Identity theft and personal privacy are major issues, as more information is available over the Internet and linked together through social media networks.  However, even as early as the 1970s, legislatures were taking steps to protect personal information from public exposure and marketing schemes.  For example, California’s legislature has passed the Song-Beverly Credit Card Act.   In essence, this law prohibits retailers from collecting personal identification information during a credit card transaction from consumers for marketing purposes.  As the market for consumer goods spreads to the Internet, courts must decide how far protection of personal information will extend.

What Are the Provisions of the Song-Beverly Act?

The Song-Beverly Act is intended to protect consumers from unwanted marketing efforts.  This protects privacy and personal information.  More specifically, retailers are not allowed to request and record customers’ email addresses to complete a credit card transaction.  Furthermore, these retailers cannot later use these addresses for marketing purposes.  However, according to recent case law, this law only applies to “brick and mortar retailers,” or retailers that maintain a physical presence.  As such, the statute only applies to in-store transactions and not web transactions.  This is an important distinction in light of the fact that an increasing number of purchases take place online.

In recent years, there has been an increase in cyber-attacks directed towards usernames and passwords for online banking accounts.  Through these attacks, outside parties have been able to misuse banking information for fraudulent wire transfers.  Hackers have starting using foreign accounts because it is more difficult to recover funds when dealing with some foreign banks.  Online banking fraud has led to over $40 million in stolen funds from small and mid-size companies.  Recently, the nature of these attacks have become more complex as regulatory agencies, e.g., FDIC, and enforcing agencies, e.g., FBI, scramble to keep up with changing technologies.

How Have Online Cyber-Attacks Changed In Recent Years?

In recent years, online banking fraud has become dramatically more sophisticated.  Now, hackers have the capacity to infect not only small, local sites, but also high-volume webpages all across web.  These hackers infect popular websites with Trojan viruses, which latch onto users’ computers when they visit the website.  The virus then directs to online banking information, such as account numbers and login information, allowing the hackers to access these accounts and conduct fraudulent transactions.  The virus may even have the capacity to record and hold this information itself.  To carry through the cyber-attack, criminals only need to setup funds transfers without the respective bank noticing.  Banks learned to watch for transfer activity from unknown computers, so now hackers steal victims’ IP addresses to avoid detection.  With this information, the transfer looks like a typical transaction from the user’s computer.  The hackers may obtain the ability to take control of a computer and use it to conduct fraudulent transfers.

One of the fundamental constitutional protections is the freedom of press.  Under the First Amendment of the United States Constitution, the press (i.e., journalists, reporters, newspapers) enjoys freedom from government censorship.  However, this right must be balanced against the individual right to privacy.  Furthermore, as an added protection for privacy, state laws provide protections against defamation.  Generally, defamation proceedings have included claims against traditional journalists—namely, journalists working for newspapers and other printed publications.  However, since a 2011 Ninth Circuit decision, the free press standards have been expanded to include bloggers as well as traditional print journalists.  The growth of the Internet empowers more people to discuss and spread the news.  Therefore, this expanded protection will need to continue balancing free press considerations with individual privacy considerations.

What Are the Principles Considerations for a Defamation Claim?

To establish a claim for defamation, a party must show a: (1) knowing, (2) publication, (3) of a false statement of fact, (4) concerning the party, (5) that tends to harm the party’s reputation.  Generally, there must also be evidence that the publication was a result of negligence or malice.  For example, a claim for defamation likely would not stand if the party did not know that the information was actually false.  There are two forms of defamation—libel, which applies to written defamation, and slander, which applies to oral defamation.  Defendants who are accused of defamation may raise a defense if the publication is true.  However, it is often difficult and expensive to litigate and prove truth since it requires extensive discovery into the facts of the publication.  Additionally, publications that are opinions may also be free from the threat of defamation.  Still, simply labeling a publication an “opinion” will not automatically protect it from defamation.  The courts will look to see whether a reasonable reader or listener would consider the publication as fact or opinion.  As this example demonstrates, defamation claims often turn on the specific circumstances of the cases—i.e., the nature of the statement, the parties involved, whether the truth of the statement can be proven, and how a reasonable person would perceive the statement.

In recent years, social media networks have proven to be an outlet for individuals to share personal views and opinions with the world.  However, Twitter’s new censorship laws could dramatically change whether individuals can actually express their viewpoints over this social media site.  Early in 2012, Twitter announced that it would allow for country-specific censorship laws.  Accordingly, Twitter content would be censored based on the country the individuals are located when reading content.  This will allow Twitter to comply with local government requests to remove or block content based on that country’s laws.   So, what censorship laws apply to the material on the web?  Interestingly, the law of the jurisdiction where material on the web is read, not written, governs the content.  This is the basis of Twitter’s new censorship laws.  They aim to cater to individual countries’ internet laws.

How Will This Affect American Laws and the Freedom of Expression?

The freedom of expression allows for a broad right for individuals to voice ideas and opinions in public without the fear of retaliation from opponents or the government.  Twitter argues that this new standard does not implicate the constitutional right freedom of expression.  Under Twitter’s new system, a tweet that is erased for breaking a law in one country may still be accessible in another country where the same legal standard does not apply.  Nonetheless, commentators point to how helpful Twitter has been during international crises (e.g., civil war in Syria).  Allowing governments to censor these posts may threaten lives.  This controversial policy deals with the conflicts of domestic and international laws.  Indeed, the fear is that the differences in laws will lead to high degrees of censorship in some regions.  Unfortunately, this will result in overall digression in the freedom of expression that societies have worked hard to protect.

Often times legal disputes can involve foreign entities or even foreign laws.  Where these disputes also deal with the United States, domestic laws will come into play.  In 1958, the United Nations adopted the Convention on the Recognition and Enforcement of Foreign Arbitral Awards, which is also called the New York Convention.  It requires contracting state courts to give effect to agreements to arbitrate and to recognize arbitration awards.  Indeed, parties can enforce international arbitration awards in the United States through federal courts.  However, as Toho Towa, Ltd. v. Morgan Creek Productions demonstrates, state procedural laws can help parties collect international awards.

What Did the Court Hold in Toho Towa, Ltd. v. Morgan Creek Productions?

In this case, the Second District Court of Appeal applied an international arbitration award and allowed the claimant to enforce the award against a parent company that did not participate in the initial arbitration.  The claimant in this case was Toho Towa, Ltd., a Japanese corporation.  Morgan Creek International B.V., a Dutch entity, and Morgan Creek International Ltd., a Bermuda corporation were the original respondents.  The dispute involved an agreement among Morgan Creek International BC, the signatory; Morgan Creek International, Ltd., the guarantor; and Toho Towa, Ltd.  The agreement dealt with the right to distribute the movie “The Good Shepherd” in Japan.  The original arbitration award rewarded over $5 million to the claimant.  Toho Towa then petitioned a California state court to confirm the award.  According to California law, (Code of Civil Procedure § 1287.4) the international arbitration award effectively became a court judgment.  However, Toho Towa soon learned that the subsidiary companies did not have the resources to satisfy the judgment.  Once again, Toho Towa petitioned the California courts to add the parent company, Morgan Creek Productions, as a debtor on the judgment.  This meant that the parent company would now be liable for the full judgment.

The expansion of social media networks has helped connect people and ideas all over the world. However, it has also raised substantial privacy concerns as more people store personal information on the web. Congress has enacted legislation in an effort to circumvent the dangers associated with online networks–for example, the Electronic Communications Privacy Act, the Child Online Privacy Protection Act, and the Stored Communications Act. States have also passed their own legislation to help protect cyber activity within their jurisdiction. For example, California passed “Do Not Track” legislation in November 2013 requiring websites to disclose their tracking practices. These laws, along with several others, work to protect individuals, entities, and their related private information as they continue to operate and conduct business over the Internet. Recently, a federal court applied the Stored Communications Act and found that it is applicable to a user’s wall posts.

What Are The Provisions of the Stored Communications Act?

In 1986, Congress passed the Stored Communications Act (“SCA”) which is codified under 18 U.S.C. §§ 2701 et seq.  The SCA aims to protect privacy interests implicated throughout electronic communications. Various court holdings have interpreted the SCA to apply to non-public electronic communications that take place over electronic communication services in an electronic storage medium. Violations of the SCA may carry potential criminal penalties, including serving time in prison. The penalties and liabilities will generally depend on the circumstances of the violation. The SCA does allow Internet service providers to share “non-content” with another person or entity. This includes log data and recipients’ email addresses. Still, this is a limited exception to the general rules and the SCA is still prohibited with sharing any information with a government entity. The government may compel Internet service providers to provide stored information. For electronically held communications, the government is required to have a probable cause and obtain a search warrant. For communications stored remotely, the government only needs a subpoena or a court order. Hence, remotely stored data enjoys a lower level of protection since it is easier to submit a subpoena rather than to obtain a search warrant.

