Information Technology Law is our Focus

phone icon(313) 575-7234
divider

Alerts


FCC Seeks New Call Authentication System in 2019

/ 0 Comments

The Federal Communications Commission (FCC) recently sent letters to telecommunications carriers asking them to establish plans to implement the Signature-based Handing of Asserted Information Using toKENS (SHAKEN) and the Secure Telephone Identity Revisited (STIR) authentication standards. The SHAKEN/STIR framework digitally validates the handoff of calls between carriers, ultimately making it possible for consumers to accurately determine a caller’s identity. The letters included questions about implementation plans and the importance of combating illegal call spoofing and unwanted robocalls.

In addressing the anticipated timeline for implementing the SHAKEN/STIR standards, FCC Chair Ajit Pai stated “[b]y this time next year, I expect that consumers will begin to see this on their phones . . . if it does not appear that this system is on track to get up and running next year, then [the FCC] will take action to make sure that it does.”

The FCC Press Release is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Facebook and Google Face Location Tracking Lawsuits

/ 0 Comments

Two recent class action-styled lawsuits have been filed against Facebook and Google, respectively, for allegedly tracking and storing user location data even after the user had turned off location tracking features.

In Heeger v. Facebook, Inc., the plaintiff claims that misleading conduct by Facebook “not disclos[ing] that turning ‘off’ Location History will have no impact on Facebook’s tracking, collection, and storage of users’ private location data.” Similar factual allegations are being made in Lee v. Google, Inc. Specifically, that statements made by Google lead users to believe that turning off Location History would disable that feature across all devices associated with a user’s account; instead, users must make changes in account settings in order to stop the data collection.

Both cases are pending in federal court in California. Claims asserted between the lawsuits include violation of the federal FTC Act and Stored Communications Act and violation of various state laws, including the California Invasion of Privacy Act and California’s constitutional right of privacy and the Colorado Consumer Protection Act.

Access the Heeger v. Facebook complaint here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

 

Read More
separator

California’s Connected Device Security Law

/ 0 Comments

California has become the first state to pass legislation to regulate the Internet of Things. The new law, which takes effect on January 1, 2020, applies to manufacturers of connected devices, which are defined as “any device, or physical object that is capable of connecting to the Internet, directly or indirectly, and that is assigned an [IP] address or Bluetooth address.”

Under the new law, manufacturers of connected devices must equip the device with reasonable security features that are appropriate to the “nature and function of the device” and the information that the device may “collect, contain or transmit.” Each device must also have a unique preprogrammed password. The law will not apply to any device that is already subject to federal security laws or regulations or to manufacturers are already covered by federal or state health privacy laws, including HIPAA.

It remains to be seen whether other states will follow California’s lead in enacting similar legislation. The text of the new legislation is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Small Businesses and the Equifax Breach

/ 0 Comments

Last year, credit reporting agency Equifax experienced a data breach that impacted 143 million consumers. Fallout from the breach included class action lawsuits initiated by various plaintiff classes such as consumers, financial institutions and a small business class.

In a recent motion to dismiss the claims of the small businesses, Equifax argued that the businesses lack the necessary “standing” to bring such claims, as the exposed data belonged to the owners of the small businesses rather than the businesses themselves. 

In response, the businesses argued that they are “foreseeable victims” in addition to their consumer owners and cite to the importance to small businesses of owner creditworthiness. The businesses pointed to damages incurred including credit reporting and monitoring and other steps that were taken to guard against the potential impact of the Equifax breach.The court has not yet decided Equifax’s motion to dismiss the small businesses’ claims.

The Consolidated Class Action Complaint for Small Business Claims is available here.  Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Suit Alleges Apple’s Website Not Accessible

/ 0 Comments

A visually-impaired and legally blind woman has filed a lawsuit against Apple, Inc. in federal court in New York, alleging that Apple’s website is not accessible and is therefore in violation of the federal Americans with Disabilities Act (“ADA”). Himelda Mendez claims that she tried to use the website with her screen reader but was unable to fully access the functions and features of the site. Specifically, Mendez alleges that the following constitute ADA violations:

  • Lack of alternative text (“alt-text”) or a text equivalent coded to each image so that screen-reading software can speak the alt-text where a sighted user sees the image;
  • Empty links that contain no text causing the function of the link to not be presented to a user; and
  • Redundant links where adjacent links go to the same URL address.

In addition to the ADA, Mendez alleges that the deficiencies also constitute violation of human rights laws of New York State and New York City. The Mendez complaint is available here.

Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

 

Read More
separator

Can Smart Cities be Hacked?

/ 0 Comments

Earlier this year, citizens in Hawaii experienced a false missile attack alert resulting from employee error. The potential for similar incidents caused by hackers in so-called “smart cities” has been identified by researchers at IBM X-Force Red and cybersecurity firm Threatware. Smart cities, including New York City, San Francisco, Chicago, Atlanta, Charlotte, North Carolina and Kansas City, Missouri use connected systems to operate municipal resources like traffic control and transportation, surveillance and to detect natural disasters.

Among the vulnerabilities the researchers identified were the use of default passwords and networks being exposed online. Potential hacking could cause traffic jams, false disaster alerts and hijacking surveillance systems. Each of the companies involved in providing the technology, Echelon, Battelle and Libelium have stated that the vulnerabilities have already addressed or are being dealt with.

An article with more information is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Pentagon Creating “Do Not Buy” Software List

/ 0 Comments

According to a Department of Defense official, the Pentagon has been working on a “do not buy” list of software vendors since early this year. Without identifying specific vendors or products, in a recent press conference, Ellen Lord, undersecretary of defense for acquisition, stated “[w]hat we are doing is making sure that we do not buy software that has Russian or Chinese provenance, for instance, and quite often that’s difficult to tell at first glance because of holding companies.”

This announcement comes on the heels of the Department of Homeland Security banning the use of AO Kaspersky Lab security products, solutions and services last fall. Kaspersky sued the government in an effort to lift the ban. In May, a federal court in Washington D.C. dismissed Kaspersky’s lawsuit for failure to state a valid claim.

An article with more information about the “do not buy” list is available here. Click here to see the DHS Statement on Kasperky Lab. The Kaspersky court dismissal is available here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator

Cybersecurity Risk Tops CEO Concerns

/ 0 Comments

Global advisory firm Willis Towers Watson recently released its 2018 Management Liability (Directors & Officers) U.S. Survey. When asked the question “to what extent are the following risks a concern for your organization in the coming year,” 80 percent of the respondents identified cybersecurity incidents and cyber claims. Claims brought by employees ranked second at 55 percent, followed by regulatory enforcement risks at 48 percent.

The survey was conducted across industries, including manufacturing, information technology and telecommunications, financial services, healthcare and general services. Respondent organization size varied from less than 25 employees to over 50,000 employees.

Access the executive summary of the report and a download link here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

 

Read More
separator

Court Won’t Enforce Uber’s Terms of Service

/ 0 Comments

The importance of making online and mobile app terms clear and conspicuous to users was reinforced by the recent federal appeals court decision in Cullinane v. Uber Technologies, Inc. The plaintiffs filed a proposed class action in Massachusetts state court alleging that Uber had violated a consumer protection law by inflating its fees around Logan International Airport. Uber removed the case to federal court, then filed a motion to compel arbitration based on a clause in its terms of service. The trial court granted Uber’s motion and dismissed the case and the plaintiffs appealed to the First Circuit.

The court of appeals examined the screenshots of Uber’s terms of service to determine whether the terms were conspicuous or “written, displayed or presented [so] that a reasonable person . . . should have noticed it.” The court noted that Uber chose not to use the common method of “requiring users to click a box stating that they agree to a set of terms, often provided by a hyperlink, before continuing to the next screen . . .[i]nstead rely[ing] on simply displaying a notice of deemed acquiescence and a link to the terms.” Further noting that the hyperlink was presented in white bold text in a gray rectangular box, the court found it was not conspicuous. The court reversed the dismissal and reinstated the case.

Review the court’s opinion here. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

 

 

Read More
separator

Banks Not Allowing Credit Card Purchases of Cryptocurrency

/ 0 Comments

Wells Fargo Bank has recently announced that its customers will no longer be able to make purchases of cryptocurrency using their bank-issued credit cards. This move is consistent with the stated practice of several other major U.S. banks including J.P. Morgan Chase, Citigroup and Bank of America as well as foreign banks including Canadian-based Toronto-Dominion Bank and the United Kingdom’s Lloyds Banking Group. Earlier this year, Mastercard and Visa reclassified cryptocurrency purchases as cash advances rather than a standard purchase.

The position taken by banks and credit card issuers is not surprising given the volatile nature of cryptocurrency. As an example, the value of Bitcoin, the first and still widely popular cryptocurrency, fluctuates many times a day. The value of a single unit of Bitcoin ranged from $6,500 to $7,500 in April, 2018, spiked as high as $9,845.90 on May 4, 2018 and was at $7,709.73 at the time of this update.

Click here for an article with more information. Contact us at Ossian Law P. C. regarding any information technology law matter.

© 2018 Ossian Law P.C.

Read More
separator


separator