Academy of Sciences about deterring cyberattacks when he learned the feds had shut down Megaupload, seizing its domain names, in a criminal copyright infringement case.Troubling him more than his paper on global cybersecurity (PDF) was learning that the government had seized the files of 66.6 million customers as part of its prosecution of the file-sharing site’s top officers, and was refusing to give any of the data back to its owners.“It’s really quite outrageous, frankly,” the 74-year-old President Jimmy Carter appointee said in a recent telephone interview. “I was thinking the government hadn’t learned to be discreet in its conduct in the digital world. This is a perfect example on how they are failing to apply traditional standards in the new context.”A former State Department legal adviser, Sofaer has teamed up—free of charge—with the Electronic Frontier Foundation in urging a federal court to set up a system to allow Megaupload users to get back their legal content.His entry into the high-profile case comes as users increasingly turn to online storage systems and services, including Dropbox, Gmail, YouTube, ReadItLater, iCloud, and Google Drive, among others, to share and store their data—despite the fact that legal protections for cloud services are weak and servers can be shut down at any time by an aggressive prosecutor. In an unrelated copyright infringement seizure, the feds confiscated the domain of a hip-hop music blog at the behest of the recording industry, only to return it, without apology or recompense, a year later for lack of evidence.The criminal prosecution of Megaupload targets seven individuals connected to the Hong Kong-based file-sharing site, including founder Kim Dotcom. They were indicted in January on a variety of charges, including criminal copyright infringement and conspiracy to commit money laundering.The government said the site, which generated hundreds of millions in user fees and advertising, facilitated copyright infringement of music, television programs, electronic books, business and entertainment software, and, perhaps most damningly, movies, often before their theatrical release.The site was so popular it leased more than 1,100 servers hosted by Carpathia in Virginia. The government copied 25 petabytes of the data, and said the rest can be erased. The Department of Justice told the federal judge overseeing the prosecution that the government has no obligation to assist anybody getting back their data, even if it’s noninfringing material.“That’s a dangerous road,” Sofaer said.He suggested that the government hasn’t quite caught up to the digital age. He doubts the government would take the same position with a bank it seized.“Of course they would help customers get back their deposits,” he said. “But think about this new world. You can see very clearly that the government is acting in a manner that is indiscriminate.”Justice Department prosecutors handling the case in the Eastern District of Virginia declined comment.But in a recent court filing, the authorities wrote that assisting an Ohio man in getting back his company’s high school sports footage “would create a new and practically unlimited cause of action on behalf of any third party who can claim that the government’s execution of a search warrant adversely impacted a commercial relationship between the target of the search and the third party.”Sofaer, also a former clerk to then-Supreme Court Justice William Brennan Jr. and now a Hoover Institution fellow, claims the government’s response is hogwash. All legal files could easily be retrieved, just like they were before the service was shuttered in January.The Palo Alto, California, scholar has agreed to donate his legal services toward that goal, and wants the judge to appoint an expert to supervise the program, which would provide legal notice to former Megaupload customers that “you are entitled to have your data but not contraband material.”“I think the government could easily live with that,” he said.Julie Samuels is the Electronic Frontier Foundation attorney working with Sofaer, and said litigating with him “has been an absolute pleasure.”“It’s clear that he really gets why this case matters and has the experience and perspective necessary to take the long view: If the court allows the government’s actions to go unchecked here,” she said, “we’ll be facing a world with inhibited property rights that is less friendly for innovation.”Sofaer, who was also a former New York federal prosecutor, understands the government’s motives.“They are eager to make cases, and to be as little bothered by the consequences as possible,” he said. “When I was a prosecutor, I probably would have been the same way.”
FTC stops firms from spying on rented computersWrist slaps all 'roundBy Dave NealWed Sep 26 2012, 15:16Security threats - password theftAMERICAN COMMERCE WATCHDOG the US Federal Trade Commission (FTC) has had some stern words for seven companies that were caught spying on people who rented computers from them: "don't do that again".The FTC said that the seven firms installed monitoring software on computers that they rented to people, and used it to capture data and track their locations.So severe was the spying, it said, that in some cases people's keystrokes were recorded and in others, webcams were used to take photos. And all of this was done without the victims' consent.A settlement with the software design firm that collected the data gathered up by the rent-to-own stores should stop any future spying, according to the FTC."An agreement to rent a computer doesn't give a company license to access consumers' private emails, bank account information, and medical records, or, even worse, webcam photos of people in the privacy of their own homes," said FTC chairman Jon Leibowitz. "The FTC orders today will put an end to their cyber spying."Designerware is the firm that licensed the software to the rent-to-own stores, and the FTC said it reached a settlement with it and the seven firms that were renting the hardware.The seven companies have been charged with breaking the law by secretly collecting consumers' confidential and personal information and using it to try to collect money from them, said the FTC.Data was collected through what Designerware called "Detective Mode". The FTC said that this tricked users into handing over personal contact information, logged keystrokes, took screen captures and took photos. None of which is particularly savoury.Data gathered included: "user names and passwords for email accounts, social media websites, and financial institutions; Social Security numbers; medical records; private emails to doctors; bank and credit card statements; and webcam pictures of children, partially undressed individuals, and intimate activities at home," according to the FTC.The proposed settlement bans all of those involved from doing anything like that again.The FTC named Aspen Way Enterprises, B. Stamper Enterprises, C.A.L.M. Ventures, J.A.G. Rents, Red Zone Investment Group, Showplace and Watershed Development as the computer rent-to-own firms. µ
The latest document published by The Guardian shows that the US National Security Agency (NSA) has been harvesting data from mobile phone apps ranging from instant messaging chat histories to what level of Angry Birds users are on.In the UK, GCHQ has worked with the NSA since 2007 on mobile phone surveillance methods and even published a paper in 2012 explaining how to harvest Angry Birds user data.
