30 May 2014


The UK Independent has report on conviction of Juliette D’Souza - a “witch doctor” - who persuaded vulnerable people to pay for spiritual cures for serious health problems, an aggregate £1m payment.

The supposed healer reportedly claimed the money would be hung from a magic tree in the Amazon rainforest (presumably if it was hung from a magic tree at the north pole the loot might be pocked by a bear or miscreant elves) but spent the money on jewellery, antiques, holidays and of course Louis Vuitton handbags.

D’Souza was remanded in custody after being convicted on 23 counts of obtaining property by deception and fraud. Kartsten J at Blackfriars Crown Court commented “With this history of confidence trickery I really can’t rely on your client turning up tomorrow".

D’Souza claimed she had known Princess Diana, had cured John Cleese’s daughter of cancer and could introduce a young singer to Simon Cowell.
In one case, a 41-year-old woman paid D’Souza £176,000 to help her conceive. When the woman did become pregnant, D’Souza told her to abort the baby, saying it was deformed. 
In another, Sunday Times photographer Jocelyn Bain Hogg paid her £43,000 to help his mother, who was undergoing heart surgery. She told him that “his mother would die if he didn’t pay”. 
A retired solicitor, Richard Collier-Wright, paid D’Souza £7,000 to try to cure him of leukaemia, while the mother of a 10-year-old boy with Down’s syndrome handed over £42,000 to deal with his behavioural problems.
Other sources report that one victim paid £169,000 from 1998 to 2004 to "ward off the evil spirit of her deceased brother, save her partner from a nonexistent tumour and ensure her eye surgery would be a success", which (quelle surprise) it was not. That victim's friend handed over £195,000 in the same period, with much of the money supposed to secure his job. (The magic money tree was out of order, as he was made redundant.) 83 year old retired opera singer Sylvia Eaves was conned out of £353,000.


'Missing the Forest for the Trolls' by Mark A. Lemley and A. Douglas Melamed in Columbia Law Review comments that
 Trolls are a significant feature of the patent system. They account for a large number of suits, now a majority of all patent assertions in the country and an even higher percentage in the information technology (IT) industries. They win both larger judgments and larger settlements than do “practicing entities” (“PEs”) -- those that practice patents and are not principally in the business of collecting money from others that practice them. And they do so despite complaints that trolls assert weak patents and some evidence that troll patents are more likely to lose in court. 
Nonetheless, we think the focus on patent trolls obscures a more complex set of challenges confronting the patent system. In this paper, we make three points. First, patent trolls are not a unitary phenomenon. We see at least three different troll business models developing, and those models have different effects on the patent system. Second, patent assertions by practicing entities can create just as many problems as assertions by patent trolls. The nature of many industries obscures some of the costs of those assertions, but that does not mean they are cost-free. In addition, practicing entities are increasingly engaging in “patent privateering,” in which product-producing companies take on many of the attributes of trolls. Put differently, while trolls exploit problems with the patent system, they are not the only ones that do so. Third, many of the problems associated with trolls are in fact problems that stem from the disaggregation of complementary patents into too many different hands. That in turn suggests that groups like Intellectual Ventures might be reducing, not worsening, these problems (though, as we will see, the overall effects are ambiguous), while “patent privateers” that spin off patents in order for others to assert them might make things worse. For this reason, patent reformers and antitrust authorities should worry less about aggregation of patent rights and more about disaggregation of those rights, sometimes accomplished by spinning them out to others. 
Understanding the economics of patent assertions by both trolls and practicing entities allows us to move beyond labels and the search for “bad actors,” focusing instead on aspects of the patent system itself that give rise to the problems and on specific, objectionable conduct in which both trolls and practicing entities sometimes engage. Patent trolls alone are not the problem; they are a symptom of larger problems with the patent system. Treating the symptom will not solve the problems. In a very real sense, critics have been missing the forest for the trolls. Exposing the larger problems allows us to contemplate changes in patent law that will actually tackle the underlying pathologies of the patent system and the abusive conduct they enable.
In response 'On Mass Patent Aggregators' by David L. Schwartz in (2014) 114 Columbia Law Review Sidebar 51 comments
Lemley & Melamed's article provides a refreshingly balanced and nuanced view of the litigation system. Their article defends, at least partially, mass patent aggregators. However, mass patent aggregators are much more complicated than Lemley and Melamed's article describes. This Essay explains many of the complexities that surround the acquisition and enforcement of patents by mass patent aggregators. Some of these complexities cut in favor of Lemley & Melamed's conclusions, but others do not.
Schwartz states
the debate about patent trolls is everywhere. From the op-ed pages of The Wall Street Journal and The New York Times to President Obama’s Council of Economic Advisors to Judge Richard Posner the nearly unanimous view appears to be that patent “trolls” are evil. The argument is that since patent trolls do not manufacture any products, they are merely siphoning money from the “true” innovative firms, the manufacturers. This argument is exaggerated and overly simplistic. If the failure to manufacture products is the problem, it is curious that almost none of the proposed changes to the patent system require manufacture.ure to manufacture products is the problem, it is curious that almost none of the proposed changes to the patent system require manufacture. While there are patent holders who abuse and exploit the patent litigation system, there also are patent holders with meritorious claims who have been unfairly denied compensation. This is true for companies that both do and do not manufacture. The critics also lump together a wide variety of seemingly different actors, including individual inventors, failed startups, research and development companies, mass patent aggregators, and Wall Street speculators who buy a single patent for purposes of enforcement. The correct analysis of the costs and benefits of patent trolls is quite complicated, and far beyond the simple narrative based upon whether the owner of the patent manufactures products. 
Lemley and Melamed’s Article, Missing the Forest for the Trolls, provides a refreshingly balanced and nuanced view of what Lemley and Melamed refer to as “patent trolls.” With respect to the label, instead of “patent troll,” this Essay uses the more neutral term “non-practicing entity,” or “NPE” for short. In Lemley and Melamed’s measured Article, they situate NPEs and aggregators within a sophisticated view of the patent litigation system. They even proceed to defend, at least partially, mass patent aggregators, a type of NPE that is almost universally vilified in the press. However, Lemley and Melamed omit many complexities that surround the acquisition and enforcement of patents by mass patent aggregators. Some of these complexities cut in favor of Lemley and Melamed’s conclusions, but others do not. These complexities should be taken into account in any assessment of whether aggregators do more social and economic harm than good. 
This Essay first highlights and underscores several of Lemley and Melamed’s points. Then, Part II explains unappreciated complexities relating to mass patent aggregators, including both positive and negative contributions. Finally, Part III offers a broad view of the recent focus on increased enforcement of patents.

