The Contra Costa Times is reporting that a California Highway Patrol
officer has been "accused of stealing nude photos from a DUI suspect's phone" and "that he and his fellow officers have been trading such
images for years." This behavior is not only very troubling, it may violate multiple federal and state computer theft laws and may even trigger California's revenge porn statute.
The Contra Costa Times further states, "[i]n the search warrant
affidavit [for the matter], senior Contra Costa district attorney inspector Darryl
Holcombe wrote that he found probable cause to show both CHP officers
Harrington and Hazelwood and others engaged in a "scheme to unlawfully
access the cell phone of female arrestees by intentionally gaining
access to their cell phone and without their knowledge, stealing and
retaining nude or partially clothed photographs of them."
This alleged behavior demonstrates why the Riley v. California case is so important. In that matter, the U.S. Supreme Court held 9-0 that the police generally need a warrant before searching cell phones and electronic devices of those arrested. All of the facts of this case have not yet been proven so it is difficult to determine exactly in what manner the victims had their phones searched and their personal images stolen and forwarded to others.
Johns Hopkins Hospital recently paid $190 million dollars to settle a matter where a doctor had taken thousands of nude photos of patients without their consent. In that case, there was no evidence the photos had been shared. However, in this case, court documents allege that images had been shared. Therefore, the Johns Hopkins Hospital $190 million dollar settlement may be a benchmark for any potential settlement.
In general, many organizations need to do a better job of training their employees about digital usage and legal matters. Here, since those who are accused of wrong doing are police officers they should have known that their alleged behavior may violate multiple state and/or federal laws.
Copyright 2014 by Shear Law, LLC. All rights reserved.
To inform about the legal, business, privacy, cyber security, and public policy issues that confront those who utilize digital platforms.
Pages
▼
Monday, October 27, 2014
Friday, October 17, 2014
TV Show Scandal Sex Tape Episode and Sextortion
The TV show Scandal contains the type of story lines needed for a successful television program: sex, scandals, beautiful people, politics, power, money, etc.... According to Wikipedia, the plot centers around, "Olivia Pope (Kerry Washington) [who] is a former White House Communications Director for the President of the United States who has left to start her own crisis management firm, Olivia Pope & Associates. Olivia has decided to dedicate her life to protecting the public images of the nation's elite but is finding that no matter how hard she tries, she cannot leave parts of her past behind."
Last night's episode centered around the President's daughter slipping her Secret Service detail and doing drugs and creating a threesome sex tape with a couple of boys/young men she has never met before having sex with them. Olivia Pope's team was called into action and asked to do what was necessary to delete the photos and avoid a scandal for the First Family.
Olivia's employees utilize social media and what may be considered NSA tactics combined with good old fashion detective work to track down the boys/young men who had sex with the president's daughter and then filmed it. As the episode progresses, it appears that the president's daughter was targeted because the parents of one of the boys/young men demand $2.5 million dollars to turn over all copies of the embarrassing sex tape.
The fictional parents live near my office in Bethesda and sound as though they were already very well off. After Olivia has received the authority to pay $2.5 million dollars to ensure that the video and all copies are destroyed, the parents demand an additional $500,000. This angers Olivia and she turns the tables on the black mailers and threatens to ruin them due to their despicable behavior. The bottom line is that the sex tape is destroyed and it appears that no blackmail money was paid.
Digital black mail has been a troubling growing trend. As USA Today reported earlier this year, the crime of sextortion against children is an epidemic. Once content has been put into a digital format, texted, and uploaded to the cloud it is very difficult to delete. Even technology experts are not sure if content uploaded online can be deleted.
While Scandal is a fictitious television program, some of the story lines are based upon real events. Not everyone has the resources available to clean up a sex tape incident. Even celebrities who may have the money to make a sex tape "disappear" are unable to protect themselves from a sex tape scandal.
The bottom line is that it is imperative to protect your privacy at all times. You never know who may use their cell phone or other digital device as a digital extortion weapon.
Copyright 2014 by Shear Law, LLC. All rights reserved.
Last night's episode centered around the President's daughter slipping her Secret Service detail and doing drugs and creating a threesome sex tape with a couple of boys/young men she has never met before having sex with them. Olivia Pope's team was called into action and asked to do what was necessary to delete the photos and avoid a scandal for the First Family.
Olivia's employees utilize social media and what may be considered NSA tactics combined with good old fashion detective work to track down the boys/young men who had sex with the president's daughter and then filmed it. As the episode progresses, it appears that the president's daughter was targeted because the parents of one of the boys/young men demand $2.5 million dollars to turn over all copies of the embarrassing sex tape.
The fictional parents live near my office in Bethesda and sound as though they were already very well off. After Olivia has received the authority to pay $2.5 million dollars to ensure that the video and all copies are destroyed, the parents demand an additional $500,000. This angers Olivia and she turns the tables on the black mailers and threatens to ruin them due to their despicable behavior. The bottom line is that the sex tape is destroyed and it appears that no blackmail money was paid.
Digital black mail has been a troubling growing trend. As USA Today reported earlier this year, the crime of sextortion against children is an epidemic. Once content has been put into a digital format, texted, and uploaded to the cloud it is very difficult to delete. Even technology experts are not sure if content uploaded online can be deleted.
While Scandal is a fictitious television program, some of the story lines are based upon real events. Not everyone has the resources available to clean up a sex tape incident. Even celebrities who may have the money to make a sex tape "disappear" are unable to protect themselves from a sex tape scandal.
The bottom line is that it is imperative to protect your privacy at all times. You never know who may use their cell phone or other digital device as a digital extortion weapon.
Copyright 2014 by Shear Law, LLC. All rights reserved.
Thursday, October 16, 2014
Will The FTC Soon Investigate Whisper For Deceptive Privacy Promises?
Will the Federal Trade Commission soon investigate the app Whisper for false and misleading privacy promises? The Guardian recently reported some very troubling allegations about Whisper that if true lead me to believe that the app may soon be contacted by the Federal Trade Commission to fully explain the matter.
According to The Guardian, Whisper "is tracking the location of its users, including some who have specifically asked not to be followed." This may be a violation of Article 5 of the FTC Act regarding unfair and deceptive trade practices. Earlier this year, the FTC alleged that Snapchat, "deceived consumers over the amount of personal data it collected and the security measures taken to protect that data from misuse and unauthorized disclosure....According to the FTC’s complaint, Snapchat made multiple misrepresentations to consumers about its product that stood in stark contrast to how the app actually worked."
Whisper's actions after learning that The Guardian was about to publish its story are very disturbing. For example, according to The Guardian, after learning about the upcoming story Whisper rewrote its terms of service to "explicitly permit the company to establish the broad location of people who have disabled the app’s geo-location feature." In addition, The Guardian reported that Whisper recently changed its privacy policy from it “is committed to protecting your privacy and the security of personally identifying information” to “our goal is to provide you with a tool that allows you to express yourself while remaining anonymous to the community."
Whisper's terms of service and privacy policy govern its relationship with its users. Whisper's response to The Guardian's allegations do not appear to address why its terms of service and privacy policy were changed. Are these changes an acknowledgement that Whisper has been making unfair and deceptive privacy promises about its app?
Copyright 2014 by Shear Law, LLC. All rights reserved.
According to The Guardian, Whisper "is tracking the location of its users, including some who have specifically asked not to be followed." This may be a violation of Article 5 of the FTC Act regarding unfair and deceptive trade practices. Earlier this year, the FTC alleged that Snapchat, "deceived consumers over the amount of personal data it collected and the security measures taken to protect that data from misuse and unauthorized disclosure....According to the FTC’s complaint, Snapchat made multiple misrepresentations to consumers about its product that stood in stark contrast to how the app actually worked."
Whisper's actions after learning that The Guardian was about to publish its story are very disturbing. For example, according to The Guardian, after learning about the upcoming story Whisper rewrote its terms of service to "explicitly permit the company to establish the broad location of people who have disabled the app’s geo-location feature." In addition, The Guardian reported that Whisper recently changed its privacy policy from it “is committed to protecting your privacy and the security of personally identifying information” to “our goal is to provide you with a tool that allows you to express yourself while remaining anonymous to the community."
