|
| Harvard
Law School 2018
Internet Law – Things You Need To Know By Law Jonathan Bick, Author: 101 Things You Need To Know About Internet Law (Random House Dec. 2000) The Internet is as vast as your imagination, as accessible as a computer click. The Internet interpenetrates every aspect of our lives, as does Internet law. Internet law has developed in lock step with the Internet. Both are in their third phase of development. Until 1999, you did not need to know about Internet law. Now you do. A year before man stepped on the moon, schools, governments and computer firms mustered their resources and built the Internet. The first phase of Internet law dealt with computer and phone line contracts. During the first phase, bureaucrats and contract managers needed to know about Internet law, you did not.
A decade ago, the Internet Infrastructure was covered with the fabric of electronic destinations and electronic applications provided the Internet’s muscle. During the second Internet development phase, web sites were built and content secured to fill them.
Phase two Internet law dealt with web site development agreements; content contracts; patent applications and privacy notices. In the 90’s phase two Internet law was necessary know subject for Internet service providers and entrepreneurs, but not for you.
By 1999, e-commerce had super charged the Internet. A year ago the Internet became mainstream by all commercial standards. When the Internet became mainstream, so did Internet law. When Internet law became mainstream law, you need to know about it.
You need to know that Unencrypted Internet communication is not usually protected by attorney client privilege; Legal Notices Placed on a Web Site Will Minimize or Eliminate Legal Liability; Special e-Business Legal hazards exist; About Internet Legal Evidence; About Types of Internet Crimes; Using the Internet to Finding Internet Law; Obscenity and Indecency e-Content Regulation on the Internet; About Taxes and the Internet and more. The list goes on, but let me stop here and go into some depth.
Unencrypted Internet communication is not usually protected by attorney client privilege.
The New York City Bar indicated that using the Internet to practice law is analogous to conducting a law practice by telephone or facsimile machine. The obligations of a traditional attorney-client relationship would apply to the Internetrelationship. Some states require encryption to ensure the validity of the privilege ( see http://www.legalethics.com/index.law).
The attorney client privilege arises when legal advice from a known lawyer and the communications relating to that purpose is made in confidence by the client. Such communication is protected from disclosure by himself or the legal advisor, except when the protection is waived.
An example, of when the privilege is waived, occurs when either the client or the attorney fails to take reasonable steps to maintain confidentiality of the communication. The rule is based on the idea that even an inadvertent disclosure is a waiver. More often than not, waivers must be intentional acts, and inadvertent disclosures are unintentional. Nevertheless, disclosures may occur when a lawyer is negligent.
With respect to the Internet, what constitutes a "reasonable precaution" is highly subjective. The courts and bar opinions have offered little practical guidance as to what is a "reasonable precaution" with respect to Internet communications. Changing Internet technologies make the determination as to what constitutes "reasonable precautions" even more thorny. However, it is generally agreed that a lawyer's failure to use security technology could be construed as unreasonable.
The law has not developed to the extent that we can know what reasonable protection is for Internet communications. The law also says that if you take steps to reasonably protect yourself, and you fail to do so then you are out of luck. It is clear that simply by using the Internet you do not automatically waive the attorney - client privilege.
On the other hand, the Internet is known to be an insecure medium. In determining if a party has a reasonable expectation of privacy when using the Internet for communications, a court may look at the communication medium itself.
Since courts have not yet addressed the issue, some look to experts in order to try to define what is "reasonable." Not surprisingly, Internet communications experts in electronic communications disagree as to what constitutes a "reasonable precaution." One expert suggested any communication that is properly addressed and is sent to an appropriate party that established procedures to ensure that the communication is received in confidence is covered by the privilege. Another expert concludes that anything short of encrypting Internet messages is unreasonable. That expert argues that encryption devices are becoming more readily available and encryption easier, so a lawyer who does not use encryption will be found not to have tried to preserve the privilege.
Courts also consider the "community standard" with respect to E-mail security measures. A lawyer must act with the level of skill and learning commonly possessed by members of the profession in good standing. Therefore, if most lawyers are using cryptography technology, it is likely that the court will accept it as a community standard. However, while most courts allow evidence of custom for the purpose of showing reasonableness of care, the evidence is not conclusive. The fact that other lawyers who use the Internet do not encrypt would not necessarily mean that the practice is not dangerous and unreasonable.
With respect to the attorney client privilege, a client and an attorney must take measures of caution sufficient to prevent being eavesdropped on by others. The risk of insufficient precautions is upon the client and the attorney.
Internet communications may pass through dozens of computers before reaching the final destination. Each of the systems may be managed and monitored by a different network system administrator. Each such administrator may have a different attitude toward on-line privacy. While passing through the interconnected computers that make up the Internet network system administrators can easily read plain text Internet messages. They may also be able to capture and storing such Internet communications.
It has often been said that sending communications on the Internet is like to sending a postcard through the mail. So for the same reasons as an attorney would not want an employee of the Post Office reading a postcard containing privileged communications, that lawyer probably would not want to send an Internet message containing confidential information in a clear-text format.
It is conventional wisdom that attorney client communication over the Internet is irresponsible because such action risks compromise of confidential client information that may result in liability on the part of the lawyer and waiver of attorney -client privileges.
Courts have found that unlike postal mail, Internet mail is not generally sealed or secured. They have found that Internet communications can be accessed or viewed on intermediate computers between the sender and recipient, unless the message is properly encrypted. Encryption is a way of keeping messages secure. Its use can allow an individual can change his or her Internet into a message that is unintelligible to all those but the intended recipient.
Encryption involves the message sender's use of an equation or algorithm that makes readable text into unreadable text and the communication receiver's use of a means to make the unreadable text readable again. The use of encryption for Internet transmissions, helps to preserve privilege. It shows that the parties have taken additional steps to ensure the privacy of the Internet communication.
Experts offer encryption as a reasonable precaution that a lawyer can take to avoid inadvertent disclosure of privileged Internet communications. Until all Internet messages have the same protections as phone messages, an attorney's obligations to protecting their clients' confidentiality and avoiding malpractice claims appears to require the use of encryption
Recommendation: Attorney - client communications should not be conducted over the Internet when the communication is composed of confidential information, unless the client’s permission is secured in writing.
Will an Internet transmission error automatically end the attorney - client privilege? No.
According to the American Bar Association, a lawyer who receives an Internet communication that, on its face, appear to be subject to the attorney -client privilege and where it is clear that the Internet communication was not intended for the receiving lawyer, the lawyer should take three actions. First, he or she should refrain from examining the materials. Second, the receiving lawyer should notify the sending lawyer. Finally, the receiving lawyer should follow any instructions on the Internet communication. Never the less, if an Internet message is inadvertently sent to a third party, such as opposing counsel, the attorney -client privilege could be lost.
Recommendation: To avoid waiving privilege, take precautionary steps such as encryption. Alternatively, consider the use of a note. For example:
This message contains information that may be confidential and privileged. Unless you are the addressee or have been authorized to receive it by the addressee, you may not use, copy or disclose to anyone the message or any information contained in the message. If you have received the message in error, please advise the sender by reply e-mail to ___________@_______.com, and delete the message.
Legal Notices Placed on a Web Site Will Minimize or Eliminate Legal Liability.
No set of words will protect all your e-clients from being sued. Certain words properly place may mitigate the negative impact of such suits.
Certain actions may be taken to reduce the legal risk presented by your client’s use of the Internet for e-commerce. First, internal links should be constructed to as reduce or eliminate the possibility that a user may bypass the disclaimers and legal noticesposted prominently on the homepage of a site. Second, the Web site should be designed so that there is always a way to navigate from the internal page back to the site's homepage or other locations with relevant legal notices. Third, all the links within the Web site should work together. Working links to internal pages increase the likelihood that the information linked to will be viewed as an integral part of the linking site, which implies an association between the site's legal notes and the content. Limiting linking to other Internet sites to your client’s homepage, rather than to an internal page, may help to reduce the risk that an owner of another site might look for a way to legally challenge your client’s Internet link.
The placement of proper notices will help your client communicate its business intentions. To optimize the beneficial effect of the notices set forth below, consider asking a few people to use the site and ask them if they found the notices helpful. To be more specific, they should be asked if the notices provided value by being understandable and appearing at a time when such information was relevant.
As noted above the New York City Bars indicated that using the Internet to practice law is analogous to conducting a law practice by telephone or facsimile machine and the obligations of a traditional attorney-client relationship would apply to the Internetrelationship. The opinions advise lawyers to avoid providing or appearing to provide specific legal advice. They further advise that a disclaimer might not protect the attorney/firm against claims that an attorney-client relationship had been created.
Recommendation: the notice should be placed in the upper left hand corner of the homepage and all e-traffic should be routed pasted the homepage.
Special e-Business Legal Hazards Exist.
Nine e-business areas are particularly susceptible to legal difficulties. To be specific, the following areas are particular sensitive to legal risk: e-business structuring; protection of name and reputation; content control; management of identified legal risk; compliance; protection of assets; assurance of enforceable transactions; privacy policies; and formation of alliances.
Third-party transaction verification, information systems security, industry sector self-regulation, litigation support, and international data protection, the nine areas noted above must be investigated by all types of e-businesses. Without such investigation, even well managed business have failed to avoid certain e-pitfalls.
The following four characteristics of e-businesses agitate for early legal intervention. First, e-business have created new categories of assets. Second, the information assets of e-business are more vulnerable to attack than conventional businesses. Third, the global nature of e-business increases the risks associated with e-businesses. Fourth, the "go to market" time for an e-business is about one third of the time available to conventional business projects, consequently the time necessary to address legal issues may foreclose an e-opportunity.
While the conventional view of the value added by the legal department is primarily defensive, the e-business view of the value added by the legal department is anticipatory. Counsel for e-businesses are most appreciated if they are proactive. In particular, an e-businesses counsel should address questions of business transformation; protect name, reputation, and assets; assure that transactions are enforceable; manage liability risk; form alliances; effect Internet content control; and focus on compliance and privacy policies.
When an e-businesses counsel considers these issues, several standard questions arise. Will the location of the e-business offices, people and servers make a material legal and / or tax liability difference? Have legal steps been taken to create and protect an e-businesses brand? How will e-assets be protected from infringement? Is the e-trade sought susceptible to legally enforceable agreements? Are procedures in place to handle novel legal risks? Who will ensure that the rights and duties of e-business partners will be properly addressed? How can an e-business legally minimize the liability associated with errant Internet site content? Which jurisdictional compliance standards may be legally ignored? How can an e-businesses privacy policies prevent legal difficulties?
To achieve these ends an e-business may want its legal department to determine if proposed activities are lawful in each important jurisdiction. Once a determination of the lawfulness of an e-businesses activities has been determined, its counsel should determine if local requirements of national laws will impose major compliance costs or render the enterprise uneconomic. In addition, counsel should determine if customers may be legally deterred from purchasing the e-business product because of unforeseen consequential effects such as the unacceptability of electronic invoices for tax purposes.
As in all new ventures, an e-businesses legal department must be investigate the control and protect of its tangible and intangible assets as well as all sources of liability-to its customers, employees, competitors, and regulators. Since the Internet is global, the legal department must think in worldwide terms.
Internet Legal Evidence
In the discovery setting, the Internet is a mechanism for researching specific organizations, clients, and adverse parties. It is important to go out and conduct your own review on the Internet so that you can find out what others would discover about your client if they conducted such a search. Court rules and state laws now allow for Internet e-data discovery. The legal community understands that the Internet is in possession of a fabulous amounts of evidentiary information. Internet evidence may contain information that exists in no other form. As numerous litigants have found, people routinely use the Internet to communicate information they would never "put in writing." Such information may be very important in court.
As a general rule, Internet evidence is any information created or stored in digital form whenever the Internet is used to achieve a task. Thus, Internet evidence springs into existence whenever a machine or an entity accesses the Internet or when the Internet in response to a signal, generates information. Internet evidence is information in the form of databases, operating systems, applications programs, e-mail and more.
Courts have concluded that Internet data has become so commonplace that standard discovery operating procedures for lawsuits involve some type of Internet evidence collection. They have also found that Internet evidence is different from paper evidence. This find is significant for certain to civil and criminal proceedings.
The most obvious difference is associated with getting the evidence before the court. For instance, in most jurisdictions a person may authenticate a writing or an invoice by proving that he or she recognizes the signature as that of the author and that the paper document has not been tainted.
In the event a party declines to admit he or she is the author of an e-mail, the conventional paper authentication procedure is not applicable. This is particularly true if the e-mail came from an account, other the alleged e-authors.
