Technology

Electronic Discovery: How to Handle Electronically Stored Information

Published on: June 8, 2020 | by Law Offices of Salar Atrizadeh

Electronic discovery is complicated because it’s a multifaceted procedure. The parties must review the computer network that yields the electronically stored information. They must identify the relevant electronically stored information (“ESI”) and understand the network infrastructure. The collection process is the next step wherein the parties must be able to locate, identify, and collect the relevant information. They may be required to hire forensic data professionals who can use special tools for the discovery process. These forensic data professionals should have access to electronic data discovery software. They should be able to procure mirror images of the electronic files which may yield metadata for a proper evaluation. They should also know how to handle metadata and privileged information (e.g., intellectual properties, trade secrets) to avoid complications. However, in most cases the discovery process becomes complicated due to a lack of cooperation between the parties. Therefore, it may be necessary to invoke the right to onsite inspection.

Onsite inspection of the adverse party’s computers is supported by the state and federal rules. For example, Rule 34(a) of the Federal Rules of Civil Procedure grants the right to engage in the onsite inspection of the adverse party’s computers. In California, Code of Civil Procedure Section 2031.010 grants the right to conduct onsite inspections in certain situations. In general, the requesting party should prove the adverse party has destroyed evidence, has altered documents, or has failed in its discovery obligations.

The courts have raised the concept of proportionality in their analyses. They’ve held that the cost and effort of electronic discovery should be justified by the litigation’s nature, amount in controversy, and relevancy of the requested electronic files. The courts have assessed whether the benefits of examination outweigh the privacy interests of the adverse party. If so, then the requesting party is granted the right to electronic discovery. Yet, there is a high probability that they will run into problems such as data alteration, deletion or fabrication.

Quantum Computer: Its Technology and Legal Effects

Published on: May 25, 2020 | by Law Offices of Salar Atrizadeh

Quantum computing technology will certainly have an effect on state, federal, and international laws. A quantum computer is a much more capable electronic device and has the ability to process data faster. In general, computers can manage, control, and process information by using individual bits that store information as binary 0 and 1 states. The so-called “bits” are electrical or optical pulses that come in the form of 0s and 1s. Now, quantum computers leverage quantum mechanics to process information by depending on quantum bits – i.e., qubits. The so-called “qubits” are subatomic particles like electrons or photons that are isolated in a controlled quantum state.

What is a quantum computer?

A quantum computer is a complicated electronic device that has several components such as a Qubit Signal Amplifier, Input Microwave Lines, Superconducting Coaxial Lines, Cryogenic Isolators, Quantum Amplifiers, Cryoperm Shield, and Mixing Chamber. It is a sophisticated system that works through “quantum superposition” and “quantum entanglement” for enhanced computing processes.

Electronic Discovery and Data Retention Policies

Published on: May 18, 2020 | by Law Offices of Salar Atrizadeh

The management of electronic records in litigation is important. In general, there should be a data retention policy for all business entities especially if they are part of a highly-regulated industry such as health care, energy, securities, and banking. There are state and federal laws that regulate the management of electronic records. For example, HIPAA, Sarbanes Oxley Act, and GLBA are the relevant and applicable federal statutes. These laws require the responsible officers to maintain records for a certain period and enforce penalties for intentional document alteration or destruction.

The litigants have the right to engage in discovery and demand the production of electronic records such as emails, letters, pictures, reports, and spreadsheets. The recipient of the discovery documents usually has a limited time to respond but if it fails to produce the requested electronic records, the court may issue sanctions. The courts have the authority to penalize the parties for overwriting emails in bad faith even though they were supposed to retain them for a certain time. So, in other words, the courts may issue monetary sanctions for not following the rules.

What is a data retention policy?

Is Internet Gambling Legal?

Published on: May 4, 2020 | by Law Offices of Salar Atrizadeh

This article has been prepared to discuss the legality of online gambling and the relevant rules and regulations. These laws affect individuals, businesses, startups, and entrepreneurs as they’ve recently expressed their interests in this topic. Therefore, we will discuss the relevant state and federal laws.

