Smart Derivative Contract: The Dark Horse of the Securities Market?

Posted on by Tech Law Forum NALSAR

This post has been authored by Arnav Maru, currently in his 4th year at Maharashtra National Law University (MNLU), Mumbai.

In a previous post, the concept of smart contracts as used in the legal field was explained comprehensively. Smart contracts are pieces of software that are formed when certain operational terms of a contract are written in the form of electronically executable codes. They were originally envisaged by Nick Szabo and theorized in a paper titled ‘Smart Contracts: Building Blocks for Digital Markets’. He used a rudimentary example of a vending machine to explain the concept. A consumer inserts cash into the machine and enters his preference. The machine then automates the execution of the contract and the goods are delivered to the consumer. The introduction of Blockchain technology has added another dimension to this concept and has exponentially increased its application. Self-executing contracts, based on the Blockchain are a reality now, and have found applications in a myriad of fields. An increasing popularity of the Blockhain and its uses has necessitated an overview of the progress made on this front, both, in terms of legal developments as well as feasibility of actual use.

Read more

Compelled to Speak: The Right to Remain Silent (Part II)

Posted on by Tech Law Forum @ NALSAR

This is the second part of a two-part post by Benjamin Vanlalvena, a final year law student at NALSAR University of Law. In this post, he critiques a recent judgement by the Supreme Court which allowed Magistrates to direct an accused to give voice samples during investigation, without his consent. Part 1 can be found here.

Judicial discipline and the doctrine of imminent necessity

In the previous part, I dealt with the certain privacy concerns that may arise with respect to voice sampling and how various jurisdictions have approached the same. In this part, I will be critiquing the manner in which the Supreme Court in Ritesh Sinha has imparted legislative power onto itself, is by the terming the absence of legislative authorization for voice sampling of accused persons as a procedural anomaly, and extending its power in filling such assumed voids by invoking not only the principle of ejusdem generis, but also citing the “principle of imminent necessity”.

Read more

Compelled to Speak: The Right to Remain Silent (Part I)

Posted on by Tech Law Forum @ NALSAR

This is the first part of a two-part post by Benjamin Vanlalvena, a final year law student at NALSAR University of Law. In this post, he critiques a recent judgement by the Supreme Court which allowed Magistrates to direct an accused to give voice samples during investigation, without his consent. Part II can be found here.

Nearly threescore ago, in Kathi Kalu Oghad, the eleven judge-bench of the Supreme Court of India decided on the question of the extent of constitutional protections against self-incrimination (vide Article 20(3)). The Supreme Court therein deviated from the notion of self-incrimination being one inclusive of “every positive volitional act which furnishes evidence” laid down in M.P. Sharma, and recognised a distinction between “to be a witness” and “to furnish evidence”. The present judgment arose on a difference in opinion in the division bench of the Supreme Court in Ritesh Sinha, regarding the permissibility of ordering an accused to provide their voice sample. In this part, I will talk about voice sampling and its interactions with privacy, and look at how different jurisdictions have looked at voice spectography – whether the same would be violative of the individual’s right to privacy and their right against self-incrimination. Finally, I will make a short point on technological developments and their interaction with criminal law. In the next part I will be dealing with the Court’s failure to simply rely upon Selvi to expand the definition, and instead how it created the doctrine of “imminent necessity” (a principle generally present in criminal law for private defence!) to justify the Court’s intervention into the halls of the Legislature in light of “contemporaneous realities/existing realities on the ground”.

Read more

Indian Government’s Stance on Cryptocurrencies: An Analysis

Posted on by Tech Law Forum @ NALSAR

This post on the recent recommended ban on cryptocurrency has been authored by Shivani Malik, a final year law student at the Vivekananda Institute of Professional Studies.

Current Scenario

The Ministry of Economic Affairs in its recent press release dated July 22, 2019, prepared a report on the Committee on Virtual Currencies, which proposed a ban on the so-called “private cryptocurrencies”.

Read more

Metadata by TLF: Issue 4

Posted on by Tech Law Forum @ NALSAR

Welcome to our fortnightly newsletter, where our Editors put together handpicked stories from the world of tech law! You can find other issues here.

