Articles Posted in Government

For this week’s blog post, we will be continuing with a discussion of another recently decided Supreme Court case.  Specifically, we will cover United States v. Microsoft Corporation, and talk about the ramification’s the Court’s decision has on the world of internet technology.

This case involves user data privacy rights and the ability of US based technology companies to refuse to comply with federal warrants when user data is stored overseas.  The case had to do with the extraterritorial (outside of the United States) application of the Stored Communications Act (SCA), and whether warrants issued under SCA could be effective with regard to new internet technology such as cloud storage and data centers.

In 2013, FBI agents obtained a warrant requiring Microsoft to disclose emails and information related to a customer’s account who was believed to be involved in drug trafficking.  Microsoft attempted to quash the warrant, claiming that all of the customer’s emails and information were stored in Microsoft data centers in Dublin, Ireland.  The court held Microsoft in civil contempt for refusing to give agents the emails, but this decision was reversed by the Second Circuit.  The Second Circuit held that requiring Microsoft to give federal agents emails that were stored overseas would be outside the realm of permissible extraterritorial application of the Stored Communications Act (18 U.S.C. 2703).

For this month’s blog posts, we will be discussing some of the most recent Supreme Court cases that have been decided this year.  Specifically, we will address cases that are likely to have an impact on internet, e-commerce, technology, business, and cybersecurity laws.  We will start with a discussion of Murphy vs. NCAA.

Murphy vs. NCAA was decided on May 14, 2018, and generally was the Supreme Court ruling in favor of states’ ability to legalize sports betting.  The Supreme Court overturned the Professional and Amateur Sports Protection Act (PASPA), which previously prohibited all but a few states from legalizing sports gambling.  In Murphy, the Supreme Court held that PASPA violated states’ rights to make their own decisions regarding the legality of sports gambling.  The Court explained that Congress cannot commandeer states to enact or enforce a federal regulatory program, which was essentially what PASPA (as a federal act) was doing towards the states.

Many states, such as New Jersey, are thrilled with this decision.  They view it as an opportunity to generate revenue, prevent black market gambling, and help their economy.  The Court’s decision in Murphy empowers states with the ability to legalize and regulate an estimated $150 billion sports betting industry that was previously illegal.  New York, Connecticut, West Virginia, and New Jersey are among the 20 or so states already introducing legalizing legislation.

Cyberbullying in schools is one of the most troubling activities currently plaguing our educational system.  When children are bullied, they can’t focus, they don’t feel that they fit in, and they often lose interest in school.  This creates absenteeism, depression, and even suicide among school-age children and teenagers in our society.

According to the California Attorney General: “Anyone who sends any online communication to deliberately frighten, embarrass, harass, or otherwise target another is a cyber bully.”  California Penal Code section 652.3 is slightly more specific, and states that every person who, with the intent to place another person in reasonable fear for their safety of the safety of their immediate family, by means of an electronic communication device, for the purpose of harassing, is guilty of a misdemeanor punishable by up to one year in a county jail, by a fine of not more than one thousand dollars ($1,000), or both.  Penal Code § 652.3 also makes it a crime to electronically distribute or make available personal identifying information, including a digital image of another person, or an electronic message of a harassing nature about another person, which would be likely to incite or produce unlawful action.

California law defines harassment as: A knowing and willful course of conduct that a reasonable person would consider as seriously alarming, seriously annoying, seriously tormenting, or seriously terrorizing and that serves no legitimate purpose (Penal Code § 652.3).  Electronic act as related to cyberbullying means: The transmission of a communication, including a message, text, sound, or image, or a post on a social network, by means of an electronic device.  This means that any post through Facebook, Twitter, Instagram, Snapchat, or email qualifies as an electronic act, and thus subjects the sender to potential liability for cyberbullying.

In our first June blog post, we discussed a bill passed by the State Senate which would provide net neutrality rules for ISPs in the State of California.  We continue this week with the theme of internet regulating laws being proposed in our state.

