Accepting Guest Blog Posts

I have accepted a position that will not allow me to write in 2016. However, I want to continue to provide information on cyber, intellectual property (IP), social media, security, privacy, and technology law and policy to you all.  So…. I am accepting  submissions from guest bloggers!

Please send me your best cyber, IP and tech law and policy posts. Many of this blog’s followers are entrepreneurs, technophiles, tech novices, bloggers, social media user and those intrigued by tech, so please cater your posts to that audience. Please send posts to thedigitalcounselor@gmail.com. I will notify you if your post is selected.

Thank you for your submission, in advance, and more importantly, THANK YOU FOR READING!

I hope the readers find previous posts and any information others are able to provide in my absence helpful! And I look forward to returning in 2017!!

Great Opportunity for Women Entrepreneurs in DC!

fastrac2 fastrac

Dear Entrepreneurs,

DC Women’s Business Center has announced FastTrac New Venture is now open for enrollment!

This 12 week course assists early stage entrepreneurs in successful completion of their business plan. Through weekly classes and 1-on-1 business counseling, entrepreneurs will access the small business resources needed to grow a successful enterprise.

Topics for this course include:

  • Identifying and Meeting Market Needs
  • Setting Financial Goals
  • Reaching the Market
  • Planning for a profitable Business

Courses begin February 17, 2015 and will meet every week through May 19, 2015. All sessions are 2:00pm – 5:00pm unless otherwise noted. This is a competitive application process so they request you submit a thoughtful and complete application.

Click here to submit an application!

New gTLDs as a Branding Tool for Entrepreneurs

The launch of new gTLDs (generic top-level domains) provide an amazing opportunity for entrepreneurs and small to medium businesses to further brand their business in their domain name. A gTLD is the part of you domain after the “.”.  Having fun with you website domain can help you stand out as you market yourself and establish your brand. Emphasize your company’s mission, expertise, experience, niche, etc through the top-level domain you use. Also if your company name or other domain you sought to register is taken on .com there are new and exciting options! Don’t miss out on companyname.rocks or company name.consulting.

You can register these new top-level domains just like you register a “.com” domain head to goDaddy, Namecheap, Name.com or your favorite registrar. This is something your should consider early in establishing your company. You don’t want to lose out on the perfect domain name.

This is an opportunity to accent your personal brand as well. As you establish your expertise and want to develop a website that showcases your skills you no longer are limited to firstnamelastname.com you can register firstnamelastname.esq, firstnamelastname.photography, or firstnamelastname.guru.  Grab your new domains as soon as they roll out!

Over 175 new domains have been released or delegated to date, with hundreds more on the horizon. You can view the available domains by visiting this page: http://newgtlds.icann.org/en/program-status/delegated-strings . This page lists the delegated domains, which means they are available for registration. This site will be updated as others are available.

Take advantage of this branding opportunity before others catch on!!
Examples of some new gTLDs that can make for a creative domain name:

.guru
.consulting
.cooking
.ventures
.photography
.active 
.expert 
.coach
.lifestyle
.shopping
.bar 
.pub
.events
.buzz
.solutions
.careers
.company
.management
.enterprises
.technology
.holdings
.rocks
 
Visit my older posts for more information on this launch: What do you know about the new top level domains?Will You Be Confused When The New Generic Top Level Domains (gTLDs) Launch?​; &​ Five things you should know as the new gTLDs launch.  And as always ask questions in the comments and share your successes and observations re: new gTLDs!​
 

35 Senators Ask Tough Questions Re: Internet Transition

Today, 35 U.S. Senators lead by Senators John Thune (R-S.D.) and Marco Rubio (R-Fla.) sent a letter to the National Telecommunications and Information Administration (NTIA), seeking clarification regarding the recent announcement that NTIA intends to relinquish responsibility of the Internet Assigned Numbers Authority (IANA) functions to the global multistakeholder community. Read my previous post “US to Relinquish Control of the Internet” for more background on this issue.

