In a voluntary self-policing effort most likely intended to help safeguard their Communications Decency Act (“CDA”) Section 230 immunity from suit, several Internet Service Providers (“ISPs”) have created a “Copyright Alert System” (“CAS”) to allow content owners the opportunity to report piracy, through which “strikes” can be issued to Internet service users as a warning for piracy. This YouTube user who I can’t identify as an authority, has a few generally accurate, and fairly informative videos about the CAS regime. It’s not clear whether this user is a representative of the ISPs or not. Comcast also has a pretty good set of faqs on the CAS.
Essentially, the CAS allows content owners to identify infringing IP addresses after verifying that infringement is taking place by P2P (“peer to peer”) file sharing. The ISP then sends a warning to the Internet service user who had that IP address at the relevant time. After multiple warnings the Internet service user may be required to view a video about piracy, and after several warnings that user’s service may be “throttled,” or slowed down to make piracy more difficult or time-consuming. The CAS includes an arbitration process for challenging warnings (Russell’s teapot: How do you prove you weren’t pirating?), but no circumstance under which an Internet service user’s account is to be terminated.
For those of you not familiar with COPPA, the FTC passed the act in 1998 and it is designed to help protect the personally identifiable information of Internet users under the age of 13 and gives parents control over the information companies collect online from their children. COPPA specifically applies to websites targeting children, but essentially applies to any site that a child could use that collects personally identifiable information. The FTC is concerned with children’s privacy now more than ever with the increased use of social media and smartphone apps that use features such as geolocation.
The Electronic Privacy Information Center (EPIC), an internet privacy advocacy group, filed a Freedom of Information Act (FOIA) request on Wednesday with the Federal Communications Commission (FCC) for the full release of its report on the investigation of Google Street View. Google Street View was under investigation for the collection and storage of data from unencrypted wireless networks. The investigation started when it was determined that Google Street View collected data about personal online usage from unsecured Wi-Fi networks for four years while intending to simply collect the locations of Wi-Fi access points. Read more
The House of Representatives has plans to focus on cybersecurity in the coming weeks and, as a result, is slated to consider at least two bills that have gained substantial traction out of committee. These bills carve out exceptions to privacy laws to allow private companies to disclose “cyber threat intelligence” to the government. The need for such a law is proclaimed by political officials and private entities alike. Current privacy laws—such as the Electronic Communications Privacy Act or the Privacy Act—provide an all-important shield against disclosure of private information but often have the consequence of hamstringing efforts to identify and prevent cyber threats. Read more
On March 27th, the Federal Trade Commission announced that it has settled its complaint that RockYou, Inc., an online gaming site, allowed hackers to access the personal information of 32 million users while it touted its security features and that it violated the Children’s Online Privacy Protection Act (COPPA) Rule when it collected information from approximately 179,000 children. The settlement requires RockYou to stop its deceptive claims about privacy and data security, implement a data security program, stop all future violations of COPPA, and pay a civil penalty of $250,000. Read more