Whisper's terms of service and privacy policy govern its relationship with its users. Whisper's response to The Guardian's allegations do not appear to address why its terms of service and privacy policy were changed. Are these changes an acknowledgement that Whisper has been making unfair and deceptive privacy promises about its app?
Copyright 2014 by Shear Law, LLC. All rights reserved.
Monday, October 13, 2014
United Kingdom To Criminalize Revenge Porn
This summary is not available. Please
click here to view the post.
Tuesday, October 7, 2014
Significant Tech Players Absent from Student Privacy Pledge
According to The
New York Times, the enactment of a new California
student privacy law (SB 1177) that restricts
how "education technology companies can use the information they collect
about elementary through high school students" has led "a group of
leading industry players...[to] pledg[e] to adopt similar
data protections nationwide." Some
of the companies that have agreed to sign the pledge include: Amplify, Edmodo,
Houghton Miflin Harcourt, and Microsoft.
• Not sell student information
• Not behaviorally target advertising
• Use data for authorized education purposes only
• Not change privacy policies without notice and choice
• Enforce strict limits on data retention
• Support parental access to, and correction of errors in, their children’s information
• Provide comprehensive security standards
• Be transparent about collection and use of data
Apple, Pearson, Khan Academy, and Google's absence from this initiative is very concerning. Several weeks ago, Apple took a shot at Google regarding Google's privacy policies and data mining/profiling practices. This occurred soon after email evidence was uncovered that appear to indicate major improprieties during the contracting process that awarded both Apple and Pearson multi-million dollar educational technology contracts in the Los Angeles Unified School District.
Google's lack of transparency on student privacy issues and its refusal to participate in an industry backed student privacy initiative that was created by two organizations it supports should be of great concern to any parent whose school has adopted Google Apps For Education. According to Google's Apps For Education website, it has a massive footprint in the education space. More than 30 million students, faculty members, and staff utilize its platform.
Unfortunately for education users, their privacy is still governed by Google's standard Consumer Privacy Policy that allows for all emails and metadata collected to be data mined to create user profiles for non-educational commercial purposes. The Consumer Privacy Policy that covers Google's educational offerings is the same one that a German data protection authority (privacy regulator) recently ruled violates EU data protection (privacy) laws. Shouldn't U.S. school children be afforded the same privacy protections as German citizens?
As a parent, lawyer, and user of Apple, Pearson, Khan Academy, and Google's products/services, I am very troubled by their refusal to sign an industry created Pledge to better protect student privacy. If these companies are not willing to change their data collection and usage practices, their privacy policies, and agree to the sign the Pledge can we trust them with our children's most personal information?
The Pledge is a
positive step in the right direction. Representatives
Jared Polis of Colorado and Luke Messer of Indiana worked with the Future of
Privacy Forum and the Software & Information Industry Association on this important
bipartisan matter. According to Studentprivacypledge.org,
The Pledge will make clear that school service providers are accountable to:
• Not sell student information
• Not behaviorally target advertising
• Use data for authorized education purposes only
• Not change privacy policies without notice and choice
• Enforce strict limits on data retention
• Support parental access to, and correction of errors in, their children’s information
• Provide comprehensive security standards
• Be transparent about collection and use of data
This
initiative is an acknowledgement that some education technology providers are intentionally
putting student privacy and safety at risk due to invasive and non-transparent data
mining and student profiling practices. Education
Week and Politico's
in-depth investigative reports on the industry demonstrates the need for greater
accountability, transparency, and regulatory enforcement to protect our children.
Apple, Pearson, Khan Academy, and Google's absence from this initiative is very concerning. Several weeks ago, Apple took a shot at Google regarding Google's privacy policies and data mining/profiling practices. This occurred soon after email evidence was uncovered that appear to indicate major improprieties during the contracting process that awarded both Apple and Pearson multi-million dollar educational technology contracts in the Los Angeles Unified School District.
Politico's
student data mining report found that Khan Academy students allegedly trade
their privacy for free tutoring. Only
after Politico
"inquired about Khan Academy’s privacy policy, which gave it the right to
draw on students’ personal information to send them customized advertising,"
was the policy "completely rewritten."
