When will the FTC follow the EU's lead in protecting digital privacy?

Are Google's March 2012 privacy policy changes legal?  This is a question that the European data protection authorities have been working on since Google first announced its intention to change its privacy policies in January 2012.  Soon after the announcement, France asked European data protection authorities to open an inquiry into the matter. In addition, U.S. Representative Edward Markey announced his intention to ask the FTC whether Google's privacy policy changes were also legal in the United States.   

On April 2, 2013, the United Kingdom's Information Commissioner's Office (ICO) stated, "the ICO has launched an investigation into whether Google’s revised March 2012 privacy policy is compliant with the (European) Data Protection Act. The action follows an initial investigation by the French data protection authority CNIL, on behalf of the Article 29 group of which the ICO is a member. Several data protection authorities across Europe are now considering whether the policy is compliant with their own national legislation." 

The ICO's announcement was in conjunction with France's Commission nationale de l’informatique et des libertés (CNIL-France's privacy body) press release that stated on March 19, 2013, "representatives of Google Inc. were invited at their request to meet with the taskforce led by the CNIL and composed of data protection authorities of France, Germany, Italy, the Netherlands, Spain, and the United-Kingdom. Following this meeting, no change (by Google to its Privacy Policy) has been seen."  The CNIL further stated, "[t]he article 29 working party’s analysis is finalized. It is now up to each national data protection authority to carry out further investigations according to the provisions of its national law transposing European legislation."

How will this development affect Google?  It means that French data protection authorities along with regulators in the UK, Netherlands, Germany, Spain and Italy may take joint legal action involving an investigation and possible fines into Google's privacy policy changes that enables it to combine the data it obtains from users across all of its digital services.  The ICO has the authority to levy fines of up to £500,000 for breaches of the Data Protection Act. The CNIL may fine an entity up to €300,000 (£255,000).  While these fines may not be much of a deterrent to Google and/or other companies to stop allegedly violating European privacy laws, regulators may also sue to block a company from operating in Europe.  If this route is taken against Google and/or others it may harm a company's ability to operate in Europe.   

How will the EU's continued privacy law investigations into Google's practices affect Google's users in the United States?  When will the FTC follow the EU's lead and request more information about Google's updated privacy policies?  While it is too soon to speculate on the FTC's next move, it would not surprise me if the FTC eventually investigates Google and/or others who change their privacy policies to better enable the data mining of users' content. 

The EU data protection authorities and the FTC must properly balance the personal privacy rights of citizens with the ability of digital companies to be able to continue to thrive and expand.  Should Apple, Facebook, Google, etc.. be allowed to collect, archive, and utilize user data without any limits?  Last December, there was a major outcry when Instagram (Facebook bought it last year for $1 billion dollars) changed its privacy policy so it would be able to better data mine/monetize the personal content of its users.  Only after a very public uproar, did Instagram reverse course on most of its proposed privacy policy changes.       

What if Instagram followed through with all of its planned privacy policy changes?  Would users have any real recourse against the service absent deleting their account?  Should digital platforms be able to change their privacy policies to enable them to better data mine their users' personal data at any time?  Some digital services/platforms have become so intertwined in our lives (Ex:  Apple, Facebook, Google, etc...) that users may be willing to agree to any updated terms to continue to participate.

The television show South Park had an interesting observation about what happens when a company changes its policies in an episode last year titled the Human Centipad. This episode demonstrated to the extreme of what may happen when a company is able to unilaterally change its policies and its users must agree to them to continue to utilize the service.  

When Apple, Facebook, Google, etc... update their policies and these changes appear to erode personal privacy protections and/or enable more data mining that does not appear to be in the best interest of users should regulatory authorities around the world, including the FTC, stop or modify these changes?  If Google's privacy policy changes are not legal in Europe should they be legal in the United States?  Should European digital users be afforded greater privacy protections than those in the United States?    

To learn more about these issues you may contact me at www.shearlaw.com.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved. 

Utah Bans Student-Athlete Social Media Monitoring Firms

Utah recently became the latest state to enact legislation that bans schools from deploying social media monitoring firms that require students verify their social media user names and/or passwords. Utah joins Delaware, California, Michigan, and New Jersey in protecting their schools, students, and taxpayers from social media snake oil salesmen who are selling legal liability time bombs. 

The Utah legislation appears to have been prompted because of a Time Magazine article that discussed the student-athlete social media policy of one Utah school.  This academic institution appeared to require student-athletes sign a social media policy that stated, "To the extent that any federal, state, or local law prohibits the Athletic Department from accessing my social networking accounts, I hereby waive any and all such rights and protections."  According to constitutional law expert Professor Phil Closius, this student-athlete social media policy was "clearly suspect".  Under Utah's new law (H.B. 100), this policy is not just clearly suspect but against the law.

What does Utah's new law along with similar laws across the country mean for schools?  In short, academic institutions need to re-examine their student-athlete social media policies and education programs to ensure compliance with all applicable state and federal laws.  Athletic departments need to understand that social media is not just a public relations issue but a serious legal matter that requires the counsel of social media law experts who understand college athletics and NCAA compliance.  Drafting and implementing improper student-athlete social media policies may create millions of dollars in legal liability. 

Consultants who sell "student-athlete social media monitoring services" to athletic departments are selling legal liability time bombs.  Deadspin has already exposed several companies as having no connection to college athletics before starting their "social media monitoring firms". Some companies that are approaching colleges appear to be making material misrepresentations to market their services.  For example, how does someone transition from being a health care recruiter to a social media student-athlete compliance and education consultant overnight? 

The bottom line is that states across the country are banning schools from being able to deploy firms to monitor and archive their students' personal digital content.  These laws may cumulatively save schools around the United States hundreds of millions of dollars in monitoring, legal, compliance, and insurance costs.

In order for social media monitoring services to properly function students must at least verify their social media user names.  Absent student verification these services are unable properly work.  Furthermore, athletic departments should not be fooled into believing these services are compliant with all state and/or federal laws.  In general, these companies also claim their services are educational tools while others claim they want to protect the online reputation of schools and/or students.  Has anyone asked those who are approaching schools for their teaching credentials?

It appears that the founders of these companies have no verifiable experience that would lend any credibility to their claims.  Consultants who are marketing student-athlete social media monitoring services to athletic departments do not understand social media, NCAA compliance, public policy, or the law; and they apparently care more about making a sale than protecting schools and student-athletes.     

To learn more about these issues you may contact me at www.shearlaw.com.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.

Arkansas Bans NCAA Student-Athlete Social Media Monitoring Companies

Arkansas has became the latest state to enact legislation that bans schools from deploying social media monitoring firms to track their students' personal digital accounts.  Arkansas joins Delaware, California, Michigan, New Jersey and Utah in protecting their schools, students, and taxpayers from fear and misinformation.

Consultants who sell student-athlete social media monitoring services to athletic departments are selling legal liability time bombs.  Deadspin has already exposed several companies as having no connection to college athletics before starting their "social media monitoring firms". Some companies that are approaching colleges appear to be making material misrepresentations to market their services.

One consultant quoted me (who appears to have no verifiable experience in college athletics, social media, law, or compliance before he started selling his services to NCAA schools) in a press release touting his social media monitoring service last year.  Quoting me to market a service that may create tremendous legal liability for NCAA schools is very troubling. Lawyers and risk professionals who understand this issue would never endorse a service that may increase a school's legal liability and/or may advise an academic institution to violate state and/or federal law.

The bottom line is that states across the country are banning schools from being able to deploy firms to monitor and archive their students' personal digital content.  These laws may cumulatively save schools around the United States hundreds of millions of dollars in monitoring, legal, compliance, and insurance costs.

To learn more about these issues you may contact me at www.shearlaw.com.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.

University of Maryland Law School's Symposium on Social Media and the Law

On Friday, April 5, 2013, from 9:00 am to 3:30 pm the University of Maryland Francis King Carey School of Law's Journal of Business & Technology Law is sponsoring a symposium titled, "Social Media and the Law: An Exploratory Look into the Legal Effects of Online Interconnectedness." The event is free, open to the general public, and lunch will be provided to those who RSVP.

Speakers will present on a range of topics, including: the constitutionality of student athlete social media policies; the relationship between social media interfaces and copyright law; and how social media laws are developing with respect to employment law, contracts, and privacy matters. Our speakers include private practitioners, a higher education media relations representative, and professors of law and communications. To RSVP please visit the Journal's website: http://www.law.umaryland.edu/academics/journals/jbtl/symposia.html .