In recent years, electronic spam has become a public nuisance. In response, several states, including, but not limited to, California, have enacted statutes to prevent electronic spam. As with most legislation that deals with the constantly-changing nature of the web, these statutes struggle to define the extent of their application while staying current with trends. Therefore, courts are charged with the responsibility of interpreting the intent of these laws.

What Are The Provisions of California’s Anti-Spam Statute?

In fact, California’s Business and Professions Code section 17529.5 prohibits any person or entity from sending commercial email advertisements, or spam, in three defined circumstances. First, spam is prohibited if an email advertisement uses a third-party domain without the third-party’s permission. Second, the statute prohibits email advertisements that use misrepresented information in the header. Finally, it is unlawful to use a subject line that is reasonably likely to mislead a recipient about the content or subject of the message. This section applies if the email is sent from California or if it is sent to a California email address. Accordingly, the reach of California’s legislation into other jurisdictions is also an issue for courts to interpret. Furthermore, a party bringing suit may recover both actual damages and liquidated damages. Liquidated damages are limited to $1,000 for each unlawful email and may go up to $1,000,000.

In general, both copyright and patent laws provide different levels of protection for computer software. Additionally, depending on the aspects of software that an owner wants to protect, these two areas of law will apply differently. Furthermore, securing a patent is a more rigorous process. However, a patent does provide a greater degree of protection. On the other hand, obtaining a copyright is less difficult, but it also provides a thinner veil of protection.

What Protection Does Copyright Law Provide For Computer Software?

The Copyright Act of 1976 is codified under 17 U.S.C. sections 101 et seq. Traditionally, copyright has been the common form of protection for computer software. However, copyrights only protect the expression of a work, and not its underlying idea. Copyrights have been instrumental in preventing software piracy and infringement of related works. The protection applies to software because the underlying computer code is similar to the types of writings the law protects. So, copyright holders can protect their software much like other literary works (e.g., books, scripts). Copyright protection essentially provides broad protections for software. It grants the typical copyright authority depending on the nature of the software. The courts have grouped software with other literary works and provided copyright protection accordingly. There also exist inconsistencies in court decisions applying the Copyright Act to software. This difficulty arises because the legal community often lacks the technical expertise necessary to properly classify software. For instance, where a judge cannot understand the program’s code, he or she cannot determine whether another infringing program’s code is substantially similar. It is necessary to establish substantial similarity to find copyright infringement. Therefore, the lack in technical background has led to unclear definitions as to what constitutes software copyright infringement.

On September 23, 2013, Governor Jerry Brown signed Senate Bill 568 (“SB 568”) into law, which requires social media sites to permit children to permanently erase online posts. These websites, including, but not limited to, Facebook, Twitter, and Tumblr, will have to provide options for users under the age of 18 to delete texts, photos, and videos. However, this option will not extend to content that a third party uploads regarding the minor. Hence, as California works to implement this new law, public debate circles around its effects and whether it will actually be helpful in protecting children online.

What Are The Provisions Of California’s New Digital Erase Law?

The law addresses websites that are directed to minors and have actual knowledge that a user is a minor. The websites include ones created specifically for the purpose of targeting minors rather than adults. These websites must provide a method for underage users to remove public posts about them. Alternatively, these users may ask the website to remove the content. However, if a minor received any compensation (i.e., marketing benefits, rewards) for a post, then the post is not subject to this law. In theory, websites may provide minimal compensation to minors to circumvent this law and avoid having to take down any posts. Furthermore, the law is ambiguous in some areas. For example, it is unclear whether minors are required to erase the content while they are still minors or whether they retain the right to erase any content they posted as minors. These details will need to be clarified to ensure proper enforcement.

In a recent case, Petronas v. Godaddy.com, the Ninth Circuit held that “contributory cybersquatting” was not a valid theory for relief. This case addressed the issue of whether the Anti-Cybersquatting Consumer Protection Act (“ACPA”) allows for secondary liability.

What Are the Facts?

Plaintiff, Petroliam Nasional Berhad (aka “Petronas”) is a Malaysian government-owned entity. Petronas holds the American trademark “PETRONAS.” The entity also owns the Petronas Towers in Malaysia. Defendant, Godaddy.com, is the world’s largest domain name registrar. The case revolves around a third party who registered the domain names petronastower.net and petronastowers.net in 2003. In 2007, the party began using Godaddy’s domain forwarding services to direct the domain names to an adult website. Petronas sued Godaddy for cybersquatting and contributory cybersquatting. In general, cybersquatting is the act of holding a trademark hostage in the form of a domain name and forcing the trademark owner to negotiate an unreasonable price for the domain. Although Godaddy did investigate the alleged cybersquatting, ultimately, they did not take any action.