Accepting Guest Blog Posts

I have accepted a position that will not allow me to write in 2016. However, I want to continue to provide information on cyber, intellectual property (IP), social media, security, privacy, and technology law and policy to you all.  So…. I am accepting  submissions from guest bloggers!

Please send me your best cyber, IP and tech law and policy posts. Many of this blog’s followers are entrepreneurs, technophiles, tech novices, bloggers, social media user and those intrigued by tech, so please cater your posts to that audience. Please send posts to thedigitalcounselor@gmail.com. I will notify you if your post is selected.

Thank you for your submission, in advance, and more importantly, THANK YOU FOR READING!

I hope the readers find previous posts and any information others are able to provide in my absence helpful! And I look forward to returning in 2017!!

Internet Updates June 2014

There is so much going on in the Internet space that I have compiled some of the most interesting happenings of June. They all link to more info. Please read, enjoy and let me know if you want me to expand on anything!

Are threats made on social media protected free speech, or potentially criminal actsThe U.S. Supreme Court has agreed to examine the constitutionality of a federal law making it a crime to transmit communications containing “any threat to injure the person of another.” In this case, the “threats” were in a series of Facebook postings.

Be careful what you post on Facebook, you might get a ticket for it… A woman in a Chicago suburb received a $50 ticket in the mail alleging that she had used a dog park without a permit. The ticket was based entirely on a Facebook posting that the woman had made, and the police immediately rescinded it, saying  that they do not monitor social media in search of potential lawbreakers.

It might be a crime to friend your boss if you live in Arkansas! Arkansas legislators are considering changing a 2013 law after Facebook informs them that the law may have inadvertently made it a crime for a boss and an employee to become Facebook friends.

Snapchat may have competition. According to the Los Angeles Times, Facebook prematurely released, then withdrew, a new mobile app called Slingshot that is intended to compete with Snapchat and permit users to send each other photo and video messages.

Is Twitter in trouble? Twitter’s leadership was thrown into disarray on June 12 after Ali Rowghani resigned suddenly as the company’s chief operating officer amid a dispute with Chief Executive Dick Costolo. Twitter’s stock has fallen about 42 percent this year as concerns have arisen that the company is not signing up enough new users.

Should you make social media rules for your marriage? More and more couples are sitting down with their lawyers before marriage to discuss a social media clause in their prenuptial agreement – covering what they can and cannot say or post about each other. These agreements appear to be enforceable in court if they are specific enough.

The CIA is on Twitter! The CIA has entered the realm of social media, setting up a Twitter presence and a Facebook account. There one can find, among other things, reflections on intelligence history and fun facts from the CIA World Factbook.

Can’t ask for personal social media account logins in Louisiana! 
On May 23, Louisiana became the latest state to enact a law prohibiting employers and public and private educational institutions from requiring applicants, employees, and students to provide access to their personal online accounts.

Every company would be well advised scrutinize their marketing practices on an ongoing basis to ensure that they do not inadvertently expose the company to risks under the Lanham Act. Two US Supreme Court cases decided this term could result in a substantial increase in the number of Lanham Act claims brought under that statute alleging “unfair competition” resulting from product labeling and marketing practices that are alleged to be false or misleading.

  • Lexmark International, Inc. v. Static Control Components, Inc., No. 12-873, slip op. (March 25, 2014), in which the Supreme Court broadly construed the Lanham Act to permit lawsuits by all companies alleging injuries that were proximately caused by false or misleading advertising or promotion, even if the plaintiff was not a direct competitor of the defendant and suffered only “collateral damage.”
  • Pom Wonderful LLC v. Coca-Cola Co., No. 12–761, slip op.  (June 12, 2014), the Court’s second Lanham Act case of the term,  in which it eliminated a potential safe harbor from Lanham Act claims for companies in regulated industries who complied fully with applicable regulations regarding the labeling and marketing of their products.

