Microsoft Sued Over Data Sharing in Class Action

July 26th, 2020|Categories: Class Actions, Emerging Litigation & Risk, HB Risk Notes, HB Tort Notes, News, Technology Law|Tags: , , , , |

Microsoft Sued Over Data Sharing in Class Action Consumers, including individuals and companies, filed a class action complaint  against Microsoft in U.S. District Court for the Northern District of California, claiming the company shared consumer data without consent to subcontractors and third parties, including Facebook, despite policies that stated otherwise.  The plaintiffs accused Microsoft of “misrepresenting its privacy and security practices, violating federal and state law, and illegally sharing and using its business-class Microsoft Office 365 and Microsoft Exchange customers’ data.”  Read more from Law Street Media: https://lawstreetmedia.com/tech/microsoft-sued-over-data-sharing-in-class-action/

Facial Recognition Update July 2020

July 17th, 2020|Categories: Class Actions, Emerging Litigation & Risk, News, Technology Law|Tags: , , , , |

Facial Recognition Technology -- Emerging After Decades of Development -- Draws Lawsuits and Proposed Bans  We sometimes forget that not all of the technical wizards who transformed our world were young “geniuses” jacked up on Starbucks, their shirttails hanging out in the ping-pong section of their open concept offices. Woody Bledsoe was born 99 years ago. As a young son of a sharecropper he demonstrated exceptional mathematical capabilities. Early in his career he had a dream: A machine that could think like a human, converse like one, and even recognize faces. This was as far back as the 1950s. This mathematician and computer scientist would go on to teach for decades at the University of Austin where he worked to advance automated reasoning and artificial intelligence. But what was his role in the development of the technology exactly? Did he perform work for a CIA front? And why, in his old age and suffering from the cruelty of ALS that would ultimately kill him in 1995, did he ask his son to set fire to a stack of old papers? Take a look at “The Secret History of Facial Recognition” written by Shaun Raviv for Wired Magazine, which explores why, among other things, “the record of [Blesdoe’s] role all but vanished.” If there isn’t a movie script in the works there probably will be soon.   Today facial recognition is used in such innocent and handy ways as pointing out [...]

The New York Privacy Act Would Allow Direct Action

June 5th, 2019|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: , , , , |

The New York Privacy Act,  introduced last month by state Sen. Kevin Thomas, advocates for consumer agency over their personal data and would give New Yorkers the right to sue companies directly for privacy violations. Thomas wants companies to put customer data protection ahead of their budgetary and business goals.   The bill summary reads: "Enacts the NY privacy act to require companies to disclose their methods of de-identifying personal information, to place special safeguards around data sharing and to allow consumers to obtain the names of all entities with whom their information is shared; creates a special account to fund a new office of privacy and data protection." "Fiduciaries, like an attorney or a doctor, hold onto your information. They don't share it, unless there is a need for the purpose for which they collected it,” Thomas said. “That's not what's going on here with these data companies and these data brokers. They're sharing it, and we're getting targeted.” Pushback from the tech industry has been swift. John Olsen, Director of the Internet Association, said, “The NY Privacy Act, in its current form, is unworkable for businesses that want to comply and fails to provide New York residents meaningful control over how their data is collected, used, and protected." Facebook also chimed in saying they would have to shut down Facebook [...]

National Geographic Disclosed Customer Info, Class Action Says — Top Class Actions Blog

April 14th, 2019|Categories: Class Actions, Corporate Compliance, HB Risk Notes|Tags: , , , , |

[one-half-first][/one-half-first] [one-half] "The National Geographic class action states that prior to and at the time that he subscribed to the magazine, the company did not notify him that it discloses the personal reading information of its customers. "Markham also claims that he wasn’t provided with any written notice that National Geographic makes a practice of renting, exchanging, or otherwise disclosing personal reading information to third parties, and provides no means of opting out. "However, the National Geographic information disclosure class action lawsuit says that since subscribing to National Geographic and between Mach 26, 2016 andJuly 30, 2016, National Geographic disclosed Markham’s personal reading information to data aggregators, data appenders, and/or data cooperatives." Read the complete post by Top Class Actions Editor Emily Sortor here. [/one-half]

