Internet Lawyer Blog

Eagle v. Morgan: Employer Access to Employee Social Media Accounts

Published on: October 19, 2015 | by Law Offices of Salar Atrizadeh

The case of Eagle v. Morgan is about an employer’s access to employee’s social media account. This case highlights the importance of companies having social media policies to address the ownership of social media accounts during and after employment.

What is the case about and how does it affect your rights?

In Eagle v. Morgan, the plaintiff (i.e., Linda Eagle) had founded the company Edcomm, Inc. (“Edcomm”) and remained an employee when she sold her shares to Sawabeh Information Services Company (“SISCOM”). While employed at the company as CEO, Eagle’s coworker recommended creating a LinkedIn account for marketing purposes. Although, the business would occasionally become involved in the social media account’s content, and Eagle used her company email address, however, she was individually bound by the User Agreement and had made connections through her own efforts. Edcomm did not require its employees to have social media accounts and had only limited guidelines in place regarding employee use of LinkedIn. When Linda Eagle’s employment was terminated, the question of who owned the social media account became an issue. Edcomm changed Linda Eagle’s password by using her former company email address and replaced her name with that of her new replacement, i.e., Sandy Morgan. Linda Eagle sued Edcomm and multiple defendants in the United States District Court for the Eastern District of Pennsylvania. She claimed that this was an infringement of the Computer Fraud and Abuse Act and Lanham Act, as well state laws against invasion of privacy by misappropriation of identity, conversion, civil conspiracy, civil aiding and abetting, tortious interference with contract, unauthorized use of name in violation of Pa. C.S. § 8316, misappropriation of publicity, and identity theft under Pa. C.S. § 8316.

E-commerce Transactions: Issues and Disputes

Published on: October 12, 2015 | by Law Offices of Salar Atrizadeh

From a practical perspective, transactions that occur over the Internet can face similar issues that regular business transactions may encounter in their daily operations. However, e-commerce transactions have the added problems associated with cyberspace laws. It is nearly impossible for a business to be successful these days without having a website. Although, not all websites actively conduct business over the Internet, however, e-commerce related issues and disputes may arise from having an online presence.

What issues and disputes face e-commerce transactions?

E-commerce transactions have created a new environment for companies that conduct their business on the Internet. For example, contractual and non-contractual issues, such as free speech, consumer protection, and competition laws now face businesses that ship products, provide online goods/services, and use the Internet for marketing. Therefore, conducting business online involves unique legal concerns that is distinct from traditional business models. In sum, the concerns are centered on privacy, security, and regulation.

E-Commerce Transactions and Applicable Laws

Published on: October 5, 2015 | by Law Offices of Salar Atrizadeh

E-commerce transactions have become so common that legislators have had to keep up with the demand for regulations. Jurisdictional issues raise concerns of what law is applied in disputes over multi-state transactions. The state or federal laws of the United States, the domestic laws of another nation, international coalition laws, international treaties, or a combination of these laws could be applicable in a single case.

What federal and state laws may apply?

The Federal Trade Commission (FTC) is in charge of regulating e-commerce as a federal agency. The FTC has posted guidelines to help businesses navigate the myriad of e-commerce issues and factors that need to be addressed in order to do business across borders. Twenty-nine nations have signed on to the guidelines, including, but not limited to, United States, Canada, Japan, Germany, and Australia. The guidelines address fair business practices, marketing, commercial emails, consumer privacy, and recommended policies and practices. The laws that the FTC has passed for regulation of e-commerce transactions, include, but are not limited to, the CAN-SPAM Act of 2003, which set standards for email marketing, and Federal Trade Commission Act, which regulates all types of marketing and advertising.

E-commerce Transactions

Published on: September 28, 2015 | by Law Offices of Salar Atrizadeh

The phrase “e-commerce transactions” invokes thoughts of a complicated and technical phenomenon. In fact, many people partake in e-commerce transactions every day.

What is an e-commerce transaction?