Interested in being social anonymously? It is harder than you think… Recently a variety of “private” media platforms have emerged. For years, social media platforms have facilitated (or even, in many cases, required) us to use our real identities, with the aim of building friendships and networks in the online world. But these new social media apps (such as “Secret,” “Whisper,” “Yik Yak”) are designed specifically to enable users to share posts anonymously.

“Anonymous” doesn’t necessarily mean anonymous. Even if users are not required to provide any form of contact details to use an anonymous app, the app is very likely to collect certain information that will help identify the user (e.g., the unique digital ID of the user’s phone, location information, etc.). Therefore, it could be be fairly easy to trace a user if required (e.g., by subpoena/court order). Indeed Secret’s Terms of Service state, “We may share information about you … in response to a request for information if we believe disclosure is in accordance with any applicable law, regulation or legal process, or as otherwise required by any applicable law, regulation or legal process.”

For more updates visit: http://www.sociallyawareblog.com

Will Congress Limit NSA Data Collection?

Do you know when and how the government can access your telephone records? Do you care? Do you worry about your personal privacy? Well, there is major legislation on the horizon that will affect how and when your data is collected and retained.

Image courtesy of cuteomatic.com
Image courtesy of cuteomatic.com

On May 22, 2014, the United States House of Representatives passed bill H.R. 3361, the USA Freedom Act, aimed at limiting the federal government’s ability to collect bulk phone records and also increasing transparency. This bill, supported by the President, received bipartisan support. It restricts the data collected from communications companies by the NSA and other intelligence agencies. One of the goals is to minimize the retention and dissemination of non-public data. The House’s approach to data retention is to have telecoms store the data, to be made available to the government, by request. The bill has no mandated retention period. Finally, the bill also extends certain provisions of the USA Patriot Act, scheduled to expire in 2015.

What will the Senate do? It has been almost a month since they’ve received the bill and it has not yet passed.  Senate Intelligence Committee chair Dianne Feinstein (D-Calif.) said that she wanted to find a way to get the USA Freedom Act (H.R. 3361) passed, though she would prefer that the government, rather than telecom companies, retain the responsibility for storing and analyzing data.

The European Court of Justice recently determined that their data retention law, which is similar to the House’s bill, violates the fundamental rights of citizens. How should this determination play into the U.S.’s data retention law? If its a violation of the fundamental rights–namely privacy–for European citizens, does it violate the fundamental rights of US citizens? How do you want any data collected by your telecom company stored and accessed?  The expiration of portions of the US Patriot Act, as well as the call for data retention, and surveillance reform in the wake of the Snowden leaks raise a lot of questions. Now is the time for the US government to pass legislation that both protects the privacy of citizens and aids in protecting national security.

Get involved in this debate!

For more information about this issue and how the European Court of Justice’s decision factor’s in the debate, read the article I published,  “Does Personal Privacy Matter? Developments in EU and US Data Retention Law” in the American Bar Association’s Information Security & Privacy News.

35 Senators Ask Tough Questions Re: Internet Transition

Today, 35 U.S. Senators lead by Senators John Thune (R-S.D.) and Marco Rubio (R-Fla.) sent a letter to the National Telecommunications and Information Administration (NTIA), seeking clarification regarding the recent announcement that NTIA intends to relinquish responsibility of the Internet Assigned Numbers Authority (IANA) functions to the global multistakeholder community. Read my previous post “US to Relinquish Control of the Internet” for more background on this issue.

The letter express the group’s “[strong] support [of] the existing bottom-up, multistakeholder approach to Internet governance.” The letter highlights bipartisan support of S. Con. Res 50 in 2012 that reinforces “the U.S. government’s opposition to ceding control of the Internet to the International Telecommunications Union (ITU), an arm of the United Nations, or to any other governmental body.”

The group cautions: “We must not allow the IANA functions to fall under the control of repressive governments, America’s enemies, or unaccountable bureaucrats.”  To read the full text of the letter click here.

As you read it I encourage you to think about a few things: 

Are these the right questions?

These are fair questions and likely on the minds of those invested in the outcome of this transition. ICANN & NTIA have pledged transparency throughout this process, therefore, I look forward to their candid responses. None of the questions are out of line or beyond the scope of Congressional oversight.

