IT Law Alerts
Information Technology Law is our FocusKeeping IT Legal™
Ossian Law P.C.
IT Law Alerts
Imposter LinkedIn Account Leads to Lawsuit
Setting up a social media profile posing as someone else likely violates the platform’s terms of service. It may also constitute trademark infringement, unfair competition and civil fraud. Illinois-based poultry processor Wayne Farms LLC filed a federal complaint...
Appellate Court: Amazon May Be Liable For Injury Caused By Third Party Product
In the first decision of its kind, a California appellate court has held that Amazon may be subject to liability for a personal injury caused by a third-party product sold through its site. Angela Bolger purchased a replacement laptop computer battery on Amazon and...
Latest Lawsuit Against Zoom Alleges Non Adherence to Published Security Measures
In the first half of 2020, Zoom Video Communications, Inc. (“Zoom”) was named in a number of proposed class action lawsuits. Claims in the various lawsuits include violations of state data protection laws based on: (a) alleged improper sharing of users’ personal...
Instacart Sues Uber Grocery Delivery Company for Illegal “Scraping”
Recently, Maplebear Inc. dba Instacart field a lawsuit in federal court in Texas against Cornershop Technologies Inc. Cornershop is an online grocery delivery service launched in Chile in 2015 and purchased by Uber in 2019. In May 2020, Cornershop began...
Are iPhone Apps Accessing Data on Apple Clipboard Without Consent?
In a class-action styled lawsuit filed last month, Adam Bauer, a LinkedIn user, accuses the social networking platform of accessing his and other iPhone users’ sensitive data from Apple’s “Handoff” clipboard. The purpose of the clipboard is to temporarily store...
Department of Defense Audit of AI Standards and Protections
The Office of Inspector General (OIG) has issued a report of its audit of the governance and protection of Department of Defense (DOD) Artificial Intelligence Data and Technology. The dual purpose of the audit was to determine DOD’s progress in: (a) developing a...
European Commission Investigates Apple Over App Store Rules
After receiving complaints filed by music-streaming service Spotify and an audio book distributor, the European Commission formally opened an investigation into Apple. The Commission is looking into whether Apple’s rules for app developers on the distribution of apps...
HomeAdvisor’s Clickwrap Arbitration Clause Overcomes Challenge
A group of Dallas area homeowners used HomeAdvisor’s website to locate contractors for home improvement projects. Though they were recommended by the site and subsequently hired by the homeowners, the contractors abandoned the projects. The homeowners/plaintiffs then...
Court: Capital One Breach Investigation Report Not Privileged
In March 2019, Capital One experienced a data breach affecting over 100 million consumers. The Capital One data breach is the subject of consumer multi-district litigation pending in federal court in Virginia. The case is currently in the discovery stage. The...
Attackers May Remain Even After Ransomware Payments
Microsoft’s Threat Protection Intelligence Team recently reported that ransomware groups may remain on an organization’s system even after receiving the requested payment. Ransomware involves the deployment of malware to lock or prevent user access to a network or...
Google Argues Accidental Recording Doesn’t Violate State, Federal Laws
Last summer, a proposed class action was filed in a California federal court against Alphabet, Inc., the parent company of Google, alleging that the accidental recording of conversations by Google Assistant violates various state and federal privacy and wiretap laws....
Michigan Personal Privacy Protection Act Extends to Out-of-State Residents
In 1988, Michigan enacted the Personal Privacy Protection Act (PPPA) to “preserve personal privacy with respect to the purchase, rental, or borrowing” of written materials, sound recordings, and video recordings. Enacted with the video rental industry in mind, the...
Latest TCPA Decision Further Demonstrates Need for “Auto Dialer” Clarification
Calling or texting consumers without proper consent can lead to a potential violation of the Telephone Consumer Protection Act of 1991 (TCPA). The TCPA prohibits calls and texts to consumers using an automatic telephone dialing system (ATDS) without obtaining the...
No More Blanket Portable Electronics Bans in Michigan Courts
On January 8, 2020, the Michigan Supreme Court amended a longstanding court rule that had allowed local courts to determine the use of electronics in their facilities, including outright bans of such devices. The amended rule allows attorneys, parties and members of...
California Consumer Privacy Act Takes Effect
On January 1, 2020, California’s new consumer privacy act became effective. The California Consumer Protection Act, or CCPA, includes a broad definition of “personal information” that not only includes identifiers like name, address, phone number and email address,...
Harvard Settles Online Accessibility Lawsuit
In 2015, the National Association of the Deaf (NAD) filed a lawsuit in Massachusetts federal court against Harvard University. The class action complaint alleged that thousands of videos and audio tracks on the university’s website and third-party platforms violated...
The Inconsistent Scope of EU Tech Rulings
Two recent tech-related rulings from the E.U. Court of Justice demonstrate inconsistencies in whether the decisions apply just within the European Union or more globally. Over the past five years, the E.U. Court of Justice has ruled that Google must comply with...
Bill Introduced to Create Federal Online Privacy Agency
U.S. Representatives Anna Eshoo and Zoe Lofgren, each representing districts in Silicon Valley, have introduced the “Online Privacy Act” bill. The bill calls for the creation of a U.S. Digital Privacy Agency to draft and enforce comprehensive federal...
FTC Enters into First “Stalkerware” Consent Order
The Federal Trade Commission has entered into a Consent Order with Retina-X Studios and its founder for alleged violations of federal privacy laws involving three “stalkerware” apps known as Mobile Spy, Phone Sheriff and Teen Shield. Downloading each app required...
Insurer Seeks Ruling to Deny Coverage for $6 Million Email Spoofing
AIG Specialty Insurance Company recently filed a motion to dismiss a lawsuit filed by investment software manager SS&C Technologies Holding, Inc. seeking coverage for a $6 million loss based on email spoofing. The lawsuit...
TCPA Class Action Proceeding Against Quest Diagnostics
Calling or texting consumers without proper consent can lead to claimed violations of the federal Telephone Consumer Protection Act of 1991 (TCPA). A plaintiff must show that the call or text utilized an automatic telephone dialing system (ATDS) and was without the...
