Smartphones Archives - IPOsgoode /osgoode/iposgoode/category/smartphones/ An Authoritive Leader in IP Tue, 07 Sep 2021 16:00:19 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 Privacy Plight: Apple’s Proposed Changes & Consumer Pushback /osgoode/iposgoode/2021/09/07/privacy-plight-apples-proposed-changes-consumer-pushback/ Tue, 07 Sep 2021 16:00:19 +0000 https://www.iposgoode.ca/?p=38164 The post Privacy Plight: Apple’s Proposed Changes & Consumer Pushback appeared first on IPOsgoode.

]]>
Apple logo over people carrying screens

Photo by Jimmy Jin ()

Natalie BravoNatalie Bravo is an IPilogue Writer and a 2L JD Candidate at Osgoode Hall Law School.

In August, Apple made headlines by . These new features are purported to expand protections for children through modified communication tools, on-device algorithm learning within , , and , and Search . Although protecting children as a vulnerable group should be of utmost importance to all, many security experts find some of these proposed changes troubling as they may undermine the company’s longstanding reputation in privacy preservation and enable future security .

Over the years, Apple has cultivated a strong reputation as a One of their core values and s is that After all, their security and privacy designs are so powerful that Apple allegedly can’t access encrypted user data—. In 2015, Apple CEO Tim Cook that while issues such as national security are important, Apple would not implement any technology which malicious actors could misuse as a backdoor to encrypted user data. Now, in 2021, Apple’s ironclad encrypted system has one exception.

As one of the changes, Apple intends to introduce photo-scanning technology for all users to identify any Child Sexual Abuse Material (CSAM). This well-intentioned technology is already widely used online to identify known explicit materials, including terrorist propaganda and other violent content. Some consumers worry that all their private images will be scanned in search of illegal content; however, Apple is not proposing that. The technology scans for the “” of a file and matches it to a known hash. If a certain threshold of known CSAM is found, barring false positives, then law enforcement is contacted. Strangely enough, Apple has noted that users can opt to disable photo uploads to iCloud, expressing that CSAM is only identified within their servers, and not on users’ devices. Some experts interpret this as

Some security experts expressed strong s over modified communication tools for children. Apple alleges that device software will detect any explicit content (not hashes) within a minor’s Messages conversations—a feature that can be turned on or off by a guardian. This will alert a parent if their minor has received any image that is flagged as explicit. This seems appropriate to allow some supervision to protect vulnerable children from online predators; however, the algorithms currently used to detect explicit images are . It is widely known that benevolent, non-sexual content, particularly , is consistently To add to this, child advocates worry about the possibility of minors in abusive households being monitored by such a faulty and algorithm.

Though is not a new concept, these changes will suddenly affect billions of consumers. It’s been reported that when a child, like any other user, experiences negative behaviour online, they . However, there is currently no way to report messages within Apple’s Messages application. . After causing a tremendous stir in both the privacy and child advocacy communities, Apple that Messages scanning would only apply to those under 13, not teenagers, and have attempted to offer limited clarity on the new technologies.

Despite the changes, . Children need to be protected and prioritized in terms of technology experience, but their privacy matters too. It will be interesting to see the roll-out of Apple’s polarizing changes, particularly how they will affect Apple’s reputation and ecosystem security and if Apple will introduce any more changes moving forward as it responds to community concerns.

The post Privacy Plight: Apple’s Proposed Changes & Consumer Pushback appeared first on IPOsgoode.

]]>
Pear Therapeutics’ FDA Approved App Changes the Game in Healthcare /osgoode/iposgoode/2017/10/13/pear-therapeutics-fda-approved-app-changes-the-game-in-healthcare/ Fri, 13 Oct 2017 13:42:50 +0000 http://www.iposgoode.ca/?p=31001 On occasion, regulatory approval announcements in healthcare rise above the din and make headlines. Few have done so with the impact of Pear Therapeutics’ reSET, a treatment for substance addiction, which is so significant because it is neither a drug nor a therapeutic medical device, in the traditional sense: it’s an app that runs on […]

The post Pear Therapeutics’ FDA Approved App Changes the Game in Healthcare appeared first on IPOsgoode.

]]>
On occasion, regulatory approval announcements in healthcare rise above the din and make headlines. Few have done so with the impact of ’ , a treatment for substance addiction, which is so significant because it is neither a drug nor a therapeutic medical device, in the traditional sense: it’s an app that runs on smartphones, and it’s the first therapeutic software to win United States’ Food and Drug Administration approval. While this approval is specific to the U.S., the FDA can be viewed as the de facto arbiter of drug and medical devices for most markets.

Digital therapeutics can revolutionize healthcare but the regulatory complexities slow the innovation process. Health tech investors, innovators, and regulators have struggled for more than a decade to reach clear consensus on how software-based diagnostics and therapeutics should be regulated – or whether they should be regulated at all. Mobile apps with medical related functions can be subject to layers of regulation relating to medical devices, privacy, consumer protection, practicing medicine, advertising, kickbacks, data protection and intellectual property. To further complicate matters, regulatory requirements vary from country to country. This uncertainty can dissuade companies from innovating in this space, despite the promising public health benefits. Regulators have tried to provide guidance through white papers on the health claims app developers and other wellness devices (like smartwatches and wearables) are allowed to make but there is still great uncertainty for trailblazing use cases. Industry participants have sought regulatory approval for strong, FDA-backed claims of their apps’ efficacy in treating specific medical conditions such as addiction, attention deficit (ADHD), depression, chronic pain and more, so while Pear’s reSET is the first such milestone, but it likely won’t be the last.

However, while observers may expect that reSET’s precedent heralds an opening of the floodgates to FDA-approved, app based therapeutics, don’t bet on it. Perhaps a few other leaders in ‘digital therapeutics’ are poised to achieve approval within the year, including ’s Project EVO (a game which treats ADHD), but barriers to approval remain and will likely become steeper. While FDA approval is a critical step, hard and expensive work remains to establish billing codes in the US and elsewhere. Convincing insurers to pay for reSET will take time, and may require costly legal battles to enforce patient access. For example, the mandates insurance coverage and access to treatments for mental health in the US but its specific application to digital therapeutics may have to be tested and clarified in court. Early leaders may work to establish moats around their initial advantages. Regulatory winners like Pear will be strongly incentivised to push hard for FDA enforcement against the language and claims of other apps. The convergence of technology and health care make digital therapeutics poised to be the next intellectual property battleground to further increase the risks and obstacles for participants entering the arena.

Questions remain, too, about ‘side doors’ to market approval, including the FDA’s designation of “substantial equivalence,” the regulatory approval pathway most frequently used by competitors and generic followers of a new therapeutic. Active ingredients - the essential unit of a drug, from a regulatory standpoint – may not be as obvious in an app, and the long term market advantage of regulated digital therapeutics may turn on as-yet-undefined ‘digital active ingredients’. Pear Therapeutics’ FDA approved app is a key milestone for digital health but an early one.

 

Maya Medeiros is a lawyer, patent agent, and trade-mark agent at Norton Rose Fulbright LLP Canada (Toronto). Maya Medeiros’ practice focuses on the creation and management of intellectual property assets in Canada, the United States and around the world.

Dr. Graeme Moffat is VP Research and Regulatory Affairs at Toronto scale-up , developers of the Muse brain sensing headband.

The post Pear Therapeutics’ FDA Approved App Changes the Game in Healthcare appeared first on IPOsgoode.

]]>
The Price for Pokemon - How Much Are Childhood Icons Worth Protecting? /osgoode/iposgoode/2016/11/18/the-price-for-pokemon-how-much-are-childhood-icons-worth-protecting/ Fri, 18 Nov 2016 18:05:52 +0000 http://www.iposgoode.ca/?p=29910 The Value of the ʴǰéDz Franchise If you were born in the late 1980s or early 90s or have young children, you have probably encountered a red-cheeked mouse called Pikachu or any of the hundreds of other ʴǰéDz that exist in the ʴǰéDz media franchise. While the premise of catching colourful creatures is rather straightforward, […]

The post The Price for Pokemon - How Much Are Childhood Icons Worth Protecting? appeared first on IPOsgoode.

]]>
The Value of the ʴǰéDz Franchise

If you were born in the late 1980s or early 90s or have young children, you have probably encountered a red-cheeked mouse called Pikachu or any of the hundreds of other that exist in the ʴǰéDz media franchise. While the premise of catching colourful creatures is rather straightforward, its simplicity and charm belie its commercial value.

The ʴǰéDz franchise started as a pair of handheld video-games but currently spans 19 television seasons, 20 movies, 10 cinematic shorts, 2 television specials, a 20-year-old trading card game, 27 video games, a multimillion dollar smartphone application, and many other enterprises. So, when considering the substantial amount of success the franchise has had, why might the legitimacy of the ʴǰéDz name not be held in the same esteem as other brands? One possibility is that the youth-oriented nature of the brand casts doubt on its potential; however, with its revenue earnings standing at the name and associated characters are well worth protecting.

The Difference a Name Makes

The ʴǰéDz brand can have a substantial impact on the public’s perception and purchasing habits of goods. For example, compare and contrast the success of last two mobile gaming applications: and . Both games feature location-based, augmented reality gameplay with king of the hill style competition between players. However, there is a drastic difference in the success of the two games. Despite being released two and a half years earlier, with only a tenth of on the Google Play store. Given the similarities in the core mechanics of gameplay, the fact that both games were developed by the same company (Niantic), and that both use the same map databases on which their augmented reality features work, it seems likely that the main contributor to the difference in public reception of the titles is the ʴǰéDz branding. Thus, when considering the protection of intellectual property rights for even youth oriented products, it is important to consider the full scope of the effects a simple change in name and characters can have on otherwise similar products.

Fandom

The ʴǰéDz universe has experienced a significant amount of growth since its inception, which is partially attributable to the thriving fandom and associated subculture. Having mediums to discuss interests or share themed artwork isgood publicity that compounds the awareness and recognition of the name-brand. While this sense of camaraderie among consumers has helped substantially, sometimes the limits of what is lawful are crossed. sought an injunction over the inclusion of two ʴǰéDz characters, Pikachu and Snivy, in promotional material for a ʴǰéDz themed event. At first, it seems like a straightforward case: the defendant did not acquire permission to reproduce the two creatures and the plaintiff wanted their IP rights respected. The peculiarity of this case comes from its context within the tech, fantasy, sci-fi, gaming, art, and internet subculture.

The contested promotional material was for a sold-out, ʴǰéDz themed party at the , a large and well-established gaming convention foundedin 2004 by the authors of . The is partly attributable of these types of social events, where like-minded individuals can meet, discuss their interests, and foster recognition for their hobbies. So, when a ʴǰéDz themed party to celebrate the start of PAX is cancelled, there is some damage to the promotion of the subculture itself. That is to say, the people who are using the intellectual property of others unlawfully in a promotional context are often also theindividuals who have indirectly developed the franchise and contributed to its popularity.

To the disappointment of many fans, the ʴǰéDz themed party was cancelled because of the lawsuit. The plaintiff, ʴǰéDz Company International Inc., put forth an initial settlement offer for damages and its attorney fees. In response, the self-representing defendant who organized the partyturned to the ʴǰéDz fandom through crowd-funding to cover the costs of the settlement and successfully raised enough money. However, the defendant, Ramar Larkin Jones, did not respond in time to the offer and published a from the ʴǰéDz Company detailing the settlement, which is generally an unwise decision in the normally confidential process of settlement discussions. What the this did achieve for the defendant was substantial community outcry over the lawsuit, with , , , and many other publishers within the subculture expressing dissatisfaction with the ʴǰéDz Company suing one of its own fans. In response to this backlash the ʴǰéDz Company lessened the settlement to a against the defendant’s unlawful reproduction of copyrighted material, who accepted the new resolution.

Moving a Franchise andits Subculture Forward

Obviously, lawyerscannot allow the free use of copyright-protected images, like our friend Pikachu, without any restraint. However, by being overly inflexible about the use of any character with a vague likeliness to a ʴǰéDz the brand itself may be damaged. Consider Maroon 5’s latest music video for their song , which features a star-studded cast of celebrities, including Ed Helms, Sarah Silverman, Vince Vaughn, and Shaquille O’Neal, being chased by throngs of people looking to “catch” them on their smart phones in a manner similar to ʴǰéDz Go’s mechanics. There is a strong resemblance in the video between certain costumes and ʴǰéDz characters, with front-man Adam Levine’s costume appearing to be based on the Squirtle ʴǰéDz. Yet the homage paid by Maroon 5 is likely to be of great benefit to the ʴǰéDz brand due to the association with a . This becomesespecially important when considering that the widely popular ʴǰéDz Go game has lost . Ultimately, the protection of IP rights for a franchise must be a careful balancing act that does not preclude the possibility of growth through fandom, sincethe fans are the same peoplewho are responsible for the brand’s success.

