Privacy Law Blog : Privacy Lawyers & Attorneys : Proskauer Rose Law Firm : CAN-SPAM, FCRA, FACTA

Maryland became the first state to pass legislation (House Bill 964 and Senate Bill 433) that prohibits employers from asking employees and job applicants for their social media passwords.  The legislation also prohibits an employer from (a) taking, or threatening to take, disciplinary action for an employee’s refusal to disclose his or her password, or (b) failing to hire an applicant due to the applicant’s refusal to disclose his or her password.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

On April 11, 2012, Katharine Parker, a partner in Proskauer's Labor & Employment Law Department, discussed privacy concerns that arise when an employer demands access to its employees' social media accounts. Click here for the article.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

On March 26, 2012, the FTC released its final report titled “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Business and Policymakers.”  The report reflects feedback from the FTC’s privacy roundtables as well as over 450 public comments received in response to its proposed framework released in December 2010.  The framework applies to all commercial entities that collect or use consumer data that can be reasonably linked to a specific consumer, computer or other device, with an exemption for entities that collect only non-sensitive data from fewer than 5,000 consumers per year and do not share the data with third parties.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

After introducing a draft of its Mobile Application Privacy Policy Framework (“Framework”) in mid-October for public comment, the Mobile Marketing Association ("MMA") recently released the final version of the Framework.  

The Framework provides a general starting point that application developers can refer to when drafting their application privacy policies. The Framework includes model language to address the following questions and topics regarding the application’s and developer’s privacy practices:

• Email This
• Print
• Comments (1)
• Trackbacks
• Share Link

The past month has seen a new pattern of class action lawsuits filed in California courts against businesses for allegedly violating California’s Shine the Light privacy law (the “Act”). For seven years since the Act became effective, well-intentioned businesses have understandably had the sense that their compliance approach has been sound, and we have seen no challenges to that notion. Recent class actions have alleged non-compliance on technical grounds as frivolous as the title of the privacy policy being “Privacy Policy” instead of “Your Privacy Rights.” Why should that cost a business $500 - $3,000 per California customer? We would have to ask the plaintiffs’ lawyer that question.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

On October 12, 2011, the FTC announced that it, along with Frostwire LLC and FrostWire’s managing member, Angel Leon, (collectively, “FrostWire”), agreed to a stipulated final order for permanent injunction resulting from the FTC’s complaint alleging that (a) users of FrostWire’s Android mobile file-sharing application were likely to unwittingly share personal files stored on their mobile devices with other P2P users after installing and running the application, and (b) FrostWire misrepresented to users of FrostWire’s desktop file-sharing application that certain files they downloaded would not be shared with other P2P users.  

• Email This
• Print
• Comments
• Trackbacks
• Share Link

• Email This
• Print
• Comments
• Trackbacks
• Share Link

On April 21, 2011, the Federal Trade Commission (FTC) and Electronic Mobility Corporation (d/b/a Rascal Scooters) entered into a settlement agreement pursuant to which Rascal Scooters agreed to pay $100,000 as a civil penalty to settle a complaint filed by the FTC alleging that Rascal Scooters violated the FTC Act (15 U.S.C. § 44) and the FTC’s Telemarketing Sales Rule (16 C.F.R. 310) (TSR). At the center of the FTC’s complaint was the allegation that Rascal Scooters and its owner, Michael Flowers, made more than three million unsolicited sales calls since 2003 to consumers on the Do Not Call Registry who submitted their contact information to Rascal Scooters through its “Win a Free Rascal” sweepstakes.

• Email This
• Print
• Comments
• Trackbacks
• Share Link

In a unanimous decision on March 1, 2011, the Supreme Court held in Federal Communications Commission v. AT&T Inc. that corporations do not have personal privacy rights under the Freedom of Information Act (FOIA), reversing a 2009 Third Circuit decision (which we blogged about here).

• Email This
• Print
• Comments
• Trackbacks
• Share Link

On Thursday, October 28, 2010, the Payment Card Industry Security Standards Council (the “Council”) promulgated version 2.0 of its Data Security Standard (“PCI DSS”) which sets forth data security standards for payment card processers. The Council also updated its Payment Application Data Security Standard (“PA DSS”) which sets forth data security standards for software vendors that develop payment applications. Each new Data Security Standard will take effect on January 1, 2011.

• Email This
• Print
• Comments
• Trackbacks
• Share Link