Privacy is something you don't know you have until you lose it. Unfortunately, the Internet has gone from the world's greatest communication and knowledge spreading platform to the best surveillance tool ever invented.
According to The Independent, UK police may soon be granted the power to view the web browsing history of everyone in the country. The alleged bill would require communication companies to retain all web browsing history of its customers for 12 months in case the police or spy agencies want access. The article claims that the police will still need to go through some type of judicial process to obtain the data.
A user's Internet search history may be very useful for law enforcement. For example, in the United States, it appears that in the infamous disappearance of Caylee Anthony the police may have forgotten to check all of the Internet browsing history of a computer that was searched. If all of the browsing history of the computer that was checked was readily accessible in one dashboard would it have changed the outcome of the case?
This potential new UK law is very troubling. Will phone companies soon be required to tape record every phone call that is made? Will people soon be required to tape record every personal voice conversation and keep a physical copy of every pen and paper interaction they have? Will librarians soon be required to track every request by every user and keep it on file for 12 months?
The potential for abuse is tremendous. Will one be prosecuted for just doing an Internet search about a topic? Who will have access to it? Will the proper cyber security and privacy safeguards be implemented to protect the data? What happens when multiple people utilize a device? Will everyone eventually be forced to have their own Internet ID # to track everything they do online? How much compensation will one be able to obtain after their browsing history is illegally leaked to the media? These are just some of the many questions that need to be answered.
Unfortunately, it sounds as though George Orwell's Nineteen Eighty-Four surveillance society is coming true in the U.K. Which country will be next?
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Friday, October 30, 2015
Thursday, October 29, 2015
Snapchat's Troubling New Terms Destroy User Privacy and Safety
Snapchat is an ephemeral messaging app that has become popular with millions of people due to its claim that the content users send using its platform is permanently erased after a certain period of time. This sounds great; however, federal regulators have found otherwise.
According to the FTC, in 2014 Snapchat was caught making false promises to consumers about the amount of content it was collecting and saving about them. This deception led to an FTC settlement that was announced in December of 2014 that prohibits Snapchat from misrepresenting the extent to which it maintains the privacy, security, or confidentiality of users' information.
Unfortunately, this settlement has not yet encouraged Snapchat to become a company that actually cares about user privacy and personal safety. For example, Marketwatch.com has reported that Snapchat recently changed its terms of service and the update appears to be very similar to Facebook's terms. Snapchat's new policy states,
"But you grant Snapchat a worldwide, perpetual, royalty-free, sublicensable, and transferable license to host, store, use, display, reproduce, modify, adapt, edit, publish, create derivative works from, publicly perform, broadcast, distribute, syndicate, promote, exhibit, and publicly display that content in any form and in any and all media or distribution methods (now known or later developed)."
and
"To the extent it’s necessary, you also grant Snapchat and our business partners the unrestricted, worldwide, perpetual right and license to use your name, likeness, and voice in any and all media and distribution channels (now known or later developed) in connection with any Live Story or other crowd-sourced content you create, upload, post, send, or appear in. This means, among other things, that you will not be entitled to any compensation from Snapchat or our business partners if your name, likeness, or voice is conveyed through the Services."
In other words, these terms allow Snapchat to publicly display user content and utilize personal data in ways many users most likely do not understand nor would they knowingly agree to. Will Snapchat soon include a clear warning message in front of its app stating that its new terms harm user privacy and safety? I highly doubt it....:)
I do not trust services that contain the above or similar terms. Whether its words, photos, or videos, your content is not private nor safe when the above terms govern. If you don't trust Facebook because of its privacy killing agreements with data brokers you shouldn't trust Snapchat. It appears not to be a question of if, but when Snapchat enters into similar privacy killing agreements with data brokers. Will the FTC soon open an investigation into these new terms?
The bottom line is that if you care about your personal privacy and safety you should avoid utilizing Snapchat.
I do not trust services that contain the above or similar terms. Whether its words, photos, or videos, your content is not private nor safe when the above terms govern. If you don't trust Facebook because of its privacy killing agreements with data brokers you shouldn't trust Snapchat. It appears not to be a question of if, but when Snapchat enters into similar privacy killing agreements with data brokers. Will the FTC soon open an investigation into these new terms?
The bottom line is that if you care about your personal privacy and safety you should avoid utilizing Snapchat.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Wednesday, October 21, 2015
U.S. Must Pass Judicial Redress Act To Demonstrate International Privacy Leadership
The
recent invalidation of the U.S.-E.U. Safe Harbor Agreement by the European Union Court of Justice has demonstrated that the U.S. must enact privacy laws that protect
non-U.S. citizens from law enforcement over reach. The Snowden NSA revelations
that were first revealed in 2013 not only angered many American citizens and
civil rights advocates, but they also created a schism with Europe regarding government
surveillance and digital privacy.
