The Guardian reports us that the World Wide Web Consortium (W3C) is close to adopting a new authentication standard that can replace passwords. This would be some kind of “who you are” (biometric) or “what you have” (token, phone to receive code) method of authentication, rather than a “what you know” password. (I suppose a code sent to your phone is what you know, but you know it only case by case, because you have another communications channel.)

Some web services already work this way, as the article notes – or does in special cases, as when one is logging . . . [more]

Professor Eric Goldman of UC Santa Clara writes about new technology that allows adept editors to put someone’s face on a video of someone else. That can produce comic results, but it can also be a kind of revenge porn, or just nasty porn, if one puts a well-known face on a body doing pornographic things.

Prof. Goldman says it is hard to conceive of a legal remedy guaranteed to be effective for the person whose face is used. He discusses copyright and defamation and finds them limited.

He does not pay much attention to privacy, since U.S. privacy laws . . . [more]

The Court of Justice of the EU has held that the “examination script” i.e. the answers to examination questions, constitutes the personal information of the student, and therefore it must be made available to the student on request under access to information and privacy laws. (This is the Nowak case out of Ireland, for those of you who follow such things.)

Would the same result be obtained in any Canadian jurisdiction? One understands the argument that the answers are connected to the student – they have to be, in order to serve their primary purpose. The student’s marks would be . . . [more]

The US Department of Justice has declared that President Trump’s tweets are official statements of the President – at least in one case. In another, mentioned in the same ABA story, it is saying that they are not, at least to the point that the President can block people from his Twitter account.

What is your view? Are the posts subject to freedom of information laws and official records laws, so that they have to be preserved, they have to be accessible on request, they have to respect privacy rights?

There is a difference between politicians in government with official . . . [more]

To reduce the risk of hackers coming into government database through the Internet, the Government of Singapore has required all public service computers to be cut off from the Internet. Public servants are allowed to use the net from separate computers that are not connected to their government data.

Yes, that means that a lot of people will have two unconnected computers on the go at the same time.

This article explains the process and the reasons, in the words of the Prime Minister. who called the move “absolutely necessary.” He does admit in the article that if a . . . [more]

Lots of lawyers have been worried about having their digital devices inspected at the U.S. border in recent years, and more so under the current administration – but there are other countries that are not generally trusted either.

The New York City Bar Association has issued an ethics opinion telling lawyers they need to take special steps to protect confidential and privileged client information in such circumstances – possibly including using ‘burner’ phones or laptops (ones with no confidential info, and that the owner can burn or otherwise just throw away after coming back from the country in question).

The . . . [more]

UNCITRAL has now adopted a model law on electronic transferable records. See the press release below. The full text will be available online shortly at the URL shown at the end of the document.

Canadians showed little interest in this project while it was being developed, so Canada’s attendance at the working group meetings was intermittent.

Does it sound more interesting now that it is final? Would your clients benefit from an internationally accepted law on the topic? This UNCITRAL text is the best that will be available in the foreseeable future.

Should steps be taken to implement it here? . . . [more]

New York State is considering legislation to require drivers involved in auto accidents to allow the police to inspect their mobile phones for signs of recent activity. Presumably signs of such activity would be grounds for charges for driving while distracted, and might lead to evidence to support civil liability as well.

It’s interesting that the technology for detecting such recent activity does not currently exist, but it is being developed as the legislation is working its way through the process.

The developers, the legislators and the police all say that the technology will not permit any review of the . . . [more]

A U.S. colleague with a technology practice was recently asked to take payment for her legal services in Bitcoin. She is not sure she has the right to do so.

What about in Canada? Would any law society here allow such payment? Do payments have to be more subject to regulation via known financial institutions? Certainly the rules about trust accounts demand traditional accounting. Why would a general payment with a digital currency be a problem, though? . . . [more]

If a court or regulator allows e-filing but requires the filer to retain an original signed document, can that original itself be electronic?

A bankruptcy court in California recently issued sanctions against an attorney who filed electronic documents without retaining an “original” of the documents as required by the Rules – because the documents held by the attorney were signed using Docusign, and they did not qualify as originals for that purpose. Here is an article about the decision.

Here is the rule in the Court Manual:

Court Manual section 3.4(1)(4): Retention of Original Signatures. The registered CM/ECF User

We recently had a discussion about police access to the recordings made by in-home digital assistants like Amazon’s Alexa and its (her?) ilk.

Now our focus turns to the actions of these devices if they do bad things themselves. This story reports that Siri, Apple’s version, routinely answered requests in Toronto for prostitutes by referring the inquired to an “eSports bar” – one where clients play electronic sports games. Apparently the word may be too close to “escorts” for Siri’s sense of discrimination. It is clear – take it as established for the present discussion – that the bar is . . . [more]

A man in Ohio was charged with arson and insurance fraud after data from his pacemaker did not support his story about how his house burned down.

The evidence from the pacemaker was taken on a warrant.

A lawyer from the Electronic Frontier Foundation is quoted in the ABA story at the link as saying that privacy interests in one’s health information were “eroded” by the decision. The statement suggests that privacy should override the state’s interest in prosecution.

Do you agree? Or is the need for a warrant enough protection for privacy relating to medical devices, as it is . . . [more]