Articles Posted in E-commerce

Published on: | by

Any company conducting e-commerce with consumers in the United States must follow the applicable U.S. Internet laws. Otherwise, the company and its managers may face civil liability and criminal prosecution for violating U.S. laws. However, in the event that a business’s website is also accessible internationally, that business may also need to comply with applicable international Internet and business regulations.

Online businesses should be aware of issues relating to contracts, intellectual property violations (e.g., patent, trademark and copyright), email, spam, antitrust, privacy issues, affiliate marketing programs, online fraud, cyber piracy, cloud computing, cybersquatting, compliance and regulatory actions. For example, if a business uses an image or text on its website, it must ensure that doing so does not violate any copyright or trademark laws.

There are also jurisdictional considerations affecting websites in American and international markets. Different countries have different approaches for determining whether respective courts have jurisdiction over Internet material. Generally, jurisdictional considerations will take into account the physical locations of parties. Although, a website is not a physical being, it nonetheless maintains a physical presence in its operations. As such, an Internet transaction over a website may implicate three different jurisdictional laws: (1) the laws that apply to the user’s physical location, (2) the laws that apply to the server’s physical location, and (3) the laws that apply to the business’s physical location. In the event that a business does not maintain any physical location, courts will look to the owner or manager’s location, or the location of any warehouse that helps facilitate business. For instance, websites such as Amazon and eBay may charge a sales tax on an online transaction if such a company maintains a physical presence in a jurisdiction that charges sales tax. In February 2, 1998, in an effort to help facilitate online business, U.S. Congress passed the Digital Signature and Electronic Authentication Law (“SEAL”). SEAL provides for legal recognition of electronic signatures sent over the Internet to complete transactions. As such, SEAL expands online business, making it easier for consumers and merchants to conduct business entirely online.

Continue Reading ›

Published on: | by

The illegal downloads of music and movies, and the corresponding financial consequences for music labels and movie production companies, introduced online piracy to the forefront of newsworthy discussions. Today, online piracy has expanded into an online market that allows criminals to profit from stealing intellectual property (such as patents, trademarks, copyrights) from American owners and selling such valuable property online. Such “rogue sites” are usually located outside of America and organizations are able to maintain these sites by circumventing U.S. laws. The rogue sites will sell everything from movies and music, to medicine and automotive parts. In fact, counterfeit baby food comprises a large sector of the online piracy market, endangering the health and wellbeing of American consumers.

In light of this growing threat to American consumers, and their intellectual property rights, there is a call for more stringent online privacy laws to protect against these threats. Illegal piracy costs America $100 billion and thousands of jobs each year. Accordingly, Congress proposed the Stop Online Piracy Act (“SOPA”) to protect American consumers and American intellectual property. SOPA intends to target foreign websites that manage the sale and traffic of counterfeit products.

However, opponents of the bill have spread misinformation over the Internet to block SOPA’s passage. For example, Google openly opposes SOPA. To that effect, Google paid $500 million to settle a case alleging that Google promotes illegal foreign online pharmacies. The case suggested that these pharmacies pose a health risk for American consumers. Google argues that SOPA will allow for online censorship. Proponents of SOPA argue that the law does not aim to censor the Internet. Instead, this law only focuses on online activity that is already illegal. Furthermore, SOPA only covers foreign websites that are specifically involved in infringing activity. The National Association of Manufacturers, International Union of Police Associations, United States Conference of Mayors, National Songwriters Association, and the National Center for Victims of Crime all support SOPA and its overall purpose. Additionally, both the United States Chamber of Commerce and the American Federation of Labor and Congress of Industrial Organizations have formed a unique bond to support SOPA.

Continue Reading ›

Published on: | by

The news outlets have been reporting that the Chinese have allegedly been hacking into American infrastructures. Assuming this report is accurate, the United States is not equipped to handle the consequences of such an attack. These hackers would possess the power to disable the critical infrastructure in this country, eliminating electricity, gas, water, and all major transit systems. Indeed, earlier this year, both The New York Times and The Wall Street reported that hackers had infiltrated their systems and stolen confidential employee information. The New York Times has further reported that it has been experiencing constant attacks from the Chinese in an attempt to control information that pertains to China. The Ministry of National Defense in China denies any such cyberattack on The New York Times. In light of these recent developments, it has become increasingly important for individuals and businesses to take steps to ensure their cyber protection. By serving California and Washington D.C., the skilled attorneys at the Law Offices of Salar Atrizadeh successfully work on legal matters pertaining to cybersecurity and Internet law.

