attached is the discussion instructions and the required reading material (chapter 14 and 15). Answer the questions substantively and utilize the reading material and one outside scholarly source to support claims.

Internet domain names are linked to trademark issues. Technology makes it easy to copy and distribute music and movies without paying royalties. Business conducted on the internet raise security and privacy issues. What legal concerns are raised by these issues? Predict which of these issues will be of major concern in the future in regard to the law and business practices. Your initial post should be at least 250 words in length. Support your claims with examples from the required reading material and one outside scholarly source, and properly cite the reference. Unit V Business Law in the 21st Century CHAPTER 14: Cyberlaw CHAPTER 15: International and Environmental Law 286 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 286 9/20/16 11:03 AM B usinesses increasingly operate in a global environment, one linked together by electronic communication that is almost instantaneous, and that now enables even small businesses to do business on an international level. The Internet has vastly increased opportunity for both businesses and consumers, but it also has brought new hazards in the form of security and privacy issues.

In Chapter 14, we will look at some of the major concerns involving law and the Internet. As companies increasingly move across national boundaries, an awareness of international law is important for the business student. In Chapter 15, we will discuss laws impacting import and export of goods, international contracts, and some of the problems that can arise when one country’s laws conflict with another’s. We will also examine the major areas of environmental regulation, noting both where legal protections have been effective, and where they have fallen short. As the world grows increasingly interdependent, in terms of both economies and resources, business practice and the law will both continue to evolve.

These chapters will introduce business students to topics critical to globalization, and hopefully pave the way for future understanding as changes take place. 287 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 287 9/20/16 11:03 AM © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 288 9/20/16 11:03 AM 14 Cyberlaw Learning Objectives After studying this chapter, you will be able to: 1. Distinguish the major statutes regulating cyber activity. 2. Define spam, phishing, click-wraps, and cookies. 3. Describe the issues relating to privacy and the Internet. 4. Explain how legal issues about sales tax affect business on the Internet. Lucenet Patrice/Oredia Eurl/SuperStock Chapter Overview 14.1 J urisdiction and the Problem of Enforcement 14.2 Computer Crime • • • • Hacking Identity Theft Fraud Phishing 14.5 E-Contracts • Click-Wrap Contracts • Sales Tax 14.6 Intellectual Property • The Digital Millennium Copyright Act (DMCA) • The Stop Online Piracy Act (SOPA) 14.7 Chapter Summary 14.3 Cyber Torts • Focus on Ethics • Case Study: American Guarantee & Liability Insurance Co. v. Ingram Micro, Inc. • Case Study: E. & J. Gallo Winery v. Spider Webs Ltd. • Critical Thinking Questions • Hypothetical Case Problems • Key Terms 14.4 Privacy • • • • • Cookies and Privacy E-Mail and Privacy Commercial E-Mail and Privacy The Constitution and Privacy Computer Crime and Privacy 289 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 289 9/20/16 11:03 AM Section 14.1 Jurisdiction and the Problem of Enforcement CHAPTER 14 T he incredible capabilities of computers and the growth of the Internet have greatly increased opportunities in the business world, but have also resulted in new risks for both businesses and consumers. Technology makes it possible for us to communicate with anyone in an instant, to buy goods with a click of a mouse, and to gather vast amounts of information with unprecedented speed and efficiency. So, too, does the brave new world of electronic communication present a challenge for the law. How do we translate the traditional contract rules of offer and acceptance in a world of electronic transactions? What are the limits on how others collect and use our personal data? How do we balance the free flow of communication and information with the protection of our privacy? These are just a few of the issues this chapter will explore. In many ways, the Internet is the Wild West of the new millennium, full of both opportunity and danger! Cyberlaw is a broad term used to refer to rules dealing with this digital Wild West, with the Internet and computer technology. In some cases, well-established areas of law such as torts and contracts have evolved to deal with situations arising from computer use. In others, legislatures have to enact new statutes when existing laws fall short. The main categories of cyberlaw include criminal law, tort law, contracts, and intellectual property. Note that there are issues that overlap these different segments of the law. For example, statutes such as the Digital Millennium Copyright Act contain both criminal and civil provisions, and privacy concerns in the cyber sector have spawned legal developments in multiple areas of the law. 14.1 Jurisdiction and the Problem of Enforcement R egardless of what the law says about behavior in cyberspace, there is a major problem when it comes to enforcement of the rules in physical space. The Internet has no regard for state or national boundaries. A hacker in Russia can target your computer as easily as someone who lives next door to you. Counterfeiters in China do a huge trade in bootleg DVDs of Hollywood movies, sometimes hitting the market even before the movie has been released. The hacker and the counterfeiter are both violating the law, but what can you do about it? The answer may well be nothing. One obstacle is identifying the culprit. The Internet allows a certain degree of anonymity, and even if a particular account is identified as where the action Digital technology has made it much more difficult to police copyrights and prevent counterfeiting. gzorgz/iStock/Thinkstock 290 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 290 9/20/16 11:03 AM CHAPTER 14 Section 14.2 Computer Crime originated, the Internet Service Provider (ISP) may not cooperate in identifying who the account belongs to. Even if that problem can be overcome, and you know who is responsible for the offense, the problems of suing someone in a foreign country, particularly one not known for cooperation with the United States, are huge. And suppose you sue and win and now are seeking to collect your damages? Enforcing a judgment depends on the government of the country where the defendant’s assets are located. 14.2 Computer Crime Hacking Computers are both victims and tools of crime. A common computer crime is hacking, where a person gains unauthorized access to a computer from a remote location. Hackers may maliciously target a computer to raid its data or damage it through the use of viruses, and of course they are usually using computers and software programs to commit these offenses. In the early days of computers and the Internet, many unauthorized incursions of this type were not covered by existing law. Example 14.1. A graduate student improperly uses university computers and databases to do personal research. If he had legally paid for the service, it would have cost about $12,000. Is this theft? He has not “taken” any information from the computers; he’s just shared it. And while the old saying goes “Time is money,” the common law says that time and money are actually very different things! So the student could not be convicted of a crime under traditional rules. Cases such as this eventually resulted in the creation of new regulations including the federal Computer Fraud and Abuse Act of 1986 (CFAA). The CFAA applies to any computer on the Internet (which today is the vast majority of them) and prohibits computer trespass, fraud, espionage, theft, damage to a computer such as planting viruses or worms, and selling of computer passwords, among other things. Example 14.2. David, a college student, accesses Gov. Sarah Palin’s Yahoo e-mail account by guessing the answers to the prompt questions that allow the password to be reset. He posts the new password on a public bulletin board, allowing access by others. In 2010, David is convicted of unauthorized access and sentence to one year and one day’s imprisonment. However, the CFAA only applies within the United States, which considerably limits its effectiveness. Many hackers operate from outside the United States, even if their victims are in this country. Example 14.3. On November 24, 2014, a massive cyberattack was launched against Sony Pictures Entertainment by a group calling themselves the Guardians of the Peace. The attackers wiped out the data on thousands of Sony’s computers and servers and stole a wide range of data including movie scripts, emails, and films. They also made off with personal 291 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 291 9/20/16 11:03 AM CHAPTER 14 Section 14.2 Computer Crime employee data including 47,000 social security numbers. Much of this data was subsequently posted on the internet. The FBI concluded that North Korea was responsible for the attack, although some private security experts have suggested that it was an inside job. Despite the CFAA, hacking continues to occur on a regular basis. As massive as the Sony hack was, it only ranked as the 33rd largest data breach of 2014. The largest data breach in 2014 occurred earlier in the year when an eBay database was hacked, resulting in over 145 million customer records being compromised. Identity Theft Another law targeting criminal behavior on the Internet is the Identity Theft and Assumption Deterrence Act of 1998, which prohibits use of false identification to commit fraud or other crimes. Identity theft is a growing problem: in 2014, approximately 17.6 million U.S. residents age 16 or older (about 7%) were the victims of identity theft. The law gives victims a right to sue for damages, but possibly more useful (since a victim may never know who put that $5,000 charge for Racy Stacy lingerie on his card, and thus will be unable to sue him or her!) is the provision that limits liability to the first $50 when a stolen card has been used. It is important for victims to report identity theft to credit card companies as soon as possible, so as to limit the liability for the fraudulent credit card charges. Fraud Fraud is an enormously common crime committed via the Internet and takes many different forms. One common variety is the Nigerian Letter scam, in which the victim gets an e-mail purporting to be from a Nigerian government official who seeks help in transferring funds out of the country; the would-be official is willing to pay a large sum of money to whoever allows the funds to be transferred into their personal bank account. Of course, whoever actually agrees to help is actually the victim of the crime since he will need to provide the “Nigerian official” personal bank account information so that the funds can be transferred. The perpetrator of this fraud then uses the information to raid the victim’s account. To many, this may seem like such an obvious hoax as to be laughable, but millions of dollars are lost annuE-mail has become a favorite tool of scam artists. ally to such fraudulent schemes. © 2009 Justin NB Francis/Just One Film/Getty Images Phishing Another fast-growing area of crime is phishing, where the victim receives an e-mail that appears to come from a site such as PayPal, eBay, or a bank, asking her to verify her account information. Clicking on the link provided takes the victim to a “dummy” site, one that appears to look legitimate but in fact is a clever counterfeit. When the victim logs in, her account information is then transmitted to the phisher. 292 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 292 9/20/16 11:03 AM CHAPTER 14 Section 14.3 Cyber Torts The Federal Trade Commission also has regulations that apply in the area of consumer fraud and deceptive practices committed via the Internet, and some states have passed additional statutes. California, for example, requires companies to inform consumers when their personal information has been the target of unauthorized access. 14.3 Cyber Torts T here are a number of torts that can be committed in a cyber setting as well as in the “real” world. Consider defamation, which is the publication of a false statement about the plaintiff that harms the plaintiff’s reputation. Example 14.4. Puppy Love is the doggie day care and boarding business operated by Jenny Love. Fred tells Maggie that Puppy Love mistreats dogs, hiding them in overcrowded kennels when their owners aren’t around. Maggie in turn tells other neighborhood dog owners, and Puppy Love loses a great deal of business. Assuming this claim is untrue, both Fred and Maggie can be liable to Jenny Love for defamation under the common law. If Fred had instead posted the defamatory statement on his website, he would still be liable. But note that the ISP that hosts Fred’s site is not liable for passing on the information in the same way that Maggie is. Under the Communications Decency Act of 1996, ISPs and Web hosts are not liable for information posted by others, because they are not the content providers. The law recognizes the reality that the volume of communication is such that to require a site or provider to police content might severely restrict the flow of free speech. If Fred posted the statement on an Internet bulletin board, Everything Dogs, that site is likewise not liable. But if Everything Dogs has a policy stating they will investigate and respond to complaints and three months after Jenny Love has asked them to remove the post, they still have not acted, they may have liability under a contract theory. The property torts of trespass and conversion can also be committed in computer situations. Example 14.5. Keisha is a realtor with Sunshine Realty who maintained a client list on her computer at the Sunshine office. Keisha’s contract with Sunshine specifies that she is an independent contractor who retains ownership of her work product. After a disagreement with Sunshine’s management, Keisha decides to leave the firm. Sunshine refuses to give her access to her list. Even though the list exists in electronic, rather than tangible, form, Sunshine is still interfering with Keisha’s ability to possess her property, so Sunshine may be liable for conversion. Example 14.6. Alpha Corp has done business via the Internet with Beta Inc. Unknown to Alpha, Beta has installed software on Alpha’s computers that interferes with the speed at which the computers operate. Beta may be liable for trespass. 293 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 293 9/20/16 11:03 AM CHAPTER 14 Section 14.4 Privacy 14.4 Privacy T he same tools that contribute to the ease and speed of Internet communications (think one-click shopping, which lets you buy without always reentering your address and credit card information) also present a threat to personal privacy. Interestingly enough, federal law does not require companies to have a privacy policy. However if a company chooses to have a policy, it must comply with it. Cookies and Privacy The lack of regulation means that most popular websites routinely install thousands of tracking tools (often called “cookies”) on the computers of consumers who visit. The cookies track such information as what websites you visit, but also record the keystrokes you enter online. This information is often then sold to marketers, who use it to target online advertising. But the security implications go beyond a consumer’s being plagued with unwanted ads. Once that information has been recorded, it may be accessed by hackers, or by the government, and used in harmful ways. Congress has acted to protect children specifically with the Children’s Online Privacy Protection Act of 1998 (COPPA) that prohibits Internet operators from collecting information from children under 13 without their parents’ permission. Sites must also disclose how they will use any such information. Mrs. Field’s Cookies ran afoul of the law when their site offered birthday coupons for free cookies to children; they were collecting names and birth dates without parental consent. The European Union has taken a more proactive approach, requiring sites to offer an “opt-in” system under which tracking cookies may not be used unless the consumer has authorized it. The website must also state how the tracking devices will be employed. E-Mail and Privacy Many people routinely discuss very personal matters via electronic communications such as e-mail, and use computers in ways they would not like to see made public. Suppose Sally is using her work e-mail account to tell her best friend all about her recent divorce. Could her employer read this e-mail? Or Bob has downloaded child pornography using his computer at the office after hours, although he subsequently deleted all the images. A coworker tips off the police. Can the police then obtain a warrant, seize the computer, recover the images, and use them as evidence against Bob? In all likelihood the answer to both these questions is yes because most employers have stated policies that make clear that office computers and e-mail accounts belong to the employer and information transmitted or stored is not confidential. The Electronic Communications Privacy Act of 1986 does prohibit unauthorized access to, or disclosure of, e-mail and transmissions from pagers or cell phones. Despite this lack of actual privacy, sitting alone at your computer does create an illusion of privacy. Perhaps the best advice is to never say anything on the Internet that you would not say in a crowded café, where the person eavesdropping at the next table might be a police officer or your worst enemy! 294 © 2016 Bridgepoint Education, Inc. All rights reserved. Not for resale or redistribution. rog80328_14_c14_286-306.indd 294 9/20/16 11:03 AM CHAPTER 14 Section 14.4 Privacy Commercial E-Mail and Privacy A different type of privacy issue—and a very common one for many e-mail users—is the flood of unwanted e-mail that appears in your inbox (frequently advertising things such as penile enlargements and drugs to enhance your sex life). Known as spam, this e-mail is not banned but is regulated by the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM). This law prohibits deceptive headings (To, From, Subject, etc.) and requires an unsubscribe option and that the advertiser proSpam is the modern form of junk mail. vide a legitimate physical address, among other Devonyu/iStock/Thinkstock things. Unfortunately this law does not seem to have had much effect and spam continues to be a problem for computer users. There have been a few tort lawsuits arguing that unwanted e-mail in volume is a kind of trespass, but courts have generally refused to allow damages for sheer annoyance, instead restricting liability to situations in which the plaintiff’s computer is actually damaged.