Be careful about what you say online. For example, if you are a United Kingdom resident and post allegedly derogatory messages about Iran and/or Islam and then visit Iran you may be detained by the Iranian authorities. This appears to have happened to a British resident recently.
According to The Independent, a British woman allegedly posted derogatory comments about Iran's government and Islam on Facebook. It appears that as soon as she landed in Shiraz, Iran to visit family she arrested and was taken to Tehran and charged with "gathering and participation with intent to commit crime against national security" and "insulting Islamic sanctities". These charges may lead to her execution.
This set of facts leads me to believe that Iran is social media monitoring every negative comment online about its government and when it has the opportunity to arrest the alleged speakers it does.
The bottom line is that sometimes it is best to have anonymity online. The Federalist Papers were published anonymously for a reason and that reason was to express political opinions without fear of retribution. Therefore, before making online political comments about certain issues anonymity may be best.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Saturday, April 5, 2014
Thursday, April 3, 2014
The Student Privacy Bill of Rights
On March 6, 2014, Khaliah Barnes, the Director of the Electronic Privacy Information Center's (EPIC) Student Privacy Project authored an extremely
important article that was featured in the Washington Post titled, "Why a Student Privacy Bill of Rights is desperately needed". The piece details the digital privacy challenges students encounter and why they need to have stronger legal rights to better protect their personal privacy and safety. I wholeheartedly agree with Ms. Barnes and believe our students need more robust digital privacy protections.
The main federal laws designed to protect student privacy, the Family Educational Rights and Privacy Act (FERPA) and the Protection of Pupil Rights Amendment (PRPA) have not been updated to keep pace with the Digital Age. The lack of legal protections for our students' personal information that is stored in the cloud has made Ms. Barnes' Student Privacy Bill of Rights a necessity. It enumerates six basic rights for students and I believe that in the age of Big Data, students have "certain unalienable Rights" regarding their personal privacy. The Rights are listed below:
Right #4 Security: Students have the right to secure and responsible data practices
Right #5 Transparency: Students have the right to clear and accessible information privacy and security practices.
Transparency is key to fostering successful privacy and security practices. Educational institutions and their contractors need to be required by law to be fully transparent about the type of information they collect, how it is utilized, how long it is archived, and who has access to it. School vendors such as Google who have not been transparent about their privacy and security practices put our students' privacy and personal security at risk. If schools are unable to provide clear and accessible information about their contractors' privacy and security practices, students should have the right to opt-out of participating in a school provided platform that harms their privacy and puts their personal security at risk.
Right #6 Accountability: Students should have the right to hold schools and private companies handling student data accountable for adhering to the Student Privacy Bill of Rights.
The main federal laws designed to protect student privacy, the Family Educational Rights and Privacy Act (FERPA) and the Protection of Pupil Rights Amendment (PRPA) have not been updated to keep pace with the Digital Age. The lack of legal protections for our students' personal information that is stored in the cloud has made Ms. Barnes' Student Privacy Bill of Rights a necessity. It enumerates six basic rights for students and I believe that in the age of Big Data, students have "certain unalienable Rights" regarding their personal privacy. The Rights are listed below:
Right
#1 Access and Amendment: Students have the right to access and amend
their erroneous, misleading, or otherwise inappropriate records, regardless of
who collects or maintains the information.
While growing up in the 1980's, I didn't have to worry that everything I said to my classmates and/or teachers would be on my permanent record forever. When I attended elementary, middle, and high school, the primary form of communication was in person, on the phone, and handwritten/typed letters. In college, I recall sending out my first email and then in law school email began to gain traction.
While growing up in the 1980's, I didn't have to worry that everything I said to my classmates and/or teachers would be on my permanent record forever. When I attended elementary, middle, and high school, the primary form of communication was in person, on the phone, and handwritten/typed letters. In college, I recall sending out my first email and then in law school email began to gain traction.
As an adjunct professor at a major
international university, I have noticed that students prefer email as their
primary form of communication outside of class.
Students sometimes make inappropriate remarks in class and/or email. However, students attend school to learn how
to communicate and I believe the content of their school work and their school related
communications should be protected and off limits from data mining. My students and children should be afforded
the same privacy protections I experienced in school without fear that every
single student-teacher and student-student
digital interaction may be used against them in the future.
Right
#2 Focused collection: Students have the right to reasonably limit
student data that companies and schools collect and retain.
Schools, along with their vendors,
and sub-contractors should be limited to what type of data they are able to
collect and retain about students. For
example, some schools require student-athletes to install cyber-monitoring
software onto their personal computers and personal digital media accounts so all
of their online postings may be captured and archived indefinitely. One school vendor was caught a couple years
ago by Time Magazine
abusing its access to personal student data and utilizing their content for advertising
purposes. Therefore, it is imperative
that students have the right to reasonably limit the type of personal
information that is collected and retained about them by companies that
contract with schools.
Right
#3 Respect for Context: Students have the right to expect that companies
and schools will collect, use, and disclose student information solely in ways
that are compatible with the context in which students provide data.
Unfortunately, some companies have
not been honest about the manner in which they collect and utilize personal student
information. Education Week
recently reported that Google is abusing its privilege as a school learning platform
provider because it is using its Apps For Education offering to surreptitiously
data mine student emails for potential advertising.
Whether its through cloud computing,
mobile communication devices, apps, or old school personal computer networks, a
tremendous amount of information is being collected by third parties and this
data is not under the direct control of our schools. Therefore, schools and their vendors must be
required to disclose exactly what is happening to student information that is
stored digitally.
