Internet Law

Stored Communications Act Covers Facebook Posts

Published on: March 24, 2014 | by Law Offices of Salar Atrizadeh

The expansion of social media networks has helped connect people and ideas all over the world. However, it has also raised substantial privacy concerns as more people store personal information on the web. Congress has enacted legislation in an effort to circumvent the dangers associated with online networks–for example, the Electronic Communications Privacy Act, the Child Online Privacy Protection Act, and the Stored Communications Act. States have also passed their own legislation to help protect cyber activity within their jurisdiction. For example, California passed “Do Not Track” legislation in November 2013 requiring websites to disclose their tracking practices. These laws, along with several others, work to protect individuals, entities, and their related private information as they continue to operate and conduct business over the Internet. Recently, a federal court applied the Stored Communications Act and found that it is applicable to a user’s wall posts.

What Are The Provisions of the Stored Communications Act?

In 1986, Congress passed the Stored Communications Act (“SCA”) which is codified under 18 U.S.C. §§ 2701 et seq. The SCA aims to protect privacy interests implicated throughout electronic communications. Various court holdings have interpreted the SCA to apply to non-public electronic communications that take place over electronic communication services in an electronic storage medium. Violations of the SCA may carry potential criminal penalties, including serving time in prison. The penalties and liabilities will generally depend on the circumstances of the violation. The SCA does allow Internet service providers to share “non-content” with another person or entity. This includes log data and recipients’ email addresses. Still, this is a limited exception to the general rules and the SCA is still prohibited with sharing any information with a government entity. The government may compel Internet service providers to provide stored information. For electronically held communications, the government is required to have a probable cause and obtain a search warrant. For communications stored remotely, the government only needs a subpoena or a court order. Hence, remotely stored data enjoys a lower level of protection since it is easier to submit a subpoena rather than to obtain a search warrant.

California’s Anti-Spam Statute

Published on: March 17, 2014 | by Law Offices of Salar Atrizadeh

In recent years, electronic spam has become a public nuisance. In response, several states, including, but not limited to, California, have enacted statutes to prevent electronic spam. As with most legislation that deals with the constantly-changing nature of the web, these statutes struggle to define the extent of their application while staying current with trends. Therefore, courts are charged with the responsibility of interpreting the intent of these laws.

What Are The Provisions of California’s Anti-Spam Statute?

In fact, California’s Business and Professions Code section 17529.5 prohibits any person or entity from sending commercial email advertisements, or spam, in three defined circumstances. First, spam is prohibited if an email advertisement uses a third-party domain without the third-party’s permission. Second, the statute prohibits email advertisements that use misrepresented information in the header. Finally, it is unlawful to use a subject line that is reasonably likely to mislead a recipient about the content or subject of the message. This section applies if the email is sent from California or if it is sent to a California email address. Accordingly, the reach of California’s legislation into other jurisdictions is also an issue for courts to interpret. Furthermore, a party bringing suit may recover both actual damages and liquidated damages. Liquidated damages are limited to $1,000 for each unlawful email and may go up to $1,000,000.

California’s New Digital Erase Law

Published on: March 3, 2014 | by Law Offices of Salar Atrizadeh

On September 23, 2013, Governor Jerry Brown signed Senate Bill 568 (“SB 568”) into law, which requires social media sites to permit children to permanently erase online posts. These websites, including, but not limited to, Facebook, Twitter, and Tumblr, will have to provide options for users under the age of 18 to delete texts, photos, and videos. However, this option will not extend to content that a third party uploads regarding the minor. Hence, as California works to implement this new law, public debate circles around its effects and whether it will actually be helpful in protecting children online.

What Are The Provisions Of California’s New Digital Erase Law?

The law addresses websites that are directed to minors and have actual knowledge that a user is a minor. The websites include ones created specifically for the purpose of targeting minors rather than adults. These websites must provide a method for underage users to remove public posts about them. Alternatively, these users may ask the website to remove the content. However, if a minor received any compensation (i.e., marketing benefits, rewards) for a post, then the post is not subject to this law. In theory, websites may provide minimal compensation to minors to circumvent this law and avoid having to take down any posts. Furthermore, the law is ambiguous in some areas. For example, it is unclear whether minors are required to erase the content while they are still minors or whether they retain the right to erase any content they posted as minors. These details will need to be clarified to ensure proper enforcement.