E-mail has now have replaced the telephone in many instances. That is a helpful insight for a judge ruling on an objection to discovery of e-mail. Telephone conversations have consistently been discoverable.
Another distinction between e-evidence and traditional evidence is enduring nature of e-evidence. Conventional evidence, particularly records, typically resides in a single physical location. In order to discard paper records, they may be thrown away. In order to destroy e-evidence the procedure is not so easy. Contrary to popular belief, hitting the delete button does not destroy Internet information; it merely makes it temporarily inaccessible to the party who pressed the delete button. Even computer records, are not normally destroyed when the delete button is hit, rather the typical computer simply identifies the files as space that can be "overwritten" with new information.
For litigation purposes, evidence authentication, are simply proving that an exhibit is what it purports it to be. The cornerstone of authentication has been the identification of the exhibit by the offering witness based on distinct characteristics by which the witness can recognize the exhibit. In doing so, the exhibit can be proved to be what its proponent claim it is. Thanks to years of experience, tangible items can be processed with ease. Internet evidence may take a little longer.
Finally, it should be noted that evidence of e-communications are created, sent and stored on computers, in contrast to the way in which they traditionally have been sent and stored on paper. This change has created substantive as well as procedural issues associated with Internet evidence. For example, it is difficult to determine if a sexually explicit Internet picture is that of an abused minor or a morphed photograph of an adult.
Recommendation: Attorneys should advise clients to inventory potential sources of Internet evidence. Be cautioned, when using the Internet for research, others may be watching the Internet. If you are out asking online questions, a profile can be built of what you are looking for. A search can be conducted on your name or on the name of your law firm. Proper review and analysis can indicate what you are asking about, leading to a determination of what you are trying to accomplish in the litigation. Keep in mind that you are in a public forum when you are on the Internet; information about your activities may be retrievable by others.
Types of Internet Crimes While there is not special set of Internet crimes, virtually any crime that involves the Internet is considered an Internet crime. Internet crimes are usually grouped into three major categories: Internet related computer crimes; Internet fraud crimes and other Internet crimes.
Internet crimes that relate to a computer crime usually require breaking into a computer system and include those crimes where knowledge of a computer system is essential to commit the crime. Internet fraud crimes usually involves stealing e-data, such as credit card numbers or transferring funds to a numbered account in another country. The other Internet crimes include all other forms of crimes such as infringement, harassment, treason, industrial espionage, and defamation.
These crimes can be state or federal crimes. For example, it's a federal crime to use the Internet to conduct betting operations. In addition, federal prosecutors are securing indictments for Internet crimes using a broad reading of wire fraud and criminal copyright infringement laws, and even murder-for-hire statutes. It should also be noted that approximately half of the states modeled their statues on federal Internet crime statutes.
While no special set of Internet crimes exists, there is a common distinction drawn between hackers and criminals. "Hackers," who have innocuous goals such as exploration, and Internet criminals, who have a criminal intent to copy, alter, and/or destroy e-data or e-programs.
Perhaps the most notorious Internet criminal was Kevin Mitnick, who was finally indicted after evading authorities for over two years. He allegedly used the Internet to access information from businesses and educational institutions as well as stealing 20,000 credit card numbers over a two-year period.
One of the most common occurrences on the Internet is sexual harassment. United States Supreme Court found that in an employment context, unwelcome sexual advances that create an offensive or hostile environment constitute sex discrimination or sexual harassment.
Threatening another using the Internet constitutes a general intent crime. However, the standard for a "true threat" requires an evaluation of a defendant's behavior in relation to the circumstances. Though, it should be noted that whether or not the sender of the threatening e-mail had any intention of acting on the threat is irrelevant. The courts simply rely on the reactions of foreseeable recipients of the e-communication. In short, if the e-mail recipient can reasonably interpret the e-communication as a serious expression of an intention to perform the threatened act, it is a crime.
Since geographical boundaries do not necessarily provide insulation from Internet crimes, future Internet criminals will likely be international in nature. An Internet criminal law convention, accompanied by a multilateral treaty, would be within the bounds of international law and would be a useful tool to battle Internet crimes. For example, the European Union might adopt a convention or the United Nations might a convention that would form the framework for the multilateral treaty.