Google's
refusal to sign the Pledge is most troubling because it may indicate it is still
scanning student emails for advertising purposes and it creates student
profiles for non-educational commercial purposes. Soon after Education Week reported that Google
was scanning student emails for advertising purposes, Google publicly
announced it would stop
the unethical and illegal practice; however, it refused to state whether it was
creating student profiles for commercial and/or other non-educational purposes.
When
Education
Week contacted Google last week about its position on California's new
student privacy law, Google declined to clarify whether it scans student email
messages sent using its Apps for Education
platform to build student user profiles that may be utilized for
non-educational commercial purposes. Google's
refusal to emphatically deny it scans student emails to create student user
profiles may indicate that it is violating the 2011
FTC-Google Buzz Agreement, and/or its 2013
multi-state Attorney Generals Street View Project Agreement.
As
The
New York Times stated, "although the pledge is not legally binding,
companies that violate their own public representations on privacy could be
subject to enforcement actions by the Federal Trade Commission." Google's refusal to sign the industry backed
Pledge appears to be an acknowledgement that if it signs the Pledge it will be
in violation of Article 5 of
the FTC Act regarding unfair and deceptive trade practices. In 2012, Google paid
a $22.5 million dollar record FTC fine for misleading users about its privacy
practices regarding the scandal known as the Apple
"Safari Hack" because it had violated its 2011 agreement not to mislead
consumers about its privacy promises.
Google's lack of transparency on student privacy issues and its refusal to participate in an industry backed student privacy initiative that was created by two organizations it supports should be of great concern to any parent whose school has adopted Google Apps For Education. According to Google's Apps For Education website, it has a massive footprint in the education space. More than 30 million students, faculty members, and staff utilize its platform.
Unfortunately for education users, their privacy is still governed by Google's standard Consumer Privacy Policy that allows for all emails and metadata collected to be data mined to create user profiles for non-educational commercial purposes. The Consumer Privacy Policy that covers Google's educational offerings is the same one that a German data protection authority (privacy regulator) recently ruled violates EU data protection (privacy) laws. Shouldn't U.S. school children be afforded the same privacy protections as German citizens?
When will Google come clean and be transparent about its past and present student data collection practices? Some questions that Google still needs to answer include:
•How long was (is) Google scanning
student emails for advertising and/or other non-educational commercial purposes?
•Were the parents or legal guardians of students who had their emails
scanned for advertising/commercial profiling purposes provided notice and did the parents or legal
guardians respond by giving written consent to allow their children's personal
information to be utilized for advertising and/or other non-educational commercial
purposes?
•How many students had their
emails scanned for advertising and/or non-educational commercial purposes?
•Has Google deleted all the emails and associated metadata that was scanned
for advertising and/or other non-educational commercial purposes? If so, when?
•Is Google data mining students to create user profiles? If so, why and how many students is it profiling?
As a parent, lawyer, and user of Apple, Pearson, Khan Academy, and Google's products/services, I am very troubled by their refusal to sign an industry created Pledge to better protect student privacy. If these companies are not willing to change their data collection and usage practices, their privacy policies, and agree to the sign the Pledge can we trust them with our children's most personal information?
Copyright 2014 by Shear Law, LLC All rights reserved.
Monday, October 6, 2014
Titan has installed hundreds of advertising beacons around NYC
Buzzfeed is reporting that the New York City government has allowed outdoor media company Titan to install hundreds of advertising beacons (small radio transmitters that may be used to track people's movements) in pay phones around the city. Beacons may be utilized to track your movements via cell phone for not just behavioral advertising, but also for nefarious spying purposes that may put cell phone users in harms way. Interestingly, there has been no public notice about this program so all the facts are hard to come by.
When this type of technology is deployed in a public space without the community's input it is very troubling. After hearing about this new program, the New York American Civil Liberties Union Executive Director Donna Lieberman denounced it. As a former New Yorker and regular visitor, I am very concerned about this development.