The letter express the group’s “[strong] support [of] the existing bottom-up, multistakeholder approach to Internet governance.” The letter highlights bipartisan support of S. Con. Res 50 in 2012 that reinforces “the U.S. government’s opposition to ceding control of the Internet to the International Telecommunications Union (ITU), an arm of the United Nations, or to any other governmental body.”

The group cautions: “We must not allow the IANA functions to fall under the control of repressive governments, America’s enemies, or unaccountable bureaucrats.”  To read the full text of the letter click here.

As you read it I encourage you to think about a few things: 

Are these the right questions?

These are fair questions and likely on the minds of those invested in the outcome of this transition. ICANN & NTIA have pledged transparency throughout this process, therefore, I look forward to their candid responses. None of the questions are out of line or beyond the scope of Congressional oversight.

What other questions should we ask?

The answers to these questions will spark additional questions. However, in my opinion, there are a few other questions the Senators could have posed.

  • What happens if the deadline is not met? Is the US prepared to renew the contract? Is the US prepared for the international backlash if the deadline is not met?
  • Does the structure of an organization like ICANN, that has an entire constituency of comprised of government representatives (GAC),  meet the nongovernmental multistakeholder model? To what extent and how are governments going to be kept out of oversight after the initial launch?
  • Whose interests does NTIA seek to serve or protect by initiating this transition?

What other questions do you have?

How hard do you want Congress to push on this issue?

Transparency will help alleviate fears and misconceptions. I think the answers to these questions and those likely to follow with help shape the dialogue as this process continues. Gaining the confidence of the American people and other inter nation critics will serve to make this a smoother process for NTIA and ICANN. I encourage Congress to pursue the answers to these questions and then decisions can be made about how to proceed.

This issue has a long way to go before we can develop a definitive perspective on the positive or negative effect this will have on the future of the Internet.  I will continue to monitor the developments but I encourage you think about what concerns you most and leave your thoughts in the comments.

 

The below are highlights of the questions asked:

  • Please provide us with the Administration’s legal views and analysis on whether the United States Government can transition the IANA functions to another entity without an Act of Congress. 
  • Please explain why it is in our national interest to transition the IANA functions to the “global multistakeholder community.” 
  • Why does the Administration believe now is the appropriate time to begin the transition, and what was the specific circumstance or development that led the Administration to decide to begin the transition now?
  • What steps will NTIA take to ensure the process to develop a transition plan for the IANA functions is open and transparent?
  • Will NTIA actively participate in the global multistakeholder process to develop a transition plan for the IANA functions, or will the Administration leave the process entirely in the hands of ICANN?
  • What specific options are available to NTIA to prevent [a government or inter-governmental solution] from happening?
  • How can the Administration guarantee the multistakeholder organization that succeeds NTIA will not subsequently transfer the IANA functions to a government or intergovernmental organization in the future, or that such successor organization will not eventually fall under the undue influence of other governments?
  • How did NTIA determine that ICANN is the appropriate entity to lead the transition process, and how will NTIA ensure that ICANN does not inappropriately control or influence the process for its own self-interest? 
  • Does NTIA believe ICANN currently is sufficiently transparent and accountable in its activities, or should ICANN adopt additional transparency and accountability requirements as part of the IANA transition? 
  • Is it realistic to expect that an acceptable transition plan can be developed before the IANA functions contract expires on September 30, 2015?  Is there another example of a similar global stakeholder transition plan being developed and approved in just 18 months? 
  • How will NTIA ultimately decide whether a proposed transition plan for IANA, developed by global stakeholders, is acceptable?  What factors will NTIA use to determine if such a proposal supports and enhances the multistakeholder model; maintains the security, stability, and resiliency of the Internet Domain Name System; meets the needs and expectation of the global customers and partners of the IANA services; and maintains the openness of the Internet? 
  • Will NTIA also take into account American values and interests in evaluating a proposed transition plan?  How? 

Bitcoin: How will this new “currency” affect you?

The other day I was making a purchase online and listed along with the other payment options– pay pal and credit card– was bitcoin…. What’s a bitcoin?  Can you actually use this to make purchases? Is this form of payment secure? How do I get bitcoins?

What is a Bitcoin?
 

A bitcoin is a form of virtual currency that only operates in cyberspace.

