As one of his first acts as FCC chairman, Julius Genachowski sent acting Public Safety Bureau Chief David Furth a memo Tuesday asking for a top-down review of public safety preparedness at the FCC. Industry sources said the memo likely will be followed by others as Genachowski attempts to get a handle on the agency he took over Monday.

The American Clean Energy and Security Act of 2009 (ACES), H.R. 2454 that was passed in the House on June 26, 2009 by a vote of 219 to 212, includes changes from the prior version with regards to international trade-related sections, among others.

A little-used provision in Section 230 of the Communications Decency Act saw its first known interpretation by an appeals court last week. The 9th U.S. Circuit Court of Appeals upheld a ruling against Zango, an adware provider that accused security software provider Kaspersky Lab of unfairly blocking its software. Zango folded in April following a bank foreclosure, a $4.6 million judgment for employee back pay, and a long history of negative attention for its distribution practices, which earned the company a $3 million fine from the FTC (WID Nov 6/06 p1). But a concurring opinion in the 9th Circuit case said Congress may want to reconsider the breadth of protection offered in Section 230(c)(2), so other services can’t block Web sites of competitors or critics.

An audience gathered for technical and policy updates on the Nationwide Health Information Network and the open source Connect software developed by more than 20 federal agencies got a personal view Monday of the problems that health information exchange is supposed to address. Sarah Wade, wife of retired Army Sgt. Ted Wade, spoke of the difficult medical journey she’s undertaken with her husband since he was severely injured in Iraq in 2004. In the past five years he’s been cared for at 15 facilities and is currently eligible for care through three government agencies -- the Departments of Defense, Veterans Affairs and Health and Human Services -- and through two government insurance programs -- Tricare and Medicare, she said. Yet none of those government agencies, and none of the civilian providers he sees, can share information or access each other’s records, she said.

The use of MySpace terms of service to prosecute Lori Drew in the MySpace suicide case differs significantly in at least one respect from an argument raised in a P2P infringement case, a legal expert told us. The defense in Sony BMG v. Tenenbaum in U.S. District Court in Boston said that P2P investigator MediaSentry violated Kazaa’s terms of service by collecting infringement evidence. That meant violation of federal and state wiretapping laws, rendering the evidence unusable, the defense said (WID June 25 p5). But the Drew prosecution claimed violation of the Computer Fraud and Abuse Act and harm against MySpace by virtue of Drew’s violation of MySpace terms, said Eric Goldman, director of the High Tech Law Institute at Santa Clara University. “In both cases, the idea is that a service provider’s contract delimits behavior,” but Joel Tenenbaum is effectively arguing he’s the “beneficiary” of the Kazaa contract, whereas “MySpace was the direct beneficiary of its own contract,” he said. Goldman said he doubts that Tenenbaum’s “interception” argument will work, since “normally parties trading packets can each easily inspect each other’s IP addresses.” A breach of contract by MediaSentry wouldn’t necessarily be a violation of the Electronic Communications Privacy Act, he added.

The FCC voted 3-0 Thursday to allow CenturyTel’s $11.6 billion acquisition of Embarq. As expected, the commission conditioned approval on the rural carriers’ abiding by “voluntary commitments” (CD June 25 p7) submitted by the companies last week. The commitments relate to broadband rollout and to CenturyTel wholesale practices that competitive carriers raised qualms about. The deal is expected to close in less than a week and work combining the companies has begun, CenturyTel officials said.

An upcoming FCC report about online child safety doesn’t include new rules, a commission attorney said at a Family Online Safety Institute lunch Wednesday. That the FCC might regulate in the area was a concern expressed in many comments at the agency, said Robert Cannon, senior counsel in the Office of Strategic Planning and Policy Analysis. Meanwhile, officials from CTIA and Verizon said industry can address online safety issues without government intervention.

An upcoming FCC report about online child safety doesn’t include new rules, a commission attorney said at a Family Online Safety Institute lunch Wednesday. That the FCC might regulate in the area was a concern expressed in many comments at the agency, said Robert Cannon, senior counsel in the Office of Strategic Planning and Policy Analysis. Meanwhile, officials from CTIA and Verizon said industry can address online safety issues without government intervention.