Right #4 Security: Students have the right to secure and responsible data practices
Secure data practices do not happen
overnight and requires cooperation from both schools and their vendors. Professor Dan Solove of George Washington
University has been advocating for years that schools hire chief privacy
officers to educate and provide leadership on these issues. Earlier this year, Prof. Solove told USA Today, “[w]ithout
a privacy officer in schools, there will be no one looking out for privacy
issues,”
Recent high profile data breaches at the University of Maryland
and Indiana University
demonstrates the need for educational institutions to implement policies and
practices that better protect our students' privacy.
Right #5 Transparency: Students have the right to clear and accessible information privacy and security practices.
Transparency is key to fostering successful privacy and security practices. Educational institutions and their contractors need to be required by law to be fully transparent about the type of information they collect, how it is utilized, how long it is archived, and who has access to it. School vendors such as Google who have not been transparent about their privacy and security practices put our students' privacy and personal security at risk. If schools are unable to provide clear and accessible information about their contractors' privacy and security practices, students should have the right to opt-out of participating in a school provided platform that harms their privacy and puts their personal security at risk.
Right #6 Accountability: Students should have the right to hold schools and private companies handling student data accountable for adhering to the Student Privacy Bill of Rights.
FERPA has no private right of action against school vendors. This is a huge
loophole that puts the burden of protecting our children's privacy squarely on
academic institutions even though many schools are ill equipped and
under-funded to do so. New state and/or
federal laws/regulations are needed to hold school contractors accountable for
violating the privacy of our students.
A
recently released report on Big Data and "alternative
credit scoring" by the World Privacy Forum
reinforces the need for greater regulation to protect our privacy. The report discusses unfairness and
discrimination issues that may soon become widespread because our current legal
and regulatory privacy framework was designed before email, apps, and the cloud
became ubiquitous. Students shouldn't
have to worry about whether their school related research, questions, communications, and/or
projects on disabilities, HIV, personal sexuality, pregnancy, sexually transmitted diseases, etc... will be data mined
and/or sold to the highest bidder.
If third party vendors mislead schools,
parents, or students about their data handling or protection practices, they need
to be held legally and financially responsible for privacy violations.
For example, students who utilize Google Apps For Education through their
schools should be able to hold Google legally and financially accountable for data mining their school digital interactions, content, work etc...for non-educational purposes.
Soon after the Education Week article that uncovered Google's very troubling student data mining practices was published, I reached
out to Ms. Barnes and asked her to comment about these new revelations. In an email Ms. Barnes stated, "Google's data
mining admissions underscore the importance of the Student Privacy Bill of
Rights. Here's a situation where students lost total control over their
information. The students first lost control when the schools made a choice on
behalf of students, without first adequately vetting Google's data practices
and ensuring that those practices don't put students at risk. Second, students
lost control when Google decided to read students' emails. Google's practices
contravene the Student Privacy Bill of Rights by repurposing student data for
commercial use. Google should be held accountable to students, the Education
Department, and the Federal Trade Commission for violating student trust."
As
a society, we need to do more to protect our children's privacy in the Digital
Age. A first step would be to adopt the
principles advocated by Ms. Barnes' in her Student Privacy Bill of Rights.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Thursday, March 27, 2014
Minnesota School District To Pay $70,000 For Accessing Student's Facebook Account
With access comes responsibility and financial liability. A student recently won a $70,000 settlement against a Minnesota school district after she was required to provide access to her personal digital accounts. I initially wrote about this issue on March 10, 2012, and stated, "This behavior is a clear 1st and 4th Amendment and possibly a 5th Amendment violation of the U.S. Constitution." On September 15, 2012, I wrote, "Public schools that require any of their students to register their social media usernames, or to provide access to their password protected digital content via required Facebook Friending or the installation of a third-party software application for any reason are in clear violation of the 1st and 4th Amendment."
This settlement along with the recent NLRB ruling that referenced Northwestern's illegal student-athlete social media policy demonstrates that K-12 schools and post-secondary institutions need to better understand their legal liabilities in the Digital Age. Drafting and enforcing a legal and reasonable social media policy is extremely important since almost every student of a certain age and employee owns or has access to a digital device/account. Students still have a right to privacy despite what some technology companies may claim.
For years, I have been publicly discussing the legal liability issues schools will encounter if they require access to their student's personal digital accounts. Schools that refuse to understand and properly address these issues will (not may) have tremendous legal liability and financial obligations. If a school wants access to their students' personal digital accounts they may need to pay $70,000 per student. There are other options available and my hope is that schools become better educated about them.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
This settlement along with the recent NLRB ruling that referenced Northwestern's illegal student-athlete social media policy demonstrates that K-12 schools and post-secondary institutions need to better understand their legal liabilities in the Digital Age. Drafting and enforcing a legal and reasonable social media policy is extremely important since almost every student of a certain age and employee owns or has access to a digital device/account. Students still have a right to privacy despite what some technology companies may claim.
For years, I have been publicly discussing the legal liability issues schools will encounter if they require access to their student's personal digital accounts. Schools that refuse to understand and properly address these issues will (not may) have tremendous legal liability and financial obligations. If a school wants access to their students' personal digital accounts they may need to pay $70,000 per student. There are other options available and my hope is that schools become better educated about them.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Wednesday, March 26, 2014
NLRB Refers To Northwestern's Illegal Social Media Policy in Ruling Student Athletes May Unionize
In a ground breaking ruling earlier today, the regional director of the National Labor Relations Board ruled today that Northwestern University scholarship football players are employees of the school and are eligible to form the nation's first college athletes' union. According to ESPN's Lester Munson, the ruling is very well-reasoned.
As part of the rationale as to why Northwestern's scholarship football players are to be considered employees rather than student-athletes the ruling mentions Northwestern's illegal student-athlete social networking policy. On page 5 it states, "[t]he players must also abide by a social media policy, which restricts what they can post on the Internet, including Twitter, Facebook, and Instagram. In fact, the players are prohibited from denying a coach's "friend" request and the former's posting are monitored."
Northwestern's student-athlete social networking policy is in clear violation of Illinois Public Act 098-0129. This act states, "It is unlawful for a post-secondary school to request or require a student or his or her parent or guardian to provide a password or other related account information in order to gain access to the student's account or profile on a social networking website or to demand access in any manner to a student's account or profile on a social networking website."
On August 14, 2013, I wrote that Northwestern will be required to change its student-athlete social media policy before 1/1/2014 because of Illinois' new social media privacy law. Unfortunately, this did not occur and its illegal policy was utilized against them in analyzing that a student-athlete is an employee and not a student.
While this ruling may eventually be overturned, it should serve as a wake up call to NCAA schools that highly regulate their student-athletes' digital usage. Athletic departments that enforce strict social media policies and/or utilize social media monitoring companies may soon have more legal and financial issues to confront than anticipated. Continuing to deploy social media monitoring companies to watch student-athletes online may encourage other administrative and/or judicial bodies to conclude that student-athletes are not students but employees.
NCAA athletic departments should be careful for what they wish for. With access comes responsibility. Strictly regulating student-athletes' personal digital lives will create tremendous legal and financial problems.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
As part of the rationale as to why Northwestern's scholarship football players are to be considered employees rather than student-athletes the ruling mentions Northwestern's illegal student-athlete social networking policy. On page 5 it states, "[t]he players must also abide by a social media policy, which restricts what they can post on the Internet, including Twitter, Facebook, and Instagram. In fact, the players are prohibited from denying a coach's "friend" request and the former's posting are monitored."
Northwestern's student-athlete social networking policy is in clear violation of Illinois Public Act 098-0129. This act states, "It is unlawful for a post-secondary school to request or require a student or his or her parent or guardian to provide a password or other related account information in order to gain access to the student's account or profile on a social networking website or to demand access in any manner to a student's account or profile on a social networking website."
On August 14, 2013, I wrote that Northwestern will be required to change its student-athlete social media policy before 1/1/2014 because of Illinois' new social media privacy law. Unfortunately, this did not occur and its illegal policy was utilized against them in analyzing that a student-athlete is an employee and not a student.
While this ruling may eventually be overturned, it should serve as a wake up call to NCAA schools that highly regulate their student-athletes' digital usage. Athletic departments that enforce strict social media policies and/or utilize social media monitoring companies may soon have more legal and financial issues to confront than anticipated. Continuing to deploy social media monitoring companies to watch student-athletes online may encourage other administrative and/or judicial bodies to conclude that student-athletes are not students but employees.
NCAA athletic departments should be careful for what they wish for. With access comes responsibility. Strictly regulating student-athletes' personal digital lives will create tremendous legal and financial problems.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Saturday, March 22, 2014
NFL Star Roddy White Makes Season Ticket Offer on Twitter If Duke Loses and May Have To Pay Up
Are social media offers legally binding? Yes. R&B artist Ryan Leslie lost a $1 million dollar lawsuit in 2012 over his refusal to honor his YouTube offer. Earlier this week, the Atlanta Falcons' Roddy White Tweeted: @DHoyt77 if mercer beat duke I will give you season tickets 50 yard line first row. Duke lost the game and subsequently White Tweeted: I lost a bet and I will give him tickets to the bears game since he is a bears fan done with this bet
There was an offer by White and an acceptance by @DHoyt77. If White refuses to honor his initial offer and @DHoyt77 decides to sue White for the offer of season tickets I believe @DHoyt77 has a valid claim. The Leslie case may provide a strong precedent for @DHoyt77's position that may be utilized to demonstrate that a social media offer and acceptance is legally binding.
While White's offer may sound reminiscent of the Aaron Rodgers Tweet last year that stated, " @toddsutton ya I'd put my salary next year on it," it is not. Aaron Rodgers didn't state to another Twitter user "I will give you my entire year's salary". There was no clear offer and acceptance in the Rodgers matter. Here, there appears to be a straight forward offer and acceptance. Therefore, I believe White owes for the entire season and @DHoyt77 has a strong claim that is legally enforceable.
The bottom line is that be careful what you Tweet because it may be used against you in the future.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
There was an offer by White and an acceptance by @DHoyt77. If White refuses to honor his initial offer and @DHoyt77 decides to sue White for the offer of season tickets I believe @DHoyt77 has a valid claim. The Leslie case may provide a strong precedent for @DHoyt77's position that may be utilized to demonstrate that a social media offer and acceptance is legally binding.
While White's offer may sound reminiscent of the Aaron Rodgers Tweet last year that stated, " @toddsutton ya I'd put my salary next year on it," it is not. Aaron Rodgers didn't state to another Twitter user "I will give you my entire year's salary". There was no clear offer and acceptance in the Rodgers matter. Here, there appears to be a straight forward offer and acceptance. Therefore, I believe White owes for the entire season and @DHoyt77 has a strong claim that is legally enforceable.
The bottom line is that be careful what you Tweet because it may be used against you in the future.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Thursday, March 13, 2014
Roseanne Barr Sued Over Trayvon Martin Case Tweets By George Zimmerman's Parents
I advise my clients to Tweet and utilize other digital platforms only after they have thought about the potential legal consequences that may occur if they share their personal thoughts online. Too many self-described social media consultants preach how great it is to share as much about yourself on electronic platforms as possible to make your personal story "authentic". This feel good "branding" advice that many social media consultants tout is usually worthless and may create tremendous legal liability issues.
Before social media, to have your voice heard was not easy. In the past, a publicist may have been needed to reach out to the media. Social Media has changed the game and increased the potential for major legal liability for those who post online. For example, during the trial of George Zimmerman for the alleged murder of Trayvon Martin, Spike Lee Tweeted out an incorrect address of a couple whom he believed was George Zimmerman's parents. To avoid a potential trial, Spike Lee settled with the couple whose address he incorrectly posted on Twitter.
Spike Lee was not the only celebrity who Tweeted about the George Zimmerman case who may need to pay civil damages because of his Tweets. Actress Roseanne Barr was sued by George Zimmerman's parents for Tweeting out their actual address which they claim required them to live in hiding. According to CNN, the Zimmermans accuse Barr of "intentional infliction of emotional distress" and "invasion of privacy" with the message to her 110,000 Twitter followers on March 29, 2012."
The bottom line is be careful about what you Tweet. Just because you have the ability to comment about a matter of public concern doesn't mean you should say whatever is on your mind. While you may have the right to say whatever you want in our country, almost anyone has the right to sue you for almost whatever you say. Whether the lawsuit will be successful is an entirely different matter.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Before social media, to have your voice heard was not easy. In the past, a publicist may have been needed to reach out to the media. Social Media has changed the game and increased the potential for major legal liability for those who post online. For example, during the trial of George Zimmerman for the alleged murder of Trayvon Martin, Spike Lee Tweeted out an incorrect address of a couple whom he believed was George Zimmerman's parents. To avoid a potential trial, Spike Lee settled with the couple whose address he incorrectly posted on Twitter.
Spike Lee was not the only celebrity who Tweeted about the George Zimmerman case who may need to pay civil damages because of his Tweets. Actress Roseanne Barr was sued by George Zimmerman's parents for Tweeting out their actual address which they claim required them to live in hiding. According to CNN, the Zimmermans accuse Barr of "intentional infliction of emotional distress" and "invasion of privacy" with the message to her 110,000 Twitter followers on March 29, 2012."
The bottom line is be careful about what you Tweet. Just because you have the ability to comment about a matter of public concern doesn't mean you should say whatever is on your mind. While you may have the right to say whatever you want in our country, almost anyone has the right to sue you for almost whatever you say. Whether the lawsuit will be successful is an entirely different matter.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Tuesday, March 11, 2014
Tweets, School Bathrooms, The First Amendment, and The Right To Privacy
What if a student takes a photo of behavior occurring in the common area of a school bathroom during school hours that appears to violate school policy and then Tweets out the image with commentary? Should the photographer who captured and Tweeted out the image be disciplined but those whose behavior allegedly violated school policy not be punished? This is a question that a public high school in Maryland is answering.
Recently, a student Tweeted out a selfie of herself with two other students in the background allegedly engaging in sexual contact. As of this writing, the photo has been re-tweeted over 14,000 times. After school administrators became informed about the situation, the Tweeter was suspended for ten days. The students who appeared in the photo (their faces are not viewable) allegedly engaging in some type of personal interaction that may or may not be of a sexual nature were not disciplined.
I am very protective of free speech rights; especially for students. I strongly believe in the Tinker v. Des Moines decision which ruled that students do not leave their constitutional rights at the school house gate. However, I believe in Griswold v. Connecticut's ruling that we all have a right to privacy. Mobile devices and wearable technology will test the right to privacy versus the first amendment in the Digital Age. This situation demonstrates that their are no easy answers regarding where our first amendment rights end and our right to privacy begins.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Recently, a student Tweeted out a selfie of herself with two other students in the background allegedly engaging in sexual contact. As of this writing, the photo has been re-tweeted over 14,000 times. After school administrators became informed about the situation, the Tweeter was suspended for ten days. The students who appeared in the photo (their faces are not viewable) allegedly engaging in some type of personal interaction that may or may not be of a sexual nature were not disciplined.
I am very protective of free speech rights; especially for students. I strongly believe in the Tinker v. Des Moines decision which ruled that students do not leave their constitutional rights at the school house gate. However, I believe in Griswold v. Connecticut's ruling that we all have a right to privacy. Mobile devices and wearable technology will test the right to privacy versus the first amendment in the Digital Age. This situation demonstrates that their are no easy answers regarding where our first amendment rights end and our right to privacy begins.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Bill Cosby, Gilbert Gottfried, Big Data, and the Right to Privacy
One of my favorite television programs growing up in the 1980's was The Cosby Show. The show was about an upper middle-class African-American family living in Brooklyn, New York. I enjoyed the show because it was funny and the issues it covered were very timely.
Recently, I watched one of my favorite episodes. This particular episode's main theme was negotiating to buy a new car since the old family truckster (i.e. think the Griswald's car in National Lampoon's Vacation) was on its last legs. Bill Cosby's character, Dr. Heathcliff Huxtable does not want the car dealer to know that he is a doctor because he fears he will lose any negotiating power (i.e. he wants to keep his potential financial status anonymous because he believes the dealership will be more flexible with a less financially successful customer; think "price discrimination" based upon ability to pay) if the dealer can size him up financially. He visits the car dealership with his son in an average looking shirt, pants, etc... and avoids telling the salesman his profession.
Dr. Huxtable is downplaying his financial position while the car salesman talks about how expensive it is to raise his children and how one of his kids now needs braces. The bottom line is that the car negotiation is moving along when all of a sudden Gilbert Gottfried shows up. Gilbert Gottfried calls Bill Cosby's character "Dr. Huxtable" (the salesman didn't know he was a doctor) and tells the salesman that Dr. Huxtable's wife was recently made a partner in her law firm and that they have plenty of money. The bottom line is that Gilbert Gottfried's information appeared to alter Dr. Huxtable's ability to negotiate the best possible deal.