It’s important to note that in Murphy v. NCAA, the Supreme Court struck down the Professional and Amateur Sports Protection Act (“PASPA”) and granted the states the right to regulate sports gambling within their own jurisdictions. In general, placing an online wager is legal but it should not be placed on a website that is located in the United States. In other words, the gambling website and its owner must not reside or do business within the United States and its territories. So, for this reason, individuals may run into contradictory state laws which will be referenced here.

What are the state laws?

What Is Cryptojacking?

Published on: April 29, 2020 | by Law Offices of Salar Atrizadeh

Cryptojacking (or “malicious cryptomining”) happens when the culprits hijack a third party’s network bandwidth without authorization to use for their cryptocurrency mining efforts. The malicious software conceals itself on the electronic communication device and utilizes its resources. Obviously, the culprits engage in such clandestine activities to gain profit or else they would spend their time and energy on other matters.

Cryptocurrencies are digital funds stored on electronic wallets (also known as “virtual wallets”) that are encrypted and exist on electronic communication devices. They are considered a new kind of digital assets. Coins are cryptocurrency units which are entered into a database for recording the transactions. The digital transaction takes place online between the virtual wallet owners and recorded on a public ledger. Then, special computers transform the digital transaction into a complicated mathematical puzzle, and thereafter miners independently solve and confirm the digital transaction. The reward for solving the mathematical puzzle is to receive a new cryptocoin. So, as time has progressed, the mining efforts have increased and caused a significant amount of money to be spent on the process. There are miners who have created “computer farms” and dedicated a vast amount of specialized hardware and software programs.

Unfortunately, in most cases, when you fall victim to cryptojacking it will go unnoticed. You may realize your electronic communication devices are slowing down or using too much bandwidth even though it’s not necessary. There are reports indicating the culprits have been detected on mobile devices, cloud servers, and critical datacenters. Now, some companies have been able to defend against cryptojacking by upgrading browsers and malware scanners. However, as always, the culprits will try to circumvent these defense mechanisms. For example, there is a report from an international cybersecurity firm confirming a cryptojacking campaign against a specific brand of routers. This attack exploited a flaw in the network routers and infected them. So, in short, the culprits used the flaw to promote their cryptojacking scheme.

Class Action Lawsuits: Privacy Violations

Published on: April 22, 2020 | by Law Offices of Salar Atrizadeh

There has been an increase in privacy violations that have led to class action lawsuits. For example, Facebook was forced to pay $550 million to settle a class action lawsuit for privacy violations. In that case, it was ordered to pay the plaintiffs due to an alleged systematic violation of an Illinois consumer privacy law. The settlement agreement included a provision that required Facebook to procure express consent for face analysis and auto-tagging its users. There have been other lawsuits filed against technology companies, such as, Shutterfly, Snapchat, and Google for similar violations.

The California Consumer Privacy Act (“CCPA”) gives consumers the right to request information from a business about its data collection and retention practices. The consumers have the right to know if the business is using their data to make inferences from their behavior, attitude, psychology, intelligence, or abilities. This statute grants consumers the right to request a data deletion. It gives the consumers an “opt-out option” from selling their data to third parties. However, the statute is not retroactive which means that it does not apply to violations that took place before implementing the law.

A putative class action lawsuit was filed against Hanna Andersson, LLC and Salesforce.com for their alleged failure to maintain reasonable safeguards that led to a data breach. The complaint alleges that a group of hackers infiltrated the defendants’ websites with malware allowing them to extract personal information. Under Civil Code § 1798.150, a consumer is permitted to file a lawsuit if he or she can prove the business failed to implement reasonable safeguards to protect personal information. Then, if the plaintiff overcomes the applicable burden of proof, then he or she may be entitled to a minimum of $100 or maximum of $750 per consumer per incident, or actual damages, whichever is greater, as well as injunctive relief. However, there is a provision which requires giving the business an opportunity to cure the violation. In other words, the consumer must initially inform the business of the violation and grant at least 30 days to cure the violation. The business must provide a written statement that confirms the violation has been cured and no other violation will take place. Yet, the statute does not yield a safe harbor clause for the business against consumers who are seeking actual damages.

