ethics paper 3: patents / crime

Paper 3: Software Patents

Due: Friday, May 2 Comp 417, Dordal

Topic option 1: Are software patents a special case?

Paul Graham wrote

There's nothing special about physical [machines] that should make them patentable, and the software equivalent not.

Are there features of software patents that make them a special case in terms of patentability? The purpose of patents in general is to encourage innovation and investment in innovation, for social progress. Does this actually work for software patents?

This position is compatible with both the idea that software should be patentable, and also with the idea that nothing should be patentable; the latter argument is made in Michele Boldrin and David Levine's The Case Against Patents, and their longer work Against Intellectual Monopoly. Argue your position, and come to some sort of conclusion.

You can argue based on general principles, or on the utility of patents to specific industries.

One facet of the question is whether software patents, on the whole, are of benefit to society; if they are not, and other patents are, then you have established a distinction. Do software patents foster innovation, leading to more software ideas for everyone? For the purposes of patent law, should software be included?

Here are a few justifications that have been advanced for considering software patents to be fundamentally different:

Software is often about abstraction, and abstract ideas
Software has greater generality than physical machines
Algorithms are fundamentally mathematical facts rather than inventions
Many software "inventions" are straightforward implementations of broad ideas
Many software patents are in fact "abstract" (functional) patents, which have long been suspect
Often the "creativity" in software is simply realizing that, yes, there is a market for the product

Others have argued that the only specialness of software patents is that the patent office allegedly has difficulty conducting patent examinations for software. Still others argue that it is the existence of open source that makes software patents unique.

In the I4I v Microsoft case, an obscure patent about a data structure for holding XML tags became very expensive for Microsoft, once the data structure in question was interpreted so broadly as to cover any method of manipulating XML structure separately from data. Does this represent a fundamental problem with the use of abstraction (ie in describing data structures) in computer science? Or was this just a quirk of the judicial system?

Yet another way to address the two questions above is that, yes, Graham was right, but that software should be subject to different patent rules. If this is what you feel, propose different rules and argue for them. If your main argument is that software is indeed a special case, you may either make the case that it is so different that patents should not apply, or make the weaker argument that special patent rules should apply. If you are arguing that software is not a special case, you do not necessarily have to argue that all the rules should be the same.

Discuss both sides, and come to a conclusion. Your conclusion should either support one side or the other (perhaps with qualifications), or else it should outline some sort of "compromise" position.

If you are arguing against patents generally, please make that clear (in that case, you are probably not arguing that software is different, though you might argue that the case against software patents is stronger). If you argue against all patents, you should be sure you understand your argument's implications for, say, the pharmaceuticals industry.

Here are a few more points to think about if you need suggestions. You don't have to address them all (you don't have to address any of them):

Incentives to innovation and development
Litigation costs as a negative social side-effect
Inventor's rights
Public's rights to shared ideas
Conflicts between patented software and open source
Whether software is "too abstract" to be patentable in general (Bilski's process was held to be too abstract)
Many claimed software inventions are straightforward implementations using existing components

Topic option 2: Is Weev a Crook?

Weev here is Andrew "Weev" Auernheimer, who is currently in prison for hacking under the Computer Fraud and Abuse Act. But some (not just his defense team) have questioned whether he deserves to be there. ("Crook" here is being used broadly as a synonym for any criminal.)

What Auernheimer did was to discover that if you went to the AT&T iPad login site, it automatically showed the owner information (name and email address) already filled in. With a little digging, Auernheimer discovered that the iPad was sending AT&T its serial number, and AT&T was looking that up in its records and filling in the form from the server side. Most browser form-filling is done at the client side, by filling in values that were previously entered by the client and were in fact stored on the client. Server-side form-filling is almost never done until after an authenticated login, but AT&T did server-side form-filling before authentication.

Auernheimer then wrote a simple script to send millions of randomly chosen potential serial numbers to AT&T. When the random number matched a real serial number, back would come a real user name and that user's email address. Auernheimer was thus able to collect a large number of email addresses.

Was Auernheimer's action a criminal act? Was it "unauthorized access" according to the Computer Fraud and Abuse Act? The trial judge said yes to the latter question, and so Auernheimer is in prison, but his case is on appeal.

There are two separate questions, actually; you may address either or both. The first is whether this kind of thing is a criminal act; the second is whether it qualifies as "unauthorized access". The CFAA has often been criticized for criminalizing rather ordinary forms of unauthorized access, such as creating multiple Facebook accounts or using Google search as a minor prior to March 1, 2012 (when the Google terms of service required all users to agree they were over 18).

Here is another way to look at the question: is a law against "unauthorized access" a good idea, or must there be some other standard as well, and, if so, what? Some possibilities are

actual harm (a problem with this approach is that harm is notoriously hard to evaluate)
malicious intent (the government would have trouble proving that for Auernheimer)
???

Another way to summarize this question is simply "Is the CFAA too broad? If not, why? If so, how might it be fixed?"

Finally, you can also approach this from the ethical perspective: did Weev do something wrong? (For that matter, did Aaron Swartz?) It seems clear that Weev did what he did to embarrass AT&T. Should he have done more to protect the users involved? If he had done nothing, note that awareness of the breach might never have been exposed.

Your paper (either topic) will be graded primarily on organization (that is, how you lay out your sequence of paragraphs), focus (that is, whether you stick to the topic), and the nature and completeness of your arguments.

It is essential that all material from other sources be enclosed in quotation marks (or set off as a block quote), and preferably with a citation to the original source as well.

Expected length: 3-5 pages (800+ words)