Published on:

In an online penny auction, participants purchase bids for a fee, with each bid placed on a particular item increasing the price of the item by a small increment (e.g., one penny) and extending the bidding period for that item by a few seconds. The last participant to place a bid before the bidding period ends pays the website the final price for the item. Unlike traditional online auction websites like eBay, all penny auction participants must pay to play. Thus, it is common for losing bidders to spend significant amounts of money, but receive nothing of value. In this sense, critics have likened penny auctions to gambling.

Are Penny Auctions Considered Gambling?

In general, bid fees are paid to the penny auction website, rather than pooled and awarded to the winner, so a bid is not technically a “bet” or “wager.” As such, existing gambling legislation probably does not apply, so consumers are protected from illegal gambling charges. Moreover, under California law, whether online gambling is an illegal “lottery” depends in part on the degree of chance involved—specifically, whether the game is “dominated by chance.” While penny auctions involve chance, the element of strategic bidding, based on factors like remaining time to bid and expected website traffic, weighs against finding that the auctions constitute illegal lotteries.

The Unlawful Internet Gambling Enforcement Act prohibits the transfer of funds for unlawful online gambling, so the potential classification of penny auctions as a form of gambling is concerning not only for penny auction operators, but for financial institutions as well. For example, Paypal has already begun denying service to penny auction websites, likely in an attempt to avoid liability under this statute.

The Federal Trade Commission has recognized the penny auction websites’ potential for fraud, particularly with unethical operations like shill bidding, which involves automated robots or inside bidders engaged in phony bidding with consumers. Further, the websites that employ these tactics are often scammers who never ship the prize. In addition, penny auction websites have been used to facilitate Ponzi schemes that induce consumer investments by making unfounded promises of payouts.

What Legal Repercussions Do Unethical Penny Auction Websites Face?

Although, it may be difficult to discern the legitimacy of a penny auction website, exposure to civil liability may deter websites from these unethical behaviors. For example, in 2011, the Georgia Governor’s Office of Consumer Protection sued for untimely shipping and insufficient disclosure that consumers were purchasing bids upon registration, leading to a settlement requiring the website to pay over $200,000 in consumer restitution, a $35,000 civil penalty, and $15,000 in administrative expenses. In 2013, the Washington State Attorney General sued for using shilling bots, resulting in a settlement in which the website paid $50,000 in consumer restitution. In 2012, the Securities and Exchange Commission sued and CEO Paul Burks for operating a $600 million Ponzi scheme via its “penny auction” website. Though, the suit is ongoing, the SEC seeks to recover millions of dollars for consumers.

In sum, considering the questionable legal status and business practices of penny auctions, consumers, investors, and financial institutions should approach these websites with caution. At our law firm, we assist clients in legal issues related to online penny auction websites. You may contact us in order to set up a free consultation.

Published on:

The recent cyberattack on Anthem, Inc., one of the largest health insurance companies in the United States, illustrates the persistence and severity of the risk of data breaches. On February 4, 2015, Anthem confirmed that one of its databases had been hacked. The data breach exposed personal information of approximately 80 million Anthem customers and employees—including names, birthdays, member health ID and Social Security numbers, street addresses, telephone numbers, e-mail addresses, and employment information—potentially the most damaging cyberattack to date on a health insurer.

Noting a pattern of medical data thefts from health insurers by foreign intelligence organizations, the FBI concluded that the attack was likely the work of Chinese hackers attempting to gain access to the networks of defense contractors and government workers. Moreover, while hackers have targeted healthcare providers, similar attacks on companies like Target, Sony, JP Morgan Chase, and Home Depot, signify the risk to all types of businesses.

One obvious implication for businesses that fall victim to these attacks—beyond negative press—is the exposure to liability for the resulting invasion on individuals’ privacy. For instance, individuals have already begun filing class action lawsuits for this particular breach, asserting that Anthem should be held responsible given its inadequate security measures—namely, its failure to employ encryption to prevent unauthorized access to their personal information.

What Steps are Officials Taking to Protect against Cybersecurity Threats?

