E-commerce

Internet Commerce and GDPR

Published on: November 6, 2017 | by Law Offices of Salar Atrizadeh

In general, internet commerce transpires on the national and international levels. Naturally, data protection is an important concern for private and public agencies. The European Union’s remaining members are currently in the process of another process to protect data with the “General Data Protection Regulation” (GDPR) set to take effect next year. This differs from the previous Privacy Shield in some respects, as it is broader, and expands beyond the European Union and deals with any individual that may have a shred of a connection to the European Union. So, what is GDPR? What does it require? Also, what are the consequences for non-compliance?

What is the GDPR?

The GDPR grants the following as rights to a data subject (i.e., a user): breach notification; right to access a copy of personal data free of charge in electronic format; right to be forgotten; data portability, allowing transmission to another provider; privacy by design for systems; and data protection officers in cases where constant monitoring of data subjects on a large scale may occur, or for special categories of data regarding criminal convictions.

Cryptocurrency and Bitcoin Split

Published on: July 31, 2017 | by Law Offices of Salar Atrizadeh

Now, aside from Bitcoin and other digital currencies spawning from video games and consumer-oriented companies, it’s important to be aware that there are other types of digital currencies or so-called “cryptocurrencies.” These operate more similarly to Bitcoin in how they generally lack a centralized system that assigns value (compared to other digital currencies like virtual item trading where the items are managed by a company) and has a similar mining protocol allowing individuals to mine the currency. Indeed, even Bitcoin had a “split” changing from one cryptocurrency to two. Why are there even alternatives? What features does one cryptocurrency have on the other? How should one evaluate the choice to enter a cryptocurrency market?

Bitcoin’s Split

In order to make Bitcoin more accessible, the system administrators for Bitcoin and other individuals prominent in the community underwent a “split” of the currency, as well as other changes to increase the speed of transaction verification. Due to the limits put in place to make Bitcoins scarce and limit the supply, the effective limit had placed a curb on growth. In response, some users chose to take a split after starting in August of this year to create a new cryptocurrency working mainly on the same system as Bitcoin, but with the ability to convert it to “bitcoin cash” and a faster mining and verification process. This would mean that Bitcoin cash would have a lower face value than Bitcoins, as they would be more plentiful. However, this would also make it potentially less secure as the blocks would grow in maximum size, and it would have a shorter history compared to Bitcoin.

What Is A Virtual Currency?

Published on: July 24, 2017 | by Law Offices of Salar Atrizadeh

The legality of certain virtual currencies can be murky. While some currencies, like Bitcoin, can be readily traded for goods and services, however, other virtual currencies remain where regulation is more questionable. To that point, the curators of digital economies have hired economists to better model the value of these digital commodities, creating a sort of virtual currency by accident. However, the ecosystem behind these virtual currencies has exploded and led to new questions regarding their use and potentially illicit activities. So, what are these virtual commodities? How did they gain value? What is being done to curtail the murkier aspects?

What are these virtual currencies?

A good example of these virtual currencies comes courtesy of Valve, a company that both creates and distributes video games. For the purpose of creating more income for some of their “free-to-play” games, random prizes are given out, and can be earned in-game, and later resold via its platform. These items generally have no in-game function, and merely provide an aesthetic value. For a select few Valve games, these items can then be exchanged between players, or for currency in Valve’s store. In essence, the items can function much like tickets in an arcade, or more concerning, poker chips in a casino. Other games have similarly created digital currencies that can be shifted easily from a “real” currency to something that can be used (though not necessarily benefit) the person in game.

Bitcoin: The New Trend

Published on: July 17, 2017 | by Law Offices of Salar Atrizadeh

Bitcoin is a cryptocurrency that has been in the news and in conversations recently for various reasons. While not all retailers will take Bitcoin, and there are fairly good reasons not to, but the cryptocurrency has really taken off. However, despite how much the word “Bitcoin” is used, the nature of the virtual currency provokes a sort of air of mystery. Unless one researches how to find or buy it, it remains a type of investment that is more exotic than what is commonly available to consumers. Why is Bitcoin so expensive? How does one find and buy a Bitcoin?

Why is Bitcoin expensive?

To properly explain Bitcoin, it’s important to restate one of the fundamentals of economics. The value of a commodity is determined by supply and demand. When it comes to currency specifically, this translates to “the more common and easily- obtainable the currency is in the market, the price will become less in the market.” This is what’s referred to as “inflation.” The purchasing power of a currency goes down because there is more of that currency.

Current Status of Net Neutrality

Published on: June 5, 2017 | by Law Offices of Salar Atrizadeh

Net Neutrality is the principle that Internet Service Providers (ISP) and the government should treat all web-related traffic equally regardless of the source. If there was no net neutrality, companies would have the ability to purchase priority access to the ISP customers. Larger and wealthier companies (e.g., Google) would be able to pay the ISPs to provide customers more reliable access to their websites instead of to competitors’ websites. This would negatively impact any new start-up service that would not be able to purchase a priority access.

On February 26, 2015, the Federal Communications Commission (FCC) voted to enact the “strongest net neutrality rules in history.” Millions of Americans contacted the FCC, called their Congress members, and wrote to the White House to express their support. Although, this decision was a bold move in favor of net neutrality, but more changes may be coming soon. This 2015 Rule meant that ISPs cannot block access to any websites and they cannot interfere with website loading speeds. This rule also banned paid prioritization, which means that ISPs are not able to give preferential treatment to websites that pay an additional fee.

On January 23, 2017, President Trump selected Ajit Pai to lead the FCC as the new Chairman. This Chairman has a record of previously promising to undo the 2015 landmark decision. Then on May 18, 2017, the FCC, led by Chairman Ajit Pai, voted to propose a review of the 2015 rules. Mr. Pai holds the opinion that the 2015 FCC rules are a “bureaucratic straitjacket” on the ISPs. The new FCC proposal, which is called “Restoring Internet Freedom” contemplates whether to undo the legal approach that enforced those rules and whether there was anything that warranted the rules in the first place.

Facebook v. Power Ventures: Unlawful Access To Computer Networks

Published on: March 27, 2017 | by Law Offices of Salar Atrizadeh

After this month’s discussion on the statutes that prohibit the unauthorized access of email accounts and digital assets, one might wonder how these statutes may apply in a case. However, in the lengthy saga of Facebook v. Power Ventures, the Ninth Circuit issued a determination giving a bright line example of what would not be permissible under the law. So, how did Power Ventures violate these unlawful access laws? How did they attempt to move around the laws? What was Facebook’s argument, that has thus-far prevailed in the courts?

Case History

This case focuses on Power’s use of Facebook through the actions of other users. Power, a type of social media aggregator, would allow users to “link” Facebook, Twitter, and other social media accounts to permit control from a single website. From there, Power would “scrape” data under the permission of the Facebook users. However, this was against Facebook’s terms and conditions. Power would also invite users to invite others in spam-like messages, as well as deploying bots. This ultimately resulted in an IP-based ban against Power. Yet, Power evaded those bans and defied a cease and desist letter, prompting Facebook to sue based on CAN-SPAM, Penal Code 502, and CFAA.

Ransomware: Does A Tort Claim Apply?

Published on: February 20, 2017 | by Law Offices of Salar Atrizadeh

In our last blog post, we mentioned eBay, Inc. v. Bidder’s Edge, Inc. While the case wasn’t related directly to ransomware, it creates an important precedent for tort liability. Specifically, it supports the idea that common law torts can be carried out and applied in the digital world. So, what does eBay give us as a legal theory? How might it get applied to ransomware in a hypothetical case? What is the likelihood of succeeding on such a case?

Case Analysis: eBay, Inc. v. Bidder’s Edge, Inc.

In this case, eBay sued Bidder’s Edge for the use of a type of program known as a “spider” or “bot.” These programs would automatically go to eBay, search for information, and repost it on Bidder’s Edge. The purpose of this was to allow others to get better ideas of what to bid on items by searching multiple auction sites. While there were negotiations to allow Bidder’s Edge to access eBay, however, the negotiations broke down, and ultimately prompted the lawsuit.