29 May 2014


'Personal and Proprietary Remedies for Breach of Confidence: Nearer to Breach of Fiduciary Duty or Breach of Contract?' (University of Cambridge Faculty of Law Research Paper No. 33/2014) by Graham Virgo argues
 The operation of the remedies for breach of the equitable duty of confidence are confused, largely because of a recent tendency to treat the action as a tort, with a consequent lack of emphasis of the equitable origins of the action for breach of confidence. This paper places the action and the available remedies in its equitable context. It surveys the operation of the pecuniary remedies which are available, with particular reference to negotiating damages and breach of confidence. Principles are identified to determine when each remedy should be available, including two fundamental principles of but for causation and conscience. The paper also considers whether profits made from breach of confidence should be held on constructive trust. Whilst it is argued that it is now time to recognise a principled remedial constructive trust in English law, the role of such a trust as a remedy for breach of confidence is likely to be very limited.

28 May 2014

FTC report on US Data Brokers

The Federal Trade Commission has released Data Brokers: A Call for Transparency and Accountability [PDF], a study of nine US data brokers.

The report comments that
these data brokers collect personal information about consumers from a wide range of sources and provide it for a variety of purposes, including verifying an individual’s identity, marketing products, and detecting fraud. Because these companies generally never interact with consumers, consumers are often unaware of their existence, much less the variety of practices in which they engage. By reporting on the data collection and use practices of these nine data brokers, which represent a cross-section of the industry, this report attempts to shed light on the data broker industry and its practices. 
For decades, policymakers have expressed concerns about the lack of transparency of companies that buy and sell consumer data without direct consumer interaction. Indeed, the lack of transparency among companies providing consumer data for credit and other eligibility determinations led to the adoption of the Fair Credit Reporting Act (“FCRA”), a statute the Commission has enforced since its enactment in 1970. The FCRA covers the provision of consumer data by consumer reporting agencies where it is used or expected to be used for decisions about credit, employment, insurance, housing, and similar eligibility determinations; it generally does not cover the sale of consumer data for marketing and other purposes. While the Commission has vigorously enforced the FCRA, since the late 1990s it has also been active in examining the practices of data brokers that fall outside the FCRA.
Most recently, in its 2012 report Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers (“Privacy Report”), the Commission specifically addressed the subject of data brokers. The Commission described three different categories of data brokers: (1) entities subject to the FCRA; (2) entities that maintain data for marketing purposes; and (3) non-FCRA covered entities that maintain data for non-marketing purposes that fall outside of the FCRA, such as to detect fraud or locate people. The Commission noted that, while the FCRA addresses a number of critical transparency issues associated with companies that sell data for credit, employment, and insurance purposes, data brokers within the other two categories remain opaque. In the report, the Commission recommended legislation in this area to improve the transparency of industry practices. Following the Privacy Report, the Commission determined that, despite some progress, too little was still known about the practices of data brokers and that further examination was needed.
To further the objective of increased transparency, in December 2012, the Commission initiated a study of data broker practices. It issued identical Orders to File Special Reports (“Orders”) under section 6(b) of the Federal Trade Commission Act to nine data brokers seeking information about their data collection and use practices, as well as any tools provided to consumers to control these practices. Appendix A is a copy of the text of the Orders that the Commission issued to the data brokers. 
The nine data brokers that received the Orders are Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, PeekYou, Rapleaf, and Recorded Future. The Orders requested detailed information regarding the data brokers’ practices, including the nature and sources of consumer data they collect; how they use, maintain, and disseminate the data; and the extent to which the data brokers allow consumers to access and correct data about them or to opt out of having their personal information sold or shared.
This report summarizes the information provided in response to the Commission’s Orders, including information gathered through follow-up questions and meetings and publicly available sources. In general, the data brokers collect information about consumers from a wide variety of commercial, government, and other publicly available sources. In developing their products, the data brokers use not only the raw data they obtain from these sources, such as a person’s name, address, home ownership status, or age, but also certain derived data, which they infer about consumers. For example, a data broker might infer that an individual with a boating license has an interest in boating, that a consumer has a technology interest based on the purchase of a “Wired” magazine subscription, or that a consumer who has bought two Ford cars has loyalty to that brand. The data brokers use this actual and derived data to create three main kinds of products for clients in a wide variety of industries: marketing products, risk mitigation products, and people search products.
Marketing Products
Five of the data brokers studied sell marketing products, which assist clients in a variety of ways. For example, businesses can purchase their customers’ email addresses from data brokers so that they can send email solicitations to them. They can also purchase information about their customers’ interests in order to market specific products to them, including using consumers’ offline activities to determine what advertisements to serve them on the Internet. The data brokers also sell analytics products. For instance, some data brokers analyze their client’s customer data and suggest the media channel to use to advertise a particular product (e.g., online or newspapers) and/or the geographic region where the advertisements should be shown. A few data brokers also convert their analyses into marketing scores that, for example, rank clients’ customers on the basis of how likely they are to respond to particular marketing efforts or to make a purchase, their presence on the web or their influence over others, or other metrics.
Most of the data brokers that sell marketing products provide consumers with limited access to some, but not all, of the actual and derived data the data brokers have about them. Only two of the data brokers allow consumers to correct their personal information for marketing purposes, and four of the five data brokers that sell marketing products allow consumers to opt out of the use of their personal information for marketing purposes. However, it is not clear how consumers would learn about these rights; for example, no centralized portal currently exists for consumers to learn about data brokers and what access rights and choices they provide.
Risk Mitigation Products
Four of the data brokers studied sell risk mitigation products, which clients use to verify their customers’ identities or detect fraud. For example, a lender might use a data broker’s identity verification product to ensure that the individual presenting himself as John Smith at 123 Main Street who wants to open an account is in fact that John Smith. The same lender might use a fraud detection product to flag whether a Social Security number provided as part of the application process has recently been associated with many different addresses, thereby suggesting fraud.
