Internet Lawyer Blog

The Growing Problem of Identity Theft

Published on: May 29, 2017 | by Law Offices of Salar Atrizadeh

Identity theft is an epidemic impacting people across America. During 2016, an estimated 15.4 million consumers experienced some kind of identity theft. This is an increase from 13.1 million in 2015. Another staggering statistic is that 1 in every 16 adults in the United States is a victim of identity theft.

This increase in identity theft notwithstanding the fact that 2016 was the first year that retailers were forced to accept EMV chip cards. The belief was that by switching to these EMV chip cards it would almost entirely eliminate card cloning, which is a major type of identity theft. Instead of lessening the amount of credit card fraud this switch has made criminals move away from card cloning and into different types of fraud. More criminals are starting to make online purchases where swiping or inserting a physical card is no longer necessary.

Over the past few years, we have seen numerous data breaches. Data breaches have been hitting financial, health, commercial, government, and education institutions. These breaches have ranged from password management services like LastPass, the OneLogin security breach, and Target security breach. All of these different breaches compromise our data and our identity. The above companies are just a few that have been hit by a security breach.

OneLogin Security Breach

Published on: May 22, 2017 | by Law Offices of Salar Atrizadeh

OneLogin recently suffered from a major security breach. This breach has compromised private and confidential information, which is managed by its datacenter. OneLogin provides a service that is used by organizations to secure their data. It is basically a password manager for corporations. It allows employees, customers, and partners to gain secure access to the company’s cloud and applications on any device. It allows its customers to integrate other websites and services like Microsoft Office 365, Slack, Amazon Web Services, Cisco, Webex, LinkedIn, and Google Analytics. The OneLogin website says that it currently has over 2,000 enterprise customers across 44 different countries. This includes well-known companies like Indeed, Pinterest, Midas, and Yelp.

How did this breach occur?

The breach occurred because the intruders were able gain unauthorized access to the OneLogin datacenter. Alvaro Hoyos, who leads the company’s risk management, security, and compliance efforts posted a blog about the risks. He wrote that a threat actor used one of our AWS keys to gain access to the AWS platform via API from an intermediate host with another, smaller service provider in the United States. He said his company’s staff was able to detect and stop the intrusion very quickly.

Impression Products, Inc. v. Lexmark International, Inc.

Published on: May 15, 2017 | by Law Offices of Salar Atrizadeh

The United States Supreme Court came out with a new patent law decision in Impression Products, Inc. v. Lexmark International, Inc. For those who are not familiar with patents, a patent grants the holder an exclusive right to exclude others from making, using, importing, and selling the patented innovation for a limited time.

Lexmark International is a company that manufactures, designs, and sells toner cartridges. These cartridges are sold both in the United States and outside of the United States. Lexmark International owns patents that cover the components of these cartridges as well as the way that they are used by consumers. Lexmark gives the purchasers of the toner cartridges two options: One option is to buy a toner cartridge at full price with no restrictions. The other option is to buy the cartridges at a discount through Lexmark’s “Return Program.” In order to get this lower price, the customers are required to sign a contract that they will only use the cartridge once and refrain from transferring it to anyone else except Lexmark.

Other companies that are known as remanufacturers would get the empty Lexmark cartridges, refill the cartridges with toner, and then resell those cartridges. Impression Products is one of those remanufacturers. They go through the same refilling process with cartridges that they acquire overseas and then import into the United States. Lexmark is suing Impression Products for patent infringement for both the “Return Program” cartridges sold in the United States and for the cartridges Lexmark sold abroad that were imported into the country by Impression Products.

President’s Executive Order on Cybersecurity

Published on: May 8, 2017 | by Law Offices of Salar Atrizadeh

President Donald Trump has signed an executive order on cybersecurity as a response to the WannaCry ransomware attack. This executive order is entitled as “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” The executive order contains three main sections and a fourth category that includes some definitions of terms that are contained in the order.

The first section of the executive order is regarding Cybersecurity of Federal Networks. This section states that the United States Information Technology (IT) should have the data secured responsibly by the United States Government. The President said that he will also be holding the heads of executive departments and agencies accountable for managing cybersecurity risk to their enterprises. One of the findings included in this first section is that the executive branch has been too accepting of IT in that it is antiquated and difficult to defend. To manage these risks, the first section includes a risk management section, which includes ideas of how to reduce future cybersecurity risk. For example, the head of each agency must provide a risk report to the Secretary of Homeland Security and Director of Office of Management and Budget.

The second section of the executive order is regarding Cybersecurity of Critical Infrastructure. This section states that support must be provided to the critical infrastructure that faces the greatest risk. It also describes how the Secretary of Commerce and Secretary of Homeland Security will both go through an open process to try and improve how resilient the internet is, so they can reduce threats of automated attacks.

Who Is Responsible for the WannaCry Attack?

Published on: May 1, 2017 | by Law Offices of Salar Atrizadeh

On May 12, 2017, what is believed to be the largest ransomware attack in history occurred on the internet.

A global search is heating up trying to locate those who are responsible for the attack.

While this search is occurring, there is also a question of how much blame for the attack should be placed on Microsoft. This is because the WannaCry attack took advantage of a weakness that was already existing in the Microsoft operating systems.

Copyright Preemption Laws

Published on: April 24, 2017 | by Law Offices of Salar Atrizadeh

For example, you have a lawsuit against another party for infringing on your personal rights of privacy. The other party takes a photograph they had taken of you, and then licenses it to other individuals without your consent. Those individuals use it as a basis for a character in another work, making a large amount of profit. Naturally, this wouldn’t sound fair to the subject of the lawsuit. Yet, making matters worse is, given a current case, it’s suggested that the action would effectively have no remedy. This is due to the doctrine of preemption. So, what is the preemption doctrine? How does it apply to an individual in a case? How might preemption be avoided by the careful litigant?