The California Consumer Privacy Act of 2018 (CCPA) is a ballot measure, which would provide unprecedented protection for user data in California.  Users would have the ability to prevent companies from selling their data to third parties, as well as demand full disclosure of all data being collected.  Consumers would also have the ability to sue companies in violation of the law.

The CCPA was started by Alastair Mactaggart, a real estate developer in the San Francisco area, along with Rick Arney, a finance executive, and Mary Stone Ross, an attorney who has worked on national security matters with the House of Representatives and was a former CIA analyst.  The group says they are just three people living in California who want what is best for their kids and the future of Californians.  They believe the “bargaining” that occurs between big companies and users regarding consumer privacy, which is basically take-it-or-leave-it is not bargaining at all.  With the practical necessity of laptops and cell phones today, they want users to have more choice and power in terms of what information is collected, and how that information is used.

On May 30, 2018, the California State Senate voted to pass a bill that will ensure net neutrality on the internet in the State of California.  With the FCC’s repealing of Obama-era net neutrality rules going into effect on June 11, 2018, California’s bill will provide for continued net neutrality protection.  Officially known as Senate Bill 822, the senate passed SB 822 by a vote of 23-12.  The bill will next go to the State Assembly to be voted on by the end of August.  If the bill passes the Assembly, it must finally be signed by Governor Jerry Brown in order to become law.

If made into law, the bill will prohibit Internet Service Providers (ISPs) from manipulating internet traffic.  Net neutrality rules ensure that ISPs cannot slow down or block access to certain websites, or give some websites and content quicker access speeds than others.  Preventing willful alteration by ISPs of internet connections between devices and sources of content is the key focus of net neutrality rules.  SB 822 will also allow the state to supervise commercial interconnection deals between corporate customers and ISPs to ensure that corporate customers are not taken advantage of by ISPs’ dominant market power.  Interconnection arrangements typically occur between content providers such as YouTube and Netflix, and ISPs such as Spectrum or AT&T.

The net neutrality rules would also ban third-party paid prioritization, as well as application-specific differential pricing.  Paid prioritization occurs when content providers pay ISPs a fee in order to ensure that users have higher access speeds to their websites than competitors’ websites.  ISPs claim that preventing this business model may cause an increase in the price that consumers pay for internet service.  Differential pricing is when goods or services are offered at different price points to different consumers.  For example, a company such as Microsoft may charge a higher fee to corporate customers for Microsoft Office software than to a personal user who purchases the software for use at home.  Differential pricing comes into play in the net neutrality laws with regards to user access to applications, content, and platforms (ACP).

Last week we discussed smart toys, and we mentioned “COPPA” in that article.  As such, some of you may be asking what is COPPA?” In short, COPPA is a federal law specifically tailored towards children, and stands for “Children’s Online Privacy Protection Act.” This law is meant to protect children from over exposure and prohibit businesses from gathering invasive amounts of analytics on children using their products or services. This remains a legitimate concern, attempting to curtail some of the worst aspects of online life.  What exactly does COPPA prohibit? Is there any limitation? Does it provide guidelines for a business to follow and ensure compliance?

COPPA Prohibitions

The spirit of COPPA can be summarized as follows: It is unlawful for an operator or a website or online service directed to children or with knowledge that it is collecting or maintaining a child’s information, to violate this federal statute by failing to give notice on the website of what information it collects, how it’s used, and how it’s disclosed, failing to obtain parental consent, providing reasonable means for parents to review or cancel the use of the service or website, to not condition participation in a game, offering of a prize or other activity by disclosing more personal information than is necessary, and failing to establish and maintain procedures to protect the confidentiality, security and integrity of the children’s information.

This is a current update on the principle of net neutrality that is worthy of a discussion. So, how or why is an update necessary?  The answer is that net neutrality rules may be changing soon, and various organizations are currently lobbying for their positions.  Why does net neutrality matter to businesses or consumers?  Is there a way or reason for removing net neutrality? What may you need to consider as a business or consumer after the demise of net neutrality?

