Published on:

In the past few months, more domestic and foreign regulations of digital currencies are being proposed. However, New York is at the forefront of establishing new Bitcoin regulations, and California not far behind. By the end of May, it is likely that the updated BitLicense bill regulatory framework will be released and used as an example for other states.

What are the New York and California Proposed Regulations?

Benjamin Lawsky, New York’s first Superintendent of Financial Services, announced the parameters of the bill this year. The BitLicense bill will stipulate that businesses will need a license if they handle (i.e., store, transfer) Bitcoin for customers, cover or issue digital currency, exchange Bitcoin for other currency, or buy and sell digital currency to or from a customer. Merchants that only accept digital currency for purchases will not need a license. Any licensed company will have to maintain a certain amount of capital, which will be assessed using an assortment of factors. State officials say that feedback is still welcome and that the bill is a work in progress. The goal in the end, however, is that the new regulations would protect consumers who use digital currency by establishing rules and guidelines.

In California, Assemblyman Matt Dababneh, who is chairman of the Banking and Finance Committee, drafted AB-1326 in order to regulate digital currency. This law would require licensing for companies handling digital currency along with similar capital maintenance requirements. Also, included in the bill is the allowance of regular inspections to ensure businesses are being conducted lawfully, and proper accounting mechanisms for the digital currency. The businesses not in compliance will be subject to civil penalties. The bill will not likely affect companies that are already licensed to do business in California, which is better for California companies.

How can these regulations hurt startups?

In general, there is an increase in cost when companies using Bitcoin need licenses. This has caused concern of an overlap between federal and state regulations of digital currency that may lead to the failure of startups. There is also a concern that too much regulation and risk will dissuade new ventures and hurt growth of companies already established in the digital currency industry. The companies that are already established have a method of doing business, but the new regulations may dictate more stringent ways for businesses. If the New York bill is passed, companies will only have 45 days to secure a license, which if delayed can cause business interruptions. However, some see this concern as premature since it is unlikely to be large-scale and immediate implementation of new regulations in all 50 states.

At our law firm, we assist clients in legal issues related to internet, technology, and digital currencies. You may contact us in order to setup an initial consultation.

Published on:

In recent times, the non-consensual publishing of private images online has been a topic of debate among lawmakers. Since our last article discussing revenge porn, there have been new laws passed and proposed that show state governments’ increasing pushback against posters of revenge porn and their facilitators. More and more states are passing laws that address cyberstalking, cyberharassment, and similar offenses leading to a wide array of people prosecuted for revenge porn.

What is the new California law?

On October 1, 2013, Senate Bill 255 (“SB 255”) took effect and was codified in California Penal Code § 647(j)(4). On January 1, 2015, a new amendment to this section went into effect specifying that a defendant is liable if he/she should have known that the subject of the photo did not consent to having his/her picture published online. An amendment to California Civil Code § 1708.85, also came into effect recently in order to allow victims of revenge porn to sue for civil damages. Now, revenge porn posters and hosts may be held liable, both criminally and civilly, in California. In fact, a recent California case caused quite a stir when the operator of a website, who allowed third-party posting of revenge porn, was sentenced to 18 years in prison for identity theft and extortion. So, with the new civil code amendment, this form of prosecution should be more available to victims.

What other states have new laws?

Although, it started with New Jersey and California, sixteen other states now have laws creating criminal liability for revenge porn or similar offenses. These laws, include, charges of stalking, harassment, unlawful distribution of images, disorderly conduct or posting private photographs as a misdemeanor, posting private images for pecuniary gain, violation/invasion of privacy as a misdemeanor, or even a felony, video voyeurism as a felony, non-consensual dissemination of private sexual images as a felony, and unauthorized distribution of sensitive images as a misdemeanor or felony if there are prior convictions. At this time, Wisconsin is the only state besides California that already has civil liability for revenge porn, but other states are not too far behind.

Is there federal legislation?

Under Section 230 of the Communications Decency Act, website carriers are immune from liability for material posted by third parties, so long as the content does not violate copyright or criminal law. This is to prevent such claims as libel or violation of privacy against Internet Service Providers (e.g., Facebook, Google, Yahoo).  Also, 18 U.S.C. § 2261A relates to cyberstalking by using any facility of interstate or foreign commerce.   Moreover, new propositions for a federal bill regarding revenge porn have been drafted, but no immediate legislation change is in sight.