Should Titan (or any other company) have been allowed to install these beacons on public property in the first place? Should Titan be required to publicly list (i.e. transparency) where each of its beacons are located? Should Titan be required to place large signs next to their beacon locations so those who walk nearby are notified of this program? Will consumers who have been tracked by Titan without their knowledge or consent soon sue Titan or New York City for breaching their personal privacy? These are legitimate questions and concerns that require a national conversation.
For those who are care about their personal privacy and security, now is the time to stand up and be counted before it is too late.
UPDATE:
According to Buzzfeed, New York City has asked Titan to remove its beacons from city owned property and this may occur in the next several days. This 180 demonstrates the power of social media because within hours of this matter being reported on by Buzzfeed the beacons in question are planning to be removed.
Will Titan be required to answer the following questions: What type of data did its beacons collect on public property? From how many people did Titan's beacons collect information from? How much data did it collect? Will Titan delete all the data it has collected on public property? What were the start dates and what will be the exact end date of this program? For New York City, who authorized this program without public input? Will the public be asked the next time this or a similar issue occurs?
Copyright 2014 by Shear Law, LLC All rights reserved.
When this type of technology is deployed in a public space without the community's input it is very troubling. After hearing about this new program, the New York American Civil Liberties Union Executive Director Donna Lieberman denounced it. As a former New Yorker and regular visitor, I am very concerned about this development.
Should Titan (or any other company) have been allowed to install these beacons on public property in the first place? Should Titan be required to publicly list (i.e. transparency) where each of its beacons are located? Should Titan be required to place large signs next to their beacon locations so those who walk nearby are notified of this program? Will consumers who have been tracked by Titan without their knowledge or consent soon sue Titan or New York City for breaching their personal privacy? These are legitimate questions and concerns that require a national conversation.
For those who are care about their personal privacy and security, now is the time to stand up and be counted before it is too late.
UPDATE:
According to Buzzfeed, New York City has asked Titan to remove its beacons from city owned property and this may occur in the next several days. This 180 demonstrates the power of social media because within hours of this matter being reported on by Buzzfeed the beacons in question are planning to be removed.
Will Titan be required to answer the following questions: What type of data did its beacons collect on public property? From how many people did Titan's beacons collect information from? How much data did it collect? Will Titan delete all the data it has collected on public property? What were the start dates and what will be the exact end date of this program? For New York City, who authorized this program without public input? Will the public be asked the next time this or a similar issue occurs?
Copyright 2014 by Shear Law, LLC All rights reserved.
Sunday, October 5, 2014
PA Attorney General's Office Rocked By Porn Email Scandal
In a very troubling development, prosecutors in the Pennsylvania attorney general's office and employees in other state agencies have been accused of sending porn and other inappropriate content via government email systems. According to the Pittsburgh Post-Gazette, the Secretary of the Department of Environmental Protection and the department's deputy chief counsel have resigned over the scandal.
NBC News has reported that one political appointee who sits on the state Board of Probation and Parole has refused to step down at this point. The emails involved in the scandal reportedly contained, "still photos of women in pin-up-style poses; mock workplace motivational posters that showed women performing sex acts with male characters who appeared to be their bosses; and video files, bearing winking titles like "NASCAR Victory," or "Delta Faucet commercial" that showed women and men engaged in intercourse and other sexually suggestive acts."
I have talked to some friends of mine who work(ed) in the attorney general's office of other states and none of them send porn via email to their coworkers on work or personal email. Each person I spoke with also stated that if they were involved in this type of behavior they most likely would be fired or forced to resign. Last year, a federal judge in Montana was forced into retirement over allegedly racist emails that he sent.
It is important to be very careful about what one sends via email or other digital platforms. In general, I do not recommend utilizing work email for personal purposes.
Copyright 2014 by Shear Law, LLC All rights reserved.
NBC News has reported that one political appointee who sits on the state Board of Probation and Parole has refused to step down at this point. The emails involved in the scandal reportedly contained, "still photos of women in pin-up-style poses; mock workplace motivational posters that showed women performing sex acts with male characters who appeared to be their bosses; and video files, bearing winking titles like "NASCAR Victory," or "Delta Faucet commercial" that showed women and men engaged in intercourse and other sexually suggestive acts."
