Hulk Hogan Awarded $115 Million In Gawker Naked Video Lawsuit

Privacy still matters in the Digital Age.  A Florida state jury awarded former professional wrestler Hulk Hogan $115 million dollars in a lawsuit against the online publication Gawker for publishing a video of him taken without his consent of him having sex with his former best friend's wife.

$55 million dollars of the jury's award was for economic harm and $60 million dollars was for emotional distress.  Punitive damages may also be awarded next week so its possible the award may substantially increase.

The recent Erin Andrews $55 million dollar Internet naked video award set the bar for privacy violations in the Digital Age and the Hogan case appears to have taken it several steps further. While both of these cases may be appealed and its doubtful that either will ever receive close to the figures that these juries have awarded, these awards demonstrate that the public is ready to punish those who destroy the personal privacy of others on the Internet.    

Copyright 2016 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

Belgium Sues Facebook Over Its Troubling Privacy Practices

According to The Wall Street Journal, Belgium's Privacy Commission is taking Facebook to court over its very troubling privacy practices.  Last month, the Commission publicly chastised Facebook for the way it handles the personal data of Internet users.  The Commission has focused on "how Facebook tracks Internet users on external websites through the use of “like” and “share” buttons".

In general, I avoid using Facebook's "like" or "share" button because for years the company has demonstrated via its privacy policy and agreements with data brokers that it has does not care about the privacy of its users.  The New York Times recently shed some light on how Facebook's Mark Zuckerberg is a privacy hypocrite.  Mr. Zuckerberg's business practices demonstrate that he doesn't believe his users deserve to have their personal data kept private but he wants those who are working with him personally to sign non-disclosure agreements (NDA) to protect his personal information.  This behavior appears to demonstrates that Mr. Zuckerberg believes privacy is only for the super-rich and not the Average Joe or Facebook user.

My hope is that U.S. lawmakers, regulators, and state attorney generals closely watch how the European Union (EU) deals with digital privacy issues.  While I don't agree with every public policy decision that the EU makes regarding the digital ecosystem, when it comes to holding companies such as Facebook and Google accountable for the way they handle and utilize the personal information of Internet users', the U.S. should closely explore emulating the EU's thought process on these matters. 

Privacy is one of the hallmarks of a democratic society and we must protect it before some members of the technology community permanently destroy it to maximize their corporate profits.  While Facebook and Google talk the talk regarding privacy they have failed to walk the walk and refrain from abusing their access to the data they are collecting about all of us.

Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.        

DOJ Will Be More Transparent About Secret Cell Phone Tracking

The U.S. Department of Justice (DOJ) has stated that it will soon become more transparent about its secret cell phone tracking program.  According to The Wall Street Journal, "the Federal Bureau of Investigation has begun getting search warrants from judges to use the devices, which hunt criminal suspects by locating their cellphones, the officials said. For years, FBI agents didn’t get warrants to use the tracking devices."

This change in behavior is welcome news.  Law enforcement should be required to obtain a warrant before deploying these technologies.  Police across the country have utilized devices sometimes called stingrays without a warrant thousands of times to collect information about cell phone users for years.  The usage of these technologies on American soil appears to have started around 2007 and according to published reports is widespread across the country.

In a democratic and free society, it is imperative for law enforcement to be transparent about their practices.  Even though there may be security concerns regarding being too transparent about some of the details of these programs, the usage of these technologies without a warrant is a clear violation of our Fourth Amendment rights. 

While I applaud the DOJ's decision to change its practice and now obtain a warrant before deploying these tools what triggered the change in policy?  In 2014, the Supreme Court in Riley v. California ruled 9-0 that the police generally need a warrant to search electronic devices of those who are arrested.  The DOJ's policy should have been updated right after this ruling occurred and not almost a year later.     

The bottom line is that privacy still matters in the Digital Age and that transparency and accountability are more important than ever due to the increased sophistication of digital surveillance tools.

Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.

