Articles Posted in E-commerce

Cybersecurity is the most important measure for protecting your personal and confidential information. There are cybersecurity incidents taking place on a daily basis. In general, most targets are companies and individuals who yield confidential information such as financial documents. This way, the hackers can use the information to promote their illegal acts or violations. In fact, it is known they use malware and spam to infiltrate electronic devices and extract confidential information.

Spam has been prolifically used by hackers to target victims. The hackers use this method to send unsolicited emails to victims. In other words, they ask them to click on a link or download a file which unbeknownst to the victim contains malware. Then, once the victim has downloaded the malware, his or her computer will be infected. The virus will extract personal information and send it back to the hacker. The virus may also use a “keylogger” to track the victim’s activities. It can track and record the victim’s financial transactions and find a way to log into his/her bank accounts.

Hackers can find their victims by using several methods. For example, phishing scams have been used to lure their victims into traps. They use instant messages and text messages to contact their victims. The hackers use these methods to take the victim’s usernames and passwords without authorization. They will try to gain access to the victim’s financial accounts and extract funds without authorization. As a result, the hackers will ruin the victim’s credit by opening up credit card or mortgage accounts without authorization. They can obtain cash advances if they gain access to the financial information. They will also utilize the victim’s social security number to engage in fraudulent activities.

Data breach incidents have caused a significant amount of complications for business owners and their customers. The statistics show that at least 50% or more of companies have been targeted by hackers. So, the lawmakers have taken steps to promulgate laws to protect the victims and penalize the bad actors.

Data Breach Notification Laws

Every state has some form of data breach notification legislation that requires business owners to give notice to consumers about a data breach that has resulted in the unauthorized acquisition of unencrypted personal information. These laws usually require the business owners to give notice to the consumers in the most efficient manner. They may require the business owners to notify the Attorney General’s office if the business is required to notify a significant number of residents in that state. They also grant a “private right of action” (i.e., the right to file a lawsuit) to the victim in order to seek legal and equitable damages.

Cybersecurity is paramount to secure online communications whether they are for sending or receiving sensitive or confidential information – e.g., trade secrets, intellectual properties, financial information. Many people assume they are protected on the internet when transferring or receiving files over computer networks. They may attach tax-related documents to their message and press the send button without hesitation. What most people do not realize is that information may be intercepted without authorization. Now, most laws require “reasonable security measures” to ensure the privacy of confidential records.

What are the state laws?

There is no single state law that applies to all cybersecurity-related issues. So, every state has promulgated several statutes in order to address and promote cybersecurity. These state laws are usually similar in their nature and scope. For example, California recently passed the California Consumer Privacy Act (“CCPA”) codified under Civil Code Sections 1798.100, et seq., to enhance consumer privacy rights. It grants consumers the right to know what kind of personal information is being collected about them, whether the personal information is sold or disclosed, to refuse the sale of their personal information, to gain access to their personal information, to request deletion of their personal information, and to not be discriminated against for exercising their privacy rights.

International e-commerce laws have been evolving since the inception of the information technology age. International e-commerce transactions take place over a network of computers and have become more streamlined with technology advancements. The following topics will be evaluated and addressed in this article: alternative dispute resolution and insurance.

Alternative Dispute Resolution (“ADR”) is an important factor when it comes to international e-commerce transactions. It is much easier to resolve local disputes without geographical challenges. However, that is not the case with international commercial transactions because the parties can be anywhere in the world. So, tracking, identifying, or locating the customer is not an easy task for international commercial transactions and presents jurisdictional issues. In most cases, they are related to contractual disputes for the purchase and sale of products or services. There could be non-contractual disputes such as trademark, copyright, data protection, and domain name disputes. The parties should have the option to engage in mediation or arbitration to resolve the dispute. Mediation is conducted by a neutral expert who renders a non-binding decision after reviewing the file. Arbitration is conducted by a neutral expert who renders a binding decision after reviewing the file. Our international mediation and arbitration attorneys regularly provide professional legal services to clients.