NTSB: Tesla Autopilot Shares Responsibility for Crash
Tesla touts its Autopilot as having “advanced safety and convenience features . . . designed to assist you with the most burdensome parts of driving” and enabling “your car to steer, accelerate and brake automatically within its lane.” Tesla also warns that “[c]urrent...
Google Sued Over Potentially Re-identified Medical Records
Google, LLC and the University of Chicago Medical Center have been named as defendants in a class action style lawsuit recently filed in federal court in Illinois. The named plaintiff, Matt Dinerstein, alleges that Google, through its start-up, DeepMind, “embarked on...
U.S. Conference of Mayors: No More Ransomware Payments
A ransomware attack involves the introduction of malware that locks user access to their system or files, along with a demand for a ransom payment to unlock the system or files. On July 11, 2019, the United States Conference of Mayors, representing more than...
Changes Coming to Illinois’ Biometric Protection Law?
Illinois’s Biometric Information Privacy Act (BIPA) was passed in 2008 but over the past few years has been the basis for hundreds of proposed class action lawsuits. As originally drafted, the law contains potentially overbroad definitions of “biometric...
Mobile App “Click Spamming’ Lawsuit
Chinese-based mobile app developer Cheetah Mobile, Inc. has asked a federal court in New York to dismiss a purposed class action lawsuit brought by the company’s investors. Cheetah boasts hundreds of millions of monthly active users of its apps, including Clean...
Key Findings of Verizon’s 2019 Data Breach Investigations Report
In May 2019, Verizon released its 2019 Data Breach Investigations Report. The report is the result of analyzing some 41,686 security incidents of which 2,013 were confirmed data breaches. Among the report’s key findings: The majority of incidents were denial of...
Apple’s Face Recognition Software Leads to Wrongful Arrests, Lawsuit
Eighteen year old Ousmane Bah has sued Apple after he was falsely accused of felonies in multiple states, including Massachusetts, New York, New Jersey and Delaware. The arrests allegedly resulted from Bah’s image being mismatched to the identity of the true suspect...
European Commission Demands Yield Upcoming Facebook Data Changes
The Consumer Federation of America, along with 10 other advocacy groups, including Mozilla and the Internet Society, have sent an open letter to Target, Amazon, Best Buy and Walmart asking the retailers to endorse minimum privacy and security guidelines for connected...
Court Removes Non-Compete Injunction from Former ADP Sales Reps
A federal court in New Jersey has lifted a preliminary injunction enjoining former ADP salesmen from engaging in certain conduct alleged by ADP to violate non-compete provisions in their employment agreements. The injunction had been originally entered in June 2016,...
Senate Committee: Equifax Did Not Retain Records Related to Data Breach
In 2017, credit reporting agency Equifax experienced a data breach that impacted 143 million consumers. Fallout from the breach included class action lawsuits initiated by various plaintiff classes such as consumers, financial institutions and a small business class....
Audit Reveals Flaws in FBI Cyber Notification System
The U.S. Department of Justice Inspector General has released a report of an audit of the Federal Bureau of Investigation (FBI) process for notifying victims of cyber incidents. The primary findings of the report include: Some unreliable data, including typographical...
Consumer Advocacy Groups Call for Minimum IoT Standards
The Consumer Federation of America, along with 10 other advocacy groups, including Mozilla and the Internet Society, have sent an open letter to Target, Amazon, Best Buy and Walmart asking the retailers to endorse minimum privacy and security guidelines for connected...
No Trademark for Hashtagged Chicago Cubs Phrase
The Trademark Trial and Appeal Board (TTAB) has recently issued a precedential opinion denying a Chicago Cubs fan’s request to trademark #MAGICNUMBER108 for t-shirts. The fan, Grant DePorter wished to use the hashtagged phrase in reference to the fact that it took the...
U.S. Houses Passes “Hack Your State Department Act”
In a 377-3 bipartisan vote, the U.S. House of Representatives has passed H.R. 238, the “Hack Your State Department Act.” If this bill becomes law, the U.S. State Department would have one year to establish a pilot “bug bounty program” under which qualified security...
The Geographic Scope of “The Right To Be Forgotten”
As early as 2014, the Court of Justice of the European Union (CJEU) has ruled that Google must comply with the request of E.U. citizens to remove certain search engine results reflecting past actions of the citizens, or the so-called “right to be forgotten.” One...
The Impact of Drones Near Airports
Over the past two months, drone sightings have caused closures at international airports, both in the U.S. and abroad. In December 2018, drone activity at London’s Gatwick Airport resulted in the airport being closed for 33 hours with multiple flight cancellations,...
E.U. Sets Privacy Shield Deadline for U.S.
The European Union General Data Privacy Regulation (GDPR), which took effect in May 2018, covers the handling of personal information of E.U. citizens, including by U.S.-based companies. The E.U.-U.S. Privacy Shield is a framework to provide companies with a mechanism...
FCC Seeks New Call Authentication System in 2019
The Federal Communications Commission (FCC) recently sent letters to telecommunications carriers asking them to establish plans to implement the Signature-based Handing of Asserted Information Using toKENS (SHAKEN) and the Secure Telephone Identity Revisited (STIR)...
Facebook and Google Face Location Tracking Lawsuits
Two recent class action-styled lawsuits have been filed against Facebook and Google, respectively, for allegedly tracking and storing user location data even after the user had turned off location tracking features. In Heeger v. Facebook, Inc., the plaintiff claims...
California’s Connected Device Security Law
California has become the first state to pass legislation to regulate the Internet of Things. The new law, which takes effect on January 1, 2020, applies to manufacturers of connected devices, which are defined as “any device, or physical object that is capable of...
Small Businesses and the Equifax Breach
Last year, credit reporting agency Equifax experienced a data breach that impacted 143 million consumers. Fallout from the breach included class action lawsuits initiated by various plaintiff classes such as consumers, financial institutions and a small business...
Suit Alleges Apple’s Website Not Accessible
A visually-impaired and legally blind woman has filed a lawsuit against Apple, Inc. in federal court in New York, alleging that Apple’s website is not accessible and is therefore in violation of the federal Americans with Disabilities Act (“ADA”). Himelda Mendez...
Can Smart Cities be Hacked?
Earlier this year, citizens in Hawaii experienced a false missile attack alert resulting from employee error. The potential for similar incidents caused by hackers in so-called “smart cities” has been identified by researchers at IBM X-Force Red and cybersecurity firm...
Pentagon Creating “Do Not Buy” Software List
According to a Department of Defense official, the Pentagon has been working on a “do not buy” list of software vendors since early this year. Without identifying specific vendors or products, in a recent press conference, Ellen Lord, undersecretary of defense for...
Cybersecurity Risk Tops CEO Concerns
Global advisory firm Willis Towers Watson recently released its 2018 Management Liability (Directors & Officers) U.S. Survey. When asked the question “to what extent are the following risks a concern for your organization in the coming year,” 80 percent of the...
Court Won’t Enforce Uber’s Terms of Service
The importance of making online and mobile app terms clear and conspicuous to users was reinforced by the recent federal appeals court decision in Cullinane v. Uber Technologies, Inc. The plaintiffs filed a proposed class action in Massachusetts state court alleging...
Banks Not Allowing Credit Card Purchases of Cryptocurrency
Wells Fargo Bank has recently announced that its customers will no longer be able to make purchases of cryptocurrency using their bank-issued credit cards. This move is consistent with the stated practice of several other major U.S. banks including J.P. Morgan Chase,...
Network in the Sky in our Future?
Network in the Sky In our Future? Tech start up Elefante Group, Inc., in partnership with Lockheed Martin Corporation, has filed a petition for rulemaking with the Federal Communications Commission (FCC) regarding a design for a platform of atmospheric-based service...
Courts Deny Cyber Insurance Coverage for Phishing Claims
“Phishing” occurs through a fake email message to obtain sensitive information for the purpose of committing fraud. Phishing schemes are becoming more sophisticated, resulting in many organizations falling victim and incurring financial loss. Some organizations have...
Alabama: Final State to Enact Data Breach Notification Law
As of June 1, 2018, Alabama has become the 50thstate to enforce a data breach notification law to protect the personally identifiable information of its residents. Not unlike other states’ laws, the Alabama law defines “sensitive personally identifying information” as...
Court Holds Disney Engaged in Copyright Misuse
Disney recently suffered a potentially devastating setback in its legal effort to stop Redbox from selling digital codes to Disney films. A federal court in California denied Disney’s request for a preliminary injunction against Redbox, citing that Disney has engaged...
Legalities of Augmented and Virtual Reality
Augmented realty (AR) and virtual reality (VR) technology is becoming more commonplace in both our business and personal lives. Business uses of AR/VR include product design, employee training, marketing and customer service. A March 2018 survey conducted by the law...
Judicial Insights into Online Defamation
A federal court of appeals has rejected the notion that “circulation” rather than “publication” of allegedly defamatory material online and through email distribution is sufficient to state a claim. In late 2013/early 2014, financial publisher The Deal, LLC posted...
Is Your Web Host Adequately Protecting Your Organization?
The Federal Trade Commission (FTC) has issued the report “Do Web Host Protect Their Small Business Customers With Secure Hosting And Anti-Phishing Technologies? This report is the result of a mid-2017 investigation by the FTC’s Office of Technology Research and...
A New Cyber Risk Management Partnership
In what is being touted as a “first” in cyber risk management solutions, tech giants Apple and Cisco have announced a partnership with Aon plc (“Aon”) and Allianz Global Corporate & Specialty (AGCS). An organization adopting the solution would undergo a cyber...
“Bug Bounties” in the Spotlight
Some companies offer monetary rewards to so-called “white hat” hackers to find security bugs in the company’s systems. These “bug bounties” can prove useful in identifying vulnerabilities and preventing breaches. Care must be taken, however, that a bug bounty...
The Legal Side of Bitcoin
Public interest in Bitcoin grows as the value of the cryptocurrency has increased of late. Some view cryptocurrency as the wave of the future; others consider trading in it a gamble. How do countries and other levels of government treat cryptocurrency? In the United...
Connected Vehicle Hacking Lawsuits
Following the hacking of a Jeep Cherokee during a staged experiment in 2015, Fiat Chrysler USA (FCA) recalled 1.4 million 2013-2015 vehicles. The incident also prompted the filing of a proposed class action lawsuit against FCA in an Illinois federal district court...
FTC Considers “Informational Injury” for Data Breaches
Victims of data breaches are often unable to find a remedy without sustaining actual monetary damages. That could change if the Federal Trade Commission (FTC) pursues a path toward “informational injury,” which could impose a deemed harm to data breach subjects. In...
Online Sex Trafficking Law’s Unintended Impact
In November, the U.S. Senate Commerce Committee unanimously approved a bill known as the Stop Enabling Sex Traffickers Act of 2017 (SESTA). SESTA has broad bi-partisan support of its worthwhile goal of allowing civil and criminal actions against a website for...
Exempting Cybersecurity Plans from FOIA
The Michigan House of Representatives recently approved a bill that would amend the state’s Freedom of Information Act (FOIA) to prevent public disclosure of organization’s cybersecurity assessments, cybersecurity plans, cybersecurity incidents and cybersecurity...
Benefits and Risks of Drone Technology
Drones are now smaller, lighter, easier to use and capable of capturing high quality images and other data. Drone technology facilitates things like law enforcement activities, aerial photography and emergency deliveries. Last month, the Federal Aviation...
The SEC Database Hack
A few weeks ago, the Securities and Exchange Commission (SEC) revealed that its Electronic Data Gathering Analysis and Retrieval (EDGAR) system was hacked in 2016. Rather than issuing a news release specific to the discovery of the event, the SEC included information...
