At the end of August, the California passed an amendment to the California Online Privacy Protection Act that will require commercial websites and services that collect personal data to disclose how they respond to Do Not Track signals from Web browsers.

AB 370, as introduced by California Assemblyman Al Muratsuchi, requires a business that discloses a customer’s personal information to a third party for direct marketing purposes to provide the customer, within 30 days after the customer’s request, as specified, in writing or by e-mail the names and addresses of the recipients of that information and specified details regarding the information disclosed.

This bill, available here, would declare the intent of the Legislature to enact legislation that would regulate online behavioral tracking of consumers.


Over the last few years privacy, and the lack of comprehensive protection, have made numerous headlines. From overly inquisitive mobile applications that fail to disclose how cell photo data is accessed and shared (Path) to handset manufacturers failures to properly inculcate privacy in the design and manufacturing process (HTC) to security lapses at government databases resulting in exposure of sensitive personal information (South Carolina), consumers, regulators and legislators are waking up to privacy issues.

Recent developments highlight the trend in Privacy

In the U.S. we lack a single comprehensive privacy law, although many state and federal laws address various aspects of collecting, storing and sharing personal information. In the absence of a single, over-arching, mandate, legislators and regulators are stepping into fill at perceived need.

GPS, Location & Privacy

The Geolocation Privacy and Surveillance (GPS) Act addresses use of location data by law enforcement. The bill (not yet law) requires police to obtain a warrant based on probable cause whenever it seeks “location information.” Unfortunately, the term “location information” is very broadly defined, does not distinguish requests for access based on the level of precision, time period, or whether the information is for past or future conduct.

Proposed Federal Privacy Standards

Two bills introduced this year aim to create a baseline level of privacy protection at the federal level. John Kerry (D-MA) and Sen. John McCain (R-AZ) introduced S. 799, the Commercial Privacy Bill of Rights Act of 2011, to create a regulatory framework for the comprehensive protection of personal data for individuals, enforceable by the Federal Trade Commission (FTC). Similarly, Rep. Cliff Stearns (R-FL) is promoting a Consumer Privacy Protection Act (H.R.1528), directed at consumers and focused on restricting the sale or disclosure of personal information.

FTC Protects Privacy Under Mantle of Consumer Protection

As a result of alleged data security failures that led to three data breaches at Wyndham hotels in less than two years, the Federal Trade Commission filed suit against hospitality company Wyndham Worldwide Corporation. The case against Wyndham is part of the FTC’s ongoing efforts to make sure that companies live up to the promises they make about privacy and data security.

Wyndham’s web site privacy policy claimed that, “We recognize the importance of protecting the privacy of individual-specific (personally identifiable) information collected about guests, callers to our central reservation centers, visitors to our Web sites, and members participating in our Loyalty Program …”

The FTC complaint alleges that Wyndham failed to maintain adequate and industry standard security measures by storing credit-card information in unencrypted format, allowing servers to remain unpatched, and failing to use firewalls.

The FTC alleges that these failures led to fraudulent charges on consumers’ accounts, millions of dollars in fraud loss, and the export of hundreds of thousands of consumers’ payment card account information to an Internet domain address registered in Russia.

Most notably, the lawsuit will test whether the Federal Trade Commission has the jurisdiction to compel companies to provide a certain level of cybersecurity in order to safeguard consumer personal information.

Privacy Remains Top Concern

Many companies across many industries, financial services, higher education and healthcare, just to name a few, are facing a wide range of security and privacy concerns, scrambling to implement A defensible security framework and demonstrate compliance. It’s alarming, considering the significant consequences associated with not complying.

Organizations can lose contracts, customers and their reputation. That could put some out of business.

Compliance Preparation & Best Practices

Large organizations can spend many months and millions of dollars on compliance. Your business need not go to such extremes. To prevent getting caught by surprise and to prepare for the compliance journey, I’ve listed below some suggested best practices.

Periodic risk assessments. Evaluate potential damage and disruption caused by unauthorized access, use, disclosure, modification, or destruction of data or systems.

Policies and procedures. Incorporate procedures for detecting, reporting, and responding to security incidents, as well as business continuity plans.

Standardize. Set standards of acceptable information security for networks, facilities, and information systems.

Train Employees. Awareness training for employees, contractors, and other users of information systems is critical. Articulate the security risks associated with activities and define users’ responsibility for complying with policies and procedures.

Test & Evaluate. Periodic assessment of the effectiveness of information security policies, procedures, practices, and controls helps determine weak spots. At a minimum they should be conducted annually, according to Ford.

Respond & Repair. Have a pre-defined process for planning, implementing, evaluating, and documenting remedial actions designed to address legal, PR, HR and related risks in the event of a breach.

THIS IS NOT LEGAL ADVICE. The procedures outlined above are merely suggestions and there is no guarantee that implementation will reduce risk or mitigate liability.

Please contact Leavens, Strand, Glover & Adler at 866-734-2568 for a free consultation to learn how LSGA can help meet your specific needs.

REGULATORY COMPLIANCE
17a-4 llc Provides Free Social Media Capture Service
Virtual-Strategy Magazine

By using a hosted version of 17a-4’s DataParser for Social Media schools, financial institutions, government agencies and other regulated institutions can now avail themselves of this free option to capture social media public profiles and other web content into their email archive. (PRWEB) July 24, 2012 … Most regulated institutions have archival systems in place to support the monitoring of textual content, the retention of the data, and the facilities to run legal holds and e-Discovery productions.

SOCIAL MEDIA E-DISCOVERY
Personal Injury Attorney Social Media Marketing Program Offered by Social Media

July 22, 2012 – Social media agency Maximize Social Media LLC announced its social media marketing program today for personal injury attorneys, providing needed support to law firms nationwide.

Mid-Year Report: Legal Cases Involving Social Media Rapidly
As part of our ongoing effort to monitor legal developments concerning social media evidence, we again searched online legal databases of state and federal agencies.

HOT TOPICS IN AUSTRALIAN SOCIAL MEDIA & THE LAW
Get a new perspective on social media
Dynamic Business

Join us after work on 1 August at the Vibe Hotel in Sydney’s Milsons Point to hear from super connector Iggy Pintado, Switched On Media’s head of social media Hannah Law, and Amelia Zaina, director of Small Business Services at American Express.

YOUTH LEADERSHIP IN SOCIAL MEDIA
The So-Called Arrogance of Gen Y Social Media Managers
Business Insider

So if she had just toned it down a bit, perhaps suggesting that younger people shouldn’t be ruled out for their youth, or that age and experience are different qualifiers in the context of social media, I might actually agree with her. What I believe, firmly, is that the 25-year-old should not be excluded from leadership.

SOCIAL MEDIA USE BY LAW ENFORCEMENT
LAwS Communications Announces ConnectedCOPS Awards Finalists
PR Web (press release)

Quote start The ConnectedCOPS Awards were created with the intent of recognizing the great work being done with social media in six categories, by individual sworn officers and law enforcement agencies.

Officer’s Facebook post sparks uproar
Detroit Free Press

A 2011 survey of 800 law-enforcement agencies conducted by the International Association of Chiefs of Police found that 88 percent of the agencies used social media, mostly for investigations. Almost half of those agencies have a social media policy.

Role of Social Media in Law Enforcement Significant – LexisNexis

LexisNexis® Risk Solutions today announced the results of a comprehensive survey focused on the impact of social media on law enforcement.

SOCIAL MEDIA AND CYBERSECURITY
Workplace Diversity, Social Media Implications, Cybersecurity
CHICAGO, July 19, 2012 — Ensuring a diverse and inclusive workplace, the implications of social media on law practice and privacy, cybersecurity, and access.

Newsmakers Q&A | Law slow to address workers’ social-media privacy
Columbus Dispatch

Colorado shooting: Public calls on Christian Bale to swoop in
Los Angeles Times

July 21, 2012, 12:04 p.m.. People are calling upon the caped crusader in the wake of the Colorado theater shooting with the 21st century bat signal: social media.

Afghan social media war steps up with new campaign
Reuters UK

And with the government mulling a media law to tighten its grip over the fledgling but lively Afghan press corps, Nai hoped social media could help safeguard political and social freedoms, as occurred during the wave of uprisings across the Middle East.

A social media win on merger
Philadelphia Inquirer

It’s a bracing lesson, on a local stage, in the power of social media to create community around an issue and ratchet up pressure on key players – in this case, the members of the Abington board and its president and CEO, Laurence Merlis. “It’s amazing to me just how fast word spread,” …. A community-conscious and activist community, with a high concentration of concerned, committed people who work in industries such as law, medicine, public relations, and journalism.

Valley reacts via social media regarding Colorado shooting
KGBT-TV

Once new information began streaming in about the shooting, over 100 viewers began responding to the Action 4 News Facebook page and Twitter feed. As the day progressed, over 500 comments came into valleycentral.com andAction 4 social media

Media Wise Parents to the rescue
Windsor This Week
Media Wise Parents helps parents, educators and churches become more aware with social media and the internet. Tweet · Bookmark and … It’s certainly in my background with law and marketing, it’s always something that interests me.

We Want To Hear From You: Take This Two-Minute Social Media Survey
Business Insider

This Is The Gun Used In The Colorado Shooting That Everyone Can’t Believe Is Actually Legal

In Focus: Social Media & Law Enforcement

Busted! Police Turn to Social Media to Fight Crime
CNBC.com (blog)

Law enforcement is taking to social media because criminals are changing their behavior and using social media to facilitate crime. In response, law enforcement officials are using it to track down criminals and as a predictive policing tool, said Haywood.

Role of Social Media in Law Enforcement Significant and Growing
Business Wire (press release)

WASHINGTON–(BUSINESS WIRE)–LexisNexis® Risk Solutions today announced the results of a comprehensive survey focused on the impact of social media on law enforcement in criminal investigations.

Police Make Wide Use Of Social Tools
InformationWeek (blog)

The survey, of more than 1200 law enforcement professionals with federal, state, and local agencies, found that 83% of the respondents are using social media, particularly Facebook and YouTube, to further their investigations.

Crime Busters Embrace Social Media
BusinessNewsDaily

It’s not just prospective customers, partners or employers who may be scanning the social media landscape to glean information about you and your organization. The long arm of the law has joined the party as well, a new survey shows.

How Law Enforcement Is Using Social Media (Infographic)
Law enforcement officials are using social media to solve crimes and will continue to do so in greater numbers. In an online survey conducted by LexisNexis Risk Solutions, four out of five law enforcement officials used social media.

CeBit 2012: Social media a legal minefield
Computerworld Australia

Government agencies looking to make greater use of social media and other collaboration tools face a raft of legal issues with the potential to sink efforts to better connect government and the public.

Unfiltered Orange | Weekly eDiscovery News Update – May 23, 2012
JD Supra

File-Sync-and-Share for Enterprises -bit.ly/KrIZmE
Should Active Directory Upgrade be Required in Exchange 15? bit.ly/Mkk4I9
Social Media Legal Best Practices: Problems and Solutions with Photo Uploading and Tagging …

The ‘7 Dirty Words’ Turn 40, but They’re Still Dirty
The Atlantic

They still resonates today, maintaining a perfect five-star rating among iTunes customers.
“I always thought it was a wrong-headed decision, one that really made hash of the First Amendment with respect to the broadcast media,” says Floyd Abrams, one of the foremost legal authorities on the First Amendment.

#Fashionlaw USA Network in Partnership With MR PORTER.COM Brings to Life the Stylish World
Sacramento Bee

USA Network will additionally support the partnership via on-air, online, VOD, paid media (including a special insert in the July issue of Vanity Fair) and in-show integration and messaging. All will compliment USA’s massive multi-pronged marketing.

Regional bloggers on both sides of political fence say robust online debate is not uncivil.
Grand Forks Herald

“People are creating a media (with blogs and other social media) they’re not getting from traditional media,” Nodland said. “Maybe it’s a little crude, hard-hitting … and traditional media fear it.”

DocStoc Launches 30 Free Apps to Help Small Business Owners Grow Their Businesses
San Francisco Chronicle (press release)

App highlights: http://www.docstoc.com/apps/ Social Media for Business: This app will explain how can you leverage social media to get an edge. How to Get a Job Interview: This app is a complete blueprint for landing your dream job.

Congress Advances Bill To Protect Cell Phone Users’ Privacy
Forbes

The Supreme Court showed unanimity in its discomfort with electronically tracking people without a warrant in its GPS tracking decision in January. But as conveyed by the justices’ written opinions, the splintered reasoning behind rebuking the practice of placing a geo-tracking device on someone’s car without a warrant laid bare the disconnect between how far our technology has come and the outdated privacy protection laws that are struggling to keep pace.

Location Bill Would Slow Down Investigations, Officials Say
PC Magazine

At issue is the Geolocation Privacy and Surveillance (GPS) Act. Different jurisdictions have issued conflicting rulings about how to handle location-based data.

Police Efforts to Ban Citizen Taping Beaten Back by Obama’s DOJ
DailyTech

Cell phone data grabbing, GPS tracking, “national security letters”. Law enforcement argues that accountability via taping violates officers rights to privacy. ACLU disagrees.

Cops, ACLU clash over GOP bill tracking mobile phones
The Hill

The Geolocation Privacy and Surveillance Act, sponsored by Reps. … if a grand jury prosecutor could subpoena historical GPS data in an investigation, …

Follow

Get every new post delivered to your Inbox.

Join 3,111 other followers

%d bloggers like this: