Privacy & Security
TikTok, a widely popular app Chinese app where anyone can make a short 15 second video and become a TikTok star overnight, has been in the news a lot lately. Today, the future of TikTok being available in America is unknown due to President Trump’s executive order from August 6th, targeting both TikTok and another Chinese social media app, WeChat. Both of these apps are potentially being blocked due to the Trump administration’s national security bans. Not only will this ban effect TikTok’s millions of users, but it will also affect many American companies and individuals who advertise with the platform.
Richard Horton Associate Editor Loyola University Chicago School of Law, LLM 2021 The criminal case against the NFL New England Patriots’ franchise owner, Robert Kraft, has taken an astounding turn of events as the Florida Court of Appeals handed down its ruling on Kraft’s privacy objections against law enforcement’s surveillance video evidence showing the billionaire …
As thousands of schools across the country comply with state and local social distancing orders due to the global pandemic COVID-19 for this 2020-21 school year, many schools are now faced with having to educate students from their homes in either hybrid or fully remote models. Millions of students are now utilizing online educational services …
TikTok continues to rise in popularity, though their history of complaints and lawsuits paints a different picture. On February 27, 2019 the Federal Trade Commission (FTC) settled with TikTok for $5.7 million in response to a child privacy complaint. This settlement was the largest civil penalty obtained for a child privacy complaint, prompting TikTok to take corrective action by hiring compliance focused employees. Consumer groups now argue that TikTok has failed to make such changes and continues to “flout the law”. In response to national security concerns, President Trump signed an executive order on August 6, 2020 effectively banning the application in the U.S.
Yet another privacy and data security-related lawsuit has been filed against Zoom Video Communications, Inc. (“Zoom Inc.”). Zoom Inc. has been the subject of several complaints related to its video-conferencing service since its meteoric and spectacular rise in popularity due to the Coronavirus pandemic and related quarantine measures beginning in March 2020. In this particular case, there are compliance lessons to be learned from the unfair and deceptive practices claims alleged against Zoom Inc. in the plaintiff’s D.C. Superior Court filing.
Within the last decade, data has surpassed oil as the world’s most valuable commodity. Earlier this year the Securities and Exchange Commission (SEC) released its observations made during audits that detailed the methods used by corporations to secure their data. This included the kinds of cybersecurity practices employed by companies as well as advice on how to better deal with sensitive data and protect against potential cyberattacks. The SEC’s observations coincide with a recent announcement from the National Security Agency (NSA) that showcases an increased concern surrounding cybersecurity in the corporate world.
The Health Insurance Portability and Accountability Act – enacted in 1996 by the U.S. Congress and signed by then-President Bill Clinton – has long served to maintain the standards of electronic health records and patient privacy, among many other provisions. Violating HIPAA can result in both criminal prosecution as well as steep civil penalties. As the healthcare industry transitioned from the use of paper records to storing patient data on electronic health records over the last two decades, health organizations have learned to adapt to HIPAA compliance, with many increasing their compliance programs by hiring full-time compliance officers, designating an individual as the compliance manager, and/or appointing a compliance committee within the organization.
Data privacy and more specifically, user privacy, has become the focus for many in the past year. Some may say that the European Union began this “trend” with the implementation of the General Data Protection Regulation (GDPR) with California soon following in their footsteps with the California Consumer Privacy Act (CCPA). However, seemingly more silently in New York, The Stop Hacks and Improve Electronic Data Security, or SHIELD Act has also been created in the interest of the protection of personal information. The SHIELD Act was enacted on July 25, 2019 as an amendment to the General Business Law and the State Technology Law to include breach notification requirements and stronger rules in place to enforce against businesses handling personal information. The SHIELD Act recently went into effect on March 21, 2020.
On November 18th, 2019, Congress introduced the Stop Marketing and Revealing the Wearables and Trackers Consumer Health Data Act, known as the Smartwatch Data Act. The Smartwatch Data Act was introduced by Democratic Senator Jacky Rosen and Republican Senator Bill Cassidy, due to Google’s desire to acquire fitness tracker manufacturer Fitbit in 2020. Since notice of this acquisition, privacy advocates have raised concerns about how Google will use personal health data collected through Fitbit devices. Therefore, this legislation aims to ensure that health data collected through fitness trackers, smartwatches, and health apps, cannot be sold without consumer consent.
The California Attorney General’s office released an updated draft to the California Consumer Privacy Act (CCPA) on February 10th. This updated draft follows the four public hearings that were held in December of 2019 and over 1,700 pages of submitted comments. Comments are being heard as of the posting of this article, and if no new changes are made, a final rulemaking record will be submitted.