Emoji as Evidence
Emoji, the popular icons used in texts and social media posts (and their predecessor, emoticons), are increasingly being asserted as evidence of intent in both civil and criminal matters. What do “✌??” or “:-P” mean? They may have multiple meanings, depending on the...
NHTSA’s Voluntary Guidance on Automated Cars
In September, the National Highway Traffic Safety Administration (NHTSA) issued a voluntary guidance for automated vehicles entitled “Automated Driving Systems 2.0 – A Vision for Safety”. The 36-page document, a much scaled down version of what the agency issued a...
U.S Supreme Court Asked to Declare “Google” Generic
A trademark is a word, phrase, symbol or design that identifies and distinguishes the particular source of a product. A service mark does the same thing with respect to the source of services. An owner of a mark can control its use, including preventing others from...
Implications of the Equifax Data Breach
Last week, credit reporting agency Equifax announced that data of 143 million consumers was potentially compromised through a “website vulnerability” that occurred from mid-May through July, 2017. Equifax discovered the breach on July 29th, but waited nearly six weeks...
FCC Considers Robocall Reforms
The Federal Communications Commission (FCC) has been addressing two aspects of robocalls (unsolicited calls being placed to consumers) and caller ID spoofing (impersonating a different phone number to evade call blocking or filtering tools). First, the FCC is focusing...
The Impact of Moderating Web Content
Many online platforms use moderators to screen user content submissions. How does the use of moderators impact a site’s ability to successful defend itself against copyright infringement claims under the Digital Millennium Copyright Act? The Ninth Circuit Court of...
Regulating Personal Delivery Devices
Personal delivery devices, or PDDs, have begun rolling along some cities’ streets, transporting carry-out from local restaurants and delivering parcels. Unlike flying drones that fall under the jurisdiction of the Federal Aviation Administration, there is no basis for...
Court: Winn-Dixie Website Violates ADA
After a two-day bench trial, a federal court in Florida has ruled that grocery chain Winn-Dixie’s website is inaccessible to individuals who require screen reader software. The court concluded that Winn-Dixie violated the Americans With Disabilities Act (“ADA”) as a...
FTC Secures $2.7 Million Judgment against Telemarketers
For many years, the Federal Trade Commission (FTC) has maintained a national “do-not-call” registry of telephone numbers of individuals and organizations that do not to receive unsolicited marketing calls. Recently, the FTC obtained a $2.7 million judgment from a U.S....
States Consider New Privacy, Security Laws
While administrative changes within federal agencies have raised uncertainty over enforcement of privacy and security initiatives, many state governments are looking at establishing new rules and laws directed at protecting individual privacy and enhancing online...
Protecting Your Organization from Ransomware
Last week, hundreds of thousands of computer systems were impacted by global cyberattacks, many in the form of ransomware. Protecting your organization from these types of attacks is more important than ever. Understanding the ins and outs of ransomware is the first...
Interactive Mobile Apps and Wiretap Laws
Mobile apps are increasingly designed with features and functions promoting interaction with users, including voice commands. Could the design of an app to capture and transmit user communications and other information violate federal wiretap laws? An amended class...
Copyrights and 3D Printing
A recent decision of the U.S. Supreme Court may expand copyright protection for 3D printing designs. In general, copyrights protect creative works rather than useful or functional objects. In Star Athletica LLC vs. Varsity Brands Inc., the Court examined whether...
FCC Internet Privacy Rules Repealed
Last fall, the Federal Communications Commission (FCC) adopted historic rules to require broadband Internet Service Providers (ISPs) to protect certain sensitive customer information, including web browser history, app usage history and specific geolocation...
Google Settles AdWords Class Action
In July, 2008, Alphabet, Inc. (Google’s parent company) was sued in federal court by advertisers alleging violation of California fair advertising laws. According to the plaintiffs, Google mislead them regarding their paid AdWords, which the advertisers claimed were...
Regulating Autonomous Vehicles
Senators John Thune (R-SD) and Gary Peters (D-MI) recently announced that they are exploring federal regulations to be proposed this year for self-driving vehicles. These lawmakers’ stated goal was to offer flexibility for manufacturers of autonomous vehicles without...
EU Privacy Compliance Identified as Top Priority
The European Union has adopted a General Data Protection Regulation (GDPR) which will take effect in May, 2018. In January 2017, Price Waterhouse Coopers conducted a survey about preparing for the GDPR of 200 General Counsel and C-level executives from U.S. companies...
Managing Corporate Device and App Related Risks
Employees using corporate or personal devices to text and use communication apps use can pose risk to an organization. The risk can be even greater for highly regulated industries like financial institutions. Recently, Deutsche Bank announced a ban on employee text...
A Contest to Fix IoT Risk
The ever-increasing number of smart or connected devices is also referred to as the “Internet of Things” or “IoT”. Many smart devices are installed in homes, such as thermostats, home security systems and appliances. A smart device may pose security risks in initial...
“Zombie” Cookie Enforcement Action
Cookies are unique, persistent text files stored in a user’s browser that allow an app provider to recognize that user when the browser reconnects with the provider’s server. They are widely used by ecommerce and other web sites. A user can delete or control cookies...
Implications of a Billion Record Breach
This week, Yahoo! Inc. announced its discovery of an August, 2013 data breach of over one billion user account records. The announcement came less than three months after the company disclosed a 2014 breach of more than 500 million records, although Yahoo! believes...
“Fake News” and Organizational Risk
Inaccurate or misleading information on the Internet is nothing new, but the number of “fake news” sites and false or misleading articles being shared on social media has skyrocketed in recent months. Last week, an article that President Obama issued an executive...
Litigating Use of Facial Recognition Data
Social media and other apps use facial recognition technology in connection with their service offerings. Facebook’s “DeepFace” program automatically “tags” users thereby creating an ever-growing database of faces associated with users’ profiles, likes and other...
AI: Balancing Innovation with Consumer Protection
Artificial intelligence, or AI, is broadly defined as a computerized system that can either think or act like a rational human. Examples of AI in action include Amazon.com’s personal assistant “Echo” and Uber’s autonomous cars. While the genesis of AI goes back over...
A Medical Device Hacking Warning
Johnson & Johnson has issued a formal warning to over 110,000 patients that its Animas OneTouch Ping insulin pump, if left unencrypted, could be hacked and result in a potential overdose of insulin to a diabetic patient. This is the first time a medical device...
An Update on Data Breach Costs
Kaspersky Labs has issued its annual report on “Measuring the Financial Impact of IT Security on Businesses” after surveying more than 4000 business representatives from 25 different countries. Some key findings of the report: The cost of a single security incident...
Final E-Warranty Act Rules Issued
The federal E-Warranty Act of 2015 was enacted to allow manufacturers to display consumer product warranties online. On September 8, 2016, the Federal Trade Commission issued its final rules and amendments on the act. One of the ways that manufacturers can provide...
Millions of Blocked Text Messages or “Spamageddon”?
https://www.publicknowledge.org/assets/uploads/documents/PK-CC-FP_Twilio_Comments.pdfIn recent years, the Federal Communications Commission (FCC) has been considering what direction to take regarding mobile messaging. In August, the FCC held hearings where mobile companies and industry associations offered comments on the proposed regulations of...
Courts Examine Scope of Computer Fraud Act
The federal Computer Fraud & Abuse Act (CFAA) was enacted in 1986 to target computer system hackers who either damage the system or take valuable information. The CFAA prohibits “unauthorized access to a protected computer to commit fraud or obtain something of...
“BYOD” Requires Management of Legal Risks
Bring Your Own Device, or “BYOD”, continues to grow in popularity. As an example, over the past 18 months, the State of Michigan has quadrupled the number of employees using their own devices on the job. Michigan’s goal is to have 90% of employees on the program by...
Free Apps and the Expectation of Privacy
On July 6, 2016, the Michigan Supreme Court ruled that Peter Deacon, a user of Pandora’s free streaming music service, is not a “customer” under Michigan’s Video Rental Privacy Protection Act. Deacon is alleging that Pandora violated the act by sharing his name and...
Which Sites Top the Online Trust Audit & Honor Roll?
On June 14th, the Online Trust Alliance (OTA) issued its 2016 Online Trust Audit & Honor Roll. A self-described “benchmark analysis of businesses’ commitment to security, privacy and consumer protection”, the audit was the eighth consecutive effort by the OTA....
Combating Online Hate Speech
How long should a social media platform allow illegal hate speech to remain on its site before removing it? Unfortunately, social media has become a tool for terrorist groups and others to spread “the public incitement to violence or hatred directed against a group of...
Limitations of “Clicking Through” Online
Almost every website has terms that govern a user’s experience and the site owner’s responsibility for the operations and activities of the site. The enforceability of such terms and the limitations of a user “clicking through” was recently addressed by the U.S....
Driverless Vehicle Competitors Form Lobbying Group
Automakers Ford and Volvo, ride-sharing leaders Uber and Lyft (in which General Motors is a major investor), together with tech giant Google have formed a lobby called the Self-Driving Coalition for Safer Streets. The coalition is lead by former National Highway...
Vendor Data Breach Notification Concerns
A recent survey conducted by the Ponemon Institute LLC finds that 37% of companies that outsource services do not believe that their primary third party vendor would notify them in the event of a breach of the company’s confidential data. The percentage jumps to 73%...
What the Fiduciary Access to Digital Assets Act Means for Businesses
http://www.legislature.mi.gov/(S(xshmveywbtedbrh5jvf4nzdu))/mileg.aspx?page=PASearch&paNumber=59&paYear=2016A new law takes effect June 27, 2016 to allow fiduciaries in Michigan to access a decedent’s or incapacitated person’s digital assets. The “Fiduciary Access to Digital Assets Act” is one of a handful of such state laws throughout the country. At first glance, the law...
Scrutinizing Mobile Apps Using Audio Beacon Technology
SilverPush, a company based in India, offers mobile app developers a software development kit that includes “unique audio beacon technology”. The Silverpush code enables the app to access and use the mobile app’s microphone to listen for unique codes embedded in...
FCC Considering New Broadband Privacy Rules
On March 10, 2016, Federal Communications Commission Chairman Tom Wheeler introduced a proposal to regulate data sharing practices of broadband Internet service providers (ISPs). The proposal would address several aspects of broadband consumer data including:...
Protecting Biometric Data
The ever-growing collection of Big Data includes fingerprints, voiceprints, iris scans, handprints and other biometric data. Three states, including Illinois, have enacted laws to protect its citizens’ biometric data. Lawsuits alleging violation of the Illinois law...
Drones and the Law
The use of small, unmanned aircraft, or drones, by businesses and individuals is ever-increasing. As of December 21, 2015, all drones are required to be registered with the Federal Aviation Administration (FAA). Operators of unregistered drones could face criminal and...
Regulating Crowdfunding
The practice of crowdfunding involves raising small amounts from a large number of people, generally via the Internet. This type of fundraising, whether by businesses or individuals, has been largely unregulated, but that will soon change. Security and Exchange...
Hashtags and Trademarks
Organically created by Twitter users to categorize messages, hashtags have become popular to mark keywords or topics for easy searchability on social media and beyond. Last year, half the Superbowl ads featured hashtags, While many companies use their trademarks and...
Could Video Privacy Laws Apply to Your Business Activities?
The Video Privacy Protection Act (“VPPA”) is a federal law enacted in 1988. The same year, Michigan passed a Video Rental Privacy Protection Act (“MI-VRPA”). Both laws were primarily intended to protect consumers’ privacy when renting videotapes, a popular pastime in...
Western Union Settles TCPA Suit for $8.5 Million
In March, 2014, a class of plaintiffs sued Western Union in federal court in Illinois. The plaintiffs claimed that they received unsolicited text messages to their cell phones from Western Union without their prior consent, in violation of the federal Telephone...
