Category Archives: Internet Law

CLOUD Act: International Data Sharing Bill Quietly Passes; Crypto Community Not Impressed

CLOUD Act lawyerIn addition to the $1.3 trillion spending bill, lawmakers unanimously gaveled the Clarifying Overseas Use of Data (“CLOUD Act”) into federal law books. Its ratification may impact cryptocurrency investors.

What Does The CLOUD Act Do?

Essentially, the CLOUD Act allows law enforcement authorities to:

  1. Access users’ files, messages, and emails on any server anywhere in the world.
  2. Give data from U.S. servers to foreign authorities, in certain situations.

Politicians and Big Online Businesses Are Happy About The Cloud Act

A supporter of the bill, Orrin Hatch, opined:

“The CLOUD Act bridges the divide that sometimes exists between law enforcement and the tech sector by giving law enforcement the tools it needs to access data throughout the world while at the same time creating a commonsense framework to encourage international cooperation to resolve conflicts of law.”

What do the big online players (Microsoft, Facebook, Google, Apple, Yahoo!) think of the new Internet law? They seem to be for it. In a joint statement, the big 5 enthused:

“The new Clarifying Lawful Overseas Use of Data (CLOUD) Act reflects a growing consensus in favor of protecting Internet users around the world and provides a logical solution for governing cross-border access to data. Introduction of this bipartisan legislation is an important step toward enhancing and protecting individual privacy rights, reducing international conflicts of law and keeping us all safer.”

Cryptocurrency Investors and the ACLU Are NOT Happy About The Cloud Act

Cryptocurrency investors, however, aren’t thrilled with the new law.

“The CLOUD Act passed. It destroys privacy globally, so it had to be snuck into the $1.3 trillion omnibus without debate. Encrypt. Encrypt. Encrypt. Go Dark. When privacy is criminalized, only criminals have privacy. We got sold out, again,” remonstrated industry author Andreas Antonopoulos.

The American Civil Liberties Union (ACLU) also isn’t a fan of the new legislation, noting, in particular, its infringement on Fourth Amendment rights.

Connect With A Cryptocurrency Lawyer

Are you a blockchain company or cryptocurrency investor worried about how the CLOUD Act could affect your business or personal investments? If so, give us a call. We’ll review the situation and lay out several options.

Gordon Law is a leading cryptocurrency law firm that handles all manners of situations and solves all manners or fintech problems. We know all the legal ins-and-outs of the token investment market.

Get in touch today to begin the conversation.

Online Business Law: Is Your Auto-Renewal Setup Compliant?

Auto-Renewal online checkout rulesA lot of online businesses are running auto-renewal subscriptions that shirk FTC regulations.

Auto-Renewal Subscriptions: Common and Convenient

Auto-renewal subscriptions are a win-win for companies and consumers. They afford businesses better forecasting abilities and improve retention rates. For users, automatic renewals and payments save time and money (late fees be gone!).

Auto-Renewal Subscriptions: Compliance Standards

Authorities Slap eHarmony With Auto-Renewal Legal Action

Businesses must understand that Auto-renewals are bound by nuanced compliance standards. In fact, authorities from four California counties recently slapped  online dating platform eHarmony with a lawsuit because the company allegedly “did not clearly and conspicuously explain the automatically charged subscription fee, did not provide the consumer with their dating contract, or explain their right to cancel as required by law.”

To be fair, it doesn’t appear that eHarmony purposefully tried to pull the wool over customers’ heads, but they did overlook standing regulations. In the end, the dating website settled; it paid $1.28 million to the claimants, and an additional $1 million to affected consumers. Site updates are also part of the deal.

The FTC Is On The Prowl For Auto-Renewal Violators

It’s also only fair to note that eHarmony isn’t an outlier when it comes to auto-renewal legal troubles. Blue Apron, Birchbox, and LifeLock have all tangled with the FTC over the issue.

Just as the FTC is stepping up social media marketing enforcement, the agency is also cracking down on auto-renewal compliance. To make matters even more critical, on July 1, California will press play on a new auto-renewal law.

Use Several Disclosures throughout the Checkout Process

A single notification or clause buried in a user agreement doesn’t cut it. Auto-renewal compliance is a multi-tiered process. The checkout notifications must conspicuously feature several “We Will Charge You On A Regular Basis” warnings at specific points.

Companies that offer free trial periods must clearly publish the post-trial price, recurrence schedule, and cancellation information before the final checkout page. Make sure to delineate device restrictions, as well.

The final checkout page should include:

  1. A summary of all the disclosures and terms;
  2. A clear link to the terms of service, with a checkbox the user must tick to indicate their agreement;

Once a purchase is complete, users should be presented with a confirmation page that conspicuously gives cancellation information and contact information.

Remember, it’s almost always not enough to state a disclosure once. Complying with FTC standards means including disclosures several times throughout the online checkout process.

California’s New Auto-Renewal Law (ARL)

California’s auto-renewal law (ARL) requires companies to implement online cancellation options for online auto-renewal subscriptions. To put it another way: On July 1, it will be against regulations to only provide call in, or mail cancellation options for auto-renewal subscriptions initiated online. Moreover, to comply with California’s auto-renewal laws, companies that offer subscriptions with renewal periods longer than 30 days must remind users, 30 to 45 days in advance, of the impending auto-renewal charge.

Connect With An FTC Compliance Lawyer

Now is the time to review your online checkout process and concomitant SaaS and subscription agreements to ensure they comply with federal, state, and local regulations. Believe it or not, depending on your client base, you may even have to contend with E.U. online privacy and e-commerce regulations.

We can help you sort through the FTC compliance maze. Let’s chat about it. The consultation is on us.

Internet Law Legislation: Data Security and Breach Notification Act

data security breach notification actAre companies required to inform customers of digital data breaches immediately? Sometimes yes, sometimes no — and sometimes it all depends on situational details and state regulations. But some lawmakers are urging uniformity and recently introduced a bill that would do just that: The Data Security Breach Notification Act.

Data Security Breach Notification Act: The Basics

Currently, local and state laws form a patchwork of data breach notification regulations, but United States federal code is mum on the matter.

To rectify the situation, some Senate Commerce Committee members are trying to revive a bill that requires companies to notify users straightaway in the wake of a data-exposing hack.

What if months pass before a business discovers that it’s been pwnd? The legislation considers this genuine possibility and includes provisions stipulating that actionable violations must be “intentionally and willfully” concealed.

Data Security Breach Notification Act: Penalties

What penalties are politicians proposing? The current draft calls for fines and up to five-year prison sentences for egregious and recidivist offenders. In addition to prescribing penalties, lawmakers are also looking at ways to incentivize the use of technology that renders stolen data unusable.

Data Security Breach Notification Act: The Incidental Impetus

The bill revitalization attempt comes in the wake of the Uber and Equifax digital breaches that affected millions of people (Uber, about 57 million; Equifax, about 145.5 million) — and raised eye-brows because of the way executives in each company reacted. People questioned: Does Uber care about customer privacy, because the company was willing to pay hackers $100,000 in hush money and didn’t alert affected parties in a timely manner? And “Why did Equifax wait over a month to alert the public about the breach? That doesn’t seem too customer-focused.”

Are these questions fair? Like everything else in life, it’s complicated. Of course we all, as consumers, want businesses to be mindful of personal data. But as many companies know, hacks happen to even the most secure operations. And sometimes, the reputation-to-effort assumptions made in the wake of a breach can be unfairly devastating.

Connect With An Internet Lawyer

Gordon Law helps businesses navigate legalities related to online privacy and data hacking incidents. To learn more about our Internet law practice, start here. If you landed on this page because you’re in search of a digital security breach attorney, get in touch. We know what to do, and we’re ready to help guide you through the legal maze.

Puerto Rico Tax Haven: Best For Internet Businesses

Puerto Rico tax havenLooking for a “tax haven”? Consider Puerto Rico. The U.S. territory passed two laws which offer significant tax benefits to lure businesses and residents to the island.

Puerto Rico is a U.S. Commonwealth; it’s part of the US, but enjoys a level of independence that includes tax breaks not available in other states and jurisdictions.

Puerto Rico Tax Haven: Act 20 Basics

On January 17, 2012 Puerto Rico enacted the “Act to Promote the Export of Services” — a.k.a., Act 20. The provision bestows tax exemptions and credits on businesses engaged in eligible activities on the island. To leverage Act 20, businesses must apply for a tax concession and obtain an exemption decree. The decree is available for 20 years, with a possible 10-year extension.

Puerto Rico offers generous tax incentives to eligible businesses. For example:

Puerto Rico Tax Haven: Act 22 Basics

At the same time, Puerto Rico enacted the “Individual Investors Act” — a.k.a., Act 22. A resident cultivation attempt, the law obliterated all manners of tax obligations. Eligible participants enjoy:

Exemptions under Act 22 are valid through December 31, 2035.

Puerto Rico Tax Haven: Act 20 and 22 for Internet Business

To make conditions even more attractive, Puerto Rico recently eliminated the five employee requirement. After moving your business to Puerto Rico, you will only pay 4% on Puerto Rico sourced business profit. And if you yourself move to Puerto Rico as well, you can then pay all the profits as dividends to yourself which are 100% tax exempted. Therefore, since many internet businesses are highly portable, relocating to Puerto Rico is relatively easy and may give you one of the most competitive tax incentives around. Besides, the year-around summer weather!

Disclaimer: This article is not intended to provide legal advice. Please consult an attorney for legal advice for your particular situation.