Radio Shack's Proposed Sale Of Customer Data Violates Its Privacy Policy

Radio Shack is on life support and will soon no longer exist in its current format.  Its unfortunate that a store I grew up going to with my grandfather will soon be out of business.  Its last great hurrah was its awesome Super Bowl ad that brought back its glory days from the 1980's. 

Radio Shack is losing so much money that it has resorted to selling one of its most prized assets.  Its customers' personal information.  What is most disturbing is that despite its long stated privacy promise that "[w]e will not sell or rent your personally identifiable information to anyone at any time," this promise may be ignored in bankruptcy court. 

Last year, an educational technology company ConnnectEDU tried to sell the millions of records it had accumulated on young children and the FTC stepped in and fought to require it to honor its privacy promises.  My hope is that the FTC joins Texas regulators in fighting to protect Radio Shack's customers' personal information.  Personally Identifiable Information is extremely valuable and its a very positive step that regulators are beginning to understand the importance of requiring companies to honor their privacy commitments to its customers or users. 

I don't want data brokers to learn about all of the cool things I use to make with my late grandfather.  Its none of their damn business! 

Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.

New York Times Facebook Content Deal Is A Threat To Personal Privacy

The New York Times is one of the world's most respected news organizations and one of the most popular destinations for news on the Internet.  However, I was dismayed to read in The New York Times that it may strike a deal to house some of its content inside Facebook.

This is a very troubling development for not just the media landscape but also for the freedom of thought and expression.  The ramifications of this potential deal will erode the privacy of The New York Times' readers and it will enable data brokers and their clients to create richer profiles of those who read the paper via Facebook due to Facebook's troubling deal with multiple data brokers.

When a New York Times reader utilizes Facebook to access articles, this information will be sent to Facebook's data broker partners who will insert this content into a user's digital dossier.  This data may be utilized by banks, insurance companies, employers, etc... to discriminate against people for reading about certain topics.  For example, when someone reads a lot of articles about their race, sexual orientation, health issue, religion, etc.. this data will be tracked and a data broker may provide it to one of their clients who may utilize it to decide on whether a reader is a good fit for a job. 

While ad networks and other digital tracking platforms already combine every digital morsel about users they can find, being able to track users from their personal Facebook account creates a new level of data purity that from a privacy standpoint is very troubling.  I don't want data brokers to be able to track everything that I read on The New York Times and combine that information with other personal characteristics about myself.

Due to Facebook's troubling privacy policy and practices, I do not utilize it for personal communications and I have no plans on doing so in the future.  I urge The New York Times and others who may be thinking about hosting their content on Facebook to think about these important privacy issues before finalizing any deal that may harm their users' in unanticipated ways.

Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.

Maryland's Student Data Privacy Act of 2015

Last fall, California enacted what Education Week called a "landmark" student-data privacy law (SB 1177).  This was passed because some educational technology companies were caught abusing their access to personal student data. 

As a parent, the digital privacy of my children is very important.  I don't want an educational technology vendor using my kids' school created digital data for behavioral advertising or for profiling purposes that may be utilized to discriminate against them in the future.  The Family Educational Educational Rights and Privacy Act (FERPA) was enacted in 1974 and has not kept up with the innovative digital learning technologies that are becoming more widely available for our students. 

Today, schools utilize cloud-based technologies, apps, and other digital services to teach our children.  Unfortunately, metadata created from these platforms is not considered an educational record under FERPA and thus not protected from the prying eyes of advertisers and others who covet this rich information.  Therefore, students and their families need stronger legal privacy protections.  Absent more robust student privacy laws, our children's privacy and safety will be compromised and innovative learning and educational technologies will face increased parent skepticism and opposition. 

Maryland, a state that has vied with California to be a national leader in digital privacy protection recently introduced the Student Privacy Act of 2015.  The bill is modeled after California's groundbreaking SB 1177.  Mark Schneiderman, senior director of education policy for the Software & Information Industry Association said California's SB 1177 "seems to generally strike the right balance".  Thus, the SIIA should hold the same position on Maryland's student data privacy act. 