Dominic Cerilli is an IPilogue Editor and a JD Candidate at Osgoode Hall Law School.

The post The Price for Pokemon - How Much Are Childhood Icons Worth Protecting? appeared first on IPOsgoode.

]]>
ʴǰéDz Go: Augmenting Legal Reality /osgoode/iposgoode/2016/10/11/pokemon-go-augmenting-legal-reality/ Tue, 11 Oct 2016 19:26:29 +0000 http://www.iposgoode.ca/?p=29720 Even in 2016, it is tempting to treat the Internet as separate from the bricks-and-mortar world. As much as we might like to keep them apart, Augmented Reality apps like ʴǰéDz Go will force the interaction between technology and more traditional areas of law. Capitalizing on massive public interest in the app, the University of […]

The post ʴǰéDz Go: Augmenting Legal Reality appeared first on IPOsgoode.

]]>
Even in 2016, it is tempting to treat the Internet as separate from the bricks-and-mortar world. As much as we might like to keep them apart, Augmented Reality apps like will force the interaction between technology and more traditional areas of law.

Capitalizing on massive public interest in the app, the University of Ottawa’s drew a large crowd for a series of short lectures titled “”. Each panel member discussed ʴǰéDz Go through a lens of their own research and interests, and raised legal issues arising from such a novel and popular app—and similar apps sure to follow.

The event began with Sean Grassie, a University of Ottawa JD Candidate, explaining how ʴǰéDz Go works from a technical perspective. He outlined the communication chain, from the app on your phone through cell towers, GPS satellites and layers of servers. He also explained the app’s gameplay. Users catch small characters—the ʴǰéDz—as they move around the real world. Players then train their caught ʴǰéDz to increase their skills and use them to battle other players in virtual gyms that are tied to real world places.

followed Grassie, and focused on the first link in his technological chain: the one between the player’s cell phone and their service provider. ʴǰéDz Go, she pointed out, has the potential to transmit large amounts of data. She drew attention to the and encouraged the audience to familiarize themselves with their rights under the code. She added that the code allows users to authorize data overages, noting the potential for children receiving those notices and authorizing the overage.

Next up was David Fewer, representing the . He also took a consumer protection approach, but focused on the privacy issues that after the app was released. ʴǰéDz Go initially required full, unfettered access to your Google account to operate. A and the problem was quickly fixed. As Fewer explained, though, the problem is not exclusive to ʴǰéDz Go and other apps may not be so quick to fix these issues.

also discussed ʴǰéDz Go from a privacy perspective. He noted that the grants different rights to residents of the European Union than to players elsewhere. He also pointed out that the policies on the website and the website of the app’s developer, Niantic, are different, raising the question of which of these policies even apply.

and PhD Candidate Tennille Brown took a property law approach to ʴǰéDz. They discussed an based on the presence of a ʴǰéDz Go gym on private property. They compared it to the case against MaxMind—a geolocation and online fraud prevention company—stemming from the . They asked whether placing a ʴǰéDz Go gym on a property could be considered a form of trespass, despite the fact that it is merely a virtual construct rather than a real world intrusion onto the physical space. They also looked at the potential upside of being near ʴǰéDz Go gyms, sharing real estate ads that touted nearby gyms as a selling point.

closed the lineup by further considering ʴǰéDz Go and trespass. He considered the principle of attractive nuisance in tort law. A property owner is not normally responsible for injuries to trespassers. However, where their property presents an attractive nuisance like an unfenced swimming pool, they can be held responsible for injuries even for uninvited visitors. Could ʴǰéDz Go gyms on private property be a virtual attractive nuisance? Could Niantic be liable for injuries to ʴǰéDz-hunting trespassers? In response to a question I asked during the seminar, he also considered whether a lure—an in-game option to attract more ʴǰéDz to a specific location—set by a property owner might constitute an attractive nuisance, and felt that would be an easier legal leap to make than transferring liability to Niantic.

During the question period, the panel also addressed the issue of public gathering spots and events for ʴǰéDz Go. Members of the audience asked about the because the organizers did not have a permit and about the . Incidents like those create conflict between the right to congregate and use public spaces and the rights of cities to effectively manage the use of those public spaces.

The panel offered few answers to the questions posed, but providing answers was not really the point of the discussion. Simply raising the questions allowed the audience to see both Internet apps and traditional laws in a new light.

 

Jacquilynne Schlesier is an IPilogue Editor and a JD candidate at Osgoode Hall Law School.

The post ʴǰéDz Go: Augmenting Legal Reality appeared first on IPOsgoode.

]]>
4th Circuit Appeals Court Rules No Warrant Needed for Suspects’ Cell-Site Location Data /osgoode/iposgoode/2016/07/19/4th-circuit-appeals-court-rules-no-warrant-needed-for-suspects-cell-site-location-data/ Tue, 19 Jul 2016 19:36:28 +0000 http://www.iposgoode.ca/?p=29464 The re-posting of this article is part of a cross-posting collaboration with MediaLaws: Law and Policy of the Media in a Comparative Perspective. On May 31, the U.S. Court of Appeals, 4th Circuit, in a 12-3 decisionruledthat a warrant is not needed to obtain suspects’ cell-site location information held by carriers, meaning that a court […]

The post 4th Circuit Appeals Court Rules No Warrant Needed for Suspects’ Cell-Site Location Data appeared first on IPOsgoode.

]]>
The re-posting of this is part of a cross-posting collaboration with : Law and Policy of the Media in a Comparative Perspective.

On May 31, the U.S. Court of Appeals, 4th Circuit, in a 12-3 decisionthat a warrant is not needed to obtain suspects’ cell-site location information held by carriers, meaning that a court order, which – unlike a search warrant – does not require to show the court probable cause that a crime has been committed, is sufficient for this.

