E-Commerce Law Week, Issue 363

Michael Vatis Joins Steptoe's eTeam
Randy, Paula, and Simon didn't weigh in, nor did millions of Americans vote, but the next star of the eTeam has been named.  We're happy to announce that Michael Vatis has joined Steptoe & Johnson LLP, resident in our New York Office.  Michael was the founding director of the US National Infrastructure Protection Center, and he previously served as associate deputy general and deputy director of the Executive Office for National Security at the US Department of Justice.  More recently, he served as Director of the Institute for Security Technology Studies at Dartmouth College and as Director of the Markle Task Force on National Security in the Information Age.  For the past several years, Michael has been advising businesses, government agencies, universities, and non-profit organizations on counterterrorism, security, intelligence, and privacy issues.

Michael was with Steptoe once before.  He was a summer associate in our Washington office nearly 20 years ago.  It took him awhile, but he finally found his way home.  And we couldn't be more pleased.

UN vs US: Who Should Run the Internet?
On July 14, the United Nations Working Group on Internet Governance (WGIG), comprising 40 representatives from a diverse group of countries, released a report that provides proposals to improve current Internet governance arrangements and sets priorities for future action.  The report criticizes US dominance in setting Internet policy, and concludes that there is a “vacuum within the context of existing structures.”  It therefore recommends the creation of a global, multi-stakeholder forum to address Internet-related public policy issues.  The report states that such a forum “should preferably be linked to the United Nations, in a form to be defined,” and that it should allow for the equal participation of stakeholders from developing and developed countries.  Among other things, the forum would “identify emerging issues,” bring them to the attention of the appropriate bodies, and make recommendations.  Aside from the idea of creating a global forum, however, WGIG members were unable to agree on a single recommendation for reorganizing the current structure of Internet governance.  Therefore, the group's report simply outlines four possible organizational models for the oversight of the Internet -- all of which adhere to the  principle that “[n]o single Government should have a pre-eminent role in relation to international Internet governance.”

Patriot Games to End With a Whimper?
On July 21, by a 257-171 vote, the US House of Representatives approved a bill that largely upholds the powers that the USA PATRIOT Act (Patriot Act) gave law enforcement in 2001.  The House bill would make permanent 14 of the 16 Patriot Act provisions that were set to expire at the end of this year.  The House bill would extend by 10 years the remaining two provisions -- section 206, which allows roving wiretaps under the Foreign Intelligence Surveillance Act, and section 215 (the so-called "library provision"), which gives the FBI access to business records and other tangible items pursuant to a court order.  The House bill also curtails the use of section 215 to obtain information from libraries and bookstores, and would give recipients of section 215 orders and of "national security letters" the ability to consult with a lawyer and bring a challenge in court -- rights that recipients arguably have now but that are not explicitly provided by statute.  The Senate also took action on the House bill -- just hours before Congress's August recess.  The Senate version echoes much of the original language of the House bill, although it would only extend the sunsets of sections 206 and 215 for four years instead of ten.

Security Breach Legislation Just Keeps on Coming
As the states wind down their legislative activity, we thought it would be a good idea to bring you up-to-date on the current status of security breach notification laws on the state level.  The US Congress took no final action on the pending federal bills -- of which there are more than a handful -- before its August recess, but committees in both the House and Senate are on the road to producing some kind of federal data security law.  Congress has a lot on its plate this fall, but with all the publicity data security breaches have gotten lately, it wouldn't be surprising if data security legislation moves before the close of this session of Congress.

Questions and comments about E-Commerce Law Week are always welcome.  Please send your feedback to Sally Albertazzie.