In response to this latest hack, on February 13, 2015, President Barack Obama announced an executive order intending to assist in protecting companies from cybersecurity threats by encouraging them to voluntarily share more information of cyber threats with one another and with the government. While this is certainly a step in guarding against cyberattacks, there remains a strong need for cybersecurity legislation imposing mandatory information-sharing and shielding companies from legal liability for over-sharing. However, it may take some time for Congress to strengthen cybersecurity laws given the concerns over intrusive government surveillance practices and the potential use of encryption to disguise criminal activity.

How can Businesses Protect Data from Hackers in the Meantime?

Considering the fact that the major weakness in Anthem’s cybersecurity was its failure to encrypt data, encryption is an important precaution for businesses. However, encryption is a safeguard, not a guaranteed protection. Thus, businesses should be sure to become familiar with and implement updated data breach detection and response policies in order to mitigate the harm.

One particularly important cybersecurity consideration is required disclosure of a breach. In addition to reporting the incident to the appropriate federal regulator to ensure prompt identification and elimination of the threat, under the Health Insurance Portability and Accountability Act (HIPAA), healthcare providers like Anthem may be required to make certain notifications to former and present employees and their dependents, federal regulators, and the media. While some state data breach notification laws defer to HIPAA, specific laws of each state should be reviewed to ensure notification plans comply with any additional reporting or safeguard requirements.

At our law firm, we assist clients in legal issues related to cybersecurity breaches. You may contact us in order to set up a free consultation.

Published on:

Net neutrality refers to the principle that Internet service providers and governments should treat all Internet traffic equally, regardless of the source. Among other implications, net neutrality includes the idea that a website should not be given the option to pay an Internet service provider a premium to speed up its connection at the expense of slowing down the connections for other, non-paying websites. While this concept may seem fair enough, it is more of an ideal than a reflection of reality.

What Are the Applicable Regulations?

Under the Telecommunications Act of 1996, the Federal Communications Commission (FCC) is authorized to regulate “telecommunications services” as common carriers, like public utilities, while “information services” are exempt from utility-like regulation. Historically, broadband Internet service providers have been classified as “information services,” and thus the FCC has not been allowed to regulate the Internet with certain rules that it may legally impose on businesses classified as “telecommunication services.”

For instance, on January 14, 2014, in Verizon v. FCC, the United States Court of Appeals for the District of Columbia Circuit held that the classification of Internet service providers as “information services” precluded the FCC from requiring providers to employ equal treatment of Internet traffic. The court held that such federal rules constituted an attempt to regulate broadband Internet service providers as “telecommunication services,” and thus were outside the realm of the FCC’s authority under the Telecommunications Act of 1996. It follows that to achieve net neutrality with regards to Internet trafficking speeds, the FCC would need to reclassify broadband Internet service providers as “telecommunication services.”

On February 4, 2015, FCC Chairman Tom Wheeler proposed a reclassification, announcing the FCC’s plan to reclassify the Internet as a public utility, so as to regulate broadband Internet service providers’ treatment of Internet traffic in support of net neutrality. Specifically, reclassifying Internet service providers as “telecommunications services” would allow the FCC to impose regulations prohibiting them from charging a premium to speed up or slow down specific website connections.

What Are the Legal Implications?

While equal treatment of Internet traffic would arguably help to ensure Internet openness and innovation by essentially putting all websites on equal footing, broadband Internet service providers would inevitably be subject to the cost of complying with any resultant regulations. Although, possibly well founded, these concerns may be premature, as the FCC has yet to officially vote on the proposal.

Furthermore, assuming the FCC votes to adopt the proposed reclassification, broadband Internet service providers negatively impacted by Internet trafficking regulations could file a lawsuit challenging the federal rules as outside of the FCC’s authority under the Telecommunications Act of 1996. Moreover, in addition to potential private lawsuits, Congress has the authority to prohibit the FCC from regulating broadband Internet service providers as public utilities should it find the reclassification unfounded.

Thus, although the FCC’s announcement undoubtedly signifies its stance in favor of net neutrality, the impact of the proposed classification is unclear. Should the proposal result in reclassification of the Internet as a public utility, and consequently a ban on selling speedier connections, it will be up to broadband Internet service providers, or even Congress, to challenge these new regulations.

At our law firm, we assist clients in legal issues related to the Internet. You may contact us in order to setup a free consultation.