Last month, President Obama gave a historic speech at the FTC about his privacy agenda for the last two years of his term.  In regards to student privacy the President stated: "But we’ve already seen some instances where some companies use educational technologies to collect student data for commercial purposes, like targeted advertising.  And parents have a legitimate concern about those kinds of practices.

So, today, we’re proposing the Student Digital Privacy Act. That's pretty straightforward.  We’re saying that data collected on students in the classroom should only be used for educational purposes -— to teach our children, not to market to our children. We want to prevent companies from selling student data to third parties for purposes other than education.  We want to prevent any kind of profiling that outs certain students at a disadvantage as they go through school."

Congress is also concerned about student privacy issues.  On February 12, 2015, it held a hearing entitled, "How Emerging Technology Affects Student Privacy".  The testimony during the hearing demonstrated that FERPA needs to be updated.  While my hope is that one day Congress passes stronger student privacy legislation, I am not optimistic in the short term due to all of the acrimony on Capitol Hill. 

Until this occurs, states such as Maryland must fill this void and step up to protect the digital privacy and cyber security of our kids. 

Copyright 2015 by Shear Law, LLC All rights reserved.

French Police Told To Erase Social Media Profiles

According to CNN, "French law enforcement officers have been told to erase their social media presence and to carry their weapons at all times because terror sleeper cells have been activated over the last 24 hours in the country".  The Charlie Hebdo terrorist attack and subsequent terrorist attacks on civilian targets in France have led the police to rethink cyber safety and security in the country.

The order to erase social media profiles in France is not unique.  Last November, UK police officers were told not to discuss their jobs on social media.  In 2009, the Pentagon mulled banning soldiers using social media and in 2011 China banned its soldiers from using social media.  

I believe it is time for the U.S. military, federal and state government agencies, and law enforcement officials re-evaluate their social media policies.  Privacy is not just cool but a necessity for personal safety and national security. 

Too many self-described social media experts/consultants/ninjas/gurus/etc....are telling people how important it is to create detailed public LinkedIn profiles, share your most personal information on Facebook, Google+, Instagram, Twitter, etc...  Some of the phrases these "experts" utilize when providing their advice include, "social media is about a conversation", "be authentic", "sharing is caring", etc...  Don't trust any social media consultant who shares too much personal information online and/or uses Twitter or other digital platforms to have regular public conversations.

It is time for Internet users to re-evaluate their relationship with social media and digital platforms that are not created with a privacy first mentality.  Privacy is hip and in because sharing too much may destroy your reputation, get you fired, or get you killed.  Therefore, you need to ask yourself if its time to limit or erase any of your social media profiles.   

Copyright 2015 by Shear Law, LLC All rights reserved.

Facebook Message Scanning Lawsuit Moves Forward

According to Reuters, U.S. District Judge Phyllis Hamilton in Oakland, California recently ruled that a lawsuit alleging Facebook violates its users privacy by illegally scanning the contents of  messages sent on its platform for advertising purposes may move forward.  This lawsuit appears to sound similar to a recent lawsuit against Google for scanning users emails for advertising purposes.   

It appears that Facebook is claiming that the scanning of emails for advertising purposes is "an ordinary business practice".  Only in the world of Facebook and Google is scanning personal messages for advertising purposes an acceptable "ordinary business practice."  Is it an ordinary business practice for the U.S. Postal Service, Federal Express, United Parcel Service, etc... to scan the contents of their packages to build user profiles about senders/receivers for advertising and other purposes?  Of course not.  Therefore, why do some digital based companies believe this practice is ordinary and should be legal?

According to ArsTecnica, the court "read Facebook's entire terms of service. And, in this case, their vague language—typically used to provide broad immunity—became a liability: "[the document] does not establish that users consented to the scanning of their messages for advertising purposes, and in fact, makes no mention of 'messages' whatsoever." Thus, the plaintiffs may have had reason to expect that their messages would remain private. And, although the practice may have been discontinued, the plaintiffs allege that Facebook could start scanning messages again whenever it wanted to."

