Articles Posted in Technology

Published on: | by

LastPass is a password management service that allows users to centralize all of their collective passwords under one master password. On June 15, 2015, LastPass announced that it was hacked and user data was compromised in the process.

What was stolen from the LastPass database?

LastPass officials released a statement following the attack proclaiming that the hackers did not steal master passwords, but instead gained access to authentication hashes and/or checksums. These are used in order to verify that the master password is correct upon trying to access an account. The attack also compromised cryptographic salts, password reminders, and user email addresses. Officials are confident that LastPass encryption measures ensure the protection of most users and their master passwords. However, it is also possible that fairly weak master passwords, or ones short in length, were also subject to the attack.

Continue Reading ›

Published on: | by

In general, harassing phone calls are distinguished from unwanted phone calls based on obscene or threatening language used to intimidate or scare the recipient. A phone call must hold malicious intentions in order to be classified as harassment punishable under California state laws.

What makes telephone calls a crime in California?

Under California Penal Code 653m, certain elements of a telephone call can lead to liability for criminal activity. The first element is the act of making a telephone call or electronic communication. This can be done via telephone, smartphone, computer, pager, or recorder, among other communication devices. This means that forms of electronic harassment could include text messages, phone calls, emails, faxes, picture messages, video messages, or voice recordings. A defendant can be accused of violating Penal Code 653m even if he/she was not the one to initiate the call. A violation may exist if he/she requested the electronic communication. The next element is the use of obscene language that is meant to threaten or injure the recipient, his/her family and/or property. This includes repeated calls or communication attempts, regardless of the content. The last element is the intent to harass or annoy a victim. There is no violation if the communication is made with the intention of legitimate business purposes, even though certain business calls might seem as nuisance.

Continue Reading ›

Published on: | by

In general, computer crime is a term that covers a variety of crimes involving internet or computer use that may be prosecuted under state or federal laws. Because of the rise in computer crimes, California state laws include provisions that prohibit these violations. In addition, other states have passed computer crime statutes in order to address this problem.

What is a computer crime?

An individual who accesses a computer, computer system or computer network and alters, destroys, or disrupts any of its parts is considered a perpetrator of computer crime. The charge is selected based upon the intention of unlawful access. Hacking is the breaking into a computer, computer system, or computer network with the purpose of modifying the existing settings under malicious intentions. Unlawful or unauthorized access means that there is trespassing, storing, retrieving, changing, or intercepting computer resources without consent. Viruses, or other contaminants, include, computer code that modify, damage, or destruct electronic information without the owner’s permission. This often disrupts the operations of a computer, computer system, or network. As such, Congress enacted the Computer Fraud and Abuse Act in order to regulate computer fraud and to expand laws against it. This federal statute provides that “whoever knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer and the value of such use is not more than $5,000 in any 1-year period” shall be punished accordingly.

Continue Reading ›

Published on: | by

The modern day business model is shifting towards cloud computing and Software-as-a-Service (“SaaS”) agreements. This new trend allows customers to treat licensing costs as expenses that can be paid over time. SaaS also provides a solution to bug fixes, glitches, and the updating of licenses simultaneously. With the shift to cloud computing, developers are no longer required to provide a platform on which their own application runs.  However, confusion exists about the differences between software licensing and SaaS agreements.

What is the difference between software licensing and SaaS?

A software-licensing model involves the software company to offer a software program in the form of an electronic download or CD-Rom. This software then must be downloaded, installed, run, and operated on hardware before being used by one or more users. This software may be installed on hardware.  It often offers services like training, maintenance, and technical support. On the contrary, in the SaaS model, the company does not make a physical product. It only makes the product accessible through “the cloud” which acts as a hosting platform. One or more users can still access the product, but it must be done through cloud computing services.  As such, external services are not provided because they are expected to be included as part of the hosting platform’s service and support experience. As a result, SaaS acts as a service subscription model and not a physical product.

Continue Reading ›

Published on: | by

Since October of 2013, the Internet Corporation for Assigned Names and Numbers (ICANN) has made a transition towards the expansion of top-level names. This action has sparked concern in Internet stakeholders in regards to security concerns. ICANN was previously responsible for managing 22 domain names, including, “.com,” “.gov,” and others. With plans to rapidly rollout more names, government entities, businesses, consumers, and internet users have recognized a number of the associated security concerns. Today, there are 322 new top-level domains (TLDs) that have been granted by ICANN.

What are the resulting security threats?

Phishers and scammers have grown in number since the growth of TLDs, hijacking domains shortly after registration. There have also been instances of malware and phishing pages registered under specific and popular TLDs, transferring risks to users. The lack of preparation and security that exists in the Internet ecosystem is a perfect environment for criminals to display malicious activity. Domain name collisions are occurring due to TLDs colliding with old and unresolved names that have been embedded in the global root. The result of such collisions is server delay, outages, and data theft that leave consumer information exposed. Malware and cybersquatting have also been exhibited in the top 35 most trafficked new TLD sites. TLDs continue to cause confusion and lack of security, with 36 being permitted to have singular and plural versions [e.g., .car(s), .work(s)], and 44 possessing close alternatives, such as .finance/.financial and .engineer(ing).

