Articles Posted in Technology

The experts describe “metaverse” as an alternate digital real-time existence offering a persistent, live, synchronous, and interoperable experience. It is where the real world meets the virtual world. Well, it sounds like science fiction but it’s going to be reality soon. The question is what are the legal issues and what remedies are available now.

Intellectual Property Issues

First, can copyright licenses protect the use of a work? The copyright laws should protect the original works as described in the applicable statutes such as the Copyright Act. In general, it protects original works of authorship, including, literary, dramatic, musical, and artistic works, such as poetry, novels, movies, songs, computer software, and architecture.

The term “metaverse” is a combination of “meta” and “universe.” This new concept allows users to interact with each other in virtual worlds and buy and sell names, goods/services, properties, and avatars. They can also organize, host, and attend events in virtual worlds.

The consumers will be using blockchain technologies and digital currencies. Blockchain is a database that includes network computers that share information across the internet. For example, Bitcoin uses blockchain technology to update its ledgers. So, several of these newer platforms are powered by blockchain technologies that use digital currencies and non-fungible tokens (“NFTs”) which allow a new type of decentralized digital asset to be designed, owned, and monetized. The NFT is a virtual asset that promotes the metaverse. It’s an intangible digital product that links ownership to unique physical or digital items (e.g., artistic work, real estate, music videos). In other words, each NFT cannot be replaced with another one because it’s unique and irreplaceable. So, for example, if you own an NFT, it will be recorded on blockchain and you can use it for electronic transactions. In fact, with NFTs, artifacts can be tokenized to create ownership digital certificates for electronic transactions.

What are the potential legal issues?

The internet is a combination of computer networks and electronic devices (e.g., smartphones, laptops) that can communicate with each other on various platforms. The internet has allowed people to immerse themselves in a world where they can create profiles on social media websites and freely interact with each other. It is certainly an intriguing phenomenon and an interesting part of today’s technological advancements. However, at this stage, technology companies are working on a different project called the “metaverse” which would combine the internet with augmented and virtual realities where the users can interact with each other as avatars.

What is metaverse?

It is made up of the prefix “meta” which means above or beyond and the stem “verse” which is a back-formation from “universe.” It’s generally used to describe the concept of a future iteration of the internet, made up of persistent, shared, three-dimensional virtual spaces linked into a perceived virtual universe.  It may not only refer to virtual worlds, but the internet as a whole, including the entire spectrum of augmented and virtual realities. It refers to an immersive digital environment where people interact as avatars. Its concept encompasses an extensive online world transcending individual tech platforms, where people exist in immersive and shared virtual spaces

Our law firm has received thousands of calls from actual or potential clients who were concerned about false, disparaging, or defamatory comments that were made about them on the internet. These comments were made by known or unknown individuals on websites, blogs, or forums such as Twitter, Facebook, Yelp, Reddit, or Instagram. The callers were obviously disconcerted and wanted to know the available legal remedies.

The federal Communications Decency Act (“CDA”) that is codified under 47 U.S.C. Section 230 has a direct effect on online defamatory comments that are made on social media platforms. This federal statute states that Congress finds the following:

(1) The rapidly developing array of Internet and other interactive computer services available to individual Americans represent an extraordinary advance in the availability of educational and informational resources to our citizens.

There are a series of online scams that have been taking place in the recent years. The culprits are becoming more sophisticated as they’re coming up with new schemes. The law enforcement agencies have been trying to keep up with the new schemes. However, given their limited resources, it is a challenging task. Nonetheless, our law firm has been representing clients in state and federal courts who have been victims of online scams.

Online auction scams have become prevalent on the internet. For example, the scammer gets involved in the online auction and purchases the item by overpaying for it via an international money order. Then, the seller who is eager to sell the item to the buyer in good faith, sends the item along with the overpayment. So, at the end, the seller loses the item and the funds.

Online rental and real estate scams involve the same type of practice where the scammer poses as the interested renter or buyer and sends the funds towards the seller or landlord. Then, the scammer reneges on the deal and requests a refund. The seller or landlord returns the funds but later realizes the initial check was counterfeit.

Doxing has become a major problem on the internet since it usually violates the victim’s privacy rights. It is a form of unwarranted harassment and stalking on the web as the culprit shares the victim’s personal information with the general public and encourages them to target the victim. Hence, the victim could feel exposed on the internet and be left without legal protection.

The doxing party reveals personal information about a person or legal entity on the web in a typical case. The doxing party is usually savvy in extracting personal information from third-party websites or in hacking electronic devices. This personal or private information is illegally obtained in violation of the victim’s privacy in an effort to annoy or harass him or her for no legitimate purpose. In other words, it is an act that constitutes “harassment” under the applicable statutes such as California Code of Civil Procedure section 527.6.

There have been many doxing incidents in the past years. For example, there was doxing of abortion providers wherein their personal information was exposed to the general public. The court held this violation was considered an incitement to violence and not subject to free speech rights. Hacktivists called the “Anonymous Group” have been responsible for exposing information of law enforcement agents as an effort to retaliate against investigations. They have also released information about the Ku Klux Klan in reference to the shooting of Michael Brown. In addition, there have been misidentification incidents in connection with the Boston Marathon bombing on Reddit where Sunil Tripathi was mistakenly identified as a suspect.