Currently, most extradition treaties are silent as to Internet related crimes. Since there are no international treaties dealing with Internet crimes, the prosecution of individuals from foreign countries with respect to e-crimes is very difficult.
Summary: Internet crime is related to one of the following transactions: computer attacks using the Internet; the use of the Internet to alter, damage, delete or destroy e-data or e-programs; the use of the Internet to facilitate the commission of an embezzlement or a fraud; the use of the Internet to trespass or gain unauthorized access; the use of the Internet for unauthorized copying; the use of the Internet to prevent others from lawfully using the Internet; the use of the Internet to contaminate e-programs, typically using "viruses," "worms," and "logic bombs"; and using the Internet to view confidential personal information.
Using the Internet to Finding Internet Law.
The Internet is not a regulated source of legal information. Legal information which is found on the Internet need not be correct. Having said this, one may still get wonderful legal information about Internet law from the Internet if you conduct your research properly.
First when using the Internet to research Internet law, or any other law for that matter, it is advisable to check your results. The most effective and usually the easiest way to do that is to get a second opinion from the Internet. Research the same question on several Internet sites and keep searching until most of the information that is found is consistent.
If the information that is found fails to be consistent, check the date of the source of the information. Usually the later sources are more accurate. This is particularly true when the later source cites the earlier source.
The second procedure, which should be employed when using the Internet to research Internet law, is to determine the credibility of the source. To do this one must identify the author of the Internet site. Most Internet legal sites have a contact address on them. Once you find that address use it to look at the credentials of the person or organization who has writing the articles or running the site.
The final step in effectively using the Internet to research Internet law is to invest sometime in developing an understanding of the law in general. For example, despite the fact that the Internet crosses legal boundaries, not all laws apply. To be more specific, laws are different in each state, and the courts in that state are usually limited to applying the law of one state.
Internet law site abound on the Internet. For example many people use www.lawguru.com. find Internet law statutes. This site has links to the statutes of every state and territory.
While statutes are the basis of Internet law, they may be too erudite to be of practical value. Consequently, it may be wise to start ones research at www.sidebar.com which has a number of links to legal web sites and legal resources can be found on the Legal Annex home page or www.ncsc.dni.us which provides links to law schools, law libraries, government and legislative sites. It should be noted that www.law.cornell.edu may be the site most used by attorneys to research the law.
Obscenity and Indecency e-Content Regulation on the Internet
The government's desire to regulate the Internet is strong in many areas. Among them is the aspiration to limit children's exposure to obscenity and indecent materials available on the Internet.
The Internet is a significant channel for the distribution of pornography due to the anonymity of the distributor and receiver, the difference in standards for prohibited material that exist from jurisdiction to jurisdiction and the accessibility of the Internet. These characteristic combine to make it relatively simple for a child to view e-pornography.
While the First Amendment of the United States Constitution states that the Congress shall make no law abridging the freedom of speech, this Amendment does not protect all forms of speech. To be specific, obscene material does not receive any protection and indecent speech receives limited protection. Obscenity speech is any speech which the average person, applying contemporary community standards, find appealing predominately prurient interests. Indecent speech is not obscene when presented to adults but contains offensive sexual expression.
The existing federal obscenity statutes thought enacted before the implementation of the Internet have been successfully applied to the Internet. For example, e-obscenity providers have been successfully prosecuted for the crime of possessing obscene material with the intent to distribute, for the crime of distributing or receiving obscene materials through a common carrier in interstate or foreign commerce; for the crime of broadcasting "obscene, indecent, or profane language;" and for the crime of knowingly transporting or engaging in the business of selling obscene, lewd or filthy material through interstate.
Congress wanted to target indecent Internet transactions. To this end, it enacted the Communications Decency Act (CDA), which was an effort to make the Internet a safe place for our children. The CDA was to shield children from indecent material on the Internet. The portion of the Act that dealt with indecent e-content made it a crime to electronically transmit "obscene, lewd, lascivious, filthy, or indecent [communications], with [the] intent to annoy, abuse, threaten, or harass another person. It also made it a crime to e-transmit any obscene or indecent communication if the party sending the material knew the recipient was under the age of eighteen or electronically transmit any communication to a specific minor that depicted or described sexual or excretory activities or organs in terms that are patently offensive.
