Technology Law Source

Archives: Social Media

Subscribe to Social Media RSS Feed

Social media privacy makes its way to Capitol Hill

Editors’ Note: Colleen Marshall, a Senior Attorney in Porter Wright’s Litigation Department, is also a widely-recognized, award-winning news anchor for Columbus’ NBC-affiliate, WCMH – 4. In a detailed interview with Porter Wright’s Sara Jodka last week, Colleen reports on the use of social media by employers: “You Can’t Delete Your Way Out Of Social Media.”

As noted in a recent blog post and in the news report mentioned above, 21 states have social media privacy legislation pending. But, social media privacy could soon be governed by an act of Congress.

Representative Elliot Engel (D-N.Y.) just introduced H. R. 537, the “Social Networking Online Protection Act” that he says will protect both employees and job applicants from employer efforts to obtain passwords to private social media accounts. Unlike most laws currently being considered on the state level, Engel’s bill would also protect passwords to email accounts. The bill is currently in the House Committee on Education and the Workforce, and makes a critical distinction between private accounts and social networking accounts owned by employers but maintained by employees in the course of employment.

Ohio Senate Bill 45, the Social Media Privacy Protection Act, is the most recent state effort to prohibit employers from gaining access to private electronic accounts, such as Facebook. Ohio 15th District Senator Charleta Tavares (D-Columbus) introduced the bill in an effort to prohibit employers, employment agencies, personnel placement services, and labor organizations from requiring an applicant or existing employee to surrender their personal …

Why you can’t delete your way out of your social media mess

Naked pictures? Drunken celebrations? Sexist comments? A click of a button and all evidence of your “Weekend at Bernie’s” can disappear. Job seekers know to scrub clean their Facebook pages before they connect with potential employers, to remove all trace of their off-color on-line life. But here in Ohio you can’t delete your way out of the mess you created through social media. Employers can legally ask employees and recruits to surrender their social media passwords, and thanks to Facebook’s newly expanded access program, the result is a stunningly deep portal into private messages, deleted posts, photographs and everything you ever posted on your Facebook wall.

Where does an employer’s right to screen applicants and monitor employee behavior end and personal privacy begin? It’s a murky line drawn so far by only six states — and Ohio isn’t one of them. After failing to win support for Senate Bill 351 in 2012, Ohio Senator Charleta Tavares will this month reintroduce her proposal to make it illegal for an employer to require an employee or potential employee to surrender their social media passwords. Tavares argues that employers should not be able to access personal thoughts and messages that employees never intended to be broadly distributed.

Tavares’ legislation would not restrict employers from inspecting the social media that is readily available to an applicant’s network of friends, and can legitimately help employers determine if a prospective employee would be a good organizational fit. Employers, for example, could still inspect your Facebook page, …

Discovery of Social Media Information is Subject to Same Rules as Paper Discovery

In a recent decision, a court in the Southern District of Ohio denied a motion to compel the plaintiff in an employment discrimination action to give the defendants her user names and passwords for each of the social media sites she uses. In Howell v. The Buckeye Ranch, Case No. 2:11-cv-1014 (S. D. Ohio Oct. 1, 2012), the court said “[t]he fact that the information defendants seek is an electronic file as opposed to a file cabinet does not give them the right to rummage through the entire file. The same rules that govern the discovery of information in hard copy documents apply to electronic files.” Applying this reasoning, the court held that the defendants’ discovery request was overbroad because turning over the plaintiff’s user names and passwords would give them access to “all the information in the private sections of her social media accounts—relevant and irrelevant alike.”

Although the court denied the motion to compel, it did find that relevant information in the private section of a social media account is discoverable, and that this information is not privileged or protected from discovery by a common law right of privacy. Moreover, the court stated that the plaintiff had a continuing duty to preserve all the information in her social media accounts and that the plaintiff’s counsel should advise defendants’ counsel if any information in the private sections of the accounts had been deleted since discovery was served.…

First NLRB Decision on Employer Social Media Policies

In a recent decision,Costco Wholesale Corporation (NLRB Case No. 34-CA-012421), the National Labor Relations Board (NLRB) considered a social media policy for the first time. The NLRB invalidated portions of Costco’s policies and in doing so signaled that it will probably track closely with the General Counsel’s guidance when reviewing social media policies.  Mike Underwood, a Partner in our Labor & Employment Practice, and frequent contributor to the Employer Law Report blog,has a post focused on this development<.  As this may be of interest to many, we wanted to share it with you.…

