Recently in Internet Law Category

June 25, 2014

COURT CONTINUES TO MISUNDERSTAND HOW WE USE TECHNOLOGY

The Supreme Court continued its trend of significant decisions today, issuing rulings in favor of copyright holders over technological innovation (ABC v Aereo) and in favor of upholding privacy rights in the face of police searches (Riley v California). While the decisions were broad in scope, they also both created substantial unanswered questions that the Court is essentially pleading with Congress to resolve. From a political standpoint, that appears unlikely, and I predict both of these issues will be back before the Court in the not too distant future.

Looking first at the Riley case, the Court held cell phones contained private information which the police are not entitled to review merely incident to an arrest. Unlike the contents of your pockets or items in plain view, the government now cannot access your cell phone without a warrant during an arrest. This rule applies to both smartphones and so called dumb phones alike (the police viewed the incoming caller ID in one of the defendant's older style flip phones to determine where he lived), and actually signals real concern for future business cases.

While this may seem like a boon to privacy advocates, there are holes in this ban big enough to steer Google's self driving car through. First, there are exceptions for when the police believe they need to access your device in exigent circumstances. No warrant is required when the police are trying to prevent a disaster, or save someone else. Second, the Border Search exemption does not come up in this case. This exemption, still on the books but possibly overruled by today's decision, allows for a warrantless customs search anywhere within 100 miles of an international border. That includes our offices in Philadelphia, and most of the population of the US who live within 100 miles of an international coastline. Is every police search now going to have a customs element to get around the Riley decision?

The bigger concern with this decision, from a business perspective, is the growing use by the Roberts Court of anecdotal evidence not truly before the Court. The Riley decision in some ways is based upon a faulty understanding of technology and how we interact with it on a daily basis. Justice Roberts cites to the iPhone User Guide as definitive proof that "Law enforcement officers are very unlikely to come upon such a phone in an unlocked state because most phones lock at the touch of a button or, as a default, after some very short period of inactivity." While many phones have this feature, it's frequently not used. Various surveys have shown between 40% to 70% of cell phone users don't lock their phones. The Court similarly dismisses out of hand the potential for automatic wiping via geofencing as simply not a real concern. I'll grant Justice Roberts that most criminals are not IT specialists, but it's not difficult to set up a directive for your phone to be wiped if it enters the local police station. In fact, the controls to set that up are right in the apps at the heart of the Riley decision. Finally, the Court suggests merely turning the phone off or removing the battery as a way police can prevent a remote wiping signal, failing to understand that (i) many, if not most, new smartphone have integrated non-removable batteries; and (ii) a phone is not rendered completely inaccessible simply because it's turned off.

The problem here is not holding itself, which may actually be a bit of a pendulum swing against the destruction of privacy standards we've seen since 9/11. Rather, the issue I see is that the Court continues to decide cases based upon a misunderstanding of how people interact with technology. This has led to, and will continue to create, decisions which raise significant business issues. We'll have more in the next few days on the Aereo decision, which even the Court acknowledged will hang over SAS and cloud computing services for some time to come. But in the meantime, it's clear that if we are going to continue to see technological growth, Congress needs to get on the ball and deal with some of these issues before they're dumped at the courthouse steps.

Continue reading "COURT CONTINUES TO MISUNDERSTAND HOW WE USE TECHNOLOGY" »

April 22, 2014

Top 3 Mistakes Companies Make with IT Security Programs

I came across an interesting blog that was posted by a professional hacker whose job is to find vulnerabilities in top corporations' IT security. His official title is "penetration tester". Rather than just summarize what is already a short blog, I decided to just let the hacker speak for himself and tell you directly what he believes are the top 3 mistakes corporations make with their IT security programs. I think the top 3 will surprise you. Click here for the security blog.

The attorneys at Danziger Shapiro & Leavitt, PC can help you with developing your security protocols and smart phone/tablet work policies customized to the unique needs of your business. Call us today to set up a free consultation to discuss this and any other issue affecting your business.

