ABA v. NSA: An Unhelpful Exchange

Posted on March 26, 2014 03:31 by Brandi Blair

The Edward Snowden scandal brought to light evidence that the National Security Agency obtained information from foreign intelligence services, which included privileged attorney-client communications between U.S. law firms and their foreign clients.  

Concerned about this discovery, the American Bar Association (ABA) sought clarification from the NSA. In correspondence to the NSA, ABA president James Silkenat underscored the importance of the attorney-client privilege as the “bedrock legal principle of our free society.” In essence, privileged attorney-client communications facilitate the “full and frank discussion between lawyer and client that is essential for effective legal representation.”  As our interests continue to globalize, this full and frank discussion increasingly involves electronic and voice communication with foreign clients. Although many of us would welcome an excuse to increase our global travel, it is simply not feasible for US law firms to limit their communications with foreign clients to in-person interviews. 

Given the disturbing evidence that the NSA retained information obtained from privileged communications, Mr. Silkenat requested that the NSA fully explain its policies pertaining to the collection and use of such information. A full understanding of the NSA’s policies and procedures, regarding the collection, retention, and use of privileged communications, is necessary for law firms to meet their ethical obligations to safe guard the confidentiality of client communications.     

NSA Director, General Keith Alexander, responded that he appreciated “the opportunity to clarify [the NSA’s] current policies and practices.” Unfortunately, in the response that followed, the NSA fell short of the open dialogue contemplated by the ABA’s request. Instead, General Alexander’s response attempts to reassure the bar that the agency is “firmly committed to the bedrock legal principle of attorney-client privilege.” According to General Alexander, potentially privileged communications are examined on a “case-by-case basis to determine whether the information is in fact privileged and, if so, the appropriate steps to be taken.” This response does not offer guidance, or the specificity necessary for attorneys to take adequate precautions to safeguard their client confidences, or to rest assured that the information is being appropriately safeguarded by the intelligence agencies.

Until the time that the NSA provides a more substantive response, and in the wake of this exchange of correspondence, it remains unclear what reasonable steps attorneys can take to adequately safeguard their foreign client communications. It appears the options are to trust foreign and domestic intelligence agencies, or start banking more flight miles abroad.  Either option is potentially costly to law firms, and their foreign clients. 

Brandi Blair is an attorney at Jones, Skelton & Hochuli in Phoenix, Arizona. She concentrates her practice on § 1983 defense, professional liability, and wrongful death and personal injury defense. She is currently the Publications Chair for DRI's Lawyers' Professionalism and Ethics Committee.  The views expressed herein are her own.

Bookmark and Share


It is a deposition question that too often surprises lawyers and corporate-witness deponents.  Upon return from a water or lunch recess, the deposing lawyer asks the witness: “So, tell me what you and your company’s lawyer discussed during the break?”  Can the deposing lawyer ask that?  Does the defending lawyer have an attorney-client privilege objection?

In-House and outside counsel focus their deposition preparation on reviewing the notice-of-deposition topics, selecting the most appropriate corporate employee for the deposition task, and preparing that witness with the boilerplate deposition ”dos and don’ts.”  And while many lawyers defending depositions see every break as an opportunity to consult with the witness, they neglect to consider whether these in-deposition consultations are privileged and, importantly, to prepare the witness how to answer an out-of-the break question about those consultations.

Unfortunately, there is no uniform rule on whether lawyers may have privileged conversations with witnesses during deposition breaks.  Some jurisdictions prohibit all during-the-break consultations except when necessary to assert an evidentiary privilege.  Other jurisdictions reject this draconian rule for the more practical approach of permitting break-time discussions except when a question is pending.  In my recent article, Protecting Attorney-Corporate Witness Consultations During Deposition Breaks, published by Inside Counsel, I explore the various rules on this issue and provide practical tips for preparing lawyers and witnesses for this inevitable happening.

You may access the article at this link.  How does your jurisdiction–state or federal–handle this situation?  Place your comments in this post–perhaps we can gather the local rules, judicial rulings, and local practices so that others may find answers in a single forum.