At our law firm, we guide clients in legal matters regarding online privacy, revenge porn, and remedies against cyberstalking or cyberharassment by using our knowledge to create innovative solutions. If you have been a victim of cyberstalking, cyberharassment, or revenge porn, please contact us to speak with an attorney who can help explain the legal remedies.

Published on:

The CAN-SPAM Act is the federal act that preempts state anti-spam laws. In response to this federal statute, California, and many other states have passed similar anti-spam laws. Do you have a new company that needs to market to a broader community? Will your company create an email list to reach out to new users, customers, or clients? Then you should be aware of the federal and state laws and how they can create liability.

What is the CAN-SPAM Act?

The CAN-SPAM Act mostly focuses on unsolicited commercial email. It stands for Controlling the Assault of Non-Solicited Pornography and Marketing. This federal law prohibits any commercial email that is fraudulent or deceptive and requires all email messages to include an opt-out option for the recipients. Although, the law is focused on companies that disguise the source or purpose of the email, the impetus for passing the bill was the growing cost problem for those receiving mass amounts of emails such as non-profit companies, educational facilities, and other businesses with limited server space. However, this law “only provides a private cause of action to internet service providers that have been adversely affected by prohibited commercial e-mails, and does not extend a cause of action to the recipients of such e-mails.” See Hypertouch, Inc. v. ValueClick, Inc., 192 Cal. App. 4th 805, 123 Cal. Rptr. 3d 8 (2011). Therefore, it is up to the states to determine whether individual recipients of spam can bring suit against companies or individuals.

What are California’s Anti-spam laws and what effect do they have on companies?

The California Anti-SPAM laws are contained in the Business and Professions Code sections 17529-17529.9. This code is also focused on prohibiting fraudulent and misleading emails and faxes that can cost companies and individuals unnecessary time and money.  According to Business & Professions Code § 17529.2, a person or entity may not initiate or advertise, or assist in initiating and advertising, in an unsolicited commercial e-mail advertisement from California, send one from a California email address, or send one to a California email address. In fact, Business and Professions Code section 17529.5, permits both recipients of spam and the Attorney General to bring suit against companies and individuals sending spam within the prohibited definitions. It only takes one email delivered to one person to create liability. Those bringing suit can claim actual damages, liquidated damages of $1,000 to $1,000,000 per prohibited email, and attorney’s fees and costs. The damages a company may have to pay are drastically reduced if it can be shown that it used due diligence to prevent its emails from falling under the prohibited emails defined in the code.  In general, email service providers are not liable if they are only involved in the transmission of the email and may bring a separate claim against violators of their anti-spam policies.   You may click here for more information on state anti-spam statutory guidelines.

At our law firm, we are knowledgeable regarding anti-spam laws.  We guide our clients on how to avoid falling afoul of anti-spam laws. You may contact us to setup a free consultation.

Published on:

There has been a surge of new laws and regulations passed by governments to implement security and privacy measures for companies storing information in the cloud. This surge is due to recent security breaches and the realization of how much information can be compromised. Information stored in the cloud ranges from personal information to confidential government intelligence. Although, the most publicized breaches may be of celebrity’s compromising photographs, many other breaches of medical insurance companies and credit card accounts have affected the public. It is only natural that a set of new privacy and security laws are drafted both internationally and domestically as the use of cloud computing technology expands.

What are some of the international laws?

In general, each country has been forming its own laws governing privacy and security of information. For example, Australia, Canada, Japan, and Korea have comprehensive privacy regimes without onerous registration requirements. Also, organizations, such as the Cloud Security Alliance (CSA) and Information Technology & Innovation Foundation (ITIF) are trying to assist in finding a clear set of widely-accepted security procedures that will lead to a more consistent set of policies for companies to follow when storing information. Until this is accomplished, companies have to assess the laws and regulations of countries that may affect them. Companies then have to decide the best security and privacy measures to protect them from liability.

What are some of the domestic laws?

The domestic laws governing the security and privacy of the cloud technologies are on state and federal levels. For example, there is a federal law that clarifies how to build security for cloud-based applications that specifically contain private student records. This statute is entitled the Family Educational Rights and Privacy Act (FERPA) and protects student grades and educational records.

