and the Law



See Advanced Access Content System


Abandonware is software that is no longer being sold or supported by its author, copyright owner, or licensed distributor. Software that is still being sold, but no longer supported, is sometimes also referred to as abandonware. Software becomes abandonware for various reasons. A software publisher may abandon a program because of declining sales, or because it was written for a hardware platform or operating system that is no longer being sold, such as the Apple II, Atari 800, or Commodore Amiga. Or, the publisher may cease to exist as a corporate entity, for example, through bankruptcy or merger.

Because personal computers have not been around for long enough for the copyright on any programs written for them to expire, all abandonware that was once copyrighted is still copyrighted. Software that has been abandoned because its original publisher no longer exists is not automatically in the public domain, although in a few cases many rights may have been released under an open-source license. Some distributors and sharers of abandonware argue that the ethical objections to sharing copyrighted material do not apply to abandonware; the copyright owner is no longer selling the program, and thus is not being deprived of further sales (Goldman 2003, 405). While there is some logic to this position, it is legally incorrect. When a corporate publisher ceases to exist through bankruptcy or merger with another publisher, its property, including its copyrights, is assigned to some new person. Copyrights held by an individual remain the property of that individual until he or she transfers them to someone else or dies; in the latter case they become a part of his or her estate.

Some corporate publishers do not undergo any formal dissolution process, however; they simply close their doors, without formally transferring their copyrights to anyone. In such a case it can be difficult to locate anyone with the legal right to authorize the making of copies. As a practical matter, such copyrights—and abandonware copyrights generally—are rarely enforced, although some popular sites, such as Dan’s 20th Century Abandonware, have disappeared from the Web in recent years. The Internet Archive, an online library, maintains a collection of “vintage software,” much of which could be classified as abandonware.

Old spreadsheets, word processing programs, and the like are of interest only to a limited number of enthusiasts. Abandoned games, however, are more popular. There has been a renewed interest in older game copyrights as some games are adapted for use on mobile devices. And the content industry generally takes the view that all unlicensed distribution of abandonware is harmful, because the abandoned programs might become valuable again at some point during the life of their copyright term. Balanced against this copyright interest is the valuable function abandonware sites may play in preserving programs that would otherwise be lost (Costikyan 2000).

Under a repeatedly renewed exception to the anticircumvention provisions of the Digital Millennium Copyright Act, libraries are allowed to make copies for archival purposes even where doing so requires circumventing copy protection measures. This exception does not mean, however, that the archived works have entered the public domain.


Bradburn v. North Central Regional Library District, 231 P.3d 166 (Wash. 2010)


• Exemption to Prohibition on Circumvention of Copyright Protection Systems for Access Control Technologies, 37 C.F.R § 201.40 (2010)

See also Copyright Infringement; File-Sharing; No Electronic Theft Act; Public Domain; Warez

Sources and Further Reading

Abandonware: The Official Ring, available at (visited May 30, 2012)

Greg Costikyan, “New Front in the Copyright Wars: Out-of-Print Computer Games,” N.Y. Times (May 18, 2000), available at

Eric Goldman, “A Road to No Warez: The No Electronic Theft Act and Criminal Copyright Infringement,” 82 Oregon Law Review 369 (2003)

Dennis W. K. Khong, “Orphan Works, Abandonware and the Missing Market for Copyrighted Goods,” 15 International Journal of Law & Information Technology 54 (2007)

“Software Archive,” Internet Archive, available at (visited May 30, 2012)


Advances in and increased use of computers and information technology raise a wide variety of political and legal issues. New activist and industry advocacy groups have sprung up to address these issues, while older groups have added new issues to their traditional concerns. Three areas that have given rise to a great deal of litigation and political activism are freedom of expression, privacy, and copyright. Many activist and advocacy groups address a wide range of issues, while others have a single-issue focus.

Freedom of expression is a concern of the American Civil Liberties Union (ACLU), and the ACLU has been a plaintiff in actions brought to determine the constitutionality of federal legislation attempting to regulate or restrict access to Internet content. The action brought by the ACLU challenging the first such Congressional attempt, the Communications Decency Act (CDA), resulted in a U.S. Supreme Court decision holding the content-restricting portions of the CDA unconstitutional (Reno v. ACLU, 521 U.S. 824). After the decision striking down the CDA, Congress enacted the Child Online Protection Act (COPA), a second attempt to regulate Internet content, which was also challenged in court by the ACLU. The Supreme Court also expressed doubts about the constitutionality of COPA, and remanded the case to a lower court for trial on the issue of whether blocking and filtering software could provide a less restrictive alternative (Ashcroft v. ACLU, 524 U.S. 656). The ACLU has also, although ultimately unsuccessfully, challenged the Children’s Internet Protection Act (American Library Association, 539 U.S. 194). In the legislative arena it has opposed the Stop Online Piracy Act (SOPA) and the Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PIPA), advocated net neutrality, and supported reforms to the Electronic Communications Privacy Act “to provide protection to communications such as email, private social network posts, and other information stored in ‘the cloud.’”

On copyright issues, groups can be loosely classified as either users’ rights or content owners’ rights groups. The division bears no relation to more general left-right political divisions. The division is complicated further by the ambivalent position of equipment and software manufacturers. Equipment manufacturers are naturally inclined toward the users’ rights side of the dispute; enhanced copyright controls make equipment more complicated to manufacture and thus either more expensive or less profitable, and also decrease consumer demand because of compatibility issues and because many users want to use the equipment they purchase to make copies, whether within the fair use exception or outside it. But many equipment manufacturers (e.g.,) are also content owners; there is thus an internal conflict.

Software companies suffer a similar conflict, but while the balance for most equipment makers tilts toward the users’ rights side, for software makers it tilts toward content owners’ rights. Software that allows duplication of copyrighted material will be easier to sell, but software itself is copyrighted content, and software makers have an interest in its protection.

