As a growing number of states pass legislation which will protect individuals’ social media accounts from employer scrutiny, they have encountered a surprising adversary – FINRA and other securities regulators. To date, at least six states have enacted social media employee privacy laws (which were blogged about here, here, here, and here) and upwards of… Continue Reading
Category Archives: Online Privacy
Subscribe to Online Privacy RSS FeedNavigating the Patchwork: When Is European Data Privacy Law Applicable to US Companies?
Posted in Data Privacy Laws, European Union, International, Online PrivacyAre social media companies based in the United States subject to European data privacy laws? Two recent judicial decisions – one in France and the other in Germany – arrived at different answers. The Civil Court of Paris held that Twitter, based in California, was obligated under the French Code of Civil Procedure to reveal… Continue Reading
Shine the Light a Little Brighter – Changes Resulting in Increased Customer Access Proposed to California’s “Shine the Light” Act
Posted in California, Data Privacy Laws, Online PrivacyCalifornia Assembly Member, Bonnie Lowenthal, recently introduced the “Right to Know Act of 2013″ (AB 1291), which would require any company that retains a California resident’s personal information to provide a copy of that information to that person, free of charge, within 30 days of the request. The company would also have to disclose a… Continue Reading
Six European Data Protection Authorities Will Launch Legal Actions against Google Stemming from its Privacy Policy
Posted in Behavioral Marketing, Data Privacy Laws, European Union, International, Online Privacy, Privacy LitigationThe French, Italian, British, German, Spanish and Dutch Data Protection Authorities announced on April 2, 2013 that each will launch investigations and enforcement actions against Google on the grounds that its privacy policy is not compliant with the European Directive on Data Protection, available at http://eur-lex.europa.eu/en/index.htm, (the “Directive”).
President Obama Signs Executive Order on Cybersecurity
Posted in Data Breaches, Data Privacy Laws, National Security, Online PrivacyAs announced during the 2013 State of the Union Address, President Obama recently signed an Executive Order on cybersecurity. The primary goals of the Executive Order are to (a) improve communication between private companies and the federal government about emerging cyber threats and (b) safeguard the nation’s critical infrastructure against cyber attacks by developing and implementing… Continue Reading
China Introduces New Data Privacy Law
Posted in Data Privacy Laws, Online PrivacyOn December 28, 2012, the Standing Committee of China’s National People’s Congress, China’s legislative body, passed the “Decision on Strengthening Network Information Protection” (the “Decision”), which contains various principles for protecting, collecting and using electronic personal information in China. According to the Decision, these principles were passed in order to protect network information security, protect… Continue Reading
California Supreme Court Holds Online Retailers of Downloadable Products May Require Personally Identifying Information For Credit Card Transactions
Posted in California, Data Privacy Laws, Financial Privacy, Online PrivacyThe California Supreme Court held on February 4, 2013 that the provision of the Song-Beverly Credit Card Act of 1971 (the “Act”) prohibiting retailers from requesting personally identifying information as a condition to processing credit card transactions does not apply to online purchases of electronically downloadable items. (Apple v. Super. Ct., S199384, Case No. B238097,… Continue Reading
Facebook and Netflix now “in a Relationship”; Obama Signs Bill Updating Video Privacy Law
Posted in Online PrivacyOn January 10, 2013, President Obama signed into law H.R. 6671, an amendment to the Video Privacy Protection Act of 1988 (VPPA) codified at 18 U.S.C. § 2710, which will permit companies, such as Netflix, to obtain advance consent from consumers to automatically share their movie viewing history on social media sites. While Facebook users have been… Continue Reading
Learning from the Past: The FTC Bans Undisclosed History Sniffing
Posted in Behavioral Marketing, FTC Enforcement, Online PrivacyIt has been said that we must learn from the past to profit by the present. Taking this literally in this digital age of ours, one online advertising company has found this maxim to have some serious privacy implications as evidenced by the FTC order last week banning undisclosed history sniffing practices.
FRENCH CLOUDS: WHERE DOES CLOUD COMPUTING STAND IN FRANCE?
Posted in Cloud Computing, European Union, Online PrivacyConcurrent with the European Commission’s recent release of a new strategy to “unleash the potential of cloud computing in Europe,” the French Data Protection Agency (CNIL) issued 7 recommendations to assist companies to comply with French law when using cloud computing services.
