On Tuesday, April, 22, the California Assembly Judiciary Committee voted 10-0 to approve a so-called “Yelp bill” that would prohibit companies from suppressing negative consumer reviews through the use of “non-disparagement clauses” in contracts with consumers. Such clauses would be unlawful unless the consumer had knowing, voluntary, and intelligently waived his or her right to voice a negative opinion, and consumers would have the right to sue companies to collect civil penalties if the companies violate the law. The Bill Analysis, which also includes amended language of the Bill, states that the Bill aims to make it clear that non-disparagement provisions—by which customers may unknowingly or involuntarily waive Constitutionally-protected free-speech rights—are not appropriate and are unenforceable in contracts of adhesion and in online consumer transactions for goods and services.
We’ve all done it: typed or tapped out a message, posted it online, and immediately wished we hadn’t and that we could just erase it from the Internet forever. Now, if you are a California minor, you can. Sort of.
California Governor Jerry Brown recently signed into law S.B. 568, the first bill of its kind in the nation. S.B. 568 enacts two new statutes under the title “Privacy Rights for California Minors in the Digital World.” The first, Business and Professions Code section 22580, prohibits advertising certain products to minors online (see blog post here). The second, Business and Professions Code section 22581, requires businesses to provide an online “eraser button” for remorseful minors.
California Governor Jerry Brown recently signed into law S.B. 568, the first bill of its kind in the nation. S.B. 568 enacts two new statutes under the title “Privacy Rights for California Minors in the Digital World.” The first, Business and Professions Code section 22580, prohibits advertising certain products to minors online. The second, Business and Professions Code section 22581, requires businesses to provide an online “eraser button” for remorseful minors (see blog post here).
As part of a flurry of new privacy legislation, California Governor Jerry Brown signed two new data privacy bills into law on September 27, 2013: S.B. 46 amending California’s data security breach notification law and A.B. 370 regarding disclosure of “do not track” and other tracking practices in online privacy policies. Both laws will come into effect on January 1, 2014.
Many companies operating commercial websites and online services will likely need to update their privacy policies soon to comply with new requirements in California. After passing the Assembly and the Senate in a series of unanimous votes, A.B. 370 is now before the Governor for signature, which is expected soon.
Cyber security, data loss, hacking and schemes to steal personal information and assets electronically are all over the news daily. Companies are the primary targets of these actions since they accumulate information, store it and use it for their internal efforts, for their clients and in interacting with the world outside. In an effort to prevent problems before they arise, and to be in the best possible posture should their company become a victim of these damaging events, below is a list of questions that general counsel, senior management and corporate directors should be asking of themselves and their companies:
It appears that users won’t be seeing the blue AdChoices triangle icon on Twitter anytime soon. AdChoices and its blue triangle icon are the work of the Digital Advertising Alliance (a consortium of trade groups) to provide users with disclosure of and the ability to opt out of targeted behavioral advertising (e.g. ads based on websites visited). This industry self-regulatory option was intended to be a broad and unifying option to stave off governmental regulation.
Following up on the new Children’s Online Privacy Protection Act (COPPA) Rule that went into effect on July 1, 2013, the Federal Trade Commission has released an updated set of FAQs to provide additional clarity and information about the new Rule. Notably, the FAQs provide further guidance on COPPA’s “actual knowledge” standard as well as regarding the newly added and revised categories of personal information included in the new Rule.
Last week, the California state Senate passed S.B. 46, a bill to expand the triggering data under the existing data security breach notification law. Currently, breach notification in California is triggered by the unauthorized acquisition of an individual’s first name or initial and last name in combination with one or more of the following data elements, when either the name or the data elements are unencrypted: social security number; driver’s license or state identification number; account, credit card or debit card number in combination with any required security or access codes; medical information; or health information. S.B. 46 adds to the list of data elements, password, user name or security question and answer for an account other than a financial account. Like the existing list of personal information, this additional information must be in combination with the first name or initial and last name of the individual and one of the elements must be unencrypted in order to trigger the reporting requirement.
Eagle v. Morgan, 2013-11-4303 (E.D. Pa. 2013), represents one of the first trials on the issue of who owns social media accounts: the individual employee who first created the account or the employer whose business was promoted using the account? In Eagle a company’s founder sued her former employer for the alleged illegal use of her LinkedIn account. The U.S. District Court for the Eastern District of Pennsylvania held that an employer’s conduct, absent a company social media policy, resulted in the torts of unauthorized use of name, invasion of privacy by misappropriation and misappropriation of publicity. The court, however, held the employer not liable for conversion, tortious interference with contract, civil conspiracy and civil aiding and abetting. Lastly, the court rejected the employer’s counterclaims of misappropriation and unfair competition.