While the ADP is a single-issue group, the Electronic Frontiers Foundation (EFF) is perhaps the best known of several advocacy groups addressing a wider array of computer and Internet law issues. Like the ADP, the EFF is alarmed by Congressional efforts to mandate copyright control mechanisms. On copyright and other intellectual property issues the EFF is a users’ rights group. Intellectual property is not the EFF’s only concern, however; its “list of issues” includes, among other topics, anonymity, biometrics, censorship, intellectual property, privacy, public records, spam, and the USA PATRIOT Act. On all of these issues the EFF takes a consistent individual rights stance. According to the EFF’s Web site, “From the Internet to the iPod, technologies are transforming our society and empowering us as speakers, citizens, creators, and consumers. When our freedoms in the networked world come under attack, the Electronic Frontier Foundation (EFF) is the first line of defense. . . . EFF fights for freedom primarily in the courts, bringing and defending lawsuits even when that means taking on the U.S. government or large corporations.” (About EFF). The EFF’s activities in pursuit of these freedoms include providing support for lawsuits, education, and reporting on proposed legislation and administrative regulations. Like many other pro-consumer and information-freedom groups, EFF was active in opposing SOPA and PIPA.

SOPA and PIPA brought back a level of public and online activism in opposition to proposed U.S. Internet-law legislation that had not been seen for several years. Among the many opponents of the proposed measures (which found few supporters outside the content industry) was the Center for Democracy and Technology (CDT). The CDT is often aligned with the EFF, although it is somewhat more moderate. The CDT’s four stated overarching goals are “preserving the unique nature of the Internet”; “enhancing freedom of expression”; “protecting privacy”; and “limiting government surveillance.” It pursues these goals through education, outreach, and legislative advice and advocacy; unlike the EFF, it does not seek to involve itself in litigation.

The Free Software Foundation (FSF) is perhaps the most prominent of several ideologically motivated groups of software designers. Rather than focusing on legal and political solutions to the problem of corporate and government control of users’ online autonomy, the FSF and others like it focus on the technological aspect. The core of the problem—that is, the aspect of computers and the Internet that allows them to lend themselves so readily to an architecture of control—is, in the FSF’s opinion, the dominance of proprietary operating systems (Philosophy of the GNU Project 2004). Open-source operating systems such as GNU/Linux, a Linux-based operating system distributed by the FSF-sponsored GNU project, are designed by and in the interest of individual users rather than governments or large corporations. The FSF states that its mission is “to preserve, protect and promote the freedom to use, study, copy, modify, and redistribute computer software, and to defend the rights of Free Software users” (GNU Operating System 2012). Despite its anticorporate rhetoric the FSF enjoys support from a number of corporate sponsors, including Google, Oracle, IBM, Hewlett-Packard, Intel, and Nokia. Many of these may feel threatened either by the dominant makers of operating systems for personal computers—Microsoft and Apple—or by content-industry attempts to tighten copyright controls.

Public Knowledge is another users’ rights organization concerned with intellectual property law, especially copyright law. According to the organization’s mission statement, Public Knowledge has four broad goals:

(1) Ensuring that U.S. intellectual property law [provides] an incentive to creators and innovators while benefiting the public through the free flow of information and ideas.

(2) Preserving an Internet that is built upon open standards and protocols and “end-to-end” architecture, thereby fostering innovation and user control.

(3) Protecting consumers of digital technology from market practices designed to erode competition, choice and fairness.

(4) Ensuring that international intellectual property policies are adopted through democratic processes and with public interest participation (Public Knowledge Mission Statement).

Public Knowledge carries out its work through advocacy and reporting on legislation potentially affecting users’ rights. It also carries out special projects, including Empowering Creators in the Digital Age, which attempts to determine a workable balance between the need of content creators (rather than distributors) for content protection and the need of those same content creators to be able to make use of prior copyrighted works; and the Open Access Project, the goal of which is the “free and unrestricted world-wide electronic distribution of peer-reviewed journal literature coupled with free and unrestricted access to that literature by scientists, scholars, teachers, students and others” (Open Access Project).

Similar groups exist outside the United States, including the United Kingdom’s Campaign for Digital Rights (CDR). Like the EFF, the CDR is concerned with freedom of expression as well as users’ rights to fair use of copyrighted material. European Digital Rights (EDRi) focuses on copyright issues in the European Union. Other users’ rights advocacy groups in Europe include:

• Association Electronique Libre (Belgium)

• Associazione per la Liberta’ nella Comunicazione Elettronica Interattiva (Italy)

• Bits of Freedom (the Netherlands)

• Chaos Computer Club (Germany)

• Cyber-Rights & Cyber-Liberties (United Kingdom)

• Digital Rights (Denmark)

• Electronic Frontier Finland

• Elektronisk Forpost Norge (Norway)

• Förderverein Informationstechnik und Gesellschaft (Germany)

• Forum InformatikerInnen für Frieden und gesellschaftliche Verantwortung (Germany)

• Foundation for Information Policy Research (United Kingdom)

• Fronteras Electronicas España (Spain)

• Imaginons un Réseau Internet Solidaire (IRIS)(France)

• Internet Society Bulgaria

• Netzwerk Neue Medien (Germany)

• Privacy International (United Kingdom)

• Quintessenz (Austria)

• Swiss Internet User Group

• Verein für Internet-Benutzer Österreichs (Austria)

Other groups include Electronic Frontiers Australia and Electronic Frontier Canada.

Because there are many more users than there are content owners, users’ rights groups tend to be more numerous and attract a broader base of support than content owners’ rights groups. But because content is often worth money, the content owners’ rights groups tend to be much better funded. Two groups that have been particularly prominent both legislatively (proposing and lobbying for legislation to enhance copyright protection) and judicially (bringing lawsuits to enforce content owners’ rights) are the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA).

As the names imply, the MPAA is concerned with movies and the RIAA with music. While the interests of the two groups are similar, they are not identical. The MPAA’s members may currently be experiencing some lost profits due to piracy, but as long as a substantial portion of movie profits comes from box office receipts rather than video sales, the threat to their business model will remain less severe. The RIAA members’ old business model—distribution of bundled music recordings on CDs or other media through retail outlets—has been effectively undermined by technological change. Its new business model, largely based on the sale of individual songs through outlets such as iTunes and rental through subscription services such as Rhapsody, is somewhat less vulnerable, but not immune, to the effects of piracy.

The MPAA’s concern that the spread of broadband and DVD recorders would make video piracy as easy as music piracy has been in part forestalled by the advent of the higher-definition (and thus slower-download) BluRay format, but it is only a matter of time until technology makes the sharing of BluRay video content as easy as the sharing of MP3s. Online subscription services such as NetFlix and the packaging of BluRay content, with multiple extras, as gift items aimed at holiday-season sales have also protected the film industry’s revenues. The film industry, however, faces a problem the music industry does not: because the total number of films ever made is far smaller than the total number of songs ever recorded, and the number of new films made each year is far smaller than the number of new songs, the film industry will reach market saturation sooner. Recent slowing of video sales may be due to an increasing number of consumers already having all the films they want rather than to piracy, as well as a reduced demand for ownership of recorded media when content is legally available online at a low cost.