Will Google Glass Change Our Children's Expectation of Privacy?

Do children still have an expectation of privacy?  Every day our personal privacy is slowly being eroded because of advances in technology.  New inventions have enabled our society to more efficiently mass produce food; create the infrastructure to warm our homes and offices in the winter and cool them in the summer; and to invent digital devices that allow us to communicate and share information from around the world and outer space almost instantaneously. 

Frictionless sharing of information between digital platforms enables us to easily provide our thoughts and ideas without having to re-post the same content over and over.  A recent change to the U.S. Video Privacy Protection Act directly benefitted some cloud based computing platforms because the revision now allows them to easily enable their users to share their video viewing history to others online.  While frictionless sharing enables users to quickly post content across multiple digital platforms it may also change our expectation of privacy.  

In 1890, a seminal article co-authored by future Supreme Court Justice Louis Brandeis called "The Right to Privacy" was published in the Harvard Law Review.  The law review article stated, "[i]nstantaneous photographs and newspaper enterprises have invaded the sacred precincts of private and domestic life; and numerous mechanical devices threaten to make good the prediction that what is whispered in the closet shall be proclaimed from the house-tops."  Justice Brandies' thoughts about privacy are generally credited as the first modern scholarship about the right and expectation of privacy in the United States.

While new digital technologies have made it easier for us to communicate with others, many of these new services have made it more difficult to protect our privacy. Once content is converted into digital form, it may go viral and cause major personal embarrassment.  The digital sharing of inappropriate content may permanently destroy one's personal and/or professional reputation.  Student digital  gaffes have been around for years; however, the increased usage of mobile phones with digital cameras, social media, and cloud computing services over the past several years has only increased the potential for more electronic mistakes that may put personal privacy and security at risk.

According to a 2012 Pew Report entitled, "Parents, Teens, and Online Privacy", 81% of parents of teens say they are concerned about how much information advertisers can learn about their child's online behavior.  This Pew Report also found that 69% of parents of teens are concerned about how their child's online behavior may affect their future academic or employment opportunities.  This report was created before all of the recent media attention surrounding Google's Project Glass (aka Google Glasses).   

Project Glass is a virtual reality pair of glasses that contains many of the same features of a smart phone.  For example, Google Glasses have an embedded camera, microphone, and GPS.  While Google Glasses have the potential to become one of the first commercially viable augmented reality devices, there are some significant privacy concerns that may affect children and create legal liability for users.    

If a teacher or a student wears a pair of Google Glasses during class will those in the classroom feel comfortable knowing that every in class interaction may be streamed online?  How will this affect the learning process?  How will students react knowing that everything stated in class may also be converted to text and  stored in Google's cloud and eventually attached to their online profile forever.   How will students feel if their personal conversations and/or in class thoughts  and ideas are monetized by Google and/or advertisers?  How will Google's Voice Search and Search By Image technology be utilized to data mine the information obtained from Project Glass? 

Twelve states generally require all parties consent to their conversations being recorded.  Will Google Glass be required to post a warning label so consumers are fully informed about the potential legal risks of using this product?    

Many schools across the country are implementing digital media use policies that cover social and mobile technologies.  However, Google's Glass Project may require schools to also include augmented reality technologies in their policies. 

The Internet never forgets and content uploaded online is impossible to fully scrub from the web.  Since digital platforms have the ability to broadcast to the entire world audio and video of our children that may permanently damage their reputations should the law provide our children special protections against these situations?  Children under the age of 18 generally have the right to void agreements they enter into so should they also have the right to require that search engines delete personally identifiable information about them that may harm their ability to attend the school of their dreams or obtain gainful employment?    

To learn more about these issues you may contact me at http://shearlaw.com/attorney_profile.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

Did Social Media Convict the Steubenville High School Football Players?

Two guilty verdicts were handed down in the rape trial of two Steubenville high school football players.  There were no winners in this case.  A teenage girl lost her innocence, a couple tennage boys are forever branded as sex offenders, and a small town may now be known as that town where a disgusting crime came to light because of the power of social media.

Without social media, it is possible that this case may never have gone to trial.  After the New York Times covered this matter last December, the story picked up steam.  Subsequently, Anonymous allegedly hacked into the digital accounts of some of those who may have been involved or witnessed the activities surrounding the alleged criminal activity.   

YouTube, Instagram, Twitter, and text messaging were utilized by those who either witnessed the incident or who may have been involved with the matter.  The digital content that came to light shocked and sickened the public and may have helped convict the perpetrators of this crime.

According to ABC News, "[t]he contents of 13 cell phones were analyzed, which amounted to 396,270 text messages, 308,586 photos, 940 videos, 3,188 phone calls and 16,422 contacts."  Absent the digital evidence via multipe social media platforms would there have been a guilty verdict?  While witness testimony may be persuasive, photos and videos have the ability to become very powerful evidence that may trump eyewitness testimony.  Even though this isn't the first case where social media may have affected the outcome of a trial, it may be a watershed moment for the usage of social media evidence.   

The bottom line is that those who want to violate the law should think twice because anyone who has a mobile digital electronic device has the ability to capture the criminal act.  Within seconds, people from around the world may become aware of the matter via an online post.  Therefore, social media may have the ability to become a deterrent against crime.

To learn more about these issues you may contact me at http://shearlaw.com/attorney_profile.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

Texas Bill To Allow Service of Process Via Facebook

Texas recently introduced a bill that would allow for service of process via Facebook.  Texas House Bill 1989 if enacted would make the Lone Star State the first in the United States to allow for service of process via social media as an alternative means of service. 

In 2002, a U.S. court approved service of process via email.  In 2008, an Australian court allowed for service of process via social media.  In February of 2012, I told ABC News that I believe service of process via social media will become a reality in the future. 

As I stated on February 25, 2012, the biggest problem with service via social media is authentication.  Even though a digital account may appear to belong to a litigant in a judicial proceeding, account authentication is required to ensure that the account belongs to the right person.

I believe service of process via social or digital means will eventually become more common.  However, absent the proper safeguards to ensure the right "John Doe" is actually served this method has many challenges.  

To learn more about these issues you may contact me at http://shearlaw.com/attorney_profile.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

European Commission Fines Microsoft $732 Million Dollars Over Browser Choice

According to the New York Times, the European Commission has flexed its antitrust muscles and fined Microsoft $732 million dollars for failing to live up to a settlement it had previously signed with regulators. The fine was based upon a 2009 agreement that required Microsoft to provide European Windows users a choice of web browsers.

Microsoft has previously admitted that it may have violated its agreement with regulators and apologized for non-compliance.  Microsoft's fine is not the largest that has been levied against a U.S. based technology company.  In 2009, Intel was fined $1.4 billion dollars for allegedly abusing its dominance in the chip market.

European regulators are currently investigating Google regarding its alleged dominant position in the search engine market.  While the FTC has ended its antitrust investigation of Google in January, European regulators have not. 

The bottom line is that it appears that European regulators have American technology companies in their cross hairs.  Therefore, U.S. based companies that create some of the world's most innovative products for use in the digital space should ensure that they adhere to all regulations and laws in the countries they operate in.    

To learn more about these issues you may contact me at http://shearlaw.com/attorney_profile.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

White House Says: Unlocking Cell Phones Should Be Legal

Should it be legal to unlock your cell phone?  It was up until earlier this year.  However, due to a ruling by the Library of Congress that was based on a new interpretation of the DMCA it is now against the law to unlock your legally bought subsidized cell phone. 

Last month, a petition that was started on the White House's web site received more than 100,000 e-signatures to request that that ruling be changed.  Today, the White House responded and stated that unlocking cell phones should be legal.

Once a consumer has fulfilled his contractual obligations to a service provider for a subsidized cell phone why shouldn't he be able to utilize his cell phone on another carrier?  When someone buys a new car and is finished paying off any outstanding loans on it he is able to generally sell or utilize the vehicle in any manner that suits his purpose.  This includes updating the car's engines and internal mechanics. Therefore, why shouldn't cell phone owners have the same rights?

While the White House and the FCC's acknowledgement that this is a matter that may need a legislative resolution is good news; changing the law will take more than a couple of announcements and/or blog posts.   

To learn more about these issues you may contact me at http://shearlaw.com/attorney_profile.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC. All rights reserved.