Two additional acts are the Gramm-Leach-Bliley Act (GLBA) and Health Insurance Portability and Accountability Act (HIPAA). GLBA requires companies that provide financial products or services to protect all of the private financial information they acquire. This law has two rules: (i) Financial Privacy Rule; and (b) Safeguards Rule, which requires institutions to communicate with the consumer when the relationship is established and every year after to review the personal information collected, location stored, sharing/usage, and most importantly, consumers are told how that private information is protected.  Each company is required to create a plan to protect its client’s private financial information.

HIPAA was implemented to protect the private health information collected by health insurance companies. It also contains security regulations, which according to the Department of Health & Human Services “sets national standards for the security of electronic protected health information.”

An example of non-governmental regulations is the Payment Card Industry Data Security Standard (PCI DSS). In 2004, MasterCard and Visa worked together to create this standard, which assists companies in establishing security systems for information stored in the cloud.

At our law firm, we are well versed and up-to-date in laws governing cloud computing technologies. You may contact us to setup a free consultation.

Published on:

In 2011, Congress proposed two relatively similar bills—House of Representatives’ Stop Online Piracy Act (SOPA) and Senate’s Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PIPA)—that legislators and lobbyists hailed as providing important protections against piracy and counterfeiting online. Yet, this apparently strong support was quickly withdrawn when a massive online protest in January 2012 sparked intense and ultimately fatal opposition to the bills.

Despite the strong public disapproval and lack of Congressional support, in July 2014 the Intellectual Property Law (IPL) Section of the ABA issued a white paper proposing that Congress enact legislation allowing essentially the same private copyright infringement suits against allegedly infringing foreign websites as those provided for in SOPA and PIPA, and suggesting that those protections be extended to trademarks as well.

How Does the ABA’s Proposal Differ From Previously Rejected Legislation?

To be sure, the ABA noted and attempted to avoid the more controversial provisions of the previously rejected legislation. For instance, the white paper proposes that intellectual property owners, as opposed to Internet service providers, should bear the burden of policing against infringement. In addition, unlike SOPA and PIPA, the white paper suggests notifying foreign websites of alleged infringement and offering them a chance to defend themselves. Furthermore, the proposed remedies are less harsh than those suggested by SOPA, as they do not include blocking allegedly infringing websites.

Why Might This Newly Proposed Regulation Be Rejected?

Although, the ABA’s white paper addresses a few key concerns of those who opposed SOPA and PIPA, critics caution that it suffers from some of the same fundamental pitfalls as the failed legislation; specifically, the proposal fails to address issues relating to: (i) due process, (ii) injunctive relief against third parties, and (iii) freedom of speech. For instance, a foreign website owner’s due process rights may be violated if that company is required to defend itself in a court of the plaintiff’s choice in the United States. In addition, the white paper’s permission of injunctions against innocent third parties directly conflicts with U.S. civil procedure law. Moreover, the white paper raises free speech censorship concerns as it fails to establish how, and by whom, the dispositive determination of whether a foreign website is to be considered “predatory” will be made.

In sum, considering the undeniable similarities between the white paper and the strongly opposed SOPA/PIPA legislation, Congress is understandably reluctant to follow the IPL Section’s advice. However, online piracy and counterfeiting remains a significant problem that legislators will inevitably be forced to address. The ABA acknowledged this need for anti-infringement legislation by making some necessary changes to the previously rejected Congressional bills. Thus, if nothing else, Congress may be able to use the white paper as a starting point when it decides to revisit the challenge of enacting acceptable protections against online copyright and trademark infringements.

At our law firm, we assist clients in legal issues relating to intellectual property, online piracy and counterfeiting. You may contact us to setup a free consultation.

Published on:

Since the goal of brand management is to optimize the market’s perception of a brand, it follows that effective brand management requires establishing and maintaining a relationship with the target market. Recently, much of relationship development has been accomplished through social media. Although, brand awareness can expand with social media, but companies should be skeptical towards third-party statements regarding their brand.  In fact, legal recourse is available against third parties who engage in trade libel, defamation, and trademark or copyright infringements.