Continue reading "Top 3 Mistakes Companies Make with IT Security Programs" »

January 7, 2014

RECENT CHANGE TO STATE PRIVACY LAW WILL IMPACT COMMERCIAL WEBSITES NATIONWIDE

It seems we cannot go a day without big news regarding online security and privacy or the lack thereof. Most recently it was Target and tomorrow who knows. California has always been at the forefront when it comes to protecting consumers and internet privacy. Thus it comes as no surprise that, as of January 1, 2014, every business with an online presence will need to comply with California's amendment to its Online Privacy Protection Act. This recent amendment has teeth and you must comply if a California resident clicks on your commercial web site either through his computer or mobile phone.

In a nutshell, privacy policies will now be required to include how the website will respond to a web browser's "do not track" security option and if the web site allows third parties to collect personally identifiable information from users and across third party websites. Failure to comply will cost you $2,500 for each violation. However, before any fine is imposed, the noncomplying business will be given 30 days to correct its privacy disclosures.

What is interesting about this new law is that while it places the onus on businesses to state how their website responds to a customer's "do not track" option, it does not require the business to honor that request. We are truly operating in one unified economy and it is becoming increasingly important to be aware of the laws of other states as you do business on the global web.

Continue reading "RECENT CHANGE TO STATE PRIVACY LAW WILL IMPACT COMMERCIAL WEBSITES NATIONWIDE" »

December 16, 2013

Danziger Shapiro & Leavitt, P.C. Announces Investigation of NQ Mobile, Inc.

For Immediate Release

Contact: Douglas M. Leavitt
Danziger Shapiro & Leavitt, P.C.
215-545-4830
leavitt@DS-L.com

Danziger Shapiro & Leavitt, P.C.
Announces Investigation of NQ Mobile, Inc.

PHILADELPHIA, PA, December 16, 2013- Danziger Shapiro & Leavitt, P.C., a Philadelphia based litigation law firm, (www.DS-L.com) is investigating securities fraud claims against NQ Mobile, Inc.. (NYSE: NQ). This inquiry centers on allegations that statements issued by NQ Mobile regarding its business operations and the company's financial condition were deceptive and false.

NQ Mobile purports to provide security solutions for the mobile phone market. On October 24, 2013, a report issued by Muddy Waters states that NQ Mobile had engaged in fraudulent practices by, among other things, vastly overstating its market share in China by asserting it had a 55% share of the market when in fact it only had a 1.5% market share and that at least 72% of NQ Mobile's alleged Chinese security revenue is fictitious. Upon the release of this news, in less than 36 hours, shares of NQ Mobile dropped approximately 56%, representing over $500 million in losses to investors

Individuals who purchased NQ Mobile shares between May 5, 2013 and October 24, 2013 who would like to learn more about this investigation, have an interest in joining a class-action lawsuit, or have any questions concerning this announcement and their rights, should on or before December 23, 2013, contact Douglas M. Leavitt, Esquire: (215) 545-4830 or visit: www.DS-L.com. You may also email Mr. Leavitt at leavitt@DS-L.com.

This press release may be considered Attorney Advertising in some jurisdictions under the applicable law and ethical rules.


Continue reading "Danziger Shapiro & Leavitt, P.C. Announces Investigation of NQ Mobile, Inc." »

December 3, 2013

NEW JERSEY FACEBOOK PRIVACY LAW NOW IN EFFECT

Earlier in the Fall I talked about NJ's proposed privacy bill that would prohibit employers from requiring employees and job applicants to disclose their private social media account information. (Click here for prior post) Well, the law took effect December 1. Be mindful that this new law applies to all employers regardless of size.

Continue reading "NEW JERSEY FACEBOOK PRIVACY LAW NOW IN EFFECT" »

September 4, 2013

NEW JERSEY PASSES FACEBOOK PRIVACY LAW

Governor Christie signed into law on August 29 a privacy bill that prohibit employers from requiring employees and job applicants to disclose their private social media account information. The law will become effective December 1, 2013. Click here for a related blog entry I wrote on a similar law in Philadelphia.

First off, the law will apply to ALL NEW JERSEY EMPLOYERS regardless of size. Yes that is correct; there is no minimum number of employees for this law to apply. There is a minor exception relating to state and county jails and parole officers but for purposes of this entry, this law applies to ALL NEW JERSEY EMPLOYERS.

Under this law, an employer will not be able to force an applicant or a current employee to disclose any password, user name or other account login information to any social media that is used exclusively for personal communications and is unrelated to a business purpose of the employer. It will be a violation of this law if you even ask a prospective job applicant or current employee if they have a social networking site. However, there is nothing in this law that would prevent an employer from doing his own search to see if the prospective employee has her own social media accounts at Facebook and similar sites.

Like most laws, there are exceptions. In certain limited circumstances, an employer will be allowed to compel an employee to disclose his or her username and password. For example, disclosure may be required for (1) the employer to comply with a state or federal statute; or (2) employer investigations of workplace misconduct or theft of proprietary or confidential information. In each workplace investigation, the employer must be acting on credible and specific information and not be conducting a fishing expedition.

The law has anti-retaliation provisions designed to protect the applicant or employee from adverse actions of an employer who violates this law. If an employer does violate this law it will be fined $1,000 for the first violation and $2,500 for each successive violation. The proceeds will be collected by the Commissioner of Labor.

Continue reading "NEW JERSEY PASSES FACEBOOK PRIVACY LAW" »

August 5, 2013

NEW JERSEY ANGEL INVESTOR TAX CREDIT PROGRAM RULES PUBLISHED TODAY (HOPEFULLY) IN NEW JERSEY REGISTER

An angel investor who invests in a "qualifying" New Jersey emerging technology business in tax year 2012 and beyond is now eligible to receive a tax credit of up to 10% of the total amount invested. This law is designed to stimulate investment in emerging New Jersey technology companies by allowing the investor to use the 10% tax credit as a direct offset against an investor's New Jersey business or gross income tax. While Governor Christie signed this act, known as the New Jersey Angel Investor Tax Credit Act, into law on January 31st of this year, the underlying rules do not come out until today, August 5, 2013, in the New Jersey Register.

The act defines both "qualified investment" and "New Jersey emerging technology business" and I will not bore you with every detail here. However, in brief; in order for an investment to be a "qualified investment," the investment must be a non-refundable transfer of cash to a "New Jersey emerging technology business" in exchange for rights to participate in the upside of the business or to use or market the technology.

To be considered a "New Jersey emerging technology business," the act specifies the physical connection the company must have to New Jersey as well as the technological areas the business must be involved with. For example, the New Jersey business must have fewer than 225 employees, of whom at least 75 percent work in New Jersey. The company must also transact business, own property, or maintain an office in New Jersey. Finally, the company is required to operate in one of the following industries: advanced computing, advanced materials, biotechnology, electronic device technology, information technology, life sciences, medical device technology, mobile communications technology or renewable energy technology.

For investments made on or before July 1, 2013, an investor must submit a completed application before July 1, 2014. For all other investments, an investor must submit a completed application within one year of the date of the qualified investment. There are application fees not to exceed $1000 and approval fees that will be offset against the tax credit.

Continue reading "NEW JERSEY ANGEL INVESTOR TAX CREDIT PROGRAM RULES PUBLISHED TODAY (HOPEFULLY) IN NEW JERSEY REGISTER" »

July 23, 2013

FAMILY OWNED BUSINESSES IN PENNSYLVANIA EXEMPT FROM INHERITANCE TAX

Pennsylvania has just passed legislation that allows, if certain conditions are met, the tax free transfer of a family owned business to a decedent's heirs. The idea behind this exemption is in these tight economic times to keep businesses in the family. This financial burden comes at a critical juncture as the business is now faced with not only a forced transfer of organizational control, but an inheritance tax bill when nothing has changed in the actual running of the fundamental core business. In some cases, the business is forced to sell assets to meets its inheritance tax obligations or in dire circumstances, has to shut down business operations altogether. While the local governments want to collect every penny they can, our elected officials also know this hurts the economy at the grass roots level because when an otherwise viable business shuts down only because it cannot afford to pay an inheritance tax, employees who were gainfully employed are now added to the unemployment line and this becomes another drain on the local economy.