Banning Non-Disparagement Clauses
https://www.congress.gov/bill/114th-congress/senate-bill/2044/textConsumers often rely on online reviews posted on sites like Amazon, Yelp and Trip Advisor. Some sellers have tried to prevent such feedback by adding a clause in their online terms of use requiring consumers to agree not to post negative reviews of the seller’s...
Who “Owns” Passcode for Company-Issued Device?
https://www.washingtonpost.com/news/volokh-conspiracy/wp-content/uploads/sites/14/2015/09/Huang.pdfOrganizations may issue smartphone, tablets and other devices to employees for job-related use. While the device is owned by the issuing organization, who “owns” the passcode that the employee uses to access that device? A recent federal case out of Pennsylvania...
EU Data Transfers: No More Safe Harbor
http://curia.europa.eu/juris/document/document.jsf?text=&docid=169195&doclang=enFor more than a decade, some 4,500 U.S.- based companies have self-certified compliance with the European Union’s data privacy directive via the U.S. Department of Commerce “safe harbor” program. On October 6, the European Union Court of Justice struck down the safe...
When Industry Groups Get Hacked
On an all too frequent basis, we hear about another organization that has experienced a data breach. Target, Sony, Anthem and T-Mobile are just a handful of recent examples. Last week, the American Bankers Association (ABA), announced that it is participating in the...
Connected Vehicles — A Moving Target?
Nearly everyone has heard about the wireless hacking of a Jeep back in July. Last week, Fiat Chrysler announced a recall of 8,000 vehicles, in addition to the 1.4 million Jeeps already recalled, to receive a security patch to the in-car entertainment system that was...
New State Privacy Laws
In August, Maine and Delaware became the 22nd and 23rd states, respectively, to enact laws that prohibit employers from requiring employees and applicants to disclose or provide access to personal social media accounts. In addition to The Employee/Applicant Protection...
Protecting Proprietary Systems
Businesses whose livelihood depends on proprietary technology must be vigilant in protecting that technology. Those who use others’ proprietary systems should strive to respect attendant use restrictions. Earlier this month, Office Future Systems Inc. (OFS) filed a...
Uses of Image Search Technology
Shazura, a Spanish-based company, has developed technology that converts images, including videos and photos, into numbers to retrieve matches through its ever-increasing database. One of the potential applications of this technology is to fuel a search engine for...
Implications of “Always On” Technology
What do Samsung’s SmartTV, the Xbox One and Google’s Chromium browser have in common? According to the Electronic Privacy Information Center (EPIC), each are among the increasing number of “always on” devices that may be recording conversations of individuals without...
FTC Settles Crowdfunding Deception Case
The Federal Trade Commission (FTC) recently filed a lawsuit against Erik Chevalier, who had initiated a crowdfunding campaign to raise money for the development of a board game. This was the first case in which the FTC has alleged false or deceptive advertising...
Removing Libel from Browser Search Results
Internet postings, whether truthful or defamatory, tend to take on a life of their own. A federal court in Pennsylvania recently gave a successful defamation plaintiff the right to ask Internet search engines to remove defamatory content. Shortly after purchasing the...
Mandating Enhanced Payment Security
Last fall, President Obama signed an Executive Order calling for federal agencies to begin implementing “chip and PIN” technology for government payment transactions. The implementation must be completed by April 2016. In the meantime, Virginia has become the first...
Employee Downloading Files Faces CFAA Claim
A recent federal court ruling illustrates the importance of establishing and enforcing policies relating to employees’ use of technology. Isthihar Hossain was a production manager at American Furukawa, Inc. (AFI), an advanced technology automotive supplier. AFI had...
Data Breach and Insurance
One strategy that businesses use to protect against data breach losses is to obtain insurance coverage. Sometimes litigation ensues over the nature and extent of coverage or even whether another party is ultimately responsible for the loss. Here are two recent...
3D Printing — User Freedom vs. Statutory Protection
3D printing offers the ability to transform digital files into three-dimensional objects. Whether 3D printer users will be able to freely choose the materials (or “feedstock”) to use with their printer is currently being debated before the U.S. Copyright Office. The...
Service of Process via Facebook
Ossian Law P.C. IT Law Alert April 1, 2015 Service of Process via Facebook: Since 2012, a number of federal trial courts have been asked to allow summons and complaints to be served on defendants through Facebook. Some, but not all, of these requests have been...
FCC Net Neutrality Rules May Impact Your Business
Ossian Law P.C. IT Law Alert March 16, 2015 FCC Net Neutrality Rules May Impact Your Business: This week, the Federal Communications Commission (FCC) issued its 400page Open Internet Order. The agency characterizes the Order as implementing “bright line rules to ban...
Using Social Media to Police Legal Rights
Ossian Law P.C. IT Law Alert March 2, 2015 Using Social Media to Police Legal Rights: In 2012, Domino’s Pizza shortened its name to Domino’s. Each of Domino’s almost 10,000 franchised stores must update its signage accordingly. Domino’s just launch a contest...
A “Process-Based Approach” to Data Security Laws
Ossian Law P.C. IT Law Alert February 17, 2015 A “Process-Based Approach” to Data Security Laws: In the wake of ever-larger data breaches in the private sector, the United States is still without a comprehensive federal data security law. Past legislative efforts to...
Is Your Organization Being Used as Phishing Bait?
Ossian Law P.C. IT Law Alert February 2, 2015 Is Your Organization Being Used As Phishing Bait? Phishing has been around since the inception of electronic mail, but scammers increasingly try to make the fraudulent messages appear more legitimate. According to...
Liability for “Confusingly Similar Domain
Ossian Law P.C. IT Law Alert January 21, 2015 Liability for “Confusingly Similar Domain”: A domain name that is “confusingly similar” to another’s registered trademark can be problematic both for the registrant and the owner of the mark. A recent example occurred with...
Small Businesses Sued Over Software Use
Ossian Law P.C. IT Law Alert January 6, 2015 Small Businesses Sued Over Software Use: What do a dry cleaning service, web design firm and gentlemen’s club have in common? All three small businesses obtained “live” spokesperson software for their web sites from...
Court Enforces Terms Linked in Email
Ossian Law P.C. IT Law Alert December 16, 2014 Court Enforces Terms Linked in Email: As more and more business is conducted via email, courts are increasingly finding that such communications may be binding contracts between parties. Recently, a federal judge in New...
Online Grocer Settles ADA Claim
Ossian Law P.C. IT Law Alert December 2, 2014 Online Grocer Settles ADA Claim: Peapod, LLC owns and operates a website (peapod.com) and mobile apps that allow users to buy groceries for home delivery in various states. The federal government initiated a compliance...
Employee’s Lawsuit Over Wiped Phone Dismissed
Ossian Law P.C. IT Law Alert November 18, 2014 Employee’s Lawsuit Over Wiped Phone Dismissed: Does a BYOD (bring your own device) employee have a claim against his former employer for “wiping” all data from his cellphone upon his separation from the company? Not...
Managing Vendor Cybersecurity Gaps
Ossian Law P.C. IT Law Alert November 4, 2014 Managing Vendor Cybersecurity Gaps: Every week, we hear of another major retailer or financial institution experiencing a data breach. Your organization may take reasonable and appropriate measures to secure data and...
Inducing Co-Worker to Access Data a CFAA Violation?
Ossian Law P.C. IT Law Alert October 15, 2014 Inducing Co-Worker to Access Data A CFAA Violation? The Computer Fraud and Abuse Act (CFAA) is a federal criminal law that prohibits unauthorized access to a computer. The CFAA also provides a civil remedy for a party...
LinkedIn Contacts as Trade Secrets?
Ossian Law P.C. IT Law Alert October 1, 2014 LinkedIn Contacts as Trade Secrets? About 100 million people use the business social media site LinkedIn. Could an employee’s LinkedIn contacts be considered the employer’s trade secrets? This question is pending in a...
Law to Prohibit Non-Disparagement Clauses
Ossian Law P.C. IT Law Alert September 16, 2014 Law To Prohibit Non-Disparagement Clauses: As the popularity of online review sites like Yelp and Trip Advisor continues to grow, businesses look for ways to manage negative consumer feedback. Some sellers have included...
Carmaker Can’t Stop Domain Registration
Ossian Law P.C. IT Law Alert September 2, 2014 Carmaker Can’t Stop <porsche.social> Domain Registration: German automaker Dr. Ing. h.c. F. Porsche AG (“Porsche”) has lost an attempt to stop Interactiv Corporation (“Interactiv”) of San Jose, California, from...
FTC Renews Push for “Privacy By Design”
Ossian Law P.C. IT Law Alert August 18, 2014 FTC Renews Push for “Privacy By Design” The Department of Commerce (DOC) is looking into whether additional federal legislation is needed regarding the collection of Big Data. The Federal Trade Commission (FTC) recently...
Scrapers Beware!
Ossian Law P.C. IT Law Alert August 4, 2014 Scrapers Beware! Scraping is the act of taking content from a web site and using it on another site, often with the help of automated software. Travel sites and social media platforms have been targets for scraping, which is...
The Foibles of Misdirected Email
Ossian Law P.C. IT Law Alert July 15, 2014 The Foibles of Misdirected Email: The potential for sending an email message to the wrong person is ever present. Functions like auto-loading of addresses and auto- correct, while convenient, can lead to misdirected messages....
Spam Text Message Suit Filed Against Twitter
Ossian Law P.C. IT Law Alert July 1, 2014 Spam Text Message Suit Filed Against Twitter: Sending text messages to consumers without proper consent can lead to claimed violations of the federal Telephone Consumer Protection Act (TCPA). The latest company to face a class...
Legal Risks of Mobile Apps: Rules, Standards and Gaps
Ossian Law P.C. IT Law Alert June 16, 2014 Legal Risks of Mobile Apps: Rules, Standards and Gaps Over a billion mobile applications were downloaded in 2013. People now spend more time on apps than on the Internet. While many apps are offered at little or no cost, the...
Balancing the “Right to be Forgotten” with Public Interest
Ossian Law P.C. IT Law Alert June 2, 2014 Balancing the “Right To Be Forgotten” with Public Interest: On May 13th, the Court of Justice of the European Union issued a decision that search engine Google must comply with a request by Mario Costeja Gonzalez, a Spanish...
Supreme Court Ruling Could Impact Cloud Services
CASE LAW The US Supreme Court’s ruling in the Aereo Inc case The US Supreme Court ruled on 25 June in the widely awaited case of American Broadcast Companies, Inc. v. Aereo, Inc that Aereo’s over- the-air internet TV service is in violation of the US Copyright Act....
NLRB Strikes Employee Online Disclaimer Policy
Ossian Law P.C. IT Law Alert May 5, 2014 NLRB Strikes Employee Online Disclaimer Policy: Most organizations have policies that require or prohibit specific actions by employees online. A recent NLRB administrative law judge (“ALJ”) decision striking down provisions of...
Court Strikes CFAA Claim as Untimely
Ossian Law P.C. IT Alert: April 16, 2014 Court Strikes CFAA Claim As Untimely: The federal Computer Fraud & Abuse Act (“CFAA”) prohibits fraud and other harmful acts committed by accessing a computer. The CFAA contains a two-year statute of limitations, beginning...
Legislating the Succession of Digital Assets
April 1, 2014 Ossian Law P.C. IT Law Alert Legislating the Succession of Digital Assets: A recent McAfee survey finds that the average person owns $35,000 in “digital assets” in social media and other online accounts. Bills were recently introduced in the Michigan...
Facebook Post Voids $80,000 Settlement
March 17, 2014 Ossian Law P.C. IT Law Alert Facebook Post Voids $80,000 Settlement: Settlement agreements often include a clause prohibiting the parties from disclosing the terms of settlement. This clause would be breached if a party convened a press conference to...
Reacting to Negative Online Reviews
March 3, 2014 Ossian Law P.C. IT Law Alert Reacting to Negative Online Reviews: Your organization may become the subject of negative comments on its social media page or a third party site. How should you react? A review of two recent contested incidents may be...
