Windows Update concerns stir tempest in a teacup

Over the past 24 hours, there's been something of a storm brewing regarding how Microsoft's Windows Update keeps itself up-to-date. First discussed in the Windows Secrets newsletter, it seems that regardless of whether or not you have Windows Update turned on, set to manual, or turned off entirely, certain files (different ones depending on whether you have Windows XP SP2 or Vista installed) are periodically updated. HangZhou Night Net

This was picked up by Adrian Kingsley-Hughes over at ZDNet, and has since spread across the 'Net, typically with a flavor of "OMG EVIL" attached to it—though in all fairness and honesty, neither Adrian or Scott Duran at Windows Secrets portrayed the issue in such dramatic terms. Here at Ars, we've since spoken to a Microsoft representative on the issue, and received the following information:

The files that are being updated are part of the Windows Update client itself. Windows Update
automatically updates itself from time to time to ensure that it is running the most current technology, so
that it can check for updates and notify customers that new updates are available. This is normal behavior,
and it has worked this way since the service debuted several years ago.

This is not to suggest that we were as transparent as we could have been; to the contrary, we could have been clearer on how Windows Update behaves when it updates itself. We've received helpful and important feedback on this point, and we are now looking at the best way to clarify WU's behavior to customers so that they can more clearly understand how WU works.

That said, we continue to be confident that the choice to use Automatic Updating continues to be the best decision for many of our customers. Windows Update remains a popular service with our customers because it helps them stay safe and have confidence that they are running the latest software from us.

In short, the information uncovered by Windows Secrets is a system that's been in place for quite some time.
Speaking strictly for myself, I don't really see the issue here. While I dislike the idea of significant
covert updates/patches as much as any user, I can't honestly say I view this discovery as terribly significant,
and I don't have a problem with Microsoft patching the Windows Update patching system. If you're looking for
more information on the topic straight from the horse's mouth, I'd suggest reading the Microsoft Update Product
Team Blog entry on the topic, which contains more information on the issue.

Defendant: RIAA abusing courts to shore up “failing business model”

Another file-sharing defendant who says she has never installed or used file-sharing software is fighting back against the RIAA, accusing the music industry of waging war in the US court system to "shore up the American recording industry's failing business model." HangZhou Night Net

The action this time is in the US District Court for South Carolina, which is where Catherine Njuguna was sued by the RIAA for allegedly sharing tracks such as "Teenage Dirt Bag," "She F***** Hates Me," "That N*****'s Crazy," and "F*** You Softly" via KaZaA. According to a motion she recently filed, her explanations that she was in Oklahoma City on the day the RIAA's investigators reportedly discovered the shared music on KaZaA and that she only listened to contemporary Christian music fell on deaf ears at the industry's Settlement Support Center. In addition, the SSC turned down her requests to have her PC inspected for evidence of infringement, and the RIAA ultimately sued her after she refused to give into its settlement demands.

After the lawsuit was filed, Njuguna said she boxed up the PC reportedly used for infringement and purchased a new one. She then filed a series of counterclaims to the RIAA's lawsuit in an attempt to have the lawsuit dismissed and her name cleared. One of those accuses the record labels of failing to negotiate in good faith.

"The Plaintiffs/SSC have not honored their obligation and duty to negotiate in good faith and in a fair manner," argues Njugana. "They have advised an unrepresented client regarding her legal rights, sometimes incorrectly, and misled the Defendant in order to force her into a settlement that is a pure contract of adhesion, with unconscionable terms, at a cost that is extraordinarily excessive considering alleged loss of the Plaintiffs."

In its motion to dismiss Njugana's counterclaims, the RIAA argues that it owes no duty to negotiate in good faith to the defendant.

Njugana also accuses the RIAA of engaging in deceptive and unfair trade practices, arguing that the record labels have demonstrated repeated behavior that has an "adverse effect on the public interest." She also cites former RIAA defendant Tanya Andersen's lawsuit (which seeks class-action status) as evidence that, unless the courts step in at some point, the RIAA will continue its campaign.

If, like a handful of other former defendants, Njugana is exonerated by the courts, the RIAA could be looking at another malicious prosecution lawsuit like the one filed by Andersen. Yesterday, the RIAA asked an Oregon judge to dismiss Andersen's lawsuit, arguing that her accusations that the industry group violated state racketeering laws depend on "sweeping, conclusory statements about alleged attempts to coerce or extort money from her."

