Articles Posted in E-commerce

Published on: | by

When hackers breached the e-commerce firm Zappos in January, they may have compromised the personal information of as many as 24 million users. Legislatures in several states, including California, have responded to attacks such as this one by passing laws enhancing cybersecurity investigation and enforcement, and increasing requirements for disclosure of cyberattacks. The U.S. Securities and Exchange Commission (SEC) has also issued new guidelines for businesses and individuals under attack. The key issue to consider, in light of these new laws and regulations, is how much disclosure is not enough, and how much is too much.

The SEC is recommending disclosure of cyberattacks to an unprecedented degree. A new set of guidelines issued in October 2011 advises publicly-traded companies to disclose details of cybersecurity breaches as part of the quarterly 10-K report. Companies should disclose any and all cyberattacks, regardless of whether they caused a loss. The SEC even encourages companies to disclose “cyberrisks,” even in the absence of a breach. This potentially benefits investors, the SEC says, by providing comprehensive information about both actual and potential losses due to hacking and other cyberattacks. At the same time, extensive disclosure could put companies at greater risk by exposing weaknesses to hackers. Companies must carefully consider how much, or how little, to disclose. Too much disclosure could make them vulnerable to attack. Too little disclosure could make them vulnerable to lawsuits by investors.

State laws regarding cybersecurity disclosures are typically not as stringent as the SEC’s guidelines. California passed the first such law a decade ago. That law applies to any person or business that owns or licenses computer data containing a California resident’s “personal information,” such as social security number, home address, driver’s license number, and so forth. In the event of a breach that would reasonably lead to an unauthorized person obtaining the personal information, an owner or licensor of personal data must notify the person whose personal information may have been breached.

Forty-six states have followed California’s lead and passed similar laws. California has actually fallen behind some states that have passed laws with stricter disclosure requirements. A new law that took effect on January 1, 2012, requires an individual or business to notify the state attorney general of a cybersecurity breach if the breach affects more than five hundred California residents. The notice must include specific details of the type and size of the breach, and a toll-free number to allow users to contact credit agencies.

Continue Reading ›

Published on: | by

Last year, the California State Legislature made various efforts to regulate commercial transactions on the Internet. These efforts provide interesting questions and concerns regarding practical and constitutional limits on a state’s capability to legislate or regulate transactions on the world-wide-web (i.e., the Internet) due to its intrinsic interstate character.

One important consideration is the Dormant Commerce Clause, which stems from Article I, section 8, clause 3 of the federal Constitution. This doctrine implies that Congress only has the power to regulate interstate commerce and that the states do not have such power. Its application to the regulation of activities on the Internet is not quite developed and includes a series of judicially-created analyses. So far, the United States Supreme Court (which is the nation’s highest court) has not issued any definitive rulings. In addition, we do not have authoritative decisions by federal courts regarding the capability of the states to control online privacy and data security, tax online sales, or regulate online gambling.

As mentioned in this article, the legislators in this state passed or proposed laws that would develop our state’s regulatory power over transactions on the Internet which relate to the following topics: (i) privacy and data security; (ii) taxation of retail sales over the Internet; and (ii) online gambling.

Continue Reading ›

Published on: | by

Mall owners are harnessing digital technology to stem an erosion in their tenant base by online retailing and to promote shopper attendance to their centers.

Hammerson which is a leading European real estate company in London, United Kingdom (http://www.hammerson.com) plans to use a system which tracks shoppers to its malls by using signals from their mobile phones. Australia’s Westfield Group, Ltd. (http://www.westfield.com) plans to set up a virtual mall. Also, the Simon Property Group, Inc. (SPG) of Indianapolis (http://www.simon.com) and Paris-based Unibail-Rodamco SE (UL), are seeking to encourage consumers to add new smartphone applications.

Published on: | by

According to the FBI, fourteen individuals were arrested on July 19, 2011 based on charges related to their alleged involvement in a cyber attack on PayPal’s website (www.paypal.com) as part of an action claimed by the group Anonymous. In addition, two more defendants were arrested on other cyber-related charges.