With this as background, in order to be entitled to the family owned business inheritance tax exemption the following requirements must be met:

• Qualified Business - The business must be a "qualified business" which requires that the business must be operated by either a sole proprietor or through a business entity (LLC, partnership or corporation). The business must have fewer than 50 employees and a net book value of less than $5million dollars.

•Ownership of Qualified Business - The business must have been in existence for the past 5 years and must have been owned by the decedent and members of the decedent's family.

•Qualified Transferees
- The "qualified business" may only be transferred to "qualified transferees". Qualified transferees are, as you would expect, the decedent's immediate family - spouse, children, grandchildren, siblings, cousins, parents and grandparents.

•Time Restriction - In order to retain this tax savings, the family business may not be transferred to another individual or entity for a period of 7 years from the date of the decedent's death. Yearly certifications to the taxing authority will be required. If the business is transferred within this 7 years period, all inheritance tax plus interest that would have been due will now become immediately due and payable.

Continue reading "FAMILY OWNED BUSINESSES IN PENNSYLVANIA EXEMPT FROM INHERITANCE TAX " »

July 9, 2013

WHAT HAPPENS TO DIGITAL DATA WHEN YOU DIE?

I was reading the Philadelphia Inquirer this weekend and came across an interesting article in the business section. As a result, I decided to take a break from the typical commercial litigation or real estate post and ask you this: When you die, what happens to all of the pictures you posted on Facebook or Instagram? Who takes over your Gmail account? Would you like your children to be able to access these pictures? Have you ever asked yourself these types of questions?

Lucky for us, Karen Dilko's July 1, 2013 article sets forth the different policies by several media giants. If you are with Yahoo, you are out of luck. There is no right of survivorship. When you die, Yahoo will delete all account information upon presentation of a death certificate. That seems harsh, no? Luckily, it is different with other providers such as Facebook or Twitter. These entities will work with your estate to transfer ownership.

Continue reading "WHAT HAPPENS TO DIGITAL DATA WHEN YOU DIE?" »

June 7, 2013

New Proposals to Fight Patent Trolls

New proposals coming from the White House this week should give small business owners hope for relief from costly patent troll litigation. This type of lawsuit has been an increasingly expensive threat to small businesses, most of which never imaged they'll be involved in patent litigation. The common perception is patent disputes are for manufacturers to worry about, and the number of small business manufacturers is dwarfed by those in construction, services, retail and health care. Unfortunately, patent trolls, politely called non-practicing entities (NPEs), have turned that perception on its head.

The way NPEs work is frustratingly simple. They acquire patents, often in large packages at a time, and then look for existing products which could be deemed to infringe on the patent. But instead of going after the business which is making the product, NPEs frequently go after the end users. Think of this in terms of the Samsung v Apple litigation that's been in the headlines so often lately - imagine if Samsung had not sued Apple but rather demanded licensing fees directly from every iPhone user in the country. This is the tactic the NPEs take.

The NPEs know their patents are often worthless. If they were forced to defend them against an actual manufacturer, with financial resources behind them, they'd face the real risk of having the patent invalidated. So by pursuing the end user, often a business who bought a particular software program or copier, they're pursuing those least able to defend themselves. The NPE sends out mass mailings demanding penalties and licensing fees, and waits to see who responds. In most cases, the targeted business never even learn who's behind the NPE, they only deal with the law firms who make a living fronting for these entities. That may soon change.

The proposals from the White House include seven legislative recommendations and five executive actions. While the legislative recommendations would certainly be most helpful, the chances of Congress passing anything requested by the Administration seem slim. The executive actions appear to be more likely, and should ultimately help small businesses who are targeted by these trolls.

In the short term, suggested changes requiring the true owner of a patent to identify themselves should help targeted businesses and provide a claim history for their counsel to track. This will certainly help. Also, the Administration has proposed an education and outreach program so targeted businesses can learn more about their rights.

The biggest improvement, however, is likely to be in the long term as new efforts are implemented to improve training for PTO examiners. The goal is to restrict the acceptance of overly broad claims in issued patents. Applicants will be forced to improve the explanation of their claimed invention, and the patent will be limited to a specific method of accomplishing a task, instead of all method for accomplishing the task.

Continue reading "New Proposals to Fight Patent Trolls" »

April 30, 2013

BEST PRACTICE TIP: PRIVACY CONCERNS WITH EMPLOYEE SMARTPHONES AND iPADS IN THE WORKPLACE

Companies today are increasingly allowing employees to use a company issued smartphone or iPad for personal use. Companies actually invested money and polled employees and found that employees hated having to carry around a business and personal mobile device. While it may have seemed like an easy concession to appease employees, there are hidden dangers lurking in the weeds. What privacy concerns are triggered when the employee returns the company device when fired or just receives an updated smartphone or tablet? What if the employee downloaded Facebook onto the device and has the automatic login feature enabled? Does the employer now have the ability to review all of the employee's personal information on Facebook? What if the employee does online banking through his device?

The problem also rears its head in the reverse scenario as well. What happens when an employee's personal smartphone has company data, contacts and trade secrets on it? What happens when the employee returns the smartphone for an upgrade, loses the device or donates the phone to a battered woman's shelter? What happens to all of your company trade secrets? Did you just breach a few dozen confidentiality agreements?

The short answer to all of these questions is, "I don't know, more facts are needed." What I wanted to point out however is what I want to call a "Best Practice Tip". An employer whose employees use mobile devices, be it smartphones or tablets, needs to have a clearly defined privacy policy in place with either a very limited expectation of privacy (or no expectation of privacy) and specific guidelines on how these devices are handled on a day to day basis and at the end of their useful life.

Continue reading "BEST PRACTICE TIP: PRIVACY CONCERNS WITH EMPLOYEE SMARTPHONES AND iPADS IN THE WORKPLACE" »

March 19, 2013

SEARCH AND SEIZURE IN THE DIGITAL AGE

Earlier this month the U.S. Court of Appeals for the Ninth Circuit ruled that border agents may not perform a forensic search of a traveler's laptop merely because he is crossing the border into the United States. In the current climate of heightened security to prevent terroristic acts, we have sacrificed some of our basic freedoms as Americans. In this particular case, it was the breadth of coverage of the Fourth Amendment to our Constitution versus the boarder search exception doctrine.

The Fourth Amendment states in a nut shell that we shall be free from unreasonable searches and seizures. This boarder doctrine is a product of United States criminal law that allows basically unfettered searches and seizures within 100 miles of a border without the need for a warrant.

In the case before the Ninth Circuit, a traveler's laptop computer was confiscated by the government for 5 days while it ran encryption software to break the traveler's security codes. The Court recognized that while the Supreme Court has virtually suspended the Fourth Amendment at international boarders, this type of conduct went too far. The Ninth Circuit clearly stated in its Opinion that the government needed a "reasonable suspicion of illegal activity" before border agents can invade a person's right to digital privacy. In particular, the Court stated, "A person's digital life ought not be hijacked simply by crossing a border." Please click this link to read a copy of the Opinion.

Too bad for the traveler in this case however; while the Court stated a standard that required a reasonable suspicion of illegal activity, the Court found that this standard was met. This traveler had a prior conviction for child pornography and was travelling from Mexico which is known to have a high incidence of child sex crimes. Combined with the fact that significant child pornography was indeed found on his computer's hard drive made for an easy decision to get this predator off the street and rule the seizure valid.

So what should employers in Philadelphia and the surrounding four counties (Bucks, Montgomery, Chester and Delaware) take away from this regarding digital privacy rights? Well, Philadelphia International Airport (and Newark Airport for that matter) is considered an international boarder. Thus, the government conceivably can just walk up to one of your employees and in the name of security confiscate your company laptop, tablet or smart phone. What trade secrets or customer lists are on these digital file servers? What confidential agreements have you just broken by allowing the government to view highly confidential information? Do you have an obligation to immediately file an injunction to prevent the government from viewing the contents of your smart phone? Do you have to report this to your Board of Directors?

Continue reading "SEARCH AND SEIZURE IN THE DIGITAL AGE" »

March 5, 2013

PENNSYLVANIA EMPLOYERS WILL NEED TO UPDATE EMPLOYEE HANDBOOKS AND OTHER CORPORATE POLICIES IF NEW SOCIAL MEDIA BILL PASSES

Last month Philadelphia City Council proposed a bill that would prevent employers from legally requiring employees to provide them with access to an employee's social media account.

