CHAPTER FORTY-FOUR
CYBERLAW
CHAPTER OUTLINE
I.
Privacy
A. Internet Tracking
1. Of Cookies and Caches
2. The State of Privacy on the Internet
B. Self-Regulation of Online Privacy
C. The Failure of Self-Regulation
D. Government Regulation of Online Privacy
1. Children’s Online Privacy Protection Act of 1998
2. The FTC Seeks Help from Congress
3. The Role of the Courts
E. Your Hard Drive as Witness (Against You)
1. Criminal Law
2. Civil Litigation
F. E-Mail
1. Electronic Communications Privacy Act of 1986
2. Common Law Regulation of E-Mail Privacy
G. Encryption
II.
Crime on the Internet
A. Hacking
B. Fraud
1. Auctions
2. Identity Theft
3. Fighting Internet Crime
259
III.
Internet Service Providers and Web Hosts
A. Spam
1. Fraudulent Spam
2. Non-Fraudulent Spam
B. Communications Decency Act of 1996
WHAT YOU SHOULD KNOW
After reading this chapter you should understand:
what actions the Network Advertising Initiative suggests regarding personal data that Web sites
collect about individuals;
what actions are prohibited by the Children’s Online Privacy Protection Act of 1998;
what protections the Fourth Amendment of the Constitution may provide in connection with
computers;
what the Privacy Policy Act requires the government to do before taking certain actions;
what actions are prohibited by the Electronic Communications Privacy Act of 1986 and when this
Act may allow parties to disclose, monitor, or access others’ e-mail;
when intrusion into another person’s private life may constitute a tort under the common law;
when a government license is required before encryption software can be exported;
what hacking is;
what conduct is barred by the Computer Fraud and Abuse Act of 1986;
what fraud is;
what conduct is prohibited by the Identity Theft and Assumption Deterrence Act of 1998;
what spam is and when spam may violate the law; and
what the Communications Decency Act of 1996 provides regarding the liability of ISPs and Web
hosts for actions of others.
260
REVIEW OF TERMS AND PHRASES
MATCHING EXERCISE
Select the term or phrase that best matches a statement or definition stated below. Each term or phrase is the
best match for only one statement or definition.
Terms and Phrases
a. Computer Fraud and Abuse Act
e. Fraud
i. Privacy Policy Act
b. Electronic communication
f. Hacking
j. Shilling
c. Encryption
g. ISP
k. Spam
d. Federal Trademark and Dilution Act of 1995
h. Lanham Act
l. Trespass to chattels
Statements and Definitions
____ 1.
Seller either bids on his or her own goods or agrees to cross-bid with other sellers.
____ 2.
Encoding a communication in order to conceal its meaning.
____ 3.
Law that prohibits anyone from accessing a computer without authorization.
____ 4.
Federal law that forbids the false use of a trademark.
____ 5.
Common law tort that is committed when one deceives a second party for the purpose of
wrongfully obtaining money or something of value from the second party.
____ 6.
Tort committed under the common law of at least one state when a party intentionally uses
someone else’s property without authorization.
____ 7.
Unauthorized access to another’s computer system.
____ 8.
E-mail and transmissions from pagers and cellular phones.
____ 9.
Internet service provider, such as AOL.
____10.
Federal law that requires the government to obtain a warrant before searching or seizing the
papers of anyone who is engaged in publishing a newspaper, book, or broadcast.
____11.
Federal law that forbids the use of another’s trademark in a way that reduces the mark’s value.
____12.
Unsolicited commercial e-mail or unsolicited bulk e-mail.
261
REVIEW OF CONCEPTS
TRUE-FALSE QUESTIONS
Circle T for true or F for false.
T
F
1.
Federal law prohibits Web sites from placing cookies in a person’s computer unless the
person has expressly consented to such action.
T
F
2.
In general, advertising on the Web is not subject to significant government regulation.
T
F
3.
Online privacy is primarily governed by industry self-regulation rules, which have largely
failed to protect the privacy of online users.
T
F
4.
The Children’s Online Privacy Protection Act is an example of industry self-regulation
that forbids the dissemination of child pornography on the Web.
T
F
5.
The courts do not have the jurisdiction to rule on the legality or illegality of conduct on the
Web since this conduct involves interstate commerce.
T
F
6.
The Fourth Amendment may apply to governmental searches of a person’s computer.
T
F
7.
In general, relevant information that is on a person’s computer may used against that
person in civil litigation.
T
F
8.
Under the Electronic Communications Privacy Act of 1986, an intended recipient of email has the right to disclose its content to others.
T
F
9.
The government cannot access a person’s e-mail even if the government first obtains a
search warrant to do so.