A virtual currency can be defined as a type of unregulated, digital money, which is issued and usually controlled by its developers, and used and accepted among the members of a specific virtual community. In 2009, the “Bitcoin” network was launched, introducing a worldwide virtual currency.

Bitcoin permits buyers and sellers to interact anonymously to facilitate instantaneous payments for goods and services, without the involvement of a third-party such as a bank. Bitcoin may be purchased to start but you must “mine” bitcoins. Mining is a resource-intensive processes where miners use special software to solve math problems and are issued a certain number of bitcoins in exchange.  Here are a few interesting facts about Bitcoin:

  • Bitcoin is typically stored on a user’s personal computer or in cloud based accounts called “wallets.”
  • Bitcoin wallets do not meet the UCC’s definition of a deposit account as they are not maintained with a bank.
  • Bitcoin wallets are not insured by the FDIC.​
  • Bitcoin has a high likelihood for extreme value fluctuations.
  • Bitcoin is gaining popularity.
 
The Warning!
On March 11, 2014, FINRA issued an Investor Alert to caution investors of the “significant risks” of buying and speculating in bitcoin and other digital currencies, as well as the risk of fraud and cybercrime related to online bitcoin exchanges and other bitcoin-related service providers.
Specifically, the alert outlines several risks surrounding the usage of and speculating in bitcoin, including:

  • Bitcoin and other digital currencies are not legal tender and if the trust built up among individual users and businesses should vanish, bitcoin would be valueless.
  • Online exchanges that allow users to buy and sell bitcoin and digital wallet services that allow users to store bitcoin are magnets for cyberthieves.
  • Because bitcoin transactions are essentially anonymous, users must take extra care to avoid fraudsters posing as legitimate services.
  • Bitcoin has been used for illicit transactions and such activities could impact users and speculators if an online exchange or service is shut down by law enforcement.
  • Price volatility has been bitcoin’s hallmark in recent years, and there is no uniform value of bitcoin across the various exchanges.

Is bitcoin the future?
Given the variable nature of bitcoin, it’s hard to foresee the future. Many questions remain: How will state or federal legislators regulate the bitcoin system?  Will volatility and data security destroy confidence in bitcoin?  Will bitcoin emerge as a standard payment option, remain a niche product, or otherwise become less interesting, but more predictable under new regulations? Will the average consumers embrace this new currency?

 
​Should Small Business Owners Use Bitcoin?
I would caution against it if your company will not survive the associated risks and building the necessary infrastructure. Accepting bit coin will necessitate updates to refund and exchange policies, calculation of sales tax, when to lock in the rate, etc.  Additionally, users will need to monitor developing regulations and consumer perception of bitcoin.  This volatility can be hard on sellers especially small sellers that rely on every dollar to survive and thrive. 
 
The retailers and other businesses that have announced that they are accepting bitcoin as payment are not established “brand” names that perhaps have a higher risk tolerance. One exception may be Overstock.com.  The major brands may soon follow. We have seen Vegas casinos, and Congressman accepting bitcoin.  But it seems the major brands are waiting to see how legislation develops,how consumer opinion develops, if the value will stabilize, etc before dabbling in a currency that offers little to no stability. The companies using bitcoin are predominately brands that have the benefit of anonymity, are seeking publicity or have a consumer base that is actively using bitcoin and will understand the volatility. Unless you run a tech business that caters to the bitcoin-savy, use caution when exploring new payment options. Your budding company may not bounce back from a dive in the value or new regulations that may emerge. Build a strong brand and strong consumer base then consider taking risks. Bitcoin may not be going away anytime soon but asses legal/regulatory, commercial/financial, and reputational risks before deciding whether to make bitcoin a part of your business.

 

Do Not Track Me… But Cater to Me

We have all become accustomed to having our technology cater to most of our needs in very personal way. However, we all desire to retain a certain amount of privacy.  For example, our cellphones track our every move and click while occasionally make calls – and yet we would be lost without the maps and ability to request anything from “Siri.” Our cable boxes may bring our favorite shows and movies but they also report back to providers all of your family’s television viewing habits.  We all appreciate the convenience that customization provides however that means a loss of privacy….

