Articles Posted in Internet Law

Published on: | by

The smartphone has brought a world of possibility to the average consumer’s fingertips. Now, this has come to include mobile banking. With fast-paced lifestyles and long lines at the banks, mobile banking has emerged as a thrilling convenience. However, this convenience brings cybersecurity concerns. Therefore, consumers who have turned to mobile banking for their financial needs must protect their financial privacy from cybersecurity breaches.

What Is Mobile Banking?

Mobile banking allows customers to access their financial institutions and conduct transactions through their mobile devices. Initially, this began with SMS Banking, which allowed customers to conduct various financial transactions by sending and accepting SMS messages or “texts.” In its most basic form, mobile banking allows customers to access their bank accounts and check on financial transactions. However, as the systems have progressed, customers can now make bill payments, transfer funds, and monitor deposits. Indeed, customers can now manage their investment portfolios and rearrange their investments through a smartphone or tablet. This has certainly increased everyday conveniences. However, it has also contributed to the speed with which finances can shift. Although, customers can review and monitor their accounts faster and more regularly, this also means greater security threats for the underlying financial information. This expansive access may lead to greater unauthorized breaches.

Continue Reading ›

Published on: | by

In a decision released June 25, 2014, the United States Supreme Court held that law enforcement officials could not search a suspect’s cell phone or electronic devices as part of an arrest. In Riley v. California, the Supreme Court maintained that the officials would need to secure a warrant to look through those devices. This holding is especially monumental because it establishes the country’s highest court’s position that electronic devices enjoy privacy protection under the Constitution. Indeed, the Court notes several times throughout the decision that since electronic devices contain so much of users’ most private data, these devices must enjoy a heightened level of privacy.

At the Law Offices of Salar Atrizadeh, we are fully knowledgeable and experienced in the practice of electronic privacy protection for individuals and businesses. Our office handles all civil matters dealing with violations of cyber privacy. Indeed, by speaking to an attorney, you can take precautionary steps to help protect your privacy and personal data.

How Will Riley v. California Impact Individual Privacy Rights?

Continue Reading ›

Published on: | by

The European community has been making great strides to establish and protect individual privacy in the globalized cyber community. On May 13, 2014, the European Court of Justice (“ECJ”) issued a decision that European Union (“EU”) citizens had a right to ask search engines to remove search results about themselves.  The ECJ defined this as a “right to be forgotten.”  Google, which is upset about this holding, has set up a form for users to request information removal. American counterparts, and officials within Google, have expressed concern about the implications of this ruling—both for the search engine and the threat to the flow of information.  Ultimately, the ECJ has established that the right to privacy supersedes the right to information.

What Are the Terms of the 2014 Ruling?

In issuing the decision, the ECJ was enforcing a 1995 EU directive on privacy that defines and regulates search engines as data collectors. European regulators have historically been more concerned with personal privacy than the United States. Accordingly, European government agencies have taken greater steps to enforce protections. Both the EU and members states have adopted provisions to protect privacy and family life. For instance, in 2010, the European Commission declared the right to be forgotten as a foundational aspect of its Data Protection Regulation.

Continue Reading ›

Published on: | by

Early in 2012, the European Commission proposed a reformation of the European Union’s data protection rules.  The European Commission sought to strengthen online privacy rights and improve Europe’s digital economy. The European Commission pointed to expansive globalization and different levels of implementation by the EU’s 27 member states as reasons to seek uniform online privacy rights. Indeed, each member state has different standards of enforcement for the rules. This leads to expensive administrative costs in maintaining and continuing to implement the different standards. The European Commission predicated that a uniform law across the European Union would lead to savings of approximately 2.3 billion Euros a year. In addition, with a clearer set of regulations to govern data protection, the European Commission hoped to instill more confidence in consumers in online services, leading to a growth in jobs and innovations.

What Were the Terms of the 1995 Data Protection Directive?

The 1995 Data Protection Directive was adopted to regulate the processing of personal data among European Union member states. This Directive has a broad definition for “personal data,” including “any information relating to an identified or identifiable natural person.” Also, the standards within the Directive apply only if the entity controlling personal data is established within the European Union or uses equipment located therein. The standards prohibit the processing of personal data without transparency of purpose, a legitimate purpose, and proportionality. In terms of the requirement for proportionality, a controller can process personal data only to an extent necessary to its purpose—it cannot store that data for a potential future purpose.  However, the 1995 Directive fails to take into account the implications of social networks and cloud computing on online privacy.