Even if consumers knew about the data brokers providing products in this category or knew they were denied or limited in their ability to complete a transaction, they might not be able to access their own information from these data brokers and correct errors. Two of the data brokers studied provide consumers with some form of access to their information used in risk mitigation products after verifying their identity, but only one allows consumers to correct their information.
People search Products
Three of the data brokers studied provide “people search” websites through which users can search for publicly available information about consumers. Users can use these products to research corporate executives and competitors, find old friends, look up a potential love interest or neighbor, network, or obtain court records or other information about consumers. Consumers can generally access their information through the same free or fee-based products that the data brokers provide to their clients. These data brokers allow consumers to correct certain information to varying degrees; most of them also allow consumers to opt out of the disclosure of their information.
The report features the following findings.
1 . Characteristics of the Industry
  • Data Brokers Collect Consumer Data from Numerous Sources, Largely Without Consumers’ Knowledge: Data brokers collect data from commercial, government, and other publicly available sources. Data collected could include bankruptcy information, voting registration, consumer purchase data, web browsing activities, warranty registrations, and other details of consumers’ everyday interactions. Data brokers do not obtain this data directly from consumers, and consumers are thus largely unaware that data brokers are collecting and using this information. While each data broker source may provide only a few data elements about a consumer’s activities, data brokers can put all of these data elements together to form a more detailed composite of the consumer’s life. 
  • The Data Broker Industry is Complex, with Multiple Layers of Data Brokers Providing Data to Each Other: Data brokers provide data not only to end-users, but also to other data brokers. The nine data brokers studied obtain most of their data from other data brokers rather than directly from an original source. Some of those data brokers may in turn have obtained the information from other data brokers. Seven of the nine data brokers in the Commission’s study provide data to each other. Accordingly, it would be virtually impossible for a consumer to determine how a data broker obtained his or her data; the consumer would have to retrace the path of data through a series of data brokers. 
  • Data Brokers Collect and Store Billions of Data Elements Covering Nearly Every U.S. Consumer: Data brokers collect and store a vast amount of data on almost every U.S. household and commercial transaction. Of the nine data brokers, one data broker’s database has information on 1.4 billion consumer transactions and over 700 billion aggregated data elements; another data broker’s database covers one trillion dollars in consumer transactions; and yet another data broker adds three billion new records each month to its databases. Most importantly, data brokers hold a vast array of information on individual consumers. For example, one of the nine data brokers has 3000 data segments for nearly every U.S. consumer. 
  • Data Brokers Combine and Analyze Data About Consumers to Make Inferences About Them, Including Potentially Sensitive Inferences: Data brokers infer consumer interests from the data that they collect. They use those interests, along with other information, to place consumers in categories. Some categories may seem innocuous such as “Dog Owner,” “Winter Activity Enthusiast,” or “Mail Order Responder.” Potentially sensitive categories include those Data Brokers: A Call for Transparency and Accountability that primarily focus on ethnicity and income levels, such as “Urban Scramble” and “Mobile Mixers,” both of which include a high concentration of Latinos and African Americans with low incomes. Other potentially sensitive categories highlight a consumer’s age such as “Rural Everlasting,” which includes single men and women over the age of 66 with “low educational attainment and low net worths,” while “Married Sophisticates” includes thirty-something couples in the “upper-middle class . . . with no children.” Yet other potentially sensitive categories highlight certain health-related topics or conditions, such as “Expectant Parent,” “Diabetes Interest,” and “Cholesterol Focus.” 
  • Data Brokers Combine Online and Offline Data to Market to Consumers Online: Data brokers rely on websites with registration features and cookies to find consumers online and target Internet advertisements to them based on their offline activities. Once a data broker locates a consumer online and places a cookie on the consumer’s browser, the data broker’s client can advertise to that consumer across the Internet for as long as the cookie stays on the consumer’s browser. Consumers may not be aware that data brokers are providing companies with products to allow them to advertise to consumers online based on their offline activities. Some data brokers are using similar technology to serve targeted advertisements to consumers on mobile devices.
2 . Benefits and Risks
  • Consumers Benefit from Many of the Purposes for Which Data Brokers Collect and Use Data: Data broker products help to prevent fraud, improve product offerings, and deliver tailored advertisements to consumers. Risk mitigation products provide significant benefits to consumers by, for example, helping prevent fraudsters from impersonating unsuspecting consumers. Marketing products benefit consumers by allowing them to more easily find and enjoy the goods and services they need and prefer. In addition, consumers benefit from increased and innovative product offerings fueled by increased competition from small businesses that are able to connect with consumers they may not have otherwise been able to reach. Similarly, people search products allow individuals to connect with old classmates, neighbors, and friends. 
  • At the Same Time, Many of the Purposes for Which Data Brokers Collect and Use Data Pose Risks to Consumers: There are a number of potential risks to consumers from data brokers’ collection and use of consumer data. For example, if a consumer is denied the ability to conclude a transaction based on an error in a risk mitigation product, the consumer can be harmed without knowing why. In such cases, the consumer is not only denied the immediate benefit, but also cannot take steps to prevent the problem from recurring. Similarly, the scoring processes used in some marketing products are not transparent to consumers. This means that consumers are unable to take actions that might mitigate the negative effects of lower scores, such as being limited to ads for subprime credit or receiving different levels of service from companies. As to other marketing products, they may facilitate the sending of advertisements about health, ethnicity, or financial products, which some consumers may find troubling and which could undermine their trust in the marketplace. Moreover, marketers could even use the seemingly innocuous inferences about consumers in ways that raise concerns. For example, while a data broker could infer that a consumer belongs in a data segment for “Biker Enthusiasts,” which would allow a motorcycle dealership to offer the consumer coupons, an insurance company using that same segment might infer that the consumer engages in risky behavior. Similarly, while data brokers have a data category for “Diabetes Interest” that a manufacturer of sugar-free products could use to offer product discounts, an insurance company could use that same category to classify a consumer as higher risk. Finally, people search products can be used to facilitate harassment, or even stalking, and may expose domestic violence victims, law enforcement officers, prosecutors, public officials, or other individuals to retaliation or other harm. 
