Privacy & New Media

EPIC

Nov. 5, 2020

California voters this week approved Proposition 24, the California Privacy Rights Act, with 56% of voters supporting the measure. EPIC previously published an analysis of Proposition 24, nothing that the measure “would make some important improvements to privacy protections for California residents, particularly through the establishment of a California Privacy Protection Agency.” In 2018, the State of California enacted the California Consumer Privacy Act of 2018 (“CCPA”), the first comprehensive consumer privacy law enacted in the United States. Proposition 24 significantly changes the CCPA. EPIC has also published a resource to help California residents exercise their rights under the CCPA.

The content in this post was found at:
<https://epic.org/2020/11/california-voters-pass-califor.html>

Clicking the title or link will take you to the source of the post and was not authored by the moderators of privacynnewmedia.com.

EPIC

Nov. 9, 2020

 

The FTC has reached a settlement with Zoom requiring the company to address data security but fails to address user privacy. Writing in dissent, Commissioner Slaughter said, “When companies offer services with serious security and privacy implications for their users, the Commission must make sure that its orders address not only security but also privacy.” Commissioner Chopra, also dissenting, wrote “The FTC’s status quo approach to privacy, security, and other data protection law violations is ineffective.” In July 2019, EPIC sent a detailed complaint to the FTC citing the flaws with Zoom and warning that the company had “exposed users to the risk of remote surveillance, unwanted video calls, and denial-of-service attack.” In April 2020, EPIC wrote to Chairman Simons urging the FTC to open an investigation. EPIC has long advocated for the creation of a U.S. data protection agency.

EPIC

Nov. 10, 2020

EPIC and a coalition of privacy, civil rights, and consumer organizations have released a policy framework for the Biden Administration to protect privacy and digital rights for all Americans. “Without laws that limit how companies can collect, use, and share personal data, we end up with an information and power asymmetry that harms consumers and society at large,” the groups said. “Individual, group and societal interests are diminished, and our privacy and other basic rights and freedoms are at risk.” The ten recommendations include: 1) recognizing privacy and surveillance as racial justice issues; 2) establishing algorithmic governance and accountability to advance fair and just data practices; 3) encourage enactment of a baseline comprehensive federal privacy law; 4) the establishment of a U.S. Data Protection Agency; and 5) bringing consumer, privacy, and civil rights experts into key government positions.

The content in this post was found at:
<https://epic.org/2020/11/epic-coalition-release-data-pr.html>

Clicking the title or link will take you to the source of the post and was not authored by the moderators of privacynnewmedia.com.

EPIC

Sept. 29, 2020

Individuals alleging that a landlord discriminated against them by using a tenant-screening algorithm will face a higher burden of proof under a new rule that went into effect last Thursday. The rule creates a defense to a discrimination claim under the Fair Housing Act where the “predictive analysis” tools used were not “overly restrictive on a protected class” or where they “accurately assessed risk.” Last October, EPIC and several others warned the federal housing agency that providing such a safe-harbor for the use of algorithms in housing without imposing transparency, accountability, or data protection regulations would exacerbate harms to individuals subject to discrimination. The agency did modify its rule following comments from EPIC and others, removing a complete defense based on use of an “industry standard” algorithm or where the algorithm was not the “actual cause” of the disparate impact. But the final rule simply replaces the word “algorithm” with “predictive analysis” and includes vague “overly restrictive” and “accurate assessment” standards. The Alliance for Housing Justice called the rule “a vague, ambiguous exemption for predictive models that appears to confuse the concepts of disparate impact and intentional discrimination.”

The content in this post was found at:

<https://epic.org/2020/09/new-housing-regulation-limits-.html>

Clicking the title or link will take you to the source of the post and was not authored by the moderators of privacynnewmedia.com.

Oct. 1, 2020

 

TikTok, responding to a recent letter from EPIC, said that user privacy “will remain a priority for TikTok” if and when a deal with Oracle is finalized—but stopped short of agreeing to EPIC’s full demands. Last month, after Oracle reached a tentative agreement to serve as TikTok’s U.S. partner and “independently process TikTok’s U.S. data,” EPIC sent letters to both companies warning them of their legal obligation to protect the privacy of TikTok users. The deal would pair one of the largest brokers of personal data with a social network of 800 million users, posing grave privacy and legal risks. Although TikTok responded that it was “committed to helping ensure that any transfer and processing of personal data . . . complies with applicable law” and the company’s privacy policies, TikTok did not agree to other EPIC demands, including a commitment not to merge user data with Oracle products.