Continue Reading ›

Published on: | by

Employees, in the course of their employment, will often have broad access to company files.  If employees are terminated or seek other employment, such access can become problematic.  Indeed, companies store sensitive and commercially valuable information on their servers. Employee misuse of these files can substantially weaken a company’s economic viability and threaten its progress.  In a recent court decision, the United States District Court for the Northern District of California held that a former employee who accessed an employer’s servers using his login information was not liable for unlawful hacking. The court explained that the employee had not violated the Computer Fraud and Abuse Act (“CFAA”) or the California Comprehensive Computer Data Access and Fraud Act (“CDAFA”).

What is the holding in Enki Corporation v. Freedman?

According to the record, Enki Corporation had entered into a contract with Zuora to provide certain consulting and information technology services. As part of these services, Enki installed a computer resource and performance monitor on Zuora’s network. Additionally, Enki contracted with Keith Freedman, a former employee, to provide consulting services for Zuora. Enki subsequently terminated its contract with Freedman when it discovered that Freedman was speaking negatively about Enki’s services. Freedman had also accessed the monitor Enki installed on Zuora’s network using his employee login to download Enki’s proprietary information (e.g., private company files and data) from the servers. The court held that this did not violate the CFAA because Enki had failed to show that Freedman accessed the computer system without authorization. Since the CFAA is aimed at regulated access to protected data, not the misuse of such data, where employers lawfully access servers, there is no CFAA violation. As for the CDAFA claims, the court also did not find a violation because Freedman did not have to “hack” into the system because he did not have to override a computer code. He simply logged in using his employee login information.

Continue Reading ›

Published on: | by

Gambling has been an entertaining pastime in casinos for several years. The expansion of the Internet now makes it possible to play casino games online. However, this raises the question of whether online gambling is a legal activity. While federal law criminalizes “betting or wagering” over “a wire communication,” courts have interpreted this differently than the Department of Justice.

What Laws Apply To Online Gambling?

The federal government regulates online gambling activity.  There are several laws that apply to betting and gambling over the Internet. Most importantly, the Federal Wire Act of 1961, does not allow businesses to engage in certain online betting activity in the United States. It is important to note that federal laws can only regulate online gambling activity that takes place in the United States. They do not have the authority to regulate online gambling that takes place entirely in other jurisdictions. Among other laws, Congress also enacted the Illegal Gambling Business Act of 1970, as part of the Organized Crime Control Act of 1970. This Act was meant to target large-scale illegal gambling operations that funded organized crime.

Continue Reading ›

Published on: | by

With the advent of virtual currency, consumers can now conduct entire transactions online without the burden of having to seek a common currency. Bitcoin has spread across the world as a popular form of this currency. In turn, transactions can now take place without switching from one form of currency to another (e.g., conversion from U.S. Dollar to Euro). On March 25, 2014, the Internal Revenue Service (“IRS”) issued guidelines regarding its approach to virtual currency, such as Bitcoin. Under these guidelines, the IRS will treat virtual currency as property, not currency, for federal tax purposes. Accordingly, the tax principles that typically apply to property will now apply to transactions involving virtual currency.

What Is Bitcoin?

Bitcoin is a form of virtual currency.  An unknown individual using the alias Satoshi Nakamoto created Bitcoin in 2009. This virtual currency allows for online transactions without bank issued transactions fees. People store their Bitcoins in a “digital wallet” on a personal computer or on the cloud. This serves as an online bank account, which can send and receive Bitcoins. Then, people use this currency to conduct transactions. However, unlike funds stored in a traditional bank account, the Federal Deposit Insurance Corporation (“FDIC”) does not insure Bitcoin wallets. Furthermore, transactions can now take place entirely anonymously. Online consumers do not have to provide bank accounts or other financial information. Therefore, it becomes nearly impossible to trace transactions using virtual currency. Bitcoin is becoming increasingly popular and more merchants accept this currency for all types of transactions. International transactions can also take place without fees from foreign countries or conversion fees. Consumers can also “mine” Bitcoin, which involves competitions to solve complex computer-based math problems to win additional Bitcoins. Bitcoin is also a valuable investment, with people purchasing Bitcoin to profit from increases in its value.