The former Secretary of Defense, Leon Panetta, has described the scene that will unfold after such an attack as a “cyber Pearl Harbor.” Indeed, these hackers could possess software with the capacity to destroy infrastructure hardware. Such an attack would spread chaos throughout the country for months while the government works to restore its vital systems. Pointing to the failed Cybersecurity Act of 2012, Panetta has called upon the private citizens and businesses to act to secure their cybersecurity. Hillary Clinton, former Secretary of State, confirmed that this was a crisis that required global attention.

These instances of “cyberterrorism” threaten to cause damage far beyond the destruction of 9/11. Mandiant, a cyber-security company based in the United States, traces these cyber-attacks to the People’s Liberation Army, the Chinese military. The efforts in America to make sense of these attacks have not led to any definitive answers. The dangers of cyber-attacks are apparent in the recent attack on Aramco, the Saudi Arabian oil company. The attack consisted of a virus, which destroyed 30,000 Aramco computers, and replaced essential files within the system with an image of an American flag burning. There was also a reported cyber-attack on Telvent (now known as Schneider Electric), an international corporation that provides companies with the network and connections to remotely control power grids, oil pipelines, and gas pipelines. It remains unclear whether the hacking efforts are meant to steal confidential information, or whether the hacking is part of a larger scheme to derail vital American infrastructures. Indeed, the threat may not be limited to the Chinese, but rather part of a greater effort to launch an attack against American cybersecurity. This certainly poses a threat not only for national security, but also for individual cyber-security involving consumers and businesses that compose and participate in the crucial business and technology infrastructures.

Continue Reading ›

Published on: | by

Under the Telephone Consumer Protection Act, commercial entities are barred from freely soliciting customers using a short message service (“SMS”). A SMS typically allows vendors to send short text messages to consumers’ mobile phones. In this case, vendors send text messages to customers, or potential customers, advertising their deals and offers. The Telephone Consumer Protection Act of 1991 (the “TCPA”), codified under Title 47 U.S.C. § 227, limits telemarketers from using automated telephone services to target customers using text messages. Automated telephone services, or auto-dialers, use software programs to automatically send text messages to multiple telephone numbers using a telephone number database. Additionally, where the TCPA allows vendors to solicit customers using text message, it requires these vendors to include identification and contact information in the message. Furthermore, the TCPA and Federal Communications Commission (“FCC”) regulations prohibit such messages between 9:00 p.m. and 8:00 a.m. These provisions require solicitors to maintain a “do-not-call” list and honor the National Do Not Call Registry.

Under the TCPA and FCC regulations, companies may send text messages through an auto-dialer to solicit customers if: (1) the customer has given consent to receive such messages, or (2) the message is sent in case of an emergency. These restrictions apply regardless of whether or not customers have placed their numbers on the National Do Not Call List. According to the FCC, in order to send commercial text messages, companies must obtain written consent from customers. For informational text messages, such as those involving political messages and school information, the FCC only requires oral consent.

However, vendors are drawn to text SMS advertising because it allows them to target customers more directly through cellphones. Nonetheless, companies that violate federal standards against SMS advertising face severe legal consequences. For instance, Papa John’s, the American pizza chain, is currently involved in a class action lawsuit, with a class of customers as plaintiffs, for allegedly sending 500,000 unwanted text messages to customers in 2010. Customers explain they received multiple text messages in a string offering deals for pizza, sometimes in the middle of the night. Since the TCPA makes it illegal to send unsolicited text messages to customers who have not opted to receive offers via text message, the potential award in this case may be the largest recovery under the TCPA. A jury could award up to $1,500 per each text message if it finds that Papa John’s intentionally violated the TCPA.

Continue Reading ›

Published on: | by

In 1998, Congress passed the Children’s Online Privacy Protection Act (“COPPA”) to ensure online privacy for children under the age of thirteen. Under this Act, online operators must obtain parental consent before they begin to collect information about online users under the age of thirteen. The Federal Trade Commission (“FTC”) implements and enforces COPPA. In December 2012, the FTC adopted the first significant amendments to COPPA since the inception of this federal law in 2000.

In 2010, the FTC began to review the terms of COPPA to determine whether changes in the cyber community would require amendments to the Act. The FTC felt that COPPA would potentially require amendments in order to keep pace with the fast-changing nature of the Internet. Before drafting any such amendments, the FTC invited interested businesses and third parties to communicate their suggestions for changes that would help improve this law. After this process, the FTC adopted three significant changes to the Act.