An electronic commerce (a/k/a “e-commerce”) transaction involves a commercial transaction that takes place over the Internet. So, any trading of products or services over any electronic network, including, but not limited to, the Internet, is considered a part of e-commerce. The e-commerce transactions covered by the term include, business-to-business, business-to-consumer, consumer-to-consumer, and consumer-to-business. There are three categories of e-commerce transactions. There are agreements with: (1) Shrinkwrap terms—when a tangible product is delivered to a physical address usually in shrinkwrap or clear packaging; (2) Clickwrap terms—in which a digital product is delivered over a network (e.g., e-book); and (3) Browsewrap terms—when terms are agreed to in order for a consumer to access and use a website. However, e-commerce does not always involve actual money. The transaction can involve e-cash, digital currencies (e.g., Bitcoin), or services.

Internet of Things and Security

Published on: September 21, 2015 | by Law Offices of Salar Atrizadeh

The Internet of Things (“IoT”) is the network of electronic devices that communicate with each other via the Internet without human intervention. It has caused concerns regarding security since vast amounts of unsecure electronic devices are being used to send and receive information. Furthermore, the data breaches that lead to the loss of privacy have become more common as the Internet is used to connect electronic devices via private and public networks.

What is the proper security level for electronic devices?

Electronic devices that connect to each other over the Internet were created to transfer information, but were not originally designed with proper security features. What is the proper security level when electronic devices are interconnected? In order to avoid unauthorized access, security precautions should be implemented within the electronic devices and computer networks. For example, firewalls, encryptions, intrusion detection systems, and multi-factor authentications should be implemented as preventive and reactive measures. The electronic devices—which are accessed via the Internet—should be segmented into their own network and include network access restrictions. Also, consumers should change the default passwords on smart devices and implement strong passwords.

What is Quantum Computing?

Published on: September 14, 2015 | by Law Offices of Salar Atrizadeh

A quantum computer is a highly-advanced computer system that works exponentially faster than today’s conventional computers. Quantum computing is the practice of studying quantum computers and their potential. This practice is growing and has caused the rapid decrease in the size of computers at the same time as these systems are rapidly increasing in their capability. However, quantum computers are still being developed and have not yet become accessible.

What is a quantum computer?

A quantum computer is an advanced computer system. Quantum computing studies theoretical computation systems which use quantum-mechanical phenomena (e.g., superposition, entanglement) to perform data operations. While the average computer’s memory is made up of bits, a quantum computer’s memory is made up of qubits. A regular computer saves information in binary form using zeroes and ones, which are called bits. These strings of numbers, which are comprised of 0s and 1s, create codes that instruct the computer on how to proceed. However, a qubit in a quantum computer is a particle (e.g., atom, electron, photon) which is manipulated to store information. It is a two-state quantum-mechanical system, such as the polarization of a single photon, which can be vertical and horizontal polarization. So, the particle is manipulated in its quantum properties, like its spin or polarization, and can have multiple properties. Because of the flexibility and variation of qubits, more information can be stored on a quantum computer. Most importantly, information can be processed at an exponentially faster rate. For example, a problem that would take a conventional computer several minutes to solve due it its complexity, could be solved in less than a second by a quantum computer. This is because today’s conventional computers must go through each problem one step at a time, where a quantum computer has the ability to solve multiple problems instantaneously.

Class Action and the Song-Beverly Credit Card Act

Published on: September 7, 2015 | by Law Offices of Salar Atrizadeh

Class certification can be a complicated issue that does not just rely on fulfilling the usual requirements. For example, in Gass v Best Buy Co., Inc., an issue of fact had to be determined in order to confirm the class action certification.

What was the court’s decision in Gass v. Best Buy Co., Inc.?

Gass v. Best Buy Co., Inc. was a class action that failed due to the way plaintiffs’ claim was brought. In this case, multiple parties brought separate lawsuits against Best Buy claiming that its practices were against the Song-Beverly Credit Card Act. The claimants then merged their claims. The “class” claimed to be representing “[a]ll persons from whom Defendant requested and recorded personal identification information in conjunction with a credit card transaction… and a subclass of those who were asked for their information relating to the pre-enrollment . . . in Defendant’s Reward Zone program in conjunction with a credit card transaction.” The Song-Beverly Credit Card Act says that companies may not request or require, as a condition to accepting the credit card, the cardholder to provide personal identification information. The practices in question were: (1) when employees asked customers for additional information if they agreed to be in the Rewards program; (2) when customers were asked for their phone number if they forgot their member cards; and (3) if a card failed to swipe on a charge over $100, the customer would be asked for a zip code in order to look up his/her information. First, the court determined that these requests for identification were not illegal. Second, since the requests for information were not a violation, the court ruled that plaintiffs could not be certified as a class. This was because the definition of those affected was overbroad and included customers who may not have suffered any violation. The court ruled that, if the plaintiffs wished to pursue a specific violation, each could proceed individually.

Internet of Things and Privacy

Published on: September 3, 2015 | by Law Offices of Salar Atrizadeh

The Internet of Things (a/k/a “IoT”) functions through smart devices that communicate with each other and collect data without human interaction. These devices include smart cars, smart homes, smart hospitals, smart highways, or smart factories. However, the lack of security protecting information is creating privacy concerns as data is collected by companies and shared with third parties (e.g., marketing firms, governmental agencies). Also, the smart device can be accessed without authorization (i.e., hacked) by third parties and its information can be used for various illegal purposes.

What is the Internet of Things and what private information does it hold?

According to the Organization for Economic Cooperation and Development (“OECD”), one of the Fair Information Practice Principles is the collection limitation of personal data. Stated otherwise, data should be collected with the owner’s consent, through fair and lawful means, and should be limited. The OECD has issued its guidelines that are considered as minimum standards for the protection of privacy and individual liberties. From a practical standpoint, these principles (and relevant guidelines) should be uniformly enforced in the United States and other countries.

Internet Fraud and Class Action Lawsuits

Published on: August 31, 2015 | by Law Offices of Salar Atrizadeh

The term “fraud” invokes the same general meaning whether applied to acts on the Internet or in more traditional forms. The difference with Internet fraud is that it occurs on the web and the number of people who may fall victim to the same violation. This situation lends itself to class action lawsuits due to large numbers of consumers alleging the same harm against the same defendant.

What is Internet fraud?

The term “Internet fraud” includes a wide range of actions. In general, “fraud” is defined in Black’s Law Dictionary as “[a] knowing misrepresentation or knowing concealment of a material fact made to induce another to act to his or her detriment.” Therefore, incidents such as emails promising money or misrepresentations in website’s terms of use are considered fraud. Under California law, a plaintiff must show that: (1) a misrepresentation occurred; (2) defendant knew the information was false; (3) defendant had the intent to induce reliance; (4) plaintiff relied on the false information; and (5) reliance was the cause of damages to plaintiff.

FTC’s Enforcement Action Against LifeLock

Published on: August 27, 2015 | by Law Offices of Salar Atrizadeh

According to its website, the Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. LifeLock has used the massive security breaches of companies like Anthem and Target to increase its membership. On July 21, 2015, the Federal Trade Commission (FTC) claimed that LifeLock—an identity theft protection company—has violated a 2010 Settlement it had made with the agency and thirty-five state attorneys general. This assertion was made due to LifeLock’s alleged misrepresentation of its security capabilities and failing to take steps to protect consumers’ information.

What is the Federal Trade Commission’s responsibility?

The FTC was created to prevent anti-competition business practices and protect consumers against deceptive or unfair business dealings. The Federal Trade Commission Act (which incorporates the U.S. Safe Web Act amendments of 2006) sets the parameters for how the agency can prosecute companies, which it believes are misleading consumers through false or deceptive advertising. In fact, sections 45 and 52 of the statute indicate that, when a company commits an unfair act or deceptive practice, “and if it shall appear to the Commission that a proceeding … would be to the interest of the public, it shall issue and serve … a complaint stating its charges …” In addition, section 52 addresses the illegality of false advertisements, which would be likely to induce consumers to purchase a product. Although, LifeLock was not advertising a product, it was falsely advertising services, so consumers were induced to buying memberships. Therefore, the FTC is utilizing its ability to prosecute companies for violating the law.