The 4th Circuit overturned a previous three-judge panel’s decision, which held that the government’s warrantless procurement of CSLI was a unreasonable search in violation of the Fourth Amendment and that defendants had a legitimate privacy expectation in that data.

This Supreme Court still has the final word if the decision is appealed (as it likely will be). This case, which ensued in the wake of other precedents on cell-phone and GPS tracking, is of particular interest for the debate around digital privacy and the future development of surveillance law.

 

Facts

The ruling concerns a series of armed robberies of several business establishments located in Maryland in 2011. The government obtained two court orders for disclosure of CSLI for calls and text messages transmitted to and from the phones of two suspects, which eventually led to their conviction. The agents obtained from the cell phone provider information over 221 days that included roughly 29,000 location-identifying data points for each defendant, which placed them in the vicinity of the robberies when they occurred.

Defendants filed a motion to suppress use of the CSLI at trial, arguing that the length of time and extent of the CSLI monitoring conducted by the government without a warrant, intruded on defendants’ expectation of privacy and was therefore in violation of their Fourth Amendment rights.

The Fourth Amendment of the U.S. Constitution provides that “[T]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the person or things to be seized.”

District court held that government needed no warrant to obtain CSLI; therefore, government had not violated defendants’ Fourth Amendment rights

The district court denied the defendants’ motion, holding that the government’s conduct was not an unreasonable search: the court relied on the Supreme Court’s third-party doctrine, according to which individuals have no legitimate expectation of privacy in information voluntarily turned over to third parties (, 442 U.S. 735, 1979). Under this legal theory, the U.S. government can obtain from third parties information voluntarily conveyed by individuals without a warrant, since this information is beyond the reach of the Fourth Amendment prohibition against search and seizure without probable cause and a judicial search warrant.

According to the district court, since defendants voluntarily transmitted signals to cellular towers in order for their calls to be connected, the third-party doctrine applied. U.S. courts have relied on this doctrine for a broad range of scenarios, from financial records and dialed telephone numbers to card statements, employment records and internet subscriber information.

4th Circuit’s panel reversed the district court’s ruling and found government’s data acquisition in breach of Fourth Amendment

The U.S. Court of Appeals, 4th Circuit, reversed the district court’s ruling –United States v. Graham, 796 F. 3d 332 (4th Cir. 2015). The court began by acknowledging that the government conducts a search under the Fourth Amendment when it obtains and inspects a cell-phone user’s historical CSLI for an extended period of time.

The court then held that examination of a person’s historical CSLI can enable the government to trace the movements of the cell phone and its user across public and private spaces and thereby discover the user’s private activities and personal habits.

Therefore, mobile phone users have an objectively reasonable expectation of privacy in this information and its inspection by the government requires a warrant.

The court concluded that government’s warrantless procurement of CSLI violated the Fourth Amendment’s guarantee against unreasonable searches and seizures (although the court also acknowledged that the government acted in good faith in doing so, therefore it declined to suppress the evidence). In the court’s words, “The fact that a provider captures this information in its account records, without the subscriber’s involvement, does not extinguish the subscriber’s reasonable expectation of privacy.

Applying the third-party doctrine in this context would simply permit the government to convert an individual’s cell phone into a tracking device by examining the massive bank of location information retained by her service provider, and to do so without probable cause.”

4th CircuitEn Bancfound that government did not breach the Fourth Amendment since users voluntarily disclosed CSLI under third-party doctrine

Now, the full panel of the U.S. Court of Appeals reversed the three-judge panel’s decision by holding that the government’s warrantless acquisition of historical CSLI from defendant’s cell-phone provider did not breach the Fourth Amendment.

First, the court contends that the government’s acquisition of this data constituted a Fourth Amendment “search”. Defendants had no reasonable expectation of privacy under the third-party doctrine since the government obtained the CSLI records from a third party (i.e. the carrier), which, in turn, collected this information in the course of its business activity and did not obtain this data through a direct surveillance of defendants.

In this respect, the court relies on the Supreme Court’s precedents that applied the third-party doctrine, recalling that the Fourth Amendment does not protect information voluntarily disclosed to a third party because even a subjective expectation of privacy in such information is “not one that society is prepared to recognize as ‘reasonable’”(, 442 U.S. 735). More recently, the 6th Circuit of the Court of Appeals held that a warrantless acquisition of cell-phone location data did not breach the Fourth Amendment (United States v. Carpenter, April 13, 2016).

The court notes that defendants “exposed” the information at issue to the phone carrier, which used it to route defendants’ cell-phone calls and texts. By doing so, they could not expect the phone carrier to keep that information secret and “assumed the risk” that it would disclose their information to the government.

The court hastened to add that the Supreme Court may in future limit, or even eliminate, the third-party doctrine, and that Congress may require a warrant for CSLI.

However, it concluded that current legislation and established precedents weigh in the government’s favor.

Dissenting Judge Wynn deems that government’s warrantless search breached Fourth Amendment

Dissenting Judge Wynn highlights many of the majority’s shortcomings. First, he disagrees that CSLI is beyond the Fourth Amendment’s reach since it would be “voluntarily conveyed” by users to phone carriers under to the third-party doctrine.

According to Judge Wynn, the Supreme Court’s precedents suggest that “voluntary conveyance” means that defendant (i) knew he was communicating particular information, and (ii) acted to submit the particular information he knew. For example, when users type a form providing their details to a service provider to secure internet access, they have knowledge of the typed information and affirmatively act to communicate it.

Judge Wynn reasons that CSLI is different from other data because it is not voluntarily disclosed by phone users, who likely are unaware that they are providing this information and do not know which cell-phone tower their call will be routed through. They also do not generally act to disclose this information – for example, CSLI is generated when a phone receives a call, even if the user does not answer.

Judge Wynn concludes that by acquiring large amounts of CSLI to trace defendants’ long-term movements the government infringed defendants’ reasonable expectation of privacy and thereby engaged in a search. Because the search was warrantless, the government breached the Fourth Amendment.

 

Next

The decision can still be appealed to the Supreme Court, which will have the task to clarify whether the 1970s third-party doctrine is still fit for a time where individuals reveal large quantities of information about themselves, sometimes without being aware of this.

For example, “Internet of Things” technologies (e.g., wearable devices, home automation, connected toys) may reveal many aspects of an individual’s private life – habits, behaviors and preferences, religious or political beliefs, sexual orientation, driving habits, whether they are at home or not, etc.

