Skip to content

Posts from the ‘Privacy Policy’ Category

CalOPPA Amendment: What “Do Not Track” Means for You

The previous iteration of the California Online Privacy Protection Act (CalOPPA) requires, among other things, that website operators who collect personally identifiable information (PII) about individuals residing in California conspicuously display a privacy policy.  Additionally, this privacy policy must identify the categories of PII that the website operator collects as well as any third party with whom the operator may share this information.  As you may recall, Delta Airlines came under fire last year for not having a privacy policy for their mobile app.

Read more

Piracy, ISPs, and six strikes: not two outs, or even one…

In a voluntary self-policing effort most likely intended to help safeguard their Communications Decency Act (“CDA”) Section 230 immunity from suit, several Internet Service Providers (“ISPs”) have created a “Copyright Alert System” (“CAS”) to allow content owners the opportunity to report piracy, through which “strikes” can be issued to Internet service users as a warning for piracy.  This YouTube user who I can’t identify as an authority, has a few generally accurate, and fairly informative videos about the CAS regime.  It’s not clear whether this user is a representative of the ISPs or not.  Comcast also has a pretty good set of faqs on the CAS.

Essentially, the CAS allows content owners to identify infringing IP addresses after verifying that infringement is taking place by P2P (“peer to peer”) file sharing.  The ISP then sends a warning to the Internet service user who had that IP address at the relevant time.  After multiple warnings the Internet service user may be required to view a video about piracy, and after several warnings that user’s service may be “throttled,” or slowed down to make piracy more difficult or time-consuming.  The CAS includes an arbitration process for challenging warnings (Russell’s teapot: How do you prove you weren’t pirating?), but no circumstance under which an Internet service user’s account is to be terminated.

Read more

Another Lesson Learned: Instagram Quickly Backtracks After Angering Its Users

This week, users of Instagram scored a victory with the company’s management over a plan to amend Instagram’s terms of service that would allow the third-party use of users’ photos without their permission or any form of compensation.  This change, which was scheduled to take effect in mid January, caused an uproar among Instagram’s user base.

Read more

California Attorney General Sues Delta Airlines for Not Having a Privacy Policy for Mobile App

Not having a privacy policy could be a problem, especially if you collect personally identifiable information from users located in California.  Delta Airlines is learning this tip the hard way.  Kamala Harris, the California Attorney General, filed a complaint in state court last week against Delta Airlines for not adhering with California state law. The state law at issue is the California Online Privacy Protection Act, which requires a website that collects personally identifiable information about individual consumers residing in California to conspicuously display a privacy policy.

Read more

FTC v. Epic Marketplace: It’s not paranoia if…

Remember that Rockwell song from the 80’s: “I always feel like somebody’s watching me…”?  Chances are, while you were online, Epic Marketplace was.  Earlier today the Federal Trade Commission (FTC) reached a settlement with Epic Marketplace that required that company to stop “datasniffing” websurfers’ browsing and destroy records gained by doing so.  Find the Consent Order here.

Read more

Congress to Consider Radically Different Approaches in Cybersecurity Standoff

The House of Representatives has plans to focus on cybersecurity in the coming weeks and, as a result, is slated to consider at least two bills that have gained substantial traction out of committee.  These bills carve out exceptions to privacy laws to allow private companies to disclose “cyber threat intelligence” to the government.  The need for such a law is proclaimed by political officials and private entities alike. Current privacy laws—such as the Electronic Communications Privacy Act or the Privacy Act—provide an all-important shield against disclosure of private information but often have the consequence of hamstringing efforts to identify and prevent cyber threats.  Read more

Is Your Website COPPA-Compliant?

On March 27th, the Federal Trade Commission announced that it has settled its complaint that RockYou, Inc., an online gaming site, allowed hackers to access the personal information of 32 million users while it touted its security features and that it violated the Children’s Online Privacy Protection Act (COPPA) Rule when it collected information from approximately 179,000 children. The settlement requires RockYou to stop its deceptive claims about privacy and data security, implement a data security program, stop all future violations of COPPA, and pay a civil penalty of $250,000. Read more

House (Mis)fires First Shot in Battle over Employer Access to Facebook Passwords

While at least one Senator is drafting a bill to stop the “unreasonable invasion of privacy” resulting from employer access to your Facebook page, the House has rejected a similar proposal from Colorado Representative Ed Perlmutter.  The measure would have prevented employers from collecting Facebook user names and passwords as a condition of employment.  The law was added as an amendment to the FCC Reform Act Bill, but was shot down 236-184. Republican opposition spelled disaster for the amendment, though it’s not clear whether House Republicans were genuinely opposed to the legislation or simply did not want to address the matter as part of the FCC Bill (which incidentally, they passed later that day).

As this blog has reported previously, Facebook is vehemently opposed to employers gaining access to employee pages. However, presumably because Facebook lacks the legal and technical capacity to stop the practice, Facebook (and its user base) has been ratcheting up the pressure on Congress to do something.

Given the attention on this issue, it’s practically certain that these measures will be reintroduced in future legislation. We’ll no doubt be blogging about these developments, so check back with us for updates as this saga unfolds.


Breaking: OnStar Partially Reverses Privacy Policy – Issues Remain

OnStar has received tremendous backlash for changes to their privacy policy (which is detailed here, here, and here).

Now, it appears they have reversed the part of their new privacy policy that would have required customers to opt-out of being tracked even after canceling their service.

Issue remain, however.

Read more

Sen. Schumer Calls for Investigation of OnStar

The OnStar privacy debacle lives on.

Now Sen. Schumer is calling for the FTC to investigate Onstar (via The Hill) for recent changes to their privacy policy (which takes affect December 1).

Read more

%d bloggers like this: