Louisiana Computer Spyware (La. Rev. Stat. § 51:2006 - § 51:2014)

Louisiana Computer Spyware

La. Rev. Stat. § 51:2006 - § 51:2014

 

CITATION:

CHAPTER 30-A COMPUTER SPYWARE

§2006.  Scope

This Chapter deals with consumer protection against computer spyware.

Acts 2006, No. 392, §1.

 

§2007.  Definitions

As used in this Chapter:

(1)  "Authorized user" means with respect to a computer, a person who owns or is authorized by the owner or lessee to use the computer.

(2)  "Cause computer software to be copied" means to distribute, transfer, or procure the copying of computer software or any component thereof.  The term shall not include the following:

(a)  Transmission, routing, provision of intermediate temporary storage, or caching of software.

(b)  A storage or hosting medium, such as a compact disc, Internet web site, or computer server, through which the software was distributed by a third party.

(c)  An information location tool, such as a directory, index, reference, pointer, or hypertext link, through which the user of the computer located the software.

(3)  "Communications provider" means an entity providing communications networks or services that enable consumers to access the Internet or destinations on the public switched telephone network via a computer modem.  This term shall include cable service providers that also provide telephone services and providers of Voice over Internet Protocol services.

(4)  "Computer software" means a sequence of instructions written in any programming language that is executed on a computer.  The term shall not include a text or data file, an Internet web site, or a data component of an Internet web site that is not executable independently of the Internet web site.

(5)  "Computer virus" means a computer program or other set of instructions that is designed to degrade the performance of or disable a computer or computer network and is designed to have the ability to replicate itself on other computers or computer networks without the authorization of the owners of those computers or computer networks.

(6)  "Damage" means any material impairment to the integrity, functionality, or availability of data, software, a computer, a system, or information.

(7)  "Deceptive" or "deception" means the following:

(a)  An intentionally and materially false or fraudulent statement.

(b)  A statement or description that intentionally omits or misrepresents material information in order to deceive the authorized user.

(c)  An intentional and material failure to provide any notice to an authorized user regarding the download or installation of software in order to deceive the authorized user.

(8)  "Execute" means with respect to computer software, the performance of the functions or the carrying out of the instructions of the computer software.

(9)  "Internet" means the global information system that is logically linked together by a globally unique address space based on the Internet Protocol (IP), or its subsequent extensions, and that is able to support communications using the Transmission Control Protocol/Internet Protocol (TCP/IP) suite, or its subsequent extensions, or other IP-compatible protocols, and that provides, uses, or makes accessible, either publicly or privately, high-level services layered on the communications and related infrastructure described in this Chapter.

(10)  "Message" means a graphical or text communication presented to an authorized user of a computer other than communications originated and sent by the computer's operating system or communications presented for any of the purposes described in R.S. 51:2011.

(11)  "Personally identifiable information" means any of the following:

(a)  First name or first initial in combination with last name.

(b)  Credit or debit card numbers or other financial account numbers.

(c)  A password or personal identification number required to access an identified financial account other than a password, personal identification number, or other identification number transmitted by an authorized user to the issuer of the account or its agent.

(d)  Social Security number.

(e)  Any of the following information in a form that personally identifies an authorized user:

(i)  Account balances.

(ii)  Overdraft history.

(iii)  Payment history.

(iv)  A history of Internet web sites visited.

(v)  Home address.

(vi)  Work address.

(vii)  A record of a purchase or purchases.

(12)  "Procure the copying" means to pay or provide other consideration to or induce another person to cause software to be copied onto a computer.

Acts 2006, No. 392, §1.

 

§2008.  Computer spyware prohibitions

A person or entity that is not an authorized user shall not knowingly or willfully cause computer software to be copied or procure the copying onto the computer of an authorized user in this state and use the software to do any of the following acts:

(1)  Modify through deceptive means any of the settings related to the computer's access to or use of the Internet including the following:

(a)  The page that appears when an authorized user launches an Internet browser or similar software program used to access and navigate the Internet.

(b)  The default provider or Internet web site proxy that the authorized user uses to access or search the Internet.

(c)  The authorized user's list of bookmarks used to access Internet web site pages.

(2)  Collect through deceptive means personally identifiable information that meets any of the following criteria:

(a)  It is collected through the use of a keystroke-logging function that records all keystrokes made by an authorized user who uses the computer and transfers that information from the computer to another person.

(b)  It includes all or substantially all of the Internet web sites visited by an authorized user, other than Internet web sites of the provider of the software, if the computer software was installed in a manner designed to conceal from all authorized users of the computer the fact that the software is being installed.

(c)  It is a data element described in R.S. 51:2007(11)(b), (c), (d), or (e)(i) or (ii) that is extracted from the authorized user's computer hard drive for a purpose wholly unrelated to any of the purposes of the software or service described to an authorized user.

(3)  Prevent, without the authorization of an authorized user, through deceptive means an authorized user's reasonable efforts to block the installation of or to disable software by causing software that the authorized user has properly removed or disabled to automatically reinstall or reactivate on the computer without the authorization of an authorized user.

(4)  Misrepresent that software will be uninstalled or disabled by an authorized user's action with knowledge that the software will not be so uninstalled or disabled.

(5)  Through deceptive means, remove, disable, or render inoperative security, anti-spyware, or anti-virus software installed on the computer.

Acts 2006, No. 392, §1.

 

§2009.  Control or modification

A person or entity that is not an authorized user shall not knowingly or willfully cause computer software to be copied or procure the copying onto the computer of an authorized user in this state and use the software to do any of the following acts:

(1)  Take control of the authorized user's computer by doing any of the following:

(a)  Transmit or relay commercial electronic mail or a computer virus from the authorized user's computer, where the transmission or relaying is initiated by a person other than the authorized user and without the authorization of an authorized user.

(b)  Access or use the authorized user's modem or Internet service for the purpose of causing damage to the authorized user's computer or cause  an authorized user to incur financial charges for a service that is not authorized by an authorized user.

(c)  Use the authorized user's computer as part of an activity performed by a group of computers for the purpose of causing damage to another computer, including but not limited to launching a denial of service attack.

(d)  Open a series of stand-alone messages in the authorized user's computer without the authorization of an authorized user and with knowledge that a reasonable computer user cannot close the advertisements without turning off the computer or closing the Internet application.

(2)  Modify settings related to the computer's access to or use of the Internet including the following:

(a)  An authorized user's security or other settings that protect information about the authorized user for the purpose of stealing personal information of an authorized user.

(b)  The security settings of the computer for the purpose of causing damage to one or more computers.

(3)  Prevent, without the authorization of an authorized user, an authorized user's reasonable efforts to block the installation of or to disable software by doing any of the following:

(a)  Presenting the authorized user with an option to decline installation of software with knowledge that, when the option is selected by the authorized user, the installation nevertheless proceeds.

(b)  Falsely representing that software has been disabled.

(c)  Requiring in a deceptive manner the user to access the Internet to remove the software with knowledge or reckless disregard of the fact that the software frequently operates in a manner that prevents the user from accessing the Internet.

(d)  Changing the name, location, or other designation information of the software for the purpose of preventing an authorized user from locating the software to remove it.

(e)  Using randomized or deceptive file names, directory folders, formats, or registry entries for the purpose of avoiding detection and removal of the software by an authorized user.

(f)  Causing the installation of software in a particular computer directory or computer memory for the purpose of evading authorized users' attempts to remove the software from the computer.

(g)  Requiring, without the authority of the owner of the computer, that an authorized user obtain a special code or download software from a third party to uninstall the software.

Acts 2006, No. 392, §1.

 

§2010.  Misrepresentation and deception

A person or entity who is not an authorized user shall not do any of the following:

(1)  Induce an authorized user to install a software component onto the computer by misrepresenting that installing software is necessary for security or privacy reasons or in order to open, view, or play a particular type of content.

(2)  Cause the copying and execution on the computer of a computer software component with the intent of causing an authorized user to use the component in a way that violates any other provision of this Section.

Acts 2006, No. 392, §1.

 

§2011.  Nonapplicability

A.  Nothing in R.S. 51:2009 or 2010 shall apply to any monitoring of or interaction with a user's Internet or other network connection or service, or a protected computer, by a cable operator, computer hardware or software provider, or provider of information service or interactive computer service for network or computer security purposes, diagnostics, technical support, repair, authorized updates of software or system firmware, network management or maintenance, authorized remote system management or detection or prevention of the use of or fraudulent or other illegal activities as prohibited by this Chapter in connection with a network, service, or computer software, including scanning for and removing software proscribed under this Chapter.

B.  Nothing in this Chapter shall limit the rights of providers of wire and electronic communications under 18 U.S.C. 2511.

Acts 2006, No. 392, §1.

 

§2012.  Criminal enforcement

The district attorney of a parish where a violation of this Chapter occurs and the attorney general shall have the authority to investigate and institute criminal proceedings for any such violation.

Acts 2006, No. 392, §1.

 

§2013.  Penalty

Any person that violates the provisions of R.S. 51:2008(2) and R.S. 51:2009(1)(a), (b), and (c) and (2) shall be imprisoned for not more than ten years or fined not more than twenty-five thousand dollars, or both.

Acts 2006, No. 392, §1.

 

§2014.  Civil relief

A.  A violation of this Chapter shall be considered an unfair trade practice and such violation shall subject the violator to all of the provisions of the Unfair Trade Practices and Consumer Protection Law and as provided for in R.S. 51:1401 et seq.

B.  Except for an action or other relief brought under Subsection A of this Section, the following persons may bring a civil action against a person who violates this Chapter:

(1)  A provider of computer software who is adversely affected by the violation.

(2)  An Internet service provider who is adversely affected by the violation.

(3)  A trademark owner whose trademark is used without the authorization of the owner to deceive users in the course of any of the deceptive practices prohibited by this Section.

(4)  The attorney general.

C.  A person bringing an action under Subsection B of this Section may apply for injunctive relief to restrain any violation of this Chapter and seek to recover damages not to exceed one hundred thousand dollars for each violation.

D.  The court may increase an award of actual damages in an action brought under this Section to an amount not to exceed three times the actual damages sustained if the court finds that the violations have occurred with such frequency with respect to a group of victims as to constitute a pattern or practice.

E.  A plaintiff who prevails in an action filed under this Section is entitled to recover reasonable attorney fees and court costs.

F.  In the case of a violation of R.S. 51:2009(1)(b) that causes a communications provider to incur costs for the origination, transport, or termination of a call triggered using the modem of a customer of the communications provider as a result of a violation, the communications provider may bring a civil action against the violator to recover any or all of the following:

(1)  The charges the carrier is obligated to pay to another carrier or to an information service provider as a result of the violation, including but not limited to charges for the origination, transport, or termination of the call.

(2)  Costs of handling customer inquiries or complaints with respect to amounts billed for calls.

(3)  Costs and reasonable attorney fees.

(4)  An order to enjoin the violation.

Acts 2006, No. 392, §1.

 

For more information, see here:  https://legis.la.gov/Legis/Laws_Toc.aspx?folder=75&level=Parent

 

These materials were obtained directly from the State Legislative websites and are posted here for your review and reference only.  No Claim to Original State Government Works.  This may not be the most recent version.  The State may have more current information.  We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to.  Please check the linked sources directly.

These materials were obtained directly from the U.S. Federal Government public websites, U.S. State Government public websites, or the International Government public websites and are posted here for your review and reference only. No Claim to Original U.S. Government Works, Original U.S. State Government Works, or Original International Government Works. This information may not be the most recent version. The U.S. Government, U.S. States, or International Governments may have more current information. We make no guarantees or warranties about the accuracy or completeness of this information, or the information linked to. Please check the linked sources directly.