T
F
10. Under the common law, the wrongful accessing of private information on another person’s
computer may constitute a tort.
262
MULTIPLE CHOICE QUESTIONS
1. ____ Charlie, who lived in Wisconsin, developed sophisticated encryption software that was virtually
impregnable. Which of the following actions by Charlie would violate U.S. Export
Administration Regulations?
a. Charlie posted a copy of the software on the Internet.
b. Charlie mailed a hardcopy of his new code to a friend in Indonesia.
c. Charlie e-mailed an electronic version of his new code to a friend in France.
d. Charlie used the software on his own computer.
2. ____ Which of the following actions would violate the federal Computer Fraud and Abuse Act of
1986?
a. Diane used her computer and the Internet to hack into the computers of Last National Bank
and to transfer $100,000 to her personal bank account.
b. Diane used her computer and the Internet to place cookies in the computers of persons who
visited her Web site that she used to advertise and sell cosmetics.
c. Diane used her computer and the Internet to plant destructive viruses on the Web sites of
competitors.
d. a and c.
3. ____ The federal Drug Enforcement Agency (DEA) suspected that Stanley was unlawfully selling and
distributing cocaine. Moreover, the DEA had reason to believe that Stanley was using his Web
site to make drug sales to people in all parts of the country. Under these facts:
a. The DEA has the unlimited right to place “dragnet” software programs on the ISP that
Stanley uses in order to intercept e-mails coming or going from Stanley’s Web site.
b. The DEA has the right to place “dragnet” software programs on the ISP that Stanley uses in
order to intercept e-mails coming or going from Stanley’s Web site only if the DEA first
obtains a warrant or court order allowing it to do so.
c. The DEA has the unlimited right to search Stanley’s computer for evidence of wrongdoing so
long as it does not require Stanley’s help in searching his computer.
d. b and c.
4. ____ In general, which of the following types of spam are unlawful under federal or state law?
a. Misty sent spam e-mails to 1,000 persons whom she thought would be interested in her new
line of clothing.
b. Misty sent spam e-mails to 1,000 persons telling them that they had each won $5,000 worth
of her new line of clothing, but each winner had to send her $200 to cover the cost of
shipping the clothing. This spam was false and Misty simply kept all of the money that was
sent to her.
c. Misty sent spam e-mails to 1,000 persons protesting the U.S. government’s refusal to
263
improve relations with certain foreign countries.
d. All of the above.
5. ____ Sam operates an Internet business that specializes in the sale of electronic games to young
children and teenagers. Sam decided to entice visitors to his Web site by letting them play one of
his games for free. Sam required all visitors, however, to first provide certain personal
information, which he intended to use internally and/or to disclose publicly. Which of the
following actions by Sam would violate the Children’s Online Privacy Protection Act of 1998?
a. Sam collected personal information from Amy, age 18, without first obtaining her parent’s
permission. Sam is using this information internally and he also plans to publicly disclose it.
b. Sam collected personal information from William, age 12, after obtaining his parent’s
consent by e-mail. Sam is using this information internally.
c. Sam collected personal information from Rachel, age 11, after obtaining her parent’s consent
by e-mail. Sam is publicly disclosing this information.
d. Sam collected personal information from Johnny, age 10, after obtaining his parent’s written
consent. Sam is publicly disclosing this information.
6. ____ Which of the following statements is correct regarding the federal Identity Theft and Assumption
Deterrence Act of 1998?
a. This Act forbids people from electronically disclosing their social security identification over
the Internet.
b. This Act forbids people from using the identification of others to commit fraud or other
crimes.
c. This Act authorizes victims to obtain restitution from persons who fraudulently used their
identification.
d. b and c.
SHORT ESSAY
1. Discuss industry self-regulation of online privacy and analyze how effective this type of regulation has
been.
CASE PROBLEM
Answer the following case problem, explaining your answer.
1. Autumn is an e-mail junkie – she communicates with everyone via e-mail. In particular, Autumn sent
the following e-mails: (a) Autumn sent an e-mail from her personal computer to John, her cousin,
disclosing that Autumn had stolen money from her church; (b) Autumn sent an e-mail from her
personal computer to Oman, an e-mail pal in a country that is hostile to the U.S.; and (c) Autumn used
her employer’s computer and e-mail system to send an e-mail to Sherry, a co-worker, stating that the
boss was a creep. Under these facts:
264
a.
b.
c.
Can John lawfully disclose the content of Autumn’s e-mail without her consent?
Can the ISP that Autumn uses lawfully disclose any information regarding her e-mail to Oman?
Can Autumn’s employer lawfully monitor her e-mail to Sherry?