Social networking sites must comply with EU privacy laws even if they're headquartered elsewhere, European data protection chiefs said this week. Site operators should tell users who they are upfront, explain all the purposes personal data will be used for and tread especially carefully when processing information from minors, the Article 29 Data Protection Working Party said. The operators are deemed to be data controllers under EU law because they provide the means for processing user data and all the basic services related to user management such as registration and account deletion, the panel said. Networking sites also decide whether and how data can be used for advertising and marketing, it said. Companies that provide applications in addition to the ones from a social networking site may also be data controllers, it said. In most cases, users are data subjects, the panel said. Users who process personal data “in the course of a purely personal or household activity” are exempt from data protection rules, it said. But when those activities go beyond personal or household activities - - as when a user acts on behalf of a company or association, uses the site mainly for commercial, political or charitable goals or has an unusually high number of contacts -- the exemption is lost, it said. When access to profile information extends beyond self-selected contacts, such as when access is open to all members on the Web site or the data is indexable by a search engine, the household exemption doesn’t apply, the panel said. Application of the exemption is also limited by the need to guarantee the rights of third parties who give information to users, it said. The opinion recommended that operators offer privacy-friendly default settings that allow users freely and specifically to consent to an access to their profile’s content beyond their self- selected contacts; sites adequately warn users about privacy risks to themselves and others when they upload information online; users be informed that publishing sensitive personal data requires explicit consent from the data subject; sites ensure that third parties comply with privacy rules by giving users clear information about how their personal data will be used; where a Web site allows users to access and update their information with other applications, such as reading and posting messages to the network from their mobile phone, the site should let users choose an access level for the application providers just sufficient to perform the task; and providers delete personal user registration data as soon as the user or the site deletes the account. Users have several rights under the directive, the panel said. Networking sites should set up complaint-handling offices to deal with privacy issues raised by members and non-members, it said. Operators should “consider carefully” whether they can justify requiring users to use their real identities, it said. They should consider the best interest of children in collecting personal data, it said. The opinion recommended a five-pronged approach to protecting minors in the social networking environment that includes awareness-raising, not asking for sensitive data on subscription forms, not aiming direct marketing at youngsters, and requiring parental consent before subscribing. Technologies leading to privacy such as pop-up warnings and age verification should be considered, and providers should adopt codes of practice with effective enforcement measures, the panel said. Legislation may be needed to discourage unfair or deceptive practices, it said.

The 9th U.S. Circuit Court of Appeals has backtracked on its controversial interpretation of section 230 of the Communications Decency Act, which shields interactive computer services from liability for users’ actions. A three-judge panel recently held in Barnes v. Yahoo that Yahoo could be liable for failing to remove a “revenge” profile page after promising to take such action (WID May 12 p3). The court said Yahoo couldn’t file to dismiss the case under section 230, which judges called an “affirmative defense” against a potentially valid claim that must be paired with “responsive pleading” -- in other words, full discovery. None of the parties had raised the issue at the lower court. Yahoo challenged that finding in a motion for rehearing, saying it would be time-consuming and expensive to fight claims that plainly can’t be raised under section 230. Eric Goldman, director of the High Tech Law Institute at Santa Clara University, also had called the court’s discussion there “sloppy and completely gratuitous.” In an amended opinion filed Monday, the panel deleted that part of the original ruling without further comment. It also modified a footnote from the original in which the judges said Section 230 only protects against state-law claims by a plaintiff, an interpretation that Goldman had called an “obvious error.” “We limit our restatement of section 230(c)(1) to state law claims because we deal in this case [Barnes] with state law claims only,” the amended opinion says. It noted that the 9th Circuit has previously held section 230 applies to federal claims, as in the court’s ruling in a fair-housing discrimination case against Roommates.com (WID Oct 16/07 p7). “Because no federal law cause of action is present in this case, we need not decide how or whether our discussion of section 230(c)(1) would change in the face of such a federal claim,” the court said. It denied motions for full-court rehearing by Yahoo and Cecilia Barnes.