NFL Draft Social Media Lessons For NCAA Schools & Student-Athletes

The 2016 NFL draft demonstrated why people need to become more educated about social media, digital privacy, reputation, and the law. Since starting this blog in 2009, I have been warning the public about the dangers associated with digital technologies and social media and how to protect yourself from becoming a star in a viral social media pr crisis.

Several minutes before the NFL draft started on Thursday, a video was posted on NFL prospect Laremy Tunsil's personal Twitter account that allegedly showed him wearing a gas mask and taking bong hits.  

While Mr. Tunsil is not the first college student who has admitted to trying drugs or drinking too much (i.e. President's Clinton, Bush, and Obama), he is the first to have had this information go viral right before he was expected to be drafted and earn millions of dollars.

This video allegedly cost Tunsil approximately $13 million dollars in salary and his agent $390,000 in fees.  It may have even destroyed Tunsil's marketability as a celebrity spokes person which could have earned him millions more and his agents hundreds of thousands of dollars in commission. This matter will go down as one of the most expensive digital mistake's on record.

This wasn't the only digital evidence of Mr. Tunsil's activities in college.  A short time after the bong video was posted, a text message exchange appeared on Mr. Tunsil's personal Instagram account that appears to demonstrate that his college program (University of Mississippi) was paying for some of his personal expenses which is an NCAA violation.

    

This post may lead to an NCAA investigation which could cost the University of Mississippi tens of millions of dollars.  Ole Miss may be forced to forfeit games Tunsil appeared in, lose scholarships, become ineligible for future bowl games, etc... Additionally, sponsorship revenue may decrease, and the university may be forced to spend millions in legal fees and compliance costs to investigate and defend their actions. Coaches and athletic administrators may also be fired because of this evidence.

Tunsil was obviously targeted because the hacker(s) acquired the digital evidence and struck at the most opportune time to inflict serious damage to his reputation.While it appears that multiple state and federal laws were violated, until the matter is fully investigated it is too early to determine what criminal and/or civil action may be taken.  

These types of issues will only increase in the future.  As I told The New York Times, "Its very challenging with these computer crimes because people can hide their tracks... Even if you find the person who hacked, can you even collect on the judgment?"

The bottom line is that education is the best way to protect against becoming a victim. When a crisis like this occurs, it is imperative to understand how to properly respond to ensure that your organization has its legal and pr ducks in a row to limit any damage to your reputation.  

Copyright 2016 by Bradley S. Shear, Esq. All rights reserved. 

NFL Star Roddy White Makes Season Ticket Offer on Twitter If Duke Loses and May Have To Pay Up

Are social media offers legally binding?  Yes.  R&B artist Ryan Leslie lost a $1 million dollar lawsuit in 2012 over his refusal to honor his YouTube offer.  Earlier this week, the Atlanta Falcons' Roddy White Tweeted: @DHoyt77 if mercer beat duke I will give you season tickets 50 yard line first row.  Duke lost the game and subsequently White Tweeted:  I lost a bet and I will give him tickets to the bears game since he is a bears fan done with this bet

There was an offer by White and an acceptance by @DHoyt77. If White refuses to honor his initial offer and @DHoyt77 decides to sue White for the offer of season tickets I believe @DHoyt77 has a valid claim.  The Leslie case may provide a strong precedent for @DHoyt77's position that may be utilized to demonstrate that a social media offer and acceptance is legally binding. 

While White's offer may sound reminiscent of the Aaron Rodgers Tweet last year that stated, " @toddsutton ya I'd put my salary next year on it," it is not.  Aaron Rodgers didn't state to another Twitter user "I will give you my entire year's salary".  There was no clear offer and acceptance in the Rodgers matter.  Here, there appears to be a straight forward offer and acceptance.  Therefore, I believe White owes for the entire season and @DHoyt77 has a strong claim that is legally enforceable. 

The bottom line is that be careful what you Tweet because it may be used against you in the future.

Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved. 

White House Twitter Critic Fired Over Tweets

A Twitter Critic of the White House was recently unmasked and fired from his Obama administration job.  According to the Daily Beast, Jofi Joseph, a member of in the National Security Staff was terminated from his position after he was caught as the person behind the Twitter handle @natsecwonk.

