Abiding by the law: Blueport vs. U.S.

The long view of security strategies for your network.

I've been preparing my annual review of intellectual property law developments for my friend and colleague Prof. Tom Peltier's Peltier Effect (see the 2007 edition for a sample), and I ran across a startling case of the U.S. government's assertion of the doctrine of sovereign immunity. 

The case is “U.S. Fed. Circuit Court of Appeals, July 25, 2008 Blueport Co. v. US, No. 2007-5140”. The FindLaw Intellectual Property Case Summaries summarizes the case as follows:

“In an action against the government arising from an Air Force employee's refusal to provide the Air Force with the source code for a software program he had written on his own time and subsequently shared with other Air Force personnel, dismissals of copyright infringement and Digital Millennium Copyright Act (DMCA) claims for lack of jurisdiction are affirmed where: 1) the limited waivers of sovereign immunity contained in the copyright infringement statutes were properly construed as jurisdictional requirements; 2) the burden to prove jurisdiction was properly placed on plaintiff; 3) plaintiff's copyright infringement claim fell within provisos excepting it from the waiver of sovereign immunity; and 4) the DMCA contains no express or implied waiver of sovereign immunity.”

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

I've been preparing my annual review of intellectual property law developments for my friend and colleague Prof. Tom Peltier's Peltier Effect (see the 2007 edition for a sample), and I ran across a startling case of the U.S. government's assertion of the doctrine of sovereign immunity. 

The case is “U.S. Fed. Circuit Court of Appeals, July 25, 2008 Blueport Co. v. US, No. 2007-5140”. The FindLaw Intellectual Property Case Summaries summarizes the case as follows:

“In an action against the government arising from an Air Force employee's refusal to provide the Air Force with the source code for a software program he had written on his own time and subsequently shared with other Air Force personnel, dismissals of copyright infringement and Digital Millennium Copyright Act (DMCA) claims for lack of jurisdiction are affirmed where: 1) the limited waivers of sovereign immunity contained in the copyright infringement statutes were properly construed as jurisdictional requirements; 2) the burden to prove jurisdiction was properly placed on plaintiff; 3) plaintiff's copyright infringement claim fell within provisos excepting it from the waiver of sovereign immunity; and 4) the DMCA contains no express or implied waiver of sovereign immunity.”

Copyright attorney and blogger William Patry summarized the case in one of his postings. Here’s my summary of the facts of the case based on Patry’s article:

* Air Force Technical Sergeant Mark Davenport wrote and refined a program called the AUMD on his own time using his home computer in spite of having been refused support from the Air Force to learn programming skills.

* From around June 1998 through September 1998, Davenport provided his USAF colleagues with free access to his program and improved it steadily, introducing expiration dates into his versions to require users to update to the most recent version.

* "Davenport's superiors asked him to turn over the source code for the program, which Davenport had always kept on his home computer. When he refused to turn over the source code, his superiors threatened him with a demotion and a pay cut, and excluded him from the Manpower User Group's advisory authority."

* In March 2000, Davenport sold his software to a company called Blueport.

* Blueport offered the USAF a license to AUMD. The USAF refused and paid Science Applications International Corporation (SAIC) to reverse-engineer the available copies of object code to eliminate the expiration date.

* In 2002, Blueport sued the U.S. government for violations of copyright for having used the code illegally and of the Digital Millennium Copyright Act (DMCA) for modifying the object code to remove the expiration controls.

* Government attorneys asserted sovereign immunity from prosecution and won both at the initial trial and on appeal.

In the words of Patry, "There is no express abrogation of sovereign immunity for DMCA violations, and thus the U.S. government is free to – and appears quite happy to – engage in activity, which if done by individuals or companies, would be illegal, perhaps even criminal. The hypocrisy in the U.S. government’s conduct is breathtaking given USTR’s [United States Trade Representative] vigorous efforts to peddle the DMCA internationally."

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services and teaching. He is Chief Technical Officer of Adaptive Cyber Security Instruments, Inc. and Associate Professor of Information Assurance in the School of Business and Management at Norwich University. Visit his Web site for white papers and course materials.