While in law school, Kevin was a St. Thomas More scholar and president of the South Asian Law Students Association. He was an extern at the Sikh Coalition and assisted the Asian American Legal Defense and Education Fund (AALDEF) in its election protection efforts and was ultimately recognized for his commitment to pro bono service at graduation. He also spent part of his time during law school studying Chinese law at Peking University.
Kevin Khurana
New Mexico Joins Other States in Prohibiting Employers from Requesting Access to Applicants’ Social Networking Accounts
Posted in Workplace PrivacyOn April 5, 2013, New Mexico joined six other states (including, among others, Utah, Maryland and California) in passing a new law prohibiting employers from requesting or requiring that a prospective employee provide access to his or her social networking accounts. Proskauer’s Labor & Employment group has discussed the new law here.
Utah’s New Internet Employment Privacy Law Continues a Growing Trend
Posted in Workplace PrivacyFollowing a growing trend among states, on March 26, 2013, the Utah legislature passed the Internet Employment Privacy Act, which prohibits employers from requesting that job applicants or employees disclose passwords protecting their personal internet accounts. Proskauer’s Labor & Employment group has discussed the new law here.
California Attorney General Issues Recommendations for Mobile Ecosystem Stakeholders
Posted in California, Mobile PrivacyEver on the forefront of consumer privacy protection, California is again making news in the privacy world with the California Attorney General’s recent publication of “Privacy on the Go: Recommendations for the Mobile Ecosystem,” which includes privacy recommendations for app developers, app platform providers, mobile ad networks, makers of operating systems and mobile carriers. With… Continue Reading
Take Two of These, and I will Text you in the Morning (Because It’s Permitted Under the TCPA)
Posted in Direct MarketingIn its Memorandum Opinion and Order dated November 9, 2012, the US District Court for the Northern District of Alabama in Pinkard v. Wal-Mart Stores, Inc. held that under the Telephone Consumer Protection Act (TCPA), when an individual discloses his or her cellular phone number to a business, that individual is deemed to have expressly consented… Continue Reading
FTC Releases General Guidelines for Mobile Application Developers
Posted in Mobile PrivacyThe FTC published on September 5, 2012 guidelines for mobile application developers to assist them observe truth-in-advertising and basic privacy principles when marketing their applications.
Crime (Policy) Does Pay – Sixth Circuit Holds That Endorsement of Crime Policy Covers Losses From Hacker’s Data Breach*
Posted in Data BreachesThe Sixth Circuit Court of Appeals recently held that a computer fraud rider to a “Blanket Crime Policy” covers losses from a hacker’s theft of customer credit card and checking account data.
Connecticut Amends Data Breach Notification Law
Posted in Data Privacy LawsOn the heels of Vermont’s recent amendment to its data breach notification law, Connecticut’s legislature recently amended its own data breach notification law. The amended law will take effect on October 1, 2012.
Vermont Amends Security Breach Notification Law
Posted in Data Privacy LawsOn May 8th, Vermont became the most recent state to amend its security breach notification law. Among the many changes, companies that are affected by a data breach are now required to notify the Attorney General of Vermont within 45 days after the discovery or notification of the breach.
Friend Request Rejected: Maryland Bans Employers from Asking Employees for their Social Media Passwords
Posted in Workplace PrivacyMaryland became the first state to pass legislation that prohibits employers from asking employees and job applicants for their social media passwords.
Katharine Parker Discusses Employer Access to Employee Social Media Accounts with the Christian Science Monitor
Posted in Invasion of PrivacyOn April 11, 2012, Katharine Parker, a partner in Proskauer’s Labor & Employment Law Department, discussed privacy concerns that arise when an employer demands access to its employees’ social media accounts.
FTC Releases Recommendations for Business and Policymakers
Posted in Mobile Privacy, Online PrivacyThe FTC released its final report titled “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Business and Policymakers” which sets forth principles that companies are recommended to follow with respect to their privacy practices.
Mobile Marketing Association Releases Final Version of Mobile Application Privacy Policy Framework
Posted in Online PrivacyThe Mobile Marketing Association recently unveiled the final version of the Mobile Application Privacy Policy Framework to assist application developers in drafting their mobile application privacy policies.
Light, (Camera), Class Action! After Seven Years of Dormancy Since Inception, Businesses See Class Action Lawsuits for Alleged Violations of California’s “Shine the Light” Act
Posted in CaliforniaThere have been a number of class action lawsuits recently filed in California state courts against businesses for allegedly violating California’s Shine the Light privacy law.
The FTC Has Your Back, Even When It’s Naked: FTC Orders P2P Program’s Default File Sharing Settings Changed
Posted in FTC EnforcementFrostWire LLC (a P2P file-sharing software company) agreed to change the default privacy settings on its mobile and desktop applications and agreed to clearly disclose its applications’ content sharing options pursuant to a settlement agreement with the FTC which resulted from claims by the FTC that FrostWire’s content sharing practices violated the FTC Act.
COPPA Violations? Cop a Settlement for $3 Million
Posted in Children's Online Privacy Protection ActPlaydom, Inc., an online game company owned by Disney, and Playdom’s CEO, Howard Marks, agreed to pay $3 million to settle charges brought by the FTC that they violated COPPA by collecting, using and disclosing the personal information of children under the age of 13 without their parents’ prior, verifiable consent. The $3 million settlement is the largest civil penalty ever for a COPPA violation.
FTC Says Scoot, Rascal! Rascal Scooters Penalized $100,000 for Calling Consumers on the Do Not Call Registry
Posted in Direct MarketingThe maker of Rascal Scooters agreed to pay $100,000 as a civil penalty to settle a complaint filed by the FTC alleging that Rascal Scooters violated the FTC Act and the FTC’s Telemarketing Sales Rule.
Justice Roberts: “This Isn’t Personal, and Neither Are Your Corporate Records”
Posted in FOIAIn a unanimous decision on March 1, 2011, the Supreme Court held in FCC v. AT&T that corporations do not have personal privacy rights under the Freedom of Information Act, reversing a 2009 Third Circuit decision.
PCI Security Standards Council Unveils New Data Security Standards
Posted in Financial PrivacyOn Thursday, October 28, 2010, the PCI SSC promulgated version 2.0 of its Data Security Standard and its Payment Application Data Security Standard (“PA DSS”).
Never Make a Promise You Can’t Keep- Especially in Your Privacy Policy
Posted in Online PrivacyIn a handful of cases, including two which were recently decided, companies have been thwarted in various, unexpected ways by the commitments made in their online privacy policies.
Supreme Court of California Decision Upholds Promotional E-mail Sender’s Method of Avoiding E-mail Filters
Posted in Electronic CommunicationsThe Supreme Court of California held that Vonage did not violate California law by sending commercial e-mail advertisements to individuals from multiple domain names for the purpose of bypassing e-mail filters.
Heartland Payment Systems Enters into its Third Settlement Agreement Arising from 2008 Data Breach
Posted in Data BreachesHeartland Payment Systems, Inc. reached a settlement with MasterCard on May 19, 2010 for losses resulting from Heartland’s massive 2008 data security breach.
If You Let Them Build It, They Will Come: Regulatory Agencies Release Model Privacy Notice Online Form Builder
Posted in Financial PrivacyThe eight regulatory agencies that released the final model privacy notice form that satisfies the disclosure requirements under the Gramm-Leach-Bliley Act have released an Online Form Builder to assist financial institutions in meeting their obligations under the act.
EU Article 29 Working Party Clarifies Definitions of “Data Controller” and “Data Processor”
Posted in European UnionOn February 16, 2010, the EU Article 29 Working Party published Opinion 1/2010, in which it clarified the definitions of “data controller” and “data processor” as those designations are used within the European Data Protection Directive. The Working Party’s opinion is welcome guidance, as such designations are often difficult to apply in practice, especially given the increasing complexity of globalization, organizational differentiation, and information and communication technologies.
European Commission Seeks to Balance Data Protection and Business Globalization with Updated Standard Contractual Clauses
Posted in European Union, InternationalThe European Commission has updated its Standard Contractual Clauses which govern the transfer of personal data from data exporters within the European Union to data processors outside of the European Union.