Published on:

Virtual currencies have become a popular tool for allowing direct peer-to-peer online transactions using electronic payments that eliminate the need for conversion between currencies. Over the past few years, Bitcoin has enjoyed a considerable amount of praise as the virtual currency of choice. This hype carried with it significant funding from hopeful investors, who hailed its potential to offer a number of benefits, not the least of which being its unregulated and decentralized nature.

However, despite the initial investor optimism, recent price crashes have prompted declarations of the “death” of Bitcoin, and this is not the first time. These price crashes can be attributed, at least in part, to wavering consumer and retailer support in the face of complex technologies underlying the system. Moreover, even assuming the virtual currency can still be considered economically alive, Bitcoin is certainly a volatile investment today.

What Should Bitcoin Investors Think?

While this volatility should realistically curb investor enthusiasm, Bitcoin investors should not be too quick to consider the currency a lost cause given the announcement of Coinbase, which is the first licensed Bitcoin exchange in the United States. This announcement is particularly crucial considering large financial contributions from investors like the New York Stock Exchange. These financial institutions are similarly investing in developing Bitcoin exchanges like, adding credibility, and more importantly signifying a “recognition” of Bitcoin as a potentially legitimate currency.

However, whether this purported stability will inspire the consumer’s and investor’s trust that is necessary to save Bitcoin is questionable considering the currency’s original attractiveness as a decentralized method of exchanging money. Furthermore, this regulation is in addition to the IRS’s recently-announced guidelines for treating Bitcoin as property for tax purposes, thus requiring taxpayers to keep more detailed records of transactions.

What Is the Future of Virtual Currencies?

Economists believe that virtual currencies should be regulated because they can help ordinary people use an alternate source of money in case of inflation, capital controls, or loss of savings. Bitcoin will probably stay complicated, but the system that creates it (i.e., algorithm) is secure and stable. It may not have a future as a currency, but can be considered a commodity. At this time, over 30,000 businesses and charities accept Bitcoin with BitPay. For example, they include: Microsoft, Dell, Dish Network, Expedia, Intuit, Zynga, Paypal, Reddit, Virgin Galactic, WordPress, Overstock, Amazon, Target, Tigerdirect, and Zappos.

Also, the courts are seeing a wide-array of civil or criminal cases. For example, in United States v. Faiella a/k/a “BTCKing” et al., the defendant was charged with operating an unlicensed money transmitting business and conspiracy to commit money laundering in connection with operation of website that acted as underground market in a virtual currency. Defendant moved to dismiss the indictment. The district court held that: (a) defendant’s operation of website involved money; (b) defendant’s operation of website constituted transmitting money; and (c) defendant qualified as a money transmitter under 18 U.S.C. § 1960.

Meanwhile, companies like Apple are noticing the consumer’s desire for simplified online mobile transactions—particularly via a system they can trust and understand (i.e., using dollars and a transparent system). Unsurprisingly, Apple Pay has been gaining popularity as a mobile payment system in the United States, with plans to expand internationally in the future. Thus, while the viability of Bitcoin remains a topic of debate, the demand for some form of virtual currency is remarkable.

At our law firm, we assist clients in legal issues related to virtual currencies. You may contact us in order to setup a free consultation.

Published on:

In general, online privacy falls under two categories. First, is personal privacy.  Second, is corporate privacy.  For example, corporate privacy concerns the protection of corporate data (e.g., electronic communications) from retrieval or interception by unauthorized parties. Security is important for the protection of trade secrets, proprietary information, and privileged communications. The failure to maintain confidentiality can result in a loss of “trade secret” status. The relevant law is 18 U.S.C. §§ 1831 et seq. (e.g., economic espionage and theft of trade secrets). Also, the waiver of the attorney-client privilege and work-product protection come into play during litigation.

The Economic Espionage Act was the first federal criminal law protecting trade secrets. It provides penalties such as prison terms of up to 15 years and fines of up to $5,000,000. It expands the trade secret definition by including all types of business and financial information.