Why Are We Worried?
The latest buzz word is the The Internet of Things (IoT). What is that? “The Internet of Things” refers to the concept that the Internet is no longer just a global network for people to communicate with one another using computers, but it is also a platform for devices to communicate electronically with the world around them. The result is a global “network of physical objects that contain embedded technology to communicate or interact with people, things, and the external environment. It includes everything from traffic sensors to refrigerators, thermostats, medical devices, and wristwatches that can track or sense the environment and use the data they collect to provide a benefit, or transmit the data to a central repository for analysis, or both.”

This network of objects enables providers of goods and services to use your personal behavior to profile and evaluate your activities and habits.  The Internet of Things will result in increased data collection, amplifying the importance of simplifying choices and giving control to individuals with real-time notices. Transparency will facilitate consumer understanding of the collection, use and sharing of personal data. However, there is a real danger of data being used in unexpected ways. The Internet of Things has created a potential perfect storm of four major information policy concerns: online safety, privacy, security, and intellectual property issues. The goal is to determine what “reasonable” expectations regarding data usage should be, and then manage consumer expectations accordingly. Measures ensuring the network’s resilience to attacks, data authentication, access control and client privacy need to be established.  An ideal framework would consider the underlying technology and involve collaboration on an international scale.

The need to balance reasonable activity on the Internet and use of The Internet of Things with responsible privacy protections is exponentially increasing. This balance is extremely important because the last thing we want is to stifle innovation by over legislating this area.

Laws to Watch
At least 14 states have proposed legislation on the 2014 docket that is intended to increase privacy protection for consumers and limit both government and private sector surveillance via the Internet of Things. At the federal level, several bills are already making their way through Congress.

State
AB370, an amendment to the California Online Privacy Protection Act of 2003 (“CalOPPA”). CalOPPA requires owners of commercial websites and online service providers (“operators”) to conspicuously post a privacy policy. The privacy policy must disclose to consumers, among other things, the categories of personally identifiable information (PII), such as name, hone address, email address, social security number,  the operator collects and with whom the operator shares such information. Operators affected by CalOPPA include website operators and, as interpreted by the California Office of Attorney General, operators of software and mobile apps that transmit and collect PII online.

Federal 
The Black Box Privacy Protection Act is a bill in front of Congress that prohibits the sale of automobiles equipped with event data recorders-unless the consumer can control the recording of information. Additionally, the data collected would belong to the vehicle owner.

The We are Watching You Act is a bill in front of Congress that requires the operator of a video service (such as a DVR or Xbox) to display the message “We are watching you” as part of the programming provided to the consumer prior to the device is collecting visual or auditory information from the viewing area. This is not likely to pass but its a sign of legislation to come.

The Federal Trade Commission (FTC) has this phenomenon on its radar, it hosted an all-day workshop entitled, “Internet of Things: Privacy and Security in a Connected World in November. The FTC has also released a number of reports and guidelines that direct business on how to protect consumer privacy.

International 
With Internet Governance on the forefront of international discussion, international “Internet of Things” legislation is not the priority and likely to be left up to each country to decipher. International collaboration on issues like this early is one out come I hope comes from these Internet Governance talks…. but we’re a long way out from that happening.

The examples listed are a narrow sampling of privacy legislation designed to protect users from unwanted intrusions. Most notably, states have passed a number of laws protecting privacy rights in recent years.

Conclusion
The Internet of Things will bring tremendous new benefits to consumers but we must balance the need for consumer privacy. State, federal and international regulators must work to restrict government and private-sector collection and control of the data IoT will create. In the meantime, make sure you are aware of the information you provide through your IoT. Explore privacy settings and read privacy policies if you are concerned about sharing too much data with providers. Know what your priorities are as it relates to customization and privacy. If you value convenience and do not mind a prying eye or two, if it means a personalized user experience, share your data freely. However, if you value preserving your privacy be proactive about doing so until lawmakers can find the appropriate balance. Do not shun technology just educate yourself.