  • Storing Data About Consumers Indefinitely May Create Security Risks: Some of the data brokers store all data indefinitely, even if it is later updated, unless otherwise prohibited by contract. For some products, these data brokers report that they need to keep older data. For example, they explain that even if a consumer’s address is outdated, it is important to keep the consumer’s address history in order to verify the consumer’s identity. For other products, however, retention of older data may not be necessary. An older address may be less relevant to deliver marketing to a consumer. Although stored data may be useful for future business purposes, the risk of keeping the data may outweigh the benefits. For example, identity thieves and other unscrupulous actors may be attracted to the collection of consumer profiles that would give them a clear picture of consumers’ habits over time, thereby enabling them to predict passwords, challenge questions, or other authentication credentials.
3 . Consumer Choice
  • To the Extent Data Brokers Offer Consumers Choices About Their Data, the Choices are Largely Invisible and Incomplete: Some data brokers provide consumers with choices about their data, but because data brokers are not consumer-facing, consumers may not know where to go to exercise any choices that may be offered. In addition, the data brokers’ opt outs do not clearly convey whether the consumer can exercise a choice to opt out of all uses of consumer data, and therefore, consumers may find the opt outs confusing. As a result, even those consumers who know who the data brokers are, find their websites, and take the time to find the opt out and use it may still not know its limitations. For marketing products, the extent of consumers’ choices over their data is not clear. For risk mitigation products, many data brokers do not provide consumers with access to their data or the ability to correct inaccurate data.
Many of these findings point to a fundamental lack of transparency about data broker industry practices. Data brokers acquire a vast array of detailed and specific information about consumers; analyze it to make inferences about consumers, some of which may be considered sensitive; and share the information with clients in a range of industries. All of this activity takes place behind the scenes, without consumers’ knowledge. 
In light of these findings, the Commission unanimously renews its call for Congress to consider enacting legislation that would enable consumers to learn of the existence and activities of data brokers and provide consumers with reasonable access to information about them held by these entities. The specific legislative recommendations made by the Commission reflect high-level principles drawn from the findings of this study, the Commission’s previous work in this area, and the ongoing public debate about data brokers. In particular, the recommendations build on the Commission’s work for the last two decades to improve transparency and choice in the data broker industry. Indeed, despite the Commission’s call for greater transparency in the 1990s, the Individual References Services Group (“IRSG”) self-regulatory experiment to improve transparency of data broker practices was short-lived. Since then, data broker practices have grown dramatically, in both breadth and depth, as data brokers have expanded their ability to collect information from a greater number of sources, including from consumers’ online activities; analyze it through new algorithms and emerging business models; and store the information indefinitely due to reduced storage costs. Despite the Commission’s past recommendations, lack of transparency and choice remain a significant source of concern about this industry.
The Commission’s legislative recommendations vary depending on the product categories at issue— marketing, risk mitigation, or people search—and reflect differences in the business models and the sensitivity of the data used. Many of these legislative recommendations are consistent with best practices that certain of the nine data brokers have already implemented.
The FTC accordingly offers several legislative recommendations
With respect to data brokers that sell marketing products, the Commission recommends that Congress consider legislation requiring data brokers to provide consumers access to their data, including sensitive data held about them, at a reasonable level of detail, and the ability to opt out of having it shared for marketing purposes. The Commission recommends that Congress consider including four requirements in any such legislation. 
First, Congress should seek to enable consumers to easily identify which data brokers may have data about them and where they should go to access such information and exercise opt-out rights. Legislation could require the creation of a centralized mechanism, such as an Internet portal, where data brokers can identify themselves, describe their information collection and use practices, and provide links to access tools and opt outs. 
Second, Congress should consider requiring data brokers to clearly disclose to consumers (e.g., on their websites) that they not only use the raw data that they obtain from their sources, such as a person’s name, address, age, and income range, but that they also derive from the data certain data elements. Allowing consumers to access data about themselves is particularly important in the case of sensitive information—and inferences about sensitive consumer preferences and characteristics—such as those relating to certain health information. 
Third, Congress should consider requiring data brokers to disclose the names and/or categories of their sources of data, so that consumers are better able to determine if, for example, they need to correct their data with an original public record source. 
Finally, Congress should consider requiring consumer-facing entities to provide a prominent notice to consumers that they share consumer data with data brokers and provide consumers with choices about the use of their data, such as the ability to opt-out of sharing their information with data brokers. Congress should also consider protecting sensitive information, such as certain health information, by requiring that consumer-facing sources obtain consumers’ affirmative express consent before they collect sensitive information. Because few consumers know about the existence of data brokers, meaningful notice from the data source provides an important opportunity for consumers to learn that their data is shared with data brokers and how to exercise control over the use of their data.
For data brokers that sell risk mitigation products, the Commission recommends that Congress consider legislation that provides consumers with transparency when a company uses a risk mitigation product to limit consumers’ ability to complete a transaction. Specifically, when a risk mitigation product adversely impacts a consumer’s ability to obtain certain benefits, the consumer-facing company should identify the data brokers whose data the company relied upon; these data brokers could, in turn, give consumers the right to access the information used and, where appropriate, correct any erroneous information. The level of transparency, access, and correction should be tied to the significance of the benefit or transaction in question. At the same time, the Commission recognizes that it may be appropriate for legislation to require data brokers to implement robust authentication safeguards before allowing such access and correction so that an unscrupulous individual cannot “correct” accurate data. Congress should consider how to enable consumer access while preserving the accuracy and security of such data. 
The Commission also recommends Congress consider legislation that would require data brokers offering people search products to: (1) allow consumers to access their own information; (2) allow consumers to suppress the use of this information; (3) disclose to consumers the data brokers’ sources of information, so that, if possible, consumers can correct their information at the source; and (4) disclose any limitations of the opt-out option, such as the fact that close matches of an individual’s name may continue to appear in search results.
The report states that the FTC more generally calls on the data broker industry to adopt several best practices -
First, they should implement privacy-by-design, which includes considering privacy issues at every stage of product development. 
Second, the Commission encourages data brokers to implement better measures to refrain from collecting information from children and teens, particularly in marketing products. 
Finally, the Commission recommends that data brokers take reasonable precautions to ensure that downstream users of their data do not use it for eligibility determinations or for unlawful discriminatory purposes.

