Responsabilidad de las entidades bancarias en los ciberdelitos

1.- Introducción

Hoy vamos a hablar de la responsabilidad de los bancos cuando se produce un ciberdelito. Como sabemos, determinadas estafas informáticas engañan a la víctima y a la vez eluden las medidas de seguridad de las entidades bancarias. Este mal funcionamiento de los mecanismos de protección puede derivar en una responsabilidad para las entidades bancarias.

Este tipo de delitos se centran en obtener las credenciales bancarias del usuario a fin de poder realizar operaciones sin su consentimiento o inducirle a pensar que la operación es correcta. Pero en realidad está realizando operaciones equivocadas, enviando el dinero a otra cuenta de destino.

Conjunto de tarjetas de crédito en referencia a la responsabilidad de los bancos cuando se produce un ciberdelito utilizándolas

Con independencia del método empleado por el atacante (phishing, fraude al CEO y sus múltiples variantes) la clave de estas operaciones radica en que se producen operaciones no consentidas por el usuario y que las medidas de seguridad de la entidad bancaria no han sido capaces de reaccionar.

2.- ¿Hay responsabilidad del banco cuando se produce un ciberdelito o es responsable la víctima?

Aunque ésta es la primera pregunta que mucha gente se plantea ante estos supuestos, debemos recordar que el “el gran responsable” es el atacante y en general las acciones judiciales siempre deberían ir encaminadas a su localización y enjuiciamiento.

Si bien, siempre debemos tener en cuenta que el ordenamiento jurídico impone a los distintos operadores del mercado financiero una serie de obligaciones, proporcionales al rol que ocupan, que deben cumplir para el buen funcionamiento de este.

De esta forma, a pesar de que el atacante sea un tercero y su conducta sea perseguible y punible, en ocasiones debe analizarse si las acciones del resto de partes afectadas han sido correctas o bien, han podido propiciar, favorecer o permitir el daño.

3.- Responsabilidad de los bancos cuando se produce un ciberdelito

La responsabilidad en este tipo de asuntos y con respecto a las entidades bancarias es de carácter civil.  Que se define como la obligación de toda persona (física o jurídica) de pagar por los daños y perjuicios que cause (directa o indirectamente) en la persona o el patrimonio de otra. 

La responsabilidad civil puede surgir de muchísimas formas y tendrá un tratamiento distinto en función del ámbito o suceso. Así, no se aplican las mismas normas en los accidentes de tráfico o laborales que en negligencias médicas o estafas informáticas.

En el caso que abordamos en el presente artículo, la posible responsabilidad de los bancos cuando se produce un ciberdelito, surge de la obligación que la ley impone a estas entidades de autenticar las operaciones de pago y garantizar así que el cliente ha consentido dicha operación.

Continuar leyendo “Responsabilidad de las entidades bancarias en los ciberdelitos”

Lanzamos Derecho Ficción: otra forma de aprender Derecho

Síguenos en |     

¡Estamos de estreno! :-)

El Legal LAB de Términos y Condiciones, en colaboración con el equipo de A definitivas, lanza nuestra última iniciativa: Derecho Ficción.

O lo que es lo mismo, explicar y aprender Derecho a partir de tus películas, series, cómics y libros favoritos.

¡Os dejo con el trailer!

Si tu pregunta tras verlo es: “¿¡De qué va esta rayada!?”, ¡bien! :p

Derecho Ficción es una iniciativa que busca explicar conceptos jurídicos y multitud de cuestiones legales que nos afectan en el día a día a todos. Pero va a hacerlo en un contexto muy distinto al habitual y a la vez mucho más agradable y cercano para el ciudadano de a pie: nuestros mundos de ficción favoritos.

Continuar leyendo “Lanzamos Derecho Ficción: otra forma de aprender Derecho”

Launching a preview of Jade, an open source case management tool for lawyers

Síguenos en |     

Legaltech is in the air! At the moment, it seems rather obvious that the application of technology to the provision and commercialisation of legal services is not a flash in the pan.

In relation to Spain and just during the last year, we have mapped and categorised more than a hundred Legaltech projects. We also co-organised the first Congress about it and recently we opened a specialised area (in Spanish) to talk about it thoroughly and to help those interested in it.

But Legaltech in Spain also means accelerators, competitions, hackathons, associations and dozens of projects on the move. If we look beyond Spain, Legaltech is an enormous trend in the legal sector.

Therefore, it’s crystal clear that something is moving in the subject of legal technology.

Why Open Legaltech makes sense

However, something still not so obvious is just starting to happen. For a lawyer or a small law firm the access to Legaltech is going to have at least two important barriers: the level of knowledge and the cost of the technology.

On one hand, right now the usual legal professional is still unaware of all the Legaltech tools and services appearing everyday, more even about their features or usefulness. Something that can create a significant knowledge barrier in the medium-long term. On the other hand, the cost to access these tools or services is usually too high for a normal lawyer or someone who is just starting in the profession. Going beyond, all of that can create some significant digital fractures in the legal sector.

Additionally, when we talk about technology on other fields or areas of expertise, there are plenty of examples of proprietary software as well as open one. On the Legaltech field it also makes sense. After all, open source Legaltech could facilitate the access to technology to plenty of legal professionals, at the same time that reduces the knowledge barrier or improves the security of legal tools.

Nevertheless, open source Legaltech is nowadays almost none existent beyond some data sets or individual initiatives such as ContraxSuite from Lex Predict (we love it!).

That’s why we think that open source Legaltech, that we also call “Open Legaltech”, is an interesting area where it makes sense to spend time and effort, especially now that everything is just beginning.

Continuar leyendo “Launching a preview of Jade, an open source case management tool for lawyers”

How the terms and conditions changed more than ten thousand times during 2016

Síguenos en |     

2016 through its changes in terms and conditions

In October of 2015, we launched the first fruit of our Legal LAB, the Tracker of Terms and Conditions. It was a tool to track changes in terms and conditions. Although it wasn’t perfect, through it we were trying to reach a goal that seemed reasonable and useful: to know when and how the services change their terms and conditions.

So, the Tracker of Terms and Conditions was born.

But, why is it important to know how and when the services change their terms and conditions? Because at the end of the day, the terms and conditions are a contract. A contract that it is established by one of the parties, usually the company, and the user can only accept o reject the content. So, the user does not have the option to negotiate the terms.

tracker_of_terms_and_conditions
The Tracker of Terms and Conditions – Our first experiment in the Legal LAB

This contract creates rights and obligations for both parties, but only one party has control over them (the company). Even though the law protects the user against plenty of unfair practices that the company may try to introduce through the terms and conditions, not all of them are reported. Besides, there are modifications on the legal texts of a storing, messaging or hosting service that are important to it but not unfair.

In summary, to know when and how the terms and conditions change, can be useful and good to: 1) report unfair practices according to the law and; 2) to find out about some of the surprises that the small print can include.

We love to track how the terms and conditions change (a little too much, maybe) :p, that’s why we follow them daily and from time to time we highlight the important ones. In fact, thanks to that we “announced” that Apple had bought Topsy 5 days before the official announcement (Topsy changed its Privacy Policy too soon). In any case, during a full year plenty of changes happen, and in 2016 we have tracked more than a few. To be precise, during 2016 we have detected 10.512 changes in terms and conditions.

However, before we start looking at the data, what do we understand as a “change”? Well, when there is a modification on a legal text such as Terms of Use, Privacy Policy, Cookie Policy or some other text that could be understood as terms and conditions (more than a few).

If the change is normal (a grammar mistake was fixed, a comma added or some text was translated from English to Spanish, for example), that’s a non-important change.

If the change goes beyond fixing a mistake (it adds or modifies rights and obligations for the user), then we take into account if the date from the “Last Update” section was updated too. Because that would be useful for a user who would want to know if that text has been modified from its last visit.

Let’s not forget that the terms and conditions usually say that we should check them regularly to see if something has been added or changed. Perfect, but they should provide some sign of it, right? Well, that’s what we track.

Having said that, if the change did not modify the “Last Update” section, we tag that change as Bad or an important modification that was not notified to the user.

If the change updated the date from that section, then we tag the change as Good or an important modification that was notified to the user.

And now, let’s check some data about the changes that we tracked in terms and conditions during 2016.

 

Continuar leyendo “How the terms and conditions changed more than ten thousand times during 2016”

How to create a smart contract using terms and conditions

Síguenos en |     

Translated by: Bárbara Román Méndez

Smart Contracts: theory, practice and legals aspects

Smart contracts are probably one of the most trendy terms on the new technological initiatives developed by sectors as diverse as Legaltech, which we already covered thoroughly, Fintech (projects related to the new financial industry) or Insurtech (projects related to the new Insurance sector).

The thing is, why the concept of smart contract can join together sectors so different? My idea is that the smart contract is seen as a legal tool that if it ends up being commonly used, it could seriously alter the way we trade daily. In other words, taking into account that the smart contract is software, many of the advantages associated with it (for example, promptness, predictability and automation), could end up reaching these areas on a large scale.

However, if smart contracts are the legal instrument that joins such diverse industries, there is a technological element that allows today’s smart contracts and connects even more sectors. We are talking about blockchain. What’s that? Well, the technology under which currencies such as bitcoin or ether work nowadays. In fact, some people are starting to consider blockchain as one of the most revolutionary achievements coming from the Internet.

In summary, out of this somewhat cryptic introduction we should focus on to two terms. This long post will be all about them from a theoretical, practical and legal perspective. This way, we’ll talk about plenty of theory related to smart contracts, how to make one (even mortals such us :p) and some legal aspects worth mentioning. The trip won’t be short, and although I’ve tried to simplify the content as much as possible (getting rid of important concepts in order to get a better understanding of the basics), it won’t be easy. Having said that, let’s go!

As we said, all this story revolves around two terms that we should try to memorise. We are talking about Smart Contract and Blokchain.

Continuar leyendo “How to create a smart contract using terms and conditions”

Legaltech in Spain | Much to do

Síguenos en |     

Last update: To check the most up to date version go to the Spanish edition of the article.

Legaltech in Spain? Let’s start by the beginning

According to Richard Susskind in “The Future of the Professions: How Technology Will Transform the Work of Human Experts” (he is one of the most important gurus about legal innovation in the world), when people have to face a problem, they try to avoid it or contain it before looking for a solution.

Historically, the legal sector has not been very innovative. If truth be told, it didn’t have to be because just a few had access to its pool of knowledge. That reduced competition and made things easier to control. In addition, the legal sector has always been very cautious, avoiding experimentation and waiting for change when almost everyone has already adopted it. Besides, we are talking about an area of expertise with a big focus on the past, the precedent. So, looking forward to the future has never been the usual way to go for the legal sector.

However, that stagnation has become a problem at the end of the day. Obviously, the world around the legal sector did not stop. First of all, the Internet opened up the access to the legal knowledge beyond the usual parties. Furthermore, half of the world is carrying daily a pocket computer known as smartphone. Something that has changed the requirements and requests from consumers.

The answer from the legal sector in the face of this problem has usually been lukewarm. Nevertheless, in the last 5 years something has definitively changed and a new attitude can be observed when talking about this issue. The general idea being that this is something that cannot be avoided or contained anymore.

Then you have those who see the problem as an opportunity to find a solution for the times we are living. And this is where we would say that Legaltech or Legal Technology has been born.

But, what is legaltech? Although there isn’t an official definition and the concept has been evolving the last 5 years, nowadays legatech refers to the use of technology to provide legal services. But not something along the lines of “I use email and send some WhatsAppss”. No, today legaltech can be understood as the use of technology on legal services to provide:

Continuar leyendo “Legaltech in Spain | Much to do”

Pokémon GO – 13 details about its terms and conditions

Síguenos en |     

Gotta catch all your rights and obligations too

Pokémon GO went live less than two weeks ago in just a few countries, but it has already become one of the phenomenons of the year. In fact, it already is the biggest mobile game ever in USA and it is quickly approaching the level of use of services such as Google Maps and Snapchat. All of that in less than two weeks.

The concept is classic Pokémon: you gather the best Pokémon to train them later and compete against different trainers and through tournaments around the world. The huge difference here is that the world is not virtual anymore, now the real world is the playground.

The thing is that thanks to augmented reality, the Pokémon do not live in a virtual world now. Instead they live and walk in the real world. For example, the garden of your neighbor. Through our mobile devices we can locate them (the camera + geolocation), catch them, train them and then compete against the rest of the world.

That means that the immersion and interaction goes through the roof, because to catch the Pokémon you have to physically move to the places where the app points out that they are living. Something that has generated more than a few complaints from players with disabilities, whose options to play get very limited.

When all the planet is the game board and the player needs to move around to play, plenty of things can go wrong. That’s why we already have plenty of crazy stories since the launch of the game: 

  • Places banning the hunting of Pokémon
  • Infidelities being discovered through Pokémon GO
  • The Mayor of Rio asking for the use of the game during the Olympic Games
  • Or cops and robbers taking advantage of the excursions of the players

And that’s just the beginning…

But let’s go to the point, what do the terms and conditions of Pokémon GO say? Well, its Terms of Service, Privacy Policy, Copyright Policy and Trainer Guidelines have some very interesting aspects.

Let’s go for it!

Continuar leyendo “Pokémon GO – 13 details about its terms and conditions”