Why companies should beware of the BYOD movement and how to mitigate potential damage

BYOD (bring your own device) is a buzz word amongst company IT departments and policy makers.  BYOD is an employee-purchased and owned device (i.e., laptop, smartphone, tablet) that is connected to a corporate information network system or otherwise used to conduct company business. A recent Cisco study found that 90% of full-time American workers use their personal smartphones for work purposes. In this cyber age where privacy and cyber security are major concerns for employers and employees alike, BYOD is a proverbial minefield for those unaware of the legal, security and privacy risks.

Emerging BYOD Legal Risks

In this world of telecommuting and start-ups, many companies allow employees to use their own laptops and smartphones. Companies have thereby ended the Apple v. Android, Mac v. PC debates, a win-win for employees and their employees.  This all might sound great for both employers and employees, but as with any new invention, the risks of BYOD policies have not yet been resolved.  Nor have we seen any BYOD policies take center stage of a publicized legal dispute. We have, however, seen disputes arise over storing company data on personal devices. In Barrette Outdoor Living, Inc. v. Michigan Resin Representatives, the Court ordered an employee to pay $35,000 in sanctions for failing to preserve his cellular phone and deleting 270,000 company files from his personal laptop. Even when using a personal device, employees may have a duty to maintain corporate information if their employer goes to trial. Employees may face personal legal liability for actions taken while using their BYOD device.

Understanding BYOD Security Risks

When employees have access to company networks and data through their personal devices, the company becomes increasingly vulnerable to security and legal risks. Companies that allow broad access face the risk of employees to deleting company data and are susceptible to the carelessness of employees and third-party users. These users can be anyone from a child using a parent’s phone to office visitors connecting to the company wi-fi. When BYODs and third-party devices bypass security features normally applied to corporate devices, they are vulnerable to malware—a costly risk, particularly in regard to Android devices. Additionally, BYODs that bypass network security elevate the risk of non-compliance with data privacy laws and regulatory requirements.[1]

Mitigating Security Risks & Maintaining Employee Privacy

The most effective mitigation strategy will couple emerging tools with a BYOD policy to protect company assets and security, examples of which include:

  • Developing a BYOD policy that addresses ownership, password requirements, employee privacy, liability, limitations on access/use, search parameters and what situations trigger which reactions.
  •  Selectively publishing company data to new mobile apps; users get the data they need, and the company has greater control over data security.
  • Requiring device encryption.
  • Installing software to track which documents employees download.
  • Installing technology to wipe only corporate settings, data and apps to protect business assets while leaving personal data and settings intact.
  • Exploring geo-fencing to protect company information and prevent data breach by disabling device features such as the camera within company space.

Use and implementation of these tools will depend on company needs but should be considered to mitigate legal, security and privacy risks.

 

To see more from me on this issue visit: http://techpageone.dell.com/technology/byod-policies-tangle-hr-legal/

Instant Message Banter or Contract Formation?

Contract formation tends to be misidentified as a tedious process with lots of drafts, exchanging paper and signing of a final deal. However, it’s not as formal as most people think. As a ruling by a federal court in Florida demonstrated you can make or modify a contract with a few words transmitted by instant message (IM).

Because a signed formal document isn’t essential for a legally effective contract parties must be cautious about exchanging promises and the discussions they engage in outside of formal negotiations. Only certain kinds of contracts need to be in writing. Other contracts can be formed orally or through a course of dealing or exchange of forms. Contract formation requires: one party to make an offer, the other party must accept the offer, and consideration (something of value, must be exchanged). That’s it! That combination of requirements can happen orally or in writing. Not to mention, that as technology evolves, the definition of a writing expands to include all forms of communication such as emails, text messages and instant messages.

iChat Crazy

In the case at hand, Smoking Everywhere Inc. sells electronic cigarettes. It contracted with CX Digital Media Inc., in August 2009, for Internet advertising, agreeing to pay $45 for each completed sale it obtained through CX Digital’s Internet ads, for up to 200 sales per day.

One month later, Smoking Everywhere’s vice president for advertising engaged in an instant message conversation, during the course of a full workday, with an account manager at CX Digital. Toward the end of the day, after discussing the testing of new ads and new URLs, these messages were passed back and forth, within a stream of IMs over a two-hour period:

Account manager: We can do 2000 orders/day by Friday if I have your blessing.
Advertising VP: NO LIMIT.
Account manager: awesome!
 

Following this dialog, CX Digital stopped using the 200 sales/day limit, and began making an average of 1,200 referrals per day. When CX Digital billed Smoking Everywhere for the higher volume, however, Smoking Everywhere refused to pay.

The court held that the IM exchange demonstrated the clear intent to remove the prior daily referral limits, and thereby modified the contract:

A close reading of the instant messages and careful consideration of the behavior of the parties during the conversation indicate clear assent on the part of both parties to stop sending traffic to the ‘old’ ecig link and to begin sending the traffic to the two new URLs.

This two-word contract change resulted in $1,235,655 in damages.

Bottom line: Be careful with all informal communications such as text message, instant message, tweets, Facebook comments, etc. You can easily form a binding contract through the course of conversation.

Written contracts are the currency of business dealings, and although many companies insert clauses that say contracts cannot be modified without a signed writing (signed by authorized representatives). Business representatives increasingly engage in informal communications, in the short time after their conversation, CX acted in reliance of the modification, and as a result Smoking Everywhere ended up in a binding agreement.

Both in your professional and personal life be careful every time you engage in an exchange of “promises.” The last thing you want to do is bind yourself or your employer to an agreement. Employees with positions that are easily perceived to have decision-making power should be especially careful. If you are discussing terms of an existing contract or a potential sale or service be very clear that you are not forming a contract and that you are merely negotiating potential terms.

Snapchat images may come back to haunt you!

Snapchat is a mobile phone application intended to allow users to send photos to their friends and limit the amount of time for which the photos can be viewed.  Once the allotted viewing time has elapsed, Snapchat is supposed to delete the photos entirely from the recipient’s device as well as from Snapchat’s servers so that it cannot be accessed again. Many users send images to protect their privacy while enjoying the ability to share an image with another for brief intervals. Usually the user places a high value on the claim of permanent deletion following the reveal of the image. Snapchat has even implemented mechanisms to let sends know if recipient’s take screenshots of the images.Snapchat currently reports that its users send 150 million “snaps” per day a sign of its rising popularity. The question is are your snapchats really deleted?

Way back when Snapchat was first launched, Buzzfeed discovered a loophole that allowed cached Snapchat videos to be rewatched on an iOS browser like iFunBox. In response, Snapchat founder Evan Spiegal told Buzzfeed, “The people who most enjoy using Snapchat are those who embrace the spirit and intent of the service. There will always be ways to reverse engineer technology products — but that spoils the fun!”

The Electronic Privacy Information Center (EPIC), a self-described public interest research center focusing on privacy issues and consumer advocacy, filed a complaint with the Federal Trade Commission (FTC) on May 16, alleging that Snapchat’s representations that its users’ photos “disappear forever” once viewed by a recipient are deceptive and likely to mislead consumers.  The complaint alleges violations of Section 5 of the Federal Trade Commission Act and requests the Commission to investigate.

The complaint alleges that Snapchat does not delete a file after its been viewed instead Snapchat adds “.nomedia” extension tot he end of the file name which renders the file unviewable. However, any tech-savvy user could alter the file name by removing the “.nomedia” extension and the files are again viewable.

Since launch, Snapchat has slowly but progressively admitted that the app isn’t actually as privacy-friendly and secure as it’s made out to be. In fact Snapchat recently published a point-by-point blog post going over how it stores and deletes Snapchat data, with the tender warning at the very bottom that says, “If you’ve ever tried to recover lost data after accidentally deleting a drive or maybe watched an episode of CSI, you might know that with the right forensic tools, it’s sometimes possible to retrieve data after it has been deleted. So … you know … keep that in mind before putting any state secrets in your selfies :)”

Snapchat’s policies do not describe this process and do not advise users that the files are recoverable.  Snapchat’s privacy policy does, however, state that “[a]lthough we attempt to delete image data as soon as possible after the message is received and opened by the recipient. . . we cannot guarantee that the message contents will be deleted in every case “  For example, the policy goes on to state, “users may take a picture of the message contents with another imaging device or capture a screenshot of the message contents on the device screen.”