Both the RIAA and the MPAA seek to protect content owners’ rights through drafting and supporting proposed legislation to enhance copyright protections, through lawsuits against copyright infringers, and through the pursuit of technological solutions.


• Child Online Protection Act, 47 U.S.C. § 231

• Children’s Internet Protection Act, 47 U.S.C. § 254(h)

• Communications Decency Act, Pub. L. No. 104-104, § 502, 1996 U.S.S.C.A.N. (110 Stat.) 56, 133 (later codified at 47 U.S.C. § 223)

• Copyright Act of 1976, 17 U.S.C. § 101

• Digital Millennium Copyright Act, Title I, Pub. L. No. 105-304, codified at 17 U.S.C. §§ 1201-05

• Electronic Communications Privacy Act of 1986, Pub. L. No. 99-508, codified at 18 U.S.C. § 2703

• Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act) of 2001, Pub. L. No. 107-56, 115 Stat. 272 (codified as amended in scattered sections of the U.S.C.)

Proposed Legislation

• Anti-Counterfeiting Trade Agreement, Oct. 1, 2011, 50 I.L.M. 243 (2011)

• Combating Online Infringement and Counterfeits Act, S. 3804, 111th Cong. (2d Sess. 2010)

• International Cyberspace and Cybersecurity Coordination Act of 2010, S. 3193, 111th Cong. (2d Sess. 2010)

• Internet Freedom Act, H.R. 96, 112th Cong. (1st Sess. 2011)

• Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property (PROTECT IP) Act (PIPA) of 2011, S. 968, 112th Cong. (1st Sess. 2011)

• Protect America Act of 2007, S. 1927, 110th Cong. (1st Sess. 2007)

• Stop Online Piracy Act, H.R. 3261, 112th Cong. (1st Sess. 2011)


Supreme Court

Ashcroft v. American Civil Liberties Union, 524 U.S. 656 (2004)

Brown v. Entertainment Merchants Association, 131 S. Ct. 2729 (2011)

Reno v. American Civil Liberties Union, 521 U.S. 844 (1997)

United States v. American Library Association, Inc., 539 U.S. 194 (2003)

Federal Appellate Courts

American Civil Liberties Union v. United States Department of Justice, 681 F.3d 61 (2d Cir. 2012)

Bernstein v. United States, 176 F.3d 1132 (9th Cir. 1999); rehearing granted, opinion withdrawn, 192 F.3d 1308 (9th Cir. 1999)

Steve Jackson Games v. United States Secret Service, 36 F.3d 457 (5th Cir. 1994)

Federal Trial Courts

American Booksellers Foundation for Free Expression v. Coakley, No. 10-11165-RWZ, 2010 U.S. Dist. LEXIS 114750 (D. Mass. 2010)

Gonzales v. Google, Inc., 234 F.R.D. 674 (N.D. Cal. 2006)

State Courts

Bradburn v. North Central Regional Library District, 231 P.3d 166 (Wash. 2010)

In re Appeal of Application for Search Warrant, No. 2010-479 (Vt. Dec. 14, 2012)

See also Budapest Open Access Initiative; Censorship; Child Online Protection Act; Children’s Internet Protection Act; Communications Decency Act; Constitutional law; Content industry; Copyright; Declaration of the Independence of Cyberspace; Digital Millennium Copyright Act; Digital Millennium Copyright Act, Title I; Fan Works; File-Sharing; First Amendment; Net Neutrality; Open Source; Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act; Privacy; Recording Industry Association of America; Stop Online Piracy Act; WikiLeaks

Sources and Further Reading

Christina DesMarais, “10 Terrible Tech Laws That Have You in Their Bull’s-Eye,” PCWorld (June 10, 2012), available at

Electronic Frontier Foundation, “About EFF, General Information about the Electronic Frontier Foundation,” available at (visited June 5, 2012)

Virginia Eubanks, Digital Dead End: Fighting for Social Justice in the Information Age (Cambridge, MA: MIT Press, 2011)

Free Software Foundation, (visited Dec. 29, 2012)

GNU Operating System, (last updated Dec. 16, 2012)

Mike Godwin, Cyber Rights: Defending Free Speech in the Digital Age (Cambridge, MA: MIT Press, 2003)

IFPI Digital Music Report 2012, (visited Sept. 23, 2012)

“Internet Free Speech,” American Civil Liberties Union, (visited Dec. 20, 2012)

Tim Jordan, Cyberpower: The Culture and Politics of Cyberspace and the Internet (New York: Routledge, 1999)

Lawrence Lessig, Free Culture: How Big Media Uses Technology and the Law to Lock Down Culture and Control Creativity (New York: Penguin, 2004)

Young Joon Lim and Sarah E. Sexton, “Internet as a Human Right: A Practical Legal Framework to Address the Unique Nature of the Medium and to Promote Development,” 7 Washington Journal of Law, Technology & Arts 295 (2012)

“Philosophy of the GNU Project,” GNU Operating System, (last updated Jan. 1, 2012)

Public Knowledge Mission Statement, available at (visited June 6, 2012)

Dan Sabbagh, “Hollywood in Turmoil as DVD Sales Drop and Downloads Steal the Show,” The Guardian (May 3, 2011),

Leslie David Simon et al., Democracy and the Internet: Allies or Adversaries? (Washington, D.C.: Woodrow Wilson Center Press, 2002)

Daniel Solove, Nothing to Hide: The False Tradeoff between Privacy and Security (New Haven, CT: Yale University Press, 2011)

Cass R. Sunstein, 2.0 (Princeton, NJ: Princeton University Press, 2009)

The Open Access Project, “Promoting the Free and Unrestricted World-Wide Electronic Distribution of Peer-Reviewed Journal Literature,” Public Knowledge, available at (visited June 6, 2012)

Siva Vaidhyanathan, The Anarchist in the Library: How the Clash Between Freedom and Control Is Hacking the Real World and Crashing the System (New York: Basic Books, 2004)

Anthony E. Varona, “Toward a Broadband Public Interest Standard,” 25 Administrative Law Review 1 (2009)