Highlights of the social media protections afforded to employees or prospective employees under the proposed bill include:

• prohibits requiring an employee to log on to a site in the employer's presence;
• prohibits the employer from gaining access to an employee's social media indirectly;
• protects the employee from retaliation if he refuses to give his username and password, or any other related account information.

The proposed bill does not however prevent an employer from monitoring an employee's use of his corporate computer, email and cell phone for use not consistent with corporate policy. What this bill makes clear is that every employer needs to have a clearly written corporate policy on what is and is not allowed relating to the use of its technology in an employee handbook.

Continue reading "PENNSYLVANIA EMPLOYERS WILL NEED TO UPDATE EMPLOYEE HANDBOOKS AND OTHER CORPORATE POLICIES IF NEW SOCIAL MEDIA BILL PASSES" »

February 19, 2013

DO WEBSITE TERMS OF USE BIND CUSTOMERS? SOMETIMES.

At the bottom of virtually every website is a link titled "Terms of Use" or "Terms and Conditions." Click on this and you will see the conditions a company wants to impose on its customers who click through their website. Traditionally courts have held that "terms of use" and "privacy policy" sections of a website are binding. However, a recent federal court decision ruled that a major company's Terms and Conditions was not enforceable and how the implementation of the user agreement (user agreements are what the courts typically call Terms of Use and/or Privacy Policies) was why the court decided the user agreement was not enforceable.

There are two categories of user agreements. The least effective user agreement is the browsewrap agreement. Businesses who adopt this approach take the position that the customer agrees to the user agreement by virtue of the customer merely visiting the website. No affirmative action is required by the customer other than visiting the website.

Contrast this approach with the clickwrap agreement. In the clickwrap agreement, the customer must click "OK" or "Agree" in order to accept the User Agreement before he can access the website. The best example I can think of is Apple. Anybody who has iTunes is familiar with the almost biweekly updates to the "terms and conditions" and that if you want to continue to use iTunes, you have to "Agree" or click "OK".

However, as much as people may criticize Apple, they are doing it correctly. Every time a change is made to a user agreement, it is a best practice to obtain the affirmative consent of the user. Failure to do so leaves the user agreement open to attack. The argument is that because the user was not aware of the one-sided unilateral change, it will not be controlling. In fact, this is exactly why the federal district court invalidated the Zappos user agreement. Because Zappos failed to obtain the customer's acceptance of new terms and conditions, Zappos was unable to impose its mandatory arbitration provision against its customer.

Continue reading "DO WEBSITE TERMS OF USE BIND CUSTOMERS? SOMETIMES." »

February 12, 2013

CLIENT ALERT: RECENT COURT RULING REGARDING THE VIOLATION OF A COVENANT NOT TO COMPETE - SOLICITATION OF PAST CUSTOMERS

In a breach of contract case last month (January 2013), a Pennsylvania trial court correctly ruled (in my humble opinion), that a seller did not violate the terms of a covenant not to compete in an asset purchase agreement by providing services to its former clients. The new owners of the company argued for a broad interpretation of the word "solicit" and a holding that the seller had solicited its former business clients. The court disagreed, and in a very clearly worded opinion held the word "solicit" means more than just accepting work from a former client. In this case, the seller did not proactively reach out to any of his former clients, but merely agreed to work for them after the former clients unilaterally approached him.

This unfortunately was a case of a lawyer not paying attention to the details. The main asset in this sale appears to have been the customer list, and the buyer failed to ensure it was properly protected. This problem could have easily been easily avoided by including in the agreement a list of clients the seller could not work with, a mandatory referral clause, or perhaps a broader geographical restriction, just to name a few options. Realize now, every case turns on its own unique set of facts and circumstances and your situation may differ from what the court analyzed here. In the above example, the key fact for this particular court was that the plaintiff was unable to produce any evidence to contradict the seller's statement that he did not reach out to former clients.

Continue reading "CLIENT ALERT: RECENT COURT RULING REGARDING THE VIOLATION OF A COVENANT NOT TO COMPETE - SOLICITATION OF PAST CUSTOMERS" »