Yet this extensive information may represent a valuable resource for law enforcement authorities to prevent and detect crimes or other wrongdoings. The debate around the appropriate balance between privacy and public security is certainly set to continue, with the possible review of the 4th Circuit’s decision in the Supreme Court, the Microsoft Ireland email privacy case pending (where the company is challenging a U.S. government search warrant seeking access to customers’ emails in a data center located in Ireland) and the ongoing EU-U.S. Privacy Shield negotiations.

 

This article was first published on the IAPP’sblog

The post 4th Circuit Appeals Court Rules No Warrant Needed for Suspects’ Cell-Site Location Data appeared first on IPOsgoode.

]]>
Wearable Technology: The Legal Implications of Data Collection /osgoode/iposgoode/2015/05/25/wearable-technology-the-legal-implications-of-data-collection/ Mon, 25 May 2015 20:52:45 +0000 http://www.iposgoode.ca/?p=27014 The wearable tech market has quickly become a significant global industry and the market appearsripe for future growth. Some sources predict that the global retail revenue from smart wearable devices will reach the $53 billion mark by 2019, largely driven by an increase in sales of premium smart watches and smart glasses over the next […]

The post Wearable Technology: The Legal Implications of Data Collection appeared first on IPOsgoode.

]]>
The wearable tech market has quickly become a significant global industry and the market appearsripe for future growth. Some sources predict that the global retail revenue from smart wearable devices will reach the , largely driven by an increase in sales of premium smart watches and smart glasses over the next five years. As this technology advances,their capabilities will expandand intrude, raising important questions regarding data collection and the privacy rights of individuals.

Who Owns Data Collected from Wearable Technology?

Heart rate, sleep patterns, calorie intake and location are just a few of the metrics that wearable devices are often programmed to monitor. To determine ownership of thisdata, the relevant contracts that apply in each particular case play a crucial role.

Data ownership can be determined through employment agreements, contracts with related apps and even collective bargaining agreements (such as that currently employedby the ). To date, companies such as Apple have maintained regarding the protection of user data, assuring that they will not sell that data to third parties.

However, if Facebook's changing privacy policy is any indication, consumers of wearable tech (especially those who already own the product and would rather not abandon their purchase) have every reason to be worried about the protection of their personal information. Recently Facebook has been on the receiving end of a number of from groups such as the Electronic Privacy Information Centre (EPIC), after retroactively notifying all Facebook members that their information may be sold to third parties. Of the many complaints made by EPIC, perhaps the most concerning involves an "" conducted by Facebook in 2012, where 689,003users became subjects in apsychological experiment without their consent. There was no mentionin Facebook'sdata use policy of their potential inclusionin the study.

As a result, it is unclear who actually owns this newest form of intangible property. What is clear is that wearable tech companies have line-ups of advertisers and other third parties ready to spend big money on your personal data.

 

Complicating the Distinction Between Body and Technology

Wearable technology raises anotherquestion: when does a device becomes so embedded into the human body thatin effectthey can be classified as one entity? As wearable technology becomes increasingly intimate and permanent, both the benefits and sacrifices from its use increase substantially.

Consider (whichincorporates a navigation system and video functions into wigs) or(where health-related sensors are literally inserted into the human body). While these devices allow us to monitor individual's psychological responses at an unprecedented rate, obtaining such data requires that the individual surrender certain privacy rights.

The blurring of the division between body and technology may alsoplay an important role in litigation. In abefore aCanadian court, it was reported that activity data from a fitness tracker will beused as evidence in a personal injury lawsuit. This development is meaningful,despite the plaintiff'sconsent to usedata in this case, because in the future wearable devices maybe subpoenaed by courts. Some have already expressed their excitement towardtechnology's gold mine of potentially relevant electronically stored information for use in litigation.

 

Looking Forward

In 1984, Apple introduced the Macintosh with itsiconic alluding to George Orwell's novel, Nineteen Eighty-Four. Ironically, Apple's innovations, along with several other devicesconstitutingwearable technology market, have spawned a cultureresembling thedystopia which thatcommercial critiqued. We maynot be ruled bygiant screens, but thetiny devices that we carry with us everywhere we go represent a similarly profound threat to our privacy and security.

Although I enthusiasticallyendorse the rapid development of technology and eagerly await the capabilities of new innovation in this growing industry, I fear that technology is moving at a pace that the law cannot keep up with.Ultimately, manufacturers and designers of wearable technology products must balance the privacy of individuals with an interest in the evolution of technology. In the event that a company chooses development over consumer security, it is imperative that consumers understand the privacy issues at stake before getting decked outin 2015's newest trends in wearable technology.

 

Michael Cara is an IPilogue Editor and a JD Candidate at Osgoode Hall Law School.

The post Wearable Technology: The Legal Implications of Data Collection appeared first on IPOsgoode.

]]>
US Supreme Court Dials up Privacy Rights of Cell Phones During Arrest /osgoode/iposgoode/2014/08/11/us-supreme-court-dials-up-privacy-rights-of-cell-phones-during-arrest/ Mon, 11 Aug 2014 15:51:24 +0000 http://www.iposgoode.ca/?p=25462 Courts and privacy advocates across North America have long faced challenges in resolving the questions of whether police officers should be given the right to search the contents of cellphones of an arrestee and if yes, when and under what circumstances this should be permitted. The Supreme Court of the United States has taken the […]

The post US Supreme Court Dials up Privacy Rights of Cell Phones During Arrest appeared first on IPOsgoode.

]]>
Courts and privacy advocates across North America have long faced challenges in resolving the questions of whether police officers should be given the right to search the contents of cellphones of an arrestee and if yes, when and under what circumstances this should be permitted. The Supreme Court of the United States has taken the lead in addressing such concerns

 

police should obtain a warrant before searching the cellphones of arrestees. This decision provides better protection of privacy rights of individuals against police power and misconduct.: Riley v. California and United States v. Wurie, referring to the common question of whether or not police can search an arrestee’s cellphone.