 

EPIC

EPIC
March 13, 2020

Last minute lobbying by big tech companies blocked passage of the Washington Privacy Act. The state privacy law have given consumers the right to access, correct and delete their personal data held by tech firms. EPIC and a broad coalition of privacy groups backed a comprehensive bill that would include, as privacy laws typically do, the right of consumers to bring legal action but that was opposed by industry groups. The Washington legislature did pass a modest bill limiting the government use of facial recognition technology. EPIC has long supported federal baseline legislation and the creation of a data protection agency. EPIC has also called for a moratorium on face surveillance. The EPIC State Policy Project monitors privacy bills nationwide.

The content in this post was found at:

<https://epic.org/2020/03/tech-companies-block-washingto.html>

Clicking the title or link will take you to the source of the post and was not authored by the moderators of privacynnewmedia.com.

Proskauer Lex Blog: Media and Technology Blog
Jeffrey Neuburger
March 8, 2020

In continuing its push to enforce its terms and policies against developers that engage in unauthorized collection or scraping of user data, Facebook brought suit last month against mobile marketing and data analytics firm OneAudience LLC. (Facebook, Inc. v. OneAudience LLC, No. 20-01461 (N.D. Cal. Complaint filed Feb. 27, 2020)). Facebook alleges that OneAudience harvested Facebook users’ profile data and device data in contravention of Facebook’s terms and developer policies. OneAudience purportedly gathered this data by paying app developers to bundle OneAudience’s software development kit (SDK) into their apps and then harvesting data for those users that logged into those apps via Facebook credentials.

Facebook users, including developers and page administrators, are required to assent to Facebook’s terms and various platform policies when a Facebook account is created. According to Facebook’s Complaint, . . .

In its Complaint, Facebook alleged that around September 2019, OneAudience offered to pay app developers to bundle its SDK into their apps. The SDK allegedly allowed OneAudience to collect data about users’ devices and their Facebook (and some other social media) accounts in instances where the user logged into the particular app using their Facebook credentials (e.g., the “Sign in with Facebook” option). The data included user names, email addresses, country, time zone, Facebook ID, and, in limited instances, gender, all of which were allegedly used by OneAudience for targeted marketing services. OneAudience also allegedly collected device data such as call logs, cell tower and other geolocation data, contacts, browser information, email, and information about installed apps.

More

The content in this post was found at:

<https://newmedialaw.proskauer.com/2020/03/08/facebook-brings-suit-against-mobile-marketing-firm-for-siphoning-user-data-without-authorization/>

Clicking the title or link will take you to the source of the post and was not authored by the moderators of privacynnewmedia.com.

Today the FCC announced proposed fines against T-Mobile, AT&T, Verizon, and Sprint for selling customers’ location information. FCC Chairman Ajit Pai said: “This FCC will not tolerate phone companies putting Americans’ privacy at risk.” The companies are given an an opportunity to respond to the FCC before the Commission makes a final decision.

[ed: some pundits note that the amounts, when divided amoung the 4 companies, amount to little more than a slap on the wrist. All 4 companies have appealed the proposed ruling/fine and as of Sept, 2020, have not paid fines that are yet to be finalized by the FCC]

The content in this post was found at:

<https://epic.org/2020/02/fcc-proposes-fines-for-wireles.html>

Clicking the title or link will take you to the source of the post and was not authored by the moderators of privacynnewmedia.com.

EPIC
January 30, 2020

This week Facebook agreed to pay $550 million to settle a lawsuit about the use of facial recognition technology. The New York Times called the settlement “A Big Victory for Privacy Groups.”

The content in this post was found at:

<https://epic.org/2020/01/a-big-victory-for-privacy-grou.html>

Clicking the title or link will take you to the source of the post and was not authored by the moderators of privacynnewmedia.com.