On Facebook's home page it states, "Connect with friends and the world around you on Facebook".  Nowhere does it state that your messages will be scanned for advertising purposes.  Should Facebook and other digital properties such as Google that are actually digital advertising platforms that masquerade as other services be required to have clear warnings every time a user sends and/or opens up a message (or uses other services) from their platform?  The FDA recently created new calorie labeling rules to better inform Americans about the foods they eat so should the FTC create rules that require digital platforms to be more transparent about their practices to better protect the privacy and safety of its citizens?   

The biggest challenge for plaintiffs moving forward may be to identify how Facebook's actions have financially harmed them.  Unfortunately, the court system in general has been slow to recognize privacy harms absent a direct monetary loss from a practice.  Will the Sony Hack change this mentality?  We may find out in the new year.  

Copyright 2014 by Shear Law, LLC.  All rights reserved.

Britain Jails First Revenge Porn Perp

According to The Guardian, the UK has jailed its first revenge porn perpetrator.  Luke King, 21 has been jailed for posting revenge porn online.  He was given a 12-week sentence after pleading guilty to online harassment.

It appears that Mr. King had published naked photos of a woman on WhatsApp earlier this year after threatening her.  On October 13, 2014, I discussed that the UK was set to criminalize revenge porn because it is a growing problem not only in the UK but also around the world. 

While a 12-week sentence may not sound like much for harassing someone online, it may make someone think twice before posting compromising photos of others in the future.  It is too soon to speculate whether the UK's new revenge porn law is a strong enough deterrence.

The law is constantly trying to catch up with technology so it doesn't surprise me that this may be the first case in the UK where someone was jailed for uploading revenge porn.  A major challenge with revenge porn is the likelihood of needing to play a game of whack a mole to remove it from the Internet.  Once content is posted online it is extremely difficult for it to be permanently removed. 

Copyright 2014 by Shear Law, LLC.  All rights reserved.

Dr. Selfie, Joan Rivers, Social Media Privacy, and HIPAA Violations

CNN is reporting that while the late comedian Joan Rivers was under anesthesia during the procedure that led to her death one of the doctors took a selfie with her without her consent.  If this allegation is true this is a blatant violation of the Health Insurance Portability and Accountability Act.

This is not the first time a doctor has been accused of inappropriate digital behavior.  Earlier this year, a Seattle doctor was accused of sexting during surgery.  Last year, a doctor was accused of posting photos of a drunk emergency room patient online.  There is no excuse for this type of behavior.   Inappropriate digital interactions is not just a problem in the medical profession.  An Arkansas judge recently was disbarred for leaking confidential information online about an adoption involving actress Charlize Theron.

Was Ms. Rivers' doctor so focused on getting the perfect selfie that the appropriate standard of care not followed?  If it is proven that a doctor took an unauthorized selfie of Joan Rivers during a medical procedure the doctor should lose his medical license.  Regardless of the medical examiners findings on the cause of death, the act of taking a selfie with a patient without consent who is being operated on may in and of itself create significant legal liability.  There is no room in the medical profession for this troubling behavior.

Copyright 2014 by Shear Law, LLC All rights reserved.

California Bill To Regulate Student Social Media Monitoring Services

California's legislation that would regulate social media monitoring of secondary students is one step away from becoming law.  AB-1442 is now on the governor's desk and awaiting his signature or veto.  The bill appears to compliment SB 1349 that protects the social media privacy of students.  While I believe this bill is a good first step, it should be expanded to include post-secondary students.

AB-1442 is greatly needed because companies are approaching secondary and post-secondary schools to social media monitor students.  In secondary schools, these companies generally claim their services help prevent bullying and youth suicide.  In post-secondary schools, these companies generally claim their services help protect the brand of the school and "educate" students. 