For
the past 15 years, companies that do business across the Atlantic have relied
on the U.S.-E.U.Safe Harbor Agreement to transfer personal data from the E.U.
to the U.S. While this agreement was not perfect, it created a mechanism that
was consistent with E.U. data protection directives that enabled companies to process
and utilize personal digital data without running
afoul of E.U. privacy laws.
Austrian privacy advocate Max Schrems' challenge against Facebook regarding how it
handles the data it collects from E.U. users was the catalyst behind the demise of Safe Harbor. E.U.data protection authorities have given lawmakers in the U.S. and the E.U.
three months to negotiate a new treaty to replace the Safe Harbor’s data
privacy protocols. Under E.U. law,
personal information may be exported if it is provided the same protections
that are offered in the E.U.
U.S. digital privacy protections are generally stuck in the 1980’s and many of our laws did
not anticipate how technology would change over time. While privacy has been a fundamental human right in the E.U. since 1950, U.S. digital privacy rights have been
slow to evolve to catch up with how we are utilizing the many life changing services
and devices that are now being deployed.
Congress
is working on strengthening our digital privacy rights but the process has been
slow and arduous. Fortunately, yesterday’s
passage of the Judicial Redress Act in the U.S. House of Representatives which will enable foreign
citizens to have the same legal rights as U.S. citizens if law enforcement
violates their personal privacy rights is a step in the right direction. While the bill still must be passed in the
Senate and signed by the President to become law, this development demonstrates
that we are on the right track and hopefully this will help lead to a new U.S.-E.U. Safe Harbor data agreement.
This legislation and others such as ECPA reform, and the Law Enforcement Access To Data Stored Abroad Act (LEADS) are much needed bills that must be enacted to demonstrate that we will be a beacon for digital privacy rights. We can have both privacy and security while respecting fundamental human rights. However, we must showcase this leadership by enacting digital privacy laws that equally protect both U.S. and foreign citizens.
This legislation and others such as ECPA reform, and the Law Enforcement Access To Data Stored Abroad Act (LEADS) are much needed bills that must be enacted to demonstrate that we will be a beacon for digital privacy rights. We can have both privacy and security while respecting fundamental human rights. However, we must showcase this leadership by enacting digital privacy laws that equally protect both U.S. and foreign citizens.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Saturday, September 26, 2015
Facebook "Unfriending" May Create Legal Liability
Be careful whom you Facebook "friend" and "unfriend" because this act may have legal consequences. An employment law case originating in Australia recently mentioned Facebook "Unfriending" in one of its decisions as a point of contention and it wouldn't surprise me if this issue gains more legal significance in similar cases around the world.
According to Wired UK, Australia's Fair Work Commission recently stated that that "unfriending" a work colleague showed a "lack of emotional maturity". Did the commission declare the act bullying? No; however, the fact that this was even mentioned demonstrates that the issue was on the minds of the commission's members and that it may play a larger role in future decisions.
This new development demonstrates the importance of creating reasonable digital policies and training and continually educating employees about online issues. The bottom line is that every digital mouse click and character posted may have legal repercussions. Therefore, its imperative to ensure that the legal issues inherent are understood before you "friend" or "unfriend" people on Facebook and other electronic platforms.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Tuesday, September 22, 2015
Did Volkswagen Violate the Computer Fraud and Abuse Act?
I was very troubled to learn that Volkswagen has been intentionally misleading consumers, governments, and other industry members about its cars' emissions. This was obviously an attempt engineered to steal market share away from its competitors, harm consumers, and mislead governments about its practices. As a former Volkswagen owner, I am outraged by this behavior.
When I recently took my car to have its bi-annual emissions inspection in Maryland, I wondered if the inspection was still really needed because I was under the impression that all cars today adhere to the EPA's emissions standards. Obviously, Volkswagen's intentionally reckless and illegal behavior will ensure that state emissions testing programs will continue on for years to come.
There are potential FTC Article 5 unfair and deceptive trade practice and state consumer protection violations here. In addition, it wouldn't surprise me if there are multi-billion dollar class action lawsuits filed. However, one legal issue that has been largely overlooked is that it appears Volkswagen hacked its own car software for monetary gain.
Investigative Journalist Bob Sullivan was the first reporter to discuss the hacking issue in the proper context. In a recent article he stated, the "Volkswagen story should be the beginning of some really serious soul searching, perhaps even a turning point for the Internet of Things. It’s inevitable: our light bulbs, toasters, door bells, and our cars will all communicate some day soon. We need a rock-solid ethic — not just laws, but a social morality — that machines should never do things unless people know all about them."
Did Volkswagen violate the Computer Fraud and Abuse Act by intentionally accessing software without car owners' knowledge or consent? Did it also violate multiple state computer access/hacking laws?
While its too soon to speculate on all of the fallout that will occur, I believe this matter will bring more attention to computer/digital crimes, the Internet of Things, and the privacy and cyber security issues inherent. My hope is that federal and state authorities make an example out of Volkswagen so other companies are less inclined to follow the same path.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
When I recently took my car to have its bi-annual emissions inspection in Maryland, I wondered if the inspection was still really needed because I was under the impression that all cars today adhere to the EPA's emissions standards. Obviously, Volkswagen's intentionally reckless and illegal behavior will ensure that state emissions testing programs will continue on for years to come.
There are potential FTC Article 5 unfair and deceptive trade practice and state consumer protection violations here. In addition, it wouldn't surprise me if there are multi-billion dollar class action lawsuits filed. However, one legal issue that has been largely overlooked is that it appears Volkswagen hacked its own car software for monetary gain.
Investigative Journalist Bob Sullivan was the first reporter to discuss the hacking issue in the proper context. In a recent article he stated, the "Volkswagen story should be the beginning of some really serious soul searching, perhaps even a turning point for the Internet of Things. It’s inevitable: our light bulbs, toasters, door bells, and our cars will all communicate some day soon. We need a rock-solid ethic — not just laws, but a social morality — that machines should never do things unless people know all about them."
Did Volkswagen violate the Computer Fraud and Abuse Act by intentionally accessing software without car owners' knowledge or consent? Did it also violate multiple state computer access/hacking laws?
While its too soon to speculate on all of the fallout that will occur, I believe this matter will bring more attention to computer/digital crimes, the Internet of Things, and the privacy and cyber security issues inherent. My hope is that federal and state authorities make an example out of Volkswagen so other companies are less inclined to follow the same path.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Wednesday, September 9, 2015
Cybersecurity Alert: Porn App Blackmails Users
As a former New Yorker, I loved the Broadway musical "Avenue Q". There are some Broadway shows that have widespread appeal because they are a microcosm of our society. The production had many memorable musical numbers; however, one that is timeless is "The Internet is for Porn."
In 2013, more people visited porn websites than Twitter, Amazon, and Netflix combined. In other words, Avenue Q's "The Internet is For Porn" still resonates with audiences more than 12 years after it was introduced. Not only have Broadway writers taken note of society's love affair with porn so have hackers and criminals.
According to CNN, a porn app called, "Adult Player", "secretly takes your photo and locks you out of your digital device and demands $500 to unlock it. This activity is known as ransomware and it is becoming a growing challenge. Criminals have even successfully targeted police departments and law firms with these schemes.
To avoid becoming a victim of this type of crime, it is imperative to be careful what you download. Even if something appears to be legitimate it may be a phishing expedition by a criminal enterprise. Therefore, if an email attachment or link looks suspicious delete it. If someone really wants to get in touch with you they will figure out a way to do so.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
In 2013, more people visited porn websites than Twitter, Amazon, and Netflix combined. In other words, Avenue Q's "The Internet is For Porn" still resonates with audiences more than 12 years after it was introduced. Not only have Broadway writers taken note of society's love affair with porn so have hackers and criminals.
According to CNN, a porn app called, "Adult Player", "secretly takes your photo and locks you out of your digital device and demands $500 to unlock it. This activity is known as ransomware and it is becoming a growing challenge. Criminals have even successfully targeted police departments and law firms with these schemes.
To avoid becoming a victim of this type of crime, it is imperative to be careful what you download. Even if something appears to be legitimate it may be a phishing expedition by a criminal enterprise. Therefore, if an email attachment or link looks suspicious delete it. If someone really wants to get in touch with you they will figure out a way to do so.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Tuesday, September 8, 2015
Back To School Student Privacy Issues
Since its back to school time, I thought it would be productive to discuss some digital privacy issues that parents and students should be thinking about. During this time of the year, student privacy is hot because back to school means filling out Family Educational Rights and Privacy Act (FERPA) forms. I filled one out over the weekend and I thought about what type of information I want to keep private and what was best for the school to share about my child (and our family) with other parents and the public. For each parent or guardian, this is a personal decision and there are no wrong answers. What may work for one family may not work for others.
On another note, be careful about what information you post about your children on various social media platforms. In particular, be mindful that neither Facebook nor Google are "friends" of children's privacy. Last year, it was uncovered in federal court that Google was scanning student emails for advertising purposes and I witnessed both Facebook and Google lobbying against stronger student digital data privacy laws in the state of Maryland. With Facebook's new found interest in the education market, parents should be particularly leery about allowing their children's data to be "friends" with Facebook's data mining machine.
The bottom line is that parents should discuss these and other digital privacy issues with their children as soon as they start utilizing digital devices. Its never too early to educate your kids about the virtual world that will affect their physical world.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
On another note, be careful about what information you post about your children on various social media platforms. In particular, be mindful that neither Facebook nor Google are "friends" of children's privacy. Last year, it was uncovered in federal court that Google was scanning student emails for advertising purposes and I witnessed both Facebook and Google lobbying against stronger student digital data privacy laws in the state of Maryland. With Facebook's new found interest in the education market, parents should be particularly leery about allowing their children's data to be "friends" with Facebook's data mining machine.
The bottom line is that parents should discuss these and other digital privacy issues with their children as soon as they start utilizing digital devices. Its never too early to educate your kids about the virtual world that will affect their physical world.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Monday, September 7, 2015
U.S. Dept. Of Justice v. Microsoft: The Fight For Digital Privacy
Last week, the U.S.government issued new guidance regarding when and how federal law enforcement
may deploy cell phone site simulators (i.e. stingray technology) that collect consumer
mobile phone/digital device data. In general, the U.S. Department
of Justice (DOJ) will now require federal officials obtain a warrant to deploy
these technologies and utilize the data collected. This change in policy signals that the U.S.
government is beginning to understand that it must create reasonable rules and
procedures regarding the collection and usage of digital evidence that adheres to the principles of the Fourth Amendment.
While the federal government has changed its policy regarding the
use of cell site simulators, I am perplexed that it hasn’t changed its position
about some other digital data privacy issues. For example, in
a New York City federal appeals courtroom later this week the DOJ will be
squaring off against Microsoft in a matter about digital privacy law that has tremendous international
ramifications. In short, the federal
government wants to be able to require U.S. based companies to turn over digital
data that is held in foreign based servers without being required to follow the
evidence collection laws of the countries where the data is located. This position is very troubling and goes
against well-established national and international law regarding the
collection and usage of evidence.
In general, to obtain physical evidence law enforcement must
follow the laws of the jurisdiction where it is located. In some circumstances jurisdiction occurs by citizenship. However, here the data is located outside the U.S. and the user (DOJ target) doesn't appear to be American. Under these facts, I question the DOJ's theory as to why it has the legal authority to obtain the requested information without the cooperation of the government of Ireland.
The DOJ is arguing that data stored in digital clouds should be treated differently than evidence stored in physical filing cabinets. Interestingly, the DOJ has so far won its flawed argument in federal court so Microsoft has taken its fight to the federal second circuit court of appeals.
The DOJ is arguing that data stored in digital clouds should be treated differently than evidence stored in physical filing cabinets. Interestingly, the DOJ has so far won its flawed argument in federal court so Microsoft has taken its fight to the federal second circuit court of appeals.
Multiple academics (i.e. here
and here)
have previously written about this case (and
so have I) because it sounds like a law school final exam. For non-lawyers this means that the law is
not clear on how to handle this specific situation.
If general jurisprudence on how to handle physical evidence is followed,
the DOJ would be required to contact law enforcement agencies in the country
(in this case it is Ireland) where the digital data is located. However, since this is technology, and the
information requested is stored in the cloud the courts are grappling with how
to handle these issues.
DOJ is claiming (among other things) that since Microsoft (i.e.
or other technology providers) has legal control over its servers in Ireland it should be required to turn over the data requested
without going through the legal process in Ireland. With this
same argument, a foreign government could in turn claim that it doesn’t have to
follow U.S. law when demanding access to U.S. consumer digital data located in
the U.S. if the server provider has operations in that foreign country.
If the DOJ wins its legal argument, in addition to foreign
governments making the same access demands to digital accounts
located in the U.S., a win may also encourage U.S. tech companies to change the
legal structure of their foreign subsidiaries to be able to legitimately claim
that they do not have the authority to access and/or turn over customer data located
in a foreign country. This may lead to
many high paying jobs being transferred from the U.S. to other countries to
oversee the operations of these new legal entities.
Amicus briefs from not only other technology companies, but also from civil rights groups, academic scholars, and privacy advocates supporting Microsoft's position demonstrate that this case is more than just about protecting the bottom line of the U.S. cloud industry. This case goes to the heart of the proper way to handle unique digital
law and public policy issues. Whether
its through the federal courts, or via congressional action such as the Law
Enforcement Access To Data Stored Abroad (LEADS)
Act, or other similar legislation, the U.S. must set an example and take a
leadership role on how to properly balance lawful access with personal privacy.
Regardless of the outcome of this case, it is imperative that a broad international discussion occur on how to handle this and similar burgeoning digital law and public policy issues.
Regardless of the outcome of this case, it is imperative that a broad international discussion occur on how to handle this and similar burgeoning digital law and public policy issues.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Saturday, August 29, 2015
Ballot Selfies, The First Amendment, Privacy, and Public Safety
I was recently contacted by a reporter about the New Hampshire ballot seflie law court case and unfortunately I was not able to get back to the reporter before the article's deadline. I first recall speaking with the media in 2012 about ballot selfies and at that time it was an activity that seemed ready to dramatically increase.
During the past several years, ballot selfie legal issues have picked up steam because some states have enacted laws focused on banning the practice. Laws and regulations that ban videos/photos during certain court proceedings and in polling places were enacted due to legitimate personal safety and privacy concerns. While I am a huge proponent of the First Amendment and frown on undue burdens that limit on speech rights, I am also a believer in strong privacy protections.