Facebook approaches SC in ‘Social Media-Aadhaar linking case’

In 2018, Anthony Clement Rubin and Janani Krishnamurthy filed PILs before the Madras High Court, seeking a writ of Mandamus to “declare the linking of Aadhaar of any one of the Government authorized identity proof as mandatory for the purpose of authentication while obtaining any email or user account.” The main concern of the petitioners was traceability of social media users, which would be facilitated by linking their social media accounts with a government identity proof; this in turn could help combat cybercrime. The case was heard by a division bench of the Madras HC, and the scope was expanded to include curbing of cybercrime with the help of online intermediaries. In June 2019, the Internet Freedom Foundation became an intervener in the case to provide expertise in the areas of technology, policy, law and privacy. Notably, Madras HC dismissed the prayer asking for linkage of social media and Aadhaar, stating that it violated the SC judgement on Aadhaar which held that Aadhaar is to be used only for social welfare schemes. 

Read more

Is Embedding a YouTube Video Legal?

Posted on by Tech Law Forum @ NALSAR

This piece has been authored by Jubin Jay, a final year student at National Law University, Odisha (NLUO). 

A lot of people use YouTube videos to enhance their online articles or webpages. Some provide a regular link to the YouTube video while some provide with an embedded link of the same.  While embedding, the video itself appears on the webpage and the user is not redirected to YouTube, in contrast to the previous case, where it only appeared as a link. Now, this is problematic because someone else’s video appears on one’s own webpage. A lot of people argue that this is similar to using someone else’s work for your gain without their permission, amounting to a copyright violation. However, there is ambiguity and a lot of questions are yet to be answered in such cases to prove an infringement. So, the broader question remains, is embedding a YouTube video legal?

Section 6 (c) of YouTube’s official terms of service reads:

“by submitting Content to YouTube, you hereby grant YouTube a worldwide, non-exclusive, royalty-free, sublicensable and transferable license to use, reproduce, distribute, prepare derivative works of, display, and perform the content in connection with the service and YouTube’s (and it’s successors’ and affiliates’) business, including without limitation for promoting and redistributing part or all of the Service (and derivative works thereof) in any media formats and through any media channels. You also hereby grant each user of the service a non-exclusive license to access your Content through the Service, and to use, reproduce, distribute, display and perform such Content as permitted through the functionality of the service and under these Terms of Service.”

The most significant part in the aforementioned terms is that the owner of the video grants every YouTube user a license to access his content, and to use, reproduce, distribute, display, and perform such content as permitted through the functionality of YouTube and its terms of service. In other words, when any owner uploads his video, he has an option to either enable or disable embedding, and since by choosing to leave it enabled, he grants the user a limited license to embed the video.

Based on the Terms of Service as discussed above, one can ideally conclude that if there is an option in the video to embed, then there is nothing illegal in embedding such a video. However, the phenomena of embedding too comes with some conditions and restrictions attached to it. Section 4 (f) of the Terms of Service states, “If you use the Embeddable Player on your website, you may not modify, build upon, or block any portion or functionality of the Embeddable Player, including but not limited to links back to the YouTube website.”

Put simply, an embeddable player is made available on one’s webpage by inserting a code to a website, linking to a video that’s hosted at another location, and surfacing a video player without using any resources from the website itself. However, post this if there is any modification made to the embeddable player as had been generated, Section 4 (f) of the Terms of Service will be attracted. Such conditions and restrictions attached to embedding, can be better understood in light of the observations made by the courts of U.S. and EU in the cases discussed below.

In Flava Works, Inc. v. Gunter the Seventh Circuit Appellate District faced a situation where members of an adult site were listing videos from the paid area of the site on a separate social media bookmarking site. The bookmarking site would then create a video preview with the embedded code. The Court however found that no copy was being made by the social media bookmarking site, thereby resulting in the termination of the infringement claim. Put more succinctly; merely embedding the video on your site does not give rise to liability.

Further, in Perfect 10 v. Amazon the Ninth Circuit made it clear that in situations where just in-line links are concerned, there is absolutely no direct copyright infringement liability.

