Articles Posted in Internet Law

Published on: | by

This one isn’t an April Fools’ prank.  On April 1, 2016, the Federal Communications Commission (“FCC”) announced its proposed rulemaking to create regulation that would bind Broadband Internet Access Service (“BIAS”) providers in the interest of enhancing privacy towards consumers.  This proposal has raised objections from AT&T, Comcast, USTelecom, and the Application Developer’s Alliance, claiming that the ensuing regulations would create a morass of regulation in the privacy sphere.  Yet, the FCC’s regulations are to prohibit the monetization of the information that these providers would have due to the use of their services.  So, what is a BIAS and how could these rules possibly protect privacy?

What is a BIAS provider?

The BIAS providers provide internet service through wire or radio.  The FCC even expands this to any functional equivalents to BIAS providers. Of some note is which entities are not BIAS entities.  For example, companies like Facebook, Apple, and to some extent, Google, would not be bound by the terms here and could use the information that is collected through their services.  This is because none of them actually provide the internet service that their consumers use.  There is some room for Google to be prohibited as it provides internet service in some locations through Google Fiber, but the regulations would only prohibit the information that was gained through the use of its internet services, but not services that it provides towards online consumers.  Thus, Google’s Fiber service would likely be prohibited from using consumer’s personal information, while Google’s YouTube service would not.

Continue Reading ›

Published on: | by

In recent years, the internet has connected the general public across continents.  Notably, it can be expected that data can easily travel across countries in a blink of an eye, without any delay and on a daily basis.  The transfer of data is an important part in business as well.  With any multinational entity, personal data crossing countries is inevitable.  However, each country may have different guidelines that a business must ensure compliance.

Recently, the European Union announced a new change to its privacy laws.  Formerly, it would allow American, and other businesses, to obtain a “pass” for its privacy laws by certifying themselves as compatible for its safe harbors scheme.  This safe harbor scheme requires a business to meet standards for privacy protection.  However, on October 6, 2015, the European Court of Justice ruled that the previous system for allowing corporations to obtain accreditation, and shifting data between the United States and Europe, was improper due to the current intelligence methods in the United States.  This oversight ended the safe harbor provision.

The new rules establish a Privacy Shield register and a free alternative dispute resolution system.  The organizations will have to self certify annually, with verification by the Department of Commerce, and comply with the Privacy Shield framework.  As part of compliance, organizations must provide a response within 45 days and create a no-cost independent recourse system where complaints and disputes will be resolved in a timely manner.  In addition, the European residents will be able to pursue legal action for claims such as, misrepresentation, and the participants must commit to binding arbitration at the European citizen’s request.

Continue Reading ›

Published on: | by

As we discussed in part one of this issue, during the late morning of December 2, 2015, a couple armed with weapons walked into a banquet room filled with people.  At first, the attack was categorized as another mass shooting that ended in a large number of fatalities. As the investigation continued, however, more details emerged surrounding the couple.  The FBI concluded that they were “homegrown violent extremists” that had no connection to foreign terrorist organizations. They were merely inspired by such organizations and committed the attack by their own volition.

During the investigation, the FBI obtained Syed Rizwan Farook, one of the shooters, cell phone. The FBI was attempting to gain access to the information stored on the phone, but the method they employed locked them out. As a result, the FBI asked Apple if they were willing to create a program that would create a backdoor. This backdoor would disable certain security features and allow investigators to access Farook’s phone. Apple, however, refused to do so, citing consumer privacy. The FBI then successfully applied for a court order. The judge ordered Apple to create the software, but Apple filed an opposition. In response to the opposition, the Department of Justice applied its own court order, requesting the judge to require Apple to comply with the first order. The federal judge has yet to rule on the request.

Apple’s Argument

Continue Reading ›

Published on: | by

On December 2, 2015, Syed Rizwan Farook and Tashfeen Malik, walked into a banquet room at the Inland Regional Center in San Bernardino, California, armed with semi-automatic weapons. At the time, the San Bernardino County Department of Public Health was holding a training event and holiday party.  Approximately 75-80 people were in attendance. The couple opened fire, and in a matter of several minutes, killed 14 people and seriously injuring 22 others. The couple left the scene before the police arrived at the crime scene.

Immediately thereafter, law enforcement officials started a search for the couple who left in a black SUV. Based on a tip from one of Farook’s neighbors, officers went to his home and a car chase ensued. The SUV eventually stopped and there was an exchange of gunfire between the couple and officers. The couple was killed in the five-minute exchange.

While investigating the case, investigators found a possible link to a foreign terrorist group thereby ruling it a terrorist attack. However, after FBI investigations, it was concluded the couple were “homegrown violent extremists” inspired by foreign terrorist groups. The investigation stated they were not directed by a particular foreign terrorist group or part of any terrorist cell.

Continue Reading ›

Published on: | by

Product diversion is when an unauthorized seller sells a product outside of authorized distribution channels. The product goes through various unauthorized channels in order to reach the shelves or listings on a website. This is a common practice with high end and expensive beauty products.

The way these unauthorized retailers and e-commerce sites obtain these products often involves reaching out to an authorized seller of the product. For example, many manufacturers have a contract with various salons to exclusively sell their products. These salons, in turn, sell the products per their contract. However, there are salons that work in the gray market. The ones that are in the gray market enter into deals with a third party that offers to buy the items in bulk. The third party then sells the item to an unauthorized seller. The unauthorized seller then sells the items on websites such as eBay and Amazon.

The danger of diverted products going through these unauthorized channels are high for both the consumer and business. For example, products can be tampered with during the process. Products can change bottles, be diluted, and more. It could cause health problems for those who are sensitive towards certain ingredients. It can also be dangerous to businesses because it will hurt their profits. The businesses will lose their cut of product sales from the authorized seller and can receive negative reviews from the public. For example, if a consumer, who has used Brand X body wash for years, buys the Brand X body wash from an unauthorized reseller because it was cheaper on Amazon than in store and has a severe allergic reaction to it, then he/she may be tempted to post a negative review. The problem is that the blame is not on Brand X, but on whoever tampered with the product before it was sent to the consumer. Although, the blame is on someone else, Brand X will receive the negative review that will discourage other consumers from purchasing its product.

Continue Reading ›

Published on: | by

The Internet has become an important aspect in our lives. With the Internet, people can pay bills, make appointments, and buy or sell products.  For example, websites like Amazon, Craigslist, and eBay allow the public to buy and sell products.  So, due to the ease of e-commerce transactions, counterfeiters have found a new medium to sell products.  E-commerce transactions do not require a physical meeting of the seller and buyer, so it becomes easier for counterfeiters to falsely claim they are selling authentic products.

Not only do online counterfeiters affect the public, but they affect businesses as well. Counterfeit items can affect a business’s bottom line. Counterfeit items can cause loss of sales, bad reputation, and loss of goodwill.

A way a business can address online counterfeiting problems is by hiring investigators to locate and identify the online counterfeiters. These investigators are skilled at online fraudulent transactions and can become valuable assets. The investigators create a list of sellers that are known to sell counterfeit items or have the typical characteristics of online counterfeit sellers. These characteristics include selling designer items for an extremely low price on low quality websites. The list is then sent to the business and the business determines whether or not it wants to conduct a sting operation to confirm the counterfeit nature of the seller. If the business decides to conduct the sting operation, then the investigator will set up a purchase, make an inspection, and determine if the goods are actually counterfeit.

Continue Reading ›

Published on: | by

The United States Census Bureau releases statistics for e-commerce activities on a regular basis.  These statistics compare the percentages from previous years in order to show the growth of the e-commerce industry.  So far, the reports have indicated that the rates are rising, and this trend will most likely continue with the widespread use of the Internet.

Dangers of Online Counterfeiting

Although, e-commerce can be viewed as a great addition to the Internet, but it can create problems for commercial entities.  For example, businesses that engage in the online sale of products, are subject to counterfeiting and unauthorized sales by unlicensed sellers.  Auction sites, such as eBay, have come under fire for the sale of counterfeit goods and product diversion. These websites provide a medium that allows users to sell products to other users. Most of eBay’s sellers are consumers, and not businesses, so there is a danger of buying a designer item that is a counterfeit, i.e., fake.   There is also a danger that the seller is selling a product it obtained from the gray market. In general, eBay and similar websites, do not monitor every single item, so it creates a breeding ground for the sale of counterfeit items and unlicensed sales.