In the past, those who wanted to criticize the President and/or his staff would reach out to Bob Woodward of the Washington Post or another reporter and the information would end up in the newspaper and/or in a book.  However, now it appears that internal administration critics are going directly to the public via Twitter and/or other digital platforms.

At first glance, it doesn't appear that Mr. Joseph released top secret material in his Tweets.  Anonymous digital postings are usually not very reliable.  However, Mr. Joseph's unmasking and termination has now provided some credibility to the anonymous Tweets that previously were not given much weight by those outside the administration.  According to Mr. Joseph's comments to Politico, "[w]hat started out as an intended parody account of DC culture developed over time into a series of inappropriate and mean-spirited comments."       

Why is the Obama administration spending tremendous resources hunting down Twitter critics?  The administration has been actively targeting journalists and their sources for some time.  How did the White House actually unmask its Twitter critic?  Did the White House ask for and receive Twitter's assistance?  Does the administration realize that silencing a Twitter critic has made the matter worse because of the Streisand Effect?  Since the Tweets in question appear to be just inappropriate and mean-spirited why should the administration care?

Mishandling and/or leaking classified documents and/or information may be a crime depending upon the circumstances.  If Mr. Joseph's digital activities violated any laws he should be prosecuted like anyone else.  However, posting negative Tweets about those in the government is not a crime.   In a democracy, this is called exercising our freedom of speech rights.  Last week, I spoke to a group of international government officials who wanted to know what to do when someone anonymously mocks them online.  My response was to "get some thicker skin". 

While there may be some potential First Amendment, employee/employer, and national security legal issues to address once all of the facts have come to light, at the end of the day this is about a person who happens to be a government employee Tweeting anonymously about his personal observations and/or thoughts about the inner workings of the government.  Nothing more.   

President Obama is the first President to become elected because of social media and his administration has utilized multiple digital platforms to convey his message directly to the entire world without a media filter.  Its time for some members of the President's inner circle to get some thicker skin and realize they are the first administration to govern in the Social Media Age.  The administration's "Twitter critic mole hunt" raises more questions than it answers. 

Copyright 2013 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

Court: Fake Social Media Profiles Of Teachers By Students Ok

In the Social Media Age, the old adage that "sticks and stones can break my bones, but names can never harm me" is more important than ever.  In a recent case, an assistant middle school principal sued 5 students and their parents because the students allegedly created fake social media profiles of him that were not flattering. 

The assistant middle school principal claimed that the students violated the federal Computer Fraud and Abuse Act.  The court dismissed one of the students from the lawsuit and it would not surprise me if the court dismisses the rest of the plaintiff's claims soon.  While the plaintiff may have a stronger case suing under another theory, I believe the students and their parents have a strong First Amendment defense that may defeat most if not all potential claims. 

Last year, North Carolina enacted a law that makes it unlawful for students to:

Use a computer or computer network to do any of the following:

(1)        With the intent to intimidate or torment a school employee, do any of the following:

a.         Build a fake profile or Web site.

b.         Post or encourage others to post on the Internet private, personal, or sexual information pertaining to a school employee.

c.         Post a real or doctored image of the school employee on the Internet.

While North Carolina's law has good intentions, I would find it hard to believe that it does not violate the First Amendment.  It would not surprise me if a federal court eventually rules that this law is unconstitutional.   

The bottom line is that schools need to do a better job of educating their students, teachers, and administrators about digital issues.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved. 

Dead Cyberbullying Victim's Image Used In Facebook Ad

Bullying whether offline or in cyberspace has the potential to cause great pain for its victims and their families.  With the increased usage of social media, more bullies are going online to target their victims.  Unfortunately, the children's rhyme, "sticks and stones may break my bones, but words will never harm me," is losing some power in today's social media fueled world. 

Over the past several years, there have been multiple incidents where online bullying has been a contributing factor in teenagers committing suicide. These tragedies demonstrate the need for parents and teachers to stress the importance that the above children's rhyme is now more important than ever.  In addition to better educating our children, social media platforms must do a better job of policing their web sites and making the personal privacy of their users a top priority.

One such example of a social media platform putting profits ahead of personal privacy is when Facebook was recently caught featuring a photo of Canadian teenage Rehtaeh Parsons who killed herself earlier this year.  Even though Facebook apologized for allowing this to happen, it demonstrates that most digital platforms are reactive in nature and not proactive when it comes to privacy.  While I am generally not a proponent for stricter regulations, this appears to be another example of why stronger digital privacy laws may be needed to protect our children from companies that may be putting profits ahead of privacy.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.  

Social Media Scam Entangles Miami Heat Star

Athletes and other high profile individuals are constant targets of scams offline and on social media.  Earlier this year, Manti Te'o, then a student-athlete with Notre Dame was the target of an elaborate catfishing scheme that almost destroyed his NFL career before he was even drafted.  Manti Te'o is not alone in being targeted by con artists who utilize electronic communications.  The Miami Heat's Chris Andersen was also recently entangled in a digital scheme that almost destroyed his NBA career and personal life.  

These incidents are the tip of the iceberg.  I have counseled multiple high profile individuals who have been the target of these scams.  Fortunately for most of my clients, they usually contact me before these issues become public knowledge.  When I provide services to professional athletes, professional sports teams, college athletic departments, Fortune 500 executives, and other high profile clients, I discuss these type of issues and the importance of limiting one's digital footprint.  Unless one is able to authenticate the person with whom they are texting with and/or sending emails/social media messages with I do not recommend communicating with them.

The bottom line is that some people are putting their guard because a growing number of self-styled social media consultants are advocating that high profile individuals should focus on increasing one's social media usage to build one's personal brand and/or their school and/or corporate brand.  My philosophy is different.  It is about protecting the individual, school, corporation, etc... first.  Brand building is a long process that takes years of hard work and a handful of Tweets or Facebook posts won't do it despite what some self-styled social media consultants advocate.  

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved. 

NJ Federal Court: Password Protected Facebook Posts Covered By Stored Communications Act

A New Jersey federal district court recently ruled that non-public Facebook posts are protected by the Stored Communications Act.  The decision in Ehling v. Monmouth-Ocean HospitalService Corp., demonstrates that courts are continuing the trend of recognizing that we still have an expectation of privacy in the digital age.

In Ehling, a paramedic working for a hospital made an alleged inappropriate post on her password protected Facebook account.  The post was forwarded by one of the paramedic's Facebook friends to management who disciplined the paramedic because of the post.  Initially, the paramedic challenged the discipline before the NLRB and lost. Subsequently, the paramedic filed a lawsuit in federal court claiming that management violated the federal Stored Communications Act and the common law invasion of privacy tort.  

While the Court granted summary judgment in favor of hospital management on both claims it stated, "The Court finds that, when users make their Facebook wall posts inaccessible to the general public, the wall posts are “configured to be private” for purposes of the SCA. The Court notes that when it comes to privacy protection, the critical inquiry is whether Facebook users took steps to limit access to the information on their Facebook walls. Privacy protection provided by the SCA does not depend on the number of Facebook friends that a user has."

This decision is a huge victory for privacy because it recognizes that employers and schools may not require employees and/or students turn over their digital user names, passwords, or password protected digital content.  The bottom line is that employers and schools may not require their employees or students to "Facebook Friend" them as a requirement to keep their scholarship or job unless they are interested in losing a lawsuit.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.

New Jersey Bans NCAA Social Media Monitoring Companies

New Jersey Governor Chris Christie proclaimed that New Jersey employees have an expectation of privacy in the digital age when he signed A2878 into law earlier today.  New Jersey has joined the growing number of states that are protecting the personal digital privacy of their employees and students.  At least 13 states have enacted similar laws and 36 states along with Congress have introduced bills to protect NCAA schools, students, employers, employees, etc... from companies that are selling social media monitoring legal liability time bombs. 

Some social media monitoring companies may claim they are a "leader" in social media monitoring and/or in "educating" student-athletes.  Does the NSA claim they are monitoring personal digital accounts to educate?  No.  Therefore, any claim by Varsity Monitor, UDiligence, Fieldhouse Media, etc...that they are monitoring to "educate" is absolute *&%%&*$%. 

Varsity Monitor, UDiligence, and Fieldhouse Media each sell social media monitoring services that NCAA schools in at least 13 states may not utilize to track the personal digital accounts of their coaches and/or student-athletes.  Schools deploying the social media monitoring services of these companies may be fined hundreds of thousands of dollars, and/or may be sued for violating their student's first and/or fourth amendment rights, and/or may lose millions of dollars in federal funding.

According to Deadspin, Varsity Monitor may have some troubling ethical and legal problems to address.  The Courier Journal reported that Varsity Monitor's Centrix Social service was caught last year monitoring University of Kentucky student-athletes for using the terms "Arab" or "Muslim" online.  Why did Sam Carnahan, the owner of Varsity Monitor allow this to occur?

According to Time Magazine, UDiligence was monetizing the personal photographs of the student-athletes it was monitoring to advertise its services until it was confronted about this troubling practice.  Unfortunately, UDiligence's founder Kevin Long only removed the offending photos from his UDiligence web site but not another one of his company web sites (I have screen shots if he claims otherwise).  This demonstrates that schools, student-athletes, and sports related entities should think long and hard before trusting any entity that Mr. Long owns or controls.

The most troubling service may be Fieldhouse Media because it appears to be trying to differentiate itself as having less invasive tactics than the other companies.  NCAA athletic departments should not be fooled.  It appears that in order for Fieldhouse Media's social media monitoring service to properly work  student-athletes need to at least authenticate their social media username(s).  Arkansas, California, Delaware, Illinois, Michigan, New Jersey, and New Mexico have generally banned schools from being able to ask a student to verify this information.

Fieldhouse Media's Kevin DeShazo's business practices appear to raise serious ethical questions.  For example, last year Mr. DeShazo created a press release announcing his social media monitoring service that quoted me without my cooperation.  Did Mr. DeShazo ask for my permission to be quoted in a press release designed to sell his social media monitoring services? No. Why is Mr. DeShazo trying to associate my reputation with a practice that I along with lawyers and risk professional from around the country believe may create tremendous legal and financial risks?  

If you perform due diligence on Mr. DeShazo you may find some issues that warrant further explanation.  For example, according to his publicly available LinkedIn Profile from last year it states that before he started his social media monitoring firm he had no verifiable social media or NCAA compliance/advisory experience.  Interestingly, according to his recent publicly available LinkedIn Profile it now claims that prior to starting his social media monitoring company he was working for a social media marketing firm. If Mr. DeShazo was actually working for a social media marketing company before he started his social media consulting firm why wasn't it listed previously? Why has Mr. DeShazo recently claimed he launched Fieldhouse Media in 2010 (I have screen shots if this is denied) which conflicts with his LinkedIn Profile claims and the information on file with the Oklahoma Secretary of State?

In 2001, George O'Leary, Notre Dame's head football coach resigned five days after being hired because of "inaccuracies" in his published biography.  In other words, Mr. O'Leary was caught intentionally misleading NCAA athletic departments about his background.  After George O'Leary, Jayson Blair was caught creating a web of lies and was terminated from the New York Times, and then James Frey, the author of "A Million Little Pieces" was caught lying to Oprah.   

Anyone that approaches schools to sell services to track personal social media accounts is selling a legal liability time bomb.  If a school hires a social media monitoring firm to track the personal digital content of their students or employees and it misses an indication that there may be a crime committed it may cost the school more than $100 million dollars.  For proof, just review the Penn State emails regarding the Jerry Sandusky matter.  Does a school want to be on the hook for tens or hundreds of millions of dollars in legal liability because it was utilizing a social media monitoring service to track personal digital accounts?    

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.

Google States in Lawsuit Users Have No Legitimate Expectation of Privacy

The Guardian recently reported that consumer interest group Consumer Watchdog uncovered a digital privacy case that may better protect the privacy of school provided student digital accounts.  Fread v. Google was filed on April 29, 2013, by two university students who allege that Google unlawfully and intentionally intercepts electronic communications (emails and other data collected by the service) from their school provided Google Apps For Education accounts.  The lawsuit claims that Google's cloud based school service is utilizing user data in a manner that violates the Electronic Communications Privacy Act of 1986.  

To better understand Google's Apps for Education program it is essential to read the agreement that Google requires schools to execute to obtain the service.  Google generally offers this program to secondary or post-secondary schools for free (there may be maintenance and/or other costs associated with implementation and/or operation of the service).  While the default setting for the U.S. Google Apps for Education service is one that does not allow for Google to serve ads, it is troubling that the agreement provides schools the ability to data mine their students with the “click of a mouse” in the Admin Console.  

