January 2009

On Tuesday, the Ninth Circuit denied rehearing en banc in Quon v. Arch Wireless, previously discussed here. The dissent (1) disagrees with the panel’s conclusion that the SWAT team members had a reasonable expectation of privacy in the text messages on the grounds that the decision undermines the standard established by the Supreme Court in O’Connor v. Ortega, 480 U.S. 709 (1987); and (2) finds that the method used by the panel to determine whether the search was reasonable conflicts with Supreme Court precedent holding that the Fourth Amendment does not require the government to use the “least intrusive means” when conducting a “special needs” search. The dissent can be found here. Judge Wardlaw’s concurrence in the denial of rehearing en banc can be found here. We will keep you posted on this one.

Today is Data Privacy Day and we bring you a special post regarding E-Verify from guest contributors Lawrence Lorber, Malcolm Harkins, and James Segroves, of Proskauer’s DC office, and David Grunblatt of Proskauer’s Newark office. Enforcement of a controversial federal regulation that raised significant privacy concerns has been postponed once again as the result of a legal challenge filed by Proskauer on behalf of the Chamber of Commerce of the United States of America and four other trade associations. See Chamber of Commerce of the U.S. v. Napolitano, Civil Action No. AW-08-3444 (D. Md.). The regulation in question would have required most government contractors and subcontractors to participate in E-Verify, an Internet-based system that allows employers to verify that individuals are eligible to work in the United States using an employee’s Social Security Number and other personal information. Pursuant to a January 27, 2009 agreement between the parties, enforcement of the regulation has been postponed until May 21, 2009, in order to give the recently inaugurated Administration of President Barack Obama an opportunity to review the regulation. A notice to this effect is scheduled to be published in the Federal Register on January 30, 2009.

On December 8, 2008, in Smith v. Zazzle.com Inc., No. 08-22371-CIV-KING, 2008 U.S. Dist. LEXIS 101050 (S.D. Fla. Dec. 9, 2008) Judge James Lawrence King of the Southern District of Florida held FACTA’s credit card number truncation requirement inapplicable to receipts displayed on-screen or printed by online customers.  Judge King dismissed the case on this basis.  The order contradicts one last year in the same district, Grabein v. 1-800 Flowers Inc., No. 0722235 (S.D. Fla. Jan. 29, 2008) (reported here), but is consistent with three other Southern District of Florida cases: Grabein v. Jupiterimages Corp., No. 07-22288 (S.D. Fla. July 7, 2008), Haslam v. Federated Dep’t Stores Inc., No. 07-61871 (S.D. Fla. May 16, 2008) and Edwin King v. Movietickets.com, No. 07-22119 (S.D. Fla. Feb. 13, 2008).

In a year when behavioral advertising was already expected to be at the top of the hot button privacy issues list, on January 13, 2008, the Center for Digital Democracy (“CDT”) and U.S. Public Interest Research Group (“US PIRG”) filed a document with the Federal Trade Commission (“FTC”) urging the FTC to investigate online mobile marketing practices, to take new actions to stop mobile marketing activities that “abuse consumer rights,” and to recommend new federal legislation and enhanced enforcement power for the FTC in this area. The document expands on the groups’ concerns about online behavioral advertising generally – the delivery of ads tailored to consumers’ interests based on browsing habits and/or consumer demographics – to the mobile space. In doing so the groups cite the potential for even greater consumer harm because of the additional possibility of location-based targeting linked to a cell phone or other mobile device that is typically tied to a single consumer who uses it for multiple applications, including voice, video and data.

More and more companies have been considering engaging in marketing campaigns that involve “address book scraping,”  in which a user is asked to import his contacts (i.e., the e-mail addresses he has stored in his e-mail account address book) into his social networking Web site or other online service so that a message can be sent to those contacts inviting them to join the social network or to participate in a joint offering of the company and its partner.  In some cases, the user is asked to provide the username and password for his e-mail account so that the import can be done transparently.

There are a number of things to look out for in connection with these campaigns: