By Porter Wright on A federal court has denied a defendant-employer’s request that plaintiffs sift through and turn over all their social media posts made during their work hours in an FLSA collective action in which the plaintiffs claim their employer failed to give them meal breaks. How did that happen? I thought you’d never ask. By way of … Continue Reading
By Porter Wright on Today’s cell phones enable people to stay connected to work, family and friends in ways that would have sounded like science fiction to past generations. But even some of the savviest of cell-phone users are unaware of the ways in which their devices may be used against them. To police and prosecutors, a cell-phone, which … Continue Reading
By Brian Hall on When we think about the issues that employers have been struggling with relating to employee use of personal mobile devices for work, thoughts of data security, trade secret protection, record retention, and even FLSA compliance immediately come to mind — or at least my mind. But, I bet you wouldn’t anticipate what allegedly happened in Lazette … Continue Reading
By Donna Ruscitti on On June 19, Porter Wright launches its four-part seminar series covering technology topics at the forefront of today’s businesses. Technology Law Source will continue to cover these topics in future blog posts, including navigating through U.S. and international laws, regulations and standards. The seminar series comprises: Social Media in the Law: Learn It and Use … Continue Reading
By Porter Wright on I find a certain irony in the current ubiquity of privacy-related topics when the concept was once defined (and not by current European thinking, but more than 120 years ago), as the “right to be let alone,” in “The Right to Privacy,” by Warren and Brandeis, 4 Harvard L.R. 193 (Dec. 15, 1890). Nonetheless, I … Continue Reading
By Porter Wright on On Jan. 25, 2012, the European Commission first published a proposed draft General Data Protection Regulation (the “Proposed Regulation”). Almost one year later, the Civil Liberties, Justice and Home Affairs (LIBE) Committee (the European Parliament’s lead committee considering the Proposed Regulation) issued suggested amendments to the original proposal (the "Draft Report") and reignited discussion and … Continue Reading
By Donna Ruscitti on If you are sending emails or other electronic communications to Canadian residents, you need to be aware that Canada is moving closer to finalizing the last set of highly anticipated regulations implementing Canada’s Anti-spam Legislation (CASL) . On Jan. 5, 2013, Industry Canada published regulations for a 30-day comment period, closing Feb. 4, 2013. CASL … Continue Reading
By Donna Ruscitti on While we often think of cyber attacks as intrusions from external sources, companies are also vulnerable to insider attacks from their own employees. Current laws may not provide the best protection as demonstrated in a recent federal court decision out of the Southern District of Ohio, Freedom Banc Mortgage Services, Inc. v. O'Harra. We are sharing the post Brian Hall, Editor of the Firm's Employer Law Report Blog and Partner in the Firm's Labor Department, authored summarizing the case.
… Continue Reading
By Donna Ruscitti on U.S. and EU approaches to privacy regulation have been very different, but recent developments in the U.S. may be narrowing the gap. Recently, we hosted a seminar regarding current developments in information privacy regulation. The subjects covered and a link to the materials are provided below. Our panelists included: Dennis Hirsch, Esq., Professor at Capital University … Continue Reading
By Porter Wright on The EU Conference on Privacy and the Protection of Personal Data held March 19 in Washington, D.C., was a great illustration of the importance of the topic within the European Union. The conference was extremely well attended by high-level EU regulators and provided valuable insights into the respective priorities. Tangible results, however, were scarce and … Continue Reading
By Porter Wright on This note is a reminder of the expiration of the grandfather provision under the Massachusetts Data Security Regulations, summarized here, which expires on March 1, 2012. Any applicable third party service provider contract entered into prior to March 1, 2010 must incorporate the appropriate security measures for personal information as specified in the regulations. Companies … Continue Reading
By Porter Wright on The Sedona Conference® recently published the International Principles on Discovery, Disclosure & Data Protection (“International Principles”) through its Working Group 6 on International Electronic Information Management, Discovery and Disclosure. The Sedona Conference® launched Working Group 6 in 2005 to bring the most experienced attorneys, judges, privacy and compliance officers, technology-thought leaders, and academics from around the … Continue Reading
