Section 5 of the Federal Trade Commission Act — the Act that established the FTC in the first place — makes it unlawful to engage in “unfair methods of competition … and unfair or deceptive acts or practices…” Though the words seem simple enough, its application in today’s world is anything but simple, particularly when you talk about data privacy. Two companies — Wyndham Worldwide Corp. and LabMD Inc. — are publicly, and independently, challenging the FTC’s authority over their data security policies (and subsequent lapses). This post is a quick update about LabMD’s challenge.
In August 2013, the FTC filed an administrative complaint against LabMD, alleging that it lacked appropriate data security and unreasonably exposed the health and personal data of its consumers. LabMD conducts clinical laboratory tests on patients and reports its finding to patients’ health care providers. In performing the needed tests, LabMD typically obtains personal information, including names, addresses, dates of birth, SSNs, bank account or credit card information, laboratory tests, test codes and results, diagnoses, clinical histories, and health insurance company names and policy numbers. LabMD possesses such data for approximately 1 million consumers.
The FTC charged that LabMD “failed to provide reasonable and appropriate security for personal information on its computer networks.” Among other things, the complaint states that LabMD failed to:…
Continue Reading →
This past summer, the University of Amsterdam launched a new, week-long Privacy Law and Policy Summer Course related to the Internet, electronic communications, and online and social media. Course faculty included European and U.S. academics, European regulators and the head of the global privacy law practice at an international law firm, among others. Course participants consisted of 25 legal practitioners and post-graduate researchers from the Netherlands, Spain, Italy, Slovakia, the United States, Japan, Brazil, Kenya and other countries. I was lucky enough to serve as a co-organizer and faculty member for the course.
Taken together, the nine mini-seminars that constituted the backbone of the course provide a snapshot of developments in privacy law and policy in Europe and in the United States, and how they relate to one another. This should be of interest to U.S. lawyers and others who work in the areas of privacy law, compliance and management. What follows is a brief description of some key takeaways from the week, and an attempt to pull them together into a broader perspective.
Doing business over the Internet
Daniel Cooper, head of the Global Privacy Practice at Covington & Burling, discussed emerging legal and policy challenges facing European companies that seek to do business over the Internet. Cooper’s comprehensive presentation stressed that companies face a wide array of matters, including privacy issues related to online behavioral advertising and business use of social media, facial recognition technology, mobile apps, and big data. The 1995 Data Protection Directive pre-dates these technological …
Continue Reading →
Many businesses outsource work such as website creation, software development or other creative tasks, engaging the services of companies or individuals experienced in these fields. Some are surprised to learn, often the hard way, that paying someone to create your website, develop software or produce other works of authorship does not mean you own the copyright in the final work product. Lack of ownership may prove costly, as a copyright owner has the exclusive right to reproduce, distribute and even modify the original work.
Copyright protection, which has been referred to as the “forgotten stepchild” of intellectual property, deserves more respect and attention than it often receives. For starters, copyright protection is rather cheap — in fact, it’s actually free (more on that below). Unlike patents, you don’t need to spend thousands of dollars on an application, hoping that the Copyright Office agrees that you created something artistic or worthy of copyright.
Copyright protects works of authorship, including: literary works; musical works; dramatic works; pictorial, graphic, and sculptural works; motion pictures and other audiovisual works; sound recordings; and architectural works. 17 U.S.C. § 102(a). Though copyright does not extend to ideas, processes, systems, discoveries, etc., the tangible expression of these — e.g., computer software — is entitled to copyright protection.…
Continue Reading →