The idea of context-specific privacy is gaining a lot of cachet, so much so that the Obama administration features it as a major aspect of a proposed new Consumer Privacy Bill of Rights. “Consumers have a right to expect that companies will collect, store and use personal information in a manner consistent with the context within which it’s collected.
The White House recently recommended a Consumer Privacy Bill of Rights, and the European Union is days away from requiring companies to get consent from website visitors before storing advertising cookies on their devices.
San Francisco civil rights advocates who are concerned about what they call domestic spying on the city’s Arab, Middle Eastern, Muslim and South Asian (AMEMSA) communities are celebrating new legislation signed into law on May 9.
US Senator Al Franken’s letter to US Attorney General Eric Holder regarding the US Justice Department requests for GPS location data from phone companies appears to be based on a flawed understanding of the law.
They can look like harmless errors: A misspelled name. A transposed number. A paid debt listed as past due. Mistakes on credit reports can inflict widespread damage. And because there are insufficient rules on how credit-reporting agencies must correct them, Americans are left virtually powerless to erase the mistakes.
By Talya Minsberg A new Israeli law prohibits fashion media and advertising from using Photoshop or models who fall below the World Health Organization’s standard for malnutrition. When a 14-year-old girl delivered a 25,000-signature petition this week to Seventeen asking them to curb their use of Photoshop, the magazine issued a press statement that congratulated the girl on her ambition but was conspicuously silent on changing their editorial practices.
So, culturally and historically, the reason women care so much about fashion is that until very recently, we weren’t allowed professional, legal or vocal ways of expressing ourselves. Fashion was a way of articulating our feelings about ourselves.
This person will be responsible for closing your email addresses, social media profiles, and blogs after you are deceased. Sounds good, but legally it’s tricky territory.
SEAPA says the key trend is that governments are shifting focus from traditional broadcast and print media to social media and online news. SEAPA Executive Director Gayathry Venkiteswaran said online news sites have become the most frequent target.
CT: The growing usage of the internet and social media in Liberia is certainly a progressive trend. Having worked in Liberia, can you briefly tell us how the internet and social media are viewed by the cross sections of the Liberia population?
By MyCorporation CALABASAS, Calif., May 3, 2012 — /PRNewswire/ — Calabasas-based company MyCorporation is releasing a new social media product to benefit small businesses, MyCorpSocial.
Hordes of angry hockey fans – presumably Boston Bruins fans — unleashed a barrage of racist rants on Twitter and other social-networking sites after the Washington Capitals beat the defending champion Bruins a week ago Wednesday on an overtime goal.
Some of the issues covered in depth in the paper include: Build up a positive online social media profile. “It is absolutely crucial to remember that anything you post online may stay there forever, in one form or another, so think carefully.
Canadian consumers are being encouraged to consider their online property, including social media accounts, when planning a will. A new report released earlier this week by the BMO Retirement Institute raises concerns.
SNOPA
Continued concern about employers asking applicants and employees for their passwords to social media sites has led to the introduction of a federal bill.
The legal and regulatory environment impacting social media is constantly evolving. Here is a collection of recent articles impacting everything from law enforcement use of social media to new legislation.
A social media tip line for police
Boston.com
“Use of social media has provided an additional outlet for people to interact with law enforcement” says Lauri Stevens – founder of LAwS Communications, a consulting company that helps law enforcement agencies expand into social media.
Social media limits and the law
Monterey County Herald
Leland Yee, a San Francisco Democrat, introduced a bill that would prohibit employers, public or private, from requiring or requesting in writing a prospective employee to disclose user names or passwords for personal social media accounts.
Ariz. bill says unlawful to ‘annoy’ others online
BusinessWeek
“Speaking to annoy or offend is not a crime,” Media Coalition Executive Director David Horowitz said. Horowitz said if the proposal becomes law, speech done in satire, political debate or even sports trash talking could get people in unnecessary legal trouble.
Social Media in China, Innovation
Washington Post
Apr. 2, 2012 – April 2 (Bloomberg) — Vivek Wadhwa, fellow at Stanford Law School and head of academics at Singularity University, talks about social media in China and innovation.
UAE legal experts want libel to apply to social networking sites
GMA News
Claiming that Facebook, Twitter and other social networking sites can be used to spread rumors and false information, the legal community in the United Arab Emirates (UAE) is seeking that libel laws be applied to offenders on the Internet.
Is Your Facebook Password Like Your Mail, House Key, or Drug Test?
The Atlantic
A day after it was proposed, the amendment was voted down — almost entirely along party lines — thus closing one door to social media privacy legislation, at least on the national level. (There are similar social media privacy laws — full bills, …
Sponsor: Arizona bill isn’t aimed at Internet trolls
CNN
The fear is that the bill would prohibit hateful comments on news and social-media sites, amounting to a ban on so-called Internet trolling. The problem: The bill won’t do any of that, its sponsor told CNN on Wednesday. “I think they’re absolutely …
How Family Law Attorneys Use Social Media Evidence [Infographic]
PR Web (press release)
Family Law Attorneys Dishon & Block formally released today an infographic that illustrates how attorneys use social media to collect “smoking gun” evidence for divorce and child custody cases. With the advancement in technology and modernizing of laws …
See all stories on this topic »
PR Web (press release)
Topics to be addressed include best practices for direct, digital and mobile marketing including advising on permission-based marketing, emerging technologies, the use of various social media platforms, as well as data security and privacy issues related to electronic and mobile commerce.
New FTC guidelines in the areas of advertising any marketing, as well as consumer privacy and security, have raised awareness of these issues for brands, marketing firms and service providers.
David M. Adler, Esq. is an attorney, author, educator, entrepreneur and nationally-recognized speaker in the fields of intellectual property, media & entertainment and technology law with a multidisciplinary practice focused on counseling businesses across the interrelated areas of Intellectual Property Law, Media & Entertainment, Information Technology and Corporate Law. David provides legal counsel on trademark and copyright clearance, registration and enforcement, digital and new media licensing, production, finance, regulations, Social Media, litigation and corporate-commercial transactions.
David has an extensive private-practice and in-house background counseling clients on marketing, advertising and content deals, lead-generation agreements, referral agreements, advertising-supported revenue deals, product placement, affiliate marketing/group-couponing platforms, CAN-SPAM compliance, digital rights management for video, music, and games. We work with many of the leading studios, labels, social networking sites, and online music companies. He also specializes in advising artistic talent and creative professionals in the arts, entertainment, media and sports industries.
A White House official says that the administration will call on Congress to pass legislation to put the force of law behind a proposed Consumer Privacy Bill of Rights. The administration unveiled the principles in February.
In the long run, will changing expectations of privacy in an electronic world begun to undermine the constitutional protections granted to all Americans in the Bill of Rights?
The test of commitment is to translate high-minded principles like the Consumer Privacy Bill of Rights into real legislative language.” The White House issued its privacy proposal, Consumer Data Privacy in a Networked World.
“Some have argued that we’ll need something new—that the existing Bill of Rights doesn’t protect mental privacy adequately enough in the face of these emerging technologies.”
The White House and the Federal Trade Commission, for example, have both released proposals that call for Congress to enact new legislation outlining consumer privacy rights.
It did get a bit of spotlight, but when President Obama recently proposed a “Consumer Privacy Bill of Rights”, as not just Americans, but consumers and consistent users of technology, we definitely should’ve taken greater notice.
Well, he’s certainly quoted the Bill of Rights accurately, as we should expect. But sometimes I think things can be oversimplified. This is a complex question, but I think Joyner’s argument may come up short both on the particulars of the Florence case.
Also last week, the Federal Trade Commission issued its final report for how companies should handle consumer privacy, which includes the aforementioned Do Not Track feature. This had previously been mentioned in the Consumer Privacy Bill of Rights.
This call for legislation comes a month after the Obama administration outlined their “Consumer Privacy Bill of Rights” a document that details a high expectation of transparency on the part of corporations and their data mining efforts.
… by the so-called “swing” member of the court, Justice Anthony Kennedy, and joined by the four-member right-wing bloc, is the latest in a series of reactionary rulings broadening the police powers of the state and trampling on the Bill of Rights.