Advanced Access Content System (AACS) is the name for the motion picture recording digital rights management technology used to protect video recordings using the Blu-ray and the now-defunct HD DVD formats. AACS allows content owners to authorize limited or unlimited copying. The Managed Copy feature allows consumers to transfer AACS-protected movies to other devices, but at the same time makes it more difficult to make and distribute large numbers of unauthorized copies. AACS thus avoids many of the problems with Content Scramble System (CSS, the encryption used to protect DVD recordings). CSS frustrated, and continues to frustrate, consumers because CSS-protected disks can be played back only on CSS-equipped DVD players—the recordings cannot be transferred to other media or devices. And CSS has proved easy to circumvent through the use of such programs as DeCSS; once a CSS key has been leaked or reverseengineered, there is nothing the content industry can do to recapture it. The relative consumer-unfriendliness of CSS, plus the ease of defeating it, provided an incentive for otherwise law-abiding consumers to make unlawful copies. AACS, on the other hand, is designed so that individual keys can be retired without interfering with the functioning of the system as a whole; any keys that enter the public domain can be retired, enabling the content industry to minimize the damage without causing inconvenience to the consumers (Borland 2004).

In order to defend its copyrights, the content industry has been forced to wage a battle on two fronts. One front is legal: the industry fights to increase the scope of copyright protection and penalties for infringement, and sues infringers. The other front is technological: the industry seeks ways to make copyrighted recordings more difficult to copy. To do this effectively requires the cooperation of equipment manufacturers; a recording that cannot be played back on most people’s media players, or that freezes, jitters, or stutters on playback, will be difficult to sell.

Historically, equipment manufacturers have been dubious of copyright protection schemes initiated by the content industry. Incorporating copy protection and digital rights management technology makes equipment more expensive to manufacture and increases compatibility problems; at the same time, consumers would prefer not to have it. It is not in the interests of equipment manufacturers to benefit the content industry at their own and their customers’ expense. In order to be workable, AACS will have to take the interests of equipment manufacturers (and their customers) into account. That the proposal seems to do so is evident from the number of manufacturers that have joined the AACS Licensing Authority, including IBM, Intel, Panasonic, Sony, and Toshiba; other members include AOL Time Warner, Disney, and Microsoft (Merritt 2004).

Another problem is compatibility with other digital rights management systems. Content delivery is in danger of becoming fragmented: content recorded with a particular digital rights management technology can be played back only with players (whether hardware or software) equipped with that technology. Few consumers want to keep half a dozen different media players around; most seek a single player that can play all of the recordings they own. AACS seeks to resolve this problem as well; the Licensing Authority is working to ensure compatibility with digital rights management systems developed independently by the various members (Borland 2004).

See also DeCSS; Digital Rights Management; Piracy

Sources and Further Reading

Advanced Access Content System (“AACS”) Adopter Agreement, available at (last updated June 5, 2009)

John Borland, “Tech, Studio Giants Team on New DVD Locks,” C/Net (July 14, 2004), available at,-studio-giants-team-on-new-DVD-locks/2100-1025_3-5269286.html

Clint DeBoer, “2010: The Year AACS and HDMI Kill Off Component Video,” Audioholics Online A/V Magazine, available at (last updated February 17, 2010)

Kevin Henry, Jiayuan Sui, & Ge Zhong, “An Overview of the Advanced Access Content System (AACS),” available at–25.pdf (visited September 22, 2012)

Rick Merritt, “Copyright Scheme Could Fuel Transition to High-Definition Systems,” EE Times (July 15, 2004), available at

“Time to Revisit Blu-Ray? AACS,” Pacific Disc (2010), available at


Advertising is an essential component of the modern Internet. Revenues from advertising support many Web sites; without it, content on the Internet would be less plentiful and less varied. Some Internet advertisers, however, make their messages so intrusive that users and Web site operators feel that the advertisement is interfering with their enjoyment of the Internet; in these cases, legal action and demands for regulation may ensue. This unwelcome advertising may raise First Amendment and privacy issues. Internet advertising, welcome or not, may also raise trademark and jurisdictional issues. Adware placed on a user’s computer without the user’s knowledge or consent may raise an issue of trespass.

There are various types of Internet advertising; among the most common are banner ads, pop-ups, floating and expanding ads, sponsored search engine results, and email advertisements. Banner ads are ads that show up as part of a Web page; they may be still or animated images, and clicking on them generally links to a Web site from which the advertised goods or services may be purchased. In format and visual effect they resemble advertisements in a printed magazine or newspaper; they can usually be ignored by uninterested viewers, although ads that blink, vibrate, or play audio may arouse consumer wrath. Banner ads may also create resentment if they contain indecent or shocking words or images. Ads containing indecent content are generally confined to pornographic Web sites and other Web sites that a user might reasonably expect to contain such advertisements; Web site owners are unlikely to accept such advertising otherwise. A problem may occur, though, when unscrupulous advertisers hijack a Web site or an ad-placement system, replacing paid advertisers’ content with their own. This hijacking is a crime (theft of services) and the hacking required to do it is also illegal.

Pop-ups and pop-unders are advertisements that open as a separate browser page either above or under the page being viewed at the time. They are almost universally disliked by Web surfers, and are declining as now-ubiquitous pop-up blockers render them less useful. The inclusion of pop-up blockers in most Web browsers has proved a mixed blessing, as it has led to the growth of the far more annoying floating ads, which slide across the page being viewed and block the content the viewer actually wants to see; the “X” for closing the floating ad is sometimes artfully concealed, with a decoy box where the “X” would normally be expected, causing unwary consumers to click on the ad by mistake and be subjected to a further unwelcome barrage of ad content. Sponsored search engine results, in contrast, are less intrusive. Like banner ads, they are confined to a certain portion of the page, and for the most part consist only of text.

Email advertising can be roughly divided into two categories. In the first category are advertisements that the recipient has asked or consented to receive, such as notification of the publication of a new book by a favorite author, or of a clearance sale from a clothing company from which the recipient has purchased clothes in the past. In the second category is unsolicited mass email advertising, or spam.

