How much privacy protection are your stored emails and texts hosted by third parties, such as Hotmail or Yahoo, entitled to? In the United States, the privacy of such communications is governed by a federal statute called the Electronic Communications Privacy Act (“ECPA”) and, in particular, a subsection of the ECPA called the Stored Communications Act (the “SCA”). The SCA prohibits an unauthorized person from intentionally (1) accessing a “facility through which an electronic communication service is provided,” or (2) exceeding “an authorization to access that facility”, and thereby obtaining, altering or preventing authorized access to, an electronic communication.
Jan 03
Privacy Class Action Suit Against Google Dismissed
In early 2012, Google created a stir by rolling out a new privacy policy that covers many of its products. It was widely noted at the time – in the media, the blogosphere, and by Google itself– that the new policy permitted Google to combine the data it had collected from users of its various products (e.g., YouTube, search, and Gmail), rather than maintain that data in separate databases associated with each product. Class action lawsuits quickly followed.
Dec 17
Google Sued for Scanning Emails Sent to Gmail Accounts
For years, it has been widely acknowledged that Google, Inc. (“Google”) scans incoming and outgoing e-mails associated with individual Gmail accounts in order to deliver targeted advertising to Gmail account holders. While Gmail subscribers may have consented to e-mail scanning when they signed up for Google’s services, many non-subscribers that have sent e-mails to Gmail account holders never directly authorized Google to scan the contents of those communications. Now, a new class action lawsuit filed in Pennsylvania by a non-Gmail subscriber raises the question of whether Google’s practices, and potentially those of other online services and companies that review or monitor online communications of various kinds, violate various individual state laws that prohibit interception of electronic communications without the consent of all parties to a communication.
Nov 30
U.S. District Court Approves $22.5 Million Dollar Settlement Between FTC and Google
On November 16, 2012, the District Court for the Northern District of California issued an order approving a proposed settlement between the Federal Trade Commission (“FTC”) and Google, Inc. (“Google”). The settlement represents the largest fine for violation of a consent order in FTC history, according to a statement by the FTC.
Nov 20
California Issues Privacy Policy Warnings to App Developers
On October 30, 2012, the California Attorney General’s office issued a press release stating that formal notices of noncompliance with the California Online Privacy Protection Act were being issued to up to 100 mobile app developers and companies. The Attorney General’s letters, a sample version of which is available here notified addressees that they violated California’s privacy law by collecting personally identifiable information from consumers without first posting their privacy policies conspicuously and in a way that is reasonably accessible to consumers. Companies that fail to correct the noncompliance within 30 days after being notified could face fines of up to $2,500 for each download of a noncompliant app. This enforcement action follows a Joint Statement of Principles wherein seven major app and social platforms (Amazon, Apple, Facebook, Google, Hewlett-Packard, Microsoft, and Research in Motion) committed to taking steps to enhance consumer privacy, as we discussed previously here.
Adam Nelson
Legal Intern
Nov 07
Twitter Changes DMCA Takedown Policy
On November 2, 2012, Twitter’s legal policy manager announced (via Tweet) that it changed its response policy to takedown requests pursuant to Section 512 of the Digital Millennium Copyright Act (“DMCA”). Whereas Twitter previously removed allegedly infringing material (such as Tweets or posted media) identified in a DMCA takedown request without providing any notice to viewers, the company will now mark withheld Tweets and other media with a “Tweet Withheld” or similar message. Practically speaking, this means that Tweets that are the subject of takedown requests will not simply disappear from display to viewers, but instead will be replaced with a message such as “This Tweet from @username has been withheld in response to a report from the copyright holder.” Twitter’s stated purpose for implementing this policy change is to increase transparency regarding the removal or restriction of access to user posted content.
Nov 05
FTC Recommends Best Practices For Using Facial Recognition Technology
In an effort to stay ahead of the technology curve, the Federal Trade Commission (the “FTC”) recently issued a staff report on advertisers’ use of facial recognition technology (“FRT”).
Oct 23
Ninth Circuit Rules Against Best Buy in Automated Calling Class Action
On October 17, 2012, the Ninth Circuit Court of Appeals ruled against Best Buy Stores, L.P. (“Best Buy”) in the class action suit Chesbro v. Best Buy Stores, L.P., No. 11-35784 (9th Cir. Oct. 17, 2012). Reversing the district court’s grant of summary judgment in favor of Best Buy, the Ninth Circuit held that the electronics chain’s automated calling practices associated with its “Reward Zone Program” violated the Telephone Consumer Protection Act of 1991 (“TCPA”) and its state analogue the Washington Automatic Dialing and Announcing Device Act (“WADAD”).
Oct 19
California Law Limits Employer Access to Employee Social Media
California Governor Jerry Brown has signed into law a bill which largely prevents employers from obtaining information from employees and job applicants about their social media activities. The new law will prevent an employer from requiring an employee to (1) disclose a username or password to the employee’s personal social media; (2) access personal social media in the presence of the employer; or (3) divulge any personal social media unless the divulgence is reasonably related to an investigation of employee misconduct or employee violation of applicable laws. The new law also prohibits employer retaliation against an employee who refuses to comply with an employer request that violates the law’s provisions.
Recent Comments