I have talked to some friends of mine who work(ed) in the attorney general's office of other states and none of them send porn via email to their coworkers on work or personal email. Each person I spoke with also stated that if they were involved in this type of behavior they most likely would be fired or forced to resign. Last year, a federal judge in Montana was forced into retirement over allegedly racist emails that he sent.
It is important to be very careful about what one sends via email or other digital platforms. In general, I do not recommend utilizing work email for personal purposes.
Copyright 2014 by Shear Law, LLC All rights reserved.
Saturday, October 4, 2014
Student Yik Yak Threat at Towson University Leads To Arrest
Be careful what you post online. I discuss this theme constantly with my clients, during seminars, and with the media. Earlier this week, a Towson University student was arrested after posting a threat on the app called Yik Yak.
An 18-year old Towson University student allegedly made an anonymous threat against Towson University utilizing Yik Yak. The alleged threat made a reference to creating a "Virginia Tech Part 2". This troubling alleged reference to the terrible tragedy that occurred at Virginia Tech in 2007 that killed 33 people demonstrates that the student may need the assistance of a mental health professional.
According to the Towson Towerlight, "[a] resident student first reported the threat to her resident assistant Wednesday afternoon. The RA took it to the Department of Housing and Residence Life, according to the Director of University Communications Ray Feldmann, who then took it to University Police. TUPD then alerted Baltimore County Police, Maryland State Police and the FBI."
The student who allegedly threatened Towson was charged with, "threat of massive violence and disturbing operations at a school." According to the Baltimore Sun, the defendant, "told police he had learned he wasn't performing well in the jazz class and was worried his parents would pull him out of school if his GPA dropped too much..."
The bottom line is that no matter how angry one is it is generally not recommended to express your anger on social media or any other digital platform. If someone is thinking about harming others or themselves, they should meet with a mental health professional who may be able to assist them.
Copyright 2014 by Shear Law, LLC All rights reserved.
An 18-year old Towson University student allegedly made an anonymous threat against Towson University utilizing Yik Yak. The alleged threat made a reference to creating a "Virginia Tech Part 2". This troubling alleged reference to the terrible tragedy that occurred at Virginia Tech in 2007 that killed 33 people demonstrates that the student may need the assistance of a mental health professional.
According to the Towson Towerlight, "[a] resident student first reported the threat to her resident assistant Wednesday afternoon. The RA took it to the Department of Housing and Residence Life, according to the Director of University Communications Ray Feldmann, who then took it to University Police. TUPD then alerted Baltimore County Police, Maryland State Police and the FBI."
The student who allegedly threatened Towson was charged with, "threat of massive violence and disturbing operations at a school." According to the Baltimore Sun, the defendant, "told police he had learned he wasn't performing well in the jazz class and was worried his parents would pull him out of school if his GPA dropped too much..."
The bottom line is that no matter how angry one is it is generally not recommended to express your anger on social media or any other digital platform. If someone is thinking about harming others or themselves, they should meet with a mental health professional who may be able to assist them.
Copyright 2014 by Shear Law, LLC All rights reserved.
Friday, October 3, 2014
Can Facebook Be Trusted With Personal Medical Information?
According to Reuters, Facebook wants to get into the healthcare business via your personal health care status. The report states, "[t]he company [Facebook] is exploring creating online "support
communities" that would connect Facebook users suffering from various
ailments. A small team is also considering new "preventative care" applications that would help people improve their lifestyles."
Is Facebook a safe environment to share personal health information? This is a question that Facebook users need to answer themselves. Would I ever trust Facebook with my personal health information? I don't utilize Facebook to communicate with my family or friends or for any reason other than to explore the constantly changing features on the platform. For the past several years, I have only utilized Facebook for professional purposes since I don't trust the platform with my personal information.
If you watch Cullen Hoback's documentary Terms and Conditions May Apply you may better understand how Facebook utilizes your personal information. If watching a documentary is not up your alley, I encourage you to read the clause on Facebook's Terms and Conditions that states, "...you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook (IP License)." In layman's terms by posting content on Facebook you agree to Facebook utilizing your content in any way it sees fit.
