This Week in Law 280 (Transcript)
Denise
Howell: Hi, folks, I'm Denise
Howell. And next up on TWIL, we've got Greg Vetter, Jonathan Frieden, and
Lindsey Cook joining me. We're going to talk about data. We're going to do a
deep dive into health care data, its open-source nature, how it can be crunched
and manipulated to help solve things like the Ebola crisis and cancer, but also
the privacy overtones on all of that and the consent considerations that need
to come into play. We're going to talk about why the heck we're not
electronically voting everywhere yet. We're going to talk about an interesting
Supreme Court patent case that was just argued, an increase in defamation cases
in the U.K., and lots, lots more for you next on This Week in Law.
Netcasts you love ... from people you trust.
This is TWIT! Bandwidth for This Week in Law is provided by Cachefly at
Cachefly.com.
Denise: This is TWIL, This Week in Law, with Denise
Howell, episode 280, recorded October 24, 2014
Touched by a Voting Machine
This episode of This Week in Law is brought to
you by NatureBox. NatureBox ships great-tasting snacks right to your door.
Start snacking smarter with wholesome, delicious treats like cheddar baked
potato sticks. To get your complimentary NatureBox sampler, visit
NatureBox.com/twit. That's NatureBox.com/twit.
Hi, folks. I'm Denise Howell, and you're
joining us for This Week in Law. I'm really excited that you've joined us this
week. We are going to do a deep data dive on today's show, talk about some
issues related to data, privacy, the law, and just, in general, this whole
universe of data that we're living in these days and how it affects us all and
the policies that the law might take toward it. To help us have that
discussion, we have Lindsey Cook joining us. She is the data reporter for U.S.
News and World Report; and I guess, Lindsey — first of all, welcome to the
show.
Lindsey
Rogers Cook: Thank you.
Denise: I should ask, since we're going to talk a lot
about it on the show, do you prefer "data" [pronounced with long A]
or "data" [pronounced with short A]? I've never really nailed that
one down for myself.
Lindsey: I usually say "data" [pronounced
with long A]; but I'm also from the South, so I think that most Northerners
probably say "data" [pronounced with short A].
Denise: (Laughs) Okay.
Lindsey: But it's "data are," not "data
is."
Denise: Ahh, "data are," not "data
is." That's right because it's a plural. All right. Well, we appreciate
that, and we're going to appreciate your help as we go along during the show.
Helping us do that as well is Greg Vetter. Greg is a law professor at the
University of Houston School of Law, specializing in intellectual property and
with a particular interest in open-source technologies. Hello, Greg.
Greg R.
Vetter: Well, good afternoon or
good morning, depending on where you're listening; and I'm thrilled to be here
to have a chance to speak with the audience for This Week in Law.
Denise: It's great to have you, Greg. And returning to
the show after way too long in absence is E-commerce lawyer from Odin, Feldman
& Pittleman in Virginia, Jonathan Frieden. Hello, Jonathan.
Jonathan
Frieden: Hi, Denise.
Denise: Good to see you again.
Jonathan: It's good to see you.
Denise: You've had a good couple of years, I hope?
Jonathan: I have.
Denise: (Laughs)
Jonathan: Fairly uneventful, which is good.
Denise: I know, for me, they've just flown by because
it feels like we just had you on the show, but I know that's not the case.
Let's jump into this data dive that we're going
to do today. And you know what? I've kind of put it under privacy, but we can
talk about that, too. But let's just play our little graphic and get going.
(The intro plays.)
Denise: So Lindsey, the pieces that you write at U.S.
News and World Report go under the heading "Data Mine"; and you cover
everything related to data. It's really fascinating. If you're not reading
Lindsey at that source, I encourage you to do so and to check out her Twitter
feed. And you also do a newsletter I just signed up for. Can we go ahead and
plug that, too?
Lindsey: Yes. Daily newsletter. It's called "Up,
Down, and All Around"; and it chronicles what data numbers have gone up,
what have gone down, and just some interesting developments in the field of
data every day.
Denise: Very cool. And tell us how you got so
interested in this. I mean, it's — I've been explaining to people — people ask
me from time to time, Who are you going to have on your show this week, and
what's it going to be about? And when I say it's going to be about data, I can
see them starting to fall asleep. (Laughs)
Lindsey: (Laughs)
Denise: But it fascinates me; and clearly, it
fascinates you, too. And maybe we should try and identify why.
Lindsey: Well, it's just such a growing and interesting
field, and it's really going to affect every area of our lives going forward.
For example, health is really an area I'm interested in because there's just so
much health care data out there; and we're really reaching a tipping point
where it's going to start affecting your health outcomes, making everyone
healthier. I have a background in computer science and in journalism, so that's
kind of how I got interested in data, just really diving in and figuring out
the stories that needed to be told that weren't being told as much. And just
because it is such a dense topic, I think it's something that needs to be
talked about so people can really understand, what is the difference between
correlation and causation, and how much are you actually at risk of your data
being kind of de-identified and then re-identified? And people need to have
those tools and that information so that they can prepare themselves.
Denise: And I did put this under our privacy topic. We
cover a lot of privacy-related topics on this show. But I do that with some
trepidation because not everything related to data intersects with privacy,
does it, Lindsey?
Lindsey: No. I mean, not really. So for example, when
you have your Netflix streaming coming in and they're suggesting different
things in your shows you watch, you're probably going to be the only one to see
that. So is that really privacy? I don't know. It turns to privacy if Netflix
releases that for some reason, or it's hacked and has to release that. So it's
a very — they go together because your data is always — can always be released,
unfortunately; and that's a privacy issue.
Denise: Okay. Well, you touched on health care, and I
know that is something that is close to Greg's area of interest and study as
well, at this time, anyway. Greg, you, too, have a computer science background,
don't you?
Greg: Yeah. I'm an electrical engineer with a
master's in computer science, and I worked nine years full-time in software
after finishing my undergrad before, as my friends say, I went to the dark side
and became a lawyer. But the time period working full-time in software helped
me really understand both the business and technology of software.
Denise: Well, you let me know before the show you have
been looking at the world of technology in health care. Can you tell us what
kind of things you've been examining and studying, and then we'll look at some
concrete stories related to that?
Greg: Certainly. Following Lindsey's point, we
basically have a national policy the last five to eight years who, the result
of some federal legislation, to drive automation, drive computing, into health
care in a very, very substantial way. And this is evidenced by a number of
things, including payments to get physicians and hospitals to use electronic
medical record software. There's also a great emphasis on tying those systems
together to make sure that the electronic medical records or electronic health
record software in a physician's office or hospital could exchange data and
help aggregate that data and really bring it upward so that we have a "big
database in the sky" of health information, health data, health outcomes,
which has some potentially large public health benefits. But that automation is
putting a lot of computing technology into health care, both the last three or
four years, and that's a trend that I think will just continue.
Denise: And it's not just on the doctors' or the care
providers' side, is it? As people are starting to take the old maxim "An
unexamined life is not worth living" to new heights, lots of data is being
gathered about one's physical condition, and thus health, through devices that
people wear, and a lot of self-monitoring, too, isn't it?
Greg: Well, clearly, this phrase, "The Internet
of Things" could be applied in health care. Hospitals are increasingly
having devices that feed data directly into computer systems. We do this
ourselves personally, some of us with devices. But it's really an emphasis of
the health care system to get more and better clinical data in a more timely
way and try and use it to improve health outcomes; but we're really in the
beginning phases of that, to have computers really help us with that process.
The impacts go beyond the physician's office and the hospital because there's
exchanges, regional exchanges, that are supposed to aggregate this data and
make it available for researchers and others who'd like to think about ways to
have better health outcomes, both as to what we pay for in treatment and what
should be done differently in treatment.
Denise: Jonathan, what do you think about the sort of
gray area between health care providers and technologies that are specifically
developed for the health field, and things like what I was alluding to before,
start-ups that want to put out a great monitor. Maybe they're Kickstarter-ing
themselves into existence and popularity to help people track information about
themselves. It's kind of an interesting time we live in, isn't it?
Jonathan: Well, it is, Denise. And what we have here is
the technology now gives us the ability to collect, analyze, access, and
transmit a larger volume of data than we've ever had the opportunity to before.
And there's a lot of different areas of our lives that that connects to, and
health is one of them. So what you have is, you have electronic data being
collected on folks in the official or the more formalized medical setting, but
also individuals collecting that data on themselves. And the issue, then, is
that — what do we do with that volume of data? That volume of data would seem
to be a remarkably — potentially helpful in terms of assisting physicians in
diagnosing and treating illnesses; but there are a number of legal and, I
think, perceptual, hurdles to cross before we get to that point where we can do
that effectively. And I draw a distinction here between what I refer to as data
privacy, which is what a person who you voluntarily give your data to does with
your information; and data security, which deals with the issue of, once you've
given voluntarily your data to a party, it deals with situations where unauthorized
parties may hack into a system and access your data at that point. And then I
think it raises both data security and data privacy issues that have to be
overcome before that information can be used in a helpful way. But I think the
potential of that data is so important that we have to get over those hurdles
and deal with them so that we can get the useful information to the people that
need it in order to help physicians do their jobs.