27 May 2014


'Free: Accounting for the Costs of the Internet’s Most Popular Price' by Chris Jay Hoofnagle and Jan Whittington in (2014) 61 UCLA Law Review 606 comments
 Offers of free services abound on the Internet. But the focus on the price rather than on the cost of free services has led consumers into a position of vulnerability. For example, even though internet users typically exchange personal information for the opportunity to use these purportedly free services, one court has found that users of free services are not consumers for purposes of California consumer protection law. This holding reflects the common misconception that the costs of free online transactions are negligible—when in fact true costs may be quite significant. To elucidate the true costs of these allegedly free services, we apply a transaction cost economics (TCE) approach. Unlike orthodox economic theory, TCE provides a framework for analyzing exchanges in which the price of the product seems to be zero. Under a TCE analysis, we argue that information-intensive companies misuse the term “free” to promote products and services that involve numerous nonpecuniary costs. In so doing, firms generate contractual hazards for consumers, ignore consumer preferences for privacy, and mislead consumers by creating the impression that a given transaction will be free. 
While psychological research and behavioral economics may support an outright ban of free offers because of their biasing effects, TCE suggests reforming governance structures to place the business risks associated with free transactions more firmly in the hands of businesses. We suggest alterations to governance structures—such as the Federal Trade Commission’s Guide Concerning Use of the Word “Free” (FTC Guide)—to curb the incentives of firms to raise transaction costs for consumers. The FTC Guide provides support for two of the consumer protection measures we propose: first, a requirement that free service providers clearly disclose that such providers seek users’ personal information in exchange for those services, and, second, the establishment of a regular price before providers can market a service as free. We further argue that the recognition of users of free services as consumers for purposes of consumer protection law would better align incentives and ensure users access to legal redress against some of the most popular services on the Internet. Lastly, we suggest the adoption of alternative governance structures designed to reduce the cost of transacting by curbing the collection of personal information from consumers of free services and by enhancing the rights of consumers to govern the dispersal of personal information from free online services to third parties.