Last year, Forbes reported that Facebook entered into agreements with multiple data brokers to ensure that the personal information you post (i.e. your friends lists, status updates, likes, etc..) is provided to companies/shadowy entities that are creating detailed online and offline personal dossiers about people. Besides advertisers, the information posted on Facebook may be utilized by insurance companies to deny claims and/or employers to discriminate against employees, and colleges to turn down applicants.
If after reading the above you still want to share your personal medical information with Facebook that is your right. When it comes to privacy, you don't know how valuable it is until you lose it.
Copyright 2014 by Shear Law, LLC All rights reserved.
Is Facebook a safe environment to share personal health information? This is a question that Facebook users need to answer themselves. Would I ever trust Facebook with my personal health information? I don't utilize Facebook to communicate with my family or friends or for any reason other than to explore the constantly changing features on the platform. For the past several years, I have only utilized Facebook for professional purposes since I don't trust the platform with my personal information.
If you watch Cullen Hoback's documentary Terms and Conditions May Apply you may better understand how Facebook utilizes your personal information. If watching a documentary is not up your alley, I encourage you to read the clause on Facebook's Terms and Conditions that states, "...you specifically give us the following permission, subject to your privacy and application settings: you grant us a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use any IP content that you post on or in connection with Facebook (IP License)." In layman's terms by posting content on Facebook you agree to Facebook utilizing your content in any way it sees fit.
Last year, Forbes reported that Facebook entered into agreements with multiple data brokers to ensure that the personal information you post (i.e. your friends lists, status updates, likes, etc..) is provided to companies/shadowy entities that are creating detailed online and offline personal dossiers about people. Besides advertisers, the information posted on Facebook may be utilized by insurance companies to deny claims and/or employers to discriminate against employees, and colleges to turn down applicants.
If after reading the above you still want to share your personal medical information with Facebook that is your right. When it comes to privacy, you don't know how valuable it is until you lose it.
Copyright 2014 by Shear Law, LLC All rights reserved.
Thursday, October 2, 2014
Google May Have A Strong Defense Against Hacked Celeb Photo Lawsuit Threat
Page 6 of the New York Post was the first media outlet to report that some of the celebrities whose photos were recently hacked may sue Google for not "expeditiously" removing links/images to/of their copyrighted nude photos. The lawyer, Marty Singer wrote a scathing letter to Google demanding it act "expeditiously" to remove the infringing content or face a lawsuit that may create $100+ million dollars in damages.
According to The New York Times, Marty Singer is "Guard Dog To The Stars (Legally Speaking)". In a profile from several years ago, Mr. Singer is quoted as saying, “We’re one of the few firms that sue; we don’t just send a letter.” While I admire Mr. Singer's work in protecting some of the most famous celebrities in the world, I wish him the best of luck and a very sympathetic court room if he follows through and sues Google for not responding "expeditiously" to his take down requests that are governed under the Digital Millennium Copyright Act.
In 2010, I wrote about the challenges copyright holders have under the Digital Millennium Copyright Act regarding protecting their content in a digital world. At that time I stated,
"According to the Senate Report about the DMCA (S. Rep. 105-190 at 44), "[b]ecause the factual circumstances and technical parameters may vary from case to case, it is not possible to identify a uniform time limit for expeditious action." In my opinion, this indicates that a non-profit may be held to a different less onerous standard than a commercial entity. Since S. Rep 105-190 was created, technology has drastically changed and I do not believe it was the intent of the Senate to provide ISPs/OSPs wide latitude to remove infringing content at their leisure when even a minor delay in removal may cause serious financial repercussions to rights holders."
I further opined, "The DMCA's safe harbor provision is already tilted heavily in favor of ISPs/OSPs. Therefore, to level the playing field it is time for either Congress or the courts to declare that under the DMCA commercial entities have one business day to remove infringing content." Whether one business day is still an "expeditious" enough standard is debatable; however, at that time I thought it was a good starting point to begin the discussion.
Since 2010, neither Congress nor the courts have created a universal definition of the term "expeditiously". Google has one of the most technologically advanced data mining machines in the world so it most likely can do a better job of removing copyrighted nude photos and/or links to them from appearing on its platforms.