Denise: Yeah. You're absolutely right that data
privacy and data security are two areas where this all collides head-on with
legal requirements and regulations, and the consent area is real interesting,
too, as more and more data is being put online, stored electronically,
potentially shareable among larger groups of people than, perhaps, patients
originally thought they signed up for. The consent piece becomes real
important, too.
Let's look at some specifics. Since everyone's
talking about Ebola, let's talk about Ebola. It's maybe the second or third
show where Ebola has come up for us. But clearly, this is an opportunity for
data and data analysis to play a big role in helping a crisis situation. It's
certainly something that — maybe it's blown up into a crisis in people's minds
greater than perhaps it is; but it's a serious situation no matter how you
slice it. You've been writing about this, Lindsey. Tell us, first of all, about
the mapping project that you wrote about.
Lindsey: Right. So one of the big issues in fighting
Ebola is the lack of data, just because doctors trying to find these remote
villages, trying to find these remote communities, they don't know where
they're located, they don't know how to get to them. They're going on a
four-wheeler, in a truck, and they don't necessarily even know where they're going.
They don't speak the language. It's very dangerous. So one of the things that
people are trying to do is actually map the areas and contribute data. So
they're looking at these very, very old maps, maybe from World War II, World
War I, even before; and they're digitizing those maps and giving them to the
doctors on the ground. And then these doctors are printing the maps out and
then using them to go around. And you can actually help with this if you would
like; there's a tool online where you can do that. But what we also have to
consider with data and Ebola is that the Internet connections in Africa are not
what they are in the United States; and the computing power is not what it is
in the United states. So collecting this data and analyzing it is very
cumbersome on the ground. And that's the reason why we don't know how many
people have actually died from Ebola or how many people actually have it. I
mean, we have estimates, but we're not sure.
Denise: Okay. And this project that we're talking
about is called ... let me get the name ... Humanitarian Open Street Map Team,
abbreviated to HOT. And here's a quote from your article: "Most of those
areas hadn't had good mapping in decades." You are quoting — let's see.
Who was the person that you were quoting here? Someone from Doctors Without —
Lindsey: I think it — yeah. I talked to someone from
the Red Cross.
Denise: Ah. Yeah.
Lindsey: The mapping expert from the Red Cross. That
might be the person.
Denise: Mikel Maron. No, this is Mikel Maron, president
of HOT's board.
Lindsey: Okay. Yes.
Denise: Yes.
Lindsey: So — HOT.
Denise: So he's anxious to get more updated data and
to get people participating. Do you feel a this is a really concrete — you
know, this isn't just making yourself feel good to participate in this. This is
something that is a concrete step in the right direction and helpful.
Lindsey: No, I do think that. It makes sense, if you
think about it. Like, how is anyone going to reach these remote villages if
they don't know how to get there? They're wasting a lot of time. So anyone who
— no matter how many tech skills you have, if you know how to use a computer,
you can do this. And I really think that you will be making an impact.
Denise: Great. Let's talk about the CDC and what it's
up to as far as data and Ebola. It has a tracking app that is in play here.
Let's see; we've got ... I'm actually not sure it's the CDC. The CDC is
certainly endorsing this app; but interestingly, Greg, this is an open-source
project. It reduces data entry errors and lessens data management for public
health responders. It is called VHF — Viral Hemorrhagic Fever — application,
the epi-info Viral Hemorrhagic Fever Application. It needs some branding help,
perhaps. (Laughs) Right now it says, Greg, that it only works with Microsoft
Windows operating systems and uses Microsoft Access to store questionnaires and
data; but there's an open-source rewrite project currently underway that will
offer a MSQL database driver to support other operating systems. Is it
important that things like this be available outside the Microsoft arena?
Greg: Well, I think absolutely, yes. It's one of the
benefits of an open-source approach to software development. I'm sure most of
this audience knows, but open-source means the source code is typically
available for some types of FOSS. And when I say "FOSS," I mean free
and open-source software. It's a general label, free and open-source software,
FOSS, that a lot of people apply to describe, generally, the entire universe of
applications that are developed under either a free software model or an
open-source model; and there's some differences between those two. But relevant
to your question is the idea that the source code is available. It maybe has
been sponsored or supported or the CDC is perhaps the custodian of it; and it's
attracted volunteer — other types of developers. But with that source code
being available, a rewrite like this can sometimes happen much more quickly
with far-flung resources all over the world contributing to the rewrite to make
the software potentially more agile than you might have with other types of
development models.
Denise: So there are several modules here. It says
that — I'm reading from coverage at GCN.com. And the CDC has partnered with —
partnership between CDC's Center for Surveillance, Epidemiology, and Laboratory
Sciences and the Viral Special Pathogens branch in the National Center for
Emerging and Zoonotic Infectious Diseases. (Laughs) So we've got a couple of
government agencies working on this app. And it has a mapping component to it,
similar to what we were just discussing. It lets users create questionnaires
and data entry forms; so it's basically something that is helpful for all
people striving to contain and address and treat Ebola and the other diseases
that this is for. So once again, a whole lot of data will be used in addressing
the problem. As we're fighting something that involves so much urgency,
Lindsey, where this is a true public health issue and containment for world
health is in everybody's top ten list right now, how do you think that impacts
the privacy ramifications of the data here? I mean, certainly the sharing and
use of the data takes on an importance that may push privacy to a backseat in
this kind of situation; don't you think?
Lindsey: Yes. I mean, I think that any of the patients
that were diagnosed with Ebola in the United States, for example — I mean,
their privacy's pretty much been thrown out the window. We've spent two weeks
wondering about Nina Pham's dog.
Denise: (Laughs)
Lindsey: We all know who Bentley is now. So yes, I
think that when it is escalated to this level with this much news interest, if
you happen to be swept up in it, you are kind of just giving up a lot of your
privacy. But that's the same thing that happens, unfortunately, in a lot of
tragedies. For example, in the Boston bombing, the victims that were
photographed and had their lives written about. And people were very
interested; the news interest was high. And that does — it is a tradeoff for
privacy for those individuals; and I think most reporters — and health
organizations, in this case — dealing with Ebola would say that it's the
greatest good for the greatest number.
Denise: Right. Is that problematic at all to you,
Jonathan?
Jonathan: It's certainly not problematic when you think
about the large picture, I suppose, in terms of — the greatest good for the
greatest number, I think, is probably the way to look at it. If you — so in
large scale, it's not problematic; but if you look at smaller scale, it depends
on how the information is obtained. If it's obtained in violation of federal
laws designed to protect the privacy of certain medical information, obviously
those small, distinct violations of law are problematic. But overall, for the
public to have the identity of, or have specific information about, individuals
with Ebola, for instance, when public interest in the event is very high, there
is a public health component to having the information. And in some instances,
the information is actually being released by the government or by the CDC in
order to protect the public and provide the information to the public to calm
some fears that were out of proportion, I think, with respect to the actual
danger. I think that there's a greater good to having that information as long
as it's not obtained in violation of law.
Lindsey: And we see the same tradeoff with other
diseases and other disorders. For example, with cancer, we're seeing people's
information being put into electronic health records, and then that information
being put into these big data resources so that we can learn from all the
people who have lung cancer, for example, or all the people who have breast
cancer, to better see which treatments work. And I don't think that the
majority of people who have cancer or have been affected by cancer, would care
that their information is being fed into this system in a de-identified way.
Denise: Right. Well, you point out in your article on
that point — really excellent, in-depth article on big data and can it cure
cancer — that there are some legal issues that come into play, that you do have
to address the fact that patients may go into their relationship with their
doctor thinking that the doctor is keeping records purely to administer
treatment to the patient and not to help the medical community at large benefit
from the knowledge gleaned from treating that patient. And that's something
that maybe current consent structures are not dealing with adequately. And it
raises the issue of sort of taking the context and changing it, and how
people's understandings about their data may be in constant flux because
consent that they'd give in one circumstance might not be intended by them to
apply in different ones. And I agree with you that — I think the vast majority
of cancer patients would love for their situation to be able to help others,
but it's just not that straightforward from the legal standpoint, is it?
Lindsey: No, it's not, especially when you get into the
idea of data security. If your data is re-identified — which is always a risk —
then a lot of people are going to come back and say, Oh, I wasn't aware that
was happening. It becomes another issue of education that's wrapped up in this
issue of consent. Can anyone give their consent if they don't actually
understand fully what they're giving their consent for? Because this — big data
resources, it's very complicated what your data is going to be used for and how
it may or may not benefit you and may or may not benefit other patients. So I
think that there is also a level of education that needs to be involved with
it. But I mean, the issue with consent is, how much consent and how often?
Because should you have to consent every single time your data's being used? I
don't know; but that would be a huge hurdle for the technologists working on
this if they had to get consent every single time.
Denise: The numbers you mention in your story about
curing cancer with big data are just staggering. Kaiser, you write, is
currently managing more than 4,000 times the amount of information housed in
the Library of Congress. The amount of health care data worldwide is expected
to increase 50 times by 2020 to 25,000 petabytes. For comparison, 2 petabytes
is about the size of all the information in all of the academic research
libraries in the United States. And that's just, I mean, at the beginning of
things now. You're writing that — okay, we're getting to the point where
primary care physicians are keeping electronic records, and that's how we have
generated this enormous universe of knowledge you just described. But we are
poised to exponentially increase the amount of data; and this study going on —
sort of an experiment at Ohio State University — it's one of eleven
institutions establishing a national institutes of health data to knowledge
center that involves having patients wear monitoring devices that gather all
kinds of statistics on them that then are going to be used ... let's see.
Specifically, here, they are trying to address heart failure and smoking
relapse; but of course, the kinds of information that they're gathering here,
the constant monitoring of one's physical status, could be used to fight not
just other diseases that the article at Ohio State points out, but general baseline
health kinds of concerns, preventative care kinds of concerns. But in a world
where everyone is running around with a sensor monitoring their health — and
this world is not that far off, as we see health kinds of applications being
built into iPhones now — but the data is going to be enormous, and the
ramifications of that I don't think any of us can fully appreciate right now.
Lindsey, do you want to comment on it?
Lindsey: Sure. I agree; I don't think the ramifications
can — we can figure those out right now. It's important to point out that since
computers existed doctors have been integrating data into them, so this is not
something new. Electronic health records aren't new; it's just that they've
reached a tipping point recently where most hospitals are using them. And this
is also an issue of data transparency. How much data should I, as a patient,
have access to? For example, outcomes data is something that hospitals have had
for a very, very long time, and they've used it. So for example, they know
which doctors have higher mortality rates for certain surgeries. They know if
one doctor has, basically, a higher chance of killing you if he does a certain
surgery, as opposed to another doctor. That type of data is not being released,
mostly. In New York, it has been released to some extent but not in other
places. And so I think data transparency is also an issue. If you're
contributing to this system, how much data should you be able to have access
to? But the world where we're running around with all sorts of sensors on us,
it is coming but it's also limited to the elite. It's limited to the people who
can afford these sensors right now. It's very much painting a world of haves
and have-nots that should be very concerning to people, I think.
Denise: Right. What was the Matt Damon movie recently?
— Elysium — where a certain segment of the society was healthy and cared for
and living in orbit, and the rest of us left down here were fending for
ourselves in a not-very-health-conscious or health-enabled way. The whole plot
of the movie was getting someone up to the space station to get them treated.
So yeah. I mean, although that's a —
Greg: Denise, I could —
Denise: Yes?
Greg: Denise, I could offer a follow-on point to
Lindsey's point.
Denise: Please.
Greg: I think that what's happening in health care
right now is, we're seeing first-generation information technology systems that
are automating health care. And I would draw a real broad but, I think, useful
analogy between manufacturing, where for about 50, 60 years, we've been using
computers to increase quality, reduce problems with manufactured goods. And so
the revolution is manufacturing has gone on for many, many decades. To me, in
health care, we're at the beginning of that for roughly the last 10 years; and
I agree very much with Lindsey that we're at a tipping point now. We're
starting to see a sufficient infusion of electronic medical record software in
enough hospitals, in enough physicians' offices, that we are coming to a
tipping point, having more data, more ability to see how it affects health
outcomes. But I also think we're in kind of the first generation of these
systems, that it may take the second generation of electronic medical record
software and better interoperability among those systems, which has been a
problem even though it was very much a goal to have all these systems be highly
interoperable. So we may not see some of the highly-touted health care benefits
until we go down the road another decade or so and have kind of the next generation
of these EMR electronic health management systems be installed. And you get
some benefit from the experience of the first-generation systems in seeing how
they work and how people can improve them, as well as improve the business
processes of delivering health care around them.
Denise: Yeah. That's a really good point, Greg. And
I'm curious as to — I know you look at the open-source side of things — as to
how you think, as these systems develop, open-source is being embraced. And
maybe you should explain — I do think that our audience is fairly familiar with
open-source and its benefits, but why it's important that that be integrated
and embraced as the systems evolve.
Greg: Well, I appreciate that. Mostly, I think that
the electronic health record market is an enterprise software market; and so
some writing I did several years ago made me somewhat skeptical that free and
open-source software packages were going to do as well in an enterprise
software market as they've done in some other areas. The flagship example, and
one of the classic examples of very successful FOSS, is the Linux kernel and
the various operating systems that are built on the Linux kernel. And that
includes the Android platform for half, two-thirds of the cell phones in the
world. And so open-source has been very successful — Foss has been very
successful — when it creates a platform for kind of other technologies to build
upon. It's also been pretty successful when there's some kind of support or
maybe ceding of the technology by maybe a government agency or some kind of
consortium; and this can take us to electronic medical record software. The
Department of Veterans Affairs in the United States has for many years had its
own internal electronic medical record system. That, however, has always been
available as source code. And there's some companies — Medsphere is one example
— some companies that try to use that system as a jumping-off point to deliver
kind of a hybrid product out in the general EMR — electronic medical records —
marketplace. But the EMR marketplace is really dominated by your traditional
proprietary software vendors; and I think there's some structural reasons for
that. The kind of care and feeding you need to give to a doctor's office or a
hospital to have them install and use the software isn't typical of a lot of
FOSS projects, which are great for developers who know how to go grab some
code, use it, and deploy it, but maybe isn't so great for non-technologists
like the staff you see in a typical hospital, particularly a small hospital or
physician's office.
Denise: Right. Hey, Jonathan, we got a comment in IRC
from CRL, who says: "It's simple. Unless the patient signs a release of
data, the patient won't get health care." Do you think that we're already
there or are headed there, where people are just going to have to sign over —
at least agree to de-identify data for all of their health records?
Jonathan: Well, that touches on the constitutional —
what some people believe is the constitutional right to privacy, which is
framed in some very specific ways by the First Amendment, the Fourth Amendment,
and the Fifteenth Amendment, I believe. And so it depends upon the extent to
which that constitutional right is broadened and exists generally. So are we at
a point where we would either require in order to obtain health care, or impose
a penalty upon those that wouldn't share their information. I'm not sure that
we're at that point yet. I'm not sure that that would pass constitutional
muster, first of all; and I'm fairly certain that it would not be very popular.
So I suspect that even if it was constitutional, I don't think that a law
imposing that sort of an obligation would be ultimately enacted. The issue with
respect to — I think the key here is to give people some comfort in the fact
that they're individualized information, their identified information, will be
disidentified when it's used to provide a basis for diagnosis and treatment of
other patients. And I think that you can do that by simply following the tenants
or the pillars of privacy, which are established in the private business world
and E-commerce throughout this country and in Western Europe, which actually
originated these — there were seven, actually, pillars that originated with the
EU's directive on privacy and on data privacy. But it really comes down to
notice, consent, security, and then accountability. If you provide people
notice of what their information's going to be used for and how it's going to
be used and how it's going to be disidentified; and then you require their
consent in order to take the information; and then you keep their information
secure; and there's some accountability if the information is released in a way
that was not disclosed by the notice, or it's obtained by an unauthorized third
party, then I think that, for the greater good, most people would voluntarily
agree to permit their information to be used, particularly if they knew that it
was going to be properly disidentified. And remember that there's a fairly
significant generational gap in the terms of how people view privacy; and
people are very upset when the government collects our information; but if you
look at a generation probably even a little younger than I am — younger than
forty, younger than mid-thirties, they publish, themselves, quite a bit of
information about themselves on social media sites. And we talk about these
individualized health monitors. I'm receiving health information from my
Facebook friends on a daily basis because a lot of them are connected to
Fitbits or to their Apple device; and the software applications that monitor
those aspects of their health are linked to Facebook and release that
information often on Facebook. I can't tell you the number of times that my
Facebook friends have automatic notifications or automatic posts about where
they ran and how far they ran on Facebook. I think they usually do it just to
make me feel guilty.
Denise: (Laughs)
Jonathan: But I'm getting a lot of that information as
it is. And so I think that if you provide people a basis to be comfortable with
the fact that their information will not be tied to their identity, and that
they know that the information will ultimately be used to help other people, in
a way, that the information could be used to help them, I think that, in many
instances, people will voluntarily provide that information. And certainly,
enough people will provide the information to provide a basis — a volume of
data from which we can begin this process to use it to help others.
Denise: Do you think, though, that in the notice
component of your rubric there — notice, consent, security, and accountability,
I think were the four corners of your building there. In the notice portion, do
you think that what doctors will do as a practical matter, or companies like a
Fitbit sort of application that are gathering this data, that what they will do
is just say, Well, the notice that we're giving you is, we can use this and
share this at will, and you have no recourse. Or does that run into the constitutional
problem that you raised?
