Cyberlaw

Hacktivist raided

Swiss Hacktivist was raided at the request of U.S. authorities for data theft and then publishing what was hacked.

https://amp.9news.com.au/article/be36b5d5-883b-49a4-a0da-d9a5ce07d852

https://www.bloomberg.com/news/articles/2021-03-12/swiss-police-raid-apartment-of-verkada-hacker-seize-devices

The Impact of Amazon

Amazon has a special website that sets out its impact. The focus is on the impact of Amazon in the U.S. It is hard to find out what positive impact Amazon is having in Australia.

See https://www.aboutamazon.com/impact

If you contract with AWS on their standard terms, unless you are located in one of a few listed countries, you are agreeing to U.S. law for the contract, and having to go to the U.S. for any disputes.

"Governing Laws" and “Governing Courts” mean, for each AWS Contracting Party, the laws and courts set forth in the following table: see https://aws.amazon.com/agreement/. I guess that provides jobs for U.S. lawyers!

Giving the Government Power to Disrupt

The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 has been subject to criticism It allows the government to hack into computers of people they think are bad people. Could innocent bystanders be impacted, just like when Microsoft did protective hacking about 8 years ago? See https://www.csoonline.com/article/2449572/microsoft-hammers-no-ip-collateral-damage-includes-hacking-teams-legal-malware.html

Details of the Bill are here:

https://www.homeaffairs.gov.au/about-us/our-portfolios/national-security/lawful-access-telecommunications/surveillance-legislation-amendment-identify-and-disrupt-bill-2020

The Law Council has released a 150 page criticism of the Bill.

Section 230

Has Section 230 of the Communications Decency Act gone too far? Some think it does:

Judge Robert Katzmann in a recent case wrote a 35-page dissent to part of the ruling, arguing that Facebook’s algorithmic recommendations shouldn’t be covered by the legal protections of Section 230.

Late last year, the U.S. Supreme Court rejected a call to hear a different case that would have tested the Section 230 shield. In a statement attached to the court’s decision, Justice Clarence Thomas called for the court to consider whether Section 230’s protections had been expanded too far, citing Judge Katzmann’s opinion.

Justice Thomas said the court didn’t need to decide in the moment whether to rein in the legal protections. “But in an appropriate case, it behooves us to do so,” he said.

See NY Times article.

Many U.S. Internet businesses think that Section 230 has international application. It does not. It may provide protection in respect of U.S. lawsuits, but not lawsuits in other countries.

Blocking Bad Websites at the ISP

It is hard to have a bad website taken down. In Australia, if the bad website is involved in copyright infringement, it is possible to have all Australian ISPs block the bad website, in effect making it disappear from the Internet as far as Australians are concerned.

That happened in recent Federal Court case, brought against Telstra and every other ISP in Australia, by a company that appears to operate a website for escort services. Someone hacked their website and made copies of it. The Federal Court blocked the copycat websites, using Section 115A of the Copyright Act.

See Gardner Industries Pty Ltd as trustee for the S M Gardner Family Trust v Telstra Corporation Limited [2021] FCA 294 (25 March 2021) (Greenwood J)

Who should police Internet content?

Who really runs the Internet? A lot of companies you rarely hear about. A good article about the Internet and hate speech in the Washington Post.

https://www.washingtonpost.com/technology/2021/03/24/online-moderation-tech-stack/

Suing Google for online review

A lawyer who is trying to track down the person who posted a bad review of her lost an application against Google, seemingly on the basis that she did not follow court proper procedures.

"However, if such a proceeding is to be brought it must be brought on proper material, on notice to Google, and it must be conducted efficiently and expeditiously. That is not how this proceeding has been conducted. One thing that must be avoided is the provision of a flurry of materials making inchoate arguments shortly before a hearing."

Garde-Wilson v Google LLC [2021] FCA 243

From The Age: Gangland lawyer Zarah Garde-Wilson says she will take a court fight directly to Google after the Federal Court dismissed her bid to force the search engine giant to reveal who was behind negative online reviews.

Ms Garde-Wilson, who rose to prominence representing the who’s who of Melbourne’s gangland war, suspects a rival lawyer is behind a negative Google review left under the name “Mohamed Ahmed”.

https://www.theage.com.au/national/victoria/zarah-garde-wilson-loses-bid-to-find-who-was-behind-bad-google-reviews-20210318-p57byd.html

Privacy Commissioner hands down award compensating for non-economic loss

The Australian Privacy Commission made an award compensating individuals for non-economic loss for a privacy law breach. This was a first in Australia.

See https://www.oaic.gov.au/assets/privacy/privacy-decisions/privacy-determinations/WP-and-Secretary-to-the-Department-of-Home-Affairs-Privacy-2021-AICmr-2-11-January-2021.pdf and https://www.kwm.com/en/au/knowledge/insights/privacy-commissioner-hands-down-first-representative-award-20210203

The decision requires the Department of Home Affairs to compensate over 1,200 asylum seekers for inadvertently publishing their personal information online in 2014.

It is somewhat amazing that this case took seven years to reach this stage.

Take care if you pay the ransom

In response to the proliferation of ransomware attacks over the last five years, a series of United States Executive Orders and statutes have come to include cyberterrorists amongst the list of banned individuals with whom U.S. persons cannot conduct financial transactions. This impacts payments to cybercriminals for ransomware attacks.

There is a detailed article from a U.S. law firm here, that sets out when payment of a ransom could lead to breach of U.S. law. See https://www.friedfrank.com/siteFiles/Publications/NYLJ_03.05.21_Kleinman.pdf

Privacy Rights Expanding in Australia?

Justice Keane of the High Court of Australia gave a speech at the end of 2020 that discussed privacy.

It was titled; "Too Much Information: civilisation and the problems of privacy" and argued that relying upon judicial development of the law to solve the problem of privacy "has been, at best, a hit and miss affair".

Justice Keane said it "would not be surprising were the High Court now to accept a tort of invasion of privacy" along U.S. lines.

"But such a cause of action would probably be confined to cases of intentional intrusion, physically or otherwise, upon the solitude or seclusion of an individual or his or her private affairs.

"In the case of the publicising of a matter concerning the private life of an individual, the conduct would be actionable if the matter publicised is of a kind that would be highly offensive to a reasonable person and is not of legitimate concern to the public."

He noted that in the recent High Court case involving the Australian Federal Police raid on the home of journalist Annika Smethurst the media "carefully eschewed any attempt to press forward . . . towards a broader protection of privacy". (I suspect that the media did not want to expand the right of privacy in Australia even though it may have been helpful in this case - because the media since at least 1890 has been the subject of negative criticism regarding the media's lack of respect of privacy rights.)

AFR Article: https://www.afr.com/companies/media-and-marketing/high-court-judge-takes-swipe-at-media-on-privacy-20200927-p55zo0

Text of Keene J's Speech: https://cdn.hcourt.gov.au/assets/publications/speeches/current-justices/keanej/keanej27Aug2020.pdf