Articles Posted in Privacy

Posted

Today, Pillsbury attorneys Joseph Tiffany and Connie Wolfe published their client alert titled Seventh Circuit Finds Article III Standing for Data Breach Class Action Based on Allegations of Future Harm. The Alert notes that, in the wake of numerous data breach cases dismissed for lack of Article III standing based on the Supreme Court’s decision in Clapper v. Amnesty Int’l USA, the Seventh Circuit Court of Appeals has become the first post-Clapper appellate court to hold that data breach victims adequately alleged standing based on risks of future harm. In Remijas v. Neiman Marcus Group, LLC, the district court dismissed a class action complaint against retailer Neiman Marcus based on the plaintiffs’ lack of Article III standing. Plaintiffs appealed, and the Seventh Circuit reversed. The decision adds a new element of uncertainty for custodians of customer data impacted by data breaches.

Posted

The California Attorney General recently published recommendations
for developing meaningful privacy policies that comply with the California Online Privacy Protection Act of 2003 (CalOPPA), including recommendations for complying with “Do Not Track” disclosure requirements.  According to the Attorney General, a meaningful privacy policy is one that addresses significant data collection and use practices, uses plain language, and is presented in a readable format.  While the recommendations are not regulations, mandates,
or legal opinions, they do identify certain best practices for privacy policies that satisfy the minimum legal requirements.

Posted

MPL pic 2.jpgMany of us have been focused on cyber-security, especially in the wake of the recent data breaches over the holidays, among other things.  Two Maryland Law Enforcement Officers are leveraging the power of social media and the Internet to enable you to “Secure What’s Yours.”   In 2013, acting on their vision, they introduced an innovative approach to reuniting owners with their tangible personal property that was stolen or is missing, e.g., iPhones, Androids, laptops, iPads, TVs, etc., working with law enforcement officers across the nation.

My Property Locker‘s database allows its users to register valuables that are serialized or contain identifiable marks, enabling them to add pictures of the items along with a copy of their purchase receipts.  Its Apple and Android apps also allow users to scan product UPC codes as part of the registration process. If an item is stolen or comes up missing, the owner can report the loss to My Property Locker — according to My Property Locker, in 2011, there were an estimated 9,063,173 property crimes offenses across the nation, totaling an estimated $15.6 billion in losses.  Law enforcement officers across the U.S. are able to register with credential verification and to use the Police Advanced Search function to identify the owners of stolen or missing items.  Law enforcement officers and the property owners are then able to work together to reunite the owner with their stolen or lost property.  And, My Property Locker is free to consumers.

My Property Locker reports that it has been endorsed by the Maryland Crime Prevention Association and the Virginia Crime Prevention Association.  Additional information about My Property Locker is expected to be available on Officer.com.

Additional Sources:  YouTube, My Property Locker Tutorial – How to add/remove property; Facebook, My Property Locker; iTunes App Store; Google play Android App

Photo:  Courtesy of My Property Locker, All Rights Reserved

Posted

Targetbillboard.jpgThere have been numerous reports that West Virginia Attorney General Patrick Morrisey issued a warning to consumers on Monday, January 13, 204, about a Target gift card scam occurring throughout the country on social media websites. Evidently, consumers are purportedly offered a Target gift card to make up for the widely-reported December data breach. This is apparently a scam that directs consumers to fake domains pretending to be Target. Morrisey warns that “[c]onsumers also need to be wary of fake domain names pretending to Target popping up.”  He further suggested that “[I]f consumers receive communications or offers appearing to be from Target, they should call Target to confirm the communication is legitimate and report any instances of fraud to our office.”

Other Sources:  Legal Newsline, W. Va. AG warns of Target gift card scam (Jan.
15, 2014); Register Herald, AG warns Target gift card offer is a scam (Jan.
13, 2014); Charleston Daily Mail, Attorney General says Target gift card offers are scams (Jan.
13, 2014)
Image Source: Creative Commons

Posted

MP900449113.JPG

A weekly wrap up of interesting news about virtual worlds, virtual goods and other social media.

 

 

 

 

A Senator Raises Privacy Questions About Cross-Device Tracking
Senator Edward J. Markey, Democrat of Massachusetts, said that tracking technologies such as cookies are giving way to more sophisticated methods for monitoring users.

Privacy Compliance:
Everything Old is New Again

Privacy regulations are sounding a lot like what compliance officers have had to do since the 2000s for anti-corruption efforts.

Debate Escalates Over Mugshot-Removal Outfits
Google Inc.’s recent programming change, moving people’s arrest mugshots much lower in search engine results, makes life harder for companies that charge individuals big bucks to remove their photos.