Unfortunately, removing content from the Internet is a lot like "whack a mole". When it has been removed from one website there is a chance it may appear on another platform. Due to the recent Right To Be Forgotten Ruling in Europe, Mr. Singer may have better luck if any of his clients are European Union citizens; however, this right appears to only apply to Google's European products/services and it is unclear exactly how this new right will be implemented.
From a legal perspective, does Google have a strong legal defense under the DMCA's safe harbor? In the 2013 Capital Records v. Vimeo case, a New York federal district court ruled that it was "expeditious" to take three and a half weeks to remove 170 infringing videos. While this ruling only applies to the Southern District of New York, it may provide persuasive opinion for other jurisdictions.
Here, it appears a couple hundred copyrighted photos may have been part of the take down requests and the time frame appears to be a couple of weeks. Since there is not a definitive legal standard regarding how "expeditiously" a digital platform must act to remove infringing content it appears Google may qualify for "Safe Harbor" protection. If Google is eventually sued for allegedly violating the DMCA regarding this matter, it should be able to mount a vigorous and most likely successful defense.
Copyright 2014 by Shear Law, LLC All rights reserved.
According to The New York Times, Marty Singer is "Guard Dog To The Stars (Legally Speaking)". In a profile from several years ago, Mr. Singer is quoted as saying, “We’re one of the few firms that sue; we don’t just send a letter.” While I admire Mr. Singer's work in protecting some of the most famous celebrities in the world, I wish him the best of luck and a very sympathetic court room if he follows through and sues Google for not responding "expeditiously" to his take down requests that are governed under the Digital Millennium Copyright Act.
In 2010, I wrote about the challenges copyright holders have under the Digital Millennium Copyright Act regarding protecting their content in a digital world. At that time I stated,
"According to the Senate Report about the DMCA (S. Rep. 105-190 at 44), "[b]ecause the factual circumstances and technical parameters may vary from case to case, it is not possible to identify a uniform time limit for expeditious action." In my opinion, this indicates that a non-profit may be held to a different less onerous standard than a commercial entity. Since S. Rep 105-190 was created, technology has drastically changed and I do not believe it was the intent of the Senate to provide ISPs/OSPs wide latitude to remove infringing content at their leisure when even a minor delay in removal may cause serious financial repercussions to rights holders."
I further opined, "The DMCA's safe harbor provision is already tilted heavily in favor of ISPs/OSPs. Therefore, to level the playing field it is time for either Congress or the courts to declare that under the DMCA commercial entities have one business day to remove infringing content." Whether one business day is still an "expeditious" enough standard is debatable; however, at that time I thought it was a good starting point to begin the discussion.
Since 2010, neither Congress nor the courts have created a universal definition of the term "expeditiously". Google has one of the most technologically advanced data mining machines in the world so it most likely can do a better job of removing copyrighted nude photos and/or links to them from appearing on its platforms.
Unfortunately, removing content from the Internet is a lot like "whack a mole". When it has been removed from one website there is a chance it may appear on another platform. Due to the recent Right To Be Forgotten Ruling in Europe, Mr. Singer may have better luck if any of his clients are European Union citizens; however, this right appears to only apply to Google's European products/services and it is unclear exactly how this new right will be implemented.
From a legal perspective, does Google have a strong legal defense under the DMCA's safe harbor? In the 2013 Capital Records v. Vimeo case, a New York federal district court ruled that it was "expeditious" to take three and a half weeks to remove 170 infringing videos. While this ruling only applies to the Southern District of New York, it may provide persuasive opinion for other jurisdictions.
Here, it appears a couple hundred copyrighted photos may have been part of the take down requests and the time frame appears to be a couple of weeks. Since there is not a definitive legal standard regarding how "expeditiously" a digital platform must act to remove infringing content it appears Google may qualify for "Safe Harbor" protection. If Google is eventually sued for allegedly violating the DMCA regarding this matter, it should be able to mount a vigorous and most likely successful defense.
Copyright 2014 by Shear Law, LLC All rights reserved.