Electronic Discovery Rules and Regulations

Published on: April 8, 2020 | by Law Offices of Salar Atrizadeh

Electronic discovery (“eDiscovery”) rules and regulations must be understood when dealing with digital or electronic evidence. It is the concept of locating, identifying, collecting, and producing electronically stored information (“ESI”) as part of a response to production of documents in a pending legal action. Electronically stored information may include electronic messages, files, presentations, databases, voicemails, audio/video files, or websites.

Federal Rule of Civil Procedure 34 defines “electronically stored information” as writings, drawings, graphs, charts, photographs, sound recordings, images, and other data or data compilations that are stored in any medium from which information can be obtained directly or after translation by the responding party into a reasonably usable form.

Federal Rules of Evidence 902(13) and 902(14) provide for the self-authentication of electronic evidence. So now, electronic evidence may be authenticated by certification instead of testimony. FRE 902(13) applies to electronic evidence like computer files, social media posts, and smart device information. FRE 902(14) applies to data copied from an electronic device, storage medium, or file.

Coronavirus Online Scams

Published on: April 1, 2020 | by Law Offices of Salar Atrizadeh

The coronavirus pandemic has affected us on a national and global level. This pandemic has caused a financial and health crisis for most of us. Now, the bad actors are taking advantage of this tragic situation by engaging in online scams. For example, our law firm’s investigation has determined that they are sending emails and other types of messages to unwary individuals as a way to extract sensitive or confidential information.

The Federal Trade Commission has outlined the following steps to avoid coronavirus scams:

Do not pick up any kind of robocalls and do not press any numbers. Scammers are using illegal robocalls to pitch everything from scam Coronavirus treatments to work-at-home schemes.

Identity Theft Laws

Published on: March 23, 2020 | by Law Offices of Salar Atrizadeh

Identity theft has been described as the use of one person’s identity by another to commit fraud. See Remsburg v. Docusearch, Inc. (2003) 149 N.H. 148, 155, 816 A.2d 1001, 1007. This case was about an individual seeking personal information (e.g., date-of-birth, social security number, work address) about someone else from an internet-based investigation and information service company. Unfortunately, the culprit, who obtained the personal information, located and fatally shot the victim as she left work. Thereafter, the victim’s mother sued the defendants for negligence, invasion of privacy, and violation of the state consumer protection act. In response, the federal court issued an order of certification and outlined the following factual questions to be determined by the state Supreme Court:

(1) Under the common law of New Hampshire and in light of the undisputed facts presented by this case, does a private investigator or information broker who sells information to a client pertaining to a third party have a cognizable legal duty to that third party with respect to the sale of the information?

(2) If a private investigator or information broker obtains a person’s social security number from a credit reporting agency as a part of a credit header without the person’s knowledge or permission and sells the social security number to a client, does the individual whose social security number was sold have a cause of action for intrusion upon her seclusion against the private investigator or information broker for damages caused by the sale of the information?

Real Estate Transactions and Electronic Signatures

Published on: March 9, 2020 | by Law Offices of Salar Atrizadeh

In the past, real estate transactions were consummated by signing the dotted line with ink after printing the documents. Now, most, if not all, real estate transactions are being finalized by using electronic signatures. Technology is directly affecting real estate transactions since software programs allow the parties to electronically review and sign the papers. So, in this article, we will be discussing how technology affects real estate transactions and the relevant rules and regulations.

On June 30, 2000, the Electronic Signatures In Global and National Commerce Act (“E-SIGN Act”) was passed to ensure the validity for electronic records and signatures in commercial transactions. It was formally enacted under 15 U.S.C. §§ 7001, et seq. It actually grandfathered pre-existing contracts that were consummated between users and commercial entities in delivering electronic information. Yet, any contracts that were executed on or after October 1, 2000 are subject to the statute’s provisions.

The E-SIGN Act has several requirements. For example, a commercial institution should provide notice to the consumer and obtain prior consent. It should provide notice to the consumer regarding hardware and software requirements. It should be able to associate the electronic signature with the records. It should ensure proper retention and accurate reproduction of those records for a period that is legally required.