In 2011, the Federal Trade Commission slapped Google and Facebook for violating their own privacy policies, forcing both to submit to years of privacy audits. In February, 2012 , the Obama administration issued a blueprint for a “Consumer Privacy Bill of Rights.” The FTC, the main government agency responsible for protecting privacy, called Monday for legislation that would give consumers access to information collected about them by data brokers similar to the rights they now have to review information amassed by credit reporting agencies.
The FTC’s report comes a little over a month after the White House released its privacy bill of rights that called on companies to be more transparent about privacy and grant consumers greater access to their data but that stopped short of backing an explicit “do not track” rule. The Federal Trade Commission’s 57-page privacy report consisted of a set of “best practices” that the Internet industry is expected to follow — or face sanctions. The report mirrors many of the provisions of the “Consumer Privacy Bill of Rights” released by the White House and represents the first serious efforts at striking a balance in online consumer privacy protection related to web usage.
Critics contend the framework is not as extensive as the White House Consumer Privacy Bill of Rights announced back in February. That already made provision for “Do Not Track” technology, with Google, Yahoo!, Microsoft and AOL – together responsible for almost 90-percent of behavioral advertising – already opting in. Privacy advocates have slammed the new” guidelines, arguing that the proposed system for ensuring online data security fails to take advantage of existing authority and relies too much on self-regulation of the online industry. The new framework “mistakenly endorses self-regulation and ‘notice and choice,’” the Electronic Privacy Information Center claims, ”and fails to explain why it has not used its current Section 5 authority to better safeguard the interests of consumers.”
As our lives have become more digitally enmeshed with content, immersive entertainment and devices, the economic bargain that makes it possible has gone largely unnoticed. Simply put, the collection, analysis and sharing of personal data is driving the digital economy. Mobile applications (Apps), digital content and entertainment – from TV shows to games – are available for “free” but subsidized by income from online ads that are customized using data about customers. Vendors, advertisers and platforms compete for “eyeballs” based, in part, on the quality of the information they possess about users to whom the ads are targeted.
Across this interconnected landscape of users, content providers and devices, the issue of online privacy has become a major talking point for app developers, marketers, consumers and legislators. Recently, a wide range of stakeholders, from large institutions to smaller developers, have been accused of mishandling personal data. As the volume of public debate has increased, legislators have introduced a raft privacy initiatives. The Obama administration has called for a Privacy Bill of Rights, an industry consortium of leading web sites and search engines has proposed its own privacy best practices and the Electronic Frontier Foundation has published a consumer-oriented Mobile User Privacy Bill of Rights.
Part 1 of this article looks at several recent and high-profile revelations about how personal information is collected and used, often without the user’s knowledge and consent. Part 2 discusses the legal risks faced by vendors that don’t take adequate precautions to protect consumer privacy and Part 3 concludes with strategies and tactics that help leverage the power of personalization while avoiding the pitfalls of privacy and data security.
1. The current state of information gathering
The scope of personal information gathered is unprecedented and largely unknown. For years, “free” web-based content has been available because of the implicit compromise between content providers and content consumers. Advances in technology have made it easier to track a user’s web browsing habits, mobile browsing habits, and even real-time geospatial location (check in apps and GPS). In the last few months, we have learned that some apps not only gather this mostly non-personally-identifiable data, but also upload a user’s address book contacts and even photos.
On Wednesday Feb. 2012, software Developer Arun Thampi “outed” Path, the purveyor of a self-titled journaling app, for sending users’ address book contents to the company. Path lets users share what they’re doing with a select group of friends and gives users the option to find friends on the app through contacts or other social networks. Thampi disclosed the clandestine data transfer in a blog post after discovering that his phone’s entire address book, including full names and e-mail addresses, was being sent to Path without his explicit consent. According to Path, this data was necessary to in order to quickly notify users when people they know join Path.
Not too long ago, Google earned itself a similar PR (and legal) black eye when it launched its social network, Google Buzz, in 2010 through its Gmail web-based email product. At launch, users were not informed that the identity of individuals they emailed most frequently would be made public by default. Google Buzz automatically disclosed the email addresses of a user’s contacts by default. Google settled with the FTC over allegations that Google used deceptive practices and violated its own privacy policies.