Jonathan: Well, I think to the extent that they have no
recourse, which would — then that second pillar would come into play, and they
really aren't giving true consent. Compelled consent is not consent; so then,
that second pillar would not be satisfied. But I think that — in the medical
field, remember that doctors deal with the issue of informed consent for
medical procedures all the time. So they understand, at least in a very general
way, the importance and the framework with providing people notice of the
specific consequences of a certain procedure. So this really just transfers
over. What this is is an informed consent with respect to the use of data. Now,
with respect to the private sector, if you're talking about those exercise
devices — and now the Apple devices containing sensors that collect some of
that information — I think that the commercial entities understand that concept
perhaps in a different way, but just as well, in the concept of the privacy
that they already have to provide to their customers as a market issue. Because
the companies who suffer privacy violations often see a problem with respect to
customers not wanting to visit them. You probably see that in terms of the Home
Depot breach of the last few months; Apple certainly got a lot of bad press
with regard to their iCloud hack. So I think that both in the private sector in
terms of commercial entities providing personal health devices, but also in the
medical field, you have a basis for those entities to provide good, clear,
accurate notice and obtain what I would refer to as an informed consent for the
use of data.
Denise: Hey, Lindsey, what Jonathan has been
discussing segues really nicely to your article about Twitter and your lunch
solving problems. Specifically, people voluntarily putting information about
their health on something like Facebook or Twitter and then, now that that data
— those data — are out there ... (Laughs) ... that public health organizations
can come and make use of them. Can you tell us about what Chicago's doing?
Lindsey?
Lindsey: Right. So they are mining Twitter. So they
have ran an application that goes to Twitter and finds all the tweets in the
Chicago area that say — I think it's "food poisoning" or "food
poison" or something. And they find all those tweets, grab them, and then
they have a machine learning algorithm that is slowly learning which of those
tweets actually have to do with food poisoning and which of them don't; and
that's being aided by some health workers who are going through these tweets.
And then they're actually following up with those people who do have food
poisoning and figuring out where they ate and trying to go to those restaurants
and do some surprise inspections. So they're trying to use the data on Twitter
that people are putting out there voluntarily about vomiting or something after
they ate Chinese food, they're using that data and trying to use it for the
public good, I would argue.
Denise: So this is called Food-borne Chicago, the
project, and you write that other cities are interested in doing this, too, and
that this may be just the beginning. Can you see this — well, first of all,
that algorithm that they do had better be pretty darn sophisticated because one
of the problems in, like you said, correlating data and trying to draw
conclusions based on it is that sometimes you look at something and you think,
Well, this has to do with what it's talking about; but, humans being humans,
that's not always the case. So I'm real curious about how they're winnowing
these tweets and deciding, this is cause to actually go investigate a
restaurant. Do you have any more information about that?
Lindsey: Well, when I talked to them, they said that
they had a lot of problems at the beginning with people going to universities,
or, like, health officials going to universities or other places and speaking
about food poisoning instead of actually having food poisoning.
Denise: (Laughs)
Lindsey: So I think that a lot of that is the language
choices that people are using and the emoticons or whatever. If you have a
happy face emoticon with your food poisoning tweet, you probably don't have
food poisoning. (Laughs) I would hope so.
Denise: Right.
Lindsey: It's not a happy thing. And New York is doing
this, too, some with Yelp, where they're going through and looking for the
those "food poisoning" on a review of a restaurant. And I would say
that in that arena, on Yelp, for a restaurant, it's probably easier to figure
out which ones are actually food poisoning as opposed to — I don't even know
why you'd be using the word "food poisoning" if it wasn't food
poisoning on a restaurant review.
Denise: Yeah. You would think that in the context of a
review, that would certainly have something to do with a complaint someone was
lodging. But on Twitter, who knows why people post what they post to Twitter or
Facebook? They could be making a comparison or an exaggeration that wasn't
actually based in fact. Greg, you'll be happy to know that the code for
Food-borne Chicago is available on GetHub and is open-source. So for other
cities who are interested in finding out when people are throwing up on Twitter,
they can go right ahead and do it. (Laughs)
Greg: Well, I think that Lindsey's remarks make me
want to raise just a computer science point; it's not a legal point. All this
data and the increasing amounts of "big data" we're collecting in so
many places across society and business, there's really a need for greater
natural language processing and figuring out what people are saying on Twitter
and whether it really means they got food sickness or not. It's very difficult
as computers struggle with interpreting those little bits of language that come
out in a tweet; and it'll get better. I think the comp sci — the computer
science — will get better at doing that over time; but there's a similar kind
of an issue in health care as health care aggregates lots of big data. Having
that data be more useful means that it has to be increasingly better described
in what are called medical vocabularies, kind of specific taxonomies of labels
to apply to conditions. And making the data more uniform, either through medical
vocabularies or better natural language processing in these health care
systems, is a part of what I think of when I think about next-generation
systems that will really do a better job of helping health care providers to
improve health outcomes and understanding trends in what might be happening in
a population of health.
Denise: Yeah, absolutely. I think we have a long way
to go in being able to make sense of what information people put out about
themselves, either passively or intentionally. Particularly intentionally,
though, because if you don't know the context and you don't have a human brain
trying to tell you what the context is, you're going to have mistakes and
errors. I'm going to go ahead and put our first MCLE pass phrase into this
episode of This Week in Law. We put these in in case you are listening to the
show for continuing legal or other professional education credit. Some of the
oversight boards that ask people to continue their legal or other professional
education would like to know that you actually watched or listened to the show;
so we put these phrases in so that you can demonstrate that you did. So our
first one is going to be "bad taco," based on the story that we've
been discussing about Chicago. (Laughs)
And I guess now would be a good time to throw
into our discussion something that Jonathan sent my way and I hadn't seen
before. Presumably, Lindsey, you have. This guy's name is Tyler Vigen
[pronounced with long I], or Tyler Vigen [pronounced like "vegan"];
and he has a delightful website that is called Spurious Correlations, where he
takes some statistics and puts them side by side on a graph and tries to show
how drawing a correlation between these two things is just ludicrous even
though you might be tempted to do so because the rate at which something has
increased or decreased correlates so precisely with something else. And some of
his examples are U.S. spending on science, space, and technology and its
strange correlation with suicides by hanging, strangulation, and suffocation.
Jonathan, since you put this my way and said it made you chuckle, do you have
any other favorites?
Jonathan: Sure. And actually, I came across this site
because I have an engineering degree from the University of Virginia. And I
never worked as an engineer, but that was my degree before I went on to law
school. And so I find that a number of lawyers are math deficient or afraid of
math, and I often end up in discussions with lawyers on cases and outside of
cases where they believe that correlation equals causation. And then I came
across the site because it has some great examples of situations that clearly
are not caused by one another but are correlated. For instance, my favorite
today is that the per capita consumption of cheese in the United States is
highly correlated with the number of people who died by becoming tangled in
their bed sheets.
Denise: (Laughs)
Jonathan: And the correlation is at approximately 0.95.
So that's a very high degree of correlation; but certainly, I don't believe
anybody really believes that eating cheese causes you to become entangled in
your bed sheets and die.
Denise: Right. And Tyler must be fascinated with that
per capita consumption of mozzarella cheese stat because he also correlated
with people who have been awarded their civil engineering doctorate. So
presumably, that happened before they died entangled in their bed sheets.
(Laughs) So it's kind of fun. Does this point out anything that we can draw a
lesson from, Lindsey?
Lindsey: I think that it's just that there's a lot of
misinformation about data out there; and largely, people don't understand the
difference between correlation and causation, and it's an important
distinction. I mean, my favorite example is usually, when I wake up on a
weekend, the sun is out; so the sun being out correlates with me waking up on a
weekend, but that doesn't necessarily mean that me waking up makes the sun
rise, even though that would be great. There was another one that I saw, not on
this website but on another website, that had the percentage of women in an
undergraduate major with the average IQ of people in that major. So as more
women are in the major, the IQ goes down. So it's correlated. (Laughs) The
amount of women is not causing the average IQ of the major to go down.
Denise: And was that because, on the whole, women have
a lower IQ than men? (Laughs)
Lindsey: No. If you actually look, that's equal. Men
and women's IQs are pretty equal.
Denise: Right.
Lindsey: The difference was that it was caused by, I
think — I don't want to say definitively — but I think it was caused by the
fact that there's a lot less women in STEM majors, and the IQ is actually drawn
off of GRE scores. So if you're in a STEM major, you probably have a way higher
quantitative GRE score. Although the qualitative GRE score is the writing
portion of the GRE, it's pretty much equal across the board. So as there was
less women because it was a STEM field and there's a lot less women in STEM,
unfortunately — a lot less women in engineering computer science — the GRE
scores were going up and the amount of women were going down.
