- The European Union is moving to outlaw “hacking tools,” such as programs used to access information without a password. Security researchers are concerned that the new law, if implemented, would hinder their ability to do their jobs and perform important research in cybersecurity. [Wired]
- The Department of Justice filed suit against Apple and certain book publishers over e-book pricing. The DOJ argued that contract provisions known as “most favored nation” clauses, which forbid the publisher from allowing a book to be sold below a certain price, violate antitrust laws. Three publishers have already settled with the DOJ. This lawsuit is a boon for Amazon, which will be able to lower prices for Kindle books and better compete in the marketplace. [N.Y. Times]
- The Court of Appeals for the Ninth Circuit has ruled in U.S. v. Nosal that it is not a crime under the Computer Fraud and Abuse Act to violate an employer’s computer use policy or a website’s terms of service. David Nosal, the defendant in the case, had obtained information that he was legally permitted to acquire, but then used it improperly. The majority expressed worry that the government’s interpretation of the statute would criminalize minor lies on social networking sites or slight improprieties (such as an employee sending a personal email from a work computer). The dissent argued that this case was not about the violation of the terms themselves, but rather about intent, and Mr. Nosal acted with an actual intent to defraud. [Law.com]
As the Washington Post recently reported, employers have started demanding that employees (and potential employees) turn over their Facebook passwords. Recently, according to Ars Technica, a teacher’s aid was suspended for failing to turn over her Facebook login information after a parent complained about a posted photograph. Facebook has instructed users not to turn over their passwords, and has stated that it may take legal action against companies that require employees to provide this information. Facebook has made clear that requiring this information (and logging in as someone else) is a violation of their terms of service, which tells users that they must not “solicit login information or access an account belonging to someone else.” As was pointed out in a recent episode of This Week in Law, it would be imprudent for any company which values its online presence to ignore Facebook’s terms of service.
It is unclear if there will be any legal consequences for companies which demand employees’ passwords. According to the New York Times, “Senators Charles E. Schumer of New York and Richard Blumenthal of Connecticut said they were calling on the Justice Department and the Equal Employment Opportunity Commission to begin investigations” on the grounds that “[p]ersonal information such as gender, race, religion and age are often displayed on a Facebook profile — all details that are protected by federal employment law.” The House of Representatives recently rejected a proposed amendment to a bill which would have explicitly granted the FCC the authority to prevent employers from demanding “confidential passwords to social networking websites.”
Image: CC BY-SA 2.0 / massimobarbieri