What other questions should we ask?

The answers to these questions will spark additional questions. However, in my opinion, there are a few other questions the Senators could have posed.

  • What happens if the deadline is not met? Is the US prepared to renew the contract? Is the US prepared for the international backlash if the deadline is not met?
  • Does the structure of an organization like ICANN, that has an entire constituency of comprised of government representatives (GAC),  meet the nongovernmental multistakeholder model? To what extent and how are governments going to be kept out of oversight after the initial launch?
  • Whose interests does NTIA seek to serve or protect by initiating this transition?

What other questions do you have?

How hard do you want Congress to push on this issue?

Transparency will help alleviate fears and misconceptions. I think the answers to these questions and those likely to follow with help shape the dialogue as this process continues. Gaining the confidence of the American people and other inter nation critics will serve to make this a smoother process for NTIA and ICANN. I encourage Congress to pursue the answers to these questions and then decisions can be made about how to proceed.

This issue has a long way to go before we can develop a definitive perspective on the positive or negative effect this will have on the future of the Internet.  I will continue to monitor the developments but I encourage you think about what concerns you most and leave your thoughts in the comments.

 

The below are highlights of the questions asked:

  • Please provide us with the Administration’s legal views and analysis on whether the United States Government can transition the IANA functions to another entity without an Act of Congress. 
  • Please explain why it is in our national interest to transition the IANA functions to the “global multistakeholder community.” 
  • Why does the Administration believe now is the appropriate time to begin the transition, and what was the specific circumstance or development that led the Administration to decide to begin the transition now?
  • What steps will NTIA take to ensure the process to develop a transition plan for the IANA functions is open and transparent?
  • Will NTIA actively participate in the global multistakeholder process to develop a transition plan for the IANA functions, or will the Administration leave the process entirely in the hands of ICANN?
  • What specific options are available to NTIA to prevent [a government or inter-governmental solution] from happening?
  • How can the Administration guarantee the multistakeholder organization that succeeds NTIA will not subsequently transfer the IANA functions to a government or intergovernmental organization in the future, or that such successor organization will not eventually fall under the undue influence of other governments?
  • How did NTIA determine that ICANN is the appropriate entity to lead the transition process, and how will NTIA ensure that ICANN does not inappropriately control or influence the process for its own self-interest? 
  • Does NTIA believe ICANN currently is sufficiently transparent and accountable in its activities, or should ICANN adopt additional transparency and accountability requirements as part of the IANA transition? 
  • Is it realistic to expect that an acceptable transition plan can be developed before the IANA functions contract expires on September 30, 2015?  Is there another example of a similar global stakeholder transition plan being developed and approved in just 18 months? 
  • How will NTIA ultimately decide whether a proposed transition plan for IANA, developed by global stakeholders, is acceptable?  What factors will NTIA use to determine if such a proposal supports and enhances the multistakeholder model; maintains the security, stability, and resiliency of the Internet Domain Name System; meets the needs and expectation of the global customers and partners of the IANA services; and maintains the openness of the Internet? 
  • Will NTIA also take into account American values and interests in evaluating a proposed transition plan?  How? 

Bitcoin: How will this new “currency” affect you?

The other day I was making a purchase online and listed along with the other payment options– pay pal and credit card– was bitcoin…. What’s a bitcoin?  Can you actually use this to make purchases? Is this form of payment secure? How do I get bitcoins?

What is a Bitcoin?
 

A bitcoin is a form of virtual currency that only operates in cyberspace.

A virtual currency can be defined as a type of unregulated, digital money, which is issued and usually controlled by its developers, and used and accepted among the members of a specific virtual community. In 2009, the “Bitcoin” network was launched, introducing a worldwide virtual currency.

