Privacy and security. Computers have become a ubiquitous and integral part of business life. One result has been a heightened fear of privacy and security breaches. Privacy refers to the right, usually of individuals, to keep private information private. Security, on the other hand, refers to the protection of data from hackers and others who steal data and corrupt systems.
Privacy. Several pieces of federal legislation have been enacted in order to safeguard individual privacy. One of the first was the Electronic Communications Privacy Act of 1986, which extended the rules for telephone transmissions to email transmissions. Thus, it is illegal to intercept the communication without authorization. The law also prohibits Internet service providers from disclosing email stored on their servers.
The Health Insurance Portability and Accountability Act of 1996, which expanded the rights of employees to take health insurance coverage with them when they change jobs, contains important privacy restrictions regarding electronic sharing of patient health information. The law prohibits health providers from disclosing sensitive health information to third parties.
The Children's Online Privacy Protection Act of 1998 prohibits Internet service providers from gathering or sharing personal information on children 12 and under without their parents' consent. The child's email address is considered to be personal information.
The Gramm-Leach Bliley Financial Modernization Act of 1999, which broke down many of the barriers between banking and insurance and created new opportunities for financial services companies, contains privacy restrictions that require the banks to protect their customers' confidential information.
The Computer Fraud and Abuse Act forbids unauthorized access to financial institution records, and the Electronic Funds Transfers Act requires that financial institutions tell customers the conditions under which they will share information with third parties.
The USA Patriot Act of 2001, however, which followed the events of 9/11, allows the federal government to obtain stored email messages under certain conditions and expands its right to conduct surveillance.
Security. The growing reliance on computers has brought about heightened concerns about security in the business community for two reasons. First, with the Internet boom of the 1990s, businesses are now networked and connected in ways not previously thought possible, which has increased productivity but has also made hacking into systems far easier. Second, businesses have begun to outsource many of their businesses processes, often to Web-based providers, which has also given hackers greater access to business systems.
Most states, including Illinois, have laws criminalizing security breaches. One concern among many businesses, however, is not just the damage that hackers may do, but the liability that the company may have to customers whose privacy is violated. The hackers, of course, are ultimately responsible, but they may not be so easy to find.
Several federal laws have been enacted to help companies fight security breaches. The Federal Economic Espionage Act of 1996 forbids the stealing and sharing of trade secrets, which are defined broadly in the statute.
The Computer Fraud and Abuse Act of 1999 forbids the unauthorized entry of a computer and applies to entries that cause at least $5,000 in damages.
Intellectual property. There are four main types of intellectual property law: patents, trademarks, copyrights, and trade secrets. Patents are given on inventions. Trademarks are acquired on logos or symbols, such as Nike's swoosh. Copyrights protect forms of expression, such as books or songs. Trade secrets are business methods or processes that given its owner a competitive advantage and are secret from competitors.
A patent is a right granted by the government on the creator of an invention to make, use, and sell the invention for a set period of time. In the U.S., an inventor has one year from the invention's first public use or sale to apply for a patent with the U.S. Patent and Trademark Office. A patent issued by the PTO is good only in the U.S., although treaties exist with other countries that allow the inventor to file for a patent in other countries.
Once granted, a patent forbids others from making, using, offering to sell, or selling the invention. The protection extends to knockoffs, and it applies to attempts to export the invention to other countries. For more information, see
Trademark rights in the U.S. are acquired by applying to the U.S. Patent and Trademark Office. Those interested in using their trademark only in Illinois can apply to the Illinois trademark offices, although as a practical matter it usually makes sense to apply only to the U.S. office because the trademark applies throughout the country.
Trademark owners can also acquire what is referred to as a common law trademark right from using the trademark in the marketplace rather than through an application to a government agency. Generally, the common law right extends only to the area where it was actually used. For more information, see
Copyrights apply to original works of authorship in any medium. Copyright protection gives the owner of the copyright an exclusive right in that product. It applies to literary works, musical works, dramatic works, pictorial works, architectural works, and software.
Copyrights are obtained by registering with the U.S. Copyright Office. If granted, the copyright is created when the work is completed.
One important thing to remember about copyrights is that they do not protect the idea. They only protect the expression of the idea. Thus, you can get a copyright on the great American novel once you finish it, but you can't protect the concept that exists in your head for what will be in it.
Trade secrets include methods, processes, formulas, and other business information, such as customer lists. One example is the process McDonald's uses to cook its French fries. In order for something to be considered a trade secret, the owner must make a reasonable effort to keep the information secret.
Trade secrets, unlike the other types of intellectual property, cannot be registered. There are laws, however, that protect trade secret owners. The main one is the Uniform Trade Secrets Act, which has been adopted in Illinois.
The greatest danger for disclosure of trade secrets is from employees who leave and go to work for a competitor. Most companies require employees who might be in a position to learn trade secrets to sign contracts promising not to disclose the secrets, and the courts generally uphold such agreements.
Those who steal trade secrets can also be prosecuted criminally, under the Economic Espionage Act of 1996. Trade secrets are valid forever, as long as secrecy is kept. If a trade secret is revealed, it is lost forever.
Content restrictions. The constitutionally guaranteed free speech protections apply to the Internet just as they apply to other types of communication. The same limitations apply as well. For example, efforts by Internet service providers to protect their customers from spam email messages have raised free speech complaints from those who send the messages. The complaints have failed, for the most part, because the First Amendment protections would apply only if the government were trying to stop the messages.
Contracts. Online contracts are required to meet the same conditions as any contract. There must be an offer, an acceptance of the offer, and consideration. One interesting twist provided by computers is the question of the extent to which clicking a button manifests an acceptance of an offer. The courts have generally held that point-and-click agreements are valid contracts and that by clicking on the button, the party has accepted the offer stated in the contract. The same limitations would also apply, so that if someone accidentally hit the button, acceptance would not have occurred.
A second issue is the extent to which an electronic signature satisfies requirements that a contract must be signed. A federal law, the Electronic Signatures in Global and National Commerce Act of 2000, gave electronic signatures the same binding effect that a signature on a piece of paper has.
Taxation. Electronic commerce presents a slew of taxation-related difficulties because many of the source rules used to determine the right to impose a tax don't apply. Buyers could be in any state or in almost any country. The ease of purchase has radically changed the rules. If a U.S. seller imposes a tax on online purchases, what is to prevent the buyer from going elsewhere for the same product?
One of the most important discussions underway is the right of the states to impose sales and use taxes on Internet transactions that have a sufficient connection to their state. The states are concerned that as Internet transactions become more popular, an important source of revenue for them will dry up if they don't impose sales taxes. At present, there is a moratorium on levying taxes on Internet transaction. The chorus to allow states to collect sales taxes, however, is growing and a levying of sales taxes on Internet transactions seems inevitable.
Torts. Torts can be committed online just as they can be committed off-line. Fraud and defamation, for example, are probably easier to commit online than they were off-line.
One area that has received scrutiny in recent years is the liability of an Internet service provider for the acts of its subscribers. If a subscriber defrauds someone, is the Internet service provider liable to the injured party? The general rule that has developed is that Internet service providers are not liable, but they are under a duty to stop a wrongful act once they have notice of it. Thus, once the Internet service provider learns that a defamatory message has been posted to its chat room, the Internet service provider must remove it.
The Digital Millennium Copyright Act protects Internet service providers from copyright infringement unless they fail to act after having notice of the infringement. The Communications Decency Act protects Internet service providers from liability for defamatory statements made by subscribers. Once again, the Internet service provider must remove the offending statement once it has notice of the posting.