Richmond Journal of Law and Technology

The first exclusively online law review.

Month: February 2015

Blog: Facebook Data Security – Is Your Private Data at Risk on Social Media?

privacy-policy-445153_640By: John Danyluk, Associate Notes & Comments Editor

It is uncertain exactly how much information Facebook has about its users.  The social media giant not only has all of the content uploaded by its 1.35 billion users, it has the information that could be obtained from the staggering 100 billion friendships among those users.  So just how secure is this massive amount of private data, and what would the legal consequences be if a breach occurred?

Facebook suffered one such breach in June 2013.[1]  Although the impact of this particular breach turned out to be relatively minor, it signaled a larger problem for protecting personal data on the internet.  The glitch that occurred in 2013 exposed email addresses and personal phone numbers for contacts even if that data was not visible on Facebook itself.[2]  Although Facebook corrected the problem within twenty-four hours, over six million users had their sensitive personal data exposed.[3]  For these six million individuals, their reasonable expectation of privacy was infringed upon when sensitive details that were not shared on their public profile were not protected.[4]

A data breach not only puts Facebook at significant risk of a public relations nightmare, but it also may result in regulatory investigations from the FTC and civil liability to its users for negligence.[5]  But Facebook would not be left without recourse, as it could institute civil actions under the Computer Fraud and Abuse Act and the Stored Communications Act (among other laws) against the perpetrators.[6]  Additionally, the federal government would likely step in to enforce the criminal provisions of these acts as well.[7]

How can companies like Facebook, who are trusted with sensitive data, prevent data exposure in the future?  In sum, these companies must have “strong security configuration management all the way from the servers through the applications and the user permissions assigned to the data.”[8]  Users of these websites can help themselves as well, by minimizing the number of companies and apps that have access to their personal data.[9]  By taking the time to understand privacy controls and removing apps that the user no longer uses, the threat of one’s privacy being invaded through a data breach can be curtailed.

 

[1] Tony Bradley, Facebook Breach Highlights Data Security’s “Weakest Link” Syndrome, PCWorld, available at http://www.pcworld.com/article/2043042/facebook-breach-highlights-data-securitys-weakest-link-syndrome.html.

[2] Id.

[3] Id.

[4] Id.

[5] Evan Brown, Six Interesting Technology Issues Raised in the Facebook IPO, Internetcases, available at http://blog.internetcases.com/2012/02/01/6-interesting-technology-law-issues-raised-in-the-facebook-ipo/.

[6] Id.

[7] Id.

[8] Id.

[9] Id.

The Internet of Things and Wearable Technology: Addressing Privacy and Security Concerns without Derailing Innovation

Blog: The New Four Walls of the Workplace

social-media-488886_640By: Micala MacRae, Associate Notes and Comments Editor

The Supreme Court has recognized workplace harassment as an actionable claim against an employer under Title VII of the Civil Rights Act of 1964.[1]  The rise in social media has created a new medium through which workplace harassment occurs.  Courts are just beginning to confront the issue of when social media harassment may be considered as part of the totality of the circumstances of a Title VII hostile work environment claim.  Traditionally, harassment has occurred through face-to-face verbal and physical acts in the workplace.  However, the changing nature of the workplace has continued to expand with the rise of new technology, which allows employees to stay connected to the work environment at different locations outside the physical boundaries of the office.  Harassment has moved beyond the physical walls of the workplace to the virtual workplace.  The broadening conception of the workplace and increasing use of social media in professional settings has expanded the potential employer liability under Title VII.