Bitcoin permits buyers and sellers to interact anonymously to facilitate instantaneous payments for goods and services, without the involvement of a third-party such as a bank. Bitcoin may be purchased to start but you must “mine” bitcoins. Mining is a resource-intensive processes where miners use special software to solve math problems and are issued a certain number of bitcoins in exchange.  Here are a few interesting facts about Bitcoin:

  • Bitcoin is typically stored on a user’s personal computer or in cloud based accounts called “wallets.”
  • Bitcoin wallets do not meet the UCC’s definition of a deposit account as they are not maintained with a bank.
  • Bitcoin wallets are not insured by the FDIC.​
  • Bitcoin has a high likelihood for extreme value fluctuations.
  • Bitcoin is gaining popularity.
 
The Warning!
On March 11, 2014, FINRA issued an Investor Alert to caution investors of the “significant risks” of buying and speculating in bitcoin and other digital currencies, as well as the risk of fraud and cybercrime related to online bitcoin exchanges and other bitcoin-related service providers.
Specifically, the alert outlines several risks surrounding the usage of and speculating in bitcoin, including:

  • Bitcoin and other digital currencies are not legal tender and if the trust built up among individual users and businesses should vanish, bitcoin would be valueless.
  • Online exchanges that allow users to buy and sell bitcoin and digital wallet services that allow users to store bitcoin are magnets for cyberthieves.
  • Because bitcoin transactions are essentially anonymous, users must take extra care to avoid fraudsters posing as legitimate services.
  • Bitcoin has been used for illicit transactions and such activities could impact users and speculators if an online exchange or service is shut down by law enforcement.
  • Price volatility has been bitcoin’s hallmark in recent years, and there is no uniform value of bitcoin across the various exchanges.

Is bitcoin the future?
Given the variable nature of bitcoin, it’s hard to foresee the future. Many questions remain: How will state or federal legislators regulate the bitcoin system?  Will volatility and data security destroy confidence in bitcoin?  Will bitcoin emerge as a standard payment option, remain a niche product, or otherwise become less interesting, but more predictable under new regulations? Will the average consumers embrace this new currency?

 
​Should Small Business Owners Use Bitcoin?
I would caution against it if your company will not survive the associated risks and building the necessary infrastructure. Accepting bit coin will necessitate updates to refund and exchange policies, calculation of sales tax, when to lock in the rate, etc.  Additionally, users will need to monitor developing regulations and consumer perception of bitcoin.  This volatility can be hard on sellers especially small sellers that rely on every dollar to survive and thrive. 
 
The retailers and other businesses that have announced that they are accepting bitcoin as payment are not established “brand” names that perhaps have a higher risk tolerance. One exception may be Overstock.com.  The major brands may soon follow. We have seen Vegas casinos, and Congressman accepting bitcoin.  But it seems the major brands are waiting to see how legislation develops,how consumer opinion develops, if the value will stabilize, etc before dabbling in a currency that offers little to no stability. The companies using bitcoin are predominately brands that have the benefit of anonymity, are seeking publicity or have a consumer base that is actively using bitcoin and will understand the volatility. Unless you run a tech business that caters to the bitcoin-savy, use caution when exploring new payment options. Your budding company may not bounce back from a dive in the value or new regulations that may emerge. Build a strong brand and strong consumer base then consider taking risks. Bitcoin may not be going away anytime soon but asses legal/regulatory, commercial/financial, and reputational risks before deciding whether to make bitcoin a part of your business.

 

US to Relinquish Control of the Internet?

On Friday, the U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) announced it is giving up control of a system that directs Internet traffic and Web addresses. As a result, Internet Corporation for Assigned Names and Numbers (ICANN), the nonprofit organization charged with managing the Internet, is tasked to convene global stakeholders to develop a proposal to transition the current role played by NTIA in the coordination of the Internet’s domain name system (DNS). This announcement came as a surprise to many but a coalition of nations has been calling for the US to relinquish control of the Internet for at least the last nine months. Politically this takes the US out of the line of fire but practically what does this do for the culture of the Internet?

Why is this important to you? Because it may change the Internet as you know it….

What exactly was the US Doing?