Continue Reading ›

Published on: | by

If you have ever been involved in a federal civil lawsuit, you may be familiar with the Federal Rules of Civil Procedure (FRCP).  The FRCP are a set of rules that regulate federal civil lawsuits. The rules address issues from court and party obligations to enforcement of remedies. The FRCP was first adopted by order of the Supreme Court in 1937 and placed into effect in 1938.

On December 1, 2015, these rules were amended. Many of the changes affect electronic discovery (e-discovery). Prior to the internet age, discovery and discoverable evidence were primarily based upon paper transactions.  With the rapid rise of the web, many started to turn to electronic storage of information.  As the data and information-storage landscapes began to change, the rules had to change.

The amendments brought changes to Rules 1, 4, 16, 26, 30, 31, 33, 34, 37, and 55.  The amendments also brought on the abrogation of Rule 85 and the Appendix of Forms. The changes that affect e-discovery are as follows:

Continue Reading ›

Published on: | by

On August 24, 2015, the United States Court of Appeals for the Third Circuit handed down its decision in favor of the Federal Trade Commission (FTC) against Wyndham Worldwide Corporation.  This lawsuit was against the defendant and its subsidiaries for their failure to implement proper cybersecurity measures and protect consumers’ personal information against hackers.  The FTC alleged that defendants did not use encryption, firewalls, and other commercially reasonable methods for protecting personal information.

What was the basis of the lawsuit?

In general, the FTC has the responsibility to protect consumers against unfair and deceptive business practices. These illegal practices could range from false advertising to antitrust issues. The FTC has started to prosecute companies with inadequate cybersecurity to protect consumer data. The companies that made false statements about their level of security in their terms of service also had lawsuits filed against them.  In this case, between 2008 and 2009, hackers breached Wyndham Worldwide Corporation’s network and computer systems three separate times. One incident occurred in 2008 and two occurred in 2009.   The hackers were allegedly able to breach the network due to the use of weak and obvious passwords, lack of response to the first incident, and inadequate monitoring systems.  In one of the instances, it took approximately two months for Wyndham Worldwide Corporation to discover its systems had been accessed without authorization. The hackers successfully accessed personal information of approximately 619,000 consumers and managed to cause $10.6 million in fraudulent charges. Therefore, on June 26, 2012, the FTC brought the lawsuit against defendants.  Their motion to dismiss was denied by the district court and their appeal was heard on two issues in order to determine whether there was a valid claim.  The issues that were raised included: (1) whether the FTC had authority to regulate cybersecurity under 15 U.S.C. § 45; and (2) if so, whether defendants received fair notice that their cybersecurity practices were inadequate under the guidelines.

Continue Reading ›

Published on: | by

The term RFID is everywhere these days. Consumers are seeing RFID blocking wallets, credit card holders, and passport covers as the holidays approach. However, many still do not know what it is and how it is used in their every day life.

What is RFID?

RFID stands for “Radio Frequency Identification” and is a term used to describe technology that makes identifications via radio waves. It is usually discussed in conversations and articles about the Internet of Things because it is a form of automatic identification. The term automatic identification covers a broad range of identification technologies, from bar codes to retinal scans, used by machines to make identifications. The identification of people or objects occurs through the use of microchips that store electronic information. The microchip has an antenna and the information is picked up through a reader using radio waves. The microchip can be as small as a grain of sand and made out of silicone. Although, this technology has been in use since World War II, it has only become widely used in the past two decades as costs have decreased. RFID technology is now used in certain products and businesses. Walmart and other stores use RFID technology to keep track of products and consumer activities. They use RFID to do anything from detecting an item about to be stolen as it exits the door, or trigger cameras when an item is removed from the shelf. Anyone who has ever used the EZ-Pass toll roads has experienced the use of RFID technology as it is used to identify cars with EZ-Pass. Nonetheless, this is just a limited representation of the use of RFID technology to track consumers and products.

Continue Reading ›