Accepting Guest Blog Posts

I have accepted a position that will not allow me to write in 2016. However, I want to continue to provide information on cyber, intellectual property (IP), social media, security, privacy, and technology law and policy to you all.  So…. I am accepting  submissions from guest bloggers!

Please send me your best cyber, IP and tech law and policy posts. Many of this blog’s followers are entrepreneurs, technophiles, tech novices, bloggers, social media user and those intrigued by tech, so please cater your posts to that audience. Please send posts to thedigitalcounselor@gmail.com. I will notify you if your post is selected.

Thank you for your submission, in advance, and more importantly, THANK YOU FOR READING!

I hope the readers find previous posts and any information others are able to provide in my absence helpful! And I look forward to returning in 2017!!

The Future of the Internet of Things: Utopia or Disaster?

Guest post by Mr. Leon Silver.

Leon Silver, National Practice Group leader of Gordon & Rees’ Retail & Hospitality Practice Group and a privacy law expert, hosted a seminar on Privacy and The Internet of Things on June 25 at the State Bar of Arizona annual convention at the Arizona Biltmore. He provided this recap of the discussion.

Throughout the many articles and blog posts on the topic of the Internet of Things (IoT), I’ve noticed a recurring theme. Everyone is talking about the fact that no one is talking about the privacy implications of ubiquitous connectivity and data mining through the IoT. This summer I had the opportunity to lead a panel discussion at the Arizona State Bar convention to further the conversation about privacy and security on the Internet of Things.

The panel included K Royal, Privacy Counsel at CellTrust, Inc., an attorney and compliance professional with over 20 years of experience in the legal and health-related fields; Dan Christensen, Global Group Counsel of IT, Privacy & Security at Intel Corporation; and David Bodney, partner at Ballard Spahr, LLP, a litigator focusing on media and constitutional law.

I kicked things off by posing the question of the day: “Will the Internet of Things result in a utopian future, or a dystopian future?”

I then asked the audience not to shut off in our back pockets, but to grab their phones, turn them on and make use of them to actively share the information being discussed. My intention? To spark more of the very conversations the seminar was seeking to have.

We were honored to have guest speaker Frank Jones, vice president of the Internet of Things Group and general manager of the Operations and Group Marketing Division at Intel Corporation, share his insight with the group. Mr. Jones provided an overview of the vast scope and rapid progress being made on the IoT. He explained that in today’s world, we create as much electronic data every two days as we did from the dawn of civilization up until 2003.

The IoT will help solve challenges around the globe, he explained, by driving growth and helping to solve critical problems such as illiteracy and water supply. According to Mr. Jones, this movement is already in process and actually began with the introduction of the smartphone.

Intel is committed to making this a positive movement, he said. “The core value and base of IoT will be security,” said Mr. Jones. “Without security as the foundation, nothing is possible.”

In order for IoT to progress, “cooperation across the industry is necessary.” Mr. Jones said companies that are otherwise competitors will have to join forces and create a uniform platform to make way for IoT because this is something that can’t be done alone. With security as the foundation and an established industry-wide standard, adopting IoT to generate global solutions will be a reality.

In his words, IoT is about connecting the unconnected and unleashing data to enable unprecedented transformations. IoT will touch everyone on Earth.

So how much connectivity can we bear to have in our personal life?

As ideal and exciting as IoT seems to be, the panel, the audience and I were all too aware of the dangers and risks associated with this new era of technology.

I asked if the one layer of security that manufacturers build into systems is enough to protect us. Mr. Christensen replied, “No it’s not. One layer at the base is not enough.” He explained that IoT is like turning a house with only one, easily secured window, into a glass house. Massive vulnerability will be created, resulting in a lack of control. Repurposing of information will be an issue, the quality of user consent will be crippled, and jurisdiction creep will become a serious issue. How will security policies/laws change from country to country? These are just a few of various concerns raised by Mr. Christensen.

When asked who would own our personal information in this IoT era, Mr. Bodney said this would depend on the agreement. Very much like today, “If you want to participate, you are consenting.” It is unknown, however, how the law will treat this issue when data is collected without consent and in the gray areas of a person’s reasonable expectation of privacy. The commercial and private use of drones, for example, has raised far more questions than have been answered.

Ms. Royal questioned whether you could own private personal data when each country defines “private personal data” differently. In the U.S., federal rights to privacy are for customers of certain industries (education, health, financial). Other countries, however, ascribe privacy rights on the basis of being an individual, rather than being a consumer. While most agree that health data and financial information are sensitive, nations differ as to the scope. Israel, for example defines personality as sensitive information. Australia includes membership in a professional organization as sensitive, whereas here in the U.S., you can buy a list containing that information. Some countries define arrests as sensitive (not just convictions), whereas the U.S. considers that public information.

So what can be done to protect personal data? Ms. Royal informed the audience that there are companies that specialize in keeping information private. She suggested that consumers read through privacy policies, find “off” switches, and disconnect devices when not in use, install security updates, opt out of Wi-Fi connectivity on devices if it isn’t important to them, and accept the fact that devices collect data or stop using them altogether.

The biggest threat, Mr. Christensen explained, remains organized crime. “Organized crime is still the biggest problem area.” These are the groups that try to get into bank accounts — hacktivists and malicious insiders.

The audience wanted to know if there would be a group to lobby for the protection of privacy as the IoT movement takes off, and if so, what group they should be keeping an eye on. Ms. Royal said there has been a Consumer Privacy Bill of Rights push more than once, but unfortunately, it has never fully materialized.

In response to the question whether we can expect Congress to provide legal protection to children, Mr. Bodney stated that because the pace of technology is so rapid, Congress has a tough time keeping up. By the time Congress gets around to adopting these new laws and policies, said Mr. Bodney, technology will have surpassed any legislation. Regardless, young people have a different sense of privacy than older generations, he added. “They grew up in this environment and are far more comfortable in it.” Ms. Royal added that younger generations are often referred to as “digital natives” and older generations are considered “digital immigrants.”

Mr. Christensen believes manufacturers should cater to the consumers that value privacy. He mentioned consumers must be aware, however, of the risks they take every time they get a hold of new devices. For example, as soon as customers open a new Intel device, the first thing they see when they open the box is a note that informs customers that by turning on the device, they are agreeing to Intel’s terms and conditions, including their privacy policy.

If you value your privacy, Ms. Royal suggests looking for companies that feel the same way. “Maybe one day there will be a list of companies that value privacy.”

As the seminar came to a close, I asked each panel member the same question I had asked earlier. Will the Internet of Things result in a utopian future, or a dystopian future? Each panel member responded with an optimistic, “Utopian,” although some were more “cautiously optimistic” than others.

I urge that not only lawyers, but everyone, pay attention to our personal privacy and what is being done with our personal data.

 

Disclaimer: The views expressed here are solely those of the author in his private capacity and do not in any way represent the views of TheDigitalCounselor.com, any other poster/blogger of this blog or any entity affiliated with blog posters.

New gTLDs Causing Trouble for Twitter

Screen Shot 2015-07-15 at 10.07.30 AMYesterday, a website that looked exactly like Bloomberg posted “news” that there was a $31 billion buyout offer for Twitter. Ummm not true! The website, called http://www.bloomberg.market, featuring a new gTLD, was fake. And so was the report. The fake website was a near-identical replica of Bloomberg’s site, and even used Bloomberg reporter Stephen Morris’s byline. OpenOutcrier, a Twitter account that bills itself as a destination for “Real-time stock & option trading headlines, breaking news, rumors and strategy” was the first to post about the report, although Bloomberg employees were quick to point out it was fake.

Most discussions about new gTLDs causing problems for brand owners is preventative such as with the .SUCKS and .PORN domains. This incident is a good example of a new gTLD causing the damage brand owners are trying to prevent in those other cases. As a brand owner you should make sure to not only use these new gTLDs as a tool for branding but remain aware of the release of new gTLDs to proactively register relevant domains and/or monitor for infringement like this. There are a number of free monitoring tools like Google Alerts or Talkwalker that you can use to monitor use of your brand name.  And you can see which new gTLDs have launched and when so you can remain up to date on gTLDs that you should register from a branding perspective and/or from a brand protection perspective.

As a result of this false story, Twitter shares shot up, only to fall back down when Twitter corrected . It’s not clear who was behind the faux story. With all that’s going on with Twitter, including the CEO being replaced by co-founder Jack Dorsey earlier this month, this incident was believable.  This could have caused more damage to company finances, reputation, and consumer trust. Don’t let your brand be next! Fraudsters are very savvy as you can see.

Should You Trademark Your Website?

It is extremely important for companies to protect their intellectual property. Developing a comprehensive intellectual property plan is essential to protecting your investment and protecting your consumers from confusion.  Trademarking your brand names, slogans and company name as well as copyrighting blog content, original imagery, and other original works of authorship are commonly know areas of focus for companies and entrepreneurs.  You want to be in control of your brand, your content and your creations.

Now, according to one federal court, companies can use trademark law to protect the unique look and feel of their websites from imitators. As a result of this ruling, companies should consider registering their websites as trademarks with the U.S. Patent and Trademark Office (the “USPTO”).

The U.S. District Court for the Northern District of California recently ruled in Ingrid & Isabel, Inc. v. Baby Be Mine, LLC, No. 13-01806 (N.D. Cal. Oct. 1, 2014) that the look and feel of a website used to market and sell products and services can constitute protectable trade dress under Section 43 of the Lanham Act. See 15 U.S.C. § 1125(a) (2012). Trade dress, a derivative of trademark law, protects the total image of a business or product, including the arrangement of identifying features such as graphics, packaging, designs, shapes, colors, textures, and décor.

This is an important development for companies seeking to protect their brand online. Your website is an important part of your brand as a company. It is often a customer’s first impression and point of sale.  Previous case-law suggested that a website could constitute protectable trade dress only if the website itself was the product. See Conference Archives, Inc. v. Sound Images, Inc., No. 06-00076, 2010 WL 1626072 (W.D. Pa. Mar. 31, 2010) The Ingrid & Isabel case provides an opportunity to expand those protections. This decision is reminiscent of the USPTO allowing Apple, Inc. to register a trademark for the design and layout of its unique retail stores. Your website is in effect your online store. This is a great example of the law starting to catch up with the times. Companies seeking to take advantage of this protection must make sure their website is 1)distinctive or has acquired secondary meaning and is 2) nonfunctional.RegisteredTM

  1. The court noted that the “Supreme Court has held that ‘design, like color is not inherently distinctive’ [citing a case involving Wal-Mart.]  Given the conceptual similarity between ‘look and feel’ and ‘design,’ Wal-Mart suggests that Plaintiff must show that its website‘s ‘look and feel’ is distinctive through its secondary meaning.” This eludes to the fact that the design of a website is not “inherently” distinct. You want to secure these protections before someone seeks to copy your website. However, per previous case-law  “secondary meaning may be inferred from evidence of deliberate copying of the trade dress…” Therefore, if you can show that your competitor deliberately copied your website, that will help to support your claim for acquired distinctiveness.
  2. Functional elements cannot be protected as trade dress. However, according to the court in Ingrid & Isabel “the placement and arrangement of functional elements can produce a non-functional aesthetic whole.”

This is also an important decision from a cybersecurity perspective. Most consumers are lured into phishing and other fraud scams when malicious actors mimic the look and feel of a brand’s website. Armed with a similar site they can lure unsuspecting consumers to insert personally identifiable information and financial data into their fake site. This can result in identity theft and financial loss. This is another tool in a trademark owner or company’s arsenal to combat fraud and protect their customers.

If your website is distinct, talk to an attorney about protecting it. This is an important consideration and should be part of developing a comprehensive intellectual property plan.

Trade dress protection has existed for decades, but its usefulness for websites and other Internet-based applications has been limited. It will be interesting to see how courts continue to apply the law to websites, mobile apps, and other non-traditional mediums.

Note that the court didn’t determine the ultimate outcome of this case; that’s still in dispute. This ruling merely allowed Ingrid & Isabel’s claim on this point to proceed to trial.

Recent Virginia Case Carries Major Implications for Fingerprint Passcodes and Self-Incrimination

This article was originally published in the Spring 2015 issue of the Virginia Bar Association YLC Docket Call.

The ever-evolving technological landscape constantly elicits new and interesting questions of law. Privacy and data security are areas of contention and confusion for many. Why?  Because privacy limits are unclear because the reach of technology outpacing the evolution of the law. As cell phones have advanced, they have become essential to everyday life and are no longer merely phone used to make and receive calls. Cell phones are minicomputers filled with personal, and mostly private, information including calendars, alarm clocks, books, videos and photos. People store everything from grocery lists to banking information in phones. How do the laws that govern phones solely to make and receive calls apply to these new multifaceted devices? Courts and lawmakers are slowly answering that question.

In Reily v. California, the Supreme Court shed some light on privacy limits regarding cell phones.[1] The Court held that the police generally may not, without a warrant, search digital information on a cellphone seized from an individual who has been arrested. The Court characterized cell phones as minicomputers filled with massive amounts of private information, which distinguished them from the traditional items that can be seized from an arrestee’s person, such as a wallet. This ruling is a necessary stride towards deciphering how the Fourth Amendment applies in this digital age but leaves a lot of unanswered questions.

After obtaining a warrant to search a phone how will officers access the contents? Can officers compel the accused to provide one’s passcode or fingerprint? Existing laws do not apply smoothly and presents an interesting question: Is producing one’s passcode or fingerprint to allow access to digital information on a smartphone testimonial communication subject to the Fifth Amendment privilege against self-incrimination?[2] This was the question answered in the Virginia case Commonwealth of Virginia v. Baust.[3]

In Commonwealth of Virginia v. Baust, the defendant David Baust was indicted on charges of assault.[4] The victim alleged that video of the assault was on Baust’s smartphone.[5] The police obtained and executed a search warrant, retrieving (among other items) the smart phone.[6] However, the phone was “locked” and could only be entered using a passcode or fingerprint.[7] The court decided to review each method of entry separately under the Fifth Amendment and arrived at two different conclusions.

The court held that fingerprints and passcodes are different in the eyes of law because of the testimonial nature of providing a passcode, which violates the accused’s right not to incriminate him or herself. The Judge explained that Baust could not be compelled to provide his passcode to access the smartphone, but could be compelled to produce his fingerprint to access the phone.[8] Producing the passcode would require the defendant to divulge knowledge—information from his own mind, placing it in the testimonial realm.[9] However, he concluded that a personal fingerprint does not require any similar knowledge—it is equivalent to a key that fits into a lock.[10]

This legal distinction will have a major impact on smartphone users, especially as providers market the increased security of these alternate access mechanisms. Your fingerprint is advertised as a more secure method for accessing tour phone but presents vulnerability if ever compelled to provide access to your phone. The legal differences may not be clear to users, as the passcode and the fingerprint are functionally equivalent. Should they really be distinguished under the law? Is there a distinction between telling police a passcode and typing in the passcode so that police may gain access to a phone? By typing the code, the individual does not have to provide any knowledge (testimony) directly to the police, although still providing access to data that is potentially criminally incriminating. Is the outcome or the means more important, because although not a verbal testimony providing a fingerprint or writing a passcode may lead to criminally incriminating information?