NTIA is the Executive Branch agency that advises the President on telecommunications and information policy issues. NTIA’s programs and policymaking focus largely on expanding broadband Internet access and adoption in America. NTIA controls the DNS which essentially converts the web addresses (URLs) we type in to the search bar into the correct IP address to retrieve the website you requested. Whether you are accessing a Web site or sending e-mail, your computer uses DNS to look up the domain name you’re trying to access. This system is essential to the functionality and security of the Internet.

If not the US, then who?
This contract to control DNS has allowed the U.S. government to exert what some claim is too much influence over the Internet. technology that plays such a pivotal role in society and the economy. So if not the US, then who with the world feel comfortable wielding that power and influence?

There’s a meeting, ICANN 49, March 23 in Singapore and the future of the Internet is at the top of the agenda.

According to Lawrence Strickling, assistant secretary at the Commerce Department, “[The department] will not accept a proposal that replaces the NTIA’s role with a government-led or intergovernmental solution.” Does that leave ICANN or a similar organization to maintain the DNS?

Why should you care?
Because this could mean a very different Internet…

While companies like Verizon applaud the moveITIF and other organizations have argued before that U.S. government oversight has played an essential role in maintaining the security, stability, and openness of the Internet and in ensuring that ICANN satisfies its responsibilities in effectively managing the Internet’s DNS. Without the U.S. government’s presence some lawmakers and members of the tech industry have expressed concern that relinquishing control of IANA will open up the Internet to threats from other governments that seek to censor it.  This could mean a very different Internet.

Are their concerns justified? No one really knows right now but what we can surmise is that the Internet is in for some changes in the years to follow the change of control. Many countries have dealt with privacy and censorship in ways different from that of the US. How will ICANN deal with these conflicting views democratically and ensure Internet users from all economies and sovereign nations will be represented and heard? Will the standards of openness and free flow of information embraced today remain the baseline? Does the “global multistakeholder community” NTIA is referring to exist? What is the legal jurisdiction for both ICANN and this new multistakeholder body?

There are no answers to these questions because so little is known about whats to come. I look forward to the information and ideas that flow from the ICANN meeting next week.  The questions need to be among those at the top of the list.

Do Not Track Me… But Cater to Me

We have all become accustomed to having our technology cater to most of our needs in very personal way. However, we all desire to retain a certain amount of privacy.  For example, our cellphones track our every move and click while occasionally make calls – and yet we would be lost without the maps and ability to request anything from “Siri.” Our cable boxes may bring our favorite shows and movies but they also report back to providers all of your family’s television viewing habits.  We all appreciate the convenience that customization provides however that means a loss of privacy….

Why Are We Worried?
The latest buzz word is the The Internet of Things (IoT). What is that? “The Internet of Things” refers to the concept that the Internet is no longer just a global network for people to communicate with one another using computers, but it is also a platform for devices to communicate electronically with the world around them. The result is a global “network of physical objects that contain embedded technology to communicate or interact with people, things, and the external environment. It includes everything from traffic sensors to refrigerators, thermostats, medical devices, and wristwatches that can track or sense the environment and use the data they collect to provide a benefit, or transmit the data to a central repository for analysis, or both.”

This network of objects enables providers of goods and services to use your personal behavior to profile and evaluate your activities and habits.  The Internet of Things will result in increased data collection, amplifying the importance of simplifying choices and giving control to individuals with real-time notices. Transparency will facilitate consumer understanding of the collection, use and sharing of personal data. However, there is a real danger of data being used in unexpected ways. The Internet of Things has created a potential perfect storm of four major information policy concerns: online safety, privacy, security, and intellectual property issues. The goal is to determine what “reasonable” expectations regarding data usage should be, and then manage consumer expectations accordingly. Measures ensuring the network’s resilience to attacks, data authentication, access control and client privacy need to be established.  An ideal framework would consider the underlying technology and involve collaboration on an international scale.

The need to balance reasonable activity on the Internet and use of The Internet of Things with responsible privacy protections is exponentially increasing. This balance is extremely important because the last thing we want is to stifle innovation by over legislating this area.