Why has Google provided schools the ability to behavioral advertise to students based upon their school emails, attachments, uploaded videos and related digital activity?  Does the agreement include the ability to behavioral-advertise so cash strapped schools may negotiate an advertising revenue share with Google in the future when they need an easy-to-implement new income stream? 

Since Google provides schools the ability to turn on and off the behavioral advertising function for its school based services it makes me wonder what Google is doing behind the scenes with student content.  Is Google’s Apps for Education service a Trojan Horse to data mine and erode our children’s personal privacy and safety?  How is this service able to so easily go in and out of data mining mode with just a "flip of a switch" by a school administrator?  Why isn't Google more transparent regarding its data mining capabilities for the services it offers to schools?  Does this indicate that Google believes that students don’t have an expectation of privacy when utilizing its school branded services?

It appears that Google presumes that its Apps For Education users don't have an expectation of privacy.  To defend its practices, in its motion to dismiss Fread, Google directly quotes from a 1970's case, Smith v. Maryland, 442 U.S. 735, 743-744 (1979), "a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties".  This case was decided before the widespread adoption of cell phones, email, the cloud, and other digital technologies. 

In U.S. v. Jones, 132 S. Ct. 945 (2012), the most recent major privacy case the Supreme Court has decided, Justice Sotomayor in referencing Smith's central premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties, stated "[t]his approach is ill suited in the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks."  Justice Sotomayor's statement clearly diminishes the central tenet of Smith and her philosophy has resonated recently with state lawmakers and courts around the country. 

State legislatures and the courts are moving towards recognizing that one has an expectation of privacy in the digital age.  For example, at least 13 states have enacted legislation in the past 15 months that protects employees and students from generally being required to provide access to their 3rd party created personal digital accounts.  Earlier this year, Texas enacted HB 2268 that requires law enforcement to obtain a warrant before accessing one's personal email accounts or cloud content.  In addition, a federal district court in Minnesota recently stated that students have an expectation of privacy regarding their personal electronic accounts.  These news laws and court rulings demonstrate that our courts and legislatures firmly acknowledge that we have an expectation of privacy despite third parties storing our content. 

Google's actions speak louder than its words. In 2010, Google listed its privacy principles and they included:  "Develop products that reflect strong privacy standards and practices; Make the collection of personal information transparent; and Give users meaningful choices to protect their privacy".  If Google practiced its privacy principles it would be more transparent about how it processes student data and it would strictly prohibit data mining in its Google Apps For Education Agreements. 

Fread raises some important issues about student privacy in the digital age.  It demonstrates the need for school technology providers to make their users' personal privacy a top priority. Unfortunately, it appears that absent court guidance and/or Department of Education rules that ban the data mining of school sanctioned digital accounts, some cloud providers may continue to put profits ahead of the need for privacy in an educational setting.  Until technology providers are legally banned from data mining school provided digital accounts, students and parents/guardians must be informed of the risks associated with utilizing school provided digital services that may erode personal privacy and put our children's safety at risk.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.  

Illinois Enacts Right To Privacy in the School Setting Act

Illinois has recently become the 2nd state in the country to enact social media privacy legislation that provides protection to the personal digital accounts of K-12 and post-secondary students. Michigan was the first state to enact social media privacy protections for K-12 and post-secondary students last year.  Multiple other states across the country have enacted social media privacy laws that protect post-secondary school students.   

The Right to Privacy in the School Setting Act was enacted because of several troubling social media related situations in Illinois.  For example, there was an incident where an Illinois public middle school violated the constitutional rights of several students by requiring some students to turn over their Facebook and email usernames and passwords.

Unfortunately, this aspect of the act is very troubling and will have unintended consequences:

Section 10. Prohibited inquiry.
(d) This Section does not apply when a post-secondary school has reasonable cause to believe that a student's account on a social networking website contains evidence that the student violated a school disciplinary rule or policy.