This decision raises a lot of questions and determining privacy rights in our technology will only get more complex as technology continues to evolve. The court is being charged to assess the functional and technological implications of new technology and create laws with those perspectives in mind. This is a difficult balance. Consistency will also be important to citizens as they seek to protect themselves within the bounds of these laws.

Most immediately, in Virginia, you should protect your phone using a passcode, not your fingerprint.

 

 

[1] 134 S. Ct. 2473, 2477 (2014).

[2] Commonwealth of Virginia v. Baust, No. CR14-1439, at 2 (Va. 2d Cir. Ct. Oct. 28, 2014).

[3] Id. at 1.

[4] Id.

[5] Id.

[6] Id.

[7] Id.

[8] Id. at 4.

[9] Id. at 5.

[10] Id.

Internet Updates March 2015

Three of the most popular social media platforms—Facebook, Twitter and Reddit—have recently amended their terms of use to state that they will remove digital images of nudes that have been posted without the subjects’ permission. “Twitter executives have said the company will lock the accounts of users who post content that violates their user policy,” Mashable reports. These policies are critical weapon in the war against revenge porn because they can be used to remove revenge porn photos before they have been widely disseminated.

The Digital Advertising Alliance (DAA) recently announced two new mechanisms that will allow consumers to manage ad preferences on their mobile devices. (Loeb & Loeb LLP summarized the new mechanisms in an Alert.) These new consumer opt-out tools, which are intended to complement the existing opt-out mechanisms that are part of the DAA’s self-regulatory program for online targeted advertising, complete the DAA’s self-regulatory program for the mobile environment and set the stage for the enforcement of the program, which is expected to begin this summer.

Twitter revamped its retweet feature on Monday, making it easier for users to plug other people’s tweets and add commentary of their own, according to Mashable.  This latest approach does not require copy-pasting instead you’re prompted to insert a remark before hitting the retweet button.

Twitter’s new harassment-reporting tool is making it easier for users to report threatening tweets to the police. Users who report threatening tweets now have the option of receiving an emailed report, summarizing the tweet, when it was sent and other information that may be relevant to law enforcement. It’s still up to individual users, however, to bring these reports to the attention of police and other officials. It’s not clear what, if any, impact this will have for police investigations. For more information read the rest of Mashable’s article.  This is part of Twitters overall initiative to protect users and address incidents quicker.

Internet Law & Security Updates

So much is happening online that it can be hard to keep up. I have compiled some of the most recent events in Social Media, Internet law & Cybersecurity. Know how these changes affect your privacy and other rights. If you have any questions leave them in the comments!

Social Media

Comments on social media considered and Facebook “Likes” enjoy federal protection. On August 25, the National Labor Relations Board found in Three D, LLC, d/b/a Triple Play Sports Bar and Grille v. Sanzone, Case No. 34-CA-012915, and Three D, LLC, d/b/a Triple Play Sports Bar and Grille v. Spinella, Case No. 34-CA-012926, that an employer had violated federal labor law by terminating an employee who had “liked” a former co-worker’s negative comment about the employer posted on Facebook.  The Board also ruled that the employer violated the National Labor Relations Act (the “Act”) by firing another employee for posting an expletive-laced comment about the employer in response to the former co-worker’s comment, and it found that the employer’s “Internet/Blogging” policy banning “inappropriate discussions” regarding the company unlawfully chilled employees’ exercise of their right to engage in protected, concerted activity under the Act.

BYOD

Reimburse employees for wireless service. A recent California ruling that requires companies to reimburse employees for wireless serviceAlthough the case raised more questions than it answered about what level of reimbursement is required, it seems clear that companies will bear a larger portion of the cost of BYOD programs than they had previously borne.

Security 
According to the New York Times, when one adds the compromised records in Target, PF Chang’s, Neiman Marcus, Sally Beauty, Michaels, UPS and others, the number of affected customers amounts to more than one-third of the U.S. population.