Laws to Watch
At least 14 states have proposed legislation on the 2014 docket that is intended to increase privacy protection for consumers and limit both government and private sector surveillance via the Internet of Things. At the federal level, several bills are already making their way through Congress.

State
AB370, an amendment to the California Online Privacy Protection Act of 2003 (“CalOPPA”). CalOPPA requires owners of commercial websites and online service providers (“operators”) to conspicuously post a privacy policy. The privacy policy must disclose to consumers, among other things, the categories of personally identifiable information (PII), such as name, hone address, email address, social security number,  the operator collects and with whom the operator shares such information. Operators affected by CalOPPA include website operators and, as interpreted by the California Office of Attorney General, operators of software and mobile apps that transmit and collect PII online.

Federal 
The Black Box Privacy Protection Act is a bill in front of Congress that prohibits the sale of automobiles equipped with event data recorders-unless the consumer can control the recording of information. Additionally, the data collected would belong to the vehicle owner.

The We are Watching You Act is a bill in front of Congress that requires the operator of a video service (such as a DVR or Xbox) to display the message “We are watching you” as part of the programming provided to the consumer prior to the device is collecting visual or auditory information from the viewing area. This is not likely to pass but its a sign of legislation to come.

The Federal Trade Commission (FTC) has this phenomenon on its radar, it hosted an all-day workshop entitled, “Internet of Things: Privacy and Security in a Connected World in November. The FTC has also released a number of reports and guidelines that direct business on how to protect consumer privacy.

International 
With Internet Governance on the forefront of international discussion, international “Internet of Things” legislation is not the priority and likely to be left up to each country to decipher. International collaboration on issues like this early is one out come I hope comes from these Internet Governance talks…. but we’re a long way out from that happening.

The examples listed are a narrow sampling of privacy legislation designed to protect users from unwanted intrusions. Most notably, states have passed a number of laws protecting privacy rights in recent years.

Conclusion
The Internet of Things will bring tremendous new benefits to consumers but we must balance the need for consumer privacy. State, federal and international regulators must work to restrict government and private-sector collection and control of the data IoT will create. In the meantime, make sure you are aware of the information you provide through your IoT. Explore privacy settings and read privacy policies if you are concerned about sharing too much data with providers. Know what your priorities are as it relates to customization and privacy. If you value convenience and do not mind a prying eye or two, if it means a personalized user experience, share your data freely. However, if you value preserving your privacy be proactive about doing so until lawmakers can find the appropriate balance. Do not shun technology just educate yourself.

Security Risks & the Healthcare Roll Out

Anticipation of the healthcare roll-out tomorrow, October 1, 2013, has sparked heated debate and concern over costs, employer rescission of benefits, and questions about the Health Insurance Marketplace. One question, raised by the FTC and other stakeholders, remains to be fully addressed: What security measures will be put in place to protect Marketplace consumers from identity theft?

The new Health Insurance Marketplace allows you to fill out an application and see all the health plans available in your area. While all insurance plans are offered by private companies, the Marketplace is run by either your state or the federal government. As designed, consumers create an account online or over the phone with a “navigator.”  Under the Affordable Care Act (ACA), the government is training additional customer service professionals to help consumers “navigate” the Health Insurance Marketplace. To create an account, participants must provide their personal data such as household size, income, passport, address, and potentially a social security number for every member of the household that needs coverage. 

What measures are being taken to dispose of information gathered by customer service professionals? What safeguards are in place to prevent identity theft? Scammers are already calling consumers and pretending to be navigators to gather their personal information.  How will consumers know the difference?

​How to protect yourself in the interim:

  • Do not give personal information to cold calls or emails from navigators or others representing themselves as part of the Marketplace.
  • ​If you call-in or seek help in person, ask navigators what the internal policy is on handling your personal information. 
  • Share the least amount of information necessary when shopping for health plans.