SoftBank Buys 51% of Finnish Mobile Game Maker for $1.5 Billion
The Japanese telecommunications giant SoftBank agreed to buy a 51 percent stake in the Finnish online game company Supercell for around $1.5 billion.

SEC Proposal Brings Crowdfunded Securities Closer to Reality
The expanded use of crowdfunding as a capital raising tool by start-ups and small businesses is closer to reality with proposed rules the Securities and Exchange Commission approved and put out for public comment.

True Beginnings splits from potential buyer
PlentyofFish Media Inc. has broken off a deal to acquire the assets of True Beginnings LLC’s online dating business, citing concerns over the members’ privacy.

 

 

Posted

Last Friday, California’s Governor Brown signed into law Assembly Bill 370. AB 370 amends California’s Business & Professions Code § 22575 to require an operator of a commercial Internet website or online service that collects personally identifiable information about consumers residing in California who use or visit its website or service to disclose how it responds to “do not track” signals or other mechanisms that provide consumers a choice regarding the collection of PII about the consumer’s online activities, and to disclose whether others may collect PII when a consumer uses the operator’s website or online service. For additional information, read California Internet Privacy Bill Signed by Governor, Effective Jan. 1.

For more information, read the Client Alert.

Posted

On August 29, 2013, Gov. Chris Christie signed New Jersey’s social media privacy law, making New Jersey the twelfth state to enact such laws governing employers.  (Various states have enacted similar laws governing institutions of higher education.) 

Christie’s signature ends an approximately year and a half long legislative process:  the bill was first introduced on May 10, 2012.  As discussed in prior posts on this blog (New Jersey Assembly Unanimously Passes Revised Social Media Bill, New Jersey Senate Unanimously Passes Revised Social Media Bill), the bill was conditionally vetoed by Christie in May of 2013, then passed again by the Assembly in May and the Senate in August.

New Jersey should be the last state to enact such a law until the various state legislatures begin their next sessions.  But with 24 states having proposed – but not enacted – social media laws in 2013, more can be expected in the future.

Posted

On August 19, 2013, the New Jersey Senate passed – by a vote of 36 to 0 – a revised bill barring employers from seeking access to employees’ social media accounts. The bill was previously approved by the New Jersey Assembly on May 20, 2013, as discussed in a prior post on this blog.

A prior version of the bill also passed both houses but was conditionally vetoed by Gov. Chris Christie, who expressed concerns about some of the bill’s employee-friendly provisions. Among Christie’s recommended changes was the removal of a private cause of action by employees.

The bill now awaits Christie’s signature. Though the legislature adopted all of the Governor’s recommendations, it remains to be seen whether Christie has additional concerns about the new law.

Posted

Jim Gatto, and James Chang recently published “Mobile Privacy Practices: Recent California developments indicate what’s to come” in the June issue of Computer Law Review International.

The use of mobile applications has seen huge growth in the past few years. As the use of apps become increasingly commonplace, social concerns such as the privacy of app users will increasingly need addressing. California is taking the lead in regulating this important issue. For more information, including an overview of mobile privacy, a summary of California’s stance on how to address the issue, an overview of the state’s principles regarding privacy, its best tips for complying with its principles, and an examination of the privacy related laws outside of California, please read the full article: Mobile Privacy Practices: Recent California developments indicate what’s to come.

Posted

On May 21, 2013, Washington’s governor signed a new law protecting employee social networking accounts.

The new law, which goes into effect on July 28, 2013, prevents employers from requesting, requiring or coercing an employee or applicant to disclose login information for the employee’s personal social networking account. Employers also may not ask employees to access such accounts in the employer’s presence; add the employer to the employee’s contacts; or alter third party access settings. Work-related accounts and devices paid for or supplied by the employer are exempt.

If an employer inadvertently receives login information, it is not liable for possessing the information but may not use it to access the employee’s account.

Importantly, employers may still:

  • Comply with the requirements of state or federal law;
  • Conduct investigations to comply with laws against work-related employee misconduct based on receiving information about the employee’s activity; and
  • Conduct investigations based on receiving information about the unauthorized transfer of proprietary or confidential information or financial data.

The law creates a private cause of action for employees and applicants. Prevailing plaintiffs may be awarded equitable relief, actual damages, a $500 penalty, and reasonable attorneys’ fees and costs. However, a court may also award reasonable expenses and attorneys’ fees to a prevailing defendant if the judge determines that the action was frivolous and without reasonable cause.

Washington joins Maryland, Illinois, California, Michigan, Utah, Arkansas, and Colorado in enacting such laws. New Mexico has enacted similar legislation, but it prohibits access only to the accounts of prospective employees.

To read more about this law, see Substitute Senate Bill 5211.