Internet Lawyer Blog

Smart Devices and Privacy Laws

Published on: January 4, 2021 | by Law Offices of Salar Atrizadeh

Smart devices are being sold to consumers and businesses on a regular basis. They include smart phones, smart cars, smart televisions, smart thermostats, smart doorbells, smart bulbs, smart locks, smart watches, smart speakers, smart refrigerators, and other electronic devices. These smart devices can be recording you or collecting personal data without your knowledge or consent.

Privacy in the internet and technology age has become a major concern. This is primarily due to the existence and availability of smart devices which are even referred to as “smart spies” because they can record and transfer personal information to the hackers who use technical flaws to install spyware. This is why it’s important to review the security settings of the smart device on a regular basis. For example, smart televisions are connected to the internet, and if they are hacked into, they can easily be used for nefarious purposes. Smart speakers and digital assistants are listening to voices and that is why they can be a threat source for their users. They are constantly collecting information with or without the user’s knowledge or consent. There may be a way to delete the recently-recorded information by telling the smart device to delete the last conversation but consumers should read the user’s manual to learn about the options.

Smart doorbells, which are part of a home’s security surveillance system, have cameras and are connected to the internet. Therefore, they can be hacked into and used to record activities. For example, Ring has been questioned for sharing video recordings with police departments and third-party service providers such as Facebook and Google without the user’s knowledge or consent. It is important to view the “authorized client devices” feature to understand which device is accessing the account.

Internet Dispute Resolution – Part III

Published on: December 28, 2020 | by Law Offices of Salar Atrizadeh

Internet dispute resolution has evolved and become more prevalent in recent years. The internet has offered many advantages when it comes to electronic commercial transactions and communications. It has enabled e-commerce websites to gain access to domestic and foreign customers. Naturally, there could be disputes between the e-commerce websites and their customers, or alternatively, between the customers themselves. These disputes are usually related to contractual rights and responsibilities which can be resolved through alternative dispute resolution – e.g., arbitration, mediation.

Geographic location of the parties can create an impediment for dispute resolution purposes. This is especially true because in most circumstances the parties hire a third-party neutral to review their files and issue a final decision. Internet dispute resolution provides an option to have the parties reach a practical solution even though they may be in different jurisdictions. The parties and their neutral judge can be in geographically different locations and need not meet in person to reach a final decision. This, in and of itself, provides a huge advantage from a logistical point. It also brings down the cost of traveling since they can use videoconferencing technologies.

Technology tools and techniques have provided a relatively stable platform for internet dispute resolution procedures. The software and hardware technologies that are available today allow the neutral judge (e.g., arbitrator, mediator), and interested parties, to effectively participate in the dispute resolution procedure. They can securely send and receive files which may include sensitive or confidential information such as financial information. These technologies are using encryption for security reasons. This way, the parties can have trust and confidence in the process and effectively use it.

Internet Dispute Resolution – Part II

Published on: December 21, 2020 | by Law Offices of Salar Atrizadeh

Internet dispute resolution is paramount in the age of technology and innovation. Cyber-negotiation strategies have proved to be effective for online dispute resolution providers. These providers allow the parties to resolve their disputes by submitting settlement offers and negotiating over the internet.

Cyber-mediation and cyber-arbitration are part of the online dispute resolution services. They present certain advantages and disadvantages when compared to traditional mediation and arbitration. For example, online dispute resolution is effective and easy especially since it does not require the parties to travel anywhere. It is less costly and time consuming when compared to the traditional options. However, the disadvantage may be that it is impersonal as the parties do not meet the neutral judge in person. So, in essence, the entire process takes place online and no one has the opportunity to have an in-person meeting.

In most contracts, there is some kind of dispute resolution provision that allows the parties to avoid a formal lawsuit. The provision can include language about a preselection of the service provider the parties have chosen for administering the dispute resolution process. This way, they can agree beforehand that all disputes will be resolved without a formal lawsuit in state or federal court. It is important to note that litigation can be time consuming and expensive and online dispute resolution providers can deliver an alternative option.

Internet Dispute Resolution – Part I

Published on: December 14, 2020 | by Law Offices of Salar Atrizadeh

Internet dispute resolution procedures such as arbitration or mediation are necessary when there is an actual case or controversy between the parties. These types of alternative dispute resolution procedures provide a viable option for the parties to solve their legal claims before or during litigation. So, in general, an appointed neutral third party (i.e., arbitrator, mediator) reviews the case and renders a decision with the following caveat: Arbitration is usually a binding process but mediation is not binding between the parties.

Internet disputes arise in several areas such as business transactions that take place between commercial organizations and their customers. They take place during international e-commerce transactions. Internet disputes may also occur between users or subscribers of social media websites. In any event, all kinds of online disputes are taking place which should be addressed and resolved by a qualified neutral third-party – i.e., arbitrator, mediator.

International e-commerce transactions have expanded in recent years especially since there are multiple websites that provide a way to find and order products or services. These e-commerce websites (e.g., Amazon, eBay, Alibaba) sell a variety of products or services to their users or subscribers. So, naturally, there will be problems which is why there should be a fair and efficient resolution system.

Cybersecurity and Privacy Rules

Published on: December 7, 2020 | by Law Offices of Salar Atrizadeh

Cybersecurity and privacy rules have changed the private and public sectors’ landscapes. The state and federal rules are changing the ways private and public organizations are managing their operations. These rules are focusing on privacy, security and regulations in all jurisdictions but uniformity is an issue. Therefore, state and federal legislators should ensure uniformity to avoid regulatory and enforcement contradictions.

The State of California has enacted laws to promote cybersecurity within its jurisdiction. For example, Assembly Bill 89 (“AB 89”) was enacted to ensure information sharing should be conducted in a way that protects an individual’s privacy and civil liberties, confidential information, preserves business confidentiality, and enables public officials to detect, investigate, and prevent network security breaches. It has also enacted the California Consumer Privacy Act (“CCPA”) that allows individuals to file a legal action against businesses that fail to implement and maintain reasonable security measures to protect their personal information. Now, “reasonable security measures” may include using a firewall, encryption, and intrusion detection software on their computer networks.

The State of New York has enacted laws to promote cybersecurity within its jurisdiction. For example, it has passed the Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”) to protect consumers from exposure of private information from cybersecurity attacks. This statute is designed to increase data protection and data breach notification requirements for commercial enterprises. It is meant to hold business organizations responsible for gathering and storing consumer personal information which may include a name, address, telephone number, email address, date-of-birth, and social security number.

Workplace Privacy Rights – Part III

Published on: November 23, 2020 | by Law Offices of Salar Atrizadeh

There is a general presumption that workplace privacy does not exist under any circumstances. However, that is not always the case. The state Constitution grants privacy rights and a private right of action to file a lawsuit against employers who violate those rights. It states in relevant part that: “All people are by nature free and independent and have inalienable rights. Among these are enjoying and defending life and liberty, acquiring, possessing, and protecting property, pursuing and obtaining safety, happiness, and privacy.”

The courts have decided that the main issue is whether the employee has a “reasonable expectation of privacy.” So, for example, employers are allowed to monitor internet usage or business email communications. Nevertheless, employers are not permitted to conduct surveillance in bathrooms or locker rooms. An employer may be held liable for disclosing the employee’s termination reasons, arrests, convictions, credit reports, misconduct reports, medical information, or confidential communications.

Employers are usually interested in social media activities of their actual or potential employees. They may review their social media accounts to make hiring decisions. However, California Labor Code § 980 prohibits employers from requesting disclosure of usernames or passwords of social media accounts. It also prohibits employers to require the employees to access personal social media accounts in their presence. California Labor Code § 980 states in relevant part that an employer shall not require or request an employee or applicant for employment to do any of the following:

Workplace Privacy Rights – Part II

Published on: November 16, 2020 | by Law Offices of Salar Atrizadeh

Workplace privacy rights and legal restrictions on workplace monitoring are important issues. Many employers monitor employee activities to increase productivity and avoid workplace violations. They may use special software to monitor the network activities which can include email, telephone, and internet activities. However, they should also consider the employee’s reasonable expectation of privacy.