'Malaysia: ASEAN's First Data Privacy Act in Force' by Graham Greenleaf in (2013) 126 Privacy Laws & Business International Report 11-14 comments that
 Malaysian Ministers periodically since 1998 announced their intentions to introduce comprehensive data protection legislation. In 2010 the Personal Data Protection Act 2010 (PDPA) was enacted, but not brought into force. A new Personal Data Protection Department was created to oversee the implementation of the Act in 2011. 
It was not until 15 November 2013 that the Act was brought into force and Abu Hassan Ismail (previously Director-General of the Department) was appointed as Personal Data Protection Commissioner. A number of Regulations came into force on the same day. Data users had three months to 15 February 2014 to comply with Act and Regulations. It is the first data privacy Act in the ASEAN region to be fully in force. This article analyses the main features of the new Act. 
While the PDPA has many deficiencies, this data privacy legislation will be a significant step forward for Malaysians. In the hands of a Commissioner committed to privacy protection, and a government which does not impede this, much will be achievable. However, the range of enforcement methods is insufficient: there are no provisions by which complainants may seek compensation or most other remedies. 
If the Act is well managed and gains credibility, Malaysian politics may deliver further improvements to it in future, particularly in expansion of scope to cover the public sector, and provision of some avenue for compensatory damages. For Malaysians to be able to focus on real issues in data protection, because of the existence of this Act, will inevitably increase the demand for better protection.
The 'if' is important: hope for a brighter future will be misplaced if the problems evident in Malaysian public administration and justice continue.


In State of South Australia v Smith [2014] SASC 64 the Supreme Court of South Australia has ruled in favour of a deceased's minor child as against the deceased's putative domestic partner in a case of burial dispute.

The SASC considered several factors in determining the issues, concluded that it would be in the bests interests of the deceased's living children that the deceased be buried near them in Port Augusta.

The Court states that
The deceased was born, in Port Augusta on 4 October 1975, of Aboriginal descent. He was brought up in Coober Pedy and the surrounding lands. It is common ground that, as an adult, he pursued an itinerant lifestyle. He regularly travelled between Coober Pedy, Port Augusta, and Ceduna. He remained in each location for up to two or three months at a time staying with and visiting family. The deceased died on 3 December 2013 in Ceduna. He was with the first defendant at the time.
The first defendant, Melissa Smith, is the putative domestic partner of the deceased. They first met in Coober Pedy in 1999 shortly after which they commenced a relationship. They have one child together, Norman Boland, who is seven years old. The first defendant and Norman have lived in Ceduna for all of Norman’s life. The first defendant maintains that her relationship with the deceased as domestic partners endured until his death. However, members of the second defendant’s Port Augusta family do not accept this.
The second defendant, Peter Wilton, at 17, is the oldest of three children of the deceased and another former partner, Katrina Wilton. One of those siblings, Alvin Wilton, is deceased and is buried in Port Augusta. The second defendant lives and has been brought up in Port Augusta. As already mentioned, two separate applications for funeral assistance have been made. The Department has agreed to arrange and pay for the costs of a funeral subject to the dispute over the place of burial being resolved. Whilst the applications for funeral assistance were made by or on behalf of the first and second defendants respectively there is a sense in which each represents the interest of a wider group of family members of the deceased, one in Coober Pedy and one in Port Augusta.
It also seems to have been the case that each defendant has been under significant pressure from members of their respective communities to ensure that the deceased is buried appropriately, particularly given the importance placed on the final resting place of the deceased in Aboriginal culture. This much has been made clear by what transpired in the weeks following the making of the two applications.
The Department, having received two conflicting applications, contacted both sides of the family to advise of the conflict and explain that a funeral could not take place until they had reached agreement as to a burial location. Attempts, over an extended period of time, were made to reach an agreement but without success.
On 17 January 2014, the Department received a letter purportedly signed by a large number of (at least 21) members of the deceased’s extended family in Coober Pedy. The letter expressed a desire for the burial to take place in Coober Pedy. However, the first defendant sent a signed letter to the Department on 6 February 2014 advising that she then consented to the burial of the deceased in Port Augusta. As a result, the second defendant’s application for funeral assistance was approved and authority was given for a funeral to take place in Port Augusta. In order to facilitate this, on 10 February 2014, the deceased’s body was released by the Coroner to Fulham Funerals SA Pty Ltd, the undertaker contractually engaged by the Minister to perform funerals under the funeral assistance program. However, later that same day, the first defendant orally withdrew her permission to have the burial in Port Augusta and reiterated her desire to have the burial in Coober Pedy. The Department arranged for the undertaker to postpone the funeral arrangements.
Further attempts to mediate a resolution between the family members followed. These were unsuccessful and the Department filed a summons in this Court on 21 March 2014. However, attempts at resolution continued and another possible resolution of the dispute (in favour of Coober Pedy) was almost reached during late March, early April but this also, ultimately, failed to come to fruition.[8] As a consequence, the plaintiff filed an interlocutory application, on 16 April 2014, seeking a direction that the matter be called on as a matter of urgency. A directions hearing took place on Wednesday 23 April 2014, with the first defendant appearing unrepresented and by telephone from the office of the Aboriginal Legal Rights Movement in Ceduna. The second defendant was represented. Notwithstanding the need for an early resolution of the matter, it was clear that the first defendant, who has difficulty with reading and writing, required an opportunity to obtain legal representation. The matter was adjourned for this to occur. Once representational issues were sorted out directions were made for the filing of affidavits.
Both defendants have now had the benefit of legal assistance in the preparation and presentation of their respective cases. It is my understanding that the assistance has been on a pro bono basis for which the Court is grateful.
The position of the plaintiff at all times has been to provide assistance with the factual background and the relevant legal principles without advocating either cause. The plaintiff will abide the orders of the Court.
It is regrettable, but has been unavoidable due to the prolonged disagreement between family members, that the deceased’s remains have been with the Coroner and with the designated funeral home for some months now. It is in the interests of all parties and necessary, in order to maintain the dignity of the deceased, that a swift resolution be reached by this Court.

