Technology

Recent Cases in Cybersquatting

Published on: May 6, 2013 | by Law Offices of Salar Atrizadeh

Cybersquatting has been a highly litigated issue since Congress passed the Anti-Cybersquatting Consumer Protection Act (the “ACPA”) in 1999, codified under Title 15 U.S.C. § 1125(d). The ACPA establishes a cause of action for the bad faith registration of a domain name that is substantially similar to a trademark or personal name.

Under What Circumstances Will Courts Hold Domain Name Registrants Liable Under the ACPA?

In Xereas v. Heiss, the United States District Court for the District of Columbia found that the ACPA extends to include all registrations of a domain name, not just the initial registration. This federal law’s intent to diminish cybersquatting suggests that the ACPA meant to protect property interests in domain names throughout subsequent registrations.

International Websites and U.S. Internet Laws

Published on: April 28, 2013 | by Law Offices of Salar Atrizadeh

Any company conducting e-commerce with consumers in the United States must follow the applicable U.S. Internet laws. Otherwise, the company and its managers may face civil liability and criminal prosecution for violating U.S. laws. However, in the event that a business’s website is also accessible internationally, that business may also need to comply with applicable international Internet and business regulations.

Online businesses should be aware of issues relating to contracts, intellectual property violations (e.g., patent, trademark and copyright), email, spam, antitrust, privacy issues, affiliate marketing programs, online fraud, cyber piracy, cloud computing, cybersquatting, compliance and regulatory actions. For example, if a business uses an image or text on its website, it must ensure that doing so does not violate any copyright or trademark laws.

There are also jurisdictional considerations affecting websites in American and international markets. Different countries have different approaches for determining whether respective courts have jurisdiction over Internet material. Generally, jurisdictional considerations will take into account the physical locations of parties. Although, a website is not a physical being, it nonetheless maintains a physical presence in its operations. As such, an Internet transaction over a website may implicate three different jurisdictional laws: (1) the laws that apply to the user’s physical location, (2) the laws that apply to the server’s physical location, and (3) the laws that apply to the business’s physical location. In the event that a business does not maintain any physical location, courts will look to the owner or manager’s location, or the location of any warehouse that helps facilitate business. For instance, websites such as Amazon and eBay may charge a sales tax on an online transaction if such a company maintains a physical presence in a jurisdiction that charges sales tax. In February 2, 1998, in an effort to help facilitate online business, U.S. Congress passed the Digital Signature and Electronic Authentication Law (“SEAL”). SEAL provides for legal recognition of electronic signatures sent over the Internet to complete transactions. As such, SEAL expands online business, making it easier for consumers and merchants to conduct business entirely online.

Defending Against the Growing Threat of Identity Theft

Published on: April 21, 2013 | by Law Offices of Salar Atrizadeh

Few crimes affect as broad a scope of people as identity theft. With social networks, credit cards, personal information, and contact information so interconnected, perpetrators can trespass into a person’s life by breaking past a single password-protected account. Accordingly, the Los Angeles County District Attorney’s Office has created a special division to aggressively prosecute this serious crime. Indeed, the District Attorney’s Office has indicated that it would pursue all cases of identity theft, regardless of how minor. This category of illegal activity includes everything from simply possessing information on another’s identity without their permission to using such information to obtain a credit card or make purchases.

In California, identity theft laws are especially strict because perpetrators can be convicted of felony identity theft regardless of whether the victim suffers financial harm as a result of the identity theft. In fact, signing someone else’s name on an official document may constitute identity theft, depending on the circumstances. Often, identity thieves work as members of larger organizations, which assemble and carry on large networks of identity theft. Someone may be accused of identity theft simply by association with members of such a network. Under California Penal Code § 530.5(a) to maintain a case of identity theft, the district attorney will need to show that a defendant intentionally obtained “personal identifying information” without the consent of the person, to use “for any unlawful purpose.” Defendants may be able to avoid prosecution for identity theft if they can present evidence to show that they obtained the identifying information with the person’s consent.

The most common identity theft cases include illegal credit cards, fake identification cards, stolen social security numbers, purchases with stolen credit cards, and skimming. Skimming involves installing a skimmer to illegal obtain identification and credit card information from card machines in retail stores and gas stations. Identity theft also involves cyber crimes such as phishing or spoofing.

A Call for Laws Against Online Piracy

Published on: April 14, 2013 | by Law Offices of Salar Atrizadeh

The illegal downloads of music and movies, and the corresponding financial consequences for music labels and movie production companies, introduced online piracy to the forefront of newsworthy discussions. Today, online piracy has expanded into an online market that allows criminals to profit from stealing intellectual property (such as patents, trademarks, copyrights) from American owners and selling such valuable property online. Such “rogue sites” are usually located outside of America and organizations are able to maintain these sites by circumventing U.S. laws. The rogue sites will sell everything from movies and music, to medicine and automotive parts. In fact, counterfeit baby food comprises a large sector of the online piracy market, endangering the health and wellbeing of American consumers.