What Is the Future of Internet of Things?

Published on: October 24, 2016 | by Law Offices of Salar Atrizadeh

So, where do we go from here? After the Internet of Things was effectively used as a way to crash various online stores and services, it leaves us with the question of how can we fix this gaping hole in our security that would allow this new technology to continue to exist without causing further risk? As mentioned last week, the most likely solutions are either in the private sector, through consumer choice and manufacturer investment, or through government action. What actions should individuals take? What is the government doing now? What might the government do in the future?

What is the private sector currently doing?

The private sector is not doing much at this time. While consumers could demand more secure smart devices, the focus of the demand for these devices tends to be towards their functioning. In general, less sophisticated consumers buy smart devices for the sake of convenience, with security being a distant thought when compared to the more sophisticated consumers. These smart devices, like any other internet-connected device, occasionally need security updates to remain resistant to online bugs (i.e., malware). So, as the world becomes smarter, this technology will need to adapt and advance, accordingly, in order to mitigate the risks. Yet, without some motive to do so, it’s less likely that resistance to the botnet will emerge, and it may be due to the government’s intervention.

Can Internet of Things Be Misused?

Published on: October 17, 2016 | by Law Offices of Salar Atrizadeh

In recent years, we have all heard the expression before, but how does someone really “break the Internet?” Recently, an incident arose where a large network of electronic devices joined together resulting in a major interference with online businesses and services. Amazon, Netflix, and Yahoo, were hobbled temporarily due to various flaws in the Internet of Things. This flaw allowed individuals to create what’s known as a botnet, to launch a massive DDoS attack to effectively shut down services. So, how would we prevent a similar incident from occurring? Should you be concerned about your smart devices? What about your websites and online services?

How did the Internet of Things become weaponized?

As it stands, the Internet of Things, which comprises of smart devices that connect online for the convenience of individuals, became weaponized against service providers, and created a “botnet.” Effectively, some type of malware was downloaded onto these smart devices prompting them to send requests to certain websites. When these websites become overwhelmed by the requests, it resulted in websites crashing, or becoming generally unavailable to the users. Here, one might wonder how, but the real answer was due to a lack of knowledge, training, and security. Unlike regular computers, tablets, and cellphones, smart devices do not always have the capability for security updates. With this, even for those devices that might be on a more secure network, the Internet of Things still entails those devices being connected online. This makes them vulnerable to more pinpointed attacks. From there, the controller of the botnet can use the Internet of Things to launch the DDoS attack and crash a network.

Internet of Things: Is It Safe or Dangerous?

Published on: October 10, 2016 | by Law Offices of Salar Atrizadeh

As it stands, the Internet of Things can be a dangerous proposition. Due to various hacking techniques, like rubber ducks, pineapples, and pivoting, one must wonder, if it can be hacked into, and if so, then what can we do about it? What about cars, planes, trains, and power plants? To this point, the U.S. Government has launched the Cybersecurity National Action Plan or CNAP. The idea is to add more information and resources into the system, increasing the amount of resources to help build up cybersecurity and investing resources into security measures. So, what is the government doing with CNAP? How might this help a business? How might this help individuals?

What does CNAP do?

It’s a set of guidelines and goals that the Obama Administration has implemented to help build the cybersecurity network, protect against attacks on the Internet of Things, and the general national network as a whole. The first, and easiest way it plans to do this is through the 2017 budget, allocating approximately 19 billion dollars for cybersecurity, up by 35% from the previous year’s budget. It also incorporates and promotes other existing goals and changes, such as the BuySecure Initiative requiring credit cards to incorporate smartchips, and making large businesses use the smartchip option rather than the traditional magnetic strip. CNAP also incorporates other ideas, such as multifactor authentication, identity for Federal Government digital services, training for small businesses, and relaunching identitytheft.gov. Therefore, it is less of a new initiative, but rather a continuation of previous actions.