ACPA and Contributory Cybersquatting Theory

Published on: February 24, 2014 | by Law Offices of Salar Atrizadeh

In a recent case, Petronas v. Godaddy.com, the Ninth Circuit held that “contributory cybersquatting” was not a valid theory for relief. This case addressed the issue of whether the Anti-Cybersquatting Consumer Protection Act (“ACPA”) allows for secondary liability.

What Are the Facts?

Plaintiff, Petroliam Nasional Berhad (aka “Petronas”) is a Malaysian government-owned entity. Petronas holds the American trademark “PETRONAS.” The entity also owns the Petronas Towers in Malaysia. Defendant, Godaddy.com, is the world’s largest domain name registrar. The case revolves around a third party who registered the domain names petronastower.net and petronastowers.net in 2003. In 2007, the party began using Godaddy’s domain forwarding services to direct the domain names to an adult website. Petronas sued Godaddy for cybersquatting and contributory cybersquatting. In general, cybersquatting is the act of holding a trademark hostage in the form of a domain name and forcing the trademark owner to negotiate an unreasonable price for the domain. Although Godaddy did investigate the alleged cybersquatting, ultimately, they did not take any action.

Wiretapping and Privacy Laws

Published on: February 9, 2014 | by Law Offices of Salar Atrizadeh

In 2013, Edward Snowden, a former CIA employee, and National Security Agency (“NSA”) contractor, leaked top secret documents to the public. These documents detailed the NSA’s controversial electronic surveillance practices and procedures, sparking a debate about wiretapping and privacy laws. Snowden revealed that the government employed questionable electronic surveillance programs. The controversy circles around the potential privacy violations surrounding government agency practices to monitor communications. Since then, the Obama Administration has been under pressure to address individual privacy concerns. Last month, President Obama addressed the nation and introduced proposed changes to current electronic surveillance practices.

What Are the Current Wiretapping Laws, Before President Obama’s Proposed Amendments?

Wiretapping has been possible since the invention of the telephone. The procedure gets its name from earlier methods, which required officials to physically place electrical taps on telephone lines. Wiretapping is a constitutional and legal practice. In most cases, officials must secure a warrant from a judge beforehand. However, federal intelligence agencies can apply to the Foreign Intelligence Surveillance Court (“FISA”), under secret proceedings, for court approval. In some circumstances, these agencies can proceed with approval from the United States Attorney General, without court approval. In the event that the agency does need to secure a warrant before wiretapping, courts typically apply a very strict standard of review before granting approval. For instance, the judge will look to ensure there are no other less intrusive methods to gather information. In general, the courts look at wiretapping as a last resort. Alternatively, if a party who is participating in a call, records the call and produces it to a government agency, the agency does not need prior court approval. The agency is then at liberty to use the contents of the recorded phone call for its purposes.

Federal Privacy Laws

Published on: February 2, 2014 | by Law Offices of Salar Atrizadeh

In general, the federal government enforces privacy rights at the federal level and state governments regulate privacy standards at the state level. Depending on the area of privacy laws at issue, different government agencies have enforcement authority. For example, Office of the Attorney General, Federal Trade Commission, and Department of Health and Human Services have certain enforcement authority.

What are federal privacy rights?

The federal Privacy Act of 1974 applies privacy standards for the information that federal executives and agencies can access and disclose. However, these requirements apply only to information about U.S. citizens and legal alien residents. They do not apply to illegal immigrants or corporations.

California Privacy Laws

Published on: January 27, 2014 | by Law Offices of Salar Atrizadeh

In recent years, online transactions, such as activities on social media networks, have exposed personal privacy to greater risks. With so much personal information available over the Internet, it is increasingly important to be aware of the applicable laws, so that your privacy is better enforced and protected. The risks can include identity theft, and data, medical, financial, or workplace breaches.

In the United States, there are overarching federal privacy laws that apply to the states. Also, each state has its own privacy laws. In general, the states can provide greater privacy protection than federal laws, but they cannot provide less protection. Privacy right violations can lead to both civil and criminal penalties, depending on the extent of the violation and the applicable laws.

What are the applicable privacy laws in California?

Mass Tort Litigation

Published on: January 20, 2014 | by Law Offices of Salar Atrizadeh

Tort litigation, unlike criminal litigation, involves civil wrongs committed against a party or entity–such as a corporation. A plaintiff must demonstrate in court that the defendant is liable for plaintiff’s damages to be successful in a tort case. Mass tort litigation involves very much the same concepts except the number of plaintiffs and defendants is different. Specifically, mass tort litigation involves large numbers of plaintiffs who have suffered an injury at the hands of the same defendant, or group of defendants.

What Is Mass Tort Litigation?

Mass tort litigation involves a single wrongful act that results in harm to several victims. These types of cases involve many plaintiffs, who are all suing defendants for the wrongful act. Generally, mass tort litigation involves cases where a large group of plaintiffs are injured by defective drugs, or defective products. Cases dealing with defective drugs, or pharmaceutical claims, deal with medical products that have caused injury to consumers. These cases include both over-the-counter and doctor prescribed drugs. Alternatively, defective product cases involve consumer product claims where plaintiffs have sustained injuries, or even died, from defective products. Courts must grant permission for parties to proceed with mass tort litigation. Courts will look to see how many plaintiffs are involved, how far these consumers are located from one another, whether there are similar injuries among the plaintiffs, and whether the injuries come from a common cause or product. This last factor is necessary for a mass tort case. Otherwise, courts balance the other three factors to determine whether a case is properly deemed mass tort litigation.

Class Action Lawsuits and Internet Law Violations

Published on: January 13, 2014 | by Law Offices of Salar Atrizadeh

Class action lawsuits are a staple in the American court system. The notion that there is strength in numbers is shown in the extraordinarily large settlements that come from these cases. In recent years, there has been a significant increase in class action suits involving internet-based companies (e.g., Facebook, Google, Tumblr, Instagram, or MySpace).

As consumers spend more time on the Internet, sharing their work, preferences, and private information, there is a growing potential for internet law violations. Since numerous consumers engage in same or similar activities, e.g., use email to send/receive information, a single violation implicates the rights of a large group of consumers. In turn, this sparks a class action suit.

How Are Class Action Lawsuits Different From Other Suits?

Target’s Security Breach and Identity Theft Threats

Published on: January 5, 2014 | by Law Offices of Salar Atrizadeh

On December 19, 2013, Target issued a statement confirming a major security breach. According to the statement, approximately 40 million customers were at risk for identity theft because of the breach. Hackers had gained access to customer information, including their names, credit card numbers, debit card numbers, card expiration dates, and security codes. This incident brought light to the ongoing threat of identify theft for customers who use credit or debit cards to make purchases, either in stores or online. With this growing threat, consumers need to take care to protect themselves against potential attacks.

What Is the Extent of the Target Security Breach?

According to Target’s investigations, the hackers began accessing customer information from before Thanksgiving until mid-December. With the information they stole, which is stored on a card’s magnetic strip, the hackers could have made purchases all around the world. Indeed, hackers can also use this information to create new credit or debit cards. Although, there is no evidence the hackers also stole pin numbers, but if they had, they could have withdrawn money from customers’ bank accounts. The United States Secret Service is looking into this massive security breach. In the past, federal and state authorities have held companies liable, even issuing fines, if investigations reveal that a company did not take adequate steps to protect customer information. Analysts predict that here Target may have to spend over $100 million in legal costs to fix the security breach. Costs will increase even more if it’s forced to reimburse credit card companies for fraudulent purchases. However, in the meantime, Target’s first priority has been to act quickly to secure and protect customer information. Although, they have not reached any conclusions, initial investigations suggest the breach could have come entirely from outside hackers, or it could have been achieved with help from its employees. Either way, this level of a security breach suggests that it reached deep within the corporation.