Several years ago, social media consultants/their companies focused on monitoring student-athletes in colleges.  They approached school athletic departments and told them to require student-athletes to provide access to their personal social media accounts via disclosing/authenticating user names/passwords and/or installing cyber monitoring software via apps and/or other means.  For approximately $10,000 per year, these services claimed they would help protect a school's athletic brand by monitoring their student-athletes social media activity.  

Since this issue first gained national attention, dozens of states and Congress have introduced and/or enacted legislation that protects students, schools, and taxpayers from these troubling social media consultants and their services.  Our children need to be protected from some of these companies because the founders of these services may lie about the legality of their services and/or intentionally misrepresent their background/experience.  Some of these companies have also been caught re-purposing personal student social media posts for advertising purposes. 

For years, I have warned about the dangers of wide spread social media monitoring of students.  These services may lead to tens of millions of dollars in legal liability for schools along with undemocratic censorship (either self-imposed or government created) by stifling our students' free thought process.  When I read George Orwell's 1984 in high school, I never imagined that U.S. schools would consider implementing these troubling monitoring services.

Absent stronger laws to regulate social media monitoring of students, I am afraid we may become Airstrip One (the location of 1984) and our children will not experience the same privacy protections that previous generations enjoyed.

Shouldn't our children be able to learn from their digital mistakes without fear that they will follow them for the rest of their lives?  Instead of spending money to social media monitor our students why not instead use the same resources to educate them?  Have some school districts forgotten about the phrase, "give a man a fish and you feed him for a day; teach a man how to fish and you feed him for a lifetime?  

Carpe Diem. O Captain My Captain fight for liberty, privacy, and freedom. 

Copyright 2014 by Shear Law, LLC All rights reserved.

#SocialMediaFail: PayPal director Rakesh Agrawal Departs After Troubling Tweets

Social Media may be utilized to fund raise for philanthropic causes, to crowd source to help catch criminals, and to help unite family members.  Unfortunately, too many people have lost their jobs because of the content they have posted online.   

The latest person who appears to have joined the #SocialMediaFail club is now former PayPal Director Rakesh Agrawal.  According to The Daily Mail, Mr. Agrawal went on a late night Twitter tirade while in New Orleans.  Mr. Agrawal appears to have made some derogatory comments about his co-workers online that became newsworthy very quickly.  While there appears to be some dispute as to the timing of Mr. Agrawal's departure from PayPal; there is no denying that soon after his Tweets appeared he stopped being employed by PayPal. 

New Orleans is one of the most interesting and exciting cities in the world.  I have had the pleasure of visiting the city on many occasions and experiencing some of the fun festivals and events that the city hosts.  However, not everything one does in New Orleans is meant for the entire world to see.  Unfortunately, what goes on in "Vegas (or in New Orleans or anywhere else) stays in Vegas" may no long apply in the Digital Age.

The bottom line is that everyone, including self described "tech/social media experts", "social media consultants", and the "digerati" need to better understand the ramifications of publicly posting personal thoughts and/or images online.  My hope is that those who read about this incident will realize that just because you may have a Twitter account it does not mean you should actively Tweet.

Copyright 2014 by Shear Law, LLC.  All rights reserved.

Tweets, School Bathrooms, The First Amendment, and The Right To Privacy

What if a student takes a photo of behavior occurring in the common area of a school bathroom during school hours that appears to violate school policy and then Tweets out the image with commentary?  Should the photographer who captured and Tweeted out the image be disciplined but those whose behavior allegedly violated school policy not be punished?  This is a question that a public high school in Maryland is answering.  

Recently, a student Tweeted out a selfie of herself with two other students in the background allegedly engaging in sexual contact.  As of this writing, the photo has been re-tweeted over 14,000 times.  After school administrators became informed about the situation, the Tweeter was suspended for ten days.  The students who appeared in the photo (their faces are not viewable) allegedly engaging in some type of personal interaction that may or may not be of a sexual nature were not disciplined.  

