Articles Posted in Internet Law

Published on: | by

This year saw the data breaches of Sony Pictures, Ashley Madison, and Experian Credit Bureau. The increasing commonality of data breaches has prompted the federal and state legislatures to review their data breach notification laws.

What is a data breach?

A data breach occurs when an unauthorized user (i.e., hacker) accesses sensitive personal identifiable information. The hacker then copies the confidential information and uses it as he or she sees fit.  Often times, the personally identifiable information is used to commit identity theft and fraud.  This information can include, names, telephone numbers, email addresses, credit card numbers, or social security numbers. The target of these breaches can be businesses, financial institutions, and health care institutions.

Continue Reading ›

Published on: | by

The case of Eagle v. Morgan is about an employer’s access to employee’s social media account. This case highlights the importance of companies having social media policies to address the ownership of social media accounts during and after employment.

What is the case about and how does it affect your rights?

In Eagle v. Morgan, the plaintiff (i.e., Linda Eagle) had founded the company Edcomm, Inc. (“Edcomm”) and remained an employee when she sold her shares to Sawabeh Information Services Company (“SISCOM”). While employed at the company as CEO, Eagle’s coworker recommended creating a LinkedIn account for marketing purposes. Although, the business would occasionally become involved in the social media account’s content, and Eagle used her company email address, however, she was individually bound by the User Agreement and had made connections through her own efforts. Edcomm did not require its employees to have social media accounts and had only limited guidelines in place regarding employee use of LinkedIn. When Linda Eagle’s employment was terminated, the question of who owned the social media account became an issue. Edcomm changed Linda Eagle’s password by using her former company email address and replaced her name with that of her new replacement, i.e., Sandy Morgan.  Linda Eagle sued Edcomm and multiple defendants in the United States District Court for the Eastern District of Pennsylvania. She claimed that this was an infringement of the Computer Fraud and Abuse Act and Lanham Act, as well state laws against invasion of privacy by misappropriation of identity, conversion, civil conspiracy, civil aiding and abetting, tortious interference with contract, unauthorized use of name in violation of Pa. C.S. § 8316, misappropriation of publicity, and identity theft under Pa. C.S. § 8316.

Continue Reading ›

Published on: | by

From a practical perspective, transactions that occur over the Internet can face similar issues that regular business transactions may encounter in their daily operations.  However, e-commerce transactions have the added problems associated with cyberspace laws.  It is nearly impossible for a business to be successful these days without having a website. Although, not all websites actively conduct business over the Internet, however, e-commerce related issues and disputes may arise from having an online presence.

What issues and disputes face e-commerce transactions?

E-commerce transactions have created a new environment for companies that conduct their business on the Internet.  For example, contractual and non-contractual issues, such as free speech, consumer protection, and competition laws now face businesses that ship products, provide online goods/services, and use the Internet for marketing.  Therefore, conducting business online involves unique legal concerns that is distinct from traditional business models.  In sum, the concerns are centered on privacy, security, and regulation.

Continue Reading ›

Published on: | by

The phrase “e-commerce transactions” invokes thoughts of a complicated and technical phenomenon.  In fact, many people partake in e-commerce transactions every day.

What is an e-commerce transaction?

An electronic commerce (a/k/a “e-commerce”) transaction involves a commercial transaction that takes place over the Internet. So, any trading of products or services over any electronic network, including, but not limited to, the Internet, is considered a part of e-commerce. The e-commerce transactions covered by the term include, business-to-business, business-to-consumer, consumer-to-consumer, and consumer-to-business.  There are three categories of e-commerce transactions. There are agreements with: (1) Shrinkwrap terms—when a tangible product is delivered to a physical address usually in shrinkwrap or clear packaging; (2) Clickwrap terms—in which a digital product is delivered over a network (e.g., e-book); and (3) Browsewrap terms—when terms are agreed to in order for a consumer to access and use a website.  However, e-commerce does not always involve actual money.   The transaction can involve e-cash, digital currencies (e.g., Bitcoin), or services.

Continue Reading ›

Published on: | by

The Internet of Things (“IoT”) is the network of electronic devices that communicate with each other via the Internet without human intervention.  It has caused concerns regarding security since vast amounts of unsecure electronic devices are being used to send and receive information. Furthermore, the data breaches that lead to the loss of privacy have become more common as the Internet is used to connect electronic devices via private and public networks.

What is the proper security level for electronic devices?

Electronic devices that connect to each other over the Internet were created to transfer information, but were not originally designed with proper security features. What is the proper security level when electronic devices are interconnected? In order to avoid unauthorized access, security precautions should be implemented within the electronic devices and computer networks. For example, firewalls, encryptions, intrusion detection systems, and multi-factor authentications should be implemented as preventive and reactive measures. The electronic devices—which are accessed via the Internet—should be segmented into their own network and include network access restrictions.  Also, consumers should change the default passwords on smart devices and implement strong passwords.

Continue Reading ›

Published on: | by

A quantum computer is a highly-advanced computer system that works exponentially faster than today’s conventional computers. Quantum computing is the practice of studying quantum computers and their potential. This practice is growing and has caused the rapid decrease in the size of computers at the same time as these systems are rapidly increasing in their capability. However, quantum computers are still being developed and have not yet become accessible.

What is a quantum computer?

