Gibbons Law Alert

Gibbons Law Alert

Tagged: Privacy

Class Action Certified in In re Yahoo Mail Litigation for Violations of Stored Communication Act and California’s Invasion of Privacy Act

by

Posted in Class Action Defense / Privacy and Data Security

On June 25, 2015

On May 28, 2015, U.S. District Judge Lucy Koh in the Northern District of California certified a class of email users in a privacy action that claims Yahoo Inc. (“Yahoo”) violated the federal Stored Communications Act (“SCA”) and California’s Invasion of Privacy Act (“CIPA”) through its practice of scanning and analyzing emails of non-Yahoo Mail subscribers in order to display targeted ads to Yahoo Mail subscribers. In re Yahoo Mail Litigation, No. 13-CV-04980-LHK, (N.D. Cal. 2015). Plaintiffs are non-Yahoo Mail subscribers who sent emails to Yahoo Mail subscribers from non-Yahoo email accounts and allege that Yahoo routinely copies and extracts key words from emails and stores this information for later use. Plaintiffs allege that Yahoo’s practices violate § 2702(a)(1) of the SCA, which prohibits, among other items, divulging the contents of a communication without consent and § 631 of CIPA, which prohibits the recording or reading of any type of communication without the prior consent of all parties.

#Do-Not-Disclose — Twitter Sues Government Alleging Free Speech Violation

by

Posted in E-Discovery: Legal Decisions and Court Rules

On October 9, 2014

Twitter’s ubiquitous 140-character-or-less tweets are not, the company argues, sufficiently similar to email or other forms of stored electronic information to warrant lumping them together with the likes of Google, Microsoft, Facebook, Yahoo!, or Apple, all of which have agreed to restrictive limitations on their public reporting of government surveillance. Twitter has sued the U.S. Government in federal court in California to make its point.

Nothing “Safe” About It: Companies That Falsely Certify Compliance with the U.S.- E.U Safe-Harbor Framework May Receive Years of Regulatory Oversight

by

Posted in E-Discovery: Legal Decisions and Court Rules

On February 20, 2014

In 2000, the European Commission and U.S. Department of Commerce developed the so-called “U.S.-E.U. Safe-Harbor Framework” as a way to foster data transfer between the United States and E.U. countries notwithstanding concerns that U.S. privacy laws do not offer the same level of protection as E.U. laws with respect to personally identifiable information. As part of the safe-harbor framework, companies that choose to enter the program must publicly declare compliance with the safe-harbor requirements, which include adherence to seven privacy principles touching on the areas of notice, access, data integrity, individual choice (opt in/out rules), security, third-party transfer, and enforcement. The principle of “enforcement” includes making sure that procedures are in place to verify a company’s adherence to the rules and a sanctions regime sufficient to ensure compliance.

Updated California Online Privacy Laws Require Disclosure of “Do Not Track” Policies

by

Posted in E-Commerce / Privacy and Data Security

On October 23, 2013

Recently, California Assembly Bill No. 370 (AB370) was signed into law by Governor Jerry Brown. AB 370 amends California’s Online Privacy Protection Act of 2003 (OPPA) to require that the privacy policy provided by the operator of a website and online service describe how the operator will respond to consumer-initiated mechanisms for controlling the collection of consumer personally identifiable information (PII).

Obama Administration Proposes Cybersecurity Best Practices

by

Posted in Policies and Handbooks / Privacy and Data Security

On October 1, 2013

As practitioners are aware, in February 2013, President Obama issued an executive order directing federal agencies to create a set of voluntary cybersecurity standards and procedures for critical parts of the private sector. If followed, these “best practices” are intended to reduce the risk of a cyber attack and its attendant disruption of business.

Governor Christie Signs Legislation Protecting Social Networking Accounts of Employees

by

Posted in Policies and Handbooks / Privacy and Data Security

On September 25, 2013

On August 29, 2013, Governor Chris Christie signed a bill that prohibits most employers from requiring employees or prospective employees to disclose user names and passwords for social networking accounts like Facebook, Twitter and LinkedIn. The new law, which goes into effect December 1, 2013, makes New Jersey the 13th state to enact legislation protecting the social networking accounts of employees. The Gibbons Employment Law Alert previously covered the proposed bill before it became law.

A New Jersey Federal Court Holds that the Stored Communications Act Applies to “Wall Posts” on Facebook

by

Posted in Privacy and Data Security

On September 4, 2013

The Federal Stored Communications Act, 18 U.S.C. § 2701, et seq. (“SCA”), makes it unlawful to, among other things, “intentionally access[] without authorization a facility through which an electronic communication service is provided.” Violators are subject to imprisonment and fines, and the statute expressly authorizes a civil action for damages, injunctive relief and attorneys fees. A federal court in New Jersey has now held that the statute may apply to those who access information posted by a Facebook account holder on his or her Facebook “wall.” The defendant-employer in the case, Monmouth-Ocean Hospital Service Corp. (“MONOC”), was able to avoid liability under the SCA because the plaintiff could not establish that her employer violated the “without authorization” component of the statute. Ehling v. Monmouth-Ocean Hospital Service Corp. But the case puts employers on notice that they must tread carefully in this area.

Can You Find Me Now?: New Jersey Supreme Court Says Police Need a Warrant to Access Location Information From a Cell Phone

by

Posted in E-Discovery: Legal Decisions and Court Rules

On August 23, 2013

“Advances in technology offer great benefits to society in many areas. At the same time, they can pose significant risks to individual privacy rights.” So begins the recently-issued unanimous decision of the New Jersey Supreme Court in State v. Earls, in which the Court found that “cell-phone users have a reasonable expectation of privacy in their cell-phone location information” and, therefore, under the New Jersey Constitution, “police must obtain a search warrant before accessing that information.” Coming at a time when the public’s attention is particularly focused on the tension between technology and privacy, this opinion represents a groundbreaking new rule of law on the constitutional limits of new methods of tracking and surveillance. (See also the U.S. Supreme Court’s 2011 decision in United States v. Jones and the New York Court of Appeals’ recent opinion in Cunningham v. New York State Department of Labor.) With this unprecedented decision, the New Jersey Supreme Court becomes the first state supreme court to find a constitutionally-protected privacy right in the location of a personal cell phone.

Gov. Christie Issues Conditional Veto of Social Networking Privacy Bill

by

Posted in Privacy and Data Security

On May 9, 2013

On Monday, May 5, 2013, New Jersey Governor Chris Christie issued a conditional veto of Assembly Bill No. 2878, the controversial piece of proposed legislation that sought to bar most employers from requiring current or prospective employees to provide user names or passwords to social networking accounts and from inquiring as to whether current or prospective employees even had social networking accounts.

Use of Work Computer Results in Waiver of Marital Communication Privilege

by

Posted in Corporate Information and Records Management Policies

On February 21, 2013

In U.S. v. Hamilton, the United States Court of Appeals for the Fourth Circuit found that a husband who sent messages from his work email account to his wife, yet took no steps to protect the sanctity of those emails, waived the marital communications privilege, thus subjecting the emails to disclosure during discovery. This case serves as an important reminder that employees do not necessarily enjoy an expectation of privacy in the emails they send from their work accounts or while using their employers’ computers.

Connect:

About Gibbons

With 200 attorneys, Gibbons is a leading law firm in New Jersey, New York, Pennsylvania, Delaware, Washington, DC, and Florida, ranked among the nation’s top 200 by The American Lawyer. More…

Subscribe

Archived Blog Posts

Categories