Ads of all sorts can be targeted to the viewer. Some banner ads are placed on a page in response to the nature of the content being viewed; a news story about a baseball game may contain ads for baseball memorabilia. Sometimes the ads are unintentionally absurd: an article about a public school district’s ties to religious groups is accompanied by advertisements for men’s neckwear decorated with Christian motifs—“religious ties” of a very different sort. Sometimes the ads are tasteless: an article about the fatal crash of a hot-air balloon is accompanied by ads for balloon rides.

More worrisome to privacy advocates is that ads can be targeted based on individual Web surfing habits. Internet users who visit a news site each day and read all of the stories about sailing may soon find that, whatever they view, they see banner ads for sailboats and sailing supplies.

Another category of advertising includes sites that consist entirely of advertisements; these generally cause few legal problems. Users expect a site called to contain information about Toyota automobiles, and are neither surprised nor offended to learn that it does. Similarly, they expect a retail Web site such as to advertise goods for sale; they go there expecting, and indeed hoping, to encounter such advertising. Privacy issues may arise, though, from the site’s collection of information about viewers. While few visitors of a shopping Web site will find it invasive when the site recommends other items available for purchase on the same site, many or most visitors would be less delighted to have their shopping history sold to other Web sites or bricks-and-mortar retailers, or made available to government agencies. Shopping and other browsing history is poorly protected; however, sites may generally use information collected from visitors as they wish to target future advertising and develop marketing strategies, subject to the terms of a privacy policy written by the company itself and displayed somewhere on the site.

The use of information obtained from children is much more restricted, however. Under the Children’s Online Privacy Protection Act (COPPA), commercial Web sites collecting information from children less than 13 years of age must provide a privacy notice explaining what information is collected, how it is used, and under what circumstances and to whom it may be disclosed. In addition, no personal information—defined as information that may identify or permit communication with the child, such as a first or last name, address, email address, telephone number, or social security number—may be obtained from a child without the verifiable consent of the child’s parents. The Web site operator must provide the parents with a reasonable means to review the information; the parents must also have the opportunity to refuse to permit the Web site operator to use or maintain the information.

Considerable attention and concern has been focused on Internet “advertainment” and “advergames” aimed at children, such as Neopets or General Mills’ now-defunct Millsberry. Under COPPA, a Web site operator may not condition a child’s participation in a game, promotional sweepstakes, contest, or other activity upon the collection of any information not reasonably necessary to enable the child to participate in the activity. Some consumers groups feel that in the case of advergames COPPA does not go far enough; Neopets’ “immersive advertising” strategy, in which children are not exposed to banners or pop-ups but are instead exposed to product placement within the game itself, strikes some consumers’ groups as insidious and dangerous (Guardian 2002). Nonetheless, the sites can inspire considerable loyalty from gamers; the shutdown of Millsberry in 2010 led to outcry from fans and the appearance of several unlicensed imitation Millsberry sites.

The targeting of pop-up and pop-under ads raises the same issues as the targeting of banner ads. In addition, pop-ups may act as parasites on sites to which they have not paid an advertising fee, appearing on the computers of users visiting those sites. These pop-ups and other forms of advertising may be generated by adware placed on the user’s computer. Many inexperienced users consent to install this software, under the belief that they are gaining something else: a security program or a new cursor design, for example. Children are especially vulnerable to adware of this sort.

Many users and Internet Service Providers (ISPs) turn to self-help to avoid unwelcome advertising. Users can block ads by using the Windows “hosts” file or downloading an ad blocker. ISPs weed out enormous quantities of spam each day, preventing it from reaching their subscribers’ computers. These self-help activities have in turn met with challenges from advertisers. Spammers, for instance, sued America Online (AOL), claiming that its actions violate their First Amendment right to freedom of expression. The courts have rejected this argument; AOL is a private party, not a state actor, and the First Amendment does not require it to deliver email (America Online, 948 F. Supp. 456).

Unwelcome advertising, especially spam, has also brought demands for government regulation. COPPA, discussed earlier, is one result. The CAN-SPAM Act, an unsuccessful 2003 law designed to curb spammers, is another. And laws designed for off-line advertising also apply to Internet advertising: commercial speech may be prohibited if it is untruthful, misleading, or deceptive, or if its subject matter or presentation is illegal. It may also be subject to reasonable time, place, and manner restrictions.

Regulating advertising, on the Internet and in many other media, is the job of the Federal Trade Commission (FTC), and more specifically (although not exclusively) of the Division of Advertising Practices of the FTC’s Bureau of Consumer Protection. The FTC may take regulatory or administrative action or litigate against unfair, misleading, or false advertising. The FTC may regulate against, or issue a cease and desist order to prevent, advertising acts or practices that are unfair if two additional conditions are met. First, the act or practice must cause or be “likely to cause substantial injury to consumers . . . not reasonably avoidable by consumers themselves.” Second, the injury must not be “outweighed by countervailing benefits to consumers or to competition.” In determining whether an act or practice is unfair, the FTC may consider public policy, but may not make public policy the primary basis for its action (15 U.S.C. § 45(n)).

An injury to consumers is substantial if a relatively small harm is inflicted upon a large number of consumers or if a greater harm is inflicted on even a small number of consumers; however, the harm must be more than merely trivial or speculative (Greenspan 1999).

The FTC may also take action against deceptive acts and practices: material misrepresentations, omissions, or practices that are “likely to mislead a consumer acting reasonably under the circumstances” (Greenspan 1999). This reasonable person standard can be adapted to match the target audience: a communication to an audience of children would be judged by whether it was likely to mislead a reasonable child.

The FTC has authority to regulate false advertising only if the advertising is for food, drugs, cosmetics, or medical devices, a category that includes a great deal of spam. Advertising for these products is false if it is materially misleading (Greenspan 1999).

The FTC has brought actions against scammers and spammers; it has imposed penalties on Web site operators for violations of their own privacy policies. It has declined, however, to create a federal “do not spam” registry as authorized by the CAN-SPAM Act of 2003, on the grounds that such a registry would be futile, in contrast to the popular “do not call” registry. It is far easier and cheaper to send spam from outside the United States than it is to move a telemarketing operation outside the United States, although the falling cost of international phone calls is undermining the effectiveness of the “do not call” registry as well. Without some form of global control, the FTC’s registry would be useless. The FTC has, however, issued a regulation requiring adult-oriented spam to be identified as such in the message header; misidentified adult-oriented spam persists, however.