 Northwestern University will be required to change its student-athlete social media policy before 1/1/2014 due to the new law.  Northwestern's Online Soical Networking Student-Athlete policy states,  "You must provide full access to members of your coaching staff and/or selected members of the Athletics Department for any and all personal online networking pages." and "You must fully participate in any system developed by your coaching staff to assist in self-monitoring your teammates' personal online networking pages (e.g., buddy system)." This language clearly violates the new law. 

As a parent of young children, I would never turn over the passwords of their personal digital accounts absent a warrant and/or a court order and I believe this law is poorly drafted.  Does this law violate the Stored Communications Act and/or a student's first and/or 4th amendment?  Time will tell.

The bottom line is that K-12 and post-secondary schools must ensure they do not create social media policies that violate state/federal laws and/or our Constitution.  Its ironic that social media was intended to expand the freedom of speech; unfortunately, the reality is that some institutions that don't like the messages being created are using social media to curtail free speech rights.   

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved. 

CA School District Lodi Implements Unconstitutional Student Social Media Policy

Colleges and high schools across the country are implementing unconstitutional social media policies that are requiring state legislatures, Congress, and the courts to  show them the error of their ways.  For example, Utah State and Northwestern University implemented clearly unconstitutional social media policies directed at their student-athletes.  Due to these policies, Utah and Illinois enacted legislation banning these schools' social media policies. 

The Lodi Unified School District in California recently enacted a student social media policy that infringes on the 1st amendment rights of those who participate in extracurricular activities.   This new policy covers student-athletes, student newspaper reporters, band members, chess club members, the glee club, the lesbian, gay, bisexual and transgender club, etc...  The policy clearly violates the First Amendment. As Tinker v. Des Moines states, "students do not shed their constitutional rights to freedom of speech or expression at the schoolhouse gate."

In addition to violating the First Amendment, this new policy violates California Education Code Section 48907 that protects students' free speech rights in California.  The bottom line is that K-12 schools and post-secondary schools must be more aware of the policies that their administrators are implementing to ensure they don't create tremendous legal liability.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved. 

New federal legislation aims to stop the digital exploitation of children

The Forbidding Advertisement Through Child Exploitation Act (FACE Act) of 2013 was introduced in Congress on July 10, 2013 by U.S. Congressman John J. Duncan, Jr. (R-Tenn.) to help protect the  personal privacy of children and teens.  The official title as introduced states, "[t]o prohibit providers of social media services from using self-images uploaded by minors for commercial purposes."

The FACE Act states, "(a) provider of a social media service may not intentionally or knowingly use for a commercial purpose a self image uploaded to such a service by a minor." The Act empowers the FTC to promulgate regulations under section 553 of title 5 of the United States Code to implement the Act.  This aspect of the legislation is extremely important because it appears to provide the FTC the flexibility to create regulations that will enable it to account for changes in technology.    

To be effective, legislation should have adequate enforcement mechanisms.  This bill appears to enable not only the FTC, but also state attorney generals and/or state officials and/or state agencies to enforce the Act.  According to the bill, a "state may enforce the act by bringing a civil action to: enjoin such act or practice; enforce compliance with such section or such regulation; obtain damages, restitution, or other such compensation on behalf of residents of the State; or obtain such other legal and equitable relief as the court may consider to be appropriate."

The Act specifically states that it would not preempt states or political subdivisions of a state from enacting a law that provides minors greater personal privacy protection.  At first glance, this appears to provide the potential to create burdensome regulations on cloud providers and their clients; however, cloud computing vendors have been able to flourish despite being required to adhere to different privacy laws in each state.  For example, at least 46 states, including the District of Columbia, Guam, Puerto Rico, and the Virgin Islands have data breach notification statutes. 

According to a GigaOM's article about Gartner's Forecast Overview: Public Cloud Services, Worldwide, 2011-2016, 4Q12 Update that was released earlier this year, "the U.S. is predicted to remain number one in overall cloud services deployment-by a wide margin-into 2016."  Therefore, despite almost every state in the U.S. enacting their own data breach notification statutes (whose provisions may vary widely state by state) cloud computing providers have still been able to offer to clients compliant cost effective solutions.

While the FTC's recent updates to the Children's Online Privacy Protection Act provide our children more privacy protections, state attorney generals along with state officials or agencies may be in a better position to protect the digital privacy of our children.  For example, while multiple EU data protection authorities are pursuing enforcement actions against Google because of its March 1, 2012 privacy policy change; so far the FTC has declined to do so. 

