Sunday, May 31, 2009

Update on Anticipated Appointment of a Cybersecurity Coordinator

Updates a prior post: Anticipated Appointment of “Cyber Czar” on May 29, 2009.

While President Obama has not yet identified the individual who will undertake the position of Cybersecurity Coordinator (which has been referred to recently as a "Cyber Czar"), he apparently confirmed during a meeting of government officials and corporate executives on May 29, 2009, that this individual will be appointed to the staff of both the National Security Council and the National Economic Council. See Cam Simpson and August Cole, “Obama Moves to Curb Data-System Attacks,” The Wall Street Journal, at A9 (June 1, 2009) -- You might need a subscription to The Wall Street Journal Online to view this article. As the Wall Street Journal put it, this individual will “effectively serve two masters.” Id. It will be interesting to see how effective this position will be, given the oversight by both agencies.

Related Links:

* President Obama’s remarks during the May 29, 2009 session, which provide a bit more information about the expected responsibilities to be assigned to the position:

“To give these efforts the high-level focus and attention they deserve -- and as part of the new, single National Security Staff announced this week -- I'm creating a new office here at the White House that will be led by the Cybersecurity Coordinator. Because of the critical importance of this work, I will personally select this official. I'll depend on this official in all matters relating to cybersecurity, and this official will have my full support and regular access to me as we confront these challenges.

“Today, I want to focus on the important responsibilities this office will fulfill: orchestrating and integrating all cybersecurity policies for the government; working closely with the Office of Management and Budget to ensure agency budgets reflect those priorities; and, in the event of major cyber incident or attack, coordinating our response.

“To ensure that federal cyber policies enhance our security and our prosperity, my Cybersecurity Coordinator will be a member of the National Security Staff as well as the staff of my National Economic Council. To ensure that policies keep faith with our fundamental values, this office will also include an official with a portfolio specifically dedicated to safeguarding the privacy and civil liberties of the American people.” (Emphasis added)
* The report by Melissa Hathaway’s team was released to the public on May 29, 2009, and is available on the White House’s web site. There is also a brief discussion of her remarks during the May 29 meeting on the Briefing Room Blog.

Thursday, May 28, 2009

Anticipated Appointment of “Cyber Czar” on May 29, 2009

On May 26, President Obama announced among other things that he was establishing “new directorates and positions within the National Security Staff to deal with new and emerging 21st Century challenges associated with cybersecurity, WMD terrorism, transborder security, information sharing, and resilience policy, including preparedness and response.” Statement by the President on the White House Organization for Homeland Security and Counterterrorism, May 26, 2009.

These new positions directly result from the completion of an interagency cyber-security study that he commissioned on February 9, 2009, “to ensure that U.S. Government cyber security initiatives are appropriately integrated, resourced and coordinated with Congress and the private sector.” President Obama Directs the National Security and Homeland Security Advisors to Conduct Immediate Cyber Security Review, February 9, 2009. The study, lead by Melissa Hathaway, Acting Senior Director for Cyberspace for the National Security and Homeland Security Councils, was to be completed within sixty days.

The White House reported that the study was completed and delivered to White House staff on April 17, and is currently being reviewed. Statement by the Press Secretary on Conclusion of the Cyberspace Review, April 17, 2009. Once the review of the conclusions is completed, the White House “will begin discussing the results.” Id.

During a speech delivered at the RSA Conference in San Francisco in April 22, 2009, Hathaway apparently discussed some of the report’s methodologies and promised that once the report was issued to the public, it would be apparent that significant work would be required to remedy identified concerns. Reports of the speech were published in various places, but notable among them were Government Technology and Fusion Authority.

Finally, according to Information Week, the White House is expected to release the study report to the public on May 29, 2009, at the same time the new positions in the National Security Staff are announced.

CDT Recommended Keeping Advisor Position within Department of Homeland Security

On May 1, 2009, Gregory T. Nojeim, Senior Counsel and Director of the Center for Democracy & Technology’s (“CDT”) Project on Freedom, Security and Technology, testified before a subcommittee of the House Committee on Energy and Commerce on May 1, 2009, arguing that the new positions be created within the Department of Homeland Security, instead of within the National Security Agency (“NSA”). See also Reuters, “Experts: Cybersecurity Czar Needs to Be White House-Based,” published by FoxNews on May 2, 2009; Cong. Rec., Daily Digest, May 1, 2009 at D486 (confirms that hearing was held and that testimony was received by “public witnesses,” but does not identify who testified).