In light of this growing threat to American consumers, and their intellectual property rights, there is a call for more stringent online privacy laws to protect against these threats. Illegal piracy costs America $100 billion and thousands of jobs each year. Accordingly, Congress proposed the Stop Online Piracy Act (“SOPA”) to protect American consumers and American intellectual property. SOPA intends to target foreign websites that manage the sale and traffic of counterfeit products.

However, opponents of the bill have spread misinformation over the Internet to block SOPA’s passage. For example, Google openly opposes SOPA. To that effect, Google paid $500 million to settle a case alleging that Google promotes illegal foreign online pharmacies. The case suggested that these pharmacies pose a health risk for American consumers. Google argues that SOPA will allow for online censorship. Proponents of SOPA argue that the law does not aim to censor the Internet. Instead, this law only focuses on online activity that is already illegal. Furthermore, SOPA only covers foreign websites that are specifically involved in infringing activity. The National Association of Manufacturers, International Union of Police Associations, United States Conference of Mayors, National Songwriters Association, and the National Center for Victims of Crime all support SOPA and its overall purpose. Additionally, both the United States Chamber of Commerce and the American Federation of Labor and Congress of Industrial Organizations have formed a unique bond to support SOPA.

IMAGiNE Group Faces Counts of Criminal Copyright Infringement

Published on: April 2, 2013 | by Law Offices of Salar Atrizadeh

After an investigation by U.S. Immigration Customs Enforcement’s Homeland Security Investigations unit, U.S. District Judge Arenda L. Wright found members of IMAGiNE Group guilty of criminal copyright infringement. The court found IMAGiNE Group, an Internet piracy circle, guilty of perpetuating an effort to release movies available only in movie theaters. A representative of the Motion Picture Association of America testified that IMAGiNE was responsible for the most expansive effort to release pirated films between September 2009 and September 2011.

Judge Wright sentenced Jeremiah B. Perkins, a leading member of IMAGiNE, to prison and ordered him to pay $15,000 in restitution damages. After prison, Perkins will also face three years of supervised release. Perkins was responsible for recording films in theaters and compiling data into complete movie files to share on the Internet. Perkins admitted to renting computers, registering domain names, and opening email and PayPal accounts to help run IMAGiNE’s operation.

The National Intellectual Property Rights Coordination Center (“IPR Center”) within the United States Department of Homeland Security has supported the underlying investigation in this case. This center is one of the federal government’s greatest weapons in the fight against counterfeiting and piracy. The IPR Center works closely with other agencies within the Department of Justice to facilitate information sharing in an effort to establish and enforce initiatives that deter intellectual property theft. This case was part of the IPR Center’s greater effort to hinder and stop the spread of intellectual property theft. Attorney General Eric Holder instigated these efforts in response to the increasing crimes against intellectual property. Additionally, in light of recent news concerning threats of international cyber attacks, these efforts also go a long way towards protecting American consumers, their health, and their safety. Preventing intellectually property theft also protects the American economy by prohibiting outside parties from profiting on American products and intellectual property. The IPR Center aims to increase intellectual property right protections by implementing stricter criminal and civil liability for property right infringements. Additionally, the IPR Center seeks to organize greater coordination among federal, state, and local law enforcement agencies. Finally, the task force aims to refocus efforts on international property right protections by establishing and strengthening relationships with foreign governments.

Threat of International Cyber Attacks

Published on: March 11, 2013 | by Law Offices of Salar Atrizadeh

The news outlets have been reporting that the Chinese have allegedly been hacking into American infrastructures. Assuming this report is accurate, the United States is not equipped to handle the consequences of such an attack. These hackers would possess the power to disable the critical infrastructure in this country, eliminating electricity, gas, water, and all major transit systems. Indeed, earlier this year, both The New York Times and The Wall Street reported that hackers had infiltrated their systems and stolen confidential employee information. The New York Times has further reported that it has been experiencing constant attacks from the Chinese in an attempt to control information that pertains to China. The Ministry of National Defense in China denies any such cyberattack on The New York Times. In light of these recent developments, it has become increasingly important for individuals and businesses to take steps to ensure their cyber protection. By serving California and Washington D.C., the skilled attorneys at the Law Offices of Salar Atrizadeh successfully work on legal matters pertaining to cybersecurity and Internet law.

The former Secretary of Defense, Leon Panetta, has described the scene that will unfold after such an attack as a “cyber Pearl Harbor.” Indeed, these hackers could possess software with the capacity to destroy infrastructure hardware. Such an attack would spread chaos throughout the country for months while the government works to restore its vital systems. Pointing to the failed Cybersecurity Act of 2012, Panetta has called upon the private citizens and businesses to act to secure their cybersecurity. Hillary Clinton, former Secretary of State, confirmed that this was a crisis that required global attention.

These instances of “cyberterrorism” threaten to cause damage far beyond the destruction of 9/11. Mandiant, a cyber-security company based in the United States, traces these cyber-attacks to the People’s Liberation Army, the Chinese military. The efforts in America to make sense of these attacks have not led to any definitive answers. The dangers of cyber-attacks are apparent in the recent attack on Aramco, the Saudi Arabian oil company. The attack consisted of a virus, which destroyed 30,000 Aramco computers, and replaced essential files within the system with an image of an American flag burning. There was also a reported cyber-attack on Telvent (now known as Schneider Electric), an international corporation that provides companies with the network and connections to remotely control power grids, oil pipelines, and gas pipelines. It remains unclear whether the hacking efforts are meant to steal confidential information, or whether the hacking is part of a larger scheme to derail vital American infrastructures. Indeed, the threat may not be limited to the Chinese, but rather part of a greater effort to launch an attack against American cybersecurity. This certainly poses a threat not only for national security, but also for individual cyber-security involving consumers and businesses that compose and participate in the crucial business and technology infrastructures.

President Obama Signs an Executive Order to Protect Cybersecurity

Published on: March 4, 2013 | by Law Offices of Salar Atrizadeh

In light of recent news that America’s cyber-network is vulnerable to outside attack, President Obama signed an Executive Order to improve cyber-security for the nation’s “critical infrastructure.” According to the Order, “critical infrastructure” applies to the vital physical and virtual systems in the United States that are essential to the country’s economic security, public health, and safety. This definition is in line with the definition of “critical infrastructure” in the Cybersecurity Act of 2012, which the federal government failed to pass.

The Executive Order is meant to promote greater information sharing among members of the same network. This will ensure that all network providers are adequately aware of potential threats to the system in time to plan and implement an effective response. Accordingly, American companies now bear the responsibility of evaluating whether “critical infrastructure” applies to their operations. Alternatively, the Executive Order may also apply to companies that provide goods or services to other companies that the Executive Order implicates. In this case, the Executive Order would also apply to the companies that provide the goods or services. These companies would then bear the same responsibility to abide by the Executive Order and participate in the information-sharing network.

The Executive Order also requires various federal agencies to participate in this network. The Office of the Attorney General, the Department of Homeland Security, and the Office of National Intelligence, among others, are responsible for participating to create an information-sharing network. Such a network will make it easier to detect and ward off cyber-threats. Additionally, the information-sharing network will allow the participating agencies to quickly notify the President of any legislation that is necessary to further protect the nation’s cyber-network. Furthermore, a working and productive network will incentivize other agencies and companies to join the network. Increased participants will improve the breadth of the network, work to expand the reach of the network, and add to the information that is available within the network.

SMS Advertising Spam

Published on: February 24, 2013 | by Law Offices of Salar Atrizadeh

Under the Telephone Consumer Protection Act, commercial entities are barred from freely soliciting customers using a short message service (“SMS”). A SMS typically allows vendors to send short text messages to consumers’ mobile phones. In this case, vendors send text messages to customers, or potential customers, advertising their deals and offers. The Telephone Consumer Protection Act of 1991 (the “TCPA”), codified under Title 47 U.S.C. § 227, limits telemarketers from using automated telephone services to target customers using text messages. Automated telephone services, or auto-dialers, use software programs to automatically send text messages to multiple telephone numbers using a telephone number database. Additionally, where the TCPA allows vendors to solicit customers using text message, it requires these vendors to include identification and contact information in the message. Furthermore, the TCPA and Federal Communications Commission (“FCC”) regulations prohibit such messages between 9:00 p.m. and 8:00 a.m. These provisions require solicitors to maintain a “do-not-call” list and honor the National Do Not Call Registry.

Under the TCPA and FCC regulations, companies may send text messages through an auto-dialer to solicit customers if: (1) the customer has given consent to receive such messages, or (2) the message is sent in case of an emergency. These restrictions apply regardless of whether or not customers have placed their numbers on the National Do Not Call List. According to the FCC, in order to send commercial text messages, companies must obtain written consent from customers. For informational text messages, such as those involving political messages and school information, the FCC only requires oral consent.

