In January 2011, David Cheng (Plaintiff) filed a lawsuit against his former co-worker and fellow radiologist, Laura Romo (Defendant), alleging a violation of the Stored Communications Act (SCA) and Massachusetts privacy law. After the U.S District Court of Massachusetts denied Defendant’s motion for summary judgment on both counts, the case
Colorado and Washington Join Growing List of States Prohibiting Employer Access to Employee Social Media Accounts
Posted on
Colorado on May 12, 2013 and Washington on May 21, 2013 joined the likes of California, Maryland, Utah and New Mexico by prohibiting employers from requesting that prospective and current employees disclose their username and password to their personal social media accounts. Our Labor & Employment group discussed…
Ninth Circuit Reverses Class Action Coupon Settlement Because Attorneys Were Awarded Fees Based on Hours Worked Rather Than Coupon Value
Posted on
On May 15 a Ninth Circuit panel reversed the district court’s approval of a class action settlement, holding that attorney’s fees awarded in connection with a coupon for the class members must be tied to actual redemption of the coupons rather than the time the attorneys spent working toward the…
Protecting Privacy or Enabling Fraud? Employee Social Media Password Protection Laws May Clash with FINRA Rules
By Jessica Goldenberg on
As a growing number of states pass legislation which will protect individuals’ social media accounts from employer scrutiny, they have encountered a surprising adversary – FINRA and other securities regulators.
To date, at least six states have enacted social media employee privacy laws (which were blogged about here, here…
HHS Empowers Consumers to Know (and Enforce) their Rights Under HIPAA
By Ryan P. Blaney on
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published on its website a series of factsheets designed to educate consumers unfamiliar with their rights under the Health Insurance Portability and Accountability Act’s (HIPAA) Privacy and Security Rules. These four factsheets are described in detail…
The SEC and CFTC Adopt Identity Theft Red Flag Rules
By Charley Lozada on
The Securities and Exchange Commission (the “SEC”) and Commodity Futures Trading Commission (the “CFTC”) recently adopted rules requiring entities subject to their respective enforcement authorities to adopt and implement programs to detect and respond to indicators of possible identity theft, as required by the Dodd-Frank Wall Street Reform and Consumer…
Navigating the Patchwork: When Is European Data Privacy Law Applicable to US Companies?
By Cecile Martin on
Are social media companies based in the United States subject to European data privacy laws? Two recent judicial decisions – one in France and the other in Germany – arrived at different answers. The Civil Court of Paris held that Twitter, based in California, was obligated under the French Code of Civil Procedure to reveal the identity of its users in France who posted racist tweets. In Germany, on the other hand, an administrative court held that Facebook, also based in California, was not subject to a German law that would have prohibited Facebook from requiring users to register under their real names.