A quantum computer is an advanced computer system. Quantum computing studies theoretical computation systems which use quantum-mechanical phenomena (e.g., superposition, entanglement) to perform data operations.  While the average computer’s memory is made up of bits, a quantum computer’s memory is made up of qubits.  A regular computer saves information in binary form using zeroes and ones, which are called bits. These strings of numbers, which are comprised of 0s and 1s, create codes that instruct the computer on how to proceed. However, a qubit in a quantum computer is a particle (e.g., atom, electron, photon) which is manipulated to store information. It is a two-state quantum-mechanical system, such as the polarization of a single photon, which can be vertical and horizontal polarization.  So, the particle is manipulated in its quantum properties, like its spin or polarization, and can have multiple properties. Because of the flexibility and variation of qubits, more information can be stored on a quantum computer. Most importantly, information can be processed at an exponentially faster rate. For example, a problem that would take a conventional computer several minutes to solve due it its complexity, could be solved in less than a second by a quantum computer. This is because today’s conventional computers must go through each problem one step at a time, where a quantum computer has the ability to solve multiple problems instantaneously.

Continue Reading ›

Published on: | by

Class certification can be a complicated issue that does not just rely on fulfilling the usual requirements. For example, in Gass v Best Buy Co., Inc., an issue of fact had to be determined in order to confirm the class action certification.

What was the court’s decision in Gass v. Best Buy Co., Inc.?

Gass v. Best Buy Co., Inc. was a class action that failed due to the way plaintiffs’ claim was brought.  In this case, multiple parties brought separate lawsuits against Best Buy claiming that its practices were against the Song-Beverly Credit Card Act. The claimants then merged their claims. The “class” claimed to be representing [a]ll persons from whom Defendant requested and recorded personal identification information in conjunction with a credit card transaction… and a subclass of those who were asked for their information relating to the pre-enrollment . . . in Defendant’s Reward Zone program in conjunction with a credit card transaction.” The Song-Beverly Credit Card Act says that companies may not request or require, as a condition to accepting the credit card, the cardholder to provide personal identification information. The practices in question were: (1) when employees asked customers for additional information if they agreed to be in the Rewards program; (2) when customers were asked for their phone number if they forgot their member cards; and (3) if a card failed to swipe on a charge over $100, the customer would be asked for a zip code in order to look up his/her information. First, the court determined that these requests for identification were not illegal. Second, since the requests for information were not a violation, the court ruled that plaintiffs could not be certified as a class. This was because the definition of those affected was overbroad and included customers who may not have suffered any violation. The court ruled that, if the plaintiffs wished to pursue a specific violation, each could proceed individually.

Continue Reading ›

Published on: | by

The Internet of Things (a/k/a “IoT”) functions through smart devices that communicate with each other and collect data without human interaction. These devices include smart cars, smart homes, smart hospitals, smart highways, or smart factories.  However, the lack of security protecting information is creating privacy concerns as data is collected by companies and shared with third parties (e.g., marketing firms, governmental agencies).  Also, the smart device can be accessed without authorization (i.e., hacked) by third parties and its information can be used for various illegal purposes.

What is the Internet of Things and what private information does it hold?

According to the Organization for Economic Cooperation and Development (“OECD”), one of the Fair Information Practice Principles is the collection limitation of personal data. Stated otherwise, data should be collected with the owner’s consent, through fair and lawful means, and should be limited.  The OECD has issued its guidelines that are considered as minimum standards for the protection of privacy and individual liberties.  From a practical standpoint, these principles (and relevant guidelines) should be uniformly enforced in the United States and other countries.

Continue Reading ›

Published on: | by

The term “fraud” invokes the same general meaning whether applied to acts on the Internet or in more traditional forms. The difference with Internet fraud is that it occurs on the web and the number of people who may fall victim to the same violation. This situation lends itself to class action lawsuits due to large numbers of consumers alleging the same harm against the same defendant.

What is Internet fraud?

The term “Internet fraud” includes a wide range of actions.  In general, “fraud” is defined in Black’s Law Dictionary as “[a] knowing misrepresentation or knowing concealment of a material fact made to induce another to act to his or her detriment.” Therefore, incidents such as emails promising money or misrepresentations in website’s terms of use are considered fraud. Under California law, a plaintiff must show that: (1) a misrepresentation occurred; (2) defendant knew the information was false; (3) defendant had the intent to induce reliance; (4) plaintiff relied on the false information; and (5) reliance was the cause of damages to plaintiff.

Continue Reading ›

Published on: | by

Although, most people may think they understand what a class action is, however, the reality is more complex. A group of people cannot just bring a class action without following specific procedures. Notwithstanding the procedural impediments, however, in recent times, more class actions have been filed as the Internet is used as a primary source of communications, research, and transactions.

What is a class action lawsuit?

A class action is brought by a large group, usually under the name of one of the claimants or plaintiffs. In fact, Rule 23 of the Federal Rules of Civil Procedure clarifies when and how a class action can be brought to federal court. First, the class must be so numerous that joinder of all members is impracticable. In the past, classes have been certified with as few as 35 members, but normally there are large number of individuals in the class. Second, there must be questions of law or fact common to the class. One or more persons who are members of the class may sue or be sued as representatives of everyone in the class if their claims or defenses are typical of the claims or defenses of the class, and if they will fairly and adequately protect the interests of the class.  These four basic requirements are often referred to as numerosity, commonality, typicality, and adequacy of representation.

Continue Reading ›