Social media has become a powerful communication tool that has fundamentally shifted the way people communicate.  Employers and employees increasingly utilize social media and social networking sites.[2]  While companies have turned to social media as a way to increase their business presence and reduce internal communication costs, there has been the consequence of increased social media harassment.  Although social media and social networking sites are not new forms of communication, their legal implications are just now coming into focus.[3]  Several cases have addressed hostile work environment claims stemming from other forms of electronic communication, there are few addressing claims based on social media communications.[4]

The New Jersey Supreme Court, in Blakey v. Continental Airlines, Inc., was one of the first courts to consider whether an employer is responsible for preventing employee harassment over social media.[5]  In Blakey, an airline employee filed a hostile work environment claim arising from allegedly defamatory statements published by co-workers on her employer’s electronic bulletin board.[6]  The electronic bulletin board was not maintained by the employer, but was accessible to all Continental pilots and crew members.[7]  Employees were also required to access the Forum to learn their flight schedules and assignments.[8]

The court analyzed the case under a traditional hostile work environment framework, concluding that the electronic bulletin board was no different from other social settings in which co-workers might interact.[9]  Although the electronic bulletin board was not part of the physical workplace, the employer had a duty to correct harassment occurring there if the employer obtained a sufficient benefit from the electronic forum as to make it part of the workplace.[10]  The court made clear that an employer does not have an affirmative duty to monitor the forum, but that liability may still attach if the company had direct or constructive knowledge of the content posted there.[11]  The court limited consideration of social media harassment to situations where the employer derived a benefit from the forum and it could therefore be considered part of the employee’s work environment.[12]

Workplace harassment is not longer limited to the traditional four walls of the workplace.  As technology and the boundaries of the workplace have changed, courts have struggled to modernize their framework for assessing hostile work environment claims under Title VII.  These problems will only become exacerbated as society continues to embrace social media throughout our daily lives and employers continue to integrate social media into their business practices.

 

[1] See Meritor Sav. Bank v. Vinson, 477 U.S. 57, 64-67 (1986) (finding that workplace harassment based on individual’s race, color, religion, sex, or national origin is actionable under Title VII of the Civil Rights Act).

[2] Jeremy Gelms, High-Tech Harassment: Employer Liability Under Title VII for Employee Social Media Misconduct, 87 Wash. L. Rev. 249 (2012).

[3] See, e.g., Kendall K. Hayden, The Proof Is in the Posting: How Social Media Is Changing the Law, 73 Tex. B.J. 188 (2010).

[4] Id.

[5] Jeremy Gelms, High-Tech Harassment: Employer Liability Under Title VII for Employee Social Media Misconduct, 87 Wash. L. Rev. 249 (2012).

[6] Blakey v. Continental Airlines, Inc., 751 A.2d 538 (N.J. 2000).

[7] Id. at 544.

[8] Id.

[9] Id. at 549.

[10] Blakey, 751 A.2d at 551.

[11] Id.

[12] Id.

Blog: The New Meaning of Back Seat Driving

2014-03-04_Geneva_Motor_Show_1186By: Peyton Stroud, Associate Notes and Comments Editor

Are we there yet?  The common adage of road trips has a whole new meaning with the advent of driverless cars.  Imagine a world where the front seat driver can face the backseat passengers, with the car driving itself down the highway.  As of this past January, this dream is becoming a reality.  Automotive giants such as BMW, Audi, and Mercedes-Benz unveiled prototypes of self-driving technologies in the recent 2015 Consumer Electronics Show (CES).[1]  These new vehicle models function autonomously while allowing its passengers to sit back and relax.  Industry experts expect these driverless vehicles to be on the road between 2017 and 2020.[2]

Many current models of cars are already featuring some self-driving technologies including automatic braking systems, adjustable cruise controls, and 360° cameras capable of stopping collisions while at low speeds.[3]  However, this year’s CESs brought more to the table than ever before.  During this year’s CES, Audi unveiled its self-driving car, nicknamed “Jack,” using its system known as the company’s Piloted Driving system.[4]  “Jack” drove an astounding 560 miles to the CES, more than any driverless car has driven before.  Its state of the art system incorporates a series of sensors and laser scanners allowing the car to drive itself in speeds of up to 70 mph.[5]  The Piloted Driving system is intended to be used for highway driving and does not work as well in urban environments, where drivers need to be at the wheel.[6]  Similarly, Mercedes-Benz introduced its driverless model called the Mercedes-Benz F105 Luxury in Motion.[7]  Its new features include a self-driving technology and a zero carbon emissions system, but most notably a new interior design.[8]  The new design allows for the vehicle’s front seats to swing around and face backwards while the vehicle drives its passengers on the highway.[9]

