Tag:Privacy & Security
Robinhood Fined $65 Million for Misleading Customers
On December 17, 2020, the Securities and Exchange Commission (“SEC”) charged Robinhood Financial, LLC (“Robinhood”) with material misrepresentation and misleading its users about its revenue sources, specifically Robinhood’s receipt of payments from certain principal trading firms for routing its customer orders to them. The SEC charges against Robinhood also relate to certain statements about the execution quality Robinhood achieved for its customers’ orders and Robinhood’s failure to satisfy its duty of best execution. Robinhood agreed to pay $65 million to settle the charges.
How Federal Data Privacy Regulation Could Help Curb the COVID-19 Pandemic
It cannot be denied that the COVID-19 pandemic has led to many novel legal and regulatory issues. One topic of major concern both domestically and abroad is how to manage the massive amounts of consumer data being collected in the attempt to quell the spread of the virus. This issue is especially complicated to address in the United States, where a convoluted patchwork of state and federal laws interact to create a relentlessly fragmented data regulation system. Now, as state and local governments, along with tech giants like Apple and Google, continue to roll out contact tracing applications, the need for comprehensive data privacy regulation is more pressing than ever.
Understanding Circuit Splits Regarding Article III Standing in Data Breach Litigation
Complex litigation in data breach disputes is not surprising due to the reliance on information technology infrastructure. The Identity Theft Resource Center defines a data breach as “an incident in which an individual name plus a Social Security number, driver’s license number, medical record or financial record is potentially put at risk because of exposure.” However, the issue that challenges most plaintiffs’ in a data breach lawsuit is the ability to establish an injury-in-fact sufficient to support Article III standing. Injury-in-fact is harm that is concrete and particularized, and actual or imminent. Currently, the United States Court of Appeals fails to uniformly decide this issue, creating “splits” in the Circuits regarding Article III standing in data breach litigation. The Supreme Court ruled in fact-distinguishable cases concerning standing, but not in the data breach litigation context. Until the Supreme Court renders guidance, Americans face significant judicial patchwork in privacy protection.
Is Zoom Doomed?
There is no doubt that working from home has become a new normal for millions of employees worldwide, and for some, this may be the future of their employment. When the workforce made the shift to remote work and online meeting navigation, Zoom Video Communications, Inc. (“Zoom”) quickly became the frontrunning platform. Many companies flocked to Zoom because of its alleged higher levels of security and encryption capabilities. However, a recent lawsuit against Zoom, by nonprofit group Consumer Watchdog, reveals that Zoom may not actually be as safe for users as it once claimed to be. Other lawsuits allege privacy concerns including Zoom sending user data to Facebook. Most recently, the FTC filed a suit against Zoom on November 9th for allegations of unfair, deceptive, or abusive acts or practices (“UDAAP”) related to encryption, cloud storage, third-party safeguards, and failure to disclose information to users. Though various privacy concerns arise, the platform’s popularity continues to increase given its newfound necessity.
Hospitals Across the Country at Serious Risk for Coordinated Ransomware Attacks
The Federal Bureau of Investigation (“FBI”), the Department of Health and Human Services (“HHS”), and the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (“CISA”) recently announced that hackers have been and will continue to target the United States hospitals and health-care providers. These attacks are cyber in nature and often lead to ransomware attacks, data left, and inevitable disruption of health care services when patient information is locked until the ransom can be paid.
Covid-19 Tenant Eviction Long-Term Relief: Designing a more Effective Data Privacy Remedy in Tenant Screening
Covid-19 has not only damaged the health and physical well-being of those stricken by the potentially deadly coronavirus, but it has also ravaged the livelihoods and financial stability of many millions more people around the world. The virus spread across the U.S. with incredible speed as more than 100,000 people had already been infected by early March. In many ways the unexpected and quick arrival of the pandemic caught many households financially unprepared and ill-equipped to survive the economic shutdown unscathed. For those that have experienced rent hardship and have, or will soon, be subject to an eviction for non-payment of rent, they must recover not only from the short-term challenges of finding shelter and putting their lives back together, but also the long-term struggle of finding suitable housing with an often disqualifying and indelible mark on their rental history.
Changes in Healthcare Information Regulation: Information Blocking
On November 3, 2020 new rules from the Health and Human Services Department concerning information blocking in healthcare will come into effect. The rules are an implementation of the 21st Century Cures Act (“Act”) which is the latest in the government’s effort to lower costs and allow for greater patient access to electronic health information (“EHI”). The Act aims to prevent covered healthcare providers from restricting the flow of EHI in inappropriate ways. Violations of the new Act may result in considerable civil fines.
The Future of TikToK
TikTok, a widely popular app Chinese app where anyone can make a short 15 second video and become a TikTok star overnight, has been in the news a lot lately. Today, the future of TikTok being available in America is unknown due to President Trump’s executive order from August 6th, targeting both TikTok and another Chinese social media app, WeChat. Both of these apps are potentially being blocked due to the Trump administration’s national security bans. Not only will this ban effect TikTok’s millions of users, but it will also affect many American companies and individuals who advertise with the platform.
Privacy Lessons Learned from Litigation: Video Surveillance of the Robert Kraft Massage Parlor-Prostitution Sting Operation
The criminal case against the NFL New England Patriots’ franchise owner, Robert Kraft, has taken an astounding turn of events as the Florida Court of Appeals handed down its ruling on Kraft’s privacy objections against law enforcement’s surveillance video evidence showing the billionaire soliciting prostitution at a local spa. Kraft filed a motion to suppress the evidence arguing that Florida law enforcement’s non-consensual and surreptitious recording of non-audio video surveillance of the premises of a private business, that is open to the public, runs afoul of Kraft’s, and others’, Fourth Amendment right to be free from unreasonable government searches. The ruling of the Appeals Court not only affirmed a similar lower court ruling by the Palm Beach County trial court, favoring Kraft, but it served up an interesting compliance lesson on the privacy protections required of law enforcement during their surreptitious video surveillance operations.
How COPPA and FERPA affect Education in the Age of Remote Learning
As thousands of schools across the country comply with state and local social distancing orders due to the global pandemic COVID-19 for this 2020-21 school year, many schools are now faced with having to educate students from their homes in either hybrid or fully remote models. Millions of students are now utilizing online educational services to aid in remote learning. Although these education technology companies (“EdTech”) are now providing crucial remote learning opportunities for students, school districts must also keep students’ privacy rights in mind. Many of these EdTech services will collect and use personal information of students who use their services. This is where the Federal Trade Commission’s Children’s Online Privacy Protection Act (“COPPA”) pertains.