Articles Posted in Technology

Smart devices are being sold to consumers and businesses on a regular basis. They include smart phones, smart cars, smart televisions, smart thermostats, smart doorbells, smart bulbs, smart locks, smart watches, smart speakers, smart refrigerators, and other electronic devices. These smart devices can be recording you or collecting personal data without your knowledge or consent.

Privacy in the internet and technology age has become a major concern. This is primarily due to the existence and availability of smart devices which are even referred to as “smart spies” because they can record and transfer personal information to the hackers who use technical flaws to install spyware. This is why it’s important to review the security settings of the smart device on a regular basis. For example, smart televisions are connected to the internet, and if they are hacked into, they can easily be used for nefarious purposes. Smart speakers and digital assistants are listening to voices and that is why they can be a threat source for their users. They are constantly collecting information with or without the user’s knowledge or consent. There may be a way to delete the recently-recorded information by telling the smart device to delete the last conversation but consumers should read the user’s manual to learn about the options.

Smart doorbells, which are part of a home’s security surveillance system, have cameras and are connected to the internet. Therefore, they can be hacked into and used to record activities. For example, Ring has been questioned for sharing video recordings with police departments and third-party service providers such as Facebook and Google without the user’s knowledge or consent. It is important to view the “authorized client devices” feature to understand which device is accessing the account.

Internet fraud and scams have exponentially increased in recent years. There are several reasons for this development which include the expansion of technology and usage of electronic devices in our daily lives.

The fraudsters find different ways to retrieve sensitive or confidential information in order to commit their crimes. For example, they may extract the information by dumpster diving next to corporations and financial institutions. There have been cases where sensitive information of a corporation’s employees was extracted without authorization. They may also engage in “shoulder surfing” which is another way to surreptitiously extract confidential information from the unsuspecting victim. These activities usually take place close to a bank’s ATM in order to steal the victim’s debit card PIN. They can also use what is referred to as a “skimming device” as a way to obtain sensitive information from debit or credit cards. These devices can be placed on ATMs to procure the confidential information without suspicion. The fraudsters can also obtain sensitive or confidential information by breaking and entering into the victim’s property. This way, they can look into the victim’s house or vehicle for valuable items or confidential documents.

There is a long list of internet fraud methods such as auction scams, rental scams, dating scams, lottery scams, and charity scams. The criminals are finding new ways to trick their victims into relinquishing valuable information – e.g., address, telephone, date-of-birth, social security number, debit or credit card number. Social engineering is another method to obtain information which is usually done by gaining the victim’s trust. It has become one of the main methods for extracting valuable information from unsuspecting victims. The internet allows culprits to anonymously communicate with their victims which is the major issue in lawsuits simply because it takes time and effort to launch an investigation. Our law firm is able to unmask the anonymous culprit’s identity by using the proper tools and techniques. We have access to a network of experts and investigators who can help our clients. We have also established relationships with local, state, and federal law enforcement agencies.

The parties are generally entitled to discovery of relevant and admissible evidence during litigation. This process includes the discovery of electronically-stored information (“ESI”) which can be stored at internal and external locations such as the local area network and cloud.  It has become more prevalent for companies to transfer their electronic files to the cloud to reduce costs. It is now more practical to upload and transfer data to a third-party’s servers. However, there are certain risks associated with this process. First, you will be relinquishing control over the electronic information. Second, you will not have control over the third-party’s information security protocols. In other words, even if the electronic information is originally encrypted, it may lose its encryption status if uploaded or transferred to the third-party’s servers.

It is important for attorneys to have a general understanding of the client’s network infrastructure. So, it is always recommended to interview the client’s information technology staff. This way, legal counsel can be better prepared to ask and answer discovery-related questions. Moreover, the relevant discovery rules are outlined in the Federal Rules of Civil Procedure 26, 33, 34, 37, and 45, and Federal Rule of Evidence 502.

Court Mandated Guidelines

Sextortion is a type of online blackmail. It’s one kind of sexual exploitation that takes place on the internet when an anonymous individual threatens to distribute the victim’s explicit videos or pictures if he or she does not comply with the demands which can include transferring funds through digital currencies. The culprit may use a webcam to extract private information and make threats to harm the victim if the victim fails or refuses to comply with the demands.

The culprit usually follows his victims on websites and chatrooms to gain their trust. The culprit may send a message to the victim that has malware in an effort to hack into the victim’s electronic devices. The victim can make the mistake of clicking on the link which releases the virus on to the computer. The infected computer is now compromised and can be used for nefarious purposes.

The courts have been dealing with sextortion since it is a new problem in the technology age. The law prohibits the non-consensual dissemination of intimate pictures or videos but the litigants or their lawyers have been using laws related to harassment, extortion, bribery, or child pornography. For example, 18 U.S.C. § 2251 prohibits sexual exploitation of children. The following federal statutes could be relevant to these activities: 18 U.S.C. § 2252, 18 U.S.C. § 2422, and 18 U.S.C. § 875.

There are state and federal privacy laws that are applicable to consumers and commercial organizations. There has been much activity with the collection and distribution of private or confidential information in recent years. Personal information can be collected through several methods such as voluntary disclosures, cookies, website bugs, tracking software, malware (e.g., worms, trojans, spyware), and phishing. For example, tracking software can be used to collect information but there must be proper disclosure. Nonetheless, criminals do not follow the rules or guidelines and it is a known fact they have access to the tools and techniques to extract customer information without obtaining authorization.

Personal information is certainly valuable to its owner. It is also valuable to a bad actor who is seeking to misuse the personal information without authorization. The bad actors who obtain personal information in a secretive manner are planning to gain a profit. They may engage in identity theft or online impersonation by using the wrongfully obtained personal information. Identity theft has caused a significant amount of monetary damages to the victims. There are state and federal laws that prohibit identity theft in every jurisdiction. The National Conference of State Legislatures provides a comprehensive list of these laws. In California, the following state laws prohibit identity theft and provide remedies:

  1. California Penal Code § 368: It prohibits identity theft against elders and disabled persons;

The Eliminating Abuse and Rampant Neglect of Interactive Technology (“EARN IT”) Act is a proposed bill that is designed to permit government agencies scan online messages and prevent child sexual exploitations. It is meant to force websites remove child abuse images from their platforms. The advocates argue it is necessary to allow the government evaluate online communications for potential violations. They argue that websites should be held accountable for user violations. This law seems to be against encryption which is used to obscure content from the unintended recipient. Encryption technology has been used to protect online privacy by scrambling messages through special algorithms. It can only be deciphered by the intended recipient who has access to the private key. Encryption can be used to securely communicate on the internet but it can also be used for nefarious reasons. That said, the EARN IT Act does not use the term “encryption” in its provisions. The supporting legislators have claimed the proposed statute is not designed to outlaw encryption. Also, it would require websites to adhere to certain best practices that will be implemented by the Attorney General’s Office by selecting a group of law enforcement agents who would impose them.

The EARN IT Act could reduce the protections granted under Section 230 of the Communications Decency Act (“CDA”) which provides a certain level of immunity for online service providers. Now, the immunity is not absolute but it is not very far from it. It protects online service providers (a/k/a “interactive computer service providers”) from user violations. For example, if the user engages in conduct that constitutes invasion of privacy of another person, the website would be shielded from legal liability. So, the victim could not file a lawsuit against the website for the user’s violations. However, the following three exceptions apply: (1) federal criminal activity and obscene material; (2) intellectual property violations; and (3) sex trafficking. In fact, 47 U.S.C. § 230(e)(1) prohibits obscene material and sexual exploitation of children. Moreover, 47 U.S.C. § 223 prohibits the transmission of lewd, lascivious, filthy, or indecent messages to a person under the age of eighteen. The CDA prohibits online service providers from sexual exploitation of minors, sex trafficking, or promotion of prostitution in jurisdictions where it is illegal. In other words, interactive computer service providers cannot facilitate these activities on their platforms. In Reno v. ACLU, the Supreme Court evaluated the CDA and its relevant provisions. It found that the CDA criminalized protected speech – e.g., sexually explicit speech – and unprotected obscenity.

The EARN IT Act has been compared to the Fight Online Sex Trafficking Act (“FOSTA”) and Stop Enabling Sex Trafficking Act (“SESTA”) which were passed to fight against online sex trafficking by making websites criminally liable for user content. These federal statutes caused several websites, including, but not limited to, Craigslist and Backpage to remove pages or be completely shut down. So naturally, critics have argued that they promoted online speech censorship and prevented people who engaged in consensual sex work. Yet, if the proposed bill passes legislation, it could open the floodgates for lawsuits against technology companies.