Trade secret owners face an unfair position when it comes to online publication of their trade secrets. One option is to obtain preliminary injunctions. However, the Supreme Court has cautioned against using the Prior Restraint Doctrine where its effectiveness would be questionable (e.g., jurisdictional enforceability concerns). The other option are registering patents, trademarks, copyrights or implementing preventive technologies.

What Are Some of the Applicable State Laws?

First, the Anti-Phishing Act of 2005 prohibits “phishing“ – i.e., posing as a legitimate company or government agency in an email, web page, or other internet communication – in order to trick a recipient into revealing his/her personal information.

Second, Business & Professions Code § 22947 prohibits an unauthorized person from knowingly installing or providing software that performs certain functions, such as taking control of the computer or collecting “personally identifiable information” on or to another user’s computer within California.

Third, the Online Privacy Protection Act of 2003 requires operators of commercial websites or online services that collect personal information on California residents through a website to conspicuously post a privacy policy on their website and to comply with it.

Fourth, Government Code § 11015.5 applies to state government agencies when collecting personal information electronically. These agencies must provide certain notices and prior to sharing someone’s information with third parties, they must obtain written consent.

What Are Practical Steps For Avoiding Privacy Violations?

A business should identify, label, and restrict access to confidential information. A business organization should utilize encryption, firewall, usernames/passwords, software detecting trade secret theft, and warnings in privileged correspondence. It should provide computers without hard drives, prohibit use of removable storage (e.g., flash drives), audit employee computers, prohibit and/or monitor external web-based email services, execute confidentiality and non-disclosure agreements, and execute computer-use policies to avoid privacy violations.

What is Geotagging?

Geotagging is the process of embedding geographical identification metadata to a photo, wherein it’s stored in EXIF or XMP formats.  The geographic information can include latitude and longitude coordinates. The data can be read by programs that allow a viewer to see where a photo was taken. The geotagged photos can be linked to map services (e.g., Google Maps, Microsoft Virtual Earth, Yahoo Maps). The Federal Communications Commission (“FCC”) regulates collection and disclosure of location information by telecommunications carriers. The California Attorney General has entered into agreements with major App platforms wherein they’ve promised to prompt privacy policies accordingly.

At our law firm, we assist clients in matters related to online privacy. You may contact us in order to setup a free consultation.

Published on:

The Internet of Things (“IoT”) is the next evolution and is making a remarkable impact on technology and our way of life. In fact, the availability of an omnipresent network connectivity has fostered the widespread use of smart devices.

Devices are now able to communicate with each other through embedded sensors that are linked by wired and wireless networks. For example, they include thermostats, automobiles, or pills that permit a physician to monitor the patient’s health.

Technology has allowed us to detect and monitor changes in the physical status of connected devices (e.g., RFID, sensors) in real-time. Technology advancements allow networks and objects they connect to become more intelligent. The factors that are currently driving growth, include, development of smart cities, smart cars, and smart homes, enhanced connectivity infrastructures, and a connected cultures.

What Are the Legal Concerns?

First, privacy is a concern. Unlike the Internet (i.e., world-wide-web), where the majority of information on an individual is either public or user-posted information, the IoT is governed by information that is stored by devices without human-intervention. Privacy may be compromised through sensor technologies, wearable technologies, Unmanned Aerial Systems (“UAS”), or Unmanned Aerial Vehicles (“UAV”).

Wearable technology is able to generate constant, convenient, seamless, portable, and hands-free access to electronics and computers. It can be used in the military, law enforcement, entertainment, and healthcare industries. However, with every benefit comes a risk. In this case, the risk is violation of privacy rights.

Drones (i.e., flying robots) are being used by military and non-military persons. These flying robots include UAS and UAV, which are remotely-piloted autonomous systems. These machines are useful for clandestine or covert operations. However, adapting to these new devices has not been easy for society. The major concerns, include, but are not limited to, regulation, insurance, and privacy.

Second, security is another concern. Devices are now able to interact with other devices for business and personal reasons. We can control information from a single device that is synchronized with other devices. Also, devices can synchronize data with other devices, which permits collaboration, sharing, and backing up of information. So, in order to adapt to this evolution, the legal system must concentrate on the interaction of information technology with other industries. In addition, the legal system must implement a uniform view to accommodate information technology.