On Feb 17 2012, WSJ reported that Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.’s Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked. The companies used special computer code that tricks Apple’s Safari Web-browsing software into letting them monitor many users. Safari, the most widely used browser on mobile devices, is designed to block such tracking by default.
A major topic for discussion just this week is the “Target Snafu.” As originally reported in the New York Times, Target used customer data and predictive analytics to determine that one of their customers was pregnant, and even her specific trimester. The girl’s father learned of the pregnancy when the retailer emailed her promotional material and coupons.
It used to take days or even weeks to gather, synthesize and extrapolate data about a customer’s buying habits and receptiveness to particular products or services. Now it takes milliseconds. A targeted ad can be sourced and served in the time it takes to hit “refresh” on a web browser. Companies are using massive amounts of data to predict what their customers are going to want next. More importantly, gathering that data is getting easier, cheaper and more ubiquitous as the source of that data moves from the desktop to mobile devices.
So where is the middle ground between privacy and targeted advertising? Is it spying simply because the user doesn’t know what data is being collected even though the user accepted a broad and ambiguous Terms of Use agreement? Is knowingly contributing data without boundaries sufficiently transparent?
The Telephone Consumer Protection Act (“TCPA”) is a federal law that governs for automatically dialed or prerecorded calls (so-called “robocalls”) and automated text messages. places limits on unsolicited prerecorded telemarketing calls to landline home telephones, and all autodialed or prerecorded calls to wireless numbers, emergency numbers, and patient rooms at health care facilities. The Federal Communications Commission (FCC) recently approved new rules to clarify the requirements
Whats’s New?
The FCC’s proposed rules will impose clearer obligations on the consent requirement for telemarketing calls and text message. Specifically, the rules make three significant changes. First is clarification about “written consent” which must be obtained in the form of 1) paper or through electronic means, including website forms, 2) a telephone keypress, or 3) a recording of oral consent.
Second, it removes the “established business relationship” exemption.
Lastly, the new rules allow one to opt out of receiving additional telemarketing robocalls immediately during a robocall through an automated menu.
What’s Not Changing?
The national Do-Not-Call list created under the TCPA by the FCC, along with the Federal Trade Commission (FTC) remains. To register a number, go to http://www.donotcall.gov.
How To File A Complaint
One can file a complaint with the FCC at https://esupport.fcc.gov/ccmsforms/form1088.action?form_type=1088C. While the FCC cannot award monetary or other damages to consumers, filing complaints allows the Commission to investigate violators. However, in some states you are allowed to file suits against telemarketers and receive monetary damages for violations of these rules.
Seemingly overnight, Social media has moved from a business curiosity to an invaluable tool for customer engagement, brand positioning and employee empowerment. For example, social media use for 18-29 year olds has grown from 16% in 2005 to 89% in 2010. A recent survey, now in its third year, found that Social Media is imperative and effective to stand out in a crowded market: 88% of all marketers found that it helped increase exposure and 76% found that it increased traffic and subscriptions.
Faced with the rapid adoption of social media services and platforms, companies find themselves in a dilemma: move quickly to adapt to new technologies, or put policies in place that support marketing goals. Finding the right balance between taking appropriate business risks and minimizing legal ones is a dilemma shared by all businesses, and it can be particularly tricky in the rapidly changing realm of social media. A social media snafu could pull a business into a range of legal imbroglios, involving employment law, intellectual property rights, advertising, defamation, libel, antitrust, and privacy protection. What follows is a list of five common social media legal mistakes that businesses are making.
1. Your Company does not have a social media policy.
Social media is going through an evolution from social media to social business. Yet In the rush to avoid being left behind, some 79% of companies do not have social media policies in place. Companies and employees are becoming deep users of Twitter, LinkedIn, Facebook, blogs, private-label platforms, and the like. Absence of a policy has led to lawsuits over basic issues such as ownership of LinkedIn profiles and Twitter followers. Lack of a policy could also lead to awkward situations that require a response, but may not rise to the level of a legal quandary such as public criticism by a volunteer or advisor.
Having a social media policy cannot prevent the occurrence of unintended consequences. However, it can address most risks that businesses will face and provide an informal framework for addressing issues that will inevitably arise before they become full-fledged emergencies that require a legal solution.
2. Your Company’s social media policy is unenforceable.
Not surprisingly, one of the most active legal areas of social media for business has been in the context of Employer-Employee relations. In 2011, the U.S. Chamber of Commerce released a report stating that the National Labor Relations Board (NLRB) had received 129 cases involving social media. The majority of claims concerned overly-restrictive employer social media policies or employee discipline and even termination based on use of social media.
More recently, the NLRB released updated guidance discussing 14 such cases in particular. Significantly, the NLRB criticized five employers’ social media policies, as “unlawfully overly broad” (e.g., too restrictive). In four cases, an employee’s use of Facebook to complain about their employer was held to be “protected concerted activity.” The benefit for employers is that the report frames the discussion for the appropriate scope of an enforceable social media policy.
3. Your employees don’t understand your social media policy.
For companies who have drafted a social media policy, another risk is that the employees who are engaged in social media on behalf of the company or brand do not understand the policies. Training employees about what it is, how it works and what’s expected is just the beginning.
For example, Australian telecomm company Telstra is an excellent example of social media transparency. This 40,000+ employee company mandates social media training built around a manageable policy focused on “3Rs” – responsibility, respect and representation. To promote awareness and understanding, the comic book-styled policy answers simple questions like “what is Facebook?” and more complex issues like employer criticism on personal blogs. Taking it a step further, the company published their entire social media training guide online for others to study and critique.
4. Your privacy policy is out of date.
Back in the early days of the Internet “Gold Rush,” companies raced to create an online presence complete with ecommerce storefronts. Partly due to the length of time it took to get a web site up and partly due to the fear of risks associated with ecommerce, companies made sure to implement comprehensive Terms of Use and Privacy Policies. Many have not revisited those policies since.
The risks of an outdated privacy policy are twofold. First, it may be unenforceable for any number of reasons. For example, the company has changed the way it gathers and stores information about site visitors, has changed the platforms from which it gathers such data and potentially with whom it shares such data, even unwittingly.
More importantly, the dynamics of online usage and marketing have changed. The availability of GPS data and commonly used technologies for targeted advertising and related services pose new privacy risks such as leaking personally identifiable information including usernames, email addresses, first names, last names, physical addresses, phone numbers, and birthdays. A recent series of articles by the Wall Street Journal analyzed the tracking files installed on people’s computers by the 50 most popular U.S. websites, plus WSJ.com and found that some sites like dictionary.com had over 200 such tracking cookies.
Second, an outdated privacy policy may subject a business to scrutiny and even penalties from the Federal Trade Commission (FTC). On October 12, 2011 the FTC announced a settlement with a file-sharing application developer over allegations that it used deceptive default privacy settings, which would lead consumers to unintentionally and unknowingly share personal files from their mobile device or computer with the public.
5. Your Company is Not Engaging In The Conversation.
Lastly, social media enables instantaneous, ubiquitous, electronic social interaction using highly accessible and scalable publishing techniques. The platforms and services that enable this interaction also provide an unfettered medium for defamatory statements about individuals, disparaging remarks about a companies’ products and services and inaccurate or misleading remarks by over-enthusiastic employees.
The legal risk is that a company often does not control such conversations which can quickly spiral out of control. Many web sites and blogs allow comments and invite participation by unrelated third parties. Having a strategy for when, how, and why to engage is critical to mitigate the legal risks since this area of law is notoriously fact and circumstances dependent and varies by jurisdiction.
Contact Us For a Consultation.
Is your business making one of the mistakes described above? Do you want to learn how to use social media to market and communicate with existing and prospective clients and do so in a way that minimizes potential risks and pitfalls? Hopefully, the guidance outlined above can serve as a good starting point for discussions about how best to use social media as well as suggestions regarding factors that firms may wish to consider in strengthening their compliance and risk management programs. We invite you to contact us with comments and requests about how we can help you educate your employees, prevent fraud, monitor risk, and promote compliance. We can be reached at lsglegal.com, 866-734-256, @adlerlaw and dadler@lsglegal.com.
Ping® by AdlerLaw A Legal Blog 