Once one is inside the polling area, they should feel confident that their decision to vote will not be broadcast to the public. In 2012, I told ABC News, "[p]eople should feel free to exercise their constitutional right to vote without fear that their votes may be captured and posted online for the entire world to see...Therefore, it is good public policy to restrict the use of cameras and/or video in a public polling area." While many state laws limiting photos/videos in polling places were enacted well before selfies become in vogue, these laws are generally technology neutral and apply to all still photos/video recordings.
I am sure we can find a solution that would allow people to prove to others (online and in the real world) whom they voted for without encroaching on the personal privacy and safety of other voters. I don't believe it would make good public policy to allow for the widespread use of cameras in a polling place because the rise of facial recognition and other biometric technologies raises serious personal privacy and public safety concerns. For example, if polling places started to allow for unfettered taping inside a polling station, the entire world may know whom you voted for based upon any stickers or candidate material you are holding before/after your vote.
Several years ago, a Deputy Sheriff in Hampton Virginia was fired along with several colleagues for "liking" a Facebook page of a political candidate (who was running against his boss and eventually lost). A federal appeals court ultimately ruled that a "Facebook Like" is constitutionally protected free speech; however, this did not change the fact that the Facebook Like dramatically changed the professional careers (and personal lives) of those who were fired for exercising their free speech rights.
In general, I don't recommend posting one's personal ballot online or discussing whom one voted for regardless of the law. Potential employers, marketers, insurers, data brokers, governments, etc... are watching and your vote/political leanings may negatively penalize your career and/or personal life. People should have the right to post whom they voted for online; however, we may need to think of a creative mechanism to allow for ballot selfies while at the same time protect the personal privacy and safety of others in the voting area.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
During the past several years, ballot selfie legal issues have picked up steam because some states have enacted laws focused on banning the practice. Laws and regulations that ban videos/photos during certain court proceedings and in polling places were enacted due to legitimate personal safety and privacy concerns. While I am a huge proponent of the First Amendment and frown on undue burdens that limit on speech rights, I am also a believer in strong privacy protections.
Once one is inside the polling area, they should feel confident that their decision to vote will not be broadcast to the public. In 2012, I told ABC News, "[p]eople should feel free to exercise their constitutional right to vote without fear that their votes may be captured and posted online for the entire world to see...Therefore, it is good public policy to restrict the use of cameras and/or video in a public polling area." While many state laws limiting photos/videos in polling places were enacted well before selfies become in vogue, these laws are generally technology neutral and apply to all still photos/video recordings.
I am sure we can find a solution that would allow people to prove to others (online and in the real world) whom they voted for without encroaching on the personal privacy and safety of other voters. I don't believe it would make good public policy to allow for the widespread use of cameras in a polling place because the rise of facial recognition and other biometric technologies raises serious personal privacy and public safety concerns. For example, if polling places started to allow for unfettered taping inside a polling station, the entire world may know whom you voted for based upon any stickers or candidate material you are holding before/after your vote.
Several years ago, a Deputy Sheriff in Hampton Virginia was fired along with several colleagues for "liking" a Facebook page of a political candidate (who was running against his boss and eventually lost). A federal appeals court ultimately ruled that a "Facebook Like" is constitutionally protected free speech; however, this did not change the fact that the Facebook Like dramatically changed the professional careers (and personal lives) of those who were fired for exercising their free speech rights.
In general, I don't recommend posting one's personal ballot online or discussing whom one voted for regardless of the law. Potential employers, marketers, insurers, data brokers, governments, etc... are watching and your vote/political leanings may negatively penalize your career and/or personal life. People should have the right to post whom they voted for online; however, we may need to think of a creative mechanism to allow for ballot selfies while at the same time protect the personal privacy and safety of others in the voting area.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Friday, August 28, 2015
FTC Announces PrivacyCon Symposium
Earlier today, I received notification from the FTC announcing that on January 14, 2016 it will hold an event called PrivacyCon. According the FTC's website, the conference is designed "to bring together a diverse group of stakeholders, including whitehat researchers, academics, industry representatives, consumer advocates, academics, and a range of government regulators, to discuss the latest research and trends related to consumer privacy and data security."
The FTC has done some great work in privacy and cybersecurity and just like previous events, this event will bring together some of the world's most knowledgeable experts in the field. FTC Chairwoman Ramirez published an excellent op-ed earlier today about the need for this symposium. In her piece, she stated, "[p]olicymakers need to ensure that privacy is respected while innovation flourishes, and technology academics and researchers are crucial to hitting that sweet spot."
Previous FTC symposiums I have attended were well worth my time so if you are interested in learning about some of the most cutting edge regulatory issues in privacy and cybersecurity this event is a must.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
The FTC has done some great work in privacy and cybersecurity and just like previous events, this event will bring together some of the world's most knowledgeable experts in the field. FTC Chairwoman Ramirez published an excellent op-ed earlier today about the need for this symposium. In her piece, she stated, "[p]olicymakers need to ensure that privacy is respected while innovation flourishes, and technology academics and researchers are crucial to hitting that sweet spot."
Previous FTC symposiums I have attended were well worth my time so if you are interested in learning about some of the most cutting edge regulatory issues in privacy and cybersecurity this event is a must.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Google Refuses To Acknowledge The Law In Response To European Antitrust Complaint
Earlier this year, the European Commission (EC) sent a Statement of Objections (formal complaint) to Google for violating European antitrust (competition) laws. In particular, the EC alleges Google “has abused its dominant position in the markets for general internet search services in the European Economic Area (EEA) by systematically favouring its own comparison shopping product in its general search results pages. The Commission's preliminary view is that such conduct infringes EU antitrust rules because it stifles competition and harms consumers.”
Yesterday, Google responded to the EC's complaint with a 100 plus page defiant response and blog post. Interestingly, Google did not request a hearing on the matter and this tactic has provided credibility to Google's opponents' claims that if Google is confident that its legal position is correct as a matter of law it would request a hearing to defend itself. A spokesman for the EC told Bloomberg News that "[i]t's common for companies to ask for an oral hearing but it doesn't happen all the time".
In my experience, guilty parties generally hide behind written submissions and avoid direct confrontation with their accusers. According to Bloomberg News, "[h]earings can make a difference. Thirteen of the world's biggest banks succeeded at a face-to-face confrontation last year to unsettle an EU case into the credit-default swaps market...No fines have been issued in that case." Therefore, Google's refusal to face the EC in an oral hearing indicates to me that it believes it has violated European competition law.
Google's cavalier behavior over the years in regards to competition, privacy, and accepting illegal ads clearly demonstrates that it believes its above the law. Since the EC opened its antitrust investigation into Google, the company has paid hundreds of millions of dollars in fines and settlements due to illegal behavior. In each of these situations, Google has dragged its heels when it was caught intentionally misleading regulators, and/or consumers, and/or the media.
In 2011, Google paid a $500 million fine for knowingly accepting illegal advertisements from Canadian pharmacies. Subsequently, it paid multiple million dollar fines in the United States and in Europe for privacy violations in connection with its Street View data collection project, its Buzz social network, its 2012 privacy policy change, and the Safari hack incident.
Illegally abusing market position in Internet search (and/or other areas) is intertwined with data collection, usage, and privacy issues because in order to receive the most "relevant" search results to a search query a search engine must be able to access and process voluminous amounts of data very quickly. For years, 90% to 96% of Google’s revenue has come from advertising which means it is dependent upon being able to obtain massive amounts of personal information at a low cost to feed its behavioral advertising machine.
Countries have different legal criteria when determining whether a company has violated antitrust laws or if a potential merger will create an anti-competitive market. Europe has a long history in regulating anti-competitive markets. Since Roman times, the continent has regulated commerce to ensure competition and fair play. The EC is not targeting Google out of nationalistic fervor to boost EU based companies. Google is being targeted because it is clearly utilizing its dominant position to violate antitrust laws.
The EC has actively enforced its competition laws for years. Last year, a $1.44 billion dollar fine against Intel was upheld for anti-competitive behavior after at least a fiver year plus fight. In 2013, Microsoft was fined $731 million dollars for not adhering to its previous antitrust agreements. So, why does Google think they are are above the principles that have governed European markets for more than 2000 years?
My hope is that the EC utilizes all of the legal and regulatory tools at its disposal to ensure that Google and other companies that violate EC competition and privacy laws are held accountable. Internet users around the globe are harmed when companies such as Google violate antitrust laws.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Yesterday, Google responded to the EC's complaint with a 100 plus page defiant response and blog post. Interestingly, Google did not request a hearing on the matter and this tactic has provided credibility to Google's opponents' claims that if Google is confident that its legal position is correct as a matter of law it would request a hearing to defend itself. A spokesman for the EC told Bloomberg News that "[i]t's common for companies to ask for an oral hearing but it doesn't happen all the time".
In my experience, guilty parties generally hide behind written submissions and avoid direct confrontation with their accusers. According to Bloomberg News, "[h]earings can make a difference. Thirteen of the world's biggest banks succeeded at a face-to-face confrontation last year to unsettle an EU case into the credit-default swaps market...No fines have been issued in that case." Therefore, Google's refusal to face the EC in an oral hearing indicates to me that it believes it has violated European competition law.
Google's cavalier behavior over the years in regards to competition, privacy, and accepting illegal ads clearly demonstrates that it believes its above the law. Since the EC opened its antitrust investigation into Google, the company has paid hundreds of millions of dollars in fines and settlements due to illegal behavior. In each of these situations, Google has dragged its heels when it was caught intentionally misleading regulators, and/or consumers, and/or the media.
