E-Commerce Law Week, Issue 381

Supreme Court to Decide Whether Injunctions Should Be Standard Remedy for Patent Infringement, Absent Exceptional Circumstances
When a jury finds that a patent has been infringed, should there be a presumption in favor of injunctive relief absent exceptional circumstances?  Or should courts instead weigh traditional equitable factors (such as whether the plaintiff would face irreparable injury without an injunction, whether damages would provide adequate remedy, the public interest, and the balance of hardships) before granting an injunction, as in non-patent cases?  The Supreme Court on November 28 agreed to decide this question in a case involving alleged patent infringement by eBay, eBay Inc. v. MercExchange, L.L.C. (No. 05-130), and its answer could have a huge impact on technology companies.  If the Court affirms that patent injunctions should be the presumptive norm, as it has indicated in the past, it could raise the stakes of patent infringement suits considerably, threatening to drive technology companies out of business if they don't settle on plaintiffs' terms, even in cases where the legitimacy of the underlying patent is still in question or monetary damages might provide adequate compensation. 

Unauthorized Use of Password To View Website Is Not "Circumvention" of Technological Measure Under DMCA
Suppose someone finds that Post-it note in your desk with the password to the novel you're secretly writing on your computer and steals your masterpiece.  Has that person violated the Digital Millenium Copyright Act (DMCA) by "circumventing" the "technological measure" you employed to protect copyrighted work?  OK, so we can't all be John Grisham.  So suppose instead that a company gains access to the username and password an employee uses to control access to a website in which he has been airing gripes about the company, and based on what it finds, the company fires the employee.  Has the company violated the DMCA?  According to a recent decision by the US District Court for the District of Columbia in Egilman v. Keller & Heckman, LLP, the answer is no, because unauthorized use of a valid username and password to gain access to copyright-protected material does not constitute "circumvention" of a technological measure within the meaning of the DMCA.   

Senate Bill Promises to Bring Health Care Into the Information Age (Finally)
Lawyers and doctors share two things:  bad handwriting and a reputation for technophobia.  But while the legal profession in recent years has actually become fairly sophisticated at using information technology for litigation support, firm communication and management, and record keeping, the medical profession has largely missed the IT revolution.  Chicken-scratched prescriptions and paper records stored in filing cabinets are still the norm.  But change may finally be on the way.  On November 18, the Senate approved, by unanimous consent, the Wired for Health Care Quality Act (S. 1418).  The goal of this bill is to encourage widespread use of electronic health records in both the public and private health care sectors and create a nationwide health information network. The hope is that electronic records will create a paperless medical environment, reduce errors, lower costs and provide better health care to the American public.  The bill also seeks to improve health technology by developing interoperability and quality standards; establishing a public/private entity to oversee the standards; ensuring that privacy and security of health information is maintained; and authorizing a National Coordinator for Health IT (a position President Bush created by Executive Order in 2004).  This could open up a big new market for hardware and software vendors, as well as for companies in the security service arena.

European Legal Minefield for SOX Whistleblower Programs
Every so often unexploded ordnance from as far back as World War I is discovered in Europe, particularly in France.  But for companies in Europe -- especially those that are subject to the US Sarbanes-Oxley Act ("SOX") -- a more dangerous minefield appears to be the legal one that is emerging from the conflict between SOX whistleblower obligations and European data protection law.  And (sacré bleu!) again the problem is most acute in France.  The Commission Nationale de l’Informatique et des Libertés, the French data protection authority, has just released guidelines on the implementation of whistleblower reporting hotlines in France ("Guidelines").  Combined with a court decision in Germany earlier this year regarding the interaction of works councils and whistleblower hotlines, the Guidelines create a very confusing European legal environment for whistleblower programs.  It now appears that European Union authorities will also jump into the controversy, and that the issue is also likely to spread to other European countries.

EU Institutions Finally Move Towards Agreement on Data Retention
The byzantine debates over retention of telecommunications traffic data in the EU took a significant turn on November 24, when the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament voted to approve the European Commission's draft directive on data retention.  The Commission proposed this directive in late September, as an alternative to an EU Council of Ministers proposal on the same subject that has been mooted for the past 18 months and appears to have stolen the march on the Council's proposal.  Although further debate is ahead -- the Civil Liberties Committee has proposed changes to the directive that will now be considered (and likely rejected in significant part) by the Council -- it now appears that the main EU institutions have coalesced around a single text on data retention.  The fact that the Council will now be debating the Commission's proposal effectively relegates the Council proposal to the legislative scrap heap.  As a result, we believe that adoption of an EU data retention directive during 2006 (with implementation some time thereafter) is now a real possibility.  Member states that seek longer retention periods will likely make their views known when the Council considers the directive.  Accordingly, it may be time for European providers of electronic communications services to start thinking seriously about what their obligations under the proposed directive would be, and how those obligations might be fulfilled.

Questions and comments about E-Commerce Law Week are always welcome.  Please send your feedback to Sally Albertazzie.