In some European countries, the customers are permitted to file a lawsuit against the e-commerce company in their own country or where the e-commerce company is located even if the company has no business operations therein. For example, in LICRA v. Yahoo, the French courts issued an order against Yahoo, which is based in the United States, to prevent French residents from purchasing Nazi memorabilia through its website.

International e-commerce laws have been evolving since the inception of the information technology age. International e-commerce transactions which take place over the vast network of computers have become more streamlined with the advancement of technology. The following topics will be evaluated and addressed in these series of articles: Intellectual properties, taxes, and alternative dispute resolution.

Intellectual property rights can be protected by registering trademarks, copyrights or patents with governmental agencies. For example, the United States Patent and Trademark Office (“USPTO”) registers patents and trademarks. The United States Copyright Office registers copyrights. However, trade secrets cannot be registered with any government agencies. The trade secret owner is responsible to protect it by taking precautionary steps. International e-commerce and business law attorneys should recommend the following steps to their clients: (1) locate, identify, and mark the trade secrets; (2) restrict access to the trade secrets; (3) sign non-disclosure agreements with the trade secret holders; and (4) restrict access to the trade secrets. The Uniform Trade Secrets Act (“UTSA”) defines a trade secret as information that derives independent economic value because it is not generally known or readily ascertainable and is the subject of efforts to maintain secrecy. It includes formulas, patterns, compilations, programs, devices, methods, techniques, or processes that yield economic value – e.g., customer lists.

International e-commerce transactions will be taxed by the appropriate government agencies. In 2018, the United States Supreme Court addressed this issue in South Dakota v. Wayfair and acknowledged the states are losing revenue due to their incapability to collect sales tax from out-of-state retailers. Thus far, the Internet Tax Freedom Act (“ITFA”) and Streamlined Sales Tax Project have been implemented to prevent new taxes on e-commerce transactions and to simplify sales and use taxes.

International e-commerce laws pertain to online commercial transactions that takes place for the purchase or sale of goods and services.  Electronic contracts are used for the purchase or sale of software through shrink-wrap, click-wrap, and browse-wrap agreements. In general, these electronic transactions have a correlation to taxes, duties, and custom laws. In addition, the topic of intellectual property must be addressed to protect confidential information such as trademarks, copyrights, patents, and trade secrets.

There are six principles that apply to electronic agreements. First, the users should have automatic access to the agreement’s terms. Second, the contractual terms should comply with the applicable laws in relation to form, content, notice, and disclosure. Third, the users should be given the opportunity to take some form of affirmative action to consummate the transaction. Fourth, users should be given the opportunity to reject the agreement. Fifth, the agreement process should provide the user to detect and correct errors. Sixth, users should be able to print the agreement and software developers should provide a method to preserve the electronic records.

It is important for e-businesses to comply with the guidelines. For example, e-businesses should use fair advertising and marketing strategies for the online transactions. They should provide correct and accessible information about their company and its goods and services. They should fully disclose information regarding the transaction’s terms and conditions. They should provide a secure method for online payments. They should protect the customer’s privacy during the e-commerce transactions.

International internet laws are related to international commercial disputes, jurisdiction, judgment enforcement, free speech and censorship, e-commerce transactions, intellectual property rights, or cybersecurity and privacy.

International commercial disputes can take place in foreign jurisdictions since the internet has no borders. The internet comprises of commercial, educational, governmental, and international networks that use certain communication protocols – e.g., TCP/IP, UDP, ICMP, HTTP, POP, FTP, IMAP – to communicate with each other. These protocols are used for data transmission across computer networks. For example, TCP/IP enables data exchange by providing end-to-end communications. UDP is used by software programs to transmit short datagram messages. ICMP is used for diagnostics and generating system error reports. HTTP, which stands for Hypertext Transfer Protocol, is a client-server protocol that permits access to web resources. POP is used to extract and download emails from a remote server. FTP, which stands for File Transfer Protocol, is used to send or receive files to or from a server and client computer.  IMAP, which stands for Internet Message Access Protocol, is used by email clients to download messages from a mail server. In short, these protocols are used to send and receive electronic information across the network of computers.