Why does this matter? Think of Gilbert Gottfried as a data broker, a digital online advertising network, or an app that sells (i.e. shares, exchanges, etc...) your personal information to others. This information may then be combined so a personal dossier is created that includes both your online and offline activities. According to 60 Minutes, this information may then be sold to governments to spy on you or to entities that may prey on those who are vulnerable to sales pitches.
The more information a seller knows about its buyers the greater the risk that price discrimination may occur. Should a person's race, creed, religion, personal opinions, wants, disabilities, financial position, health status, etc... be available to sellers? Should all Americans be on the same footing when shopping or negotiating for goods and/or services? For example, should a school provider of digital services be able to sell to a data broker or insurance company the lunch purchasing information of students so a corporate entity may then utilize this information for commercial gain?
I believe our country needs to create stronger data protection laws and require data collection companies to become more transparent about their activities. I don't want my children to grow up in a world where everything they do is collected and inserted into their personal digital file and utilized to discriminate them. Shouldn't future generations have the same privacy protections we had while growing up?
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Recently, I watched one of my favorite episodes. This particular episode's main theme was negotiating to buy a new car since the old family truckster (i.e. think the Griswald's car in National Lampoon's Vacation) was on its last legs. Bill Cosby's character, Dr. Heathcliff Huxtable does not want the car dealer to know that he is a doctor because he fears he will lose any negotiating power (i.e. he wants to keep his potential financial status anonymous because he believes the dealership will be more flexible with a less financially successful customer; think "price discrimination" based upon ability to pay) if the dealer can size him up financially. He visits the car dealership with his son in an average looking shirt, pants, etc... and avoids telling the salesman his profession.
Dr. Huxtable is downplaying his financial position while the car salesman talks about how expensive it is to raise his children and how one of his kids now needs braces. The bottom line is that the car negotiation is moving along when all of a sudden Gilbert Gottfried shows up. Gilbert Gottfried calls Bill Cosby's character "Dr. Huxtable" (the salesman didn't know he was a doctor) and tells the salesman that Dr. Huxtable's wife was recently made a partner in her law firm and that they have plenty of money. The bottom line is that Gilbert Gottfried's information appeared to alter Dr. Huxtable's ability to negotiate the best possible deal.
Why does this matter? Think of Gilbert Gottfried as a data broker, a digital online advertising network, or an app that sells (i.e. shares, exchanges, etc...) your personal information to others. This information may then be combined so a personal dossier is created that includes both your online and offline activities. According to 60 Minutes, this information may then be sold to governments to spy on you or to entities that may prey on those who are vulnerable to sales pitches.
The more information a seller knows about its buyers the greater the risk that price discrimination may occur. Should a person's race, creed, religion, personal opinions, wants, disabilities, financial position, health status, etc... be available to sellers? Should all Americans be on the same footing when shopping or negotiating for goods and/or services? For example, should a school provider of digital services be able to sell to a data broker or insurance company the lunch purchasing information of students so a corporate entity may then utilize this information for commercial gain?
I believe our country needs to create stronger data protection laws and require data collection companies to become more transparent about their activities. I don't want my children to grow up in a world where everything they do is collected and inserted into their personal digital file and utilized to discriminate them. Shouldn't future generations have the same privacy protections we had while growing up?
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Friday, February 28, 2014
EU Asks Apple and Google To Better Police Apps Targeting Children
The European Union is trying to determine how best to protect children from app developers who target them through "Freemium" business models. According to Wikipedia, Freemium is a pricing strategy by which a product or service (typically a digital offering such as software, media, games or web services) is provided free of charge, however, money is required for advanced features, functionality, or virtual goods.
European consumer protection officials are focusing their inquiry on Apple and Google because of their strong market position in the app ecosystem. According to the EU, the 4 main issues that need to be addressed include: 1) Games advertised as “free” should not mislead consumers about the true costs involved; 2) Games should not contain direct exhortations to children to buy items in a game or to persuade an adult to buy items for them; 3) Consumers should be adequately informed about the payment arrangements and purchases should not be debited through default settings without consumers’ explicit consent; 4) Traders should provide an email address so that consumers can contact them in case of queries or complaints.
In a press release regarding this matter, Vice-President Viviane Reding, the EU’s Justice Commissioner stated, "Misleading consumers is clearly the wrong business model and also goes against the spirit of EU rules on consumer protection. The European Commission will expect very concrete answers from the app industry to the concerns raised by citizens and national consumer organizations."
Earlier this year, Apple agreed to an FTC settlement and promised to pay at least $32.5 million dollars to settle a complaint that alleged proper parental permission was not always obtained when children made app purchases on its platform. This was another warning shot to the app ecosystem that it must do a better job of protecting children and families
The bottom line is that regulators around the world are ramping up their investigations and enforcement actions against companies that target children online. Therefore, corporate best practices should ensure that children's interests are protected when interacting with them on digital platforms.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
European consumer protection officials are focusing their inquiry on Apple and Google because of their strong market position in the app ecosystem. According to the EU, the 4 main issues that need to be addressed include: 1) Games advertised as “free” should not mislead consumers about the true costs involved; 2) Games should not contain direct exhortations to children to buy items in a game or to persuade an adult to buy items for them; 3) Consumers should be adequately informed about the payment arrangements and purchases should not be debited through default settings without consumers’ explicit consent; 4) Traders should provide an email address so that consumers can contact them in case of queries or complaints.
In a press release regarding this matter, Vice-President Viviane Reding, the EU’s Justice Commissioner stated, "Misleading consumers is clearly the wrong business model and also goes against the spirit of EU rules on consumer protection. The European Commission will expect very concrete answers from the app industry to the concerns raised by citizens and national consumer organizations."
Earlier this year, Apple agreed to an FTC settlement and promised to pay at least $32.5 million dollars to settle a complaint that alleged proper parental permission was not always obtained when children made app purchases on its platform. This was another warning shot to the app ecosystem that it must do a better job of protecting children and families
The bottom line is that regulators around the world are ramping up their investigations and enforcement actions against companies that target children online. Therefore, corporate best practices should ensure that children's interests are protected when interacting with them on digital platforms.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Wednesday, February 19, 2014
Court: Facebook Must Comply With German Data Protection Laws
U.S. companies need to realize that they must follow the laws of the countries that they operate in. Facebook, Google, etc... appear not to understand the proverb, "when in Rome do as the Romans do" should mean that when doing business around the world they must abide by the data protection and privacy laws of the countries where they offer their services.
The Higher Court of Berlin recently confirmed a 2012 verdict that found that Facebook’s Friend Finder violated German law because it was unclear to users that they imported their entire address book into the social network when using it. The court further confirmed that Facebook’s privacy policy and terms of service violate German law.
Facebook and Google appear to believe that EU data protection laws should not apply to them. Both of these companies have been sued multiple times and paid fines and/or entered into judicial settlements in the tens of millions of dollars for privacy violations. Unfortunately, these fines are pocket change to them. Should our personal privacy and cyber-safety be protected and valued in the same way as consumer anti-trust protections?
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
The Higher Court of Berlin recently confirmed a 2012 verdict that found that Facebook’s Friend Finder violated German law because it was unclear to users that they imported their entire address book into the social network when using it. The court further confirmed that Facebook’s privacy policy and terms of service violate German law.
Facebook and Google appear to believe that EU data protection laws should not apply to them. Both of these companies have been sued multiple times and paid fines and/or entered into judicial settlements in the tens of millions of dollars for privacy violations. Unfortunately, these fines are pocket change to them. Should our personal privacy and cyber-safety be protected and valued in the same way as consumer anti-trust protections?
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Saturday, February 15, 2014
ESPN.com's Commenting Policy Harms Personal Privacy and Assists Data Brokers
I love watching the Olympics. Team USA's gold medal winning performance in men's ice hockey in 1980 inspired me to start playing ice hockey when I was a kid. In the 1980's, there was a foosball like arcade game that had Team USA v. USSR (CCCP) face off in a mini hockey rink that I enjoyed playing.
While recently reading an ESPN.com article about the latest U.S. v. Russia men's ice hockey game today I decided to review the comments section of the article. I noticed that ESPN.com has joined other websites in using Facebook's comment platform. This is unfortunate since Facebook's commenting platform is a threat to personal privacy, the freedom of speech, and it assists data brokers.
Approximately a year ago, Facebook partnered with data brokers Axciom, Epsilon, Datalogix and Blue Kai to provide them a treasure trove of personal information about its users. This partnership has greatly deteriorated the personal privacy of Facebook users and their "Facebook Friends". Therefore, any comment one makes about Team USA beating Russia in the Olympics may then be placed in one's data broker file. This information may then be utilized to discriminate against those who make a public comment using Facebook's platform.
Americans have utilized public forums to anonymously comment on issues of the day since at least the time of the Federalist Papers in 1788. Facebook's comment platform destroys anonymity and deters open public discourse. Those who utilize Facebook's comment platform may not realize that every comment they make is tied to them forever.
The bottom line is that social media users may need to become better educated regarding how commercial entities are tracking them online and how data brokers may be a greater threat to our personal privacy, safety, and security than the NSA, a foreign government, or hackers.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
While recently reading an ESPN.com article about the latest U.S. v. Russia men's ice hockey game today I decided to review the comments section of the article. I noticed that ESPN.com has joined other websites in using Facebook's comment platform. This is unfortunate since Facebook's commenting platform is a threat to personal privacy, the freedom of speech, and it assists data brokers.
Approximately a year ago, Facebook partnered with data brokers Axciom, Epsilon, Datalogix and Blue Kai to provide them a treasure trove of personal information about its users. This partnership has greatly deteriorated the personal privacy of Facebook users and their "Facebook Friends". Therefore, any comment one makes about Team USA beating Russia in the Olympics may then be placed in one's data broker file. This information may then be utilized to discriminate against those who make a public comment using Facebook's platform.
Americans have utilized public forums to anonymously comment on issues of the day since at least the time of the Federalist Papers in 1788. Facebook's comment platform destroys anonymity and deters open public discourse. Those who utilize Facebook's comment platform may not realize that every comment they make is tied to them forever.
The bottom line is that social media users may need to become better educated regarding how commercial entities are tracking them online and how data brokers may be a greater threat to our personal privacy, safety, and security than the NSA, a foreign government, or hackers.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Friday, January 24, 2014
New Laws Are Needed To Protect Student Privacy In The Digital Age
Students
and schools around the country are utilizing new digital technologies in ways
many people did not imagine at the turn of the century and
those technologies offer great promise. Just
ten years ago, terms like "big data", "the cloud",
"data mining", and "social media" were not well known by
students, parents, and school officials. To
lower costs and to help our students learn more effectively, thousands of
schools across the country have adopted new digital
technologies. Unfortunately, the current legal framework designed to protect
student privacy and safety has not kept up with the rapid advancements that
have been created by the Digital Age.
The
federal Family
Educational Rights and Privacy Act (FERPA) is the main federal law that
protects student educational records.
This law was initially enacted in 1974
and has been amended multiple times by Congress; the last time being in
2001 before the widespread adoption of cloud computing and other digital
platforms in schools. While the statute
hasn't been amended in more than 10 years, the rules that the U.S. Department
of Education uses to implement FERPA have been more recently updated. Despite these revisions, some public interest
groups such as the Electronic
Privacy Information Center allege that FERPA's rule changes undermine privacy safeguards set out in the statute and unnecessarily
exposes students to new privacy risks.
At
first glance, FERPA appears to be a robust law that protects the personal
privacy and safety of students. However,
upon closer examination FERPA does not provide the protections that our
students need in the Digital Age. In the
almost 40 years since FERPA's initial enactment, no school has been denied
access to federal funds due to a violation that has put the personal privacy
and/or safety of students at risk. As
more third parties have been contracted to handle student data through the
spread of cloud and mobile technologies, FERPA has done little to constrain the
behavior of these third parties because the statute does not
contain a sanction that applies them.
Does this mean that FERPA has been successful and that a school's actions have never put the personal privacy and/or safety of students at risk? Or, does this validate the notion that FERPA lacks strong enforcement provisions and the U.S. Department of Education has not been provided the resources necessary to properly protect our children?
Does this mean that FERPA has been successful and that a school's actions have never put the personal privacy and/or safety of students at risk? Or, does this validate the notion that FERPA lacks strong enforcement provisions and the U.S. Department of Education has not been provided the resources necessary to properly protect our children?
In
2002, the Supreme Court
held that FERPA's
nondisclosure provisions do not provide students a personal right to sue entities
that fail to properly safeguard their educational records. While this ruling appears to shield schools
from student lawsuits based upon FERPA violations, it has also had a very troubling
unintended side effect that may be leading some schools to put their guard down
when engaging third party vendors to capture, process, and transmit student
data.
History
has proved that some commercial enterprises will abuse their access to student
data and that FERPA is unable to provide the privacy and/or safety protections
our children need and deserve. In 2003,
multiple student survey
companies
were caught intentionally misleading schools, students, and parents about their
data collection and utilization practices.
The FTC alleged that these
entities sold personally identifiable information about millions of students to
marketers for financial gain. In
addition to entering into a consent
agreement with the FTC that ended these practices, the New York
Attorney General's office fined these entities $75,000 for their actions.
In
2012, Time Magazine discovered that
a company called UDiligence that had been hired by universities across the
country to scan and archive the password protected personal digital content of
student-athletes was abusing its access to student data by utilizing personal student
content in advertisements for the company's services. Only after Time Magazine questioned this
practice did UDiligence stop monetizing students' personal digital content for pecuniary
gain.
Several
months ago, a judge in a lawsuit that accuses Google of
violating multiple federal and state laws regarding its email data mining
practices ruled that the case may move forward.
During a recent court filing in this lawsuit, Google admitted that its
University of Alaska school branded Gmail system utilizes the information
obtained from student emails for advertising purposes (Link to this document; See
page 42, #88). As part of an effort to
dismiss the case, Google argued that two student plaintiffs from universities
who were Google Apps for Education users consented to Google scanning their
emails for advertising purposes when they signed onto the service the first
time (Link to this document; See page 14).
Since
Google provides this same exact service for free to thousands of schools across
the country it raises a serious question of whether Google is data mining the
school emails of millions of students across the country for financial gain. Do the same arguments that Google has made in
its motion to dismiss, that students have consented to this data mining, apply
to students at other schools where Google Apps for Education is in use? It does not appear that students, parents, and/or
teachers have been informed and provided consent that would enable their digital
interactions and the content sent and received on school contracted Gmail
services to be utilized for advertising purposes.
The
personal safety of students are at risk when commercial entities obtain access
to student data and act upon the information.
According to Education Week, some
low-income children in Arizona were subjected to unnecessary dental work by
corporate-affiliated "mobile dentists" who found their patients
through easy access to school records.
In response to this troubling practice, Arizona enacted a new state law last year that tightened
access to this information.
Several
months ago, The New York
Times
discussed the privacy and safety challenges inherent when schools hire third
parties to collect and store student data on the web. A recent Fordham
University Law School
study found "weaknesses in the protection of student information in the
contracts that school districts sign when outsourcing web-based tasks to
service companies". Fordham's
findings were validated by the Maryland Attorney General's 2013 report
on children's privacy
that recommended a new state law that would prohibit cloud service providers
from using data collected from students for commercial purposes.
Parents are
extremely worried
about their children's personal privacy and safety. A new Common Sense
Media Survey
found broad support for stronger safeguards to protect our students in the
Digital Age. According to the survey, 91
percent of respondents support stronger parental-consent requirements related
to the sharing of sensitive student data, and 89 percent supported tighter
security standards for cloud storage.
Since FERPA has not been updated to reflect the tremendous change the Digital Age has brought to the education system, it is time for states to enact laws that better protect the personal privacy and safety of our students. States should enact strict prohibitions on the use of student data (i.e. emails, documents, or other content), ensuring that vendors do not have rights to use that data for advertising or marketing purposes or to otherwise build personal profiles of students that may be utilized to discriminate against students and/or their families. Parents and students need to know that when they utilize school provided digital communication platforms their data is safe and secure and will not be used to prey upon their economic and/or personal situation.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Thursday, January 23, 2014
White House Announces Big Data and the Future of Privacy Comprehensive Review
On the White House Blog earlier today, John Podesta, a Counselor to the President provided further details about the comprehensive privacy review that the President recently asked him to undertake. In the blog post, it stated that Mr. Podesta would lead a "comprehensive review of the way that “big data”
will affect the way we live and work; the relationship between
government and citizens; and how public and private sectors can spur
innovation and maximize the opportunities and free flow of this
information while minimizing the risks to privacy."