Blockchain: Power to the People

August 28th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: , , , , |

Dan Solove, co-founder of the Privacy+Security Forum and professor at GW Law School, just posted an interview with Steve Shillingford, Founder and CEO of Anonyome Labs, a consumer privacy software company. Below is part of just one exchange in the interview.  SOLOVE: The Internet has made so many things possible that we couldn’t do in an analog world. Yet, in some ways, the online world seems to lack the capabilities of the offline world. In the offline world, it is much easier to have anonymous transactions. This becomes much more challenging online. How can the online world be made more like the offline world in this regard? SHILLINGFORD: Blockchain technology shifts the balance of power back to people—to individuals—and away from tech giants, governments and data miners. It allows you to transact on your terms, just as you do offline. And it’s not just limited to financial transactions. Put anything on the blockchain you want. The blockchain gives a person the ability to publish only the information THEY decide to divulge. Nothing more, nothing less. And no more hidden agendas, no selling personal data without your consent, no worries about privacy. Just like the analogue world, you decide the context, the content, and duration of the information you provide…not the big guys. It can really be that easy. Read the complete interview.  See the latest faculty and agenda updates for the Privacy+Security [...]

Francoise Gilbert on Colorado’s New Privacy Law: Are You Ready?

August 1st, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: , , , , |

Effective Sept. 1, 2018, Colorado will require all entities that process or store certain personal information of Colorado residents, regardless of whether the entity is located within or outside of Colorado, to have formal data security and data disposal programs. This is the result of the adoption of Bill 18-1128 “Concerning Strengthening Provisions for Consumer Data Privacy,”  signed into law at the end of May 2018, to amend and supplement existing law ....  Previously, the definition of “personal identifying information” under the Colorado law was limited to a resident’s first name or initial and last name in combination with the individual’s Social Security, driver’s license, or identification card number, or a credit or debit card or bank account number, combined with a password or access code. The new definition includes additional forms of identification, such as student, military, passport, and health insurance identification number, as well as other types of information, such as medical information or biometric data. It also includes username or e-email address in combination with a password or security question answers that would permit access to an online account .... Organizations that collect personal identifying information of Colorado residents and that do not yet have the written programs necessary to formalize their data protection practices urgently need to focus on compliance. -- Francoise Gilbert, Greenberg Traurig Francoise Gilbert, a partner [...]

California Enacts the ‘First Truly Sweeping Privacy Regime’ in Record Time

July 5th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: , , , , |

The California legislature -- apparently not wanting to be pegged as just another slow-moving governing body -- took the California Consumer Privacy Act of 2018 from proposal to passage to signing in one week. Critics weren't sitting on their hands either. "Businesses Blast California’s New Data-Privacy Law," read one headline in the Wall Street Journal. For consumers, Californians anyway, the good news is that they can refuse to allow companies to sell their personal data. But, the WSJ reported, business across the country say the law will cause "far-reaching damage to everything from retailers’ customer-loyalty programs to data gathering by Silicon Valley tech giants." Law firms are cranking out their advisories and analyses. Sullivan & Cromwell says the CCPA establishes a new privacy framework for covered businesses by: "Creating an expanded definition of personal information for purposes of the Act; "Creating new data privacy rights for California consumers, including rights to know, access, have deleted and opt out of the sale of their personal information; "Imposing special rules for the collection of consumer data from minors; and "Creating a new and potentially severe statutory damages framework for violations of the Act and for businesses that fail to implement reasonable security procedures and practices to prevent data breaches." The firm also offered a quick comparison between the CCPA and the GDPR.  "At a [...]

Go to Top