In 2011, Google paid a $500 million fine for knowingly accepting illegal advertisements from Canadian pharmacies. Subsequently, it paid multiple million dollar fines in the United States and in Europe for privacy violations in connection with its Street View data collection project, its Buzz social network, its 2012 privacy policy change, and the Safari hack incident.
Illegally abusing market position in Internet search (and/or other areas) is intertwined with data collection, usage, and privacy issues because in order to receive the most "relevant" search results to a search query a search engine must be able to access and process voluminous amounts of data very quickly. For years, 90% to 96% of Google’s revenue has come from advertising which means it is dependent upon being able to obtain massive amounts of personal information at a low cost to feed its behavioral advertising machine.
Countries have different legal criteria when determining whether a company has violated antitrust laws or if a potential merger will create an anti-competitive market. Europe has a long history in regulating anti-competitive markets. Since Roman times, the continent has regulated commerce to ensure competition and fair play. The EC is not targeting Google out of nationalistic fervor to boost EU based companies. Google is being targeted because it is clearly utilizing its dominant position to violate antitrust laws.
The EC has actively enforced its competition laws for years. Last year, a $1.44 billion dollar fine against Intel was upheld for anti-competitive behavior after at least a fiver year plus fight. In 2013, Microsoft was fined $731 million dollars for not adhering to its previous antitrust agreements. So, why does Google think they are are above the principles that have governed European markets for more than 2000 years?
My hope is that the EC utilizes all of the legal and regulatory tools at its disposal to ensure that Google and other companies that violate EC competition and privacy laws are held accountable. Internet users around the globe are harmed when companies such as Google violate antitrust laws.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Thursday, August 27, 2015
The Ashley Madison Hack, Cybersecurity, Privacy, and Legal Liability
Privacy and cyber security go hand and hand. If the platform you are
utilizing has weak and/or misleading privacy policies and/or weak cyber
security your safety is at risk. The ongoing issues related to the Ashley Madison hack (and Adult Friend Finder) should be a wake
call to everyone who accesses the Internet and digital services.
While this latest hack along with previous major data breaches is very concerning, I find it very troubling that Ashely Madison intentionally misled clients about its alleged "Delete" service. For $19, its users were intentionally misled that their personal information would be removed from Ashely Madison's records. Obviously this was not the case. Therefore, from a legal perspective, those who paid $19 to have their personal data deleted but didn't receive what was promised to them may be in the greatest position to win damages.
Even though Ashely Madison is based in Canada, the U.S. FTC may get involved since the company did business in the United States. Since a U.S. federal appeals court recently affirmed that the FTC has the power to regulate cyber security it would not surprise me if the FTC gets involved due to Ashley Madison's alleged weak cyber security and/or because it misled their clients about its so called "Delete" service.
The bottom line is that Ashely Madison faces tens of millions (or more) of dollars in potential legal liability either from class action lawsuits and/or regulators. While this situation may take years to sort out, the lesson for all is to be careful what you post online and what digital platforms you trust.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
While this latest hack along with previous major data breaches is very concerning, I find it very troubling that Ashely Madison intentionally misled clients about its alleged "Delete" service. For $19, its users were intentionally misled that their personal information would be removed from Ashely Madison's records. Obviously this was not the case. Therefore, from a legal perspective, those who paid $19 to have their personal data deleted but didn't receive what was promised to them may be in the greatest position to win damages.
Even though Ashely Madison is based in Canada, the U.S. FTC may get involved since the company did business in the United States. Since a U.S. federal appeals court recently affirmed that the FTC has the power to regulate cyber security it would not surprise me if the FTC gets involved due to Ashley Madison's alleged weak cyber security and/or because it misled their clients about its so called "Delete" service.
The bottom line is that Ashely Madison faces tens of millions (or more) of dollars in potential legal liability either from class action lawsuits and/or regulators. While this situation may take years to sort out, the lesson for all is to be careful what you post online and what digital platforms you trust.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Wednesday, August 26, 2015
Will The FTC Investigate the NFL's Russell Wilson for Tweet?
Social Media may be a very productive avenue to market your brand and get the word out about an advertising campaign. Utilizing celebrities and professional athletes who have a well developed social media presence may be a successful method to create buzz about a new product or service.
While engaging celebrity endorsers it is imperative that they (and their agents/agency/sponsors) are educated about the appropriate regulations that need to be followed to ensure legal compliance. I have written about the FTC advertising regulations multiple times, here, and here for example, and have also provided official comments to the FTC about areas for further review. Earlier this year, the FTC provided more guidance regarding its online advertising regulations that advertisers and their paid endorsers must follow.
For several years, major companies such as Lord & Taylor along with celebrities such as Pharrell Williams, and Kim Kardashian have had to face regulatory scrutiny due to their social media campaigns/endorsements. While this scrutiny has been limited, it would not surprise me if the FTC decides to make an example out of someone. Earlier today, the Seattle Seahawks quarterback Russell Wilson tweeted, "I believe @Recovery_Water helped prevent me from getting a concussion based on a bad hit! #NanoBubbles"
At first glance, the Tweet seems harmless. However, Wilson didn't acknowledge in the Tweet that he is an investor in the product. I don't know if Wilson is a paid endorser or what type of compensation if any he may receive(d) for the Tweet and other online activity regarding the alleged (de facto) endorsement. While it is too soon to speculate on whether the FTC may become involved it demonstrates that brands and professional athletes must be careful about their online activity.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Thursday, July 30, 2015
Facebook User To Be Fined Under Spanish Social Media Gag Law For Police Comments
Social Media in its infancy was hailed as a great equalizer for everyone's voice to be heard. Years ago, at conference after conference, I heard so called "futurists" and other "prognosticators" proclaim social media as the best invention since air conditioning or the microwave.
So many social media "evangelists" (a fancy term for some consultants who are full of s*#t) shouted from the roof tops how digital platforms would make the world a safer and freer place to exchange ideas and increase the freedom of speech. Unfortunately, many of these "evangelists" don't understand how some governments and private companies are using social media to digitally follow and keep tabs on what people are doing. Some of these new activities are actually a huge threat to democracy and our personal freedoms.
Earlier this year, the government in Spain enacted its "Citizen Security Law" which appears to restrict what its citizens may say online about some government officials. On July 22nd, the law was apparently utilized when local police in Spain accused one of its citizens of "making comments on social media that showed a lack of respect and consideration for Gumar's (a town in Spain) local police. The accused may be fined hundreds of Euros and has hired a lawyer to fight the charges.
Spain isn't the first country to enact and/or enforce laws specifically designed to stop its citizens from criticizing its government online and it will not be the last country to do so. Therefore, it is imperative to be vigilant about digital freedom of speech and privacy. You don't know how important these rights are until you lose them.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Friday, July 24, 2015
Hulk Hogan Tries To Pre-Empt the Wrath of Social Media Via An Apology
Reacting appropriately during a crisis in the Social Media Age is extremely important. In fact, its a must for corporate executives, small and large companies/organizations, politicians, celebrities, professional athletes, amateur athletes, etc... Its imperative to understand the importance of properly reacting to a situation that has not just public relations implications but also major legal ramifications as well.
In the Social Media Age, the right reaction may determine whether your brand is permanently damaged like Paula Deen's or Anthony Weiner's or if you can make a comeback like Charlie Sheen (a little contrition mixed in with talent, luck, and a "wining attitude"). Americans have always loved great comebacks. The biggest in recent memory (the last 20 years) was Bill Clinton's come back from impeachment proceedings.
The latest high profile person to incur a major negative personal/professional event (actually multiple matters) is former pro-wrestler Hulk Hogan. The National Enquirer recently published a private racist rant Hogan made years ago. The leaking of this information to the media may be connected to a $100 million dollar lawsuit Hogan commenced against the digital platform Gawker for publicizing a private sex tape that he may have unknowingly participated in.
It appears that right before Hogan's behavior became public knowledge the WWE (Hogan's employer) scrubbed him from their website and cut ties with him. Within hours of the world learning about his racist rant, Hogan issued to People Magazine a full apology and took full responsibility for his actions.
Will Social Media, the WWE, his fans, etc... forgive Hogan for his behavior? As long as Hogan's team doesn't follow the missteps of of others, he has an opportunity for redemption. A good first step was a quick apology. Will Hogan's next step on his road to redemption be an appearance on The Today Show or other media outlets?
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
In the Social Media Age, the right reaction may determine whether your brand is permanently damaged like Paula Deen's or Anthony Weiner's or if you can make a comeback like Charlie Sheen (a little contrition mixed in with talent, luck, and a "wining attitude"). Americans have always loved great comebacks. The biggest in recent memory (the last 20 years) was Bill Clinton's come back from impeachment proceedings.
The latest high profile person to incur a major negative personal/professional event (actually multiple matters) is former pro-wrestler Hulk Hogan. The National Enquirer recently published a private racist rant Hogan made years ago. The leaking of this information to the media may be connected to a $100 million dollar lawsuit Hogan commenced against the digital platform Gawker for publicizing a private sex tape that he may have unknowingly participated in.
It appears that right before Hogan's behavior became public knowledge the WWE (Hogan's employer) scrubbed him from their website and cut ties with him. Within hours of the world learning about his racist rant, Hogan issued to People Magazine a full apology and took full responsibility for his actions.
Will Social Media, the WWE, his fans, etc... forgive Hogan for his behavior? As long as Hogan's team doesn't follow the missteps of of others, he has an opportunity for redemption. A good first step was a quick apology. Will Hogan's next step on his road to redemption be an appearance on The Today Show or other media outlets?
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Subscribe to:
Posts (Atom)