A few specialized categories of advertising may also be regulated or prohibited. Advertising by attorneys, doctors, and other professionals may be regulated by professional associations, subject to limits imposed by the First Amendment. The status of tobacco advertising is still unclear. Congress can explicitly prohibit tobacco advertising over the Internet, and the European Union has already imposed such a prohibition. As with spam, however, little can be done about advertising originating beyond a nation’s borders. A similar problem applies to advertising for gambling.


• Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003, 15 U.S.C. §§ 7701–7713

• Unfair Methods of Competition, 15 U.S.C. § 45

European Union Directive

• Directive on the approximation of the laws, regulations, and administrative provisions of the Member States relating to the advertising and sponsorship of tobacco products, 2003 O.J. (L 152) 16


Federal Appellate Court

College Source, Inc. v. Academy One, Inc., 653 F.3d 1066 (9th Cir. 2011)

Gordon v. Virtumundo, Inc., 575 F.3d 1040 (9th Cir. 2009)

Network Automation, Inc. v. Advanced Sys. Concepts, 638 F.3d 1137 (9th Cir. 2011)

Federal Trial Court

Aitken v. Communs. Workers of Am., 496 F. Supp. 2d 653 (E.D. Va. 2007)

Ascentive, LLC v. Opinion Corp., No. 10 Civ. 4433(ILG)(SMG), 2011 U.S. Dist. LEXIS 143081 (E.D.N.Y. 2011)

CJ Prods. LLC v. Snuggly Plushez LLC, 809 F. Supp. 2d 127 (E.D.N.Y. 2011)

Cyber Promotions v. America Online, 948 F. Supp. 456 (E.D. Pa. 1996)

Facebook, Inc. v. MaxBounty, Inc., 274 F.R.D. 279 (N.D. Cal. 2011)

Fancaster, Inc. v. Comcast Corp., No. 08–2922(DRD), 2011 U.S. Dist. LEXIS 147373 (D.N.J. December 13, 2011)

Ferguson v. Friendfinders, Inc., 94 Cal. App. 4th 1255 (Cal. App. 1st Dist. 2002)

Fraley v. Facebook, Inc., No. 11-CV-01726-LHK, 2011 U.S. Dist. LEXIS 145195 (N.D. Cal. December 16, 2011)

MySpace, Inc. v. Wallace, 498 F. Supp. 2d 1293 (C.D. Cal. 2007)

State Court

Intel Corp. v. Hamidi, 30 Cal. 4th 1342, 1353 (Cal. 2003)

See also Adware and Spyware; Censorship; Children’s Online Privacy Protection Act; Cookies; Data Mining; Doubleclick; First Amendment; Gambling; Privacy; Spam

Sources and Further Reading

“Advertising on Mobile Phones: Attack of the Covert Commercials,” The Economist, July 7, 2012, at 60

“An Ad-Block Shock: France v Google,” The Economist, January 12, 2013

Erik Anderson, “Protection of Trademarks from Use in Internet Advertising Banner Triggers: Playboy v. Netscape,” 40 Jurimetrics Journal 469 (2000)

Lori Irish Bauman, “Personal Jurisdiction and Internet Advertising,” 14 Computer Lawyer 1 (1997)

Terence Craig & Mary Ludloff, Privacy & Big Data (Sebastopol, CA: O’Reilly Media, Inc., 2011)

Alan N. Greenspan, Internet Advertising Laws and Regulations, Practising Law Institute, 19th Annual Institute on Computer Law, February-March 1999

Daniel L. Hadjinian, “Clicking Away the Competition: The Legal Ramifications of Click Fraud for Companies That Offer Pay per Click Advertising Services,” 3 Shidler Journal of Law, Commerce & Technology 5 (2006)

Martin Headon, “Pet Hates: The Gaming Site Neopets Is a Welcome Relief, Says Martin Headon,” The Guardian (October 30, 2002), available at,11500,822595,00.html

Orin S. Kerr, “Surveillance Law: Reshaping the Framework: A User’s Guide to the Stored Communications Act, and a Legislator’s Guide to Amending It,” 72 George Washington Law Review 1208 (2004)

Jason Krause, “The National Pulse: Google Targeted in Trademark Disputes—Rulings Should Help Define What Is Protected in Internet Advertising,” ABA Journal E-Report, May 28, 2004

Paul Lansing & Mark D. Halter, “Internet Advertising and Right to Privacy Issues,” 80 University of Detroit Mercy Law Review 181 (2003)

Taiwo A. Oriola, “Regulating Unsolicited Commercial Electronic Mail in the United States and the European Union: Challenges and Prospects,” 7 Tulane Journal of Technology & Intellectual Property 113 (2005)

“Policy Online Privacy/Data Sharing Internet Advertising Trade Group Issues Guidelines on Use of Web Bugs,” Cybercrime Law Report, December 16, 2002

Christopher J. Schulte, “Abracadabra International Ltd. v. Abracadabra Creations Inc.—Internet Advertising Just Federalized the Nation’s Service Mark Law,” 22 Hamline Law Review 563 (1999)

Tyson Smith, “Googling a Trademark: A Comparative Look at Keyword Use in Internet Advertising,” 46 Texas International Law Journal 231 (2010)

“You Shut Down Millsberry and Ruined My Life, and Many More!!!,” Pissed Consumer (May 14, 2011), available at (27 pages, 265 comments)


Adware is software installed on a user’s computer that causes advertisements to be displayed, often as pop-ups. These pop-ups generally appear while the user is surfing the Web, but may appear at other times; they are neither authorized by nor related to the Web site that the user is viewing at the time. Adware that collects information about the user and passes that information to some other person is spyware. Adware is generally regarded as an annoyance, while spyware may raise privacy and security issues and is considered by many users to be unethical rather than merely annoying.

Some adware is installed as part of commercially distributed programs and is directly related to that program. An antivirus program, for example, may prompt users when their subscriptions are about to expire. This prompt may appear as a pop-up whenever the user turns on the computer. A program that was installed as part of the antivirus program generates the pop-up, and this program could be considered adware. The level of annoyance it produces in the user is likely to be slight, however.

Users may also accept adware as the price of using popular free file-sharing, browser, and email programs. Some users of these programs may be unaware that, by installing the programs, they have consented to the installation of adware. The information is contained in the clickwrap agreements, but few users actually read the agreements.

