TECHNOLOGY AND THE LAW

Stacy Robin, The Degania Group

Technology and the Law….or

How you can get into a lot of trouble

without even trying

How do you identify your risk?

What are key areas of growing legal concern?

How do you stay current?

Identifying Risk: Your Current StateWhat policies and procedures do you have in

place? In what areas might you be exposed? Did you write your own policies? Did you plagiarize someone else’s policy? Do you have an attorney?

Does that attorney have a specialty in technology?

When did you last have your company reviewed and your policies updated?

Are you comfortable with your current risk?

Employees and Technology

Computers

Employee surveillance

Data Monitoring Discovery Privacy

Social media

Employer Technology for Employee Use

Need definition Employment Contract Employee Handbook Signed Understanding

I don’t have employees. I have contractors! Do they use your technology? Are guidelines in your contract?

Does a company have the right to the data on an employee’s work computer?

Recent cases

2010: Steingart v. Loving Care Agency, Inc. (NJ)

2011: Holmes v. Petrovich Development Company, LLC (CA)

At issue: Use of company computers Monitoring/storing user data (emails) Company policy Client-Attorney privilege

What should you learn from these cases?

Using Technology to Monitor Employees

Why?

Are you violating privacy? Did you: Intrude upon seclusion Appropriate an employee’s likeness for

commercial purposes Publish of private employee matters Disclose medical records

Limit to visual images

Social Media

Assume posts are not private; can be used as evidence

Industry regulations Hiring practices: protected classes Potential conflict: “Views are strictly my own” NLRB: Employee protection

Complaints about working conditions; especially those that affect co-workers as well what an employee

Employees organizing (unions) Company protection

What an employee accesses at work What an employee is allowed to post about proprietary

company (or client) information CFAA: Is it criminal to access social media sites?

Data and E-Discovery

E-discovery refers to "electronically stored information” (ESI) Emails, electronic documents, social media, all online activity It does not matter how brief the storage period

Federal Rules: term was "intended to be read expansively to include all current and future electronic storage mediums” “Clouds” Social networking sites

How do you stay in compliance? Stay informed: general best practices, industry policies Update company retention policies as appropriate Use verified/audited vendors to back up data

Consider holding period, access, ownership of data, security1

1http://www.socialmedialawupdate.com/2011/01/articles/ediscovery/ediscovery-rules-applied-to-social-media-what-this-means-in-practical-terms-for-businesses/

E-Discovery: Making it complicated Federal vs. state laws

Many states have adopted a statute/rules governing e-discovery statute

Differing standards across states - document preservation, production of electronically stored information

Conflict: companies must dispose of certain records Data privacy laws

Failing to comply with e-discovery rules is a serious offense Study of 401 cases prior to 2010; more than half received

sanctions1

Sanctions included Case dismissals Adverse jury instructions Large monetary sanctions

1http://www.socialmedialawupdate.com/2011/01/articles/ediscovery/ediscovery-rules-applied-to-social-media-what-this-means-in-practical-terms-for-businesses/ and http://www.abajournal.com/files/DukeLaw.pdf

Online Sites

Privacy, Terms of Use “TOU”

Defamatory Content and False Statements

COPPA

Promotions and Sweepstakes

Content (Intellectual Property)

Common IP Violations

Don’t use “free” or subscription images (or other content) without checking terms of use

Do ensure you understand contracts Don’t copy or use third party marks on your

website without permission Don’t cut and paste third party content Don’t “deep link” to third party content Don’t frame third party content Don’t forward subscription-based content Don’t share software without proper license Do enforce your rights: give notice, monitor for

misuse

CAN-SPAM: What is it?

Protects consumers from unwanted solicitations All messages with promotion as a primary purpose

Not limited to unsolicited messages No exception for emails to recipients with whom sender

has a pre-existing relationship Additional application: Facebook, MySpace, Twitter

Act has a broad definition of an email address Facebook, Inc. v. MaxBounty, Inc.

Penalties (listed on FTC site) Each separate email in violation: up to $16,000 More than one person may be held responsible for

violations. Aggravated violations: additional fines, criminal penalties

– including imprisonment

CAN-SPAM: The Do and Don’t List Don’t use false/misleading headers Don’t use deceptive subject lines Do identify the message as an advertisement Do tell recipients where you are located (must be a

valid, physical postal address) Do clearly explain to recipients how to “opt out” Do honor “opt out” requests promptly (within 10

business days) Do monitor your vendors; you can’t contract away

your liability Do make recipients aware of sexually explicit

material Do not “preview” sexually explicit material

http://business.ftc.gov/documents/bus61-can-spam-act-compliance-guide-business

Stay Current: Changes Coming! Data Privacy

PII Third party vendors Employee theft (CFAA), negligence

Online advertising FTC revamping guidelines; comment period

closes July 11 Paid endorsements New apps and new ways to enforce the law

DOL Timekeeping app

Stacy Robin

stacyrobin@degania.net

@stacyrobin

www.deganigroup.com

1.877.334.2642

Creating and identifying opportunities for you to

save money, find money and make money