Articles Posted in Internet Law

Published on: | by

Cloud computing is subject to certain complexities due to the interplay of international organizations, international users, and Cloud Computing Service Providers (collectively “CCSPs”). In essence, the owners, operators, and users of CCSPs may be subject to both national and international laws.  Furthermore, as recent events have indicated, they may face risks when it comes to data privacy and security.

What does international law mean for cloud computing?

The authority that each state has in regards to jurisdiction is a grey area. For example, the Permanent Court of International Justice considers states as having no restriction on exercising jurisdiction on other states. This is the case, unless there is a prohibition under international law. For the most part, international law is considered private law, which revolves around contractual provisions. On the contrary, organizations like the European Union, which regulate cloud computing, operate under public law. For this reason, cloud computing falls under both public and private laws. Because of this, it is difficult to coin cloud computing as a public structure for the purpose of protecting against CCSPs.  Additionally, the Restatement of Foreign Relations Law, Section 403, affects jurisdictional issues. This section provides that “a state may not exercise jurisdiction to prescribe law with respect to a person or activity having connections with another state when the exercise of such jurisdiction is unreasonable.”

Continue Reading ›

Published on: | by

Security issues related to cloud computing must be dealt with carefully because of the legal uncertainties that surround its regulation.  At this time, the European Union and the United States deal differently with cloud computing and its security.

What methods are used to deal with cloud computing security issues?

Security issues can be dealt with by breaking them down, which is how the United States approaches them. The European Union, on the other hand, prefers to directly control cloud-computing issues. In the case of the European Union, all states must be in agreement about regulations in order for them to become rules. However, when specifically evaluating the United States, the Stored Communications Act (“SCA”) proves to be an issue. Because the SCA is a subpart of the Electronic Communications Privacy Act (“ECPA”), certain transactions within cloud computing fall separately under the statutes.  This is significant because only certain classifications of stored data are protected by the SCA. Thus, different data transmission processes have varying levels of protection. Because the ECPA was drafted in 1986, it is outdated, and brings concerns about data security. Additionally, security concerns exist when it comes to the power of the federal government in regards to data, especially in the hands of the Department of Justice or National Security Agency.

Continue Reading ›

Published on: | by

Cloud computing is a service that is offered by service providers and allows for large amounts of information to be stored in virtual servers.  These organizations are referred to as Cloud Computing Service Providers (collectively “CCSPs”) and operate within the “cloud.”  They are able to operate on a global scale, which makes their activities subject to international laws and places their users at the risk of loss of privacy.

What steps have been taken to protect user data?

In general, users of cloud computing relinquish their data, which may include confidential information, in order to store large amounts of information. Thus, CCSPs must be careful to protect privacy according to industry standards. The failure to establish proper safeguards may result in legal action by private individuals or governmental agencies (e.g., Federal Trade Commission). However, due to the security risk that users face by storing their data, governments have taken active roles in protecting against information loss. For example, the European Commission has instituted a Data Protection Directive.  The purpose of this directive is to to give citizens control over of their personal data and to simplify the regulatory environment for business.

Continue Reading ›

Published on: | by

The New York State Court of Appeals recently upheld a lower court’s verdict against Facebook’s claim that it had legal standing to challenge search warrants on behalf of its members. Facebook claimed that it had the ability to challenge search warrants that it saw as illegal before the warrants were executed. This verdict is considered a major setback for companies that seek to increase internet privacy.

What were the claims?

Facebook claims that, as an online entity which stores customer information, it had standing to contest search warrants brought to obtain information about its users, including, private personal messages and photographs. The company made the argument that search warrants for electronic information are different from a physical search of someone’s home. Someone else at a company has to do the searching, not the police, and more private information is accessible than would be found through a search of a defendant’s home. Therefore, Facebook claimed that the warrants served on social media companies are more like civil subpoenas for records and should be able to be challenged in court. Facebook also claimed its right to contest the warrants under the federal Stored Communications Act, but the court held that it had misinterpreted the law, which only applied to subpoenas and court orders. Although, the five-judge panel expressed concern over the scope of the search warrants and the large amounts of warrants executed, versus the small amount of those charged with a crime, however, it held that federal and state laws specify that the only person who can challenge a search warrant is the defendant.  In general, the challenge takes place at a hearing before the trial court.

Continue Reading ›

Published on: | by

In recent years, with lawyers and their clients calling for alternate methods of dispute resolution, the discovery of electronic documents has become more difficult to manage.  In fact, this dilemma is due to the expansive nature of technology and related software and hardware platforms.  As such, it has increased the costs and burdens of litigation.

What is Arbitration?

Arbitration came about as an alternative method to resolve litigation. It exists as a way to provide a way for the parties to resolve their disputes before trial. An arbitrator is granted the authority to ask for electronic data to be presented in a case. Although, arbitration is cost effective, however, flaws exist regarding the scope of electronically-stored information that may be discovered during litigation. Due to the large amount of electronically stored information, arbitral institutions like the International Institute for Conflict Prevention and Resolution (“IICPR”) have proposed guidelines for discovery.

Continue Reading ›

Published on: | by

In recent times, the concern over the distribution of, and access to, users’ data on the web continues due to rising cyber activity. This has lead to an increase in Internet-related class action lawsuits.