Denise: I see.
Lindsey: So it was just this weird correlation that
didn't have anything to do with how smart women are. (Laughs)
Denise: (Laughs) Good. Good to hear.
We've been trying to understand big data. Let's
try, as we are coming up on an election next month, to once again — it seems
like we try and grapple with this every time there's a major election — try and
understand why the heck we can't vote online. (Laughs) And Jonathan, why don't
we let you try and explain to us. I just filled out my early written ballot
here in California, and my son got a huge kick out of watching me bubble in the
squares with a black pen, and he thinks it's the most low-tech crazy thing he's
ever seen in his life. He's never seen an actual voting booth, which actually,
in our neck of the woods, I think, still uses the punch ballot. So he'd
probably be delighted by that, too. Why, Jonathan, can't we vote online yet?
Jonathan: Well, I think the problem comes from — there's
two parts of the problem, really, and one is a data privacy problem; and one is
a data security issue. And the problem really stems from the fact that we have
gotten used to engaging in E-commerce transactions and believe them to be safe;
but they are not perfectly safe. And we see examples of that on a fairly
regular basis where information is either intercepted or information is
released in an unauthorized way. So when you have an E-commerce transaction and
that occurs, you have a charge on your credit card that you have to challenge;
sometimes you end up with an identity theft issue which is very serious. But
that does not affect anyone other than the person who was entering their data.
In the context of electronic voting, a change — the data security issue in
particular can ultimately affect those who didn't vote or those who voted and
their data was not affected by the security breach. And so then you get into
the issue of the fact that voting requirements in terms of security are going to
be very different in terms of framework and standard than the requirements for
E-commerce transactions. Now, people are very concerned — obviously, we've been
talking about health information, and people are very concerned about their
privacy with respect to that; but people are also very concerned about their
privacy with respect to the voting booth. And people are very suspicious,
particularly in the last year and a half to two years, of the government in
terms of how the government is maintaining information. And so providing your
information in an electronic form that is identifiable to you in terms of who
you vote for is something that I think people are going to be very concerned
about. In addition to the issue of the security of that information, whether it
could be hacked or released to others; and then, there's the third issue of,
how do I know, if I submit my ballot in an electronic fashion, that by the time
it gets counted, has it not been changed by some bot or some code developed by
some hacker before it actually got counted in terms of the election? And so, in
order to maintain the confidence in the election process, I think we're still a
few years away from getting to the point where people could vote. But you get
proponents suggesting that there are a lot of different things that make voting
more difficult than it should be, and one of those is the fact that people
can't vote electronically. You have to actually, in many states — in Virginia,
for instance — you have to leave your house and go to a voting location and
vote there. And obviously, voting online would be much easier; and they always
point to the fact that 150, 160 million people vote in the last presidential
election were two or three times that vote sometimes on some of these popular
talent shows. Well, the fact is that many of those popular talent shows have
had voting processes that have been affected by hacking or data security issues
or data privacy issues, or just people developing bots to create false votes.
So it's an issue that I think we still have some technological limitations in
terms of, we cannot, I think, perfectly secure and guarantee that the votes
cast will be the votes counted, or maintain people's privacy to the degree that
we should with respect to a vote. But even once we get to the place where we
have the systems — even once we get to a time where we have the systems in
place to do that, creating, essentially, consumer confidence or voter
confidence in the process is going to be the next hurdle; and I think it's actually
going to be the most significant one.
Denise: Hearkening back to a couple of episodes ago,
RaceQ in IRC is commenting that votes could be authenticated by a bitcoin-style
block chain; and there's probably something to that. But until we get to that point,
Greg, are you — do you find yourself happy or frustrated that we are still in
the age of paper ballots?
Greg: Well, paper ballots are eventually hopefully
going to go away. I'm a little bit frustrated about it, but I would actually
follow on Jonathan's remarks with a comment about voting machines themselves.
There's a group of computer scientists who probably for quite a few years now
have been trying to advocate that all voting machines, which are supplied by a
small number of fairly large companies, that all voting machines should run
open-source code, code that is transparent, where someone could see the source
code. And the convenience of voting online is one thing; and the reason we
don't have that convenience per Jonathan's remarks is, we don't yet have full
assurance we can have accountability for the voting. But that's not necessarily
something everyone's confident in, even with respect to voting machines, if
they're not fully transparent at the most basic level, the most important
level, of that technology, which is, what is the code doing inside of them? And
again, it shows the benefits of transparent source code under a FOSS model
where many eyeballs, lots of people, can take a look at what the code is doing
and maybe give third-party certification to the idea of, it handles the votes
correctly, collects them correctly, maybe or maybe not does a better job of not
being susceptible to malicious software. Open-source software hasn't done as
well with that with a couple of examples recently; but I think it's a model
that is an important policy perspective for voting both as we continue with
voting machines and as we transition online. You might say, if we're going to
go online, that should be a platform that's open-source based.
Denise: Yea, absolutely. It would probably help situations like the one that happened
to Republic state representative candidate Jim Moynihan in Chicago. Presumably
he went to the polls shortly after tweeting about his food poisoning experience
lunch. But whether or not he did that, he did go to the polls and try to vote
for himself. And there was a touch screen voting mechanism in place there at
his polling place. And every time he tried to touch the screen, presumably he
was only allowed to cast one vote. But when he did try to touch the screen and
vote for himself it cast the vote for his opponent which is something that he
complained about. The Cook County Board of Elections came out and said there
was a calibration error on the touch screen of the machine and that we have
done something about that improper calibration. So certainly that could be
problematic and it’s pretty funny that it was an actual candidate who discovered
the error. Any thoughts on this, Greg?
Greg: Well I had not seen that news report. But it’s both gives one pause and one
entertaining. The pause really goes back to the idea of how do we have the
greatest confidence in technology in these voting systems, be they
machine-based where people come to them. Or online. And there’s some pretty
strong arguments that they increase the confidence in the system if you have
transparence, auditable by public actors, approached to the source code.
Denise: Alright, anybody else have any thoughts on electronic voting? Or representative
Moynihan’s touch screen experience before we move on?
Lindsey: I think one thing that we also need to point out is that we don’t have
universal Wi-Fi still. So we don’t have universal broadband. And that’s also
going to be an issue because how are these people that are in rural Idaho going
to vote if they need to vote electronically?
Denise: Yea, I think that’s an issue that could be addressed though. We could certainly
have a phase-in of using the kinds of voting technologies that we use now and
making sure that everyone has access to the voting process while still making
steps toward improving that technology. I would hope anyway. Every time I get
my early paper ballot here in California, I just have that once again back to
the future kind of sensation. One of these days this is going to change. But
it’s been many a year and it has not. Jonathan, any thoughts about voting?
Jonathan: Well I think in respect to this particular case that you mentioned, the
calibration error is a third type of issue. And that’s a technical error with
the voting machine itself and not an alteration of how the data is kept. And
the calibration error was with a touch screen so he thought he was touching one
part. The machine itself registered his touch in a different location so he
voted for his opponent. And I think he recognized in the story and admitted
that he should have checked his ballot before submitting it. So it’s a machine
error but a shared-user error experience. But I wonder how many users would not
have checked at all and probably didn’t know they voted for the wrong person.
Denise: Exactly. This guy was paying attention because he was a candidate. How many
others would just log their vote? Alright, let us move on to an interesting
development in the world of the social web. So this is a fun story to bring up
in the wake of our discussion of correlations and not necessarily drawing
conclusions based on causation due to correlation. However I think this one
falls on the side of yes, we can see there is causation here. And this is a
story out of the UK that is reporting that there has been a 23% rise in the
number of reported defamation cases over the past year. Up from 70 to 86%
because these cases, well it says it’s partly due to a sharp rise in claims
brought over defamatory material published through social media and websites.
So the more that people are out there posting about their bad taco and blaming
the restaurant for their food poisoning experience, the more that people are
going to find themselves held accountable for what they’ve posted if there is a
defamation claim that can be brought as a result. And the UK appears to be
experiencing that kind of increase. Lindsey, what do you think of this stat?
Lindsey: I think that the percent increase is an interesting number but we also
need to put it into context to how many people there are in the United Kingdom.
And a number under 100 is so very small.
Denise: What do you think, Jonathan? This just seems like a logical development as
there’s more and more data, there are more and more opportunities to take
something and turn it into a lawsuit.
Jonathan: I think there is certainly a cause and effect relationship between the
increase in lawsuits over defamation and the increase of those comments online.
The important thing I think to note is that that’s unlikely to happen in the
United States because we have a very different legal framework with respect to
comments online. For instance, section 230 of the Communications Decency Act of
1996 provides a fairly broad immunity to website operators that publish those
comments as long as those comments were essentially provided by third-parties.
So as long as the website operator is not preparing the comments, they can’t be
held liable for defamation. It’s the individual commenter that would be liable
for defamation if it’s a false and damaging remark. And it’s unlikely to result
in an increase in lawsuits in the United States because those individual commenters
often don’t have any money from which to pay a defamation judgment. Since you
can’t go after the website operator which would probably be the deep pocket in
that relationship, those lawsuits don’t get brought as often as they would in
other places where they don’t have section 230 immunity. The other issue and I
get these cases a fair amount because I do a lot of internet work, where
companies come to me and say we have something negative that’s been said about
us online. Can you get those comments taken down? Or can we sue the people who
made the comments? Or can we sue the website that published them? And the
lighter answer almost always is no. The probably with bringing those issues is
that often times businesses think that everybody reads everything on the
internet and just because it’s on the internet it reaches millions and millions
of people just because it could potentially reach hundreds of millions of
people. And that’s simply not the case. There are some instances where you’re
shouting or make a comment on the internet and it’s like shouting in an empty
forest. There’s really nobody to hear it or only a handful of people who hear
it doesn’t really affect the business. And we always advise those businesses
not to bring suit based on comments made on the internet unless they can show
there is a real economic damage that resulted from the comment. And the other
reason for that is that often times you fall right into the Streisand effect by
raising the issue and filing suit on the issue, you actually draw more
attention to the comment that would have been provided otherwise. The Streisand
effect of course, it comes back to 2003 when Barbara Streisand found there was
a picture of her Malibu home published on the web. So she filed suit to get it
taken down essentially and filed suit for an invasion of privacy. As a result
of her lawsuit, prior to the lawsuit, six people had visited that site and had
seen the photo. After that lawsuit, 420,000 people in the month following the
filing of the lawsuit visited the site to see the photo. By raising the issue
and trying to suppress it, she actually drew more attention to it. That’s what
we often caution our clients not to do, that you should only bring those claims
when it’s clearly causing significant economic harm. Because what you’re likely
to do is hurt yourself.
Denise: Yea, there are a bunch of interesting things in what you just said. One of them
I think would apply to if you did decide to proceed with your defamation
lawsuit. And you got around to the point of showing that defamation had
occurred and you were trying to quantify the damage and have damages awarded.
It would seem like there would be a real good defense to a claim for high
damages by saying, look there’s just so much data out there. And so much noise
that it’s impossible unless you can show me quantifiable reduction in business
that is not just correlated to this happening. That you can demonstrate the
causation, then just the fact that something has been published online
shouldn’t necessarily support a high damage aware. Would you agree that we can
see that play out in some of these cases?
Jonathan: Absolutely. We’re inundated with so much information about businesses
that’s published by people online. And I think to a certain extent people who
rarely view information online have a healthy distrust for some of it and take
it with a grain of salt. So I think you can certainly, unless the comments are
consistent negative and come across multiple platforms from what appears to be
multiple different sources. I think people generally disregard them. I know
that if you look on any of the popular retail sites reviews of products, no one
takes them seriously if it’s just sparse negative comments by people who seem
to be related or seem to have the same issue. And it seems to be a rare issue
with the product. It’s only instances which the complaint is consistent and it
comes from multiple sources, and is fairly severe and negative.
Denise: Greg, with your law professor hat on, any thoughts about rising defamation
lawsuits in the UK?
Greg: Well I would say the matter of the legal analysis. I would not bet or prove
upon Jonathan’s terrific summation. I would make two points though: one is the
nine years I worked after undergrad before law school, part of my role in these
enterprise software companies was doing marketing and public relations. And I
think amplifying Jonathan’s point that companies are still trying to figure out
best practices, smart ways to engage with and respond to social media. And I teach
law students and I hope I don’t give them the idea that the solution to every
business problem is a lawsuit. Often, that’s the worst idea. So I’m aware of
some technology companies, instead of filing suit, things they think may be
defamatory, they instead have programs that go in and engage with their own
representatives identified as a member of that company. And kind of engage with
those social media communities. Social media outreach as a way to get into the
conversation where people might be saying things that are negative to your
business interests seems to me to be a better overall business process than
filing lawsuits.
Denise: Yep, lawsuits generally don’t get anyone where they need to go. Aside from a
whole lot of expense, I’m not saying there aren’t situations where they’re not
the only solution and the best solution. But those situations I think should be
the exception and not the rule. Well, we are far enough away from talking about
concrete cases of food poisoning that I think we should take a break. And thank
our sponsor for this episode of This Week in Law, which is Nature Box. Nature
Box is giving you a chance right now to get a complimentary trial box of their
most popular snacks and pay just $2 for shipping. So what you’re going to do is
take that candy bar, potato chips, all that junk food that you know you like to
snack on all day, and instead do what I do. Get delicious, wholesome snacks at
naturebox.com. Nature Box has hundreds of delicious snacks. I don’t feel guilty
about eating them. I don’t feel guilty about feeding them to my family because
they’re better for us. They’ve got zero artificial flavors, colors, or
sweeteners. Zero grams of Trans fats and zero high fructose corn syrup. That’s
saying a lot. I challenge you to go to your pantry right now and find things in
there that can make all of those claims. Zero artificial flavors, colors, and
sweeteners. Zero Trans fats and zero high fructose corn syrup. It’s hard. But
it’s easy when you’ve got Nature Box. You’ll even find snacks with no added
sugar and without gluten. So in the afternoon when you’re hungry, do what I do.
Grab apple cinnamon crave from Nature Box or sriracha-roasted cashews or
cranberry macaroon granola. Or I can’t even give you all the examples because
there are hundreds of yummy, little, delectable nuggets that can come your way.
And you just have to pick out what tastes are best for you. And Nature Box will
take it from there. They’re so good and they’re so much better for you than the
other snack options out there. You really have to try them. To do so, you can
start a trial and get a complimentary sample box at naturebox.com/twit. That’s
complimentary; that means they’re just going to send it to you and you get to
enjoy these delicious snacks. So stay full, stay strong, and start snacking
smarter. Go to naturebox.com/twit. Thank you so much Nature Box for your
support of This Week in Law. Alright, Lindsey, I wanted to go over with you
just real quick the round-up, the world of data this week that you did last Friday.
And then I guess you do every Friday at US News and World Report. Much like
your newsletter, although your newsletter focuses on ups and downs, just quick
interesting hits from the data out there. What in particular last week was the
most interesting you think you wrote about here?
Lindsey: I would say probably the Ebola data. Just because there is so much on
it and it’s just taking off. And then also the wearables are very interesting.
I link to the cancer story that we’ve already talked about and also that video
that you see right there about what Microsoft thinks the future is going to be.
And I think maybe 2030 or 2040; that video is fantastic. And there’s another
video as well where it’s just the internet of things and everything is
connected and you’re getting information from all these surfaces. It’s an
interesting thing to think about.
Denise: Yea, absolutely. You have a Facebook group called Futurology. Tell us about
that.
Lindsey: So anyone can join in it. It’s just a place to discuss the future and
how we can either avoid the bad things that people are predicting in the
future. For example, data insecurity; how we can avoid those and bring upon the
good things about people predicting about the future. For example, innovations
in health and innovations in education.
Denise: Very cool. As long as we’re sort of covering random odds and ends here, this
caught my eye as I was prepping for the show. Mostly because Greg is in
Houston, and it’s another little data point where young college graduates are
choosing to live. And apparently, let’s see we’ve got Denver, San Diego,
Nashville, Salt Lake City, Portland, Oregon, and Texas is high on the list. So
are you seeing a lot of youngsters moving into your neighborhood, Greg?
Greg: Well not specifically into my neighborhood. But I think we’re very fortunate in
Texas; just in the last 5-10 years the opportunities for jobs, the economy has
remained pretty good and probably stronger on averages compared to other parts
of the country that has had some difficulties. So Texas has four great
metropolitan areas: Houston, Dallas-Ft. Worth, Austin, and San Antonio. And
those four areas are all relatively close to each other in the southeastern
part of the state. A four-hour drive at most between any of those cities. And really
all of those four areas have really good drivers behind their economy and job
prospects particularly in technology. Job prospects have been really good. The
city of Houston has terrific technology production; it’s often said Houston is
the energy capital of the world. But I think of it as the energy-technology
capital of the world because so much of the technology that’s produced the
revolution recently in bringing us back to potential energy independence
derives from Houston-based companies and the great innovation that’s going on
here.
Denise: Sadly, Detroit is down at the bottom of the bar graph that is included in this
New York Times piece, with a minus 10% in change of college graduates age 25-34
from 2000-2012. So the leaving of Detroit as opposed to going anywhere else.
Lindsey, any though on this little data point?
Lindsey: I think that just we’re seeing a lot of changes with the housing
market, with millennials that are also correlated with this change. For
example, millennials are choosing to rent over buy. We’re also seeing a lot of
correlations with the car market; that millennials are choosing not to own
cars. And I think that just caters a lot to these smaller cities that have a
lot cheaper rent where you don’t need a car. And that’s where they’re choosing
to move as opposed to these more expensive cities that kind of have been
long-draws for young people like Washington D.C., New York, San Francisco. The
rents are just sky-rocketing there for rented apartments. So they’re looking at
other places. Also the technology companies and other companies that attract
young grads are moving out to these cities. For example Dropbox has a location
in Texas now.
Denise: It would be interesting to overlay on this graph something related to the ease
and access to alternative forms of transportation. Alternatives to owning your
own car, to see how high places like Houston, Austin, Nashville, and Denver
rank in that as well. Whether it’s Uber penetration or some sort of car-share
availability or other things. Because I think you’re absolutely right that that
would be a very strong draw. Owning a car is definitely something that seems to
be less attractive than it used to be. Are you seeing numbers on that, Lindsey?
Lindsey: I don’t have any in front of me but there was a recent article in the
New York Times that talked about this. There are numbers; I can post them in
the chat room.
Denise: That would be awesome. Okay let’s move on to talk about patent law
exceptionalism and the judicial process. The story obviously related to
patents. So Greg, we have sometimes talked on this show about
cyber-exceptionalism and how things shouldn’t be treated differently simply
because they happen in an online context. So tell us about patent law
exceptionalism. What is that exactly?
Greg: The blog that I wrote is about a specific case which I can talk about in a
moment if we want. But part of the point of the blog was to say we mostly have
what I would call a unitary patent system. We have mostly the same patent law
whether we’re talking about chemical technology, software technology, or drugs,
or other technologies. There are some exceptions to that but we have a unitary
patent law for all types of technology. And whether that’s good or bad, or your
view on that, kind of depends on higher-level policy perspective. Because at a
base level, we have the patent system to try to promote innovation, promote the
generation of new inventions. And we’ve had the patent system for over 200
years in this country. And most countries in the world that have produced and
manufactured technology. So the blog posts about this specific Supreme Court
case that was argued last week; the blog post is looking at a different type of
exceptionalism which is the judicial process. The way judges might think about
both the law and the facts of the case, specifically a patent infringement case
about a generic drug versus a quote-unquote pioneer drug. And part of the
points in the piece is to say maybe patent law, if it’s going to be unitary to
technologies should also be not so exceptional in trying to have different ways
of looking at judicial process and the procedure of how parties litigate patent
infringement cases all the way up the food chain if you will. These cases start
at a federal district court and are usually appealed to a specific Pellet
court. And a very small number of them end up in front of the Supreme Court.
Denise: Got it. So the argument happened last week. It’s always fun to try and
arm-chair-quarterback a Supreme Court oral argument. Are you willing to do
that? Do you have any thought about how this case might go based on the
argument? And why it’s an important one?
Greg: Well before making it kind of a weasely prediction at best, let me just set the
stage a little bit. This is a drug company, Teva that has a number of patents
on a very important multiple sclerosis drug. And the patents were challenged by
a generic drug company, challenged in a particular way with some special
process Congress put in place to let generic drug companies have a chance to
litigate before the expiration of the patent. Because what a generic drug
company doesn’t want to do is they don’t want to make the drug and start
selling it. They have to get FDA approval to do that. But if they would make
the drug and start selling it, because of the value of pharmaceutical products,
they could engender terrific infringement liabilities. So we have some ways for
these issues to be litigated before the generic drug company actually goes into
the process of making and selling the pill. And that’s what happened in this
case and the federal district court judge found Teva’s patent to be valid.
Every time a patent is subject to an infringement lawsuit, it has the potential
to be invalidated. There is various legal requirements you have to meet to have
a patent. Those are all subject to challenge. They’re at risk. So sue on your
patent is to put our patent at risk to be invalidated. But that did not happen.
Teva won at the district court level. The key patent that survived to the
Supreme Court level survived because it’s not yet expired. The key patent was
one the district court found to be valid, or at least not invalid. And so then
the Pellet court, which in this case is in Washington D.C. It’s the United
States Court of Appeals for the Federal Circuit; I actually personally had the
great opportunity to court there from 2001 to 2002. So this is a court where I
worked for a particular judge on the court. And the Pellet court said well we
think that this particular patent, the claims and the patent are invalid due to
something called indefiniteness. And that’s what was argued before the Supreme
Court. The Supreme Court took this case to try and figure out whether it, the
Supreme Court thinks the Pellet court called the federal circuit was the Pellet
court is thinking about how to interpret the claims of a patent in the right
way. And the issue is whether when a Pellet court thinks about interpreting the
claims of a patent is that something where if there’s underlying factual
determinations for the district court as a judge had to find some facts; should
there be some deference given to those facts. And it’s really almost a
philosophical debate. Do we want to interpret a patent claim as something
that’s purely a matter of law, like interpreting a contract, or is it something
where we think there’s some quote unquote facts involved? In which case, the
relationship between the Pellet court and the district court, there does need
to be some deference. I think there’s, to go to my weasely prediction now, a
pretty strong chance the Supreme Court may want to alter how the federal
circuit thinks about the process of interpreting a patent claim. Where there
may need to be a recognition of subsidiary or underlying factual issues that
might get some deference from the Pellet court. Or the Pellet court will have
to give some deference to the district court. And what this does is changes a
little bit or potentially quite a lot the quote unquote power between the
Pellet court and the district court. We were talking earlier, Denise, about
litigation and expensive litigation. The patent system has really been very
much in the eyes of Congress the last 5-8 years. And the systems important to
technology development. There’s also been major statutory revision to the
patent system 2-3 years ago, Congress has done some major things to change it.
And so the patent system is really a big focus of attention. These patent
infringement litigations have gone up dramatically in terms of the number of
them filed in the last three or four years. So it’s got a lot of attention. And
another thing that is worthy of note for the audience is that the Supreme
Court, the last couple of years has taken an astonishing number of these patent
cases for it to review. So as the patent system becomes more important in both
generally and for technology development, as it becomes more important in the
eyes of Congress, the Supreme Court has taken a tremendous interest in patent
law as well.
Denise: Yea, and it’s not something that you generally think about in the world of
patent reform. How a court is going to handle a patent case that comes before
it. But if in the wake of this Supreme Court case when it gets decided, a
Pellet courts have to give more deference to trial courts then what you were
saying, Greg, about litigation getting expensive or being discouraged comes
very much into focus. Because it’s going to be more of a challenge to undertake
an appeal in a trial court’s patent decision one way or the other if the Pellet
court has to give deference to that decision. That’s not to say it couldn’t be
set aside but it has… there are different kinds of Pellet review. And one is
dinovo. Where a Pellet court can just toss out what happened before and look at
everything with brand new eyes. And that wouldn’t be the case it sounds like if
this case goes that particular way, correct?
Greg: Yes, if the Supreme Court changes a standard and makes it so that the public circuit
has to give some deference to facts so to speak, facts that are part of claim
construction, I think it will alter how patent litigation happens. These are
very expensive lawsuits. Parties might spend $5-8M a side for a case. One
problem we’ve seen in the last decade is if there’s no deference, the federal
circuit can determine claim meaning without any deference. You don’t
necessarily know until the very end of a case, after an appeal is over, what
claim terms meant. And that can really undo a lot of the case. As difficult as
this whole patent litigation system is, the sport of kings because it’s so
expensive. But maybe we’ll eliminate that uncertainty if there’s some
deference. But on the other hand it may focus the energy of the patent
litigators, a very sophisticated group of lawyers that do patent litigation.
They really know what they’re doing and they can take opportunities to use a
change in procedure, or a change in a nuance of how we think about fact versus
law for claims. And maybe focus energy at the trial court level and people will
have the goal that you just said, which is to have that claim construction be
less upsettable on appeal. Particularly if they win at the district court
level.
Denise: Right. Alright, well we’re going to go ahead and have some synergy from our
prior MCLE passphrase. And make our second one bad patent. Moving on, we’ve got
several resources for you this week and a tip. And as long as we’re talking
about the Supreme Court, and we were talking very seriously about the Supreme
Court and very cerebrally about what goes on there in the import of its
decisions, I see no reason not to go from the sublime to the ridiculous. And I
like for you if you haven’t seen it yet, the fact that the Verge took something
that was put out there by John Oliver. John Oliver was making a statement
concerning the fact that all Supreme Court oral arguments happen behind closed
doors are not made available in any sort of broadcast form. The audio comes out
after the argument, but you never have a video view of oral arguments as they
are happening. Well John Oliver thought that was just too plain bad. And put
together an all-animal Supreme Court clip that he did with the hope that news
outfits or anyone else would come along and overlay some oral argument on top
of these mostly dogs. We have dogs as the nine justices, a duck as an
assistant, and a pecking chicken as the stenographer. So the Verge went along
and said the areole oral argument seems to be a good one to put on top of this.