Continue Reading ›

Published on: | by

In the past few months, more domestic and foreign regulations of digital currencies are being proposed. However, New York is at the forefront of establishing new Bitcoin regulations, and California not far behind. By the end of May, it is likely that the updated BitLicense bill regulatory framework will be released and used as an example for other states.

What are the New York and California Proposed Regulations?

Benjamin Lawsky, New York’s first Superintendent of Financial Services, announced the parameters of the bill this year. The BitLicense bill will stipulate that businesses will need a license if they handle (i.e., store, transfer) Bitcoin for customers, cover or issue digital currency, exchange Bitcoin for other currency, or buy and sell digital currency to or from a customer. Merchants that only accept digital currency for purchases will not need a license. Any licensed company will have to maintain a certain amount of capital, which will be assessed using an assortment of factors. State officials say that feedback is still welcome and that the bill is a work in progress. The goal in the end, however, is that the new regulations would protect consumers who use digital currency by establishing rules and guidelines.

Continue Reading ›

Published on: | by

The CAN-SPAM Act is the federal act that preempts state anti-spam laws. In response to this federal statute, California, and many other states have passed similar anti-spam laws. Do you have a new company that needs to market to a broader community? Will your company create an email list to reach out to new users, customers, or clients? Then you should be aware of the federal and state laws and how they can create liability.

What is the CAN-SPAM Act?

The CAN-SPAM Act mostly focuses on unsolicited commercial email. It stands for Controlling the Assault of Non-Solicited Pornography and Marketing. This federal law prohibits any commercial email that is fraudulent or deceptive and requires all email messages to include an opt-out option for the recipients. Although, the law is focused on companies that disguise the source or purpose of the email, the impetus for passing the bill was the growing cost problem for those receiving mass amounts of emails such as non-profit companies, educational facilities, and other businesses with limited server space. However, this law “only provides a private cause of action to internet service providers that have been adversely affected by prohibited commercial e-mails, and does not extend a cause of action to the recipients of such e-mails.” See Hypertouch, Inc. v. ValueClick, Inc., 192 Cal. App. 4th 805, 123 Cal. Rptr. 3d 8 (2011). Therefore, it is up to the states to determine whether individual recipients of spam can bring suit against companies or individuals.

Continue Reading ›

Published on: | by

There has been a surge of new laws and regulations passed by governments to implement security and privacy measures for companies storing information in the cloud. This surge is due to recent security breaches and the realization of how much information can be compromised. Information stored in the cloud ranges from personal information to confidential government intelligence. Although, the most publicized breaches may be of celebrity’s compromising photographs, many other breaches of medical insurance companies and credit card accounts have affected the public. It is only natural that a set of new privacy and security laws are drafted both internationally and domestically as the use of cloud computing technology expands.

What are some of the international laws?

In general, each country has been forming its own laws governing privacy and security of information. For example, Australia, Canada, Japan, and Korea have comprehensive privacy regimes without onerous registration requirements. Also, organizations, such as the Cloud Security Alliance (CSA) and Information Technology & Innovation Foundation (ITIF) are trying to assist in finding a clear set of widely-accepted security procedures that will lead to a more consistent set of policies for companies to follow when storing information. Until this is accomplished, companies have to assess the laws and regulations of countries that may affect them. Companies then have to decide the best security and privacy measures to protect them from liability.

Continue Reading ›

Published on: | by

Since the goal of brand management is to optimize the market’s perception of a brand, it follows that effective brand management requires establishing and maintaining a relationship with the target market. Recently, much of relationship development has been accomplished through social media. Although, brand awareness can expand with social media, but companies should be skeptical towards third-party statements regarding their brand.  In fact, legal recourse is available against third parties who engage in trade libel, defamation, and trademark or copyright infringements.

How Can Trademark Misuse Occur on Social Media?

Considering the risk that a negative criticism of a brand on social media will quickly harm the brand’s reputation, it is important for a company to be aware of the types of trademark misuse or infringement. The line between constitutionally-protected free speech and violations can be blurry. For instance, a social media username may be confused with an official brand account, either coincidentally or by imposters (i.e., posing as an employee or someone sponsored by the brand). Further, user statements may improperly dilute a trademark under the Federal Trademark Dilution Act through blurring (i.e., associating a mark with other goods/services) or tarnishment (i.e., associating a mark with substandard goods/services).

Continue Reading ›

Published on: | by

Crowdfunding involves a large number of people contributing small amounts of money to finance a business venture, typically an early-stage startup company. Over the past several years, online crowdfunding platforms have become a popular tool for new businesses and entrepreneurs to market inventions, generate revenue, and increase customer base. While improving accessibility to funding offers a significant economic advantage, crowdfunders should be careful not to release too much information before legally protecting an original idea.

What Are the Legal Risks in Crowdfunding?

The major legal risks in crowdfunding stem from crowdfunders launching campaigns before adequately identifying and protecting intellectual property (IP). This inadequate IP protection may allow ideas and inventions to be copied or stolen without legal repercussions. The risk of unprotected IP is magnified by various public disclosure requirements mandated by online crowdfunding platforms. Specifically, popular crowdfunding websites like Kickstarter require detailed disclosures of how a particular invention or product works—beyond a simple prototype—before a campaign is posted. Moreover, sophisticated predators are constantly searching crowdfunding websites for unprotected ideas.

Continue Reading ›