However, vendors are drawn to text SMS advertising because it allows them to target customers more directly through cellphones. Nonetheless, companies that violate federal standards against SMS advertising face severe legal consequences. For instance, Papa John’s, the American pizza chain, is currently involved in a class action lawsuit, with a class of customers as plaintiffs, for allegedly sending 500,000 unwanted text messages to customers in 2010. Customers explain they received multiple text messages in a string offering deals for pizza, sometimes in the middle of the night. Since the TCPA makes it illegal to send unsolicited text messages to customers who have not opted to receive offers via text message, the potential award in this case may be the largest recovery under the TCPA. A jury could award up to $1,500 per each text message if it finds that Papa John’s intentionally violated the TCPA.

FTC Adopts Amendments to the Child Online Privacy Protection Act

Published on: February 19, 2013 | by Law Offices of Salar Atrizadeh

In 1998, Congress passed the Children’s Online Privacy Protection Act (“COPPA”) to ensure online privacy for children under the age of thirteen. Under this Act, online operators must obtain parental consent before they begin to collect information about online users under the age of thirteen. The Federal Trade Commission (“FTC”) implements and enforces COPPA. In December 2012, the FTC adopted the first significant amendments to COPPA since the inception of this federal law in 2000.

In 2010, the FTC began to review the terms of COPPA to determine whether changes in the cyber community would require amendments to the Act. The FTC felt that COPPA would potentially require amendments in order to keep pace with the fast-changing nature of the Internet. Before drafting any such amendments, the FTC invited interested businesses and third parties to communicate their suggestions for changes that would help improve this law. After this process, the FTC adopted three significant changes to the Act.

First, the FTC expanded COPPA’s reach to include applications, plug-ins, and advertisement networks that could potentially gather personal information about children under the age of thirteen. Although, this was a controversial addition to COPPA, the FTC was able to compromise by indicating that COPPA will only apply to these online operators if the operator is aware that it is collecting information about children. Next, the FTC expanded COPPA substantially so that it applies to a wider range of personal information subject to the Act’s regulations. Under the 2012 amendments, “personal information” now includes online contact information such as instant messaging usernames, voice over Internet protocol (“VOIP”) identifiers, video chat user data, any other screen names that serve to identify users individually. The Act will also cover “persistent identifiers,” which include IP addresses, profile pictures, or audio files that contain a child’s voice. Finally, the FTC has revised the acceptable means of obtaining parental consent. Pursuant to COPPA, online operators must obtain parental consent before collecting personal information about a child. Under the 2012 amendments, these online operators can now accept consent by a parent’s use of an online payment system, by a parent’s confirmation through video conference with trained personnel, and by verifying a parent’s identification with government-issued identification. These amendments aim to protect children’s privacy in the quickly changing environment of online operators and in light of the constant advancements in the Internet community.

Cloud Computing and Privacy Laws

Published on: January 28, 2013 | by Law Offices of Salar Atrizadeh

The proliferation of cloud computing has given rise to increased privacy concerns. These concerns are especially grounded in Google’s new terms of service that allow the company to gather user information and data and release it to government entities upon request, without obtaining user consent. According to these new terms, as of March 1, 2012, Google has been consolidating data on users who access Google and creating a single profile that contains all of this information. Google’s new terms have caused concern with the Electronic Privacy Information Center (“EPIC”), which argues that these terms conflict with an FTC Consent Order that outlined privacy standards for all Google products and services. The order required Google to obtain users’ consent before gathering and sharing personal user information with third parties.

In response to Google’s new terms, EPIC petitioned the Federal Trade Commission (“FTC”) to compel Google to abide by the terms of the 2011 consent order. EPIC brought suit in the United States District Court of the District of Columbia against the FTC, urging the organization to enforce the consent order, and stop Google’s new policy of gathering and storing user information in individual profiles. The court heard EPIC v. FTC in 2012 and ruled that the court lacked the jurisdiction over the FTC to compel it to act according to EPIC’s demands. Nonetheless, the court noted that it had “serious concerns” regarding Google’s revised terms of service.

The National Association of Attorneys General sent a letter to Google on behalf of 36 states, expressing concern with Google’s intention to gather information about users from all products that utilize Google services, such as cell phones, computers, and tablets. This is especially concerning for Android smartphones, which rely heavily on Google systems and products. Users with electronic devices use various Google products, such as Gmail, YouTube, and the Google search engine, in different ways. However, according to Google’s new terms, user profiles would consolidate usage from all such products into a single profile for each user. The Attorneys General also voiced a specific complaint towards users’ inability to opt out of these new terms. According to the letter, the lack of choice poses a severe threat to individual privacy.