We’ve already described the definition of doxing in the prior article. We will turn to the various doxing methods and relevant laws. Doxing works by tracking someone’s information by accessing the internet or other databases. Big data has allowed individuals to extract personal information which was impossible to find in the past. Nowadays, the doxing party can track usernames, run a WHOIS search on a domain or website, engage in phishing activities, look into social media profiles, go through state/federal government records, tracking an Internet Protocol (“IP”) address, or conduct a reverse phone number lookup. The doxing party can also engage into what is referred to as “packet sniffing” which can be prevented by using a virtual private network.

The doxing party (i.e., culprit) can release the victim’s sensitive or personal information on the internet and instruct others to harass or intimidate the victim. There have been instances of such transgressions in recent years. For example, a popular adult dating website was hacked and the users’ private information was released into the web. Obviously, this incident was embarrassing for the adult dating website and its members. There have been other incidents where the victim had engaged in questionable conduct and was targeted on the internet.

Is doxing illegal?

The question is what is doxing and what are the laws? Doxing, which is short for dropping documents, takes place when the malicious actor gathers personally identifiable information and publicly discloses it to annoy, harass, intimidate, or stalk the victim for no legitimate purpose. The malicious actors engage in these types of activities to publicly humiliate or target their victims. For example, they may intentionally identify law enforcement personnel or show off their hacking abilities.

How does doxing work?

The malicious actors utilize different techniques for their doxing activities. They can hack, social engineer, or steal personal and confidential information. They can gain access to the victim’s email account and extract private information from the victim’s account. They can break into web-based accounts such as social media, cloud storage, or bank records. They can also use the same email address and password to gain access to other accounts. There have been incidents where the malicious actors used the victim’s Department of Homeland Security username and password to gain access to its network.

We have explored the nature and capabilities of augmented and virtual reality (“AR/VR”) technologies in previous articles. We have discussed how these technologies can collect, store, and share personal or confidential information with third parties. The user information that’s collected may be stored and shared for financial gain in most situations. The third-party service providers (e.g., Google, Microsoft, Facebook, Instagram, Twitter) that have access to these technologies may conduct data analysis to learn more about their users through behavioral marketing. The AR/VR technology manufacturers may implement some type of user surveillance for profit. However, it should be noted that these practices should be conducted with the user’s knowledge and authorization.

Now, with that being said, the users should be protected by the state, federal, and international legislators and policymakers. The legislators and policymakers should consider implementing the proper safeguards within their laws that would protect the consumers. We have mentioned the main issues in previous articles which, include, but may not be limited to, data privacy and cybersecurity. Data privacy is a key component to any kind software and hardware technology. There have been multiple cases where the manufacturer failed to implement user protection safeguards. The Federal Trade Commission (“FTC”) has prosecuted legal actions against manufacturers and other commercial organizations. For example, In the Matter of Zoom Video Communications, Inc., Zoom was required to implement a robust information security program to settle allegations that it had engaged in a series of deceptive and unfair practices that undermined user security. In addition, in another case, LifeLock was forced to pay $100 million to settle contempt charges that it violated the terms of a federal court order that required it to secure consumers’ personal information and prohibited it from deceptive advertising. The FTC has been charged with the task of prosecuting consumer fraud. Please refer to https://www.ftc.gov/enforcement/cases-proceedings/terms/249 for more information.

Regulatory uncertainty plays an important role in the future of AR/VR technology since many of the existing laws do not address each and every issue. Although the existing laws provide certain guidance to the device and application manufacturers, however, there are certain and cognizable loopholes that should be addressed by state, federal, and international legislators. So, for example, there should be clarity on the scope of tracking software that has been implemented in the technology. Also, on a side note, there should be a way to fully disclose the technology’s capabilities and to obtain user consent – i.e., the device and application manufacturers should provide an opt-out option to avoid unfair, deceptive, or misleading advertising. It’s important to note that the FTC Act (codified under 15 U.S.C. §§ 41-48), under Section 5, grants the federal agency the right to file legal actions. The term “unfair or deceptive acts or practices” includes such acts or practices involving foreign commerce that: (i) cause or are likely to cause reasonably foreseeable injury within the United States; or (ii) involve material conduct occurring within the United States. So, in essence, the federal agency promotes transparency and disclosure in order to properly inform and protect consumers.

The technology that we are using on a daily basis provides certain and cognizable advantages and disadvantages. The advantages are great and have allowed the public to have access to a wide range of options. The disadvantages, include, but are not limited to, security and privacy discrepancies. Technology operates to enhance a business model, idea, or operation. This is usually done by collecting and selling information for profit. These types of data collection and marketing activities have been heavily regulated by state and federal agencies in recent years. However, with every new technology, there will be new challenges.

Augmented and virtual reality technologies are no different from other types of technologies in that they are fully capable of being abused when they fall into the wrong hands. Augmented and virtual reality software or hardware applications are designed to enhance user experiences by storing and sharing information across the network. This information may include personal or confidential information that would not otherwise be accessible by third parties. Nonetheless, the designers or manufacturers of these applications make it much easier to gain access and share information with third parties – e.g., marketing or advertising agencies – which pay an incentive for gaining access to them.

The state and federal legislators should pay close attention to these technologies and their operation mechanisms so they can update existing laws and implement new laws that would properly address consumer-related issues. Now, if the AR/VR technologies are collecting health or medical information, the Health Information Portability and Accountability Act (“HIPAA”) comes into play. Also, if the AR/VR technologies are collecting a minor’s information, then the Children’s Online Privacy Protection Act (“COPPA”) would be applicable.