Data Protection in Social Networks

 In a statement published on December 8, 2011, the Association of German Data Protection Agencies known as the “Duesseldorfer Kreis,” (“DK”) issued an opinion summarizing the minimum compliance criteria for operators of social networks in Germany:

  • Transparent privacy policy and informed consent are essential for protecting the right to data privacy
  • Opt-out solutions are insufficient, all privacy settings must be on the basis of opt-in selections
  • Users must have simple access to their stored personal data
  • Facial recognition features require express, confirmed consent
  • No tracking profiles without the informed consent of the user
  • Obligation to delete data after the termination of the membership
  • Social plug-ins on the websites of German operators are not compliant with data protection laws unless they are covered by informed consent and provide the opportunity for the user to prevent the data transfer
  • Social networks must protect user data through implementation of suitable privacy controls; operators must be able to demonstrate that such measures were taken
  • Minors require particular protection and information regarding the processing of personal data must be easily comprehensible to them
  • Social networks located outside the EEA must nominate an agent in Germany who serves as the contact person for the DPAs

The opinion, however, is not limited to this rather generic list of minimum requirements. Instead, it takes the opportunity to address two of the most pressing issues which have dominated the discussion of social networks and their commitment to data privacy over the past several months.…

ISSA Social Media Summit – Social Media and Legal Risk

Porter Wright attorney Justin Root will present “Social Media and Legal Risk” as part of the Information Systems Security Association (ISSA) Columbus Chapter’s Social Media Summit on October 19, 2011 in Worthington, Ohio. More information is available at ISSA is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.…

Glass Houses and an Unwanted 15 Minutes of Fame

While nothing new by now, the practice of recording images or video of others without their knowledge and then disseminating the content on a worldwide basis has come under particular scrutiny over the past week.  The tragic story of the Rutgers University student (as reported by ABC News here, where I first learned of it) has become the basis of a worldwide conversation regarding privacy and civility.   Also in the news this week was the story reported by Jon Yates of the Chicago Tribune of a Chicago woman who discovered a photo of herself on a website called People of Public Transit and the woman’s efforts (and Jon Yates’ efforts) to get the photo removed from the site.

While videotaping someone in their own living quarters behind locked doors may seem a clear invasion of privacy, the capturing of someone’s image while that person is in a public space is generally not an invasion of privacy, as someone on a sidewalk or on a public transit bus would not have an expectation of privacy.  Given the modern day implications of that lack of a right to privacy–witness the People of Public Transit website and many others like it–one could argue that there is something missing in the law.

This issue was well framed by the Chicago woman in that story noted above when she said,  “Most people walking around just want to be left alone. That’s the nature of living in cities. It seems kind of peculiar to hold …

Endorsement Guides Create Concerns for More Than Just Bloggers

Bloggers have been buzzing since the Federal Trade Commission (FTC) updated its Guides Concerning Use of Endorsements and Testimonials in Advertising (“Guides”) to cover “consumer generated media” such as blogs and other Internet media forms. (16 C.F.R. Part 255) (.PDF) The changes are the first update since 1980 for the Guides, which are intended to offer guidance to compliance under 15 USC § 45 (“Unfair methods of competition unlawful; prevention by Commission”). While the FTC describes the Guides as providing “the basis for voluntary compliance with the law by advertisers and endorsers”, the Guides could form the basis for an enforcement action by the FTC, and noncompliance may result in a civil penalty of up to $10,000 per violation.

In the interest of providing consumers with full disclosure, the updated Guides require bloggers to disclose any “material connection[s]” they have with producers of any products that they “endorse” on their blogs. A “material connection” includes not only monetary compensation, but also any free good received by the blogger—even if that good was provided unsolicited, with no conditions attached, for the purpose of allowing the blogger to review the product. Under the Guides, “endorsers” and companies must fully disclose any connection between “the endorser and the seller of the advertised product that might materially affect the weight or credibility of the endorsement.” In an effort to further explain the intent behind the Guides, the FTC has provided 35 example fact patterns in the Guides, and even an instructional video.

Much of …