Canada’s online legal magazine.

Archive for ‘ulc_ecomm_list’

Security vs. Accessibility

A lot of attention has been paid lately to ‘cybersecurity’, much of it aimed at system-wide security or ‘critical infrastructure’ security, but a good deal also to individual questions of authentication, identity management, vulnerability to hacking/phishing/malware and so on. Among the solutions at the individual level, one finds suggestions about using locked-down versions of documents in PDF, various degrees of encryption and so on.

To what extent is the use of these measures problematic for people who rely on technology to make information accessible to them because of physical or other disabilities? The simplest example is the inability of text . . . [more]

Posted in: Legal Information: Publishing, Technology, ulc_ecomm_list

Property in a LinkedIn Account: Employer or Employee?

At the IT.Can conference earlier this week, I outlined some legal issues with social media.

One of my quick points was that there could be an issue about the entitlement of an ex-employee to a professional LinkedIn account. The case I had in mind in listing the issue was one involving a woman named Linda Eagle, who built up a company with her own name, but when she sold it and the new owners fired her, a dispute arose whether they could keep her LinkedIn profile. Since her assistant had her password, the employers managed to take over the . . . [more]

Posted in: Substantive Law: Foreign Law, Technology: Internet, ulc_ecomm_list

How Secure Are ‘Virtual Meetings’?

SlawTips offered tips this week on setting up virtual meetings that focused mainly on how great it is to use Skype, seeing as how it’s free as well as functional.

Question: is it secure enough for lawyers? I know that the Ontario government does not allow me (or others) to download the software (or any other software….) to make it work. But I have heard as well from private sector lawyers that their IT departments don’t think Skype is secure enough to use professionally.

Is that your view, or experience?

What is the issue:

  • that Skype wants to set itself
. . . [more]
Posted in: Technology: Internet, Technology: Office Technology, ulc_ecomm_list

EU Consumer Rights Directive and E-Commerce

Germany has recently enacted legislation to implement the EU Consumer Rights Directive. Here is an article (from the International Law Office) describing the German legislation. Those familiar with Canadian consumer law will notice that it is considerable more detailed and directory than the Internet Sales Harmonization Template [PDF] that is the law in most provinces.

What do you think? Would our law be improved by provisions like those in the German law?

Your clients who do consumer e-commerce in the EU will run into this kind of law in all member states before long. (It must be in force . . . [more]

Posted in: Substantive Law: Foreign Law, ulc_ecomm_list

Are ‘Hacking Back’ and Other Cybersecurity Defences Acceptable?

If you could detect an attack on your computer system and defend against it, would you want to do it? should you be allowed to do it? What if defending meant harming the computer of the attacker? What if defending meant at least getting information about intermediate computers between the attacker’s and yours?

There are legal and ethical questions here. A review of the ethical ones appears in Stewart Baker’s blog, Skating on Stilts. (He is a former General Counsel of the US National Security Agency, among other high-level achievements.)

Mr Baker argues for private defence as well as . . . [more]

Posted in: Substantive Law, Technology: Internet, ulc_ecomm_list

More on Browsers’ “Do Not Track” Command

Online advertisers intend to ignore ‘do not track’ settings set by default. Here’s a story on about that practice: Advertising industry standards do not “require companies to honor DNT signals fixed by the browser manufacturers and set by them in browsers”. So much for the ‘better business’ in Better Business Bureau. ‘Better For Business…’ appears more accurate.

A very pungent description of the ‘Privacy? Never heard of it!’ world of advertising and the discussions about these standards can be found on ZDNet. (h/t David Cheifetz)

And even browsers set to ‘do not track’ will not comply with the . . . [more]

Posted in: Technology: Internet, ulc_ecomm_list

‘Do Not Track’ Command on Browsers: On or Off by Default?

Microsoft has announced that its new Internet Explorer 10 browser will block the tracking of users’ browsing records by advertisers. There will be a ‘do not track’ command that will be turned on by default, though users can turn it off.

According to this story, the American Association of National Advertisers has complained about this. Tracking, it says, allows for advertising better targeted to users’ interests, thus more likely to be effective, thus more lucrative for the advertisers, thus providing more money to support the ‘free’ content on the Internet. Blocking tracking by default ‘takes the information out . . . [more]

Posted in: Substantive Law, Technology: Internet, ulc_ecomm_list

UNCITRAL Works on Electronic Transferable Records (And Identity Management)

You may recall that UNCITRAL’s Working Group on Electronic Commerce meets at the end of October to continue work on electronic transferable records (like bills of lading, warehouse receipts, negotiable instruments etc) — documents that have to be unique to keep their value.

The Secretariat has just published the main working papers for the meeting – WP 118 and WP.118/Add1. They are on the UNCITRAL site in the working group document section under E-commerce (of course):

The US, Spain and Colombia have also submitted their overview of the issues, as WP.119.

In addition, the ABA’s task force on . . . [more]

Posted in: Substantive Law, Technology, ulc_ecomm_list

A “Real Name” Law?

According to,

On Thursday last week, eight judges in South Korea’s Constitutional Court unanimously struck down a law requiring the use of real names online on the grounds that it violated the constitutional right to free speech.

Would the Canadian Charter or other law produce the same effect if Parliament passed a similar statute?

Is there any remedy against a private service provider sought to enforce such a policy? I know that Facebook states that users must use their real names, bit I also know that that rule is not universally applied. (It is a bit hard to . . . [more]

Posted in: Substantive Law: Foreign Law, Technology: Internet, ulc_ecomm_list

Cybersecurity by Government Contract?

According to Steptoe and Johnson’s E-Commerce Law Week,

The U.S. Department of Defense, the General Services Administration, and NASA last month proposed a change to the Federal Acquisition Regulation (FAR) that would require contractors to safeguard their information systems containing information provided by or generated for the government. The proposed rule … would require government contracts with all federal contractors and appropriate subcontractors to mandate basic information security measures.

Is this a good idea?

In particular, should Canadian governments be concerned about the security of the IT systems in place among businesses that contract with them? If so, should . . . [more]

Posted in: Substantive Law: Foreign Law, ulc_ecomm_list

Legal Claims and Third-Party Privacy

Recently I published here a case comment on a Quebec tribunal decision involving the admissibility of social media evidence.

One particular element of the argument surprised me, and I would be interested in your views.

In the case, an employee brought a complaint before a labour tribunal against her employer, claimed that the employer had created, or allowed to continue, an atmosphere of harassment. As evidence, she brought printouts of comments made by her work colleagues on the Facebook page of another colleague who was also (for a while) a Facebook friend of the complainant.

The employer objected to this . . . [more]

Posted in: Practice of Law, ulc_ecomm_list

Voice Signatures

Has anyone had any experience with the use of the voice as a legal signature (presumably by way of a recording)? Is there any case law on the topic, one way or the other?

When we did the UECA in 1999, we had in mind that a voice mail message might be an electronic document and the association of the content with the speaker could well constitute a signature.

There is some law that a signature must be an intentional act, and whether just saying ‘Hello, it’s John, I accept your offer to sell me your house’ would constitute an . . . [more]

Posted in: Technology, ulc_ecomm_list