Continue Reading ›

Published on: | by

In a recent move to impose stricter restrictions on gun sales, Facebook and Instagram recently announced they would be taking down postings for gun sales. Specifically, they will not allow anyone without a background checks to sell firearms through their social media sites. This comes as part of a larger effort to limit illegal gun sales. Both websites will prohibit minors from accessing any posts advertising or selling guns. In the wake of recent gun-related tragedies, gun safety advocates are turning to all possible avenues to prevent future gun crimes.

What Are The Gun Laws in California?

In California, all sales of firearms must take place through a licensed firearms dealer. Even where one owner is transferring a firearm to another owner, the transaction must take place through a dealer.   In turn, dealers are required to test the ability of the buyer or transferee to safely use and handle a handgun. This includes practices such as safely loading and unloading the bullets into a gun. Anyone convicted of a felony, drug addicts, and former mental patients cannot own a firearm. There are also strict parameters that limit the sale of assault weapons and associated parts or accessories. Any resident of California who owns a gun, or anyone who moves to California, is required to register the firearm with the respective state agency. New residents of the state have sixty days to satisfy this registration requirement. California does not recognize permits from any other state. Therefore, even if a recent resident has a permit for a firearm from another state, he or she must re-register the gun. However, several other states do recognize permits from California. Finally, all gun owners must have a Handgun Safety Certificate, which includes a written test that is valid for five years. The test includes laws regarding ownership, use, handing, and carrying of firearms.

Continue Reading ›

Published on: | by

Identity theft and personal privacy are major issues, as more information is available over the Internet and linked together through social media networks.  However, even as early as the 1970s, legislatures were taking steps to protect personal information from public exposure and marketing schemes.  For example, California’s legislature has passed the Song-Beverly Credit Card Act.   In essence, this law prohibits retailers from collecting personal identification information during a credit card transaction from consumers for marketing purposes.  As the market for consumer goods spreads to the Internet, courts must decide how far protection of personal information will extend.

What Are the Provisions of the Song-Beverly Act?

The Song-Beverly Act is intended to protect consumers from unwanted marketing efforts.  This protects privacy and personal information.  More specifically, retailers are not allowed to request and record customers’ email addresses to complete a credit card transaction.  Furthermore, these retailers cannot later use these addresses for marketing purposes.  However, according to recent case law, this law only applies to “brick and mortar retailers,” or retailers that maintain a physical presence.  As such, the statute only applies to in-store transactions and not web transactions.  This is an important distinction in light of the fact that an increasing number of purchases take place online.

Continue Reading ›

Published on: | by

In recent years, there has been an increase in cyber-attacks directed towards usernames and passwords for online banking accounts.  Through these attacks, outside parties have been able to misuse banking information for fraudulent wire transfers.  Hackers have starting using foreign accounts because it is more difficult to recover funds when dealing with some foreign banks.  Online banking fraud has led to over $40 million in stolen funds from small and mid-size companies.  Recently, the nature of these attacks have become more complex as regulatory agencies, e.g., FDIC, and enforcing agencies, e.g., FBI, scramble to keep up with changing technologies.

How Have Online Cyber-Attacks Changed In Recent Years?

In recent years, online banking fraud has become dramatically more sophisticated.  Now, hackers have the capacity to infect not only small, local sites, but also high-volume webpages all across web.  These hackers infect popular websites with Trojan viruses, which latch onto users’ computers when they visit the website.  The virus then directs to online banking information, such as account numbers and login information, allowing the hackers to access these accounts and conduct fraudulent transactions.  The virus may even have the capacity to record and hold this information itself.  To carry through the cyber-attack, criminals only need to setup funds transfers without the respective bank noticing.  Banks learned to watch for transfer activity from unknown computers, so now hackers steal victims’ IP addresses to avoid detection.  With this information, the transfer looks like a typical transaction from the user’s computer.  The hackers may obtain the ability to take control of a computer and use it to conduct fraudulent transfers.

Continue Reading ›