A New Twist on Cybersquatting
Ossian Law February 17, 2014 IT Law Update A New Twist on Cybersquatting: The Anti Cybersquatting Consumer Protection Act (“ACPA”) is now 15 years old. Most ACPA violations involve a party who registers a domain that is the same or similar to another’s trademark who...
Time for a Standard Data Security Law?
Ossian Law February 3, 2014 IT Law Update Time for a Standard Data Security Law? After the Target and Neiman Marcus data breaches, it’s not surprising that members of Congress are proposing new federal data security laws. Among them is the Data Security Act of 2014 (S...
Should Your Business Accept Bitcoin?
Ossian Law P.C. IT Law Alert January 16, 2014 Should Your Business Accept Bitcoin? Recently, a number of Metro Detroit businesses started accepting Bitcoin, a decentralized currency that is created solely through cryptography. Individuals and businesses using Bitcoin...
Flashlight App Doesn’t Illuminate Data Tracking
Ossian Law P.C. IT Law Alert January 2, 2014 Flashlight App Doesn’t Illuminate Data Tracking Mobile apps offer great benefit and convenience to users, but at what price? Even a free app may be used to track and sell the user’s personal data. Failing to properly...
Claiming Copyright Infringement to Suppress Online Speech
December 16, 2013 Ossian Law P.C. IT Law Alert Claiming Copyright Infringement to Suppress Online Speech The Digital Millenium Copyright Act (“DMCA”) allows copyright owners to request that infringing content be removed from a site. Recently, the DMCA takedown process...
Google Glass: Seeing Legal Risks
December 2, 2013 IT Law Alert Google Glass: Seeing Legal Risks Google Glass, the latest in wearable technology, should be commercially available in 2014. Resembling futuristic eyewear, the device has a tiny screen located over the user’s right eye that includes...
Are Your Online Terms Enforceable?
Ossian Law P.C. November 18, 2013 IT Law Alert Are Your Online Terms Enforceable? Businesses are increasingly incorporating online terms in contracts with customers, suppliers and others. Such terms are efficient and convenient for the contracting parties, but may not...
“Do Not Track” Law Impacts Sites and Mobile Apps
Ossian Law P.C. IT Law Alert November 4, 2013 “Do Not Track” Law Impact Sites and Mobile Apps: Data collected through websites and mobile apps is extremely valuable from a marketing perspective. Regulators and privacy advocates are concerned that much information is...
“Astroturfing” Leads to $350,000 in Fines
Ossian Law P.C. IT Law Alert October 15, 2013 “Astroturfing” Leads to $350,000 in Fines Do you or your organization rely on online reviews before making purchasing decisions? Are online reviews important to your business? If so, you should be aware of the practice of...
How Much Will A Data Breach Cost Your Company?
October 1, 2013 IT Law Alert How Much will a Data Breach Cost Your Company? Keeping sensitive data secure can be an overwhelming task. Even more daunting, however, is the cost and potential liability associated with a data breach. Natural Provisions, a small Vermont...
Accessing Competitive Software as a Trade Secret Violation
IT Law Alert September 17, 2013 Accessing Competitive Software As A Trade Secret Violation: State trade secret laws protect the source code, or hidden, portion of software. A new federal court decision suggests that trade secret protection may also extend to the...
The Social Media “Professional” Account and Workplace Privacy
IT Alert September 3, 2013 The Social Media “Professional” Account and Workplace Privacy: A dozen states, including Michigan, have enacted workplace privacy laws that generally ban employers from asking employees and job applicants for password and log-in information...
The Pros and Cons of Dotless Domains
IT Alerts The Pros and Cons of Dotless Domains: Would you like a domain name free of .com, .net , etc? If dotless domains were allowed, http://strategy could be an Internet destination. What are the associated benefits and the risks? The Internet Corporation for...
Civil Relief Under the Computer Fraud and Abuse Act
August 1, 2013 IT Law Update Civil Relief Under the Computer Fraud and Abuse Act The federal Computer Fraud and Abuse Act (CFAA) is a criminal law prohibiting unauthorized access to a protected computer to commit fraud or obtain something of value. The CFAA also...
Are Your an Innocent (or Willful) Infringer?
Ossian Law P.C. IT Law Update July 15, 2013 Are You an Innocent (or Willful) Infringer? Who creates the content of your organization’s web site, social media pages and mobile apps? Using others’ copyrighted images, text and other materials without permission can lead...
Protecting Data Collected on Mobile Devices
Ossian Law IT Alert: July 1, 2013 Protecting Data Collected on Mobile Devices The federal Communications Act requires traditional telecommunication providers to protect certain consumer information such as call logs, call duration and phone numbers. This type of data...
$9 Million Regulatory Fine For Failure To Keep Email
$9 Million Regulatory Fine For Failure To Keep Emails: Retaining and accessing email records is important for any organization. In the case of highly regulated industries, such as brokerage firms, failing to maintain the necessary technology to do so can result in...
Court Upholds Online Arbitration Clause
Many organizations use click-through agreements or other online terms with customers and business partners. Enforceability of online agreements is key. A federal court in Illinois has just addressed the validity of an arbitration clause in an online employment...
FTC Explores Regulating the Internet of Things
Ossian Law P.C. May 15, 2013 IT Alert: FTC Explores Regulating “Internet of Things” The Internet of Things or IoT refers to the growing number of everyday devices that are connected to the Internet. For example, consumers control home security systems, businesses...
Does the Americans With Disabilities Act Apply to Your Website?
Does the Americans With Disabilities Apply to Your Website? May 1, 2013 Title III of the Americans With Disabilities Act (“ADA”) prohibits discrimination on the basis of disability by businesses offering “public accommodations.” Traditionally, these are restaurants,...
Contact Ossian Law P.C.
Office
701 Woodward Heights, Suite 117
Ferndale, Michigan 48220
Call Us
(313) 575-7234
(248) 850-7632 (Fax)