Mr. Podesta will be joined by Secretary of Commerce Penny Pritzker, Secretary of Energy Ernie Moniz, the President’s Science Advisor John Holdren, the President’s Economic Advisor Gene Sperling and other senior government officials. The working group will consult with stakeholders such as members of industry, civil liberties groups, academics, privacy experts, and government officials.
This effort is suppose to begin during the next 90 days and help develop the national conversation regarding the issues surrounding the usage of "big data" and the privacy implications inherent with new digital technologies.
I believe this is a positive development that will help shape future public policy decisions. In order to continue to flourish, democracies require transparent discussions about the important issues that affect their citizens.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Mr. Podesta will be joined by Secretary of Commerce Penny Pritzker, Secretary of Energy Ernie Moniz, the President’s Science Advisor John Holdren, the President’s Economic Advisor Gene Sperling and other senior government officials. The working group will consult with stakeholders such as members of industry, civil liberties groups, academics, privacy experts, and government officials.
This effort is suppose to begin during the next 90 days and help develop the national conversation regarding the issues surrounding the usage of "big data" and the privacy implications inherent with new digital technologies.
I believe this is a positive development that will help shape future public policy decisions. In order to continue to flourish, democracies require transparent discussions about the important issues that affect their citizens.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Tuesday, January 21, 2014
9th Circuit Court of Appeals Rules Bloggers Have First Amendment Protection
I blog to share information that I believe may assist others in their quest for knowledge about the legal, business, and public policy issues that affect digital media users. I exercise my First Amendment rights when I believe there is an issue that is important and newsworthy for my readers.
When I blog, I research my proposed article, write, and edit my work just like journalists who work at large well-established media outlets. Therefore, I believe those who post online should receive the same type of legal protections against lawsuits that are afforded professional journalists.
I am not the only one who believes in strong protections for online commentators. In a huge win for the freedom of speech, the 9th U.S. Circuit Court of Appeals recently ruled that bloggers have the same First Amendment protections as journalists when sued for defamation. This is an important milestone in the legal landscape for digital speech rights.
A very important cornerstone of democracy is a free press. This new decision has its roots in the famous John Peter Zenger acquittal in 1735. John Peter Zenger was accused of libel and a jury returned a verdict of not guilty. Andrew Hamilton became famous for his defense of Zenger and his quote, "truth is a defense against libel".
The bottom line is that bloggers and other digital content creators now have greater legal protections. While some people may not like this ruling due to the potential cyber bullying side effects, this decision helps protect freedom and the free flow of ideas that are so important in a democracy. There are too many people in this world who either threaten legal action and/or take legal action via strategic lawsuits against public participation to silence their critics. If this ruling stands, it will help protect those who expose fraud and other illegal activities via digital commentary.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
When I blog, I research my proposed article, write, and edit my work just like journalists who work at large well-established media outlets. Therefore, I believe those who post online should receive the same type of legal protections against lawsuits that are afforded professional journalists.
I am not the only one who believes in strong protections for online commentators. In a huge win for the freedom of speech, the 9th U.S. Circuit Court of Appeals recently ruled that bloggers have the same First Amendment protections as journalists when sued for defamation. This is an important milestone in the legal landscape for digital speech rights.
A very important cornerstone of democracy is a free press. This new decision has its roots in the famous John Peter Zenger acquittal in 1735. John Peter Zenger was accused of libel and a jury returned a verdict of not guilty. Andrew Hamilton became famous for his defense of Zenger and his quote, "truth is a defense against libel".
The bottom line is that bloggers and other digital content creators now have greater legal protections. While some people may not like this ruling due to the potential cyber bullying side effects, this decision helps protect freedom and the free flow of ideas that are so important in a democracy. There are too many people in this world who either threaten legal action and/or take legal action via strategic lawsuits against public participation to silence their critics. If this ruling stands, it will help protect those who expose fraud and other illegal activities via digital commentary.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Thursday, January 16, 2014
FTC Settlement: Apple to refund $32 million dollars for children's in-app purchases
Yesterday, the FTC announced that Apple will provide full consumer refunds of at least $32.5 million dollars to settle an FTC complaint that it charged for kids' in-app purchases without parental consent. This settlement demonstrates that the FTC is continuing to protect our children and families against potential unfair and misleading trade practices in the digital space.
The FTC complaint alleged Apple violated the FTC Act by failing to tell parents that by entering a single password they were consenting to an in-app purchase. In particular, it was alleged that parents (account holders) were not informed that entering their password would open a 15-minute window in which children can incur unlimited charges. Under the Consent Order, Apple is required to change its billing practices to ensure that it has obtained "express, informed consent from consumers" before billing for items sold in mobile apps.
The FTC's mobile apps for kids reports put mobile app developers and ecosystem owners on notice that the FTC is watching the entire space to protect children and families from unfair and deceptive trade practices. This new enforcement action combined with the FTC's previous activities reinforces the notion that the mobile environment contains serious personal privacy and safety issues along with potential unfair trade practice issues that need to be addressed.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
The FTC complaint alleged Apple violated the FTC Act by failing to tell parents that by entering a single password they were consenting to an in-app purchase. In particular, it was alleged that parents (account holders) were not informed that entering their password would open a 15-minute window in which children can incur unlimited charges. Under the Consent Order, Apple is required to change its billing practices to ensure that it has obtained "express, informed consent from consumers" before billing for items sold in mobile apps.
The FTC's mobile apps for kids reports put mobile app developers and ecosystem owners on notice that the FTC is watching the entire space to protect children and families from unfair and deceptive trade practices. This new enforcement action combined with the FTC's previous activities reinforces the notion that the mobile environment contains serious personal privacy and safety issues along with potential unfair trade practice issues that need to be addressed.
Copyright 2014 by the Law Office of Bradley S. Shear, LLC All rights reserved.
Subscribe to:
Posts (Atom)