12/23. The Department of Justice's (DOJ) Antitrust Division's closed its investigation of Pressplay and MusicNet, two joint ventures formed by music companies to distribute music over the internet. See, DOJ release.

Pressplay was formed as a joint venture of Sony Music Entertainment and Universal Music Group. Subsequently, Roxio acquired Pressplay, as well as the Napster trademark. See, Roxio release of May 19, 2003. The music distribution business now goes by the name Napster 2.0.

MusicNet is a joint venture of Warner Music Group, EMI Group, BMG Music, and RealNetworks.

The DOJ stated in its release that "The digital music world has changed dramatically since the Division opened its investigation in the summer of 2001. In significant part as a result of that change -- most notably the emergence of new competitors and Sony's and Universal's sales of their controlling interests in pressplay -- the concerns that led the Division to open its investigation have now diminished or disappeared. Consumers can now download individual songs from a growing number of competing digital music suppliers, each of which offers songs from the music catalogs of all five of the major record labels. Consumers also have their choice of subscription-based music services that, for a monthly fee, allow subscribers to browse hundreds of thousands of songs, to listen to "streams" of an unlimited number of songs of their choice, and to download the particular songs they want to ``burn´´ to compact discs or transfer to portable devices."

Hewitt Pate (at right), Assistant Attorney General in charge of the Antitrust Division, stated that the investigation "uncovered no evidence that the major record labels' joint ventures have harmed competition or consumers of digital music. Consumers now have available to them an increasing variety of authorized outlets from which they can purchase digital music, and consumers are using those services in growing numbers."

Pate added that "None of the several theories of competitive harm that the Division considered were ultimately supported by the facts. The Division found no impermissible coordination among the record labels as to the terms on which they would individually license their music to third-party services. The development of the digital music marketplace similarly belies any concerns that the record labels used their joint ventures to stifle the development of the Internet music marketplace and to protect their present positions in the promotion and distribution of prerecorded music in physical form."

12/19. The Federal Trade Commission (FTC) filed a complaint [9 pages in PDF] in U.S. District Court (SDNY) against Domain Registry of America, Inc. alleging misrepresentation and failure to disclose material information in connection with its marketing of domain name services, in violation of the Section 5 of the Federal Trade Commission Act. The complaint also alleges violations of the Truth in Lending Act.

The FTC and DRAI also entered into and filed a Stipulated Final Judgment and Order for Permanent Injunction and Consumer Redress [17 pages in PDF].

The complaint alleges that "In the course of advertising, marketing, promoting, offering for sale, and selling domain name services, in numerous instances, defendant represents, expressly or by implication, that consumers who receive defendant's renewal notice/invoice are current customers of defendant and that by replying to defendant’s renewal notice/invoice, consumers will ``renew´´ their domain registration with defendant."

The complaint continues that "In truth and in fact, consumers who receive this renewal notice/invoice are not current customers of defendant and by replying to defendant’s renewal notice/invoice, consumers will not ``renew´´ their domain registration with defendant, but instead transfer their domain registration to defendant." This, the complaint alleges, is a deceptive act or practice in violation of the Section 5 of the FTC Act, which is codified at 15 U.S.C. § 45(a).

The Stipulated Final Judgment enjoins DRAI from making "any false or misleading statement or representation of material fact, including but not limited to any representation that the transfer of a domain name registration is a renewal". It also requires DRAI to pay consumer redress. See also, FTC release.

This case is FTC v. Domain Registry of America, Inc., U.S. District Court for the Southern District of New York, D.C. No. 03-CV-10075.

12/24. The Electronic Privacy Information Center (EPIC) published in its web site a document [PDF] titled "Palladium", by Michael Aday, Senior Program Manager, Windows Trusted Platform Technologies, Microsoft Corporation. The EPIC states that Palladium's unique machine identifiers raises privacy issues.

Microsoft no longer uses the term "Palladium" or "Pd". It uses the phrase "Next-Generation Secure Computing Base for Windows". But, whatever it is called, it is a forthcoming set of security oriented capabilities in the Windows operating system.

Microsoft wrote in its web site in 2002 that "``Palladium´´ is the code name for an evolutionary set of features for the Microsoft Windows operating system. When combined with a new breed of hardware and applications, ``Palladium´´ gives individuals and groups of users greater data security, personal privacy and system integrity. Designed to work side-by-side with the existing functionality of Windows, this significant evolution of the personal computer platform will introduce a level of security that meets the rising customer requirements for data protection, integrity and distributed collaboration." See, Microsoft overview.

The EPIC obtained the document from the National Institute of Standards and Technology (NIST) in response to a request made pursuant to the Freedom of Information Act (FOIA). The Computer Security Division is a part of the NIST.

The document just published by the EPIC appears to be a lecture or presentation outline. It is undated, but contains a 2002 copyright notice.

It states that "Palladium systems will provide the means to protect user privacy better than any operating system does today."

This 2002 document states that "Palladium will be designed as an opt-in system", "All Pd programs can be run only if authorized by user", and "User information is not a requirement for Palladium to work."

It also states that one of its applications is "DRM", or digital rights management.

It then lists several policy issues, including privacy. It states that "Since the Pd RSA key pair is unique to the platform, what steps should we take to defend against traffic analysis of user behavior?"

It adds that "Palladium uses at least two sets of unique hardware keys (one AES key, one RSA key pair)". (Parentheses in original.) AES is the NIST/CSD Advanced Encryption Standard. RSA is an encryption standard invented in 1978 by Ron Rivest, Adi Shamir, and Leonard Adleman.

It then states that this is "Essentially equivalent to unique machine identifiers", but adds that "this is the only way to keep your stuff safe!"

It also points out that while Palladium uses a unique AES key, and a unique RSA key, both are "Opt-in", meaning that "user designates what software can access functions". It also states that "only one export of RSA public key is allowed per power cycle"

The EPIC wrote in its web site that this document describes "Palladium's applications for Digital Rights Management and note that the technology embeds ``unique machine identifiers,´´ thus raising risks that user behavior may be subject to traffic analysis. Issues raised by Palladium, which is now known as the Next Generation Secure Computing Base, are similar to privacy problems with the controversial Intel Pentium Serial Number."

See also, the EPIC Palladium web page.

12/17. A grand jury of the U.S. District Court (EDCal) returned an indictment charging Darryl Scott Poll and Carlo Mireles with various federal crimes in connection with a cable piracy scheme. The thirteen count indictment charges conspiracy to assist in the unlawful interception and reception of communications services offered over a cable system and to commit mail fraud, mail fraud, assisting in the unlawful interception and reception of communications services offered over a cable system, and conspiracy to commit money laundering. The U.S. Attorneys Office stated in a release [PDF] that the scheme "resulted in the sale and distribution of approximately fifty thousand cable descramblers designed to illicitly obtain cable programming, and that resulted in gross sales of over $10 million."

12/18. Daniel Jeremy Baas pled guilty in U.S. District Court (SDOhio) to a one-count information charging him with exceeding authorized access to a protected computer and obtaining information, in violation of 18 U.S.C. §§ 1030(a)(2) and (c)(2)(B)(iii), in connection with his theft of data from Acxiom, a company that manages customer information for credit card issuers, banks, automotive manufacturers, retailers and others. See, DOJ release.

12/23. The Federal Bureau of Investigation (FBI) changed the name of its Internet Fraud Complaint Center to Internet Crime Complaint Center. See, FBI release.

12/23. The Federal Communications Commission's (FCC) Enforcement Bureau (EB) debarred John Angelides and Oscar Alvarez of Connect2 Internet Networks, Inc., from the schools and libraries universal service support mechanism for a period of three years, pursuant to 47 C.F.R. §§ 0.111(a)(14) and 54.521. See, letter to Alvarez [PDF] and letter to Angelides [PDF].

12/23. The Federal Trade Commission (FTC) announced that the FTC and other government agencies will publish a notice requesting comments on whether these agencies agencies should consider amending existing regulations that implement sections 502 and 503 of the Gramm Leach Bliley Act (GLB) to allow or require financial institutions to provide alternative types of privacy notices.

The FTC wrote in a release that "Section 503 of the GLB Act requires financial institutions to provide a notice to each customer that describes the institution’s policies and practices regarding the disclosure to third parties of nonpublic personal information. In 2000, the agencies published consistent final regulations that implement these provisions, including sample clauses that institutions may use in privacy notices. However, the regulations do not prescribe any specific format or standardized wording for privacy notices."

The FTC added that "The agencies do not propose the adoption of any specific action at this time to improve privacy notices. Instead, the agencies request input on what approaches would be most useful to consumers while taking into consideration the burden on financial institutions."

The FTC also published in its website a draft [PDF] of the notice to be published in the Federal Register.

The agencies involved are the Board of Governors of the Federal Reserve System, Commodity Futures Trading Commission (CFTC), Federal Deposit Insurance Corporation (FDIC), Federal Trade Commission (FTC), National Credit Union Administration, Office of the Comptroller of the Currency, Office of Thrift Supervision, and the Securities and Exchange Commission (SEC).

Comments will be due 90 after publication in the Federal Register. The notice had not been published in the Federal Register as of December 24. (The Federal Register was not published on December 25 or 26.) The FTC stated that the notice is "expected in early January".

12/26. President Bush made several recess appointments, which will be effective until the next Congress convenes in January of 2005. He nominated Clark Kent Ervin to be Inspector General of the Department of Homeland Security. He previously nominated Ervin on January 10, 2003, but the Senate did not confirm or reject his nomination. See, White House release.

12/23. Eileen Powell was named Chief Financial Officer of the Internal Revenue Service (IRS). See, IRS release.

12/23. Eleven new members were selected for the Internal Revenue Service's (IRS) Internal Revenue Service Advisory Council (IRSAC). The list includes Kenneth Nirenberg, a senior software developer for Intuit. See, IRS release. The IRS also announced the appointment of eight new members to its Information Reporting Program Advisory Committee (IRPAC). See, IRS release.

12/22. The Treasury Department announced that it has issued final regulations for the research credit. See, Treasury release.

12/24. The Library of Congress published a notice in the Federal Register announcing alternative methods for
the filing of claims to the digital audio recording devices and media (DART) royalty funds for the year 2003. See, Federal Register, December 24, 2003, Vol. 68, No. 247, at Pages 74481 - 74483.

12/24. The U.S. Patent and Trademark Office (USPTO) published a notice in the Federal Register stating that it has adopted a final rule "extending, until November 2, 2004, a temporary postponement of those provisions of the Trademark Rules of Practice that require electronic transmission to the USPTO of applications for international registration, responses to irregularity notices, and subsequent designations submitted pursuant to the Madrid Protocol. The postponement was announced most recently in a document published in the Federal Register on November 7, 2003." The notice adds that "The USPTO is also extending a temporary suspension, announced in the same Federal Register document, of those provisions of the Rules of Practice that allow payment of fees charged by the International Bureau of the World Intellectual Property Organization (IB) to be submitted through the USPTO, and those provisions of the Trademark Rules of Practice that require that all fees for international trademark applications and subsequent designations be paid at the time of filing." See, Federal Register, December 24, 2003, Vol. 68, No. 247, at Pages 74479 - 74481. See, also notice in the Federal Register, November 7, 2003, Vol. 68, No. 216, at Pages 63019 - 63021.

12/19. Alfred Kahn wrote a report titled "Lessons from Deregulation: Telecommunications and Airlines after the Crunch". The 88 page report is on sale for $17.00 by the Brookings Institute.

The House is in adjournment.

The Senate is in adjournment. (It will convene on January 20, 2004.)

The Supreme Court is in recess. (It will return on January 12, 2004.)

Deadline to submit comments to the Federal Communications Commission (FCC) regarding its notice of proposed rulemaking (NPRM) pertaining to promoting spectrum based services in rural areas. See, notice in the Federal Register summarizing this NPRM, and story titled "FCC Announces NPRM Regarding Regulations Affecting the Use of Spectrum in Rural Areas" in TLJ Daily E-Mail Alert No. 739, September 15, 2003. This NPRM is FCC 03-222 in WT Docket Nos. 02-381, 01-14, and 03-202. The FCC adopted this NPRM on September 10, 2003, and released it on October 6, 2003. See, Federal Register, November 12, 2003, Vol. 68, No. 218, at Pages 64050-64072.

Deadline to submit a paper or panel proposal for the National Institute of Standards and Technology's (NIST) Spam Technology Workshop to be held on February 27, 2004. For more information, contact Joan Hash at 301 975-3357. See, notice in the Federal Register, November 25, 2003, Vol. 68, No. 227, at Pages 66075 - 66076.

News Years Day.

The Federal Communications Commission's (FCC) new broadcast flag mandate takes effect. The FCC announced and released its Report and Order Further Notice of Proposed Rulemaking [72 pages in PDF] on November 4, 2003. This item is FCC 03-273 in MB Docket 02-230. See, notice in the Federal Register (December 3, 2003, Vol. 68, No. 232, at Pages 67599 - 67607) summarizing and stating the effective date of these rules. For more information, contact Rick Chessen rchessen@fcc.gov or Susan Mort at smort@fcc.gov or 202-418-7200. See also, stories titled "FCC Releases Broadcast Flag Rule" in TLJ Daily E-Mail Alert No. 772, November 5, 2003; and "FCC Publishes Notices Regarding Broadcast Flag Proceeding" in TLJ Daily E-Mail Alert No. 794, December 8, 2003.

Deadline to submit initial comments to the Federal Communications Commission (FCC) in response to its Report and Order and Further Notice of Proposed Rulemaking [198 pages in PDF] in it proceeding titled "In the Matter of Promoting Efficient Use of Spectrum Through Elimination of Barriers to the Development of Secondary Markets". The FCC adopted this item on May 15, 2003, but did not release it until October 7, 2003. This is FCC 03-113 in WT Docket No. 00-230. See, TLJ story titled "FCC Adopts Order Allowing Some Secondary Leasing of Spectrum", May 15, 2003, and story titled "FCC Finally Releases R&O and FNPRM in Secondary Spectrum Markets Proceeding" in TLJ Daily E-Mail Alert No. 755, October 8, 2003.

Deadline to submit comments to the U.S. Patent and Trademark Office (USPTO) regarding its proposed rule changes regarding revision of patent term extension and patent term adjustment provisions related to decisions by the Board of Patent Appeals and Interferences. See, notice in the Federal Register, December 4, 2003, Vol. 68, No. 233, at Pages 67818 - 67821.

Deadline to submit comments to the Office of the U.S. Trade Representative (USTR) regarding the operation and effectiveness of, and the implementation of and compliance with, the World Trade Organization (WTO) Basic Telecommunications Agreement, other WTO agreements affecting market opportunities for U.S. telecommunications products and services, the telecommunications provisions of the North American Free Trade Agreement (NAFTA), Chile FTA and Singapore FTA, and other telecommunications trade agreements. See, notice in the Federal Register, December 8, 2003, Vol. 68, No. 235, at Pages 68444 - 68445.