Y'know... Publishing tech specs may be fair use, says appeals court

Expect this one to be argued all the way to the Supremes

In a victory for those supporting open access to technical specifications, the US Court of Appeals for the District of Columbia Circuit on Tuesday vacated injunctions [PDF] that prohibited Public.Resource.Org (PRO) from publishing copyrighted technical standards online.

The appeals court reversed a partial grant of summary judgement against the non-profit organization and returned the case to the US District Court for the District of Columbia to decide whether PRO's distribution of technical standards qualifies for the fair use defense against copyright claims.

PRO, run by public domain advocate Carl Malamud, gathers and publishes various government documents to make them more easily accessible. These include rules created and copyrighted by private standards organizations that get incorporated into federal law.

An example might be the technical specifications for the power source a tank barge would need to run the cargo tank’s legally required liquid overfill protection system.

The required power source, as described in the court ruling, turns out to be "a 120-volt, 20-ampere explosion-proof plug that meets ... NFPA 70, Articles 406.9 and 501-145."

This rule was developed by the National Fire Protection Association (NFPA), a private organization, and incorporated into the National Electrical Code.

PRO purchased and uploaded hundreds of these technical standards from 2012 to 2014, in order to make the rules available to the public at no charge and to make them more accessible, through text-to-speech readers, for example.

management regulation2

US State of Georgia sues 'terrorist' for publishing its own laws ... on the internet


It was sued for intellectual property violations in mid-2013 by American Society for Testing and Materials (ASTM). When PRO refused to remove the standards docs from its website, ASTM, NFPA and ASHRAE (American Society of Heating, Refrigerating and Air-Conditioning Engineers) pressed their copyright and trademark claims (1:13-cv-01215-TSC).

Around the same time, the American Educational Research Association filed a similar lawsuit (1:14-cv-00857) after PRO published its standards for educational and psychological testing.

The district court last year sided with the standards groups and issued a partial summary judgement.

The appeals court has now undone that ruling, allowing for the possibility that PRO's publication of the specs is defensible as fair use while ducking the larger question of whether federal law can be copyrighted.

"Although PRO raises a serious constitutional concern with permitting private ownership of standards essential to understanding legal obligations, we think it best at this juncture to address only the statutory fair use issue – which may provide a full defense to some, if not all, of the SDO’s infringement claims in this case – and leave for another day the question of whether the Constitution permits copyright to persist in works incorporated by reference into law," the ruling states.

"We’re very pleased with today’s ruling, which represents a victory for the public as well as for Public Resource," said EFF Legal Director Corynne McSherry in a statement emailed to The Register. "It would thwart the purposes of copyright, not to mention due process, to allow a copyright claim to prohibit sharing the law for purely noncommercial purposes."

A similar fight between the State of Georgia and PRO has yet to be resolved. Last year, the State of Georgia won its 2015 case against PRO for publishing the state's laws online. That decision remains under appeal. ®

Similar topics

Broader topics

Other stories you might like

  • Europol arrests nine suspected of stealing 'several million' euros via phishing
    Victims lured into handing over online banking logins, police say

    Europol cops have arrested nine suspected members of a cybercrime ring involved in phishing, internet scams, and money laundering.

    The alleged crooks are believed to have stolen "several million euros" from at least "dozens of Belgian victims," according to that nation's police, which, along with the Dutch, supported the cross-border operation.

    On Tuesday, after searching 24 houses in the Netherlands, officers cuffed eight men between the ages of 25 and 36 from Amsterdam, Almere, Rotterdam, and Spijkenisse, and a 25-year-old woman from Deventer. We're told the cops seized, among other things, a firearm, designer clothing, expensive watches, and tens of thousands of euros.

    Continue reading
  • India extends deadline for compliance with infosec logging rules by 90 days
    Helpfully announced extension on deadline day

    Updated India's Ministry of Electronics and Information Technology (MeitY) and the local Computer Emergency Response Team (CERT-In) have extended the deadline for compliance with the Cyber Security Directions introduced on April 28, which were due to take effect yesterday.

    The Directions require verbose logging of users' activities on VPNs and clouds, reporting of infosec incidents within six hours of detection - even for trivial things like unusual port scanning - exclusive use of Indian network time protocol servers, and many other burdensome requirements. The Directions were purported to improve the security of local organisations, and to give CERT-In information it could use to assess threats to India. Yet the Directions allowed incident reports to be sent by fax – good ol' fax – to CERT-In, which offered no evidence it operates or would build infrastructure capable of ingesting or analyzing the millions of incident reports it would be sent by compliant organizations.

    The Directions were roundly criticized by tech lobby groups that pointed out requirements such as compelling clouds to store logs of customers' activities was futile, since clouds don't log what goes on inside resources rented by their customers. VPN providers quit India and moved their servers offshore, citing the impossibility of storing user logs when their entire business model rests on not logging user activities. VPN operators going offshore means India's government is therefore less able to influence such outfits.

    Continue reading
  • Spain, Austria not convinced location data is personal information
    Privacy group NOYB sues to get telcos to respect GDPR data access rights

    Some authorities in Europe insist that location data is not personal data as defined by the EU's General Data Protection Regulation.

    EU privacy group NOYB (None of your business), set up by privacy warrior Max "Angry Austrian" Schrems, said on Tuesday it appealed a decision of the Spanish Data Protection Authority (AEPD) to support Virgin Telco's refusal to provide the location data it has stored about a customer.

    In Spain, according to NOYB, the government still requires telcos to record the metadata of phone calls, text messages, and cell tower connections, despite Court of Justice (CJEU) decisions that prohibit data retention.

    Continue reading

Biting the hand that feeds IT © 1998–2022