Remote access allows criminals to obtain access to a network that contains confidential information (i.e., trade secrets). In other words, cybercrime is a growing problem. Other issues with remote access include, data privacy, protection of proprietary rights, and liability for unauthorized use of systems.

What Are Governments Doing About It?

In recent times, the Federal Trade Commission (“FTC”) has held public meetings on this topic. For example, it has held a public workshop to explore consumer privacy and security issues posed by the growing connectivity of devices. These workshops focus on privacy and security issues related to connectivity for consumers—both at home (e.g., smart home appliances), and when consumers are mobile (e.g., fitness devices, personal devices, and automobiles). The European Union has also addressed IoT and its risks, such as privacy, security and trust.

At our law firm, we assist clients in matters related to internet, privacy, and security.  You may contact us in order to setup a free consultation.

Published on:

Electronic discovery (a/k/a “eDiscovery”) is the process of identifying, locating, preserving, collecting, preparing, reviewing, and producing electronically stored information in the context of the legal process. Electronically stored information (“ESI”) includes anything that can be stored in electronic form on a computer or other media device. A computer is defined as “an electronic, magnetic, optical, electrochemical, or other high speed data processing device performing logical, arithmetic, or storage functions (e.g., desktop, laptop, smart phones, tablets, CDs, DVDs, flash drives, backup tapes, voice mail, servers, and access control systems).

What Are the Issues That Arise During Electronic Discovery?

The following issues may arise during the course of electronic discovery:  First, the attorney-client privilege and work-product doctrine play a key role.  The attorney-client privilege protects the confidentiality of communications between an attorney and his/her client.  The work-product doctrine prevents a party from discovering documents that are prepared in anticipation of litigation.

Second, there should be an effective record management program.  A business record is a vital asset and yields value. Therefore, a business should implement a mechanism in order to properly preserve and discard documents, when and if necessary. The business should also implement a proper data retention policy and classification scheme.

Third, a business must be ready for litigation because it faces potential lawsuits and government investigations pursuant to regulatory and compliance demands at all times.

Fourth, is the process of legal hold and evidence preservation.  A legal hold is to preserve relevant information when litigation is reasonably anticipated. This process can have significant impact on cost, resource allocation, and business disruption.  The failure to preserve records (i.e., paper or electronic) and to search in the right places for those records can result in the spoliation of evidence. In general, the courts have the authority to impose sanctions if there is spoliation of evidence, especially if someone acts negligently or in bad faith.

Fifth, there are meet and confer obligations between the parties.  In fact, FRCP 26(f) mandates the early meet and confer conference between the parties and is designed to promote a discussion regarding discovery parameters.

Sixth, is the issue of strategic litigation challenges in handling data. It includes identification, collection, preparation/processing, review and production.  The main issue for data collection is keeping a proper audit trail.  The main concern in preparation/processing is to create maximum visibility for the collected data.  The main issue for data review is to make sure that quick methods are used to scrap and scan key documents.  The main goal in data production is to finalize the task quickly and accurately.

What is the Future of eDiscovery?

In conclusion, the future of eDiscovery is important. It includes information governance and supporting information as a valued asset. One of the cutting-edge developments is computer learning, not only for document reviews, but also for managing business records.  The law is not uniform across jurisdictions, but it is evolving with time.  Also, there is the issue of government surveillance of electronic information (e.g., PRISM).   As we know, the government is scanning internet traffic and targeting encrypted files.  Although, it takes time to decrypt data, massive amounts of electronic data are being captured for various reasons.

At our law firm, we assist clients in matters related to electronic discovery and data collection.  You may contact us in order to setup a free consultation.

Published on:

In these days, many people spend time on their electronic devices to become members of internet dating services. Many companies are now providing online dating services to their members. In general, the online dating services require their members to submit a profile, which may include personal information (e.g., name, email address, date-of-birth, and photos). As a result, the internet dating service may be sued by its members or third parties for various legal claims.

What Are the Typical Legal Claims Against Internet Dating Services?