26 May 2014

Performance Art

Diaghilev reportedly instructed Stravinsky to "Astonish Me". There's nothing like a bad head cold and a looming conference deadline to induce the yawns - the yeah yeah - rather than gasp of amazement and delight when reading yet another attempt to secure artistic renown by doing something unusual with your body.

Stelarc hung naked from the ceiling suspended by wire and fishhooks. Steven Cohen tied a live rooster to his penis. The rooster gag is for me less engaging than Gerard de Nerval taking a lobster rather than poodle for a walk, featured in Gautier's purported explanation by the poet -
Why should a lobster be any more ridiculous than a dog? … or a cat, or a gazelle, or a lion, or any other animal that one chooses to take for a walk? I have a liking for lobsters. They are peaceful, serious creatures. They know the secrets of the sea, they don't bark, and they don't gnaw upon one's monadic privacy like dogs do. And Goethe had an aversion to dogs, and he wasn't mad.
Pyotr Pavlensky nailed his scrotum to Red Square. Mao Sugiyama cooked and served his surgically-removed genitals at a banquet. Richard Kilpert surgically attached the discarded foreskin from his South African student's ritual circumcision to his own penis.

Under the headline "Norwegian Art Student Boils and Eats Meat from Own Hip" there is a report this week on Alexander Wengshoel of the Tromsø Academy of Contemporary Art, who announced at his graduation exhibition that he had "eaten meat from his own hip". It supposedly tasted like "wild sheep" (or wild goat, in some reports).

Wengshoel gained the bone - which looks rather small in some photos - through surgery to replace a deformed hip with an artificial joint. Supposedly he initially "planned on boiling the hip bone in order to remove the meat and use it as part of his exhibition" but "ended up picking up a piece of meat and tasting it".
I took off a little piece and I thought, 'why not do it. It's not every day I will have a piece of human flesh which is mine and which it is possible to eat', so I had a little taste, and then I thought, 'that's really nice'. 
The hip bone had been such a problem for me for over 20 years, and it was just a way of making it better again. It had been so hard to have it in my body, and when I took it out, it turned into something else, something romantic.
In an echo of Armin Meiwes or Hannibal Lector Mr Wengshoel
proceeded to whip up a side of potato gratin, pour himself a glass of wine, and sit down to finish off the rest of the meat.
Next performance, with or without the lava beans and chianti?

I am more interested at the moment in Karl Dannenfeldt, ‘Egyptian mumia: the sixteenth century experience and debate’ (1985) 16(2) The Sixteenth Century Journal 163; Richard Sugg, ‘Corpse medicine: mummies, cannibals, and vampires’ (2008) 371(9630) The Lancet 2078; Karen Gordon-Grube, ‘Anthropology in Post-Renaissance Europe: The Tradition of Medicinal Cannibalism’ (1988) 90 American Anthropologist 405: and Barbara Scholz-Böttcher, Arie Nissenbaum and Jürgen Rullkötter, ‘An 18th century medication “Mumia vera aegyptica”–Fake or authentic?’ (2013) 65 Organic Geochemistry 1

25 May 2014

Confidentiality and damaged people

In AVB v TDD [2014] EWHC 1442 (QB) the High Court in London has granted an injunction but declined to award damages regarding a solicitor’s claims against a sex worker for misuse of private information, harassment, breach of confidence and breach of contract. The Court found for the solicitor in respect of one element of his privacy head of claim.

AVB, the solicitor, was 68 last year when his relationship with Ms TDD broke down. He is divorced, with three children. In 2012 he secured the services of TDD, who is in her early twenties. The judgment refers to a volatile relationship that was not exclusively sexual and featured sustained pungent disagreements. She had for example sought help with writing (including correspondence complaining about a teacher), perhaps consistent with indications that she had been accused of plagiarism. She claimed to be entitled to a certificate that was withheld by the college but needed for admission to another institution. She offered sexual services in exchange for that help. She also sought money for travel and tuition and requested a reference as a paralegal, with AVB introducing her to a QC.

The judgment states that "They also got on well together when they were not quarrelling, since they had in common the cultural interests that two highly educated people often do have".