Copyright Preemption

Before going into the relevant case, copyright preemption is a doctrine in copyright law, with Section 301 dictating that in cases where a personal right and copyrights may clash, the Copyright Act will take precedence, and other rights will be preempted by the copyright. Included in a “copyright” are rights against reproduction, as well as a right to control distribution, derivative works, and publication of works, in addition to others. This would also mean that preemption would cover far more than what is protected by copyright. This has the effect of removing the basis for a lawsuit as the plaintiff may not have a right in the copyrighted work.

Mavrix Photographers, LLC v. LiveJournal, Inc.

Published on: April 17, 2017 | by Law Offices of Salar Atrizadeh

In theory, a moderator is a sound idea for any individual running a website that allows user interaction. Presumably, moderators can filter out comments and content that is disreputable, disrespectful, and patently offensive. The moderator can keep discourse civil and help foster insightful positions. Perhaps the website can even rely on volunteer moderators who are bound by the website’s rules and regulations. However, the moderator’s very existence risks making a website’s owner subject to liability for copyright infringement. These questions were recently addressed in a case involving LiveJournal. What is this case about? Why could a volunteer moderator trigger legal liability? Are there any guidelines to determine risks?

Mavrix Photographers, LLC v. LiveJournal, Inc.

This case is one arising out of the United States Court of Appeals, For The Ninth Circuit, regarding the potential liability of LiveJournal over an alleged infringement of twenty different photographs. LiveJournal is a social media website, which sets up various forums for different communities. The communities can post and comment on a theme and are allowed to create their own rules in addition to LiveJournal’s rules and regulations. The photographs were then published to a sub-forum on the website, focusing on celebrity news. The photographs were watermarked, and subject to copyright by the photographer. However, one issue was how LiveJournal used its moderators.

Non-Compete Agreements in California

Published on: April 10, 2017 | by Law Offices of Salar Atrizadeh

Different states have different rules regarding the validity of non-compete agreements. In California, non-compete agreements are heavily disfavored and will usually only be upheld in a limited number of circumstances. When drafting a non-compete agreement, it is important to keep in mind where the employment will be taking place, so that you can know what types of non-compete agreements are allowable in that location.

Background

California, in general, finds that non-compete agreements after the termination of the employment agreement are not valid and will not be upheld by the courts except in specific circumstances. The California Business and Professions Code Section 16600 states: “Except as provided in this chapter, every contract by which anyone is restrained from engaging in a lawful profession, trade, or business of any kind is to that extent void.” The courts have strictly applied Section 16600 and used this provision to invalidate employment agreements that would have prevented the employee from working for a competitor after the completion of employment.

Star Athletica v. Varsity: Copyright Protection Issues

Published on: April 3, 2017 | by Law Offices of Salar Atrizadeh

From the idea of product design, who wouldn’t want to protect more of their products? A producer should be able to profit off the sweat of labor, and creativity that they have mustered to bring the product. Yet, if a design brings utility, then the individual that comes up with it may have a monopoly over the most effective design, which hampers competition. These are the issues that the United States Supreme Court recently considered in Star Athletica v. Varsity, as Justice Sotomayor phrased as “killing knockoffs” with copyright protection. The case involved two parties, Star Athletica and Varsity, both producers of cheerleading uniforms. Varsity sued Star Athletica for copyright infringement of protected designs over a dress. Still, there were various issues to be resolved. What is useful? What is protected by copyright laws? Would it matter if even after the creative elements were removed, there was nothing useful about the article at all?

Star Athletica

In this case, the main issue was effectively based in the idea of useful articles. In copyright, there is a thinner protection for “useful” things, protecting only what is creative rather than the useful parts of it. In essence, it had to be “separable” either conceptually or physically. This generally meant to be “truly” separable, it would have to be both. Relating to the cheerleading uniforms, it presented a unique issue. The major question however, was if the designs on the dress (i.e., the chevrons, colors, general look) were protectable. Presumably, either the designs on the dress were protectable, as they could be reproduced and placed on some other object, like a lunchbox, or they were unprotectable, as they were intertwined with the functionality of a cheerleader’s uniform.

Facebook v. Power Ventures: Unlawful Access To Computer Networks

Published on: March 27, 2017 | by Law Offices of Salar Atrizadeh

After this month’s discussion on the statutes that prohibit the unauthorized access of email accounts and digital assets, one might wonder how these statutes may apply in a case. However, in the lengthy saga of Facebook v. Power Ventures, the Ninth Circuit issued a determination giving a bright line example of what would not be permissible under the law. So, how did Power Ventures violate these unlawful access laws? How did they attempt to move around the laws? What was Facebook’s argument, that has thus-far prevailed in the courts?

Case History

This case focuses on Power’s use of Facebook through the actions of other users. Power, a type of social media aggregator, would allow users to “link” Facebook, Twitter, and other social media accounts to permit control from a single website. From there, Power would “scrape” data under the permission of the Facebook users. However, this was against Facebook’s terms and conditions. Power would also invite users to invite others in spam-like messages, as well as deploying bots. This ultimately resulted in an IP-based ban against Power. Yet, Power evaded those bans and defied a cease and desist letter, prompting Facebook to sue based on CAN-SPAM, Penal Code 502, and CFAA.