Home Depot the latest victim of security breach. Krebs has reported that it appears that two large dumps of purloined credit card numbers have made an appearance on the black market and that those numbers may have originated at Home Depot locations. Krebs’ reporting is here. This latest incident raises yet another round of concerns about the malware known as “Backoff” and the potential widespread effect on retailers. Home Depot has been hit with a class action lawsuit stemming from a suspected data breach at the home improvement retailer 

Using your cellphone’s gps to stay ahead of fraudsters. In a new effort to use technology to foil credit-card fraud, a company called BillGuard is testing a system that would monitor the precise whereabouts of mobile devices to detect possible payment issues. The tech firm is tracking mobile-phone locations in an attempt to stay one step ahead of fraudsters. Because smartphones are almost always near their owners, the technology would register and flag those occasions when a phone is not near the owner’s credit card. The technology would only be used with the consumer’s consent.

Healthcare.gov Server Hacked.The Department of Health and Human Services disclosed on Sept. 4 that malware had been uploaded on the Obamacare test server back in July. HHS officials say the malware was designed to launch a distributed-denial-of-service attack against other websites when activated and not designed to exfiltrate personally identifiable information. No consumer data was exposed in the incident, officials say (see HealthCare.Gov Server Hacked).

Apple plans to add safeguards to help address security vulnerabilities exploited by celebrity-photo hackers. The proposed changes include alerting users – using both e-mails and push notifications to devices – every time someone:

  • Changes an account password;
  • Uses a new device to log into an account;
  • Restores an iCloud backup to a new device.

After receiving a related alert, the user can immediately change their account password, or file a report of a suspected security breach with Apple. The company has yet to detail how exactly it will respond to those reports.

Privacy

Magazines in Michigan cannot share your personal information. The Michigan’s Video Rental Privacy Act limits the ability of companies to disclose information regarding customers’ video rental activities. In a case filed by a consumer who alleged that a magazine company had improperly disclosed her personal information, along with information about the magazines to which she subscribed, the U.S. District Court for the Eastern District of Michigan recently held that the law does in fact apply to magazines. The court noted that the statute is directed to companies “engaged in the business of selling at retail, renting, or lending books or other written materials, sound recordings, or video recordings,” and that magazines constitute “other written materials.”

They’re Lying! How to Combat Online Defamation

Has anyone ever posted false information about you or your company online? I don’t mean things you would prefer not to be out there but​ completely false and potentially damaging information. If you have you know how overwhelming it can seem to get this information down because it can so quickly “go viral” and often is unattributable. Luckily, there are steps you can take to get this information down.

First Line of Defense: Terms of Service
Most online service providers (OSPs)​ have Terms of Service (ToS) or Terms of Use (ToU) that govern the use of their website. Usually those terms prohibit the posting of defamatory material and include the OSP’s right to remove such content.  Even websites that offer consumers places to “vent” and post complaints about companies and individuals, such as RipOffReport.com and Complaints.com,  usually require that users post only information that is truthful and accurate.  Unfortunately, there is not validation process to confirm accuracy prior to posting.

If you identify false and potentially defamatory information about you or your company online, your first step is to check the site’s terms of service. If this is a violation of their terms of service, contact the OSP where the content is posted and notify them of the violation of their terms of service.  Many of the sites we frequent and use to promote our businesses have forms or contact emails designated for this purpose. At the end of this post you will find resources for reporting defamation on a few of the most popular social media sites.

The Content is on its own Website
If you identify potentially defamatory content on a website created but the poster they are not likely to have terms of service that you can use to make a case for removal. However, contact information is required when someone registers a website so you can often obtain the relevant contact information through a WhoIs search on a registrar website, such as whois.domaintools.com. Armed with this information you can work with an attorney to draft a cease and desist letter that will hopefully result in the removal of the content. Site owners do have the option for private registration so if they have elected this service this option is not feasible. Additionally, you should reserve this course of action for sites stood up by the poster because hosts, ISPs, and other OSPs are protected from litigation under the Communications Decency Act.

Dealing with Mr. Anonymous
If you are unable to identify the poster or are unable to get assistance from the OSP you still have legal recourse to get the content removed. Legal proceedings can be commenced against anonymous “John Doe” Internet users.  Once an action is filed, a subpoena can be served on the host website to obtain the Internet Protocol (“IP”) address of the perpetrator, as well as other personally identifiable information (“PII”). You can also subpoena the ISP that assigned the IP address to discover the perpetrator’s identity.

Beware of SLAPP
SLAPP stands for Strategic Lawsuit Against Public Participation, which essentially is a lawsuit filed against a defendant in retaliation for speaking out on a public issue or controversy in, for example, a blog or social media. The goal is to burden them with legal fees until they abandon their criticism. Over half of the states in the United States and District of Columbia have enacted “anti-SLAPP” legislation to protect an individual’s right to free speech and prevent such lawsuits.  “Public issues” include those involving celebrities, public officials and the financial solvency of large companies.

The defendant can use SLAPP to get the suit dismissed. If a defendant is able to demonstrate that the SLAPP action was brought merely for harassment purposes, he or she may file a “SLAPPback” lawsuit against the plaintiff.

If the potentially defamatory statement is not of public interest about a public issue, there really is no SLAPP concern.  Of course, if the subject statement truly is defamatory and all of the elements of a defamation claim are present, there really is no SLAPP concern either way. Make sure the content you seek removal for is truly defamatory if you elect to pursue a lawsuit or other legal action. 

Have you ever been the victim of defamatory content online? How did you handle it? Do you have any tips to add?

Content Removal Resources:

 

​**”Defamation” is a catch-all term for any statement that hurts someone’s reputation. Written defamation is called “libel,” and spoken defamation is called “slander.” Defamation is a legal conclusion that can only be made by a judge. ​

 

SCOTUS rules that police need a warrant to search cell phones

As we become more reliant on our devices, they collect more data on us, much of which is extremely private. Access to this data has been a point of contention for some time. The Supreme Court’s decision to hear Riley v. California presented an opportunity to draw clear boundary for police in the area of personal privacy.   Privacy groups have been advocating for requirements on how and when cell phone data can be accessed and used by the government since that decision. On June 25, 2014,the Supreme Court announced a win for personal privacy by deciding that a warrantless search of a suspect’s cellphone data incident to arrest is unconstitutional.

Case Highlights

  • “Modern cell phones are not just another technological convenience. With all they contain and all they may reveal, they hold for many Americans ‘the privacies of life.’”
  • The Court observed that modern phones are mini-computers that perform multiple functions and hold immense amount of personal data, and were themselves inconceivable when the Court had originally permitted police to search individuals incident to arrest.
  • The Court acknowledged that searching a cell phone can potentially expose more information to the government than a search of an individual’s house, given the amount of data typical phones can store. The fact “that technology now allows an individual to carry such information in his hand does not make the information any less worthy of . . . protection.”
  • The Court makes clear that “Privacy comes at a cost,” and that the warrant requirement is “an important working part of our machinery of government” that must be respected.
  • The Exception: Although the Court dismissed all of the arguments that were presented for justification of a warrantless search they did say that in “exigent” circumstances like prevention of a terrorist plot or finding a missing child, that police are able to proceed without a warrant. However, after such a warrantless seizure, a court would still have to “examine whether an emergency justified a warrantless search in each particular case.”

Bottom line

From now on, your phone should not be searched just because you have been arrested. Officers must have a warrant to search your phone, aside from a narrow exception.

What’s Next

This case will play a major role in the already contentious debate surrounding personal privacy. It will be interesting to hear how this changes the application of Fourth Amendment protections to searches and seizures of all computers.

Internet Updates June 2014

There is so much going on in the Internet space that I have compiled some of the most interesting happenings of June. They all link to more info. Please read, enjoy and let me know if you want me to expand on anything!