In contrast, the National Association of Attorney Generals sent a letter (signed by 36 state attorney generals) in 2012 expressing their concern about Google's privacy policy change. Last month, 23 state attorney generals signed onto a follow up letter that stated, "[w]e are still greatly concerned about the way Google collects consumer information" and "[w]e also think more needs to be done to enable consumers to review and delete data that has been collected about them from specific Google products."    

In addition to the actions spearheaded by the National Association of Attorney Generals, California's Attorney General Kamala Harris has been active regarding protecting those who utilize mobile apps.  Her office's recent report on mobile apps "provides guidance on developing strong privacy practices."  Attorney General Harris also created the Privacy Enforcement and Protection Unit to enforce federal and state privacy laws.  Other states, such as Massachusetts, have introduced legislation (H 331) that would ban cloud computing service providers who contract with K-12 schools from processing student data for commercial purposes.

Even though some state attorney generals and state lawmakers around the country are working to protect the digital privacy of our children, more tools are needed to ensure that our children are not exploited.  The FACE Act's introduction is important because it demonstrates that legislators realize that enacting stronger digital privacy laws is not only best for society, but that it will resonate with voters on election day.  

While it may take several legislative sessions for the FACE Act to move forward due to the acrimony on Capitol Hill, it demonstrates that lawmakers still believe we have an expectation of privacy in the Digital Age.  It would not surprise me if the FACE Act's introduction encourages state lawmakers to introduce similar bills in their respective legislatures around the country.  Therefore, it is imperative that the cloud computing industry work with stakeholders to ensure that our children's personal digital data is not utilized for commercial purposes. 

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.     

New Jersey Supreme Court: Police Need A Search Warrant To Track Cell Phones

New Jersey's Supreme Court has taken the Fourth Amendment and applied it to the Digital Age.  In a win for personal privacy, the police are now required to obtain a search warrant before receiving from cellphone service provides user tracking information.

This decision bolsters the position that we still have an expectation of privacy in the Digital Age.  Last year, Bob Sullivan of NBC News wrote about an in-depth investigation of how law enforcement officials were obtaining cell phone tracking information without a warrant all over the country.  This story was eye-opening and discussed some very troubling practices.

New Jersey's decision appears to be inspired by the Supreme Court's U.S. v. Jones case from last year.  In a 9-0 decision, the court basically ruled that we still have an expectation of privacy from the government digitally tracking us without a warrant.   

While law enforcement officials need to be able to utilize modern tools to track criminals, they still need to adhere to the principles our founding fathers put in place more than 200 years ago.  While more of our information is being put into electronic form, it is imperative that the laws to protect our personal privacy keep up with technology.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.   

$2 Million Lawsuit After a School Uses Student's Facebook Photo Without Permission

Public secondary and post-secondary schools around the country may be creating tremendous legal liability issues for taxpayers because of their lack of understanding regarding social media and the law. According to The Daily Mail, a college freshman at the University of Georgia is suing her former Georgia school district for $2 million dollars after it utilized a photograph that she posted on her personal Facebook account without her permission in a district seminar about the Internet.

The Director of Technology at the Fayette County Schools allegedly used a personal photo of a former student to discuss the issues inherent with social media.  It appears that before the seminar the former student's photo was not newsworthy or publicized other than being on Facebook.  Some questions that need to be answered may include:  How did the school district obtain the photograph?; Did the school district know who was in the photograph?;  Why didn't the school district obtain permission before utilizing the photograph?  

This litigation demonstrates the tremendous legal liability issues that secondary and post-secondary schools may encounter regarding the use of personal student photographs that appear on social media platforms.  There are a handful of consulting firms that are approaching schools that claim they can properly advise schools on how to "educate" and "monitor" students online. 

Unfortunately, many of these services utilize methods to "educate" and/or "track" students online that states around the country are banning.  In addition, some of these services are abusing their access to students' personal digital content.  For example, according to Time Magazine, a company called UDiligence was caught last year displaying the personal photographs of the students that it was monitoring to sell its services.

The bottom line is that secondary and post-secondary schools must better understand the legal ramifications of social and digital media content and platforms before they are sued.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.