The issue of jurisdiction is important because there could be various reasons why a state or federal court would not choose to exercise authority over the parties. The courts have set out parameters for determining whether they can exercise jurisdiction. These parameters include the location of parties, defendant’s physical presence in the jurisdiction, and nature of violations towards the plaintiff.

International internet laws are relevant to e-commerce and online transactions in many ways. There are many international rules and regulations that can affect electronic commercial transactions – i.e., e-commerce transactions. For example, the European Union has issued multiple directives that are set to regulate international policies. These directives outline the legislative minimum standards for all member states. Therefore, it is important to understand the parameters in order to properly advise clients who conduct international business.

Data protection and privacy has been an important issue on the national and international levels. So, for example, the European Union’s Data Protection Directive (EU Directive No. 95/46/EC) has set out the data protection and privacy parameters. It prevents the transfer of personal information to foreign nations without adequate protection. It has outlined several important principles to properly safeguard personal information.  These principles include collecting personal information for a legitimate purpose, informing the individuals about data collection, granting access to the individual’s personal data, giving the individuals the right to access, modify, or delete their personal information, and providing proper remedies in case of violations. This includes the “Right To Be Forgotten” rule which grants individuals the right to delete personal information from internet records.

The EU Data Protection Directive has also addressed cookies by requiring website operators to obtain the visitor’s consent for using cookies on their platforms. This requirement forces website operators to provide notice to all visitors about using cookies and to request formal consent.

International internet laws are important to understand in the context of internet transactions. Also, the issue of a foreign court’s jurisdiction over the parties comes up on a regular basis. The international laws include treaties, directives, rules, and regulations. For example, the Hague Conference on Private International Laws has adopted a convention that governs jurisdiction and judgment enforcement among its members. As such, the parties will have the opportunity to select the venue, governing law, and jurisdiction for dispute resolution before executing agreements. This way, a predesignated court would have authority over the parties and could render a final and enforceable judgment. This convention allows the parties to enforce the judgment in the proper jurisdiction. It also applies to non-consumer browse-wrap and click-wrap agreements.

International internet laws can be complicated especially if there are multiple parties involved from different jurisdictions. For example, if the plaintiff is in France, and one defendant is in Germany, and the other is in the United States, a foreign court with proper authority over the case may not grant the protections afforded to the defendants by the United States laws. The court usually evaluates where the violation took place and who was affected by it. It will also evaluate whether the defendant’s actions were intentionally directed towards the plaintiff. In some cases, the courts have been inclined to apply United States laws to foreign litigants based on the facts and evidence. Therefore, it will be determined on a case-by-case basis.

A foreign court will likely have jurisdiction if the online commercial transactions – i.e., e-commerce transactions – had a substantial effect in their country. This is called the Effects Doctrine which holds that a foreign court should have jurisdiction where the effects are felt and damages take place despite the defendant’s citizenship or nationality. This principle has been useful in online harassment and defamation cases.

Online marketing and advertising can be a complicated process since the internet has opened new channels that did not previously exist before the technology age’s expansion. Now, with the advent of sophisticated technologies, business owners, startups, and entrepreneurs have more options when it comes to online marketing and advertising.

They can use email, telephone, or other online marketing and advertising tools to reach their customers. They can also use banners, pop-ups, metatags, mass emails, mass text messages, or linking and co-branding plans. The internet has no boundaries so you should realize that even though your company is located in one state, yet your online marketing and advertising campaign may implicate state, federal, or international laws. This can be true when your company is targeting customers in other states or nations. So, your contacts with that jurisdiction whether by having offices, employees, or customers there can play an important role in determining which court has authority to resolve disputes.

There are several state and federal laws that can be relevant to internet advertising. For example, the Lanham Act, FTC Act, or California Business and Professions Code regulate internet marketing and advertising. The Trademark Act – which is also known as the “Lanham Act” – regulates trademarks, service marks, trade names, and trade dress issues. This federal statute deals with infringements and outlines the remedies. It also creates a private right of action pursuant to 15 U.S.C. Section 1125(a)(1) against the infringing parties. A private right of action (or “implied cause of action”) is the legal right granted to a private party to file a lawsuit.