What are the different types of class action categories?

One category of class actions relates to the use of internet cookies, which are utilized by websites and applications to obtain information about users’ activities.  These files are saved on a user’s hard drive, so the host server gains access to certain information (e.g., user’s identity and recent transactions). “Zombie cookies” have become a concern leading to class action lawsuits, as they cannot be deleted and lead to online surveillance of users.  Online advertising has also become a source of class action lawsuits, as third-party advertisers have teamed up with websites to use cookies without consent.  As a result, online behavioral advertising is created based on a user’s browsing history in order to create relevant advertisements, which may violate privacy policies.  Another category of class action is brought when a company website violates its own terms of service or privacy policies, sometimes leading to breached databases. The last category has to do with information contained on social media platforms.  As a general matter, user profiles on social media platforms (e.g., LinkedIn, Facebook) yield a large quantity of information.  These social media platforms create user profiles that are shared with third parties such as advertising firms.

Continue Reading ›

Published on: | by

In general, harassing phone calls are distinguished from unwanted phone calls based on obscene or threatening language used to intimidate or scare the recipient. A phone call must hold malicious intentions in order to be classified as harassment punishable under California state laws.

What makes telephone calls a crime in California?

Under California Penal Code 653m, certain elements of a telephone call can lead to liability for criminal activity. The first element is the act of making a telephone call or electronic communication. This can be done via telephone, smartphone, computer, pager, or recorder, among other communication devices. This means that forms of electronic harassment could include text messages, phone calls, emails, faxes, picture messages, video messages, or voice recordings. A defendant can be accused of violating Penal Code 653m even if he/she was not the one to initiate the call. A violation may exist if he/she requested the electronic communication. The next element is the use of obscene language that is meant to threaten or injure the recipient, his/her family and/or property. This includes repeated calls or communication attempts, regardless of the content. The last element is the intent to harass or annoy a victim. There is no violation if the communication is made with the intention of legitimate business purposes, even though certain business calls might seem as nuisance.

Continue Reading ›

Published on: | by

In general, computer crime is a term that covers a variety of crimes involving internet or computer use that may be prosecuted under state or federal laws. Because of the rise in computer crimes, California state laws include provisions that prohibit these violations. In addition, other states have passed computer crime statutes in order to address this problem.

What is a computer crime?

An individual who accesses a computer, computer system or computer network and alters, destroys, or disrupts any of its parts is considered a perpetrator of computer crime. The charge is selected based upon the intention of unlawful access. Hacking is the breaking into a computer, computer system, or computer network with the purpose of modifying the existing settings under malicious intentions. Unlawful or unauthorized access means that there is trespassing, storing, retrieving, changing, or intercepting computer resources without consent. Viruses, or other contaminants, include, computer code that modify, damage, or destruct electronic information without the owner’s permission. This often disrupts the operations of a computer, computer system, or network. As such, Congress enacted the Computer Fraud and Abuse Act in order to regulate computer fraud and to expand laws against it. This federal statute provides that “whoever knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period” shall be punished accordingly.

Continue Reading ›

Published on: | by

On June 1, 2015, the Supreme Court of the United States ruled in favor of Anthony Elonis in Elonis v. United States, regarding free speech limitations as implemented via social media platforms. This ruling was the first time the Supreme Court raised implications of free speech related to social media.

Under what circumstances was Elonis indicted?

Anthony Elonis was convicted on four separate counts for postings on social media, specifically Facebook. The federal statute he was convicted under, 18 U.S.C. § 875(c), states as follows: “Whoever transmits…any communication containing…any threat to injure the person of another, shall be fined under this title or imprisoned not more than five years, or both.” Elonis sparked concern after posting graphic threats involving the rape and murder of his ex-wife, detonation of bombs in the presence of law enforcement, and shooting up an elementary school, all under an alias. Elonis did not dispute that the statements were posted, but declared that they were merely expressions of his frustration. He claimed that the trial court incorrectly instructed the jury on the standard of a “true threat” in which the expressions were interpreted as more serious under the context.

Continue Reading ›

Published on: | by

The modern day business model is shifting towards cloud computing and Software-as-a-Service (“SaaS”) agreements. This new trend allows customers to treat licensing costs as expenses that can be paid over time. SaaS also provides a solution to bug fixes, glitches, and the updating of licenses simultaneously. With the shift to cloud computing, developers are no longer required to provide a platform on which their own application runs.  However, confusion exists about the differences between software licensing and SaaS agreements.

What is the difference between software licensing and SaaS?

A software-licensing model involves the software company to offer a software program in the form of an electronic download or CD-Rom. This software then must be downloaded, installed, run, and operated on hardware before being used by one or more users. This software may be installed on hardware.  It often offers services like training, maintenance, and technical support. On the contrary, in the SaaS model, the company does not make a physical product. It only makes the product accessible through “the cloud” which acts as a hosting platform. One or more users can still access the product, but it must be done through cloud computing services.  As such, external services are not provided because they are expected to be included as part of the hosting platform’s service and support experience. As a result, SaaS acts as a service subscription model and not a physical product.

Continue Reading ›