Online marketing and advertising can be a complicated process since the internet has opened new channels that did not previously exist before the technology age’s expansion. Now, with the advent of sophisticated technologies, business owners, startups, and entrepreneurs have more options when it comes to online marketing and advertising.

They can use email, telephone, or other online marketing and advertising tools to reach their customers. They can also use banners, pop-ups, metatags, mass emails, mass text messages, or linking and co-branding plans. The internet has no boundaries so you should realize that even though your company is located in one state, yet your online marketing and advertising campaign may implicate state, federal, or international laws. This can be true when your company is targeting customers in other states or nations. So, your contacts with that jurisdiction whether by having offices, employees, or customers there can play an important role in determining which court has authority to resolve disputes.

There are several state and federal laws that can be relevant to internet advertising. For example, the Lanham Act, FTC Act, or California Business and Professions Code regulate internet marketing and advertising. The Trademark Act – which is also known as the “Lanham Act” – regulates trademarks, service marks, trade names, and trade dress issues. This federal statute deals with infringements and outlines the remedies. It also creates a private right of action pursuant to 15 U.S.C. Section 1125(a)(1) against the infringing parties. A private right of action (or “implied cause of action”) is the legal right granted to a private party to file a lawsuit.

Electronic discovery is complicated because it’s a multifaceted procedure. The parties must review the computer network that yields the electronically stored information. They must identify the relevant electronically stored information (“ESI”) and understand the network infrastructure. The collection process is the next step wherein the parties must be able to locate, identify, and collect the relevant information. They may be required to hire forensic data professionals who can use special tools for the discovery process. These forensic data professionals should have access to electronic data discovery software. They should be able to procure mirror images of the electronic files which may yield metadata for a proper evaluation. They should also know how to handle metadata and privileged information (e.g., intellectual properties, trade secrets) to avoid complications. However, in most cases the discovery process becomes complicated due to a lack of cooperation between the parties. Therefore, it may be necessary to invoke the right to onsite inspection.

Onsite inspection of the adverse party’s computers is supported by the state and federal rules. For example, Rule 34(a) of the Federal Rules of Civil Procedure grants the right to engage in the onsite inspection of the adverse party’s computers. In California, Code of Civil Procedure Section 2031.010 grants the right to conduct onsite inspections in certain situations. In general, the requesting party should prove the adverse party has destroyed evidence, has altered documents, or has failed in its discovery obligations.

The courts have raised the concept of proportionality in their analyses. They’ve held that the cost and effort of electronic discovery should be justified by the litigation’s nature, amount in controversy, and relevancy of the requested electronic files. The courts have assessed whether the benefits of examination outweigh the privacy interests of the adverse party. If so, then the requesting party is granted the right to electronic discovery. Yet, there is a high probability that they will run into problems such as data alteration, deletion or fabrication.

Quantum computing technology will certainly have an effect on state, federal, and international laws. A quantum computer is a much more capable electronic device and has the ability to process data faster.  In general, computers can manage, control, and process information by using individual bits that store information as binary 0 and 1 states. The so-called “bits” are electrical or optical pulses that come in the form of 0s and 1s. Now, quantum computers leverage quantum mechanics to process information by depending on quantum bits – i.e., qubits. The so-called “qubits” are subatomic particles like electrons or photons that are isolated in a controlled quantum state.

What is a quantum computer?

A quantum computer is a complicated electronic device that has several components such as a Qubit Signal Amplifier, Input Microwave Lines, Superconducting Coaxial Lines, Cryogenic Isolators, Quantum Amplifiers, Cryoperm Shield, and Mixing Chamber. It is a sophisticated system that works through “quantum superposition” and “quantum entanglement” for enhanced computing processes.

The management of electronic records in litigation is important. In general, there should be a data retention policy for all business entities especially if they are part of a highly-regulated industry such as health care, energy, securities, and banking. There are state and federal laws that regulate the management of electronic records. For example, HIPAA, Sarbanes Oxley Act, and GLBA are the relevant and applicable federal statutes. These laws require the responsible officers to maintain records for a certain period and enforce penalties for intentional document alteration or destruction.

The litigants have the right to engage in discovery and demand the production of electronic records such as emails, letters, pictures, reports, and spreadsheets. The recipient of the discovery documents usually has a limited time to respond but if it fails to produce the requested electronic records, the court may issue sanctions. The courts have the authority to penalize the parties for overwriting emails in bad faith even though they were supposed to retain them for a certain time. So, in other words, the courts may issue monetary sanctions for not following the rules.

What is a data retention policy?