I am very protective of free speech rights; especially for students.  I strongly believe in the Tinker v. Des Moines decision which ruled that students do not leave their constitutional rights at the school house gate.  However, I believe in Griswold v. Connecticut's ruling that we all have a right to privacy.  Mobile devices and wearable technology will test the right to privacy versus the first amendment in the Digital Age.  This situation demonstrates that their are no easy answers regarding where our first amendment rights end and our right to privacy begins.

Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved. 

Digital Miranada Warning: IAC Executive Learns The Hard Way That You Have the Right To Remain Silent Online

Too many people don't understand the power of social media.  Fortune 500 executives, professional athletes, student-athletes, students, entertainers, politicians, etc... have all gotten into hot water because of their digital usage.  I regularly counsel members of these groups about the legal, business, and reputational challengers inherent with social media and other digital communication tools and it pains me whenever I hear about someone posting something online that may destroy their professional career. 

The latest Tweet that has gone viral and may be a career killer was posted on an account allegedly utilized by pr executive Justine Sacco of IAC.  She allegedly wrote while en route to Africa, "Going to Africa. Hope I don't get AIDS.  Just Kidding.  I'm white!"  By the time Ms. Sacco's plane landed, this message on her account went viral and caused a pr nightmare for herself and her employer IAC.

Too many self styled "branding experts", "social media consultants", etc.. advise people to share too many personal opinions online.  I disagree with this advice and generally agree with Mark Twain's adage, " [i]t is better to remain silent and be thought a fool than to open one's mouth and remove all doubt."

It is better to remain silent and be thought a fool than to open one's mouth and remove all doubt.
Read more at http://www.brainyquote.com/quotes/quotes/m/marktwain103535.html#STC0rGBGPI5OUGP7.99

It is better to remain silent and be thought a fool than to open one's mouth and remove all doubt.
Read more at http://www.brainyquote.com/quotes/quotes/m/marktwain103535.html#qG8bQHKbUMwqmy7s.99

It is better to remain silent and be thought a fool than to open one's mouth and remove all doubt.
Read more at http://www.brainyquote.com/quotes/quotes/m/marktwain103535.html#qG8bQHKbUMwqmy7s.99

Internet users may want to learn about my Digital Miranda Warning that is a take off of the criminal law Miranda Warning that suspects are provided. The Miranda Warning states, "You have the right to remain silent. Anything you say can and will be used against you in a court of law. You have the right to an attorney. If you cannot afford an attorney, one will be provided for you. Do you understand the rights I have just read to you? With these rights in mind, do you wish to speak with me?"

My Digital Miranda Warning sates, "You have the right to post online.  Anything you post online can and will be used against you by employers, schools, the media, etc....  You have the right not to post online.  If you feel compelled to post, don't upload anything that may make you look unprofessional.  With these rights in mind, do you still wish to post online?"

While my Digital Miranda Warning has saved some of my clients from digital career destruction, my hope is that more people become educated about the risks associated with utilizing social media before their online behavior destroys their reputation.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.

Snapchat iOS Update May Be A Danger To Privacy

Privacy is in vogue.  I believe Mark Zuckerberg's so called "Law of Information Sharing" is dead. While we as a society may continue to share more information online via social media, the cloud, apps, email, etc... people are more aware of the dangers of sharing too much so they are changing their behavior accordingly. 

Facebook recently admitting that younger teens are using their platform less.  Why? The answer is debatable; however, I believe it has something to do with parents, employers, schools, the police, governments, etc... wanting access to their personal digital content.  To help users believe the content they send online is safe from prying eyes multiple apps and other digital services have popped up that claim that user privacy is built in by design.  One of the most popular apps that claim they are built with privacy in mind is Snapchat.

Snapchat has become so popular that it was recently reported that Facebook tried to acquire the company for $3 billion dollars and Google may have offered $4 billion dollars.  There are allegedly 400 million snaps (images sent via Snapchat) received daily on the platform apparently because users believe their content is safer sent via Snapchat than through other services.