And that’s exactly what they did so it’s quite educational because you can
listen to some very critical parts of the areole oral argument. I think we’ve
got a bit of it playing here in a moment. There we go, we’ve got the doggy
justices and I’ll quiet down so you can…
When they sign up, they’re
system is completely empty. There’s no content being provided. There’s
equipment that’s being provided. So the notion that they have in the reply over
that we’re a content provider, would mean that everybody who provides an antenna
or a DVR is somehow a content provider. They give the subscriber a menu and
says you have these choices and they’re providing these choices…
Denise: We’ll let you listen and watch this at your leisure. It is definitely worth
going through for anyone who like all of us involved in TWiL, we’re very
anxious to see the outcome of the areole case and paid close attention to the
oral argument. This definitely brings it to life in a whole new way. Our second
resource is from Jonathan who has been doing a great series at his ecommerce
blog on the seven key elements of a terms of service. And we’ve got the link
for you, on several posts. Everything we’ve talked about today including this
is at delicious.com/thisweekinlaw/280. Jonathan, without trying to go into all
your lengthy posts, first I’ll just thank you. It’s a wonderful resource. Why
don’t you tell us why you felt like it would be important to outline what are
the seven key elements of a terms of service? Do you feel like people miss
these a lot?
Jonathan: Well I feel like I get questions about terms of use an awful lot in my
practice. And it’s one of those things that I think people think that they can
either particularly for entrepreneurs that are just starting out, think they
can cut and paste from another website’s terms of use. Which they really can’t
do safely. And so what I wanted to do was put together a resource for somebody
who intended to go forward without counsel in terms of their terms of use, they
at least understood the concepts that should be covered. Although obviously
it’s better to seek legal advice for a contract, particularly a contract that
governs a relationship with every single one of your customers.
Denise: Alright, well you can check these out if you’re someone who is involved in putting
together terms of use. Or thinking about having a terms of use kind of
document. Definitely check out Jonathan’s post on that. And if you want more
information about voting in advance of our upcoming election, I have one final
resource to give you this week: verifiedvoting.org. This is a great website in
partnership with a whole bunch of great informational sources. We’ve got; here
I’ll read to you some of the people on the team: Pamela Smith, Warren Stewart,
Susan Greenhall, John McCarthy, Julie Rice. They are all putting together
information about the voting process. And in particular the online kind of
voting that we were discussing earlier. Developments there, whether privacy
protections are adequately in place. There is a lawsuit that has been brought
by the electronic privacy information center about getting data related to
online voting machines that have been in use. And seeing what sort of
verifications they can make as to their accuracy. So this is a neat resource if
you’re further interested in technologies related to voting. And then finally
our tip of the week, this week is a practical one for companies who are
involved in maintaining customer data. And it flows from the fact that there is
a lawsuit pending by I’m not sure who the insurance company is, I’ll need to
double check that. But it’s against PF Chang’s by their commercial general
liability carrier. And that carrier has decided that PF Chang’s, we may have
mentioned earlier on the show had a data security problem, is facing several class
action lawsuits. Or would be class action lawsuits about this data breach. And
as any company would do under that circumstance, they have gone to their
commercial liability insurer and it is the Traveler’s insurance company. And
said he we’re being sued, this is when you get involved. This is why we have
insurance. Please defend our lawsuits and give us some help here. This is
exactly why we have business insurance in place. Traveler’s has come in and
said no, this is not the type of insurance we provide under your standard
general commercial liability policy. So they’re seeking a declaratory judgment
from a court to look at the policy and say we’re dealing here with privacy
violations concerning financial data. Look at our policy and you’ll see that we
don’t provide coverage for privacy lawsuits. We only provide coverage for
things like bodily injury or property damage, or this strange animal in
insurance practice that’s called the advertising injury. That can cover things
like defamation claims. So that’s not what’s going on here. And Traveler’s says
that’s not the kind of insurance that you have. So our tip of the week is if
you are a company involved in maintaining data and so many companies are these
days, you are going to want to check on your insurance coverage and exactly
what kind of coverage you have. The second article we have in our discussion
points at Delicious is from CNBC and it discusses the concepts of cyber
insurance which it says is the next big thing. It writes among the expenses, a
policy might cover the cost of conducting an investigation into a breach,
notifying customers, reputational and crisis management, lost business, and the
cost of credit monitoring. Lindsey, has this been on your radar screen at all?
That business may not be adequately insured for the kinds of data claims that
are being asserted against them when they have an issue?
Lindsey: It’s been on my radar a little. We actually have a security writer who
writes more about that: Tom Reisand. So I would encourage anyone who’s
interested to check that out. But I think what’s been a little more on my radar
is how these companies respond to data breaches and the type of services they
offer once your identity is stolen, and that kind of thing. I was actually one
of the people who got their information stolen from the Target breach. So I
definitely experienced it first-hand and they offer you credit monitoring. So
thinking about what they should offer at that point is interesting. And what
kind of services they offer.
Denise: And what were your conclusions? Have you written about that experience?
Lindsey: I have not. Maybe I should.
Denise: It would be interesting. Tell us now, were you satisfied with the response? Do
you feel you were put back into a situation where your data had not been
leaked?
Lindsey: No, I had to cancel my credit cards and I did sign up for the identity
monitoring service but it hasn’t paid or anything. So I’m not sure. Also I
think that it’s only for a specific time, maybe like a year. And your identity
can, if they have your information, can be used at any time. So I would say
that’s one critique.
Denise: Alright well, here we go, we’ve given you an article idea. We’ll look for that.
And unless anybody else has anything else they feel like they really want to
get to today that we haven’t got to, I think we will wrap this show. Going,
going, gone. Greg, anything else?
Greg: No. Thank you very much. I appreciate the opportunity.
Denise: Yes. It’s been really fun getting to know you and having you on the show. You
can find Greg at gregvedder.org in addition to in person at the University of
Houston’s law school. Anything going on at the law school or in general, Greg
that you think people should be aware of? Any final thoughts you want to leave
our listeners with?
Greg: The University of Houston and the Law Center, it’s a beautiful campus. We’re
having lovely 80 degree weather down here, so we’re in the perfect weather time
for Houston right now. And it’s always fun to be here in the fall. A lot of
things going on on campus. So if you’re in Houston and want to know what’s
going on, let me know!
Denise: Great, thanks so much, Greg. And wonderful to see you again, Jonathan.
Jonathan: It was great to be back, Denise. Thanks for having me.
Denise: Any news from Virginia that you want to share with folks or anything you’re
involved in that you’d like to plug?
Jonathan: Well most of the things I’m involved in I can’t talk about, Denise.
Since I’m in private practice. No, things are going like they always go.
Denise: Good. I’m glad they’re going well and I’m glad that you could join us today.
And Lindsey, it’s been a kick talking to you. I’ve really enjoyed your writing
and really appreciate your taking the time to join us today. How about you?
We’ve already talked about your Facebook group, your US News writings, your
newsletter. Have I left anything out?
Lindsey: Well I did think of one thing that people might think is interesting.
If you Google fantasy Scotus, I’ve written recently about a fantasy league
where they’re trying to get people to predict the Supreme Court decisions from
this term. And the winner gets $10,000. So you may want to look that up.
Denise: Yes! We talked about that on the show. I thought that was so fascinating. In
fact I think that’s how I found you. I found that story and when I think she
would be a fascinating guest. So thank you for alerting us to that. We had an
online gambling oriented show; it was either last week or the week before. And
it talked a lot about that particular aspect of trying to arm-chair-quarterback
the Supreme Court. So thank you for highlighting that and for joining us today.
Lindsey: Thank you for having me.
Denise: Alright folks, if you’ve been joining us live, we really appreciate your taking
the time to do that. We record this show every Friday at 11:00 Pacific time,
1800 UTC. But don’t worry about it if that doesn’t jive with your schedule.
We’re available on demand too. Of course you can go to twit.tv/twil and our
archive of shows is there. You can find us on YouTube. You can find us on
iTunes. You can find us on Roku. All manner of places, whatever makes it easy
for you. You can listen to us, you can watch us. Just again, however it works
best for you. We love it when you join us live and you jump on in the IRC.
Always so great to have an audience there. Thank you everyone in IRC for
joining us today. Once again, between the shows, you can reach out to us. Give
us suggestions for great guests you’d like to see or topics you’d like to see
us discuss. Or follow-ups on the topics we’ve already discussed. You can email
me; I’m denise@twit.tv. You can find our Facebook
page; we’re at facebook.com/thisweekinlaw. And we have a Google Plus presence
as well; you can find us over there. Those are great places to write more at
length; follow-up with us, and have a discussion with other members of the
audience. And me too; I check those regularly. Or I also check my Twitter feed
in a compulsive manner, as we all do these days. I’m dhowell over there so if
you ping me there, that’s how I’m sure to find out about something that might
otherwise have missed my radar. So I definitely appreciate you keeping me in
the loop of things that you think are important and I know it’s been important
to me to have you join us here today and every week on This Week in Law. We
will see you next week for our next episode! Thanks so much, and take care.