Massachusetts Bill To Ban Data-Mining of Student Emails

Massachusetts has become the first state to introduce legislation that would ban companies that provide cloud computing services from processing student data for commercial purposes. MA Bill 331 is sponsored by Rep. Carlo Basile and it was referred to the House Committee on Education on January 22, 2013.

MA Bill 331 states, "Section 1. Notwithstanding any general or special law to the contrary any person who provides a cloud computing service to an educational institution operating within the State shall process data of a student enrolled in kindergarten through twelfth grade for the sole purpose of providing the cloud computing service to the educational institution and shall not process such data for any commercial purpose, including but not limited to advertising purposes that benefit the cloud computing service provider."

The bill may be interpreted to mean that firms who offer cloud computing services to Massachusetts academic institutions that enroll kindergarten through twelfth graders may not utilize the information contained in student emails for monetary gain. If this legislation is enacted, cloud service providers may not serve ads to students on school provided digital accounts based upon a student's digitally expressed thoughts or ideas.

Internet advertisers monetize the thoughts and/or ideas of its users via behavioral advertising. Digital behavioral advertising may occur when an email service provider scans the content of an email and then serves the user ads based upon the information it processes. For example, if a student emailed his health or sex education teacher to ask about sexually transmitted diseases or teen pregnancy, MA Bill 331 would ban a cloud computing service provider from serving ads for condoms or other related products or services to the student's school owned digital account.

According to a statement from the American Academy of Pediatrics, "young people are cognitively and psychologically defenseless against advertising." Therefore, would it be acceptable if a teacher was paid to review student class work, noted student preferences, and then returned graded assignments with offers for discounted merchandise based upon a student's home work or in class assignments?

Since it would be a breach of the National Education Association's Code of Ethics if a teacher utilizes personal knowledge obtained from his students for private advantage, shouldn't it also be a breach of the Code of Ethics if a cloud computing service provider utilizes an algorithm to do the same digitally? Because it is not acceptable if teachers offered discounts based upon student preferences gleaned from school work it should also not be acceptable if a computer algorithm processed the same information digitally and then served ads based upon the same data.

While MA Bill 331 is a good start, it should be amended to cover post-secondary students because Massachusetts is home to tens of thousands of college students and some of the most prestigious academic institutions in the world. Shouldn't students in college and graduate school also have their student-teacher interactions protected from being utilized for commercial purposes?

In general, Google's Apps For Education standard agreement provides schools the ability to serve ads to its students. The agreements generally state that all advertising revenue generated will be retained by Google so at this point it appears that schools do not have an economic incentive to turn on the behavioral advertising function. However, what will stop Google from approaching schools and stating that in order to continue receiving Google Apps for Education for free the advertising function must be enabled? Should graded school assignments and personal student-teacher interactions be utilized to serve ads to students in order to pay for educational software?

Educational software is expensive and because of the terrible recession that our country has experienced many states have seen steep cuts in education funding. While Massachusetts public schools have not yet experienced the same type of funding cuts that have beleaguered many other states what will happen when Massachusetts decides it must recalibrate how it dedicates its resources and K-12 schools are negatively affected by this change?

Tens of thousands of kindergarten through twelfth grade students in Massachusetts may already be at risk of having their school work data mined for advertising purposes. For example, students who attend Burlington Public Schools and Plymouth Public Schools in Massachusetts utilize Google Apps For Education. If students at these schools use their school provided Gmail based accounts after they graduate or link their personal YouTube or Google Plus account to their school sanctioned Gmail account their student-teacher interactions and class work may be monetized by Google and/or its advertising partners. However, if MA Bill 331 is enacted it may stop third parties from being able to monetize the digital thoughts and ideas of Massachusetts students and better protect their privacy and security.

96 percent of Google's $37.9 billion in 2011 revenue was earned from advertising. Is Google providing schools free access to its Google Apps For Education software in the hopes that it will eventually earn advertising revenue from data mining our children's digital school assignments and education-related interactions? Absent state and/or federal laws that ban the data mining of our children's class work on school provided digital accounts companies that offer educational cloud computing services to our schools may utilize our kid's personal private data for commercial gain.

To learn more about these issues you may contact me at http://shearlaw.com/attorney_profile.

Copyright 2013 by the Law Office of Bradley S. Shear, LLC. All rights reserved.