While Snapchat offers some better privacy protections than other content sharing apps due to its allegedly disappearing photo offering, its latest iOS update Replay feature actually endangers user privacy by allowing an image to be re-viewed at a later time.  In general, when opening a snap you don't have another image capturing device handy to take an image of the snap being viewed.  Usually, one opens a snap and it disappears after several seconds.  No harm, no foul unless the receiver has another image capturing device handy.  With the new Replay option enabled, if someone sends a  nude selfie or other potentially scandalous image, the receiver now may have plenty of time to have another device ready to capture the image.

Before this iOS update, images sent via Snapchat could be re-purposed beyond their intended usage and there have been some publicized incidents of snaps creating problems for those in the image(s).   For example, a Missouri mom is in legal trouble and was recently charged with endangering the welfare of a child (one of her kids) due to a topless photo her daughter took of her that was sent via Snapchat.  This case demonstrates the potential dangers users may encounter when taking personal photographs/videos and disseminating the images via digital platforms; even through Snapchat.

Providing a "second bite at the apple" to view content that a user has deemed "Snapable" or more private than images shared via Facebook is a danger to privacy.  Once content is digitized, it can potentially be sent anywhere in the world and saved for an infinite period of time.  Allowing more opportunities to view potentially scandalous content may put users' privacy at risk.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.

FTC Settles Charges Android Flashlight Mobile App Deceived Users

The FTC is continuing to crack down on companies that are intentionally misleading their users about privacy issues.  According to the FTC, the "Brightest Flashlight" app shared users' location, and device ID without their users' consent. Goldenshores Technologies, LLC was behind the app and this enforcement action appears to be the first involving geo-location data obtained from mobile devices.

The FTC put the mobile ecosystem on notice almost 2 years ago about their privacy concerns.  For example, in February 2012, the FTC issued a mobile privacy report that was focused on children and did a follow up titled Mobile Apps For Kids Report in December 2012.  These investigations demonstrated that some industry players needed to do a better of protecting their users' privacy.  The FTC released another report in February 2013 that reinforced the importance of these issues.  In July 2013, the National Telecommunications and Information Administration (NTIA) published a draft of self-regulatory guidelines for privacy notices for mobile app and the Digital Advertising Alliance released a best practices guide for its members.

The FTC's announcement of this action is very timely considering that the lead article on the front page of today's Washington Post discussed how the NSA tracks cellphone locations worldwide.  A major problem with Goldenshores' app was that it did not disclose that user information would be "sent to third parties, such as advertising networks."  Another problem with the app was that before a consumer could choose to accept its terms and conditions, it began collecting and sending the potential users' personal information to third parties.

To view the settlement here is the link.  Public comments will be accepted through January 6, 2014. To contact the FTC regarding this matter here is the link.  Mobile app creators must be transparent and honest with their customers about the information that they collect and re-purpose. I make a personal choice to avoid many apps due to the privacy issues inherent and it would not surprise me if more mobile app companies incorporate privacy into the design of their products in the near future.

With access comes responsibility.  The more information a mobile app maker collects about their users the more information that the NSA and/or other government entities may be able to collect and utilize.  Apps and mobile ecosystems that are collecting a lot of information about their users are not only harming their users' personal privacy but also making it easy for the NSA to spy on their users.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.

Twitter must produce Occupy Wall Street Tweets

Twitter has been ordered to turn over the public Tweets of Occupy Wall Street protestor Malcolm Harris. The ruling is not surprising since the Tweets were previously public and anyone with Internet access could view them. The Tweets are no longer available online; however, they have been saved on Twitter's servers. Twitter and Harris' attorney have been trying to quash the Manhattan district attorney's subpoena demanding the Tweets but have been unsuccessful.

On April 23, 2012, I stated that, "Once a Tweet is public to the entire world you don't have an expectation of privacy even if the Tweet has been deleted. Former Congressman Anthony Weiner learned the hard way (no pun intended) that once you post something publicly you have no expectation of privacy.

On July 3, 2012, I stated that, "If the Tweets had been on a protected Twitter account then a warrant may have been required to access the Tweets. In general, I have no problem with law enforcement obtaining and utilizing social media evidence. However, the government must go through the proper legal channels to obtain, authenticate, and utilize social media evidence at trial.

