stacy robin - the degania group - technology and the law
DESCRIPTION
Stacy Robin - The Degania Group - Technology and the LawTRANSCRIPT
TECHNOLOGY AND THE LAW
Stacy Robin, The Degania Group
Technology and the Law….or
How you can get into a lot of trouble
without even trying
How do you identify your risk?
What are key areas of growing legal concern?
How do you stay current?
Identifying Risk: Your Current StateWhat policies and procedures do you have in
place? In what areas might you be exposed? Did you write your own policies? Did you plagiarize someone else’s policy? Do you have an attorney?
Does that attorney have a specialty in technology?
When did you last have your company reviewed and your policies updated?
Are you comfortable with your current risk?
Employees and Technology
Computers
Employee surveillance
Data Monitoring Discovery Privacy
Social media
Employer Technology for Employee Use
Need definition Employment Contract Employee Handbook Signed Understanding
I don’t have employees. I have contractors! Do they use your technology? Are guidelines in your contract?
Does a company have the right to the data on an employee’s work computer?
Recent cases
2010: Steingart v. Loving Care Agency, Inc. (NJ)
2011: Holmes v. Petrovich Development Company, LLC (CA)
At issue: Use of company computers Monitoring/storing user data (emails) Company policy Client-Attorney privilege
What should you learn from these cases?
Using Technology to Monitor Employees
Why?
Are you violating privacy? Did you: Intrude upon seclusion Appropriate an employee’s likeness for
commercial purposes Publish of private employee matters Disclose medical records
Limit to visual images
Social Media
Assume posts are not private; can be used as evidence
Industry regulations Hiring practices: protected classes Potential conflict: “Views are strictly my own” NLRB: Employee protection
Complaints about working conditions; especially those that affect co-workers as well what an employee
Employees organizing (unions) Company protection
What an employee accesses at work What an employee is allowed to post about proprietary
company (or client) information CFAA: Is it criminal to access social media sites?
Data and E-Discovery
E-discovery refers to "electronically stored information” (ESI) Emails, electronic documents, social media, all online activity It does not matter how brief the storage period
Federal Rules: term was "intended to be read expansively to include all current and future electronic storage mediums” “Clouds” Social networking sites
How do you stay in compliance? Stay informed: general best practices, industry policies Update company retention policies as appropriate Use verified/audited vendors to back up data
Consider holding period, access, ownership of data, security1
1http://www.socialmedialawupdate.com/2011/01/articles/ediscovery/ediscovery-rules-applied-to-social-media-what-this-means-in-practical-terms-for-businesses/
E-Discovery: Making it complicated Federal vs. state laws
Many states have adopted a statute/rules governing e-discovery statute
Differing standards across states - document preservation, production of electronically stored information
Conflict: companies must dispose of certain records Data privacy laws
Failing to comply with e-discovery rules is a serious offense Study of 401 cases prior to 2010; more than half received
sanctions1
Sanctions included Case dismissals Adverse jury instructions Large monetary sanctions
1http://www.socialmedialawupdate.com/2011/01/articles/ediscovery/ediscovery-rules-applied-to-social-media-what-this-means-in-practical-terms-for-businesses/ and http://www.abajournal.com/files/DukeLaw.pdf
Online Sites
Privacy, Terms of Use “TOU”
Defamatory Content and False Statements
COPPA
Promotions and Sweepstakes
Content (Intellectual Property)
Common IP Violations
Don’t use “free” or subscription images (or other content) without checking terms of use
Do ensure you understand contracts Don’t copy or use third party marks on your
website without permission Don’t cut and paste third party content Don’t “deep link” to third party content Don’t frame third party content Don’t forward subscription-based content Don’t share software without proper license Do enforce your rights: give notice, monitor for
misuse
CAN-SPAM: What is it?
Protects consumers from unwanted solicitations All messages with promotion as a primary purpose
Not limited to unsolicited messages No exception for emails to recipients with whom sender
has a pre-existing relationship Additional application: Facebook, MySpace, Twitter
Act has a broad definition of an email address Facebook, Inc. v. MaxBounty, Inc.
Penalties (listed on FTC site) Each separate email in violation: up to $16,000 More than one person may be held responsible for
violations. Aggravated violations: additional fines, criminal penalties
– including imprisonment
CAN-SPAM: The Do and Don’t List Don’t use false/misleading headers Don’t use deceptive subject lines Do identify the message as an advertisement Do tell recipients where you are located (must be a
valid, physical postal address) Do clearly explain to recipients how to “opt out” Do honor “opt out” requests promptly (within 10
business days) Do monitor your vendors; you can’t contract away
your liability Do make recipients aware of sexually explicit
material Do not “preview” sexually explicit material
http://business.ftc.gov/documents/bus61-can-spam-act-compliance-guide-business
Stay Current: Changes Coming! Data Privacy
PII Third party vendors Employee theft (CFAA), negligence
Online advertising FTC revamping guidelines; comment period
closes July 11 Paid endorsements New apps and new ways to enforce the law
DOL Timekeeping app
Stacy Robin
@stacyrobin
www.deganigroup.com
1.877.334.2642
Creating and identifying opportunities for you to
save money, find money and make money