Defending the Homefront: A Cybersecurity Executive Order
Posted in National Security, Online PrivacyThe simultaneous denial of service attacks on the three largest U.S. banks which occurred two weeks ago were reported to have originated in Iran. After years of stealth cyber attacks on American interests, U.S. intelligence officials recently publicly accused China of cyber espionage of American high-tech data for their own economic gain. The head of… Continue Reading
Shaking Up the Settlement Process: FTC Reconsiders Whether Companies Can Deny Wrongdoing While Settling Privacy Violation Claims
Posted in FTC Enforcement, Online PrivacyThe Federal Trade Commission (“FTC”) recently announced settlements of cases brought against Google and Facebook for alleged privacy violations. The Google settlement drew headlines for being the largest fine ever assessed for the violation of a FTC consent order ($22.5 million). But Commissioner J. Thomas Rosch’s dissents are perhaps more momentous, as they have prompted the… Continue Reading
California District Court Dismisses Privacy Class Action Lawsuit Against LinkedIn
Posted in California, Invasion of Privacy, Online PrivacyA California District Court has dismissed with prejudice a class action lawsuit filed against LinkedIn on behalf of its registered users, finding the allegations too speculative to sustain a lawsuit. An earlier Complaint filed by one of the representative Plaintiffs was dismissed by the Court without prejudice, allowing the Plaintiff to amend the Complaint and bring… Continue Reading
FTC Releases Recommendations for Business and Policymakers
Posted in Mobile Privacy, Online PrivacyThe FTC released its final report titled “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Business and Policymakers” which sets forth principles that companies are recommended to follow with respect to their privacy practices.
Google’s New Privacy Policy Being Scrutinized by the French Data Protection Authority
Posted in Online PrivacyGoogle launched a new privacy policy that took effect on March 1st, 2012. According to Google, the purpose of revising its privacy policy was to unify into one single privacy policy more than 60 different privacy policies across its wide array of products and services.
French employees should check their privacy settings before posting on social media platforms
Posted in International, Online PrivacyIt may seem obvious to a lay person that employees should refrain from insulting their companies on social media due to the threat of termination for cause; however, there are contradictory legal principles that apply to the use of social media by employees which can be used both for and against employees (i.e. freedom of speech, right to privacy, data protection laws, an employer’s right to take disciplinary action, public insult offense, etc.) As a consequence, there is uncertainty as to whether an employer can use its employees’ postings made on social media websites to sanction them.
Mobile Marketing Association Releases Final Version of Mobile Application Privacy Policy Framework
Posted in Online PrivacyThe Mobile Marketing Association recently unveiled the final version of the Mobile Application Privacy Policy Framework to assist application developers in drafting their mobile application privacy policies.
Do I really have to obtain consent from all my customers to make a change to my privacy policy?
Posted in Data Privacy Laws, FTC Enforcement, Online Privacy"Do I really have to obtain consent from all my customers to make a change to my privacy policy? No one else seems to be following that rule." We get this question all the time. It is understandable, given that we often watch Web-based companies expand their usage of consumer data without the affirmative consent… Continue Reading
FTC-Google Settlement Marks Two “Firsts” in FTC Privacy Enforcement
Posted in FTC Enforcement, Online PrivacyGoogle recently settled charges by the Federal Trade Commission (FTC) that Google’s social networking service, Buzz, violated the FTC Act. The FTC-Google settlement prohibits Google from misrepresenting the extent to which it maintains and protects the confidentiality of users’ information and from misrepresenting its compliance with the US-EU Safe Harbor Framework. In that regard, the settlement represents two important “firsts” in FTC enforcement.
FTC Issues New Report on Consumer Privacy
Posted in Online Privacy‘FTC Enforcement’
Proskauer on Privacy: Boston Edition
Posted in Online PrivacyFollowing the success of our Annual Proskauer on Privacy Conference in New York, we are taking the program on the road and invite you to attend our first Proskauer on Privacy: Boston Edition. Presented by the firm’s Privacy and Data Security Group, this conference will focus on the latest developments in this area of law…. Continue Reading
Mathews Explains Social Media Privacy in Exclusive Bloomberg Video Interview
Posted in Online PrivacyStill don’t really understand all the media attention on Facebook’s, Twitter’s and Google’s user privacy woes? In a recent video interview by Bloomberg‘s Spencer Mazyck, Proskauer’s Kristen Mathews explained the issues in a way that anyone can understand. In this video interview, Mathews discussed the background of the recent media scrutiny over Facebook’s and Myspace’s… Continue Reading
Recent Lawsuits Challenge Use of Flash Cookies to Track Online Behavior
Posted in Behavioral Marketing, Online PrivacyFour recent lawsuits filed against some of the Web’s biggest media companies challenge the alleged use of Flash cookies capable of circumventing a user’s ability to prevent the tracking of online behavior.
Never Make a Promise You Can’t Keep- Especially in Your Privacy Policy
Posted in Online PrivacyIn a handful of cases, including two which were recently decided, companies have been thwarted in various, unexpected ways by the commitments made in their online privacy policies.