In his printed remarks, Nojeim admonished that the White House’s role in cybersecurity should be limited to “set[ting] policy and direction, and to budget[ing] enough resources for the program” through a newly-created White House office – to ensure transparency in the planning and budgeting phase of the process. Testimony at p. 7. He further argued, however, that as far as cybersecurity operations were concerned, “[t]he lead for cybersecurity operations should stay with the Department of Homeland Security, and the NCSC [National Cyber Security Center] should be provided with additional resources and high-level attention.” Id. at p. 8. He explained in detail why these operations should not be controlled by the NSA, including articulating CDT’s concerns that the NSA’s expertise in “spying” does not “necessarily entail superior expertise in cybersecurity.” Id. at p. 7.

The House Committee on Oversight and Government Reform held a hearing on May 5, 2009 to address “Cybersecurity : Emerging Threats, Vulnerabilities, and Challenges in Securing Federal Information Systems.” Cong. Rec., Daily Digest, May 1, 2009 at D489; see also Daily Digest, May 5, 2009, at D503 (identifying testifying witnesses).

The Senate Committee on Energy and Natural Resources also held a hearing on May 7, 2009 “to receive testimony on a Joint Staff draft related to cybersecurity and critical electricity infrastructure” at which witnesses were to testify by invitation only. Cong. Rec., Notice of Hearings, April 30, 2009, at S4994; see also Cong. Rec., Daily Digest, May 7, 2009 at D520 (identifying testifying witnesses who appeared during the hearing).

Expected Mandate of the CyberSecurity Director (“Cyber Czar”)

On May 26, 2009, after the President’s announcement, FoxNews broadcast its analysis (in video format). The analysis addressed a potentially “broad mandate” to be assigned to this new office, but did not provide any particular detail – presumably because the White House has not yet released any detail about these new positions.

Note that thus far, not only does it appear that a director-level position will be created, but also subordinate positions reporting to the director. It also appears that these positions actually may be created within the NSA, and not the Department of Homeland Security, as the CDT recommended. See Statement by the President on the White House Organization for Homeland Security and Counterterrorism, May 26, 2009.

New Bill Proposed on April 1 Supports Creation of National Cybersecurity Advisor

Several weeks before these announcements, Sen. John D. Rockefeller, IV (D-WV) introduced Senate Bill S. 778 (on April 1, 2009), which proposed certain duties and responsibilities of a “National Cybersecurity Advisor,” including acting as principal advisor to the President on cybersecurity legal issues, reviewing all cybersecurity-related budget requests, directing sponsorship for certain security clearances and employing experts or consultants as needed for “cybersecurity-related work.” S. 778, section 1(b).

An additional proposed duty is particularly troubling from a privacy perspective: “[N]otwithstanding any provision of law, regulation, rule, or policy to the contrary, [the National Cybersecurity Advisor shall] have full access to all Federal cyber-compartmented or special access programs.” While some of the terms in this provision are not defined – notably, “cyber-compartmented . . . programs”– the breadth of this provision and its clear rejection of the authority of other laws seems overreaching, perhaps permitting this Advisor to have unfettered access to certain information that may have been protected from disclosure by these other laws, regulations, rules or policies. Id., section 1(b)(5).

This bill was read twice when it was introduced and referred to the Senate Committee on Homeland Security and Governmental Affairs. Current status of the bill can be found here.

A More Detailed Bill, The Cybersecurity Act of 2009, S. 773

Senator Rockefeller proposed another bill on April 1, 2009: The Cybersecurity Act of 2009, S. 773. This bill identifies a more rigorous cybersecurity plan, including the ability to “declare a cybersecurity emergency and order the limitation or shutdown of Internet traffic to and from any compromised Federal Government or United States critical infrastructure information system or network” or disconnect these systems or networks in the “interests of national security.” Section 18, paras. 2 and 6.

The breadth of this proposed power to foreclose access to Federal government agency systems is troubling. One hopes that this power to declare an emergency – sufficient to deny access to public services – will not be wielded lightly, especially given the current Administration’s stated interest in providing transparency to government operations. The bill does not provide any guidelines for the identification of such an emergency, or for the determination of how long access should be denied, but it is anticipated that these guidelines will be included in any regulations associated with an act of this nature.

The CDT similarly criticized these powers through Mr. Nojeim’s May 1, 2009 testimony. Testimony at p. 4.

Because S. 773 does not refer to a National Cybersecurity Advisor or the powers intended to be assigned to this Advisor, further discussion of this bill is beyond the scope of this posting.

Wednesday, May 20, 2009

AIPLA Reports on the May 6, 2009 Federal Circuit Oral Argument on the Bose v Hexawave Case

In today's issue of AIPLA Reports, the AIPLA (American Intellectual Property Law Association) summarized very cogently an oral argument on May 6, 2009 before the Federal Circuit in the Bose Corp. v. Hexawave, Inc. case. Opposition No. 91157315 (filed July 17, 2003). The AIPLA had submitted an amicus brief in the case and partipated in the oral argument.

The AIPLA's summary also includes a link to the MP3 file of the audio recording of the oral argument. Based on this summary, it sounds as if the Federal Circuit might consider overturning the TTAB's opinion in the underlying case, in which the TTAB held that Bose's reliance on its repair services to demonstrate a continued "use in commerce" in support of its Section 8 and 9 declarations (for renewal of the registration) was unreasonable. Opinion at 14-17. The TTAB found fraud in the filing of the renewal declaration, granted the counterclaim to cancel Bose's Registration No. 1633789 and ordered that the cancellation occur in "due course." The appeal to the Federal Circuit followed, on June 11, 2008.

It remains to be seen how the Federal Circuit will actually rule, but this promises to be a pivotal decision in the Fraud on the PTO jurisprudence, which perhaps will provide more guidance to practitioners and their clients in determining what goods and services should be included in the applications and/or renewal declarations.

Friday, May 15, 2009

Fraud on the PTO Jurisprudence: Further Approval for Timely Corrective Action to Avoid Cancellation

On May 13, 2009, the Trademark Trial and Appeal Board (“TTAB”) recharacterized a previously-issued opinion in its fraud jurisprudence, making it “precedential.” In Zanella Ltd. v. Nordstrom, Inc., Opposition No. 91177858 (TTAB May 13, 2009, previously issued on Oct. 23, 2008), the TTAB continued its interpretation of the Medinol line of cases (see below).

Zanella filed a Notice of Opposition to Nordstrom’s application for registration; in response, Nordstrom counterclaimed, alleging that Zanella had failed to use its registered marks in connection with all of the clothing items included in the claimed registrations. With respect to one of Zanella’s registrations, the TTAB granted Nordstrom’s counterclaim and cancelled Zanella’s registration (despite its use of the mark on some of the products listed in the description), reasoning that Zanella knew or should have known that its mark was not being used in connection with all of the goods and services claimed in several filings with the PTO. Id. at 5.

With respect to four other claimed Registrations cited in opposition to Nordstrom’s application, Normstom raised the same counterclaim seeking cancellation of Zanella’s registrations. The TTAB was less persuaded, however, and dismissed the counterclaim. It found that in each of these other instances, Zanella sought to amend its registration by deleting goods on which the mark was not being used some significant period of time before the opposition was filed. Critical to the TTAB’s decision was the fact that the amendments happened before any dispute emerged about the validity of the registrations. Id. at 6-10.

The TTAB concluded that “opposer’s [Zanella’s] timely proactive corrective action with respect to these registrations raises a genuine issue of material fact regarding whether opposer had the intent to commit fraud.” Id. at 9. The TTAB concluded that this proactivity created a “rebuttable presumption that opposer did not intend to deceive the Office.” Id. at 10. As a result, there was at least a genuine issue of material fact with respect to the intent to commit fraud, and that the registrations could not be cancelled on a motion for summary judgment. Id.

This analysis supports the TTAB’s jurisprudence in at least two prior cases:

* Grand Canyon West Ranch, LLC v. Hualapai Tribe, Opposition No. 91162008, 78 USPQ2d 1696 (TTAB Mar. 17, 2006) [precedential]: TTAB held that amendment to the description of goods/services to remove items based on non-use, if submitted prior to registration and in the absence of any allegation of fraud, could moot a claim of fraud on the PTO; and

* University Games Corp. v. 20Q.net Inc., Opposition Nos. 91168142 and 91170668, 87 USPQ2d 1465 (TTAB May 2, 2008) [precedential]: TTAB held that correcting a false statement during ex parte prosecution creates a rebuttable presumption that the Applicant did not have the requisite willful intent to deceive the PTO.

