Technology

Drones, Privacy Concerns and Regulations

Published on: March 2, 2015 | by Law Offices of Salar Atrizadeh

The recreational use of drones, or unmanned aerial vehicles (UAV), has become increasingly popular in the United States. While such use has gone largely unregulated due to the unlikeliness that these drones will obstruct air traffic, commercial and governmental use of drones—especially larger drones—has sparked safety and privacy concerns leading to attempts at regulation.

What Are the Major Concerns?

With respect to public safety, the primary concern is that drones will collide or otherwise interfere with other aircraft, particularly when flown in congested airspace such airports. The Federal Aviation Administration (FAA) legitimized this concern by admitting the difficulty in policing drone use since they are typically undetectable by radar. Even assuming drone violations were detectable, it would be nearly impossible to track down the device or, more importantly, its operator. In addition, the inability to fully monitor drone use has caused public concern over personal privacy and accountability for breaches.

Protecting Against Data Breaches

Published on: February 16, 2015 | by Law Offices of Salar Atrizadeh

The recent cyberattack on Anthem, Inc., one of the largest health insurance companies in the United States, illustrates the persistence and severity of the risk of data breaches. On February 4, 2015, Anthem confirmed that one of its databases had been hacked. The data breach exposed personal information of approximately 80 million Anthem customers and employees—including names, birthdays, member health ID and Social Security numbers, street addresses, telephone numbers, e-mail addresses, and employment information—potentially the most damaging cyberattack to date on a health insurer.

Noting a pattern of medical data thefts from health insurers by foreign intelligence organizations, the FBI concluded that the attack was likely the work of Chinese hackers attempting to gain access to the networks of defense contractors and government workers. Moreover, while hackers have targeted healthcare providers, similar attacks on companies like Target, Sony, JP Morgan Chase, and Home Depot, signify the risk to all types of businesses.

One obvious implication for businesses that fall victim to these attacks—beyond negative press—is the exposure to liability for the resulting invasion on individuals’ privacy. For instance, individuals have already begun filing class action lawsuits for this particular breach, asserting that Anthem should be held responsible given its inadequate security measures—namely, its failure to employ encryption to prevent unauthorized access to their personal information.

What is the Future of Virtual Currencies?

Published on: February 2, 2015 | by Law Offices of Salar Atrizadeh

Virtual currencies have become a popular tool for allowing direct peer-to-peer online transactions using electronic payments that eliminate the need for conversion between currencies. Over the past few years, Bitcoin has enjoyed a considerable amount of praise as the virtual currency of choice. This hype carried with it significant funding from hopeful investors, who hailed its potential to offer a number of benefits, not the least of which being its unregulated and decentralized nature.

However, despite the initial investor optimism, recent price crashes have prompted declarations of the “death” of Bitcoin, and this is not the first time. These price crashes can be attributed, at least in part, to wavering consumer and retailer support in the face of complex technologies underlying the system. Moreover, even assuming the virtual currency can still be considered economically alive, Bitcoin is certainly a volatile investment today.

What Should Bitcoin Investors Think?

Online Privacy and Related Issues

Published on: January 26, 2015 | by Law Offices of Salar Atrizadeh

In general, online privacy falls under two categories. First, is personal privacy. Second, is corporate privacy. For example, corporate privacy concerns the protection of corporate data (e.g., electronic communications) from retrieval or interception by unauthorized parties. Security is important for the protection of trade secrets, proprietary information, and privileged communications. The failure to maintain confidentiality can result in a loss of “trade secret” status. The relevant law is 18 U.S.C. §§ 1831 et seq. (e.g., economic espionage and theft of trade secrets). Also, the waiver of the attorney-client privilege and work-product protection come into play during litigation.

The Economic Espionage Act was the first federal criminal law protecting trade secrets. It provides penalties such as prison terms of up to 15 years and fines of up to $5,000,000. It expands the trade secret definition by including all types of business and financial information.

Trade secret owners face an unfair position when it comes to online publication of their trade secrets. One option is to obtain preliminary injunctions. However, the Supreme Court has cautioned against using the Prior Restraint Doctrine where its effectiveness would be questionable (e.g., jurisdictional enforceability concerns). The other option are registering patents, trademarks, copyrights or implementing preventive technologies.

Internet of Things, Privacy, Security and Related Issues

Published on: January 16, 2015 | by Law Offices of Salar Atrizadeh

The Internet of Things (“IoT”) is the next evolution and is making a remarkable impact on technology and our way of life. In fact, the availability of an omnipresent network connectivity has fostered the widespread use of smart devices.

Devices are now able to communicate with each other through embedded sensors that are linked by wired and wireless networks. For example, they include thermostats, automobiles, or pills that permit a physician to monitor the patient’s health.

Technology has allowed us to detect and monitor changes in the physical status of connected devices (e.g., RFID, sensors) in real-time. Technology advancements allow networks and objects they connect to become more intelligent. The factors that are currently driving growth, include, development of smart cities, smart cars, and smart homes, enhanced connectivity infrastructures, and a connected cultures.

eDiscovery, ESI, and Data Collection Guidelines

Published on: January 12, 2015 | by Law Offices of Salar Atrizadeh

Electronic discovery (a/k/a “eDiscovery”) is the process of identifying, locating, preserving, collecting, preparing, reviewing, and producing electronically stored information in the context of the legal process. Electronically stored information (“ESI”) includes anything that can be stored in electronic form on a computer or other media device. A computer is defined as “an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions (e.g., desktop, laptop, smart phones, tablets, CDs, DVDs, flash drives, backup tapes, voice mail, servers, and access control systems).

