In the first fine issued by a German data protection authority under the GDPR, on 21 November 2018 the authority of the German state of Baden-Württemberg (“LfDI”) imposed a fine of Euro 20,000 on a social media provider for a violation of its data security obligations under Art. 32 of the GDPR. The company’s very good cooperation with the LfDI was key to avoiding a higher level of fines.
On March 15, 2016, the Federal Trade Commission reached an agreement with Lord & Taylor to settle charges that the luxury department store brand engaged in allegedly deceptive native advertising practices by failing to disclose and accurately represent its relationship to online magazines and fashion “influencers” who promoted the brand. This latest enforcement action follows the FTC’s release of a policy statement on native advertising practices and a companion set of guidelines for businesses. The action provides a cautionary tale with practical lessons about the importance of transparency in marketing strategies that mimic the look and feel of surrounding content.
The Federal Financial Institutions Examination Council (FFIEC) has released final supervisory guidance on the use of social media by financial institutions. We last reported on the guidance when it was published in draft form in January 2013. The final guidance is substantially similar to the proposal (and we encourage you to read our prior post for more details on the elements of the guidance), but the FFIEC made certain revisions in light of the 81 public comments it received on the proposal.
The UK Information Commissioner’s Office recently published new guidance on the application of data protection laws to social networking and online forums that clarifies that organizations operating social networking sites or online forums may have responsibilities as data controllers under the UK Data Protection Act, including the responsibility to take reasonable steps to check the accuracy of any personal data posted on its site by third parties.
Today the FTC released Mobile Privacy Disclosures: Building Trust Through Transparency, a report containing recommendations for the mobile industry. The report encourages mobile app platforms to play a significant role in providing consumers with privacy-related information, devoting more pages to recommendations for platforms than it does for developers, ad networks, third-party service providers, and trade […]
The Federal Financial Institutions Examination Council (FFIEC) has released proposed guidance on the use of social media by financial institutions, including banks, credit unions, and non-bank entities supervised by the Consumer Financial Protection Bureau. The proposed “Social Media: Consumer Compliance Risk Management Guidance” (“Proposed Guidance”) defines “social media” broadly to including micro-blogging sites (like Google […]
Last week, Michigan enacted a social media privacy law that prohibits employers and educational institutions from requesting access to the personal social media or other internet-based accounts of employees or students. The new law, known as the Internet Privacy Protection Act, provides that employers or educational institutions (ranging from elementary schools through institutions of higher learning) may not […]
California has become the latest state to pass a law prohibiting employers from requesting access to employees’ and job applicants’ social media information or accounts.
On May 30 the National Labor Relations Board Acting General Counsel Lafe E. Solomon issued his third and latest report on social media cases, providing specific guidance on how to construct a lawful social media policy. In the report, Solomon takes a narrow view of what types of policy provisions are acceptable and instructs, for example, that certain confidentiality provisions, rules against “friending” co-workers, and blanket prohibitions of disparaging remarks are unlawful because they unduly restrict employees’ rights to discuss working conditions and terms and conditions of employment under the National Labor Relations Act.
Should Congress exercise control over the types of information people can share in social media and whether they can share certain categories of information automatically? In an opinion piece published in the San Francisco Chronicle, Hogan Lovells privacy leader Chris Wolf addresses the issue of whether Congress should pass a law restricting the manner in which individuals might choose to share information on the streaming videos they watch through social media. The piece is summarized here, along with a link to Chris’ related Senate testimony.
The Federal Trade Commission this afternoon announced a proposed consent decree with the prominent social network Facebook, settling allegations that Facebook violated Section 5 of the FTC Act by failing to live up to representations made to consumers regarding its privacy practices. Among other remedial measures, the FTC required Facebook to obtain independent privacy compliance audits for the next 20 years. Along with the FTC’s recent consent decrees with Google and Twitter, the FTC now effectively has regulatory oversight over the privacy and data security practices of the three most prominent social networking companies in the United States.
The Federal Trade Commission yesterday announced settlements with two online companies for deceptively collecting personal information from consumers, including its first enforcement action against the use of “Flash cookies” and an enforcement action against a social network that collected children’s information without parental consent. As a result, businesses whose websites (or vendors) utilize Flash cookies, HTML5, or ETags to track user browsing should reexamine their privacy disclosures.
The French CNIL found the French provider of universal telephone directory services “Pages Jaunes” guilty of violating several provisions of the French data protection law due to Pages Jaunes’ collection of personal data in social media sites.
A financial services industry group recently released guidance on managing the risks associated with using social media such as Facebook and Twitter. The guidance, titled “Social Media Risks and Mitigation,” was released this week by BITS, a division of the Financial Services Roundtable, which represents 100 of the largest financial services companies. The guidance includes tips on managing numerous concerns specific to financial institutions, which are increasingly using social media in their marketing and customer relationship activities.
The Hogan Lovells Chronicle of Data Protection — our blog — has gone social. This entry tells you about our Facebook page (where all of the content of the blog is available) and our Twitter account.
This blog entry provides a summary of the Hogan Lovells Chronicle of Data Protection’s recent coverage of legal developments regarding social media.
The National Labor Relations Board (NLRB) has social media in its sights. There has been a spate of activity at the NLRB on the social media front, including the issuance of two new complaints in the last three weeks alone, as reported in this blog entry.
Employees who claim a Facebook “zone of privacy” from their employers for complaints about working conditions got a boost recently from the National Labor Relations Board’s which filed a complaint over a termination based on an employee’s Facebook posting.
On June 24, the FTC announced a proposed consent order with social networking service provider Twitter, Inc. The Twitter investigation is consistent with the FTC’s longstanding interest in policing the data privacy and security practices of social networking services, dating back to the FTC’s first online privacy case against Geocities in 1998, It evidences a broader ccope of FTC information security enforcement.
You are invited to participate in an on-line Social Media Risk Innovation event, hosted by Chubb Insurance. The event is an online, interactive session in which pariticipants will collectively identify risks and potential mitigation strategies regarding the use and potential misuse of social media. Hogan & Hartson Privacy Lawyers will be on hand throughout the event to facilitate the discussion and contribute expertise regarding legal risks businesses face from sanctioned and unsanctioned corporate and employee use of social media.
The Hogan & Hartson privacy lawyers are counseling clients on the use of social media, as the legal risks are significant — especially if employees use the shield of anonymity to protect their privacy but make representations on behalf of their employers without disclosing their affiliation. The FTC and FDA recently have focused on social media. And on January 25, the Financial Industry Regulatory Authority (FINRA), an industry self-regulatory organization, issued Regulatory Notice 10-6, which gives guidance to member companies on the use of blogs and social networking sites to engage in company-sponsored communications with the public.
Details regarding the FTC’s recently released agenda for the first of three privacy round tables it will hold over the course of the next few months.
Many people remember the now-dated cartoon from the New Yorker magazine showing two dogs sitting in front of a computer, with one observing to the other “the best part about the Internet is that no one knows you are a dog”.