VA Spam Law Overturned

The Virginia Supreme Court recently ruled that the state's anti-spam law is unconstitutional. The Court wrote that: "the statute is unconstitutionally overbroad on its face because it prohibits the anonymous transmission of all unsolicited bulk e-mails including those containing political, religious or other speech protected by the First Amendment to the United States Constitution." See this Washington Post article for more.

Compliance With The Red Flag Rules

This article reports that less than-third of US banks will be compliant with the Red Flag rules by the November 1 deadline. All told, U.S. financial institutions are expected to spend more than $200 million on compliance with the rules. For more on the Red Flag rules, see these posts.

Comcast Appeals FCC Decision

Following on a previous post, Comcast yesterday appealed the FCC ruling that it violated the Agency's net-neutrality principles. Take a look at the petition for review filed with the US Court of Appeals for the DC Circuit.

ABA Issues Outsourcing Ethics Opinion

Just yesteday, the ABA issued Ethics Opinion opinion 08-451 (not available online) dealing with the outsourcing of legal services. In brief, the Opinion permits outsourcing assuming both the attorney and the outsourcees adhere to certain standards of ethics and competence. See this ABA Journal article as well as this Daily Record article (subscription) for more.

FCC's Ruling On Net Neutrality

Following on my post from a little while back, the FCC finally published their Order regarding Comcast's violation of the Agency's net neutrality principles. The Order gives Comcast 30 days to disclose their method for managing internet traffic.

ID Theft Ring Uncovered

Prosecutors announced that they have uncovered the identities of the thieves behind the T.J. Max, Barnes & Noble, and The Sports Authority identity theft cases. The case, which involves 11 people, is being dubbed the largest identity theft case ever prosecuted. The thieves reportedly stole 40 million confidential records. Investigators say the suspects obtained their information largely through hacking into wireless networks. See here for a copy of the indictment.

New Copyright Suit Against YouTube

YouTube now faces a new copyright suit. Italian media company Mediaset has sued YouTube, alleging the video-sharing website unlawfully made use of thousands of copyrighted video clips. This latest suit comes after a similar suit by Viacom for $1 billion.

FCC Rules On Net Neutrality

The FCC issued its much anticipated ruling today on net-neutrality, alleging that Comcast interfered with the free nature of the web when it wrongly slowed some of its customers' Internet traffic. Consumer groups had initially sued Comcast but then later asked the FCC for a declaratory ruling on the matter. The FCC's opinion effectively changes the playing field by making the US government a regulator of the internet. The FCC's Memorandum Opinion and Order (FCC 08-183) is not yet available online.

Identity Theft Monitoring Services

Many companies offer these services as additional protection for identity theft. Are they worth purchasing? Are they effective? Privacy Rights Clearinghouse recently published this new guide: "Straight Talk about Identity Theft Monitoring Services."

Unsolicited Text Message Suit Given Go Ahead

TMobile's attempt to dismiss a class action suit filed by disgruntled TMobile users has been dismissed. The suit, Zaldivar v. T-Mobile USA, alleges that TMobile forces cell phone users to pay for unsolicited text messages. Filed on July 15 in the Federal District Court for the Western District of Washington state, the suit alleges breach of contract, unjust enrichment, and violations of Washington’s Consumer Protection Act.

Net Neutrality Suit On Hold

Jon Hart's suit against Comcast has been put on hold. Hart, a Comcast subscriber had sued Comcast alleging that the company is violating FCC net neutrality principles by interfering with certain types of internet traffic. The case has been put on hold until an FCC investigation into the matter has been concluded. The suit, originally filed in California Superior Court, has since been removed to federal court.

Deadline For Red Flag Rules Approaching

With the so-called Red Flag rules set to become effective on Nov. 1, the FTC is beginning a campaign to help educate the public on the details of the new regs. The FTC recently published an Alert to help companies better understand the law. The Red Flag rules require certain types of companies to implement identity theft prevention programs. See this previous post for more info.

McAfee's Spam Experiment

In an effort to better understand spam, McAfee recently commissioned 50 people to surf the net without any anti-spam/spyware protection for a period of a month. At the end of a month, the 50 participants had received 104,000 unsolicited messages, totalling around 70 messages a day for each participant. One of the findings was the amount emanating from outside the US. Of the 104,000 letters, only 23,233 were in English. During the month-long experiment, McAfee encouraged the participants to log their experiences in a blog. Check out the blog here.

New Spam Rules Go Into Effect

New CAN-SPAM rules, published in May, went into effect yesterday. Among other things, the new rules clarify who is obligated to comply with CAN-SPAM, clarify the definition of “sender,” and include new unsubscribe requirements. See this article for more info. For help complying with CAN-SPAM, including the new rules, see this White Paper from ExactTarget (free registration required).

2008 Security Breach Report

The Identity Theft Resource Center recently published their 2008 security breach incidence report. For each incident the report provides the number the exposed records, the breach type (print or electronic), and a link to a news article about the incident. So far in '08, the report counts 346 security breach incidents totalling upwards of 16 million exposed records.

California Expands Identity Theft Law

California Governor Arnold Schwartzenegger recently signed into law SB 612 which makes it easier to prosecute identity theft crimes in California. Under the old system, prosecutions could only take place where the crime occurred, which is usually in the perpetrators' towns or cities. With the passage of this bill, prosecutors can now charge people with identity theft in the jurisdictions where the victims live. This is significant because prosecutors are generally more aggressive when they're fighting criminals in their home town.

New Guidelines To Deal With SPAM

This article discusses new guidelines released by The Messaging Anti-Abuse Working Group (MAAWG) intended to reduce spam. According to the article, the new guidelines (which do not appear to be available online) recommend that ISPs use separate servers for received and forwarded e-mails, and that they block port 25, through which spam travels. Even if the guidelines were successfully adopted, though, there's no indication that they would be successful. Still, this might be a start.

Texas AG Settles With EZCORP Over Identity Theft

The Texas Attorney General's Office announced a settlement yesterday with EZCORP over the company's failure to adequately safeguard customer's personal information. Apparently, the company had simply dumped 483 customer records laden with social security numbers and other highly sensitive information in the trash. The AG's office filed suit under Texas Business & Comm. Code Section 48-102, claiming the company had failed to implement "reasonable procedures" to safeguard customers personal information. The AG's website includes a picture of a credit application that was found in the trash.

Web Site Liability For Third Party Content

The question of when a website owner becomes liable for content posted by third parties has been around for some time. As far back as 1997, the Courts were already dealing with this issue (See Zeran v. AOL). In the past several months a number of new opinions on this issue have appeared. In May of this year, the 9th Circuit case Fair Housing Council v. Roommates.com tackled the issue of whether an online roommate matching website should be held liable for violation of the federal housing discrimination laws, since certain postings discriminated against particular groups. The Court held that the website could be held liable because it used drop-down menus to limit users' choice as to the content of their listing. As a result, the safeharbor provisions of the Communications Deceny Act (CDA) did not apply. On the other hand, in March of this year, the 7th Circuit in Chicago Lawyer's Committee v. Craigslist found Craigslist immune under the CDA for user posted listings which likewise discriminated against certain groups. The distinction between the two rulings appears to be that once a website operator takes an active involvement in the generation of content (as was the case in the Fair Housing decision), the safeharbor provisions of the CDA no longer apply.

Suing For Identity Theft Using RICO

Check out this National Law Journal article, "RICO And Data Thieves" (subscription). Historically, data theft has been largely prosecuted using the Computer Fraud and Abuse Act (CFAA). The author, Nick Akerman, suggests that filing suit under the Racketeer Influenced and Currupt Organizations (RICO) statute might have some advantages. As the author points out, RICO, unlike the CFAA, provides for treble damages and attorney fees.