Last year, the landscape of privacy law changed on several different fronts, and if companies aren’t aware of those changes, they could find themselves at severe risk.
First, in terms of workplace privacy, the Supreme Court ruled in City of Ontario v. Quon that the Ontario, California Police Department did not violate the Fourth Amendment rights of a SWAT team member by reviewing personal text messages he sent and received on a department-issued pager. Significantly, the court declined to rule on the broader issue of whether employees have a reasonable expectation of privacy when using employer-provided equipment for personal communications. The court did provide a bit of guidance for employers by noting that “employer policies concerning communications will of course shape the reasonable expectations of their employees, especially to the extent that such policies are clearly communicated.”
Also, the FTC had a significant up-tick in its focus on privacy issues, including a very significant settlement with the social networking site Twitter and release of a proposed framework that would provide considerable clarification and guidance on issues of consumer data privacy.
“The third notable thing that occurred with privacy law in 2010 was the increased presence of plaintiff lawyers in the fray,” says Kit Winter, a member with Dykema Gossett PLLC. “We’re seeing more and more businesses being sued for violating consumer privacy rights.”
Smart Business spoke with Winter about these changes to privacy law and what companies can do to ensure they’re covered.
What are the primary areas of privacy law that businesses should be most concerned with?
Protection of consumer data is another area of potential risk. There have been laws in effect at the state level for more than a decade that say businesses need to use reasonable measures to keep consumer electronic data private. In 2010 the FTC raised the bar on the understanding of ‘reasonable measures’ by bringing an action against Twitter alleging that it permitted users to select easily guessed passwords. Twitter settled the FTC action by, among other things, agreeing to permit the FTC to audit its privacy protection practices for the next 20 years. The FTC’s action against Twitter is a clear message that robust privacy measures are required to pass FTC muster.
Pages: 1 2