ANALYSIS

During a recent PBI conference in Philadelphia at which one of the topics of discussion was the Medinol fraud standard, the panel and participants discussed the possibility of re-evaluating an entire portfolio of trademarks owned by a particular registrant and requesting amendment where appropriate to eliminate those goods or services on which the mark is no longer – or has never been – used in commerce.

The Zanella opinion suggests that this proactivity is a good idea. Pivotal to the TTAB’s acceptance of this modification attempt was the fact that no opposition or petition to cancel was pending at the time that the request to amend was filed. Thus, there was no active dispute that the Registrant was attempting to moot by filing an amendment. The TTAB is typically unimpressed when the Registrant’s attempts to modify occur only after a counterclaim is filed seeking cancellation of the registration(s) at issue based on fraud. See Medinol Ltd. v. Neuro Vasx, Inc., Cancellation No. 92040535, 67 USPQ2d 1205 (TTAB May 13, 2003) [precedential] (request for partial cancellation in response to counterclaim was denied; registration was cancelled); see also Sierra Sunrise Vineyards v. Montelvini S.p.A, Cancellation No. 92048154 (TTAB Sept. 10, 2008) [not precedential] (motion to amend during the pendency of the cancellation proceeding was denied; registration was cancelled); J.E.M. International Inc. v. Happy Rompers Creations Corp., Cancellation No. 92043073, 74 USPQ2d 1526 (TTAB Feb. 10, 2005) [not precedential] (motion to amend description in response to counterclaim was denied; registration was cancelled).

Another proposal floated during the conference was re-applying for critical trademarks in classes that are very narrowly defined. Depending on the size of the trademark portfolios, however, this effort is potentially very expensive and time-consuming.

The fact that registrants and their counsel are even considering such expensive protective efforts suggests that the Medinol line of cases creates an artificially severe penalty for inadvertence or even carelessness in the monitoring of their trademark portfolios. Clearly, the PTO has an interest in eliminating such careless application practice, but this line of cases resembles more the attempt to “peel a grape with an axe” (in the words of one of my favorite Philadelphia judges) than to cure pure fraud.

On February 20, 2009, the Trademark Public Advisory Committee (“TPAC”) held a public webcast in which the topic of the Medinol line of cases was raised and participants complained about the Draconian nature of the punishment (i.e., cancellation of sometimes long-standing registrations) for concededly careless submissions of renewal declarations. Transcript at 137-42.

One of the members of TPAC, James H. Johnson, Jr., explained the complexity of the issue and suggested that the TTAB find a middle ground between “a death penalty and a traffic ticket.” Transcript at 140. Below is an excerpt of his remarks:

“It still remains to be seen and there's still concern about being accused of fraud by the U.S. Government for a misstatement in the identification of goods. And if I were ever in that position, I don't know if I would -- I would have to decide whether I would want to report it to my client or just make a run for it. That would be a very serious, serious allegation and so the question that we have on TPAC and from other members of the Trademark community is whether the characterization of that behavior, that mistake, as fraud is the appropriate description and whether the remedy of canceling the registration is the appropriate remedy.

“We, of course, all share in your desire and the Trademark Office's desire to promote the integrity of the register. No body -- I mean it helps everyone to assess the risk in adopting marks and to get a clearer picture of what the situation is. But there is a difference between a death penalty and a parking ticket and that's what we're wrestling with.

“So what we hope to do is put together some options for looking at the issue to try to address -- to balance. Creating an incentive for people to correctly state what they're using the mark on, to be careful about that, but not creating a situation where the behavior may be mischaracterized or, you know, what is the gravity of this; how should that be addressed.”

* * *

“I invite the people who are listening to this program to give us input and guidance on this issue; how should we address, how should we resolve and balance the desire to have a register that fully reflects accurately what's going on with the Trademark, that discourages sloppiness with regard to filing applications.

“At the same time, provides the appropriate remedy for people who make a mistake. Is it as simple as you pay a fee for the cost of amending the registration to make it -- to reflect the truth or do you do something else? I don't know. There's probably some mid ground or some appropriate thing but that's what we're wrestling with and we're hoping to make some significant progress in the next few months and maybe by the next meeting have some proposals for you, if not before then, to consider, to think about, as what the Board can do and what the Trademark Office can do to address this increasingly important issue.”

Transcript at 139-42. It will be very interesting to see where future decisions considering allegations of fraud on the PTO as justification for cancellation of a registration will fall. It may be that the TTAB continues to find reasons (a.k.a. loopholes) why Medinol simply does not apply and therefore that cancellation is not required in a particular case – as it did in the Zanella case.

BACKGROUND ON MEDINOL JURISPRUDENCE

In 2003, the TTAB issued a precedential opinion clarifying the requirement that a trademark must be used, and continue to be used, in connection with all of the goods or services at issue. Medinol Ltd. v. Neuro Vasx, Inc., Cancellation No. 92040535, 67 USPQ2d 1205 (TTAB May 13, 2003). Ruling on Medinol’s summary judgment motion, the TTAB concluded that the Registrant (Neuro Vasx, Inc.) committed fraud when it alleged actual use as to “medical devices, namely, neurological stents and catheters” in its Statement of Use, when it knew or should have known that it was not using its trademark in connection with stents. Id. at 1209-10. Neuro Vasx conceded that it did not use the mark in connection with stents, and requested partial cancellation of its registration by deleting the term “stents” from the description of goods. It explained that it “apparently overlooked” the fact that it had included “stents” in its Statement of Use and denied Medinol’s allegation that including “stents” in the description was the result of any fraudulent intent.

The TTAB was unpersuaded. Although the TTAB acknowledged that Neuro Vasx denied any fraudulent intent, the TTAB observed that, “[t]he appropriate inquiry is … not into the registrant’s subjective intent, but rather into the objective manifestations of that intent.” Id. The TTAB found it significant that Neuro Vasx signed its Statement of Use under penalty of perjury, including “fine or imprisonment, or both, … and [knowing] that such willful false statements may jeopardize the validity of the application or any resulting registration.” Id.

On this basis, the TTAB admonished that “[s]tatements made with such degree of solemnity clearly are – or should be – investigated thoroughly prior to signature and submission to the USPTO.” Id. Accordingly, “[Neuro Vasx’s] knowledge that its mark was not in use on stents – or its reckless disregard for the truth – is all that is required to establish intent to commit fraud in the procurement of a registration.” Id. at 1210. Finally, the TTAB explained that no disputed issues of fact had been raised, and granted summary judgment in favor of Medinol on the issue of fraud. In a subsequent decision, the TTAB determined that Medinol had standing to bring the cancellation action and ordered that the registration of the mark NEUROVASX be cancelled.

Post-Medinol Cancellation Decisions

Since 2003, Medinol has become pivotal precedent in trademark application prosecution, and applicants need to be aware of the potential risk of cancellation or refusal that they face if they: 1) fail to use the mark in connection with all of the goods or services cited in the application; or 2) fail to remove specific goods or services on which they do not use the mark in question when filing any supplemental statement, including Statements of Use, Amendments to Allege Use or Declarations of Continued Use.

After Medinol, the TTAB has found the following defenses to an allegation of fraud on the PTO as invalid and insufficient to avoid cancellation:

* Failing to understand the USPTO’s requirement that the registrant must demonstrate actual use of the mark on all of the identified goods (Sierra Sunrise Vineyards v. Montelvini S.p.A, Cancellation No. 92048154 (TTAB Sept. 10, 2008) [not precedential])

* Relying on suspected “cultural differences” regarding the relationship of wine to other alcoholic beverages (Sierra Sunrise Vineyards)

* Relying on the advice of counsel – both counsel and applicant have duties to inquire about the scope of use of the mark (Herbaceuticals, Inc. v. Xel Herbaceuticals, Inc., Cancellation No. 92045172, 86 USPQ2d 1572 (TTAB Mar. 7, 2008) [precedential])

* Contending that Statements of Use are divisible into sworn and unsworn portions (Herbaceuticals)