Read more on http://www.fbi.gov/news/news_blog

Published on: | by

California legislators approved collection of an online sales tax among their revenue efforts as they passed the state budget on Wednesday.

Sponsors estimate the tax could bring in $200 million a year by collecting taxes that consumers have been avoiding when they make online purchases.

Federal law says states can only tax companies with a physical presence in a state, but the new California law applies that to include companies such as Amazon.com Inc. of Seattle, that have “affiliates” in a state.

Continue Reading ›

Published on: | by

NEW YORK (AP) – If you use Facebook to “check in” to your favorite restaurants or shops, you can now expect to see rewards and discounts from companies looking to drum up business and lure in loyal customers.

Facebook is looking to bridge online advertising with people’s offline behavior as it announced a service called “Deals.” It’s an extension of Places, the check-in feature the company unveiled this year. Rising with the explosive growth of smart phones, services based on people’s location help them find coupons, earn quirky merit badges or simply share with friends where they are.

The number of people using such services is still small – just 4 percent of the U.S. Internet population have ever used it and just 1 percent on any given day, according to a survey released Thursday by the Pew Internet and American Life Project.

Continue Reading ›

Published on: | by

The Internet has made life easier in so many ways, including the ability to shop and conduct financial transactions online. Of course, just like in the world of bricks and mortar, criminals also lurk in Cyberspace, seeking to steal identities, data and money. While Cyber criminals, of course, are responsible as a matter of criminal and civil law for their own wrongdoing, the question arises as to whether others also can be deemed responsible for the harm suffered as a result of this illegal conduct.

The recent case of Patco Construction Company, Inc. v. People’s United Bank d/b/a Ocean Bank, filed in state court in Maine, tees up this very question for resolution.

Patco alleges that it has been a customer of Ocean Bank. Patco asserts that Ocean Bank failed to fulfill “ones of its most basic obligations, namely, to protect its customers’ funds against theft.”

Continue Reading ›

Published on: | by

Here’s a routine the online shopper knows well. Skim a book, try on a watch or compare refrigerators at a local store.

Then head home with the specs in hand and find the item on the Internet,—cheaper, and often with no state sales tax. Of course, you buy it for less,—at times, a lot less.

Dueling pieces of legislation, both of which were introduced in Congress in July, address the issue of whether to close the loophole that allows online shoppers in most states to avoid paying sales tax.

Continue Reading ›

Published on: | by

Thieves are stealing credit-card numbers through skimmers they secretly installed inside pumps at gas stations throughout the Southeast, using Bluetooth wireless to transmit stolen card numbers, according to law enforcement officials. “We’ve sent detectives out to every gas station within a mile of Interstate 75,” says Lt. Steve Maynard, spokesman for the Alachua County Sheriff’s Office, which last Thursday was first notified about a suspicious skimming device discovered by a maintenance worker at a Shell Station located in the vicinity of Gainesville, Fla. So far, three card-skimming devices hidden in gas pumps at three stations have been discovered by investigators, and the U.S. Secret Service has been notified. The Sheriff’s Office, along with other local police departments, are trying to inspect as many gas stations in the area as possible, especially focusing on those along I-75. But law enforcement is encouraging gas station operators to look for signs of the skimmers at their pumps and contact them if they think they’ve found something. The Secret Service has indicated there’s a crime wave throughout the Southeast involving the gas-station pump card skimmers, and it may be traced back to a single gang that may be working out of Miami, Maynard says. Nearby St. Johns County in Florida has also been hit by the gas-pump card skimmers. Maynard says criminals wanting to hide the credit-card skimmers in gas pumps must have a key to the pump, but in some cases, a single key will serve to get into many gas pumps. It’s not known whether the gas-pump skimming operation involves insiders. Law enforcement is encouraging gas-station operators to train video surveillance they may use on the pumps.

For more information go to: http://www.knowconnect.com/mirln/current AND/OR http://www.computerworld.com/s/article/9179136/Bluetooth_at_heart_of_gas_station_credit_card_scam_in_Southeast_?taxonomyId=85