By Porter Wright on In a statement published on December 8, 2011, the Association of German Data Protection Agencies known as the “Duesseldorfer Kreis,” (“DK”) issued an opinion summarizing the minimum compliance criteria for operators of social networks in Germany: Transparent privacy policy and informed consent are essential for protecting the right to data privacy Opt-out solutions are insufficient, … Continue Reading
By Porter Wright on FTC Audit Agreement According to various news reports, Facebook and the FTC are about to enter into an agreement which will subject Facebook to privacy audits for the next 20 years. The agreement will apparently require Facebook to obtain prior express consent before making public any information to which the user had granted limited access … Continue Reading
By Porter Wright on The Article 29 Working Party outlined its agenda for 2012 at a recent plenary meeting in Brussels. Not surprisingly, the top priority is a new legal framework for data protection. But other topics, some of interest for US data protection developments, were discussed as well. Revision of the EU data protection framework: To ensure that … Continue Reading
By Porter Wright on In my last entry I stressed the importance of complying with the various consent requirements hidden in European data protection laws. To prove my point and to illustrate further the high standards imposed by the German Data Protection Law, a regional German DPA (das “Unabhängige Landeszentrum für Datenschutz” in Schleswig Holstein or “ULD”) has taken … Continue Reading
By Porter Wright on Any US company that receives data about individuals living in the European Union must be familiar with the basic principles of consent and data protection within the EU to avoid costly mistakes that are easily made in obtaining consent, should the validity of such consent be challenged by the EU data protection agencies. While certain … Continue Reading
By Porter Wright on According to Javelin Strategy & Research’s 2011 Identity Fraud Survey Report, there was a 28% drop in the number of victims of identity fraud in 2010. Additionally, the number of reported data breaches dropped significantly (404 reported breaches in 2010, down from 604 in 2009). Finally, the report states that "only" 26 million records … Continue Reading
By Porter Wright on Please join us for this informative series focused on the technical, enforcement, and practical aspects of experiencing and responding to a data security incident. For the complete invitation and details on registration please click here. IDENTITY THEFT, CORPORATE DATA SECURITY BREACHES AND LAW ENFORCEMENT: SHOULD I CALL THE COPS? Learn How to Effectively Utilize Law … Continue Reading
By Porter Wright on As recently reported by the Washington Post and others, the FTC has ended an inquiry into privacy concerns over Google’s Street View service after Google pledged to stop gathering email, passwords, and other information from residential WiFi networks as its Street View cars creep through neighborhoods with computers on and cameras rolling. For some background … Continue Reading
By Porter Wright on While nothing new by now, the practice of recording images or video of others without their knowledge and then disseminating the content on a worldwide basis has come under particular scrutiny over the past week. The tragic story of the Rutgers University student (as reported by ABC News here, where I first learned of it) has become the basis of a worldwide conversation … Continue Reading
By Porter Wright on The Department of Health and Human Services (HHS) announced yesterday that it was temporarily withdrawing the breach notification final rule from review of the Office of Management and Budget (OMB) to allow HHS further time to consider these regulations. The breach notification rule, among other things, requires covered entities to notify individuals whose protected health information … Continue Reading
By Porter Wright on This week, the Identity Theft Resource Center released its 2010 data breach statistics report for data breaches through June 22, 2010. According to this weekly report, 2010 has already seen 325 reported data breaches exposing approximately 8.3 million records. Considering that the 2009 report shows 498 reported data breaches for all of last year, it looks like … Continue Reading
By Porter Wright on Is your phone ringing off the hook? Then you’d better check your bank account. According to the Federal Bureau of Investigation, a new “telephone denial-of-service” attack is combining high-tech and low-tech fraud techniques to steal money from the bank accounts of unsuspecting victims. As reported in the alert issued by the FBI, the scam begins with the … Continue Reading