The Google toolbar includes a “page rank” feature that lets Google know where toolbar users are surfing; some consider this spyware, although the feature can be disabled with a single click. The Google toolbar also includes a pop-up blocker. (Identifying Spyware 2005) But the adware and spyware that arouses the greatest user rage—second only to spam as an unpopular advertising technique—is that installed on a user’s computer by stealth or subterfuge.

Computer and smartphone users may be confronted with pop-up dialog boxes asking them to consent to the installation of a program; sometimes these programs are adware, but many users—especially children—may click “yes” to install the program, rather than “no” or “X” to close the dialog box, and thus install the adware. These programs, at least, give users the opportunity to refuse installation. More worrisome are drive-by downloads: programs that install themselves without presenting the user with the option of refusal, and without the user’s knowledge (Levinson 2012; Urbach & Kibel 2004).

Adware and spyware can do more than serve pop-up advertising. It can turn a user’s computer into a zombie, allowing it to be used in spamming or denial-of-service attacks. Homepage hijackers change the user’s browser home page. Spyware can be used not only for annoying advertisements but also for malicious hacking; it can provide hackers with access to and control over the computer on which it is installed. Keystroke loggers, screen capture programs, and similar programs can track and record all activity on a computer, enabling anyone who looks at the log to discover passwords, account numbers, and other vital security information. The infamous Sony BMG rootkit was placed on the computers of purchasers of music CDs and not only transmitted information back to the company but also opened a vulnerability that malicious hackers could, and ultimately did, exploit (Brown 2010). And all of these activities, sinister or not, take up disk space, memory, and processor resources; adware and spyware slow down the operation of the computer on which they are installed, sometimes seriously degrading performance.

Malicious uses of spyware are obviously illegal; however, adware installed with the consent of the user—even when the user does not understand what he or she is consenting to—may not be. Adware has given rise to a great many civil suits for damages and equitable relief. Many of these suits are brought by aggrieved Web site owners and trademark holders. U-Haul, for example, has sued over the unauthorized use of its trademarks in pop-ups generated by, Inc. has been sued frequently. Wells Fargo and Quicken Loans have sued because WhenU’s software causes ads for other mortgage lenders to appear when users visit Wells Fargo or Quicken Loans mortgage loan Web sites. These suits have not been successful; although the ad software uses U-Haul’s, Wells Fargo’s, and Quicken’s trademarks to assign particular ads to users visiting the trademark holder’s pages, that alone does not meet the elements of trademark infringement. A similar suit against WhenU by 1–800-Contacts likewise led to victory for WhenU in the Second Circuit Court of Appeals.

Opponents of adware and spyware have also pursued legislative change, without much success. Antispyware bills introduced in Congress have included the Safeguard against Privacy Invasions Act and the Software Principles Yielding Better Levels of Consumer Knowledge (SPY BLOCK) Act, introduced in the House of Representatives and in the Senate, respectively, in 2003. The Safeguard against Privacy Invasions Act, renamed the Securely Protect Yourself against Cyber Trespass Act (SPY ACT), passed the House of Representatives by a vote of 399 in favor to one against on October 5, 2004, and reported to the Senate on the following day. Ultimately, however, these attempts at targeted antispyware legislation were unsuccessful, and at the federal level spyware has been dealt with under other statutes, especially the Computer Fraud and Abuse Act.

As with most areas of law governing the Internet, a single uniform body of national (or even transnational) law is preferable to multiple state laws, with all the possibility they present for inconsistencies, conflict, and forum-shopping. But with the federal government unable or unwilling to enact comprehensive antispyware legislation, many states have enacted antispyware laws of their own, beginning with Utah’s Spyware Control Act in March 2004 and California’s Consumer Protection against Computer Software Act in September of the same year. Alaska, Arizona, Arkansas, Georgia, Illinois, Indiana, Iowa, Louisiana, Nevada, New Hampshire, Pennsylvania, Rhode Island, Texas, Virginia, Washington, and Puerto Rico also have laws designed to be effective against spyware. Adware distributors have brought suits to enjoin enforcement of state statutes (see, e.g.,, Inc. v. Utah;, 192 P.3d 858).

For most users the main issue that arises from adware and spyware is not its legality, but how to get rid of it. Laws restricting spyware may offer a long-term solution, but will be ineffective against malicious hackers (whose activities are already illegal) and against parties outside the United States. The best way to fight software is with software; many antiadware and antispyware programs are available. As with spam and viruses, there is an ongoing arms race between adware and antiadware software; complete protection may require the use of more than one program. Popular and effective antiadware and antispyware programs include Ad-Aware, HiJack This, Spybot Search & Destroy, and Spy Sweeper; most antivirus programs now offer antiadware and antispyware options as well. Many of these are available as free downloads for individual users, while others are inexpensive. A firewall program can prevent adware from sending information out of the user’s computer; this will not solve the problem, but will at least address the privacy issues. A firewall’s log may also be useful in identifying spyware.

Statutes and Proposed Legislation


• Safeguard against Privacy Invasions Act, H.R. 2929, 108th Cong. (1st Sess. 2003), reported to and passed by House of Representatives as Securely Protect Yourself against Cyber Trespass Act (SPY ACT)

• Software Principles Yielding Better Levels of Consumer Knowledge (SPY BLOCK) Act, S. 2145, 108th Cong. (2d Sess. 2003)

• Internet Spyware Prevention (I-SPY) Act of 2007, H.R.1525, 110th Cong. (1st Sess. 2007—2008)


• Alaska: Spyware and Unsolicited Internet Advertising, S.B. 140 (Alaska. 2005), Alaska Stat. §§ 45.45.792, -.794, -.798; § 45.50.471(51)

• Arizona: Computer Spyware, H.B. 2414 (Ariz. 2005), Ariz. Rev. Stat. §§ 44–7301 to 44–7304

• Arkansas: Improper Use of Computer Spyware, H.B. 2904 (Ark. 2004), Ark. Code §§ 4–111–101, -102, -103, -104, -105, § 19–6-301, § 19–6-804

• California: Consumer Protection against Computer Software Act, S.B. 1436 (Cal. 2004), Cal. Bus. & Prof. Code §§ 22947 to 22947.6

• Georgia: Computer Security Act, H.B. 127 (Ga. 2005), Ga. Code §§ 16–9-152 to -157

• Illinois: Spyware Prevent Initiative Act, H.B. 380 (Ill. 2005), 720 ILCS 5/17–52.5

• Indiana: Ind. Code § 24–4.8–1 et seq., § 24–4.8–2 et. seq, § 24–4.8–3 et seq.