For more information about the healthcare roll out visit healthcare.gov

Update October 1, 2013: The government has released the following on avoiding consumer fraud http://oig.hhs.gov/fraud/consumer-alerts/alerts/marketplace.asp

New gTLD Timelines

ICANN
New gTLD timeline

ICANN has released two new timelines for when we can expect the launch of the first new gTLDs (the part of the URL behind the “.” such as “.com” or “.mobi”).

The launch of these new gTLDs will have a lasting and significant effect on the way we use and operate the Internet. This fact is why new gTLDs have yet to launch. The industry is a buzz with the pros and cons of every aspect of this change. The confusion of consumers, protecting intellectual property, domain name approvals, potential monopolies, privacy, and other business concerns are on the forefront.  No interest group wants things to remain the same but with competing interests and priorities carving out new policy has been slower than anticipated.

I encourage consumers to remain aware of this development. This will develop the way we consume online information.   I will continue to write about the developments. Also visit some of my previous posts such as Will You Be Confused When the New gTLDs Launch?  Visit ICANN’s site on new gTLDs for developments.

What are you concerned about? Are you interested in hearing more about the effect this will have on businesses and families?

 

Social Networking Online Protection Act: Will this Protect your Social Media Privacy Rights?

Representative Eliot Engel (D-NY) introduced the “Social Networking Online Protection Act,” H.R. 537 to Congress in February.  This bill would be the national version of the social media privacy laws popping up in states nationwide. Increasingly employers and other authority figures have asked employees and others to turn over their username or passwords for their personal accounts. State legislators began introducing legislation in 2012 to prevent employers, colleges, etc. from requesting passwords to personal Internet accounts—including email, banking and social networking sites—in order to get or keep a job or regulate student activity.

Unlike most of those state laws, the bill would also protect passwords to email accounts. Seven states, California, DelawareIllinoisMaryland, Michigan, New Jersey and most recently Utah, currently have social media privacy laws on the books prohibiting requesting or requiring an employee, student or applicant to disclose a user name or password for a personal social media account. California, Illinois, Maryland, Michigan, and Utah laws apply to employers. California, Delaware, Michigan and New Jersey have laws that apply to  academic institutions.

Will this bill solve the privacy issues that occur when an employer or academic institutions requires revealing your password for your personal account?

Limits must be set for how and when authority figures such as employers, coaches, professors, etc, can access private social media information. Anything made public by the user is fair game because that is the information they have elected to present to the world. Reputation and public persona are important to potential and current employers and university officials because that information can affect public perception of them.  Although our online image is important and can provide a lot of information about an individual, the information that’s private should be kept that way.  A private photo album on Facebook can be likened to a photo albums kept at home vs. photos you display at work or in a public album online.  Privacy is a fundamental right and should be preserved.

Lets take a closer look at a few key points of the bill…

Under the federal bill social networking is defined as:

“[A]ny Internet service, platform, or website that provides a user with a distinct account–

“(A) whereby the user can access such account by way of a distinct user name, password, or other means distinct for that user; and

“(B) that is primarily intended for the user to upload, store, and manage user-generated personal content on the service, platform, or website.”

Defining “social networking” or “social media” could be problematic with the discrepancy between the rate of evolution of social media and the rate of evolution of the law.  Maryland’s approach of  focusing on whether the circumstance at hand involves a user name or password, and leaves vague the nature of the account or service to which the user name or password relates might be better for keeping this law relevant long term.

The bill does specify that it must be a personal account preserving and employer’s interest in accounts the own or accounts operated by employees for business purposes.  Employees and students should be careful not to mix business and personal accounts. Accounts where the line between business and personal will be where the limits of this law are fleshed out.

Enactment of the law would curtail the need for more sate laws on the issue and provide uniform protect. Uniform standards make drafting policies a lot easier for employers and universities.  They also help users know the limits of their protection nationwide, there are no worries of where to bring a suit if you feel your privacy rights have been violated in this way.

Some wonder if this is a matter for federal law?  Well, I think the answer lies in the answer tot he question “Whose job is it to protect the privacy rights of American citizen?”

My answer to the question indicates that Congress is well with its bounds.  What do you think?