In recent years, the internet dating services have been targets of lawsuits.  In some cases, the internet dating service may facilitate sexual encounters between its members, which can lead to its member being arrested for having sex with a minor.  In other cases, the members defame, harass, stalk, or bully each other.  In these cases, the courts have enforced or dismissed the civil claims against the internet dating service for various reasons.  The typical claims against the internet dating service may be for breach of contract, negligence, deceptive trade practice, Lanham Act violation, failure to warn, invasion of privacy, defamation, or fraud.  It is important to note that each of the aforesaid claims requires specific elements and supporting evidence to pass muster in court.  See The Perils and Pitfalls of Online Dating for more information.

In breach of contract cases, an agreement is formed when the member checks a box indicating that he/she is over 18 and has read and agreed to the website’s terms and conditions and privacy policy. These terms and conditions usually mention that the service cannot guarantee and assume responsibility for verifying the accuracy of the information provided by users. So, the online dating service does not promise to prevent minors from registering or to monitor members’ profiles for accuracy. In order to hold the online dating service liable for breach of contract, the plaintiff must allege that it has breached a promise that was actually part of the contract. In another case, an unknown person posted a personal profile of an actress without her knowledge, consent, or permission. The actress filed a lawsuit against the online dating service for invasion of privacy, misappropriation of the right of publicity, defamation, and negligence. The court ruled in favor of the online dating service after determining that it had not failed to enforce its own policies prohibiting publication of street addresses, e-mail addresses, and offensive/sexually-suggestive language.

In failure to warn cases, a valid claim requires a duty to warn, a breach of that duty, and injury proximately resulting from the breach. If the danger is open and obvious, there is no duty to warn and the risk is obvious when the danger is known by the consumer. Also, it may be sufficient to mention on the website that the online dating service cannot verify its members’ information.

What Are the Other Potential Issues?

In other cases, violations can rise to the level of cyberharassment, cyberstalking or cyberbullying.  In fact, cyberbullying has many manifestations, including, but not limited to, Instant Messenger, websites, e-mail, or text messages. Unfortunately, law enforcement agencies lack the technology or resources to focus on internet-based harassment, stalking or bullying. In some cases, advocates have argued that online dating services should run background checks on their members. However, even that precaution may invite liability towards them.

At our law firm, we assist clients in matters related to online dating services and legal liabilities. You may contact us in order to setup a free consultation.

Published on:

Online banking is an electronic payment system that enables customers of a financial institution to conduct financial transactions on the web.   In today’s high-tech world, online banking fraud is committed on a daily basis.  As such, sometimes customers may not be liable for certain unauthorized online transactions, subject to the terms and conditions of the bank’s service agreement.  Online banking fraud is to defraud a financial institution or obtain money or other property under the custody of a financial institution by false pretenses.  A related issue includes financial identity theft.   So, financial institutions use encryption technology (e.g., secure socket layer – a/k/a “SSL”) to prevent unauthorized access to data.

In general, the customer must notify bank within 60 days after receiving a periodic statement pursuant to 15 U.SC. § 1693f.  Under 15 U.S.C. § 1693g(b), the burden of proof of consumer liability is on the bank.  So, in order to establish a customer’s liability, the bank must prove the transfer was authorized.  In case of a violation, the bank may be subject to civil liability under 15 U.S.C. § 1693m.

What Are the Common Methods Used to Defraud Customers?

First, the fraudster may engage in social engineering, which is a method that persuades online users to give up personal information by posing as a trustworthy individual or organization.  It can occur through emails and text messages.  Second, the fraudster may use malware, which is malicious software installed on a computer without a user’s consent. It records keystrokes, redirects browsers, or displays fake websites to impersonate the user in online banking transactions.  Third, the fraudster may engage in phishing, which happens by using emails and websites to falsely purport to be associated with legitimate banks, financial institutions, or companies.  It manipulates online users into disclosing personal and financial data.  Fourth, the fraudster may engage in vishing, which is the telephone equivalent of phishing. In this scenario, the fraudster calls the victim, pretends to be a bank official, and tricks the victim into disclosing personal or financial data.

What Are the Applicable Laws?