Are threats made on social media protected free speech, or potentially criminal actsThe U.S. Supreme Court has agreed to examine the constitutionality of a federal law making it a crime to transmit communications containing “any threat to injure the person of another.” In this case, the “threats” were in a series of Facebook postings.

Be careful what you post on Facebook, you might get a ticket for it… A woman in a Chicago suburb received a $50 ticket in the mail alleging that she had used a dog park without a permit. The ticket was based entirely on a Facebook posting that the woman had made, and the police immediately rescinded it, saying  that they do not monitor social media in search of potential lawbreakers.

It might be a crime to friend your boss if you live in Arkansas! Arkansas legislators are considering changing a 2013 law after Facebook informs them that the law may have inadvertently made it a crime for a boss and an employee to become Facebook friends.

Snapchat may have competition. According to the Los Angeles Times, Facebook prematurely released, then withdrew, a new mobile app called Slingshot that is intended to compete with Snapchat and permit users to send each other photo and video messages.

Is Twitter in trouble? Twitter’s leadership was thrown into disarray on June 12 after Ali Rowghani resigned suddenly as the company’s chief operating officer amid a dispute with Chief Executive Dick Costolo. Twitter’s stock has fallen about 42 percent this year as concerns have arisen that the company is not signing up enough new users.

Should you make social media rules for your marriage? More and more couples are sitting down with their lawyers before marriage to discuss a social media clause in their prenuptial agreement – covering what they can and cannot say or post about each other. These agreements appear to be enforceable in court if they are specific enough.

The CIA is on Twitter! The CIA has entered the realm of social media, setting up a Twitter presence and a Facebook account. There one can find, among other things, reflections on intelligence history and fun facts from the CIA World Factbook.

Can’t ask for personal social media account logins in Louisiana! 
On May 23, Louisiana became the latest state to enact a law prohibiting employers and public and private educational institutions from requiring applicants, employees, and students to provide access to their personal online accounts.

Every company would be well advised scrutinize their marketing practices on an ongoing basis to ensure that they do not inadvertently expose the company to risks under the Lanham Act. Two US Supreme Court cases decided this term could result in a substantial increase in the number of Lanham Act claims brought under that statute alleging “unfair competition” resulting from product labeling and marketing practices that are alleged to be false or misleading.

  • Lexmark International, Inc. v. Static Control Components, Inc., No. 12-873, slip op. (March 25, 2014), in which the Supreme Court broadly construed the Lanham Act to permit lawsuits by all companies alleging injuries that were proximately caused by false or misleading advertising or promotion, even if the plaintiff was not a direct competitor of the defendant and suffered only “collateral damage.”
  • Pom Wonderful LLC v. Coca-Cola Co., No. 12–761, slip op.  (June 12, 2014), the Court’s second Lanham Act case of the term,  in which it eliminated a potential safe harbor from Lanham Act claims for companies in regulated industries who complied fully with applicable regulations regarding the labeling and marketing of their products.

Interested in being social anonymously? It is harder than you think… Recently a variety of “private” media platforms have emerged. For years, social media platforms have facilitated (or even, in many cases, required) us to use our real identities, with the aim of building friendships and networks in the online world. But these new social media apps (such as “Secret,” “Whisper,” “Yik Yak”) are designed specifically to enable users to share posts anonymously.

“Anonymous” doesn’t necessarily mean anonymous. Even if users are not required to provide any form of contact details to use an anonymous app, the app is very likely to collect certain information that will help identify the user (e.g., the unique digital ID of the user’s phone, location information, etc.). Therefore, it could be be fairly easy to trace a user if required (e.g., by subpoena/court order). Indeed Secret’s Terms of Service state, “We may share information about you … in response to a request for information if we believe disclosure is in accordance with any applicable law, regulation or legal process, or as otherwise required by any applicable law, regulation or legal process.”

For more updates visit: http://www.sociallyawareblog.com