First, the FTC expanded COPPA’s reach to include applications, plug-ins, and advertisement networks that could potentially gather personal information about children under the age of thirteen. Although, this was a controversial addition to COPPA, the FTC was able to compromise by indicating that COPPA will only apply to these online operators if the operator is aware that it is collecting information about children. Next, the FTC expanded COPPA substantially so that it applies to a wider range of personal information subject to the Act’s regulations. Under the 2012 amendments, “personal information” now includes online contact information such as instant messaging usernames, voice over Internet protocol (“VOIP”) identifiers, video chat user data, any other screen names that serve to identify users individually. The Act will also cover “persistent identifiers,” which include IP addresses, profile pictures, or audio files that contain a child’s voice. Finally, the FTC has revised the acceptable means of obtaining parental consent. Pursuant to COPPA, online operators must obtain parental consent before collecting personal information about a child. Under the 2012 amendments, these online operators can now accept consent by a parent’s use of an online payment system, by a parent’s confirmation through video conference with trained personnel, and by verifying a parent’s identification with government-issued identification. These amendments aim to protect children’s privacy in the quickly changing environment of online operators and in light of the constant advancements in the Internet community.

Continue Reading ›

Published on: | by

The proliferation of cloud computing has given rise to increased privacy concerns. These concerns are especially grounded in Google’s new terms of service that allow the company to gather user information and data and release it to government entities upon request, without obtaining user consent. According to these new terms, as of March 1, 2012, Google has been consolidating data on users who access Google and creating a single profile that contains all of this information. Google’s new terms have caused concern with the Electronic Privacy Information Center (“EPIC”), which argues that these terms conflict with an FTC Consent Order that outlined privacy standards for all Google products and services. The order required Google to obtain users’ consent before gathering and sharing personal user information with third parties.

In response to Google’s new terms, EPIC petitioned the Federal Trade Commission (“FTC”) to compel Google to abide by the terms of the 2011 consent order. EPIC brought suit in the United States District Court of the District of Columbia against the FTC, urging the organization to enforce the consent order, and stop Google’s new policy of gathering and storing user information in individual profiles. The court heard EPIC v. FTC in 2012 and ruled that the court lacked the jurisdiction over the FTC to compel it to act according to EPIC’s demands. Nonetheless, the court noted that it had “serious concerns” regarding Google’s revised terms of service.

The National Association of Attorneys General sent a letter to Google on behalf of 36 states, expressing concern with Google’s intention to gather information about users from all products that utilize Google services, such as cell phones, computers, and tablets. This is especially concerning for Android smartphones, which rely heavily on Google systems and products. Users with electronic devices use various Google products, such as Gmail, YouTube, and the Google search engine, in different ways. However, according to Google’s new terms, user profiles would consolidate usage from all such products into a single profile for each user. The Attorneys General also voiced a specific complaint towards users’ inability to opt out of these new terms. According to the letter, the lack of choice poses a severe threat to individual privacy.

Continue Reading ›

Published on: | by

The Americans with Disabilities Act (“ADA”) requires public businesses to provide equal access to their venues for persons with disabilities. Under Subchapter III of the ADA, such public establishments include, among others, restaurants, movie theaters, stores, and places of education. Now, the increases in businesses that operate exclusively online, without a physical location, call the reach of the ADA into dispute.

In June 2012, the United States District Court for the District of Massachusetts decided this issue of first impression in National Association of the Deaf v. Netflix, Inc. The court held that the ADA applies to businesses that operate exclusively on the Internet. The National Association of the Deaf sued Netflix, Inc., arguing that by failing to provide closed captioning for all of its content, Netflix was in violation of the ADA. Netflix, Inc. argued that it was not required to provide disability access to its site because it was not a “place of public accommodation” within the meaning of the ADA. The court based its opinion on the public policy underlying the ADA, which aims to provide equal access to public amenities for persons with disabilities. With the exponential rise in online businesses, the court found that it was within this public policy to allow persons with disabilities to access these sites alongside other members of society. One month later, the United States District Court for the Northern District of California reached the opposite conclusion in Cullen v. Netflix, Inc. In this case, the court looked to its prior decisions and held that the ADA’s reach is limited to public establishments with “physical structures.” These two opposite holdings show that the nature and reach of the ADA, as it pertains to online businesses, has not been solidified yet.

The Department of Justice has reviewed the ADA and provided regulations and guidelines for accessible website designs. For example, business can make their sites accessible to persons with disabilities by adopting a simple page layout throughout the site. This makes it especially easier for visitors with visual impairments to locate information quickly and easily. Websites may also provide transcriptions for any video or audio on the site for visitors with hearing impairments. Finally, websites may improve accessibility for persons with disabilities by inviting such visitors to notify website managers of ways to improve site accessibility. Nonetheless, in the absence of a binding uniform standard for website access, the reach of the ADA towards online businesses is still very much in the hands of courts in their individual jurisdictions.

Continue Reading ›

Published on: | by

Starting an online business requires acquiring many of the same permits and licenses that are generally required for a traditional business. Generally a business, including an “e-business” or a company that operates on the web, requires a business license before it begins to operate. When a city grants a business license, it permits the business to operate within that city. A business license also registers the business for tax purposes.

Certain cities and counties may also require additional permits to operate a business in that location. Different types of businesses also have different license and permit requirements. The California Secretary of State can provide all the requirements for starting a business. Also, certain trades require professional or occupational licenses. For example, contractors, doctors, accountants, real estate agents, and lawyers must all acquire the required license before they may begin to practice. Each occupation has specific procedures and requirements for obtaining the required licenses. The respective licensing agencies provide the standards and procedures for these requirements. Licenses may also be required based on the products the business sells. For example, selling alcohol, firearms, or gasoline requires specific licenses.

Businesses that operate on the Internet may also be required to collect sales tax if the business maintains a physical presence in the state. Without a physical presence, such as an actual store or warehouse, an e-business is not required to charge sales tax. Some states do not have a sales tax or tax exemptions for specific items such as food or clothing. Before a business can sell taxable goods on the Internet, the business must obtain a certificate allowing the business to collect sales tax. In order to properly charge sales taxes, businesses must also be familiar with the appropriate tax rates. Online businesses may use programs that calculate sales tax for each transaction based on the items and applicable rates. Examples of these licensed shopping carts, or e-commerce platforms — include Magento, LemonStand, and IBM WebSphere Commerce. In an effort to improve tax-collecting efforts for businesses, some states have passed the Streamlined Sales and Use Tax Agreement. This Agreement aims to pass federal regulations that will make tax collection across the country more uniform in order to simplify the process.

Continue Reading ›

Published on: | by

Cloud computing offers a revolutionary new way to conduct business over the Internet. This service is a form of cyber-outsourcing where virtual servers provide certain services or applications for consumers online. Cloud computing vendors include, IBM SmartCloud, Cisco Cloud Computing, Amazon Elastic Compute Cloud (aka Amazon EC2), and various smaller vendors. These providers offer a range of services including storage services and spam filtering.

There are various forms of cloud computing available over the Internet. Managed Service Providers (“MSPs”) are the oldest form of cloud computing. A “managed service” is an application such as virus scanning for email or anti-spam services. The most common form of cloud computing is through Software as a Service (“SaaS”), which delivers an application to multiple customers through a browser using a multi-tenant architecture. Customers benefit because they do not have to invest in servers or purchase software licenses. Providers benefit because they are able to reduce costs because they only need maintain one application for their multiple customers. Salesforce.com is a well-known example of SaaS cloud computing, but Google Cloud Storage is a fast growing option as well.

Similar to SaaS computing, some providers offer Application Programming Interfaces (“APIs”), which allow developers to offer certain functions over the Internet without having to offer entire applications. These functionalities range from specific business services to wider-ranging APIs, such as Google Maps. Another version of SaaS computing allows users to develop their own application and offer the application through a provider’s infrastructure over the Internet. The developers are limited by the provider’s capabilities, but the developers benefit from the established predictability. Google App Engine is an example of such cloud computing.

Continue Reading ›

Published on: | by

The technological advancements and the ever-expansive world of cyberspace are in a perpetual state of conflict with individual privacy concerns. For example, a recent research project by the Massachusetts Institute of Technology demonstrates that independent component analysis allows companies to track changes in pulse by the subsequent change in skin color that is readily visible through a video signal. In addition, employers, credit agencies, and health insurance providers can now purchase indexes that contain consumer profiles based on individual consumer’s browsing history, site membership, and online purchases.

The Federal Trade Commission has issued a report that proposes the steps companies can take to ensure optimal protection of consumer privacy. The report, “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers,” urges companies to incorporate privacy protection in every stage of their products, provide a mechanism against online activity tracking, and fully disclose what user information it shares with other entities.

The California legislature has proposed a new bill that would impose new restrictions on social networking sites, which would limit the information available about users. The proposed legislation would allow users to select privacy settings before ever using the site, which limits the sites accessibility. Social Networking sites, such as Facebook, have responded that such legislation would inappropriately burden the sites, in turn devastating cyber-business in California.

Continue Reading ›