Justice Tugendhat comments [at 98]
I have disbelieved evidence given by both parties about the events that have occurred. I shall therefore review the history of their relationship primarily from the contemporaneous documents. However, the contemporaneous documents are in many respects not just unreliable, but also untruthful. This is in part because they reflect the fantasies that both parties claimed to entertain about each other, and in part because the parties were deceiving and abusing each other. He was deceiving her with false assurances about the help she could expect from him with her studies and her career, in order to get her sexual services for less money. She was deceiving him with false assurances of her affection with a view to getting his help with her studies and her career, and more money.
Perhaps unsurprisingly, the Court considered that AVB and TDD were in a business relationship as distinct from being emotionally involved. The relationship had soured - or reflected an interest in power games - quite early. The judgment for example states [at 139]
His evidence that they were emotionally involved is incredible. It is inconsistent with the contemporaneous documents, some of which I have cited. In my judgment he cannot have ever believed it to be true. It is a lie to seek to explain why he was not paying her at the rate she set, as she repeatedly demanded that he should do."
Her jealousy was commercial, not emotional.
TDD complained that AVB was not providing agreed remuneration. She sent emails and Facebook messages to AVB’s daughters - one of whom indicated to her father "To what extent the content of the indescribably sickening messages are true or not really doesn't concern me, either way this has all gone too far and I really don't think we are going to be able to have much of a father-daughter relationship from now on" - and to AVB's colleagues.

The communication featured information regarding AVB’s children, his ex-wife and children and other women with whom he had been in sexual relationships (including his office receptionist). TDD had obtained that information from AVB directly, from his memory sticks and his laptop. In the communication TDD disclosed his relationship with her and her claims that he was not paying her or keeping his promises.

AVB eventually took action against TDD, claiming that her communication constituted misuse of private information, breach of confidence (including the contractual breach of a problematical  'confidentiality agreement' signed in June 2012).

AVB also claimed that the sending of the messages and obtaining the memory sticks and laptop files constituted harassment.

He sought damages and an injunction to prevent further dissemination of the information.

 TDD brought a counter-claim against AVB for harassment, seeking damages and an injunction restraining AVB from further harassing her or disclosing information about her sex work (which she hadn't disclosed to her family). She claiming that he had behaved threateningly towards her, stalked her and threatened to kill her.

In AVB v TDD [2013] EWHC 1705 (QB) the Court referred to granting in May 2013 of
an injunction to restrain the publication of information alleged to be private and confidential, and of information which was liable to or might identify the Claimant or the Defendant as a party to the proceedings. The information concerned the personal relationship that had existed between them, and communications to and about family members.
Justice Tugendhat stated that
I granted the application without notice because communications had taken place between the parties, and it appeared from the response of the Defendant that, if the Claimant gave notice, there was a risk that the purpose of the proceedings might be defeated. I decided that it was necessary for the parties to be anonymised in these proceedings in accordance with CPR 39.2, and that no copies of the confidential schedules to the statements of case or of the witness statements and the applications should be provided to non-parties without further order of the Court. I also made consequential orders for the protection of the hearing papers. In the light of the allegations made by the parties in pre-action communications, I decided that these orders were necessary in the interests of justice if the purpose of the proceedings was not to be defeated. 
In the current decision Justice Tugendhat notes
There is no question of Art. 8 furnishing an absolute right to privacy. Art. 8.2 qualifies, in terms, the right conferred by Art. 8.1. The claims of privacy must of course also be read with the right to freedom of expression provided by Art. 10 (in this jurisdiction, to be read together with s.12 of the HRA). Moreover and, in my view, with respect, wisely, Laws LJ emphasised in Wood (supra), at [22], that the purpose of the 'safeguards' or 'qualifications' to which he referred was to ensure that the '…core right protected by article 8….should not be read so widely that its claims become unreal and unreasonable'.
The judgment indicates that TDD did not misuse AVB’s private information or breach his confidence by sending the messages relating to the fact of their relationship and her claims that he was not paying her or keeping his other promises to her. Their relationship was not conducted entirely in private; they went to public events together, AVB introduced TDD to relatives (such as the QC) and friends, and provided a professional reference.

The court held that AVB did have an expectation of privacy in relation to the information TDD disclosed about his ex-wife and children and other women with whom he had been involved. That this information had been disclosed to TDD in confidence. As such, there was a misuse of private information/breach of confidence regarding those disclosures.

The Court declined to award AVB any damages, holding that although AVB experienced some embarrassment he suffered no (or no significant) distress. Moreover AVB took pleasure in provoking TDD’s anger. Although a sex worker cannot sue for remuneration she is able to complain to third parties.

Justice Tugendhat held that on grounds of public policy the 'confidentiality agreement' entered into by TDD and AVB was unenforceable, given that it purported to give up TDD’s right to complain of exploitation. It could not be construed as applying to communications about the terms on which they were agreeing or negotiating her provision of sexual services, at a time after a dispute had arisen between them.

AVB’s claims of harassment were dismissed, with the court finding that TDD's conduct was a response to AVB’s abuse. Justice Tugendhat upheld TDD’s counter-claims of harassment but declined to award her any damages, given that she chose to continue to retain AVB as a client despite awareness of his behaviour. "If her distress had been more than passing she could and would have ceased to have anything to do with AVB".

AVB gained an order preventing TDD from further disclosure of confidential or private information about AVB’s family and sexual or financial information about third parties with whom he had a sexual, personal or professional relationship. AVB was however not entitled to an order restraining publication of any other information on which TDD based her complaints.