* Asserting that the meaning of the phrase “all goods and/or services” in the body of the Statement of Use means something different from the phrase “the goods/services” in the supporting declaration (Herbaceuticals)

* Maintaining that particular goods or services were added only by Examiner’s Amendment and based on a misunderstanding of USPTO procedures (Grand Canyon West Ranch, LLC v. Hualapai Tribe, Opposition No. 91162008, 78 USPQ2d 1696 (TTAB Mar. 17, 2006) [precedential])

* Misunderstanding the requirements of the Trademark Act (Hacehette Filipacchi Presse v. Elle Belle, LLC, Cancellation No. 92042991, 85 USPQ2d 1090 (TTAB Apr. 9, 2007) [precedential])

* Having an insufficient understanding of the English language (Hachette)

* Considering shipping of products for repair purposes as “use” – which is insufficient to demonstrate “use” in commerce (Bose Corp. v. Hexawave, Inc., Opposition No. 91157315, 88 USPQ2d 1332 (TTAB Nov. 6, 2007) [not precedential])

* Misunderstanding the requirements under the Trademark Act, acting in good faith, and the poor health of Applicant were deemed (collectively) insufficient to avoid final refusal to register based on allegation of fraud (Hurley Int’l LLC v. Volta, Opposition No. 91158304, 82 USPQ2d 1339 (TTAB Jan. 23, 2007) [precedential])

* Lacking a proper understanding of the phrase “use in commerce” (Standard Knitting, Ltd. v. Toyota Jidosha Kabushiki Kaisha, Opposition No. 91116242, 77 USPQ2d 1917 (TTAB Jan. 10, 2006) [precedential])

* Relying on one-time giveaway of 25 product samples five years prior to filing the application as sufficient to demonstrate “use” in commerce (Sinclair Oil Corp. v. Kendrick, Opposition No. 91152940, 85 USPQ2d 1032 (TTAB June 6, 2007) [precedential])

* Failing to understand the legal significance of statements in a Section 8 Declaration (Jimlar Corp. v. Montrexport S.P.A., Cancellation No. 92032471 (TTAB June 4, 2004) [not precedential])

* Arguing that the registrant was using its mark in connection with “goods” identified in the Statement of Use as opposed to “the goods” identified in the Statement of Use (Nougat London Ltd. v. Garber, Cancellation No. 92040460 (TTAB May 14, 2003) [not precedential]); and

* Lacking counsel and misunderstanding of requirements for use-based application (Tequila Cazadores, S.A. De C.V. v. Tequila Centinela S.A. De C.V., Opposition No. 91125436 (TTAB Feb. 24, 2004) [not precedential]).

Tuesday, May 12, 2009

Newly Introduced Bill Proposes Chief Privacy Officer for Health Information Technology (i.e., Electronic Medical Records)

On February 13, 2009 – four days before the Stimulus Bill was enacted by President Obama – Senator Sheldon Whitehouse (D-Rhode Island) introduced Senate Bill 444, entitled “National Health Information Technology and Privacy Advancement Act of 2009.” This Bill follows on the heels of both HIPAA’s Privacy Rule (45 CFR Parts 160 and 164, Subparts A and E) and certain amendments in the Stimulus Bill (enacted on February 17, 2009 as Public Law No. 111-5) in that it provides specific detail about how the health information technology system would be created.

Among other things, this Act proposes the creation of a Corporation to coordinate the activities of various federal agencies and to effectuate the creation of a national program for health information technology. (Section 5.) The corporation would be required to be incorporated, within 180 days of the enactment of the Bill, by nine individuals whose skills and background are specified in the Act. (Id.)

Of particular interest in this Bill is the identification of a Chief Privacy Officer, along with a detailed specification of duties. (Section 5(d)(1).) Although the Stimulus Act provided that a Chief Privacy Officer be appointed within 12 months after the enactment of the Stimulus Act (i.e., by February 2010), the duties ascribed to this CPO were vague: “to advise the National Coordinator on privacy, security, and data stewardship of electronic health information and to coordinate with other Federal agencies (and similar privacy officers in such agencies), with State and regional efforts, and with foreign countries with regard to the privacy, security, and data stewardship of electronic individually identifiable health information.” (Pub. L. No. 111-5 § 3001(e).)