 
The complaint alleges that Snapchat’s representations to users “that photos sent using its app would be deleted after a user-designated amount of time” are “likely to mislead the reasonable consumer” and that those representations are material.  In addition to asking the FTC to investigate Snapchat’s claims that users’ images are permanently deleted, the complaint asks that the FTC require Snapchat to make improvements to its security practices to successfully delete users’ photos and to cure any deceptive statements about its services.

What does all of this mean for you?

BE CAREFUL!  As I continue to stress when dealing with social media, your content never really goes away! Everything online lives on.  This app is not an exception, at least not yet.

However, there is a lot of skill and effort involved in retrieving these images it is not likely that most recipients will expend the time and energy necessary to recover old images. They are more likely to screenshot the image upon receipt.

Lets be honest, Snapchat is a common medium for sexting and sending other inappropriate content… If you have to send it via Snapchat, can the recipient really be trusted and even more is it worth finding out?
 

Social Networking Online Protection Act: Will this Protect your Social Media Privacy Rights?

Representative Eliot Engel (D-NY) introduced the “Social Networking Online Protection Act,” H.R. 537 to Congress in February.  This bill would be the national version of the social media privacy laws popping up in states nationwide. Increasingly employers and other authority figures have asked employees and others to turn over their username or passwords for their personal accounts. State legislators began introducing legislation in 2012 to prevent employers, colleges, etc. from requesting passwords to personal Internet accounts—including email, banking and social networking sites—in order to get or keep a job or regulate student activity.

Unlike most of those state laws, the bill would also protect passwords to email accounts. Seven states, California, DelawareIllinoisMaryland, Michigan, New Jersey and most recently Utah, currently have social media privacy laws on the books prohibiting requesting or requiring an employee, student or applicant to disclose a user name or password for a personal social media account. California, Illinois, Maryland, Michigan, and Utah laws apply to employers. California, Delaware, Michigan and New Jersey have laws that apply to  academic institutions.

Will this bill solve the privacy issues that occur when an employer or academic institutions requires revealing your password for your personal account?

Limits must be set for how and when authority figures such as employers, coaches, professors, etc, can access private social media information. Anything made public by the user is fair game because that is the information they have elected to present to the world. Reputation and public persona are important to potential and current employers and university officials because that information can affect public perception of them.  Although our online image is important and can provide a lot of information about an individual, the information that’s private should be kept that way.  A private photo album on Facebook can be likened to a photo albums kept at home vs. photos you display at work or in a public album online.  Privacy is a fundamental right and should be preserved.

Lets take a closer look at a few key points of the bill…

Under the federal bill social networking is defined as:

“[A]ny Internet service, platform, or website that provides a user with a distinct account–

“(A) whereby the user can access such account by way of a distinct user name, password, or other means distinct for that user; and

“(B) that is primarily intended for the user to upload, store, and manage user-generated personal content on the service, platform, or website.”

Defining “social networking” or “social media” could be problematic with the discrepancy between the rate of evolution of social media and the rate of evolution of the law.  Maryland’s approach of  focusing on whether the circumstance at hand involves a user name or password, and leaves vague the nature of the account or service to which the user name or password relates might be better for keeping this law relevant long term.

The bill does specify that it must be a personal account preserving and employer’s interest in accounts the own or accounts operated by employees for business purposes.  Employees and students should be careful not to mix business and personal accounts. Accounts where the line between business and personal will be where the limits of this law are fleshed out.

Enactment of the law would curtail the need for more sate laws on the issue and provide uniform protect. Uniform standards make drafting policies a lot easier for employers and universities.  They also help users know the limits of their protection nationwide, there are no worries of where to bring a suit if you feel your privacy rights have been violated in this way.

Some wonder if this is a matter for federal law?  Well, I think the answer lies in the answer tot he question “Whose job is it to protect the privacy rights of American citizen?”

My answer to the question indicates that Congress is well with its bounds.  What do you think?