In Reno v. ACLU, the Supreme Court invalidated the CDA indecency provisions. The Court found that the CDA was too vagueness to be constitutional, among other problems. Even the Child Pornography Prevention Act (1996), which was upheld by the Northern District of California in Free Speech Coalition v. Reno was found to be unconstitutional by the Maine District Court in US v. Hilton because it was so vague that it could not be determined what conduct was prohibited.
Recommendation: The global nature of the Internet presents unique legal challenges with respect to the regulation of obscene and indecent e-content. However, both federal and state official have successfully applied existing crime statues to those who traffic in obscene and indecent e-content.
Taxes and the Internet
e-Commerce has thrived in part because the Internet transcends geographic barriers. This advantage of access to and use of worldwide markets without the need for governmental permission is the basis for future taxation difficulties.
A state's power to effectively impose a tax is directly related to its ability to collect it. Generally, state's power to collect a tax depends on the presence of the tax payer or some the taxpayer's assets being within the jurisdiction's power to seize in the event the tax is not paid. This in turn usually means the taxpayer is located in a taxing jurisdiction or the transaction subject to tax is in the jurisdiction. In short, the concept of jurisdiction presence is an important element in determining the taxability of a person or of a transaction.
Consider the following typical e-commerce transaction. A resident of Tampa, Florida who is visiting her family in Dallas, Texas accesses the Internet and e-orders a computer from IBM whose headquarters are in Armonk, New York, to be shipped to the e-customer's client's work place in Atlanta, Georgia. The IBM Internet server which processed this transaction was located Chicago, Illinois sent an order to the Philadelphia, Pennsylvania IBM warehouse to ship the computer.
In this example six locations has basis for applying tax several types of taxes each. Dallas, the state of Texas and the county in which Dallas is located may claim that the sale transaction took place in their jurisdiction because that is where the buyer was located at the time of the sale. They would each be able to arrest the buyer for failure to pay tax.
Tampa, the state of Florida and the country in which Tampa is located may be able to tax the transaction on the grounds that the e-buyer of the computer was a resident and received income from the sale of the computer to her customer in Atlanta. If they were not paid tax each would be able to arrest the e-buyer or seize her home in Tampa.
Armonk, New York State and Westchester County could all claim that payments were made for this computer transaction to IBM, which was responsible for the transactions and located in their jurisdiction. Failure to pay taxes on this basis, if a proper set of law were in place, would allow Armonk, New York State and Westchester County to each have a basis for seizing IBM assets or padlocking IBM's headquarters location shut.
Since the computer was shipped into Atlanta Georgia, the city of Atlanta, the state of Georgia and the county in which Atlanta is located might potentially claim a use tax or a property tax was due from this transaction. Particularly, if the computer was present on assessment day and the appropriate state and local use tax statues were in place. Failure to pay such a tax could result in the seizure of the computer or the padlocking of the e-buyer's business location.
Chicago, Illinois and the county in which Chicago is located may claim that the transaction took place on the IBM server, which is located in their jurisdiction. If some form of transaction tax is not paid, each of these three jurisdictions could have a basis for seizing the IBM server.
The city of Philadelphia, the State of Pennsylvania and the county in which Philadelphia is located would claim that the computer was sold from a location in their jurisdiction and so tax is due to them on that transaction. Failure to make such a payment could allow any one of the three jurisdictions to seize the computer.
The combination of IBM's combination of both a virtual presence and a physical presence in each of the jurisdictions noted above may result in addition tax collection and liability issue for IBM. The possibility of federal tax liability, which may arise as a result of the hypothetical transaction, should also be observed. Such liability could result in the seizure of IBM's property, fines, arrest of employees and loss of IBM's licensee to do business.
It should be noted that the likelihood of the arrests, fines, loss of licenses to do business, padlocking and seizures described in the hypothetical above are remote. Generally, it is the presence of the purchaser that defines whether a state may apply sale tax the sale of goods. The residence of a person and the headquarters' location of a business are usually determinative of where income tax is due. The location of goods during assessment day is the basis of personal property tax. The mere presence of the vendor or of the goods within a taxing state is not always sufficient to apply tax. This is particularly true without the presence of the purchaser.
Recommendation: An e-enterprise's primary concern with respect to taxes,
should be jurisdictions in which it has a point of presence. |