 

The protection of privacy and contemporaneous challenges

to the United States Constitution prohibits unreasonable and illegal searches and seizures and states that warrants shall be issued only upon probable cause.However, search incident to arrest is an exception to this rule, which allows search of an arrestee by police officers to protect their safety and prevent any destruction of evidence. In a leading decision,, the US Supreme court held that a full search of an arrestee upon a legal custodial search, without a warrant, is constitutional and in conformity with the Fourth Amendment. This search also extends to the immediate area under control of the arrestee. However, the scope of this search has long been subject to controversy and privacy advocates have called for new protective measures, as the advent of technology has given rise to an increase in violation of privacy rights. In this digital age, highly sensitive data are carried and stored in cellphones, tablets and laptops making such data prone to theft and illegal access.

 

One major concern for privacy advocates is if private information stored in a cellphone shouldbe included in protection against unreasonable search and seizureunder privacy rights offered by the Fourth Amendment, and a warrant be required to access such information upon arrest of an individual? Cellphones and the data they contain, have long been subject to exception and have not been covered by the privacy protection of the Fourth Amendment. The rationale behind this exception is that a cellphone being in an immediate area under control of the arrestee allows police officers its search and seizure, just like a suitcase or a briefcase would be subject to such search and seizure. From this perspective the contents in a cellphone could be compared to the contents found in a briefcase under immediate control of the arrestee, making a cellphone no exception to the search incident to arrest principle. Police officers have continued to search and seize cellphones of arrestees based on this analogy and “ cellphones should have no greater protection from a search than anything else police find”.

 

However, it is worthy of note that there is a significant difference between a suitcase and a cellphone and the type and sensitivity of contents that can be stored in each of these items. Cell phones or computers are sensitive mediums in which extremely private and highly sensitive information could be stored in very large amounts. Cell phones have a strikingly higher storage capacity as compared to other mediums such as briefcases, and the nature of the information that can be stored in them can vary. Privacy advocates have long battled to demonstrate such differences and have urged legislators to take measures in protecting private data found in cellphones and computers.in the ruling: “Cellphones are powerful devices unlike anything else police may find on someone they arrest said for the court. Because the phones contain so much information, police must get a warrant before looking through them”.“Modern cellphones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans the privacies of life”. “Many cell phones now in use are capable of storing and accessing a quantity of information, some highly personal, that no person would ever have had on his person in hard-copy form. This calls for a new balancing of law enforcement and privacy interests. “

 

in addressing concerns about search and seizure of cellphones and the digital data contained in them, upon arrest of individuals by police.Privacy advocates in Canada, have also emphasized the differencesin thesensitivity of private data stored in cellphones compared to information stored as hard-copy or other formats, and have urged legislators to take adequate measures in protecting such data.“Smartphones are potentially repositories of vast amounts of personal information”. He adds “The privacy interests that are engaged with these kinds of devices are markedly different from the privacy interests in other receptacles.”

Wilson, along with other privacy advocates, believes that due to the significant privacy interests at stake, police officers have to go further and obtain a warrant if they want to do the full forensic analysis of devices such as cellphones and computers.There are definitely less intrusive, alternative measures that can be taken to prevent destruction of evidence rather than searching private data in a cellphone, unreasonably and needlessly, without a warrant. “Authorities concerned about the destruction of evidence the remote erasure of a phone’s contents or the activation of encryption”.

 

Extensive privacy protection and more stringent police power

The US Supreme Court’s decision prohibiting police from searching an arrestee’s cellphone without a warrant also protects the rights of an accused against illegally obtained evidence and police misconduct. Moreover, this decision reinforces an individual’s privacy against police intrusion and it defines police power in accordance with the privacy requirements of the new technological era. Before this decision, suspects could risk conviction . This phenomenon used to take place in violation of privacy and defense rights of an accused. However, now arrestees can benefit from more extensive rights once again as this decision limits illegally obtained evidence by requiring a search warrant before searching cellphones upon arrest.

 

in situations where officers reasonably believe there is a risk to their safety or the lives of other individuals. This exception allows protection of the police and public when required., “Digital data stored on a cell phone cannot itself be used as a weapon to harm an arresting officer or to effectuate the arrestee’s escape. Officers may examine the phone’s physical aspects to ensure that it will not be used as a weapon, but the data on the phone can endanger no one”.

 

The US Supreme Court’s revolutionary decision enhances and protects privacy rights all across the county. It can be served as a role model for legislators in other jurisdictions, to take measures in providing better protection to individuals in regards to their private information, in conformity with the requirements of the digital age. This ruling balances the interests of public safety with the protection of private digital information, according to the norms of the 21st century.

 

Sophia Qureshiis an IPilogue Editor and an LLM Candidate at Osgoode Hall Law School.

The post US Supreme Court Dials up Privacy Rights of Cell Phones During Arrest appeared first on IPOsgoode.

]]>
MedEdge 2014 -- New Medical Innovations Bring Privacy Dangers /osgoode/iposgoode/2014/07/28/mededge-2014-new-medical-innovations-bring-privacy-dangers/ Mon, 28 Jul 2014 14:18:06 +0000 http://www.iposgoode.ca/?p=25278 The 2014 MedEdge Summit was a resounding success. Academics, innovators, entrepreneurs, and practitioners filled the auditorium and networking booths. As one of the lucky attendees, I zoomed in on Dr. Cafazzo’s talk about the significant lack of human use considerations (“reverse human engineering”) in the design of traditional medical products, and the introduction of new […]

The post MedEdge 2014 -- New Medical Innovations Bring Privacy Dangers appeared first on IPOsgoode.

]]>
The was a resounding success. Academics, innovators, entrepreneurs, and practitioners filled the auditorium and networking booths. As one of the lucky attendees, I zoomed in on ’s talk about the significant lack of human use considerations (“reverse human engineering”) in the design of traditional medical products, and the introduction of new innovations that correct these, . However, these new innovations bring a set of privacy challenges that can also have dire consequences.

 

To Err is Human

Dr. Cafazzo stressed that theinaccurate use of medical innovations is a widespread and serious problem. The traditional approach is to blame the patients for this problem, as they the ones who make usage errors. [1]

In contrast,Dr. Cafazzo argues that the cause of many misuse problems can be .The reality is that humans err, thus the expectation that the patients will use the products perfectly each time should be abandoned. Instead, during the creation and design stages, medical innovators must assess and compensate for the degree of usage errors.This view is supported by the U.S.’s [2], which recommends and sometimes requires manufacturers to perform a risk analysis in human misuse of a product before releasing it to the market. However, I am unaware of any Canadian policies that require the same.

 

I have to pay how much for my own health data?

Traditional medical innovations fail to provide the patients with easy access to their own health data.Under the[3],health information custodians (including physicians) have exclusive control of the patients’ medical records. Although the custodians are obliged to provide the patients with their own data, they may charge a fee to “reasonably recover” the cost spent in preparing this information. However, in practice, the , as in the case ofawho, reportedly, was asked to pay $600 to access her own data.

 

Proposed Solution: Self-Management Internet Platforms and Mobile Apps

To correct these flaws, most health innovations introduced at MedEdge focuses on being simple and user-friendly, and on giving the users fast and efficient access to their health information.

 

Dr. Cafazzo’s developed , an innovation that encourages asthma patients to understand and self-regulate their health. This mobile application allows the users to access their health information at any place and time. Breathe employs easy-to-read, attractive graphics to display daily and weekly health assessments to users. It encourages the users to take an active role by developing action plans and by competing with other patients to see who best regulates their health.Similar self-management tools introduced at MedEdge includes .

 

Privacy Dangers

Although these new innovations do fix many problemsassociated withold medical products, they also bring a set of privacy dangers with them. Whereas traditional medical processes like paper files guard patients’ medical records strictly, some new innovations may be more easily hacked and abused.

 

My concern for privacy issues particularly in mobile health apps and internet platforms comes from two sources. First, the current state of security features in electronic devices is not sufficiently sophisticated. In a recent study conducted by the, it was found that 86% of mobile apps do not have basic security defenses. Last year, the, a mobile device manufacturer, for its lack of security features in applications on smartphones and tablets.These security vulnerabilities enabled malware to be installed without users’ knowledge or consent, allowing hackers to gain access to all of a user's information. HTC settled the case and delivered security patches.

 

Nevertheless, I do acknowledge that significant global efforts have been made towards better privacy protections.In 2013, the [4] that requires its member states to assess and manage privacy risks in the information systems under their control. In the same year, the U.S. passed the , which facilitates the sharing of cyber threat intelligence in order to increase cyber security.In 2012, [5], which seeks to promote cyber-security and co-operation. The problem is that despite these efforts, [6].Therefore, while better cyber security and privacy features are possible,they have not yetbeen achieved.

 

Additionally, the information involved in health mobile apps is extremely sensitive. For instance, gives users (i.e. anyone who has log in information or has deployed malware to gain access) information about the patient's symptoms, the triggers that cause those symptoms, the patient's past and current medications, and the locations that the patient has been to every time they do a self assessment.The consequences of leaked health information can be severe. Some medical conditions, such as [7]. Also, unauthorized access to this information will likely [8].

 

Conclusion

It is true that many traditional medical products are problematic as theycan becomplicated to use and do not provide users with easy access to their own health data. However, I remain unconvinced that health mobile apps and internet platforms are the best replacements for these products, at least for now.We still remain in an era where cyber security is fragile and medical information is extremely sensitive.

 

Sabrina Ding is an IPilogue Editor and a J.D. Candidate at Osgoode Hall Law School.

 

[1] Dr. Joe Cafazzo, "Finding Empathy: Navigating Past The Dark Side Of Health Technology Design" (Health Innovation Design Lecture delivered at the Richmond Hill Centre for Performing Arts, 19 June 2014), [unpublished].

[2]US, Food and Drug Administration, Draft Guidance for Industry and Food and Drug Administration Staff - Applying Human Factors and Usability Engineering to Optimize Medical Device Design,(2011) at ss. 1, 11.

[3]Personal Health Information Protection Act, SO 2004, c 11, s.54(1).

[4] Katherine Ritchey et al, "Global Privacy and Data Security Developments" (2013) 69 Business Lawyer

[5] Supra note 3.

[6] Supra note 3.

[7] Gregory Herek, "AIDS and Stigma" (1999) 42 American Behavioral Scientist

[8] Khaled et al, "Evaluating Common De-Identification Heuristics for Personal Health Information" (2006) 8 Journal of Medical Internet Research

The post MedEdge 2014 -- New Medical Innovations Bring Privacy Dangers appeared first on IPOsgoode.

]]>
No Autocorrect for Apple and Samsung in their Patent Wars /osgoode/iposgoode/2014/06/19/no-autocorrect-for-apple-and-samsung-in-their-patent-wars/ Fri, 20 Jun 2014 03:11:53 +0000 http://www.iposgoode.ca/?p=25020 The seemingly never ending saga between Apple and Samsung that began in 2011 has seen another day (month) in court.On the surface this may seem like another sweeping victory for Apple, but the war isn't over and that might be what really matters.   The ongoing tension between the two companies has been well documented […]

The post No Autocorrect for Apple and Samsung in their Patent Wars appeared first on IPOsgoode.

]]>
The seemingly never ending saga between Apple and Samsung that began in 2011 has seen another day (month) in court.On the surface this may seem like another sweeping victory for Apple, but the war isn't over and that might be what really matters.

 

The ongoing tension between the two companies has been well documented by the IPilogue. Visit, , and to trace the progression of these legal battles. When Apple against Samsung in 2012 for infringing on several of its patents, Samsung returned with a claiming that Apple had been dabbling in some infringement of their own.

 

On May 5th, a Californian jury that, in fact, both companies had infringed on one another's patents and each company was rewarded damages accordingly. Apple wasordered to pay Samsung $158,400 for infringing on for photo and video organization in folders. Of the 5 Apple patents at issue in this case, Samsung was found to have infringed on only 3. All of Samsung's devices infringed on Apple's whileonly some devices infringed on the as well as thepatents. Based on the jury's findings, Samsung was ordered to pay Apple $119.6 million in damages, significantly less than the $2.2 billion they had asked for.

 

So can we find a clear 'winner' and 'loser' in all of this? It really depends on how you look at it. Looking at the damages alone, it may appear to be a 'win' for Apple. On the other hand, Apple not only asked for more money than they were awarded in this case, but also asked for a sales ban on Samsung's infringing devices. According to , the outcome of the trial was not what Apple had hoped for and unsurprisingly they have already set the wheels in motion to. Apple has asked presiding Judge Lucy Koh for a retrial to recalculate the damages Samsung should be required to pay as well as to issue a sales ban on the infringing devices. This prospect seems unlikely given that Judge Koh has twice( and ) refused these requests.