Court gives Qualcomm reprieve during appeal, will allow 3G phone imports

The US Court of Appeals for the Federal Circuit gave Qualcomm a break yesterday, putting a hold on a broad import ban on new 3G cell phone models that use a Qualcomm chip. The ban was put in place by the US International Trade Commission after it found that the chips in question infringed on patents held by Broadcom. HangZhou Night Net

The ITC's remedy was rather specific: it only barred the import of new handset models that contained the infringing chips, not phones currently being sold. Still, it set off alarms for handset manufacturers—including Kyocera, Samsung, Motorola, and LG, among others—that were concerned that their latest and greatest models would be barred from store shelves.

Some of the cellular carriers in the US have made an end-run around the patent infringement ruling by signing separate licensing agreements with Broadcom as the case has made its way through the appeals process. Verizon chose to go that route in July, paying a $6 royalty for each handset containing the Qualcomm chip, with a maximum annual payment of $50 million.

After the ITC ordered the import ban, Qualcomm asked the Bush administration to intervene and veto the ITC's action; last month, it declined to do so. Industry trade group CTIA also fought against the import ban, saying it would cause "enormous undue harm to tens of millions of American wireless consumers."

The dispute dates back to a lawsuit filed in June 2005. Not long after Broadcom filed the patent infringement lawsuit, it also filed a complaint with the ITC, which voted 4-2 last October to adopt an administrative law judge's finding that the Qualcomm 3G chips infringed on Broadcom's patents.

As the federal courts have become increasingly reluctant to issue permanent injunctions in patent infringement cases in the wake of eBay v. MercExchange, companies have shifted their attention to the ITC. Although the Trade Commission cannot award monetary damages, companies can initiate complaints that can result in products deemed to be infringing being barred from sale in the US.

With the ban blocked for now, Qualcomm said it will continue its fight to have the infringement finding overturned, but that looks like a long shot at this point.

Google calls for international privacy standards

Google will call for universal privacy standards today at a UNESCO conference in France. Google believes that the Asia-Pacific Economic Cooperation (APEC) Privacy Framework could serve as the basis for harmonizing regulatory frameworks used by countries around the world. HangZhou Night Net

Complying with the broad assortment of disparate and potentially conflicting privacy laws already in place is a costly burden for businesses that use the Internet to operate globally. Streamlining those regulations and establishing global standards would certainly simplify the compliance process, but determining an adequate standard that balances the desires of law enforcement, consumers, and businesses around the globe will pose a challenge.

Google retains a tremendous amount of personal information that could be used for identity theft and all sorts of other nefariouspurposes if it were to fall into the wrong hands. Although some politicians are keen on legislation that would impose limits on data retention in order to protect consumer privacy, law enforcement agencies are insisting that data needs to be retained longer. Data retention duration is just one of many issues that will require some difficult compromises.

In July, Google competitors Microsoft and collectively called for industry standards for search privacy. The approach taken by Microsoft and seems to be market-oriented, whereas Google seemsmore interested in government standards.

Google's interest in creating new privacy standards may relate to the company's plan to acquire advertising company DoubleClick, a deal that is viewed with concern and hostility by privacy advocates. Establishing strong privacy standards could reassure consumers and lawmakers who might otherwise want to block the DoubleClick acquisition.

Google's chief privacy officer Peter Fleischer denies that DoubleClick is a factor in this effort, though. "People look to us to show some leadership and be constructive," Fleischer told the Associated Press. "To be effective, privacy laws need to go global…But for those laws to be observed and effective, a realistic set of standards must emerge. It is absolutely imperative that these standards are aligned to today's commercial realities and political needs, but they must also reflect technological realities."

Fleischer also said that he has been discussing the prospect of international privacy standards with Microsoft, Yahoo, and European government representatives.

The success of an international privacy standards initiative will depend on support from many stakeholders, and Google's plan may prove too ambitious. Regardless of whether or not Google's plan succeeds, competition in the search and web services space willhopefully continue to promote big improvements in company privacy policies, even without a worldwide agreement.