An employer, that has a legitimate interest in monitoring its employees, should be allowed to monitor business-related communications without problems. A legitimate interest can be established when there is proof that surveillance was conducted to promote efficiency and productivity. Employers usually inform their employees that they are being monitored to avoid violating their privacy rights. In other words, once the employee knows that he or she is being monitored, then he or she does not have a reasonable expectation of privacy. However, any kind of workplace monitoring should be narrowly tailored in time, place, and manner.

The Electronic Communications Privacy Act (codified under 18 U.S.C. 2511, et seq.) is a federal statute that is designed to control the workplace monitoring of electronic communications. It generally prohibits employers from intercepting electronic communications of their employees. Nevertheless, there are the following exceptions: (1) business purpose exception; and (2) consent exception. The “business purpose exception” applies when the employer is able to show surveillance was being conducted for a legitimate business purpose. The “consent exception” applies when the employer is able to show surveillance was being conducted with the employee’s knowledge and consent.

Workplace Privacy Rights – Part I

Published on: November 9, 2020 | by Law Offices of Salar Atrizadeh

Electronic data exists on multitude devices for everyone. In other words, electronic information such as letters, emails, pictures, or videos are being stored on your electronic devices on a regular basis. Now, we should be cognizant of this process and take steps to protect the electronic information and promote privacy rights.

The Fourth Amendment was enacted to promote an individual’s right to privacy and states as follows:

“The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

United States Cybersecurity Laws – Part III

Published on: November 2, 2020 | by Law Offices of Salar Atrizadeh

Cybersecurity is the most important measure for protecting your personal and confidential information. There are cybersecurity incidents taking place on a daily basis. In general, most targets are companies and individuals who yield confidential information such as financial documents. This way, the hackers can use the information to promote their illegal acts or violations. In fact, it is known they use malware and spam to infiltrate electronic devices and extract confidential information.

Spam has been prolifically used by hackers to target victims. The hackers use this method to send unsolicited emails to victims. In other words, they ask them to click on a link or download a file which unbeknownst to the victim contains malware. Then, once the victim has downloaded the malware, his or her computer will be infected. The virus will extract personal information and send it back to the hacker. The virus may also use a “keylogger” to track the victim’s activities. It can track and record the victim’s financial transactions and find a way to log into his/her bank accounts.

Hackers can find their victims by using several methods. For example, phishing scams have been used to lure their victims into traps. They use instant messages and text messages to contact their victims. The hackers use these methods to take the victim’s usernames and passwords without authorization. They will try to gain access to the victim’s financial accounts and extract funds without authorization. As a result, the hackers will ruin the victim’s credit by opening up credit card or mortgage accounts without authorization. They can obtain cash advances if they gain access to the financial information. They will also utilize the victim’s social security number to engage in fraudulent activities.

United States Cybersecurity Laws – Part II

Published on: October 26, 2020 | by Law Offices of Salar Atrizadeh

Data breach incidents have caused a significant amount of complications for business owners and their customers. The statistics show that at least 50% or more of companies have been targeted by hackers. So, the lawmakers have taken steps to promulgate laws to protect the victims and penalize the bad actors.

Data Breach Notification Laws

Every state has some form of data breach notification legislation that requires business owners to give notice to consumers about a data breach that has resulted in the unauthorized acquisition of unencrypted personal information. These laws usually require the business owners to give notice to the consumers in the most efficient manner. They may require the business owners to notify the Attorney General’s office if the business is required to notify a significant number of residents in that state. They also grant a “private right of action” (i.e., the right to file a lawsuit) to the victim in order to seek legal and equitable damages.