Historical Background

For those that have not been following the idea of net neutrality, the idea is simple. No one packet of data can be favored or disfavored by a company that provides internet access. Previous rules would forbid this, and allow entities to sue if there was an intentional slowdown of their service. Indeed, this has allegedly occurred in the past as described in a lawsuit between Time Warner Cable (now Spectrum) and the State of New York.  Essentially, Spectrum was intentionally slowing down service, and only improving the service after payment was received by it.  Under the Open Internet Rules, this process was prohibited.

The European Commission released its first annual review of the current EU-US Privacy Shield in order to determine what may or may not need changes as a matter of policy. As it currently stands, the Privacy Shield creates enforceable protections for European Union residents regarding the use of their personal data. The US-based entities that wish to participate will have to conform to greater transparency standards in how the data is used, as well as submitting to strong oversight to ensure adherence, and increased cooperation with Data Protection Authorities (“DPAs”). So, what changes are suggested in this new report? How might this affect businesses in the United States? What consequences, if any, may be added to the new changes?

What is the review?

It was conducted by the Commission to the European Parliament, which in essence reviewed the function of the Privacy Shield and gathered input from publicly-available sources. These sources combined press releases as well as legal cases that were available to the Commission; although, neither source was cited specifically within the seven-page report. The Commission is composed of both European and American representatives, such as the European Data Protection Supervisor and Federal Trade Commission.

The United States Supreme Court has accepted a new case that implicates cell-phone location privacy. The case of Carpenter v. United States was decided by the Sixth Circuit and now the Supreme Court will issue a decision in the future as to whether the lower court’s decision was correct. The main issue in this case is that the court will be deciding whether or not the warrantless search and seizure of historical cell phone records revealing the location and movements of a cell phone user over the course of a 127-day period is permitted by the Fourth Amendment.  In general, the Fourth Amendment protects against unreasonable searches and seizures. It also implicates the laws regarding search warrants, wiretaps, other forms of surveillance and is central to privacy laws.

What are the case facts?

In 2011, four men were arrested because they were suspected of committing a string of armed robberies at T-Mobile and Radio Shack in the Detroit area. One of the four men confessed to the crimes and told the police that a shifting group of 15 other men served as getaway drivers and lookouts. The one man who confessed gave his phone number along with the phone numbers of some of the other participants to the FBI. The FBI then reviewed the call records of the man who confessed and were able to identify the phone numbers of others that he had called around the time of the robberies.

Net Neutrality is the principle that Internet Service Providers (ISP) and the government should treat all web-related traffic equally regardless of the source. If there was no net neutrality, companies would have the ability to purchase priority access to the ISP customers. Larger and wealthier companies (e.g., Google) would be able to pay the ISPs to provide customers more reliable access to their websites instead of to competitors’ websites. This would negatively impact any new start-up service that would not be able to purchase a priority access.

On February 26, 2015, the Federal Communications Commission (FCC) voted to enact the “strongest net neutrality rules in history.”  Millions of Americans contacted the FCC, called their Congress members, and wrote to the White House to express their support.  Although, this decision was a bold move in favor of net neutrality, but more changes may be coming soon. This 2015 Rule meant that ISPs cannot block access to any websites and they cannot interfere with website loading speeds. This rule also banned paid prioritization, which means that ISPs are not able to give preferential treatment to websites that pay an additional fee.

On January 23, 2017, President Trump selected Ajit Pai to lead the FCC as the new Chairman. This Chairman has a record of previously promising to undo the 2015 landmark decision. Then on May 18, 2017, the FCC, led by Chairman Ajit Pai, voted to propose a review of the 2015 rules.  Mr. Pai holds the opinion that the 2015 FCC rules are a “bureaucratic straitjacket” on the ISPs.  The new FCC proposal, which is called “Restoring Internet Freedom” contemplates whether to undo the legal approach that enforced those rules and whether there was anything that warranted the rules in the first place.