• Iowa: Deceptive or Unauthorized Computer Software, H.F. 614 (Iowa. 2005), Iowa Code §§ 715.1 to 715.8

• Louisiana: La. Rev. Stat. §§ 51:2006 to 51:2014

• Nevada: Nev. Rev. Stat. § 205.4737

• New Hampshire: Regulating the Use of Computer Spyware, H.B. 47 (N.H. 2005), N.H. Rev. Stat. §§ 359-H:1 to 359-H:6

• Pennsylvania: 73 P.S. 2330.1 et seq.

• Rhode Island: R.I. Gen. Laws §§ 11–52.2–2 to 2–7

• Texas: Consumer Protection against Computer Spyware Act, S.B. 327 (Tex. 2005), Tex. Bus. & Comm. Code §§ 324.001–102

• Utah: Spyware Control Act, H.B. 323 (Utah 2004), Utah Code §§ 13–40–203, 13–40–204, 13–40–301, 13–40–302, 13–40–402

• Virginia: Computer Crimes Act, H.B. 2215 (Va. 2005), Va. Code § 18.2–152.4

• Washington: Wash. Rev. Code §§ 19.270.101–900

• Puerto Rico: 10 L.P.R.A. §§ 2181–85


1–800 Contacts v., Inc., 309 F. Supp. 2d 467 (S.D.N.Y. 2003); reversed & remanded, 414 F.3d 400 (2d Cir. 2005), Inc. v. SmartBargains, Inc., 192 P.3d 858 (Utah 2008)

Rescuecom Corp. v. Google, Inc., 562 F.3d 123, 131 (2d Cir. 2009)

U-Haul International, Inc. v. WhenU.Com, Inc., No. 02- V-1469-A, 2003 WL 21673722 (E.D. Va. 2003)

Wells Fargo & Co. v., Inc., 293 F. Supp. 2d 734 (E.D. Mich. 2003), Inc. v. Utah, No. 040907578 (Utah September 26, 2004)

See also Advertising; Computer Fraud and Abuse Act; Cookies; Denial-of-Service Attack; Hacking; Malware; Privacy; Spam; Trademark; Trojan; Zombie

Sources and Further Reading

“2d Cir. to Decide Legality of Injunction against Adware 1–800 Contacts Inc. v. Inc.,” Andrews Software Law Bulletin, April 1, 2004, at 12

Bob Brown, “Sony BMG Rootkit Scandal: 5 Years Later,” Network World (November 1, 2010), available at

Alfred Cheng, “Does Spybot Finally Have Some Allies?: An Analysis of Current Spyware Legislation,” 58 Southern Methodist University Law Review 1497 (2005)

Terence Craig & Mary Ludloff, Privacy & Big Data (Sebastopol, CA: O’Reilly Media, Inc., 2011)

Kevin P. Cronin & Ronald N. Weikers, Data Security and Privacy Law: Combating Cyberthreats § 8:44 (St. Paul, MN: West, 2004)

Jonathan I. Ezor, Privacy and Data Protection in Business: Laws & Practices (New Providence, NJ: LexisNexis, 2012)

Federal Trade Commission, “Combating Spyware and Malware,” available at (last updated August 28, 2012)

Chad A. Kirby, “Defining Abusive Software to Protect Computer Users from the Threat of Spyware,” 10 Computer Law Review & Technology Journal 287 (2006)

Meridith Levinson, “Mobile Malware: Beware Drive-by Downloads on Your Smartphone,” CIO (March 22, 2012), available at

Paul M. Schwartz, “Privacy Inalienability and the Regulation of Spyware,” 20 Berkeley Technology Law Journal 1269 (2005)

Small Business Computing Staff, “Inside Spyware,” Small Business (July 15, 2005), available at

Small Business Computing Staff, “Inside Spyware: Part Two—Identifying Spyware: Malicious, Annoying or Misunderstood?” Small Business (July 18, 2005), available at

Daniel Solove & Paul M. Schwartz, Privacy Law Fundamentals (Portsmouth, New Hampshire: IAPP Publication 2011)

Stop Badware, available at (visited September 23, 2012)

Liying Sun, “Who Can Fix the Spyware Problem?” 22 Berkeley Technology Law Journal 555 (2007)

Ronald R. Urbach & Gary A. Kibel, “Adware/Spyware: An Update Regarding Pending Litigation and Legislation,” Journal of Proprietary Rights, July 2004, at 12

Tom Zeller, Jr., “F.T.C. Files First Lawsuit against Spyware Concerns,” N.Y. Times (October 13, 2004), available at


The Leahy-Smith America Invents Act of 2011 (AIA) was the most dramatic overhaul of U.S. patent law in nearly 60 years. The most dramatic, though by no means only, change wrought by the AIA was to grant patent protection to the first inventor to publicly disclose or to file a successful patent application, rather than, as was previously the case in the United States, to the first person to invent. (Often—perhaps most of the time—the person protected will end up being the same under either rule.) This provision, as well as most of the rest of the AIA, entered into effect on March 16, 2013. Most applications filed before that date, but continued or still in process after that date, will be governed under the earlier law.


Prior to the AIA, the United States stood alone in protecting the first person to invent, rather than the first to comply with the formalities of the patent process. (Two other first-to-invent jurisdictions, Canada and the Philippines, had switched to first-to-file in 1989 and 1998, respectively.) An international agreement to which the United States was not a party, the Patent Law Treaty, rather opaquely required the use of a first-to-file, rather than first-to-invent, system (Patent Law Treaty arts. 5, 6). The first-to-invent system had strong support in the United States, however, and rather than switch completely to a first-to-file system, the AIA adopted a hybrid approach, the first-inventor-to-disclose-or-file system. The U.S. Patent and Trademark Office (USPTO) explains, less clearly than it might, that:

The First Inventor to File (FITF) provisions transition the U.S. to a first-inventor-to-file system from a first-to-invent system. The FITF provision includes a 1-year grace period. Specifically, prior art disclosures made publicly available one year or less before the effective filing date can be overcome by applicant showing (1) the prior art disclosure was by another who obtained the disclosed subject matter from the applicant (a deriver), see 102(b)(1)(A), or (2) the applicant or a deriver publicly disclosed the subject matter before the date of the prior art disclosure, see 102(b)(1)(B) (USPTO 2013).