While I applaud Twitter fighting for the digital privacy rights of its users, I believe that continuing to fight a subpoena for content that was once public is a losing battle. However, I believe that Twitter along with other social media companies should continue fighting for the personal privacy rights of its users.

To learn how social media intersects with the law you may contact me at http://shearlaw.com/attorney_profile.

Copyright 2012 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

Will Australia's proposed digital data retention law put its citizens at risk?

Governments around the world are trying to determine how to implement digital public policy that takes into account how people are utilizing social media and other new technology platforms. Unfortunately, some lawmakers and governments are making proposals that may have unintended side effects.

For example, the Australian government recently proposed a digital data retention law that may create an undue burden on Internet service providers and technology companies. In addition, this proposal sharply curtails Internet users' digital privacy and creates more opportunities for cyber criminals. According to Computerworld, if enacted the new law would require technology companies to retain their users' data for up to two years which may include their customers' web surfing history information.

Putting aside the privacy issues, the Australian government may not realize that the more data a company is required to collect the greater its compliance costs and cyber liability insurance premiums. More data retention means increased server costs, higher electricity bills, greater security costs, etc....

While the intention of the proposed law is noble in that the government believes the law would assist in fighting crime, there may be some unintended side effects. When companies collect more data about their customers they become bigger targets for cyber criminals.

Therefore, it is imperative for governments to create sound digital public policy that properly weighs all of these concerns.

To learn more about these issues you may contact me at www.shearlaw.com.

Copyright 2012 by the Law Office of Bradley S. Shear, LLC All rights reserved.

California: First state to pass comprehensive social media privacy legislation

California has become the first state to pass social media privacy legislation that protects employers/employees/job applicants and schools/students/student applicants. According to The Recorder, California has passed AB 1844 which prohibits employers from requiring access to their employees' or job applicants' personal social media credentials and personal password protected digital content. Last week, California passed student social media privacy legislation that would prohibit post-secondary educational institutions from requiring access to their students' or student applicants' personal social media credentials and personal password protected digital content.

Earlier this year, Maryland and Illinois enacted social media privacy legislation that may protect employers from social media related lawsuits while also protecting the personal privacy of employees and job applicants. Last month, Delaware enacted social media privacy legislation that may protect schools against social media related lawsuits while also protecting the personal privacy of students and student applicants. However, California is the first state to pass comprehensive legislation that protects employers/employees/job applicants and schools/students/student applicants. If Governor Brown signs both SB 1349 and AB 1844, California will become the first state to enact across the board social media privacy legislation.

AB 1844 is a huge win for the business community because it may provide California businesses with a legal liability shield from plaintiffs who may allege that businesses have a legal duty to monitor their employees' personal password protected digital content. This legislation may collectively save California businesses tens of millions of dollars a year in costs to monitor their employees' personal digital accounts. In addition, this law may save California businesses tens of millions of dollars per year on cyber liability insurance premiums that would accompany a duty to monitor employees in the digital/social media space.

With access comes responsibility. Since California businesses will not have access to their employees' personal digital content they will not become responsible for their employees' personal social media behavior. Employers do not have a duty to monitor their employees' activities outside of work in the real world so employers should not create a duty to monitor their employees' non-corporate digital activities.

This legislation is also a major victory for employees and job applicants. California employers may no longer ask employees or job applicants to provide access to their personal digital or social media accounts. For example, during a job interview an employer may not request an applicant log into their personal Facebook account or to "Facebook Friend" a hiring manager. In addition, an employer may not require an employee provide access to their personal password protected digital accounts. Job applicants and employees must understand that they should still be careful about the content they post online, utilize the proper privacy settings, and carefully screen who they "Friend" online.


(Full Disclosure: I advised California Assembly Member Campos' office on this legislation.)

To learn more about these issues you may contact me at www.shearlaw.com.

Copyright 2012 by the Law Office of Bradley S. Shear, LLC All rights reserved.