The ECJ however brought a new dimension to the question of infringement. In BestWater International GmbH v Michael Mebes it was held that that as long as the embedding doesn’t make the video available to new audiences, there is no infringement. In this case, the water filter ad in question had already been available to the entire internet on YouTube, so the court observed that merely embedding it didn’t make it available to any new audiences that previously didn’t have access to it. In conclusion, it does not constitute a public communication within the meaning of Article 3 (1) of the Information Society Directive as it does not appeal to a new public.

However, all of the above cases fail to address a situation when there is embedding of a video which is already infringing. Could this amount to contributory infringement by aiding and abetting?

Judge Posner in the Flava Works Case observes, “myVidster (the defendant) is not an infringer, at least in the form of copying or distributing copies of copyrighted work. The infringers are the uploaders of copyrighted work. There is no evidence that myVidster is encouraging them, which would make it a contributory infringer. If myVidster encouraged or induced that party to upload the infringing video, it would be a contributory infringer to that infringement. But users of myVidster who thereafter merely stream that infringing video are not infringers of the reproduction or distribution rights since they have made no copies.”

The observation made above does seem satisfactory to an extent, however, is very situational in nature as there was no evidence that someone actually made a copy using the link provided. Had users copied the infringing video using the link, the observation made by Judge Posner could have been different. To conclude, proving infringement in cases where a YouTube video has been embedded will depend, for the most part, on the factual situation concerned and will vary from case to case. As technology keeps evolving with time, there can never be a strait jacket formula for proving infringement. In any event, with regard to the question we have raised presently, yes, embedding a YouTube video is legal, as long as the video being embedded is not an infringing video in itself.

Read more

Metadata by TLF: Issue 3

Posted on by Tech Law Forum @ NALSAR

Welcome to our fortnightly newsletter, where our editors put together handpicked stories from the world of tech law! You can find other issues here.

Uber likely to start bus service in India

The San-Francisco cab-aggregator giant, Uber is working on to kick-start an AC bus service in India. With the introduction of AC bus service, Uber is trying to inch closer toward its goals of reducing individual car ownership, expanding transportation access and helping governments plan transportation. Pradeep Parameswaran, Uber India and South Asia head said that “we are in the process of building the product and refining that. Some pilots are live in parts of Latin America and the Middle East. So they are the archetype of markets that would look like India”.

Uber bus will allow commuters to use the Uber app and reserve their seat on an air-conditioned bus. Uber will scan other passengers travelling in the same direction as the rider and hence reaching the destination with fewer stops. Through its bus service, Uber is emphasizing on educational campuses and business centers. Earlier Ola, Uber’s direct competitor, had launched similar kind of bus service in limited cities in 2015 but was stopped in 2018. At present, Gurgaon based Shuttl provides app based bus service to offices. Uber bus service in India is expected to become a reality in mid-2020.

Further Reading:

  1. Moupiya Dutta, Uber will be starting a bus service in India by 2020, TechGenyz (8 August 2019).
  2. Shreya Ganguly, Uber mulls launching bus service in India, Medianama (9 August 2019).
  3. Tenzim Norzom, Ride-hailing major Uber to soon launch bus service in India, Yourstory (7 August 2019).
  4. Hans News Service, Uber to start bus service in India, The Hans India (8 August 2019).
  5. Priyanka Sahay, India may see Uber buses plying on roads in a year, Moneycontrol (8 August 2019).

WhatsApp Hack Can Alter Messages and Spread Misinformation

The Israeli Research Company, Check Point recently revealed that WhatsApp could be hacked causing serious potential security risks to users at the Annual Black Hat Security Conference on 7thAugust, 2019. According to Roman Zaikin and Oded Vanunu, they were able to change the identity of a sender, alter the text of someone’s reply on a group and even send private messages to another member in the group as a public message, such that the reply is visible to all the participants of a group. They were able to exploit the weaknesses of the application, after they reverse-engineered the source code in 2018 and decrypt its traffic. Since then Check Point has stated that it found three ways to manipulate and alter conversations, all of which are exploited through its quoting feature. The creators did warn WhatsApp in 2018 that the tool could be used by ‘threat actors’ to create and spread misinformation and fake news. Facebook has responded stating that the risk is not serious, and to alter the application would mean having to store data about the sender, leading to lesser privacy for its users.

Further Reading:

  1. Davey Winder, WhatsApp Hack Attack Can Change Your Messages, Forbes (7 August 2019).
  2. ET Bureau, WhatsApp hack attack can change your messages, says Israeli security firm, The Economic Times (7 August 2019).
  3. Shreya Ganguly, Messages and identity on WhatsApp can be manipulated if hacked: Check Point Research, Medianama (9 August 2019).
  4. Mike Moore, Hackers can alter WhatsApp chats to show fake information, Tech Radar (9 August 2019).

Facebook’s new entity Calibra raises attention of privacy commissioners

Several privacy commissioners across the world raised concerns over the privacy policy of Facebook’s new Libra digital currency. The countries which have raised concerns are US, UK, EU, Australia, Canada, Albania and Burkina Faso.

Calibra is the new subsidiary of Facebook and its cryptocurrency is called Libra. Calibra hopes to build a financial service on top of the Libra Blockchain. The privacy concerns raised go beyond the question of financial security and privacy because of the expansive collection of data which Facebook accumulates and has access to. Calibra issued a statement that user information will be shared in only certain circumstances but there is no definite understanding of what such situations are. 

Apart from privacy concerns, the joint statement issued by the countries includes several concerns on whether Facebook should be given the right to get involved in the banking sector. If they did, they should seek a new banking charter and should be regulated by all the banking laws. These were few of the concerns raised by privacy commissioners.

Further Reading:

  1. Soumyarendra Barik, Privacy commissioners from across the world raise concerns over Facebook Libra’s privacy risk, Medianama (6 August 2019).
  2. Nick Statt, Facebook’s Calibra is a secret weapon for monetizing its new cryptocurrency, The Verge (18 June 2019).
  3. Reuters, Facebook’s cryptocurrency project raises privacy concerns, asked to halt programme, tech2 (19 June 2019).
  4. Jon Fingas, US, UK regulators ask Facebook how Libra will protect personal data, engagdet (8 May 2019).
  5. Harper Neidig, Global privacy regulators raise concerns over Libra, The Hill (8 May 2019).

EU General Data Protection Regulation exploited to reveal personal data

University of Oxford researcher James Pavur successfully exposed a design flaw in the GDPR, as a bogus demand for data using the “right to access” feature of the regulation saw about one in four companies reveal significant information about the person regarding whom the request was made. Data provided by the companies contained significant information including credit card information, travel details, account passwords and the target’s social security number, which was used by the researcher as evidence of design flaws in the GDPR. Pavur also found that large tech companies did well when it came to evaluating the requests, whereas mid-sized business didn’t perform as well despite being aware of the coming into force of the data protection regulation.

Further Reading:

  1. Leo Kelion, Black Hat: GDPR privacy law exploited to reveal personal data, BBC (8 August 2019).
  2. Sead Fadilpasic, GDPR requests exploited to leak personal data, IT ProPortal (9 August 2019).
  3. John E Dunn, GDPR privacy can be defeated using right of access requests, Naked Security by SOPHOS (12 August 2019).
  4. Understanding the GDPR’s Right of Access, Siteimprov (14 June 2019).

Apple to suspend human review of Siri requests

Human reviewers will no longer be used to study conversations recorded by Siri, according to a recent announcement by Apple. The move gives users a greater degree of privacy over their communications, and analysis of recordings will be suspended while the “grading” system deployed by the company is reviewed. The system refers to the manner in which contractors grade the accuracy of the digital assistant’s voice recognition system, with the primary task being to determine the phrase that triggered action by i.e. whether the user had actually said, “Hey, Siri” or if it was something else.

Further Reading:

  1. Hannah Denham and Jay Greene, Did you say, ‘Hey, Siri’? Apple and Amazon curtail human review of voice recordings., Washington Post (2 August 2019).
  2. Jason Cross, So Apple’s going to stop listening in on your Siri requests. Now what?, Macworld (2 August 2019).
  3. Rob Marvin, Apple to Halt Human Review of Siri Recordings, PC Mag (2 August 2019).
  4. Kate O’Flaherty, Apple Siri Eavesdropping Puts Millions Of Users At Risk, Forbes (28 July 2019).

Read more