The New York State Commission on Judicial Conduct’s warning to judges about their use of social media was prompted by this case in which a St. Lawrence County town judge used Facebook to criticize the prosecution of a town council candidate.
Socially Aware editors John Delaney and Aaron Rubin will be in Austin, Texas for SXSW Interactive from March 10th to March 15th . They plan to “live tweet” a number of the presentations via our @MoFoSocMedia Twitter account. If you will be in Austin for SXSW Interactive, please give us a shout!
If your company collects information regarding consumers though Internet-connected devices, you will want to take note of the Federal Trade Commission’s (FTC) recent privacy-related settlement (brought in conjunction with the New Jersey Attorney General) with smart TV manufacturer Vizio, Inc. The settlement is significant for four reasons:
The FTC reinforces the position it has taken in other actions that the collection and use of information in a way that would surprise the consumer requires just-in-time notice and choice in order to avoid a charge of deception and/or unfairness under Section 5 of the FTC Act.
The FTC takes the position that television viewing activity constitutes sensitive data. This marks a departure from its approach of limiting sensitive data to information that, for example, can facilitate identity theft, precisely locate an individual, is collected online from young children or relates to matters generally considered delicate (such as health information).
The settlement includes a payment of $1.5 million to the FTC (as well as payment of civil penalties to New Jersey), but the legal basis for the FTC payment is not stated. This could suggest that the FTC will more aggressively seek to obtain injunctive monetary relief in Section 5 cases.
Acting Chairwoman Maureen Ohlhausen explicitly noted in a concurring statement her skepticism regarding both the allegation that TV viewing data is “sensitive” and that the FTC’s complaint adequately established that the practices at issue constitute “substantial injury” under the unfairness prong of Section 5.
Leaving aside what the chairwoman’s concurrence may portend for future enforcement efforts, the FTC again seems to be using allegedly bad facts about privacy practices to push the envelope of its authority. Accordingly, with the Internet of Things boom fueling a dramatic increase in the number of Internet-connected devices, companies that either collect information via such devices or make use of such collected information should consider the implications of this enforcement action.
New York City’s Conflicts of Interest Board has issued guidelines prohibiting elected officials from using official social media accounts for political purposes or having their staff draft content for their personal social media accounts.
In a major development for cloud and other data storage providers, and further complicating the legal landscape for the cross-border handling of data, a Federal Magistrate Judge in the Eastern District of Pennsylvania ruled for the Department of Justice and ordered Google, Inc., to comply with two search warrants for foreign-stored user data. The order was issued on February 3, 2017 pursuant to the Stored Communications Act, (SCA), and the reasoning of the Court rested heavily on the court’s statutory analysis of the SCA. The ruling is a marked departure from a recent, high-profile Second Circuit decision holding that Microsoft could refuse to comply with a similar court order for user data stored overseas.
The SCA regulates how service providers like Google and Microsoft who store user data can disclose user information. The Magistrate Judge issued two warrants under the SCA for emails sent from Google users in the United States to recipients in the United States. Google refused to fully comply, invoking Microsoft, and the Government moved to compel. In its briefing, Google argued that the SCA can only reach data stored in the United States and that, because Google constantly shuffles “shards” of incomplete user data between its servers across the world, Google could never know for certain what information is stored domestically and what is stored overseas. Therefore, Google argued, the data sought under the warrants was beyond the reach of the SCA. Continue Reading
Can the mere offering of a mobile app subject the provider of such app to the privacy laws of countries in the European Union (EU)—even if the provider does not have any establishments or presence in the EU? The answer from the District Court of The Hague to that question is yes. The court confirmed on November 22, 2016, that app providers are subject to the Dutch Privacy Act by virtue of the mere offering of an app that is available on phones of users in the Netherland, even if they don’t have an establishment or employees there.
Context. EU privacy laws generally apply on the basis of two triggers: (i) if a company has a physical presence in the EU (in the form of an establishment or office or otherwise) and that physical presence is involved in the collection or other handling of personal information; or (ii) if a company doesn’t have a physical presence but makes use of equipment and means located in the EU to handle personal information.
Well over a year after holding a workshop addressing privacy issues associated with cross-device tracking, Federal Trade Commission (FTC) staff have issued a report. The report sets the stage by describing how cross-device tracking works, noting its “benefits and challenges,” and reviewing (and largely commending) current industry self-regulatory efforts.
The report also makes recommendations, which—while building upon the staff’s traditional themes of transparency and choice—do not introduce any materially new suggestions for compliance.
The staff’s recommendations do not have the force of law, but they do indicate the steps that the staff believes a company should take in order to avoid a charge of unfairness or deception under Section 5 of the FTC Act.
A Quick Review of Cross-Device Tracking
As more consumers utilize multiple devices in their daily lives, more and more companies are using new technologies to attempt to ascertain that multiple devices are connected to the same person. This is generally done through the use of either deterministic information (e.g., by recognizing a user through the log-in credentials he or she uses across different devices) or probabilistic information (i.e., by inferring that multiple devices are used by the same person based on information about the devices, such as IP address, location, and activities on the devices).
In the wake of a successful social media conference in San Francisco, Socially Aware co-editors John Delaney and Aaron Rubin are revved up and ready to chair (John) and present (Aaron and John) at another Practicing Law Institute (PLI) 2017 Social Media conference! This one will be held in New York City on Wednesday, February 15, and will be webcasted.
Attendees and webcast listeners will learn how to leverage social-media-marketing opportunities while minimizing their companies’ risks from entirely new panels of industry experts, lawyers and regulators.
Topics to be addressed will include:
Key developments shaping social media law
Emerging best practices for staying out of trouble
Risk mitigation strategies regarding user-generated content and online marketing
Legal considerations regarding use of personal devices and other workplace issues
Other special features of the conference include:
Regulators panel: guidance on enforcement priorities for social media and mobile apps
In-house panel: practical tips for handling real-world issues
Potential ethical issues relating to the use of social media by attorneys
The conference will end with a networking cocktail reception—a great way to meet others who share your interest in social media, mobile apps and other emerging technologies.
Don’t miss this opportunity to get up-to-date information on the fast-breaking developments in the critical area of social media and mobile apps so that you can most effectively meet the needs of your clients.
For more information or to register, please visit PLI’s website here. We hope to see you there!