How Can Trademark Misuse Occur on Social Media?

Considering the risk that a negative criticism of a brand on social media will quickly harm the brand’s reputation, it is important for a company to be aware of the types of trademark misuse or infringement. The line between constitutionally-protected free speech and violations can be blurry. For instance, a social media username may be confused with an official brand account, either coincidentally or by imposters (i.e., posing as an employee or someone sponsored by the brand). Further, user statements may improperly dilute a trademark under the Federal Trademark Dilution Act through blurring (i.e., associating a mark with other goods/services) or tarnishment (i.e., associating a mark with substandard goods/services).

Yet, because a company risks liability under 17 U.S.C. § 512(f) for bringing false infringement claims, and more generally because monitoring all social media platforms can be expensive, it is best to become familiar with the distinctions between actionable misuse and legitimate fair use.  By doing so, a company can determine when it is appropriate to address negative publicity.

What Should a Company Facing Trademark Infringement Do?

As a first step, a company should simply take a screenshot or otherwise preserve questionable third-party trademark infringement to serve as evidence in legal proceedings. Then, the company should investigate to determine whether further action is necessary or even appropriate under the circumstances. The factors that a company should consider, include, the nature of use, significance of trademark, source of potential misuse, and length of time the use existed online.

For example, a humorous use (i.e., parody) is less likely to be considered harmful than an intentional deception. In addition, it may be wise for a company to overlook use of insignificant trademarks and focus on its more reputable brands. Further, a company should mainly be concerned with statements found on relatively important websites or made by relatively important people. Lastly, the longer the misuse has existed without detection, the less likely it will be actionable.

Moreover, because it would be impractical, if not impossible, to successfully monitor every statement made on social media about a company’s brand, an internal policy should be implemented to report suspected misuse. Additionally, a plan of legal action should be established to mitigate damages.

At our law firm, we assist in clients in legal issues related to preventing and addressing trade libel, defamation and trademark infringement. You may contact us to setup a free consultation.

Published on:

Crowdfunding involves a large number of people contributing small amounts of money to finance a business venture, typically an early-stage startup company. Over the past several years, online crowdfunding platforms have become a popular tool for new businesses and entrepreneurs to market inventions, generate revenue, and increase customer base. While improving accessibility to funding offers a significant economic advantage, crowdfunders should be careful not to release too much information before legally protecting an original idea.

What Are the Legal Risks in Crowdfunding?

The major legal risks in crowdfunding stem from crowdfunders launching campaigns before adequately identifying and protecting intellectual property (IP). This inadequate IP protection may allow ideas and inventions to be copied or stolen without legal repercussions. The risk of unprotected IP is magnified by various public disclosure requirements mandated by online crowdfunding platforms. Specifically, popular crowdfunding websites like Kickstarter require detailed disclosures of how a particular invention or product works—beyond a simple prototype—before a campaign is posted. Moreover, sophisticated predators are constantly searching crowdfunding websites for unprotected ideas.

How Can Crowdfunders Protect Intellectual Property?

In general, a crowdfunder should ensure necessary IP protection is in place before making any public disclosures in launching a campaign or submitting a business plan. The first step to ensuring adequate IP protection is identifying all potential IP involved in a project. Thereafter, proper protections should be implemented for that IP before the project is released to the general public. Specifically, crowdfunders should consider four types of IP before pitching to investors: (1) trademarks, (2) patents, (3) copyrights, and (4) trade secrets.

First, a trademark registration should be obtained to secure the rights to the unique brand identifier of the product or service. In addition, registering any domain name with an online domain registry to establish exclusive ownership. Second, a patent application should be filed for the exclusive manufacture, use, and sale of the invention as early as possible, preferably before making any public disclosures about the project. In fact, once certain triggering disclosures are made, an inventor will have only 12 months to file a patent application before losing patent rights. Third, a copyright should be obtained to prevent others from copying tangible expressions like website or application designs without permission. Lastly, a crowdfunder should be particularly careful to avoid exposing trade secrets (e.g., recipes, formulas, and customer lists) which forfeit special protected status upon disclosure.

In sum, if you are considering raising capital for a new business venture by marketing the project through a crowdfunding platform, it is essential to consider the IP that may be involved, and how to secure legal rights accordingly. So, consulting with an attorney is the best way to ensure adequate protection before launching a crowdfunding campaign. At our law firm, we assist clients in legal issues associated with the crowdfunding industry. You may contact us to set up a free consultation.

Published on:

With technological advances rendering complex cellular devices increasingly affordable, the majority of the world population is now using smartphones. Further, applications that employ global positioning system (GPS) tracking allow these worldwide smartphone users to take advantage of location-specific information and social networking. In addition, GPS technologies have aided law enforcement agencies in gathering evidence during criminal investigations. However, this convenience, and potential for enhanced public safety, brings the risk of sacrificing the privacy guaranteed to U.S. citizens by the Fourth Amendment protection against unreasonable searches and seizures.

In particular, courts have been concerned with whether a warrant should be required for the government to search cell phones to obtain location data. The statistics regarding police cell phone tracking practices—compiled in an American Civil Liberties Union (ACLU) report—convey the extent and significance of this issue. Of the hundreds of local law enforcement offices surveyed throughout the nation, nearly 95% reported tracking suspects via cell phone GPS data such as international calls, text messages, and emails. Although, some jurisdictions required a search warrant before engaging in this type of GPS tracking, however, some did not.  In any event, the applicable legal standards lacked consistency or clarity.

What are the Legal Concerns?

Considering the array of personal information that may be stored on a cell phone today—including details of daily activities, conversations, and locations—there is little, if any, support for warrantless searches of these devices. To the contrary, warrantless cell phones searches risk violating fundamental constitutional rights of privacy, free speech, or association. Moreover, because of the communicative nature of cell phones (especially smartphones), any fundamental right violations are likely to reach beyond the immediate victim to everyone they use the phone to contact.

The recent Eleventh Circuit decision in United States v. Davis illustrates the tension between Fourth Amendment rights and law enforcement needs for GPS tracking. In that case, Davis appealed his criminal robbery convictions claiming they were based upon GPS tracking data obtained via a warrantless search of his cell phone in violation of his Fourth Amendment rights. The appellate panel agreed with Davis and held for the first time that a warrant is necessary before law enforcement can use tracking information from cell towers, yet that holding was vacated when the Eleventh Circuit agreed to rehear the case en banc.

While the outcome of that rehearing is to be determined, AT&T has filed an amicus brief highlighting the potential for this novel decision to impose compliance costs on cell phone providers who receive thousands of demands for information to aid legal investigations. Moreover, companies like AT&T that wish to avoid liability are adding to the existing pressures to clarify this area of law.

In sum, the rapid development of cell phone technology has outpaced the development of privacy laws. During this period of questionable legal development, consumers should proceed with caution in communicating and storing information on smartphones and other devices capable of GPS tracking. Similarly, cell phone providers and other companies in possession of GPS location data should monitor the laws in this area to avoid revealing private information that could result in liability.

At our law firm, we assist clients in legal issues related to internet, cyberspace, and privacy issues. You may contact us in order to setup a free consultation.

Published on:

The recreational use of drones, or unmanned aerial vehicles (UAV), has become increasingly popular in the United States. While such use has gone largely unregulated due to the unlikeliness that these drones will obstruct air traffic, commercial and governmental use of drones—especially larger drones—has sparked safety and privacy concerns leading to attempts at regulation.

What Are the Major Concerns?

With respect to public safety, the primary concern is that drones will collide or otherwise interfere with other aircraft, particularly when flown in congested airspace such airports. The Federal Aviation Administration (FAA) legitimized this concern by admitting the difficulty in policing drone use since they are typically undetectable by radar. Even assuming drone violations were detectable, it would be nearly impossible to track down the device or, more importantly, its operator. In addition, the inability to fully monitor drone use has caused public concern over personal privacy and accountability for breaches.

What Are the Applicable Regulations?

Earlier this month, the FAA proposed a set of rules regulating domestic commercial drone use for drones weighing up to 55 pounds. Among other things, the new rules would require operators to pass a knowledge test, register drones, and pay fees. In addition, flight would be prohibited above 500 feet, faster than 100 mph, over anyone not directly involved in the drone’s flight, beyond the operator’s line of sight, and at night. In light of the minimal safety risk posed by small drones, operators would not be required to obtain a pilot’s license or certify drone safety. On the other hand, the FAA is drafting separate rules for both larger drones requiring enhanced regulation and smaller drones that may be relieved from certain requirements.

Complementing the proposed FAA regulations designed to ensure aviation safety, President Barack Obama issued a presidential directive aimed at protecting personal privacy from intrusive government surveillance. Specifically, federal agencies will be required to publicly disclose drone flight locations within the United States and their policies for storing, using, and protecting personally identifiable information collected by drones. While the order extends only to federal agencies, Obama directed the Commerce Department and the drone industry to work together to develop a similar voluntary code of conduct for the private sector.

Privacy concerns are also being addressed at the state level. For instance, a bill has been proposed in California that would make traditional concepts of private property and trespassing applicable to drones by creating a cause of action for individuals whose privacy has been violated. In sum, a drone operator could be held liable for knowingly entering the airspace of another without permission, or otherwise trespassing to procure an image or recording of the plaintiff engaging in private activity, if the invasion would be offensive to a reasonable person.

Although, legislation will potentially allow thousands of businesses to employ drones in the near future, operators should be careful to recognize the questionable legal status of drone use. New regulations will have to endure years of public review before official implementation, and during that period can be expected to change as technology develops.

At our firm, we assist clients in legal issues related to technology, privacy, and security. You may contact us to set up a free consultation.

Published on:

In an online penny auction, participants purchase bids for a fee, with each bid placed on a particular item increasing the price of the item by a small increment (e.g., one penny) and extending the bidding period for that item by a few seconds. The last participant to place a bid before the bidding period ends pays the website the final price for the item. Unlike traditional online auction websites like eBay, all penny auction participants must pay to play. Thus, it is common for losing bidders to spend significant amounts of money, but receive nothing of value. In this sense, critics have likened penny auctions to gambling.

Are Penny Auctions Considered Gambling?

In general, bid fees are paid to the penny auction website, rather than pooled and awarded to the winner, so a bid is not technically a “bet” or “wager.” As such, existing gambling legislation probably does not apply, so consumers are protected from illegal gambling charges. Moreover, under California law, whether online gambling is an illegal “lottery” depends in part on the degree of chance involved—specifically, whether the game is “dominated by chance.” While penny auctions involve chance, the element of strategic bidding, based on factors like remaining time to bid and expected website traffic, weighs against finding that the auctions constitute illegal lotteries.

The Unlawful Internet Gambling Enforcement Act prohibits the transfer of funds for unlawful online gambling, so the potential classification of penny auctions as a form of gambling is concerning not only for penny auction operators, but for financial institutions as well. For example, Paypal has already begun denying service to penny auction websites, likely in an attempt to avoid liability under this statute.

The Federal Trade Commission has recognized the penny auction websites’ potential for fraud, particularly with unethical operations like shill bidding, which involves automated robots or inside bidders engaged in phony bidding with consumers. Further, the websites that employ these tactics are often scammers who never ship the prize. In addition, penny auction websites have been used to facilitate Ponzi schemes that induce consumer investments by making unfounded promises of payouts.

What Legal Repercussions Do Unethical Penny Auction Websites Face?

Although, it may be difficult to discern the legitimacy of a penny auction website, exposure to civil liability may deter websites from these unethical behaviors. For example, in 2011, the Georgia Governor’s Office of Consumer Protection sued Wavee.com for untimely shipping and insufficient disclosure that consumers were purchasing bids upon registration, leading to a settlement requiring the website to pay over $200,000 in consumer restitution, a $35,000 civil penalty, and $15,000 in administrative expenses. In 2013, the Washington State Attorney General sued ArrowOutlet.com for using shilling bots, resulting in a settlement in which the website paid $50,000 in consumer restitution. In 2012, the Securities and Exchange Commission sued ZeekRewards.com and CEO Paul Burks for operating a $600 million Ponzi scheme via its “penny auction” website. Though, the suit is ongoing, the SEC seeks to recover millions of dollars for consumers.

In sum, considering the questionable legal status and business practices of penny auctions, consumers, investors, and financial institutions should approach these websites with caution. At our law firm, we assist clients in legal issues related to online penny auction websites. You may contact us in order to set up a free consultation.