What Are the Issues That Arise During Electronic Discovery?

The following issues may arise during the course of electronic discovery: First, the attorney-client privilege and work-product doctrine play a key role. The attorney-client privilege protects the confidentiality of communications between an attorney and his/her client. The work-product doctrine prevents a party from discovering documents that are prepared in anticipation of litigation.

Online Banking Fraud – Part II

Published on: December 29, 2014 | by Law Offices of Salar Atrizadeh

Online banking is an electronic payment system that enables customers of a financial institution to conduct financial transactions on the web. In today’s high-tech world, online banking fraud is committed on a daily basis. As such, sometimes customers may not be liable for certain unauthorized online transactions, subject to the terms and conditions of the bank’s service agreement. Online banking fraud is to defraud a financial institution or obtain money or other property under the custody of a financial institution by false pretenses. A related issue includes financial identity theft. So, financial institutions use encryption technology (e.g., secure socket layer – a/k/a “SSL”) to prevent unauthorized access to data.

In general, the customer must notify bank within 60 days after receiving a periodic statement pursuant to 15 U.SC. § 1693f. Under 15 U.S.C. § 1693g(b), the burden of proof of consumer liability is on the bank. So, in order to establish a customer’s liability, the bank must prove the transfer was authorized. In case of a violation, the bank may be subject to civil liability under 15 U.S.C. § 1693m.

What Are the Common Methods Used to Defraud Customers?

Online Advertising and Pay-Per-Click Fraud

Published on: December 15, 2014 | by Law Offices of Salar Atrizadeh

Pay-per-click (“PPC”) advertising is a profitable online service that search engines, such as Google, Yahoo, or Microsoft, provide their customers. Now recently, PPC fraud has developed and caused loss of revenues for businesses and advertisers. PPC fraud occurs when someone or a program clicks on a company’s advertisement without intending to view the website or buy anything.

Many companies have filed lawsuits against search engines, claiming that they have breached the terms and conditions of their contracts. These companies have alleged that the search engines, acting as the intermediaries, that published their online advertisements improperly charged them for fraudulent clicks. Two questions can be raised by these implications. First, how should a chargeable click be defined within the advertising contract? Second, does a search engine have any duty to protect advertisers from fraudulent clicks?

What is PPC Advertising?

Cell Phone Privacy, GPS Technology, and Invasion of Privacy

Published on: December 10, 2014 | by Law Offices of Salar Atrizadeh

In recent years, global positioning system (“GPS”) technology has increased in usage on various GPS-enabled devices (e.g., cars, smartcards, handheld computers, and cell phones). This technology brings value to its users, however, it has caused a significant decrease in privacy. Private and public organizations are able to collect and use the information for different purposes. For example, private organizations may collect data for marketing. Naturally, there are proponents who argue for governmental or non-governmental collection and use of information for different reasons (e.g., national security, emergencies). There are also proponents who argue that the collection and use of information leads to abuse (e.g., unauthorized access, invasion of privacy). Therefore, we need clear and uniform legal standards to control when anyone can collect and use information about an individual.

At this time, there is no law that restricts the government’s collection or use of GPS tracking information against individuals. However, some states have enacted legislation that restricts the commercial use of GPS. The Fourth Amendment limits the use of GPS technology, but its protection from unreasonable search and seizure is less effective due to recent technology advancements.

The main issue is privacy. In today’s highly-technological world, most individuals carry their cell phones all the time. So, wireless network providers (a/k/a cell phone carriers) are able to track the individual’s movements. On a side note, GPS technology has been used to save lives in emergencies. The Federal Communications Commission (“FCC”) mandates wireless network providers to submit the cell phone location for emergency 911 calls (“E911”) that have been made from cell phones. The law on this issue is relatively clear. It permits cell phone carriers to provide information to third parties (e.g., FBI, NSA, or Police) for E911 emergency calls only. However, they need the cell phone owner’s consent in any other situation.

e-Residencies, e-States, And The Risk of Cyberattacks on Digital Societies

Published on: December 8, 2014 | by Law Offices of Salar Atrizadeh

In recent times, e-residencies (a/k/a “electronic residency”) have become a trend in some European societies. For example, the Republic of Estonia implemented this concept into its banking systems in order to permit people to manage their funds in an electronic environment. According to the Information System Authority, in 2001, the first nation-wide ID-card was introduced as the primary identity document for Estonian citizens both in the real and digital world. It is possible to attach a digital signature to the ID-card that constitutes a handwritten signature.

The Republic of Estonia is operating on the cutting-edge of technology. It has created an electronic state (“e-State”) where almost all transactions are completed by using technology. For example, Estonians developed Skype. The government permits its citizens to start a business online, pay taxes online, administer schools online, and pay their car park fees by mobile phone. It seems that their logistics transcend most societies. However, their achievements have not been without problems. In 2007, a cyberattack took place against its government’s websites and data communication networks.

What are the legal ramifications?