Regulation E establishes rights, liabilities, and responsibilities for consumer transactions.  A consumer may be liable for up to $50 of an unauthorized electronic funds transfer, unless he/she fails to timely notify the financial institution of a loss or theft.  If the unauthorized transfer is reported by the consumer, then the financial institution must resolve the claim within a specified deadline under 12 C.F.R. Part 205. The Electronic Fund Transfer Act (“EFTA”), which is implemented by the Federal Reserve Board through Regulation E, protects individual consumer rights from: (i) transfers through ATMs; (ii) POS terminals, (iii) ACH systems; (iv) telephone bill-payment plans in which periodic or recurring transfers are contemplated; and (v) remote banking programs.

The Uniform Commercial Code (“UCC”) applies to commercial transactions.  It provides less protection for commercial customers.   In essence, a commercial customer has 1 year to discover and report any unauthorized signatures or alterations.  Under the comparative negligence theory, the bank’s liability for negligence is diminished according to customer’s share of fault.

At our law firm, we assist clients in legal issues related to online banking fraud. You may contact us in order to setup a free consultation.

Published on:

Bitcoin is a decentralized, peer-to-peer digital currency (i.e., virtual or cryptocurrency) that is used like money. It is not a program that is traded like money. In simple terms, it is a ledger that keeps track of a user’s transactions. It can be exchanged for traditional currencies (e.g., U.S. Dollar) or used to purchase goods and services. It can be used to send money to other countries without worrying about exchange rates or currency conversion fees.   It operates without a central authority or bank and is not backed by any government. The Internal Revenue Service (“IRS”) has declared that it will treat virtual or digital currencies as “property” for federal tax purposes.

What Are the Main Issues?

The main issues include: (a) money laundering; (b) tax evasion; (c) banking without a charter; and (d) state escheat statutes.  In general, cryptocurrency is uninsured, unregulated, and volatile. On May 7, 2014, the Securities Exchange Commission (“SEC”) issued an advisory warning investors about potential risks. In February 2014, Mt. Gox (a Tokyo-based Bitcoin exchange) filed for bankruptcy after hackers allegedly stole approximately $500 million. In addition, Flexcoin shut down after being hacked.

On September 18, 2014, the Securities and Exchange Commission (“SEC”) charged Trendon Shavers for an alleged Bitcoin-related Ponzi scheme. Mr. Shavers advertised a Bitcoin “investment opportunity” in an online Bitcoin forum, promising investors up to 7% interest per week and that the invested funds would be used for Bitcoin activities. Instead, he allegedly used Bitcoins from new investors to pay existing investors and to pay his personal expenses.

Money laundering is process of hiding the existence, use, or origin of illegally-derived funds to make them appear legitimate. Digital currencies are attractive for money laundering since they allow quick and unknown transfers.   The Bank Secrecy Act requires financial institutions to register with the government, implement anti-money laundering procedures, keep data, and report transactions. The Money Laundering Control Act of 1986 criminalizes money laundering. So, do these laws impose a legal risk for the digital currency developers, providers, miners, users, or acceptors?

On February 19, 2014, the SEC suspended trading of Imogo Mobile Technologies due to questions about the accuracy and adequacy of publicly-disseminated information about its business, revenue, and assets. Shortly before the suspension, the company announced that it was developing a mobile Bitcoin platform, causing a significant movement in the trading price of its securities. See for more information.

What Are the Applicable Laws?

At this time, Canada does not have a specific law that regulates Bitcoins. The European Union has passed no specific legislation relative to the status of Bitcoin as a currency.  In October 2012, the European Central Bank issued a report on virtual currency schemes that discusses the Bitcoin system and briefly analyzes its legal status under existing European Union legislation. The United Kingdom has not released an official statement on the Bank of England’s website regarding its position towards Bitcoin.  As stated above, on March 25, 2014, the IRS stated that Bitcoin is a form of ‘property’ rather than a currency.

Economists believe that Bitcoin should be regulated, as it can help ordinary people use an alternate source of money in case of inflation, capital controls, or loss of savings. Bitcoin will probably stay complicated, but the system that creates Bitcoins is secure and stable. It may not have a future as a currency, but can be considered a commodity.   For the time being, numerous companies (e.g., Overstock, Virgin Galactic, WordPress, Paypal, Zynga) accept Bitcoin as a form of payment.

At our law firm, we assist clients in legal issues related to internet, cyberspace, and digital currency-related issues. You may contact us in order to setup a free consultation.