Other technology developers are joining forces with car manufactures to help advance this technology.[10] Nvidia, a large computer chip manufacturer, has introduced the Tegra X1 chip equipping vehicles with deep neural learning, which allows for recognition of pedestrians, cyclists, and other vehicles. More technological innovations on the horizon include systems setting a predetermined route, more adjustable cruise controls, and self-parking technologies.[11]

Legally, self-driving smart cars could pose some significant problems in both the regulatory and data privacy realm.[12]  In a regulatory sense, there are currently no transportation laws regarding self-driving cars.[13]  Furthermore, others remain weary of the “data collection” required by the cars. [14]  However, the most profound legal implication could be liability ridden – Who is responsible when something goes wrong?  More specifically, who is liable if a self-driving cars hits and kills someone?  Who is responsible for the parking ticket when the car did not recognize a no parking sign?[15]  Only four states and the District of Columbia have addressed laws regarding self-driving vehicles.[16]  Some of these states have passed laws allowing manufacturers solely for testing purposes.[17]  In an effort to predict the legal implications of these new cars, lawyers look to current liability laws for guidance.[18]  For example, in cases of parking tickets, the owners of the car will be liable.[19]  In cases of injury, product’s liability law will most likely govern cases of injury thereby allowing the victim to sue both the owner of the car and also the car’s manufacturer.  According to Professor John Villasenor, “product liability law, which holds manufacturers responsible for faulty products, tends to adapt well to new technologies.”[20]  Furthermore, Sebastian Thrun, inventor of driverless cars, opines that these driverless cars could help in reconstructing accidents and making assignment of blame more clear-cut.[21]  In his view, the trial lawyers are the ones in trouble.[22]

However, criminal penalties pose a more significant problem than civil penalties.[23]  Since criminal law centers around the intent of the perpetrator, it will be difficult to figure out how to adapt these laws to technology because robots cannot be charged with a crime.[24]  Further, “the fear of robots” and of a machine malfunctioning raise concerns for the American public.[25]  However, it seems as if Americans are willing to take the risk.  According to the Pew Research Center, nearly half of Americans would ride in a driver-less car.[26]  Time will tell if these self-driving cars will endure public scrutiny.

 

[1] See Steve Brachmann, Self-driving Cars and Other Automotive Technologies Take Center Stage at CES, IPWatchdog.com (Jan. 11, 2015), http://www.ipwatchdog.com/2015/01/11/self-driving-cars-center-stage-at-ces/id=53480/.

[2] Bill Howard, Self-driving Cars Are More Than A Promise, Extreme Tech (Jan. 12, 2015, 11:45 AM), http://www.extremetech.com/extreme/197262-its-2015-self-driving-cars-are-more-than-a-promise.

[3] Brachmann, supra note 1.

[4] Id.

[5] Brachmann, supra note 1.

[6] Id.

[7] Id.

[8] Id.

[9] Id.

[10] See Howard, supra note 3.

[11] See id.

[12] See id.

[13] See id.

[14] Id.

[15] See Claire Cann Miller, When Driverless Cars Break the Law, N.Y. Times (May 13, 2014), available at http://www.nytimes.com/2014/05/14/upshot/when-driverless-cars-break-the-law.html?_r=0&abt=0002&abg=0.

[16] See id.

[17] See id.

[18] See id.

[19] See id.

[20] Miller, supra note 11 (quoting John Villasensor, Products Liability and Driverless Cars: Issues and Guiding Principles for Legislation, Brookings (Apr. 2014), available at http://www.brookings.edu/~/media/research/files/papers/2014/04/products%20liability%20driverless%20cars%20villasenor/products_liability_and_driverless_cars.pdf).

[21] See Miller, supra note 11.

[22] See id.

[23] Id.

[24] See id.

[25] Miller, supra note 11.

[26] See id.

Merger and Acquisition Due Diligence: A Proposed Framework to Incorporate Data Privacy, Information Security, E-Discovery, and Information Governance into Due Diligence Practices

An Uneasy Balance: Personal Information and Crowdfunding Under the JOBS Act

Powered by WordPress & Theme by Anders Norén