STLR Link Round Up – March 27, 2015

Google’s First Privacy Loss

A UK Court of Appeal ruled that safari users will retain their right to sue Google over alleged misuse of privacy settings. Safari users argued that Google, bypassing individual Safari security settings, installed tracking cookies on their computer. Plaintiffs alleged that this allowed Google to gather individual data about the user to target them with advertising, which Safari, unlike other browsers, aims to prevent. The initial right to action was established in Vidal-Hall et al v. Google. The Court of Appeal confirmed that Vidal-Hall classifies the misuse of private information as a tort. In doing so, they rejected Google’s argument that the claimants had no cognizable claim as they had not suffered financial harm. As a result, claimants will remain able to recover damages under the Data Protection Act (DPA) even for non-material loss.

In 2012, Google avoided a similar law suit in the United States with a $22.5 million settlement with the Federal Trade Commission. During the settlement, Google denied liability arguing that its actions were unintentional as they resulted from a change in Safari’s settings, to which Google had not been aware of. Further in 2013, Google paid $17 million to 37 states in yet another settlement over the same issue. The fee was to be used for civil penalties as well as future and current investigation costs and litigation.

New Development in Cyber Threat Data-Sharing

On Thursday, the House Intelligence Committee unanimously approved a cyber threat data-sharing bill. In essence, the bill aims to provide liability protections to private sector companies in exchange for their cyber threat data. The overall goal, the committee argues, is to stop cyberattacks on major companies and government agencies (e.g., Sony and Blue Cross). The bill is similar to the Senate Intelligence Committee’s “Cyber Information Sharing Act” (CISA) that passed 14-1 just a few weeks ago. CISA was met with immediate scrutiny by advocates of privacy. Specifically, critics argue that the legislation does not provide enough safe guards on protecting personal data from the hands of the government.

As a result of the scrutiny, the House bill was amended to require that companies remove personal data about their customers prior to submission to a government agency. However, while the House bill has added another safeguard, it has removed the requirement that the “threat to bodily harm or death” be “imminent.” Thus, critics are still skeptical that either legislature will properly prioritize any privacy concern safeguards.

Patent Troll Strikes Again

Motorola became the latest victim of the arguably “patent trolling” company Intellectual Ventures (IV) on Wednesday after a jury found Motorola liable for infringing a multimedia text messaging patent. On the bright side for Motorola, the same jury relieved them on a second patent claim relating to wireless bandwidth. This was “take-two” for the companies, as the first trial, in February 2014, ended in a mistrial as the jurors could not agree on a verdict. The battle is set to continue with another trial involving a patent related to detachable computer devices.

Intellectual Ventures purchases and acquires patents to place in portfolios that it leases to different technology companies. Historically, however, IV has been accused for “patent trolling” a term used by technology companies to delineate firms who purchase patents with the aim of future lawsuits, as opposed to using acquired patents to develop technology. As a result of “patent trolling” the Supreme Court has made it easier courts to charge the loser of a suit for frivolous claims.

Can Bankrupt Companies Sell Your User Data

RadioShack’s bankruptcy is raising new legal questions on the selling of user data. 13 million e-mail addresses and 65 million customer names and physical addresses are currently listed among the assets RadioShack is auctioning off to pay its creditors. In the past, RadioShack has collected identification data from its consumers as well as their shopping habits. However, RadioShack’s privacy policy promised customers that their personally identifiable information will not be sold or rented to third parties. Thus, RadioShack will have a difficult battle getting the sale approved by the judge.

Texas Attorney General Ken Paxton, on behalf of a coalition of supporting states, has filed an objection to the sale of any personal information from RadioShack customers. In addition to arguing that consumers relied on RadioShack’s explicit promise, Paxton argues that the sale would also violate the Texas Deceptive Trade Practices Act. Another objection was filed by AT&T seeking to destroy the records, albeit for a different reason. AT&T argues that it owns some of the information as it worked with RadioShack to sell phones, thus giving RadioShack information of AT&T customers. As a result, AT&T fears the data will give information to a potential competitor.

 

Comments are closed.