 

What was particularly interesting about this case, and what Samsung argued in court, is that many of the aspects of their phones thatwere thought to infringe on Apple's patents are actually part of Google's Android operating system that powers Samsung phones. Though this argument did not officially influence the jury's decision, it brings up an interesting question. Why doesn't Apple go after Google? After all, Steve Jobs reportedly didin his biography written by Walter Isaacson,"I'm going to destroy Android, because it's a stolen product. I'm willing to go thermonuclear war on this." One likely reason is that it is difficult to go after Google head on when they offer their operating system for free and do not directly profit from it. In comparison, the device manufacturers are much easier targets.

 

Recently, Apple agreed towith Motorola Mobility, which Google hadbut decided to sell to Lenovo Group Ltd. in January 2014. The sale was for a fraction of what Google had paid and as part of the deal they maintained the majority of Motorola's patents. Apple was in fact in legal battles with Google, even if indirectly, but decided to stop litigation. Why? Perhaps because both companies had already invested far too much time and resources in the battle. I think another reason, and one that seems more prominent, is that Apple would rather focus on the bigger fish in the sea.

 

Motorola is for Apple, which makes them less of a threat and perhaps not worth spending millions of dollars in legal fees fighting against. Samsung, on the other hand, may be worth their while. Particularly if they are able to secure a ban on their infringing devices.

 

At the end of the day it seems that Apple is not as concerned about enforcing their intellectual property rightsas they are about maintaining a stronger share of the smart phone and tablet market. Then again, perhaps these two things aren't so different in the first place. In my opinion, the fact that Apple is willing to drop lawsuits with smaller, less threatening manufacturers, signals that this is not about recovering all of the time and money that went into theresearch and development of their devices or the fact that companies have infringed to produce cheaper versions of what Apple spent years developing. This is what is argued and can be argued legally, but the reality is that the decision to pursue legal action going forward will likely have more to do with which company is most successful in detracting from Apple's own share of the market.

 

Maggie Reid is an IPilogue Editor and PhD candidate in the Communication and Culture program at 91ɫ/Ryerson University.

The post No Autocorrect for Apple and Samsung in their Patent Wars appeared first on IPOsgoode.

]]>
I Heart... Everything? Google Patents Heart Gesture to Indicate Importance on Social Networks /osgoode/iposgoode/2013/11/26/i-heart-everything-google-patents-heart-gesture-to-indicate-importance-on-social-networks/ Tue, 26 Nov 2013 21:37:59 +0000 http://www.iposgoode.ca/?p=23484 On a crisp fall day, you notice the perfect maple leaf lying on the pavement. You know that you have to share this with the world, but how will you let others know how great this leaf is? After all, this leaf is awesome. In the near future, simply joining your hands in a heart […]

The post I Heart... Everything? Google Patents Heart Gesture to Indicate Importance on Social Networks appeared first on IPOsgoode.

]]>
On a crisp fall day, you notice the perfect maple leaf lying on the pavement. You know that you have to share this with the world, but how will you let others know how great this leaf is? After all, this leaf is awesome. In the near future, simply joining your hands in a heart shape may allow you to share an image with your social networks.



Google recently , presumably for use with Google Glass, that would potentially allow users to interact with the device and their environment. Currently, . According to the patent, these gestures will provide user input to a wearable computing device or a head-mounted device (Google Glass, in this case) to indicate items that "may be considered or classified as important or worthy of attention or notice". The device would recognize these gestures and then carry out particular actions in response. The device would then transmit the image to a “social networking service”.

 

The three hand gestures provided in the patent are the “heart”, the “frame” and the “loop”. When the device recognizes the user making a "heart" gesture with two hands it will generate an image bounded by the hands and will in this case, add a qualitative ranking to the image, similar to “liking” a post on social networks. The second gesture, the “frame”, involves making a frame with the user’s thumb and forefinger finger at a right angle in the same way that we think of directors framing a shot. An image is generated by the device, bounded by the diagonal right angles, uploaded to a server (and potentially to a social networking service). Finally, the “loop” requires the user to trace a closed loop with their forefinger and the device will determine the bounds of that loop, generate the corresponding image, and upload the image to a server (or again, to a social networking service).

 

Of course, patenting hand gestures is not a new phenomenon. There are several existing patents for physical gestures associated with an invention. These functional gestures are increasing in popularity with the rise of touch screens and motion sensing devices. Some recent examples include Apple’s patent for “” and Telefonaktiebolaget L M Ericssons’ patent on “”.

 

Patents for a gesture associated with functions like zoom, unlock, or even making a frame, may not be all that controversial as a patentable subject matter in my view. The gesture as part of the patent is associated with a function, and a particular device, which takes the gesture into the realm of patentable subject matter. Even though the frame is a common gesture, it makes functional sense as a way to bound the image to be captured when using a wearable device that utilizes your field of vision. This gets interesting when it comes to a patent claim that the heart symbol indicates a qualitative ranking, as this gesture already exists in pop culture. Frompop star to ad campaigns, individuals use the gesture to imply that theylike the thing they are “heart-ing”.

 

Clearly, Google did not create the "hand heart", but they have functionally integrated it into an invention. Since the patent is for use in association with a device like Google glass, individuals can continue to use the gesture itself without infringing the patent. However, it does raise the question about the future of gesture-based control as gestures become increasingly functional and integrated with technology. Companies may have an incentive to integrate gestures existing in the public domain that are imbued with meaning and already familiar to users, rather than creating and branding new gestures. These popular gestures could then effectively be restricted to technological commands associated with a particular device and fall into disuse among those without that particular device. As the pool of potential gestures in the public domain diminishes, could we one day see a gesture patent thicket?

 

If use of the hand heart denotes “liking” something and Google Glass becomes pervasive, could use of the hand heart become restricted to Google glass users? In the future could your gesticulation be determined by which products you use? For example, could Facebook patent “thumbs-up” to indicate “liking”? “Thumbs-up” and “heart” could become the modern day Montagues and Capulets.

 

Allison McLean is an IPilogue Editor and a JD Candidate at Osgoode Hall Law School.

The post I Heart... Everything? Google Patents Heart Gesture to Indicate Importance on Social Networks appeared first on IPOsgoode.

]]>