In contrast, S. 444 provides more substantial detail about the duties of this Chief Privacy Officer: (i) “ensure that the use of technologies by the corporation sustain, and do not erode, privacy protections relating to the use, collection, and disclosure of personal information;” (ii) ensure that all personal information kept in the system is maintained as required by the Privacy Act of 1974; (iii) “evaluate legislative and regulatory proposals involving the collection, use, and disclosure of personal information by the Federal Government;” (iv) report on proposed rules and procedures of the corporation, including the type of information collected and the number of people affected; and (v) provide an annual report to Congress on the corporation’s activities affecting privacy. (Section 5(d)(1)(B).) The corporation is only supposed to exist for ten years. (Section 5(h).)

This corporation – and implicitly the Chief Privacy Officer as the operating head of the corporation – would operate a national health information technology and privacy system and would be the gatekeeper to the data held in the system. The Bill contemplates that the corporation would provide data access both to individuals and to “authorized providers and payers of health care services” – as well as determine the rules for accessing the non-personally identifiable information in the system. (Section 5(f)(1)(B) and (C).)

Impact

Currently, individual providers and health plans maintain their own sets of their patient’s medical records. If one wanted a copy of his or her medical records from his or her family doctor, he or she could obtain a copy from the doctor. Hospital records are similarly kept by the hospitals. Each of these providers can also set up relationships with data repository centers (known as “business associates” under HIPAA) to manage the protected health information (PHI) of their patients. This system allows them to forward to an outside administrative organization any requests for access to a particular patient’s record – and thereby reduce some of the administrative burden of maintaining electronic medical records on the actual provider.

Both the Stimulus Act and this Bill (and perhaps others) contemplate the collection of these data on a national level, in a central repository. HIPAA’s Privacy Rule is apparently unaffected – “This title may not be construed as having any effect on the authorities of the Secretary [of Health and Human Services] under HIPAA privacy and security law.” (Pub. L. No. 111-5 § 3009(a)(1).) As a result, the national repository would similarly be required to keep as sacrosanct an individual’s personally identifiable information. Still, it’s a national repository – a centralized collection of all of the medical data relating to a particular individual.

The Bill was read twice and referred to the Senate Committee on Health, Education, Labor, and Pensions. See current status. It remains to be see whether this Bill will see any further action in Congress. Given the heightened interest in creating centralized electronic medical records, however, it is likely that a bill of this type, providing the administrative structure to implement the requirements of the Stimulus Bill, would indeed be enacted in the near future.

Friday, May 8, 2009

Newly Introduced Bill Would Require Shutter Sounds in Camera Phones

On January 9, 2009, Representative Pete King (R-New York) proposed H.R. 414 (Camera Phone Predator Alert Act), which requires camera phones to be manufactured in a way that broadcasts the shutter sound a "reasonable" distance when a user takes a picture. According to the findings within the Bill, “Congress finds that children and adolescents have been exploited by photographs taken in dressing rooms and public places with the use of a camera phone.” Section 2.

The Bill does not contain any definitions or standards, and seems to grandfather all existing phones already on the market. Indeed, the sound requirement would only be applied one year after the effective date of the Bill, should it be enacted. Specifically, the Bill requires that all camera phones manufactured after that date may not have any means for the user to disable sound. The applicable “sound” is defined rather generically: “a tone or other sound audible within a reasonable radius of the phone.” Section 3.

The Bill provides for enforcement by the Consumer Product Safety Commission, with civil penalties set forth in 15 U.S.C. § 2069. It is unclear whether this Bill, if enacted, would provide for any private right of action (say, by the person whose picture was taken using a soundless camera phone manufactured after the effective date).

This may also have a minor impact in preventing piracy in the copyright world, since it is quite easy to snap a picture using your camera phone in a museum or other private location of artwork that is presumably protected by copyright. If the sound on your phone is turned off, and if the flash does not activate, it’s possible that no one would know that you made a “copy” of a copyrighted work, perhaps in violation of the Copyright Act. (Taking a picture alone does not automatically result in a finding of copyright infringement – there are substantial factual inquiries that must be made before such a finding occurs.)

Oddly, Rep. Pete King’s press releases web site makes no mention of his introduction of this Bill – although it does reference other Bills that he has introduced or supported. According to Thomas, the Bill was read into the Record when it was introduced and has been referred to the House Committee on Energy and Commerce.