Covid-19 has not only damaged the health and physical well-being of those stricken by the potentially deadly coronavirus, but it has also ravaged the livelihoods and financial stability of many millions more people around the world. The virus spread across the U.S. with incredible speed as more than 100,000 people had already been infected by early March. In many ways the unexpected and quick arrival of the pandemic caught many households financially unprepared and ill-equipped to survive the economic shutdown unscathed. For those that have experienced rent hardship and have, or will soon, be subject to an eviction for non-payment of rent, they must recover not only from the short-term challenges of finding shelter and putting their lives back together, but also the long-term struggle of finding suitable housing with an often disqualifying and indelible mark on their rental history.
The criminal case against the NFL New England Patriots’ franchise owner, Robert Kraft, has taken an astounding turn of events as the Florida Court of Appeals handed down its ruling on Kraft’s privacy objections against law enforcement’s surveillance video evidence showing the billionaire soliciting prostitution at a local spa. Kraft filed a motion to suppress the evidence arguing that Florida law enforcement’s non-consensual and surreptitious recording of non-audio video surveillance of the premises of a private business, that is open to the public, runs afoul of Kraft’s, and others’, Fourth Amendment right to be free from unreasonable government searches. The ruling of the Appeals Court not only affirmed a similar lower court ruling by the Palm Beach County trial court, favoring Kraft, but it served up an interesting compliance lesson on the privacy protections required of law enforcement during their surreptitious video surveillance operations.
TikTok continues to rise in popularity, though their history of complaints and lawsuits paints a different picture. On February 27, 2019 the Federal Trade Commission (FTC) settled with TikTok for $5.7 million in response to a child privacy complaint. This settlement was the largest civil penalty obtained for a child privacy complaint, prompting TikTok to take corrective action by hiring compliance focused employees. Consumer groups now argue that TikTok has failed to make such changes and continues to “flout the law”. In response to national security concerns, President Trump signed an executive order on August 6, 2020 effectively banning the application in the U.S.
Yet another privacy and data security-related lawsuit has been filed against Zoom Video Communications, Inc. (“Zoom Inc.”). Zoom Inc. has been the subject of several complaints related to its video-conferencing service since its meteoric and spectacular rise in popularity due to the Coronavirus pandemic and related quarantine measures beginning in March 2020. In this particular case, there are compliance lessons to be learned from the unfair and deceptive practices claims alleged against Zoom Inc. in the plaintiff’s D.C. Superior Court filing.
This spring I had the pleasure of attending a conference entitled Digital Platforms: Innovation, Antitrust, Privacy & the Internet of Things hosted by the UIC John Marshall Law School Center for IP, Information & Privacy Law. Throughout the day, panelists spoke about various topics of intellectual property, including artificial intelligence antitrust issues, and more. But for me, the highlight of the afternoon was the session on privacy issues. Here is a bit of what I learned…
Within the last decade, data has surpassed oil as the world’s most valuable commodity. Earlier this year the Securities and Exchange Commission (SEC) released its observations made during audits that detailed the methods used by corporations to secure their data. This included the kinds of cybersecurity practices employed by companies as well as advice on how to better deal with sensitive data and protect against potential cyberattacks. The SEC’s observations coincide with a recent announcement from the National Security Agency (NSA) that showcases an increased concern surrounding cybersecurity in the corporate world.
Data privacy and more specifically, user privacy, has become the focus for many in the past year. Some may say that the European Union began this “trend” with the implementation of the General Data Protection Regulation (GDPR) with California soon following in their footsteps with the California Consumer Privacy Act (CCPA). However, seemingly more silently in New York, The Stop Hacks and Improve Electronic Data Security, or SHIELD Act has also been created in the interest of the protection of personal information. The SHIELD Act was enacted on July 25, 2019 as an amendment to the General Business Law and the State Technology Law to include breach notification requirements and stronger rules in place to enforce against businesses handling personal information. The SHIELD Act recently went into effect on March 21, 2020.
The California Attorney General’s office released an updated draft to the California Consumer Privacy Act (CCPA) on February 10th. This updated draft follows the four public hearings that were held in December of 2019 and over 1,700 pages of submitted comments. Comments are being heard as of the posting of this article, and if no new changes are made, a final rulemaking record will be submitted.
In 2008, the Illinois legislature introduced and passed the Biometric Information Privacy Act (BIPA), which became the first law of its kind in the US. BIPA was passed to protect individuals against the unlawful collection and storing of biometric information. While many states have enacted similar laws, BIPA remains the most stringent among its contemporaries.
The California Consumer Privacy Act (CCPA) has been the first step away from the sectoral approach that United States’ privacy laws have followed for many years. While it is set to take effect on January 1, 2020—only recently was the first draft guidance published. Set forth by California’s Attorney General, Xavier Becerra, it states how the CCPA will be enforced. As is standard in notice and rulemaking standard in administrative law, a public consultation period is now in effect and will remain open for comments and hearings until December 6, 2019.