As originally published at presnellonprivileges.com 
Bookmark and Share


New Technology = New Concerns For Hotels

Posted on December 5, 2012 04:20 by Philip M. Gulisano

Recently Forbes.com published an article exposing a security flaw in common keycard hotel room locks that permitted hackers with a digital device to effortlessly trigger the opening of the locking mechanisms. This, of course, would allow the hacker to have access to the personal belongings inside the room or, worse yet, unwanted access to the guests themselves.  The “security vulnerability” was said to be present in keycard locks built by a particular lock company and specifically in a model of lock that appears in at least four million hotel rooms worldwide. There are believed to be a number of “patches” to fix the issue, which vary in cost.

While the lock manufacturer in such an instance may certainly be responsible if its locks do not perform as intended, generally, a property owner or lessor, such as a hotel, has a duty to keep its guests safe from known or reasonably anticipated dangers. This begs the question of what is a hotel’s duty or obligation to its guests when it knows, or should know, that the locks present on the hotel room doors, which guests would reasonably anticipate are capable of keeping people out, are highly vulnerable to hackers.
To start, any hotel that has direct knowledge that its room door locking mechanisms, whichever they are, do not perform as intended and as relied upon by its guests, would be wise to immediately remedy the problem to ensure the safety and comfort of the guests.  One could easily imagine the horrific publicity and liability if it was discovered that guests were losing property, being assaulted or otherwise attacked in the confines of their presumptively safe hotel room if the hotel knew that the locks were easily by-passed. 
Often times, with new technology comes uncertainty with how it will perform and whether there will be “bugs” in the system.  However, almost by definition technology has faults that its possessors must investigate, anticipate and seek to minimize.  It would be wise for any hotel to understand what issues and/or risks exist with the technology it uses and develop a plan to minimize those risks and ensure its guests have a safe stay and come back again.

Bookmark and Share

Categories: Hospitality Law | Privacy | Retail | Technology

Actions: E-mail | Comments


Rent to Own Computers and the FTC

Posted on October 12, 2012 02:19 by Chad Godwin

Wired Magazine recently reported that seven rent-to-own companies and a software manufacturer are settling charges with the Federal Trade Commission.  The charges claimed that computers rented from the rent-to-own companies used pre-installed spyware to obtain a host of data from the users.  The settlement only requires the companies to stop using the spyware, known as “Detective Mode,” which has been installed on as many as 420,000 rental computers.  In addition to secretly turning on a computer’s webcam, the software was capable of logging keystrokes, and  taking screen shots of a user’s activity.  The software then transmitted the secretly gathered information to the manufacturer, DesignerWare, who forwarded the material on to the rent-to-own company, all without the user’s knowledge.  The settlement still allows the rent-to-own companies to employ the software so long as they notify the renters.  Further, the FTC lacks criminal jurisdiction, so the companies have yet to face any criminal charges.  However, the FTC acknowledged that criminal activity appears to have occurred in a nod to the potential for ongoing investigations. 

The computers at issue collected everything from addresses, photos and video of often compromising situations, to phone numbers, email and social media passwords and financial logins, begging the question of what type and how much information a user should feel comfortable entering on a computer they don’t own.  In the case of someone renting a computer, it can be easy to see how a user operates under the impression that they have unfettered access to the machine for the term of the rental.  Nonetheless, there are measures that such parties can take in an effort to secure their privacy.  There are free firewall programs, such as Zone Alarm and Windows Firewall, that allow users to designate and monitor every program that accesses and/or attempts to access outbound internet connections.  Had the renters correctly configured and employed such a program, they would have known that a program, by whatever name, was attempting to send information from the subject computer.  In the event that renters were unable to install or configure (in the case of pre-installed Windows Firewall) such programs, it should serve as a red flag to carefully consider the manner in which to employ a rental or loaner computer. 



Bookmark and Share



Posted on September 27, 2012 02:22 by Philip M. Gulisano

Retailers providing consumers with electronics on a rent-to-own basis face many challenges in ensuring that they are paid for the electronics that they rent.  In particular, computers are small and easy to hide if a retailer seeks to repossess the computer from a non-paying customer.  The temptation to use software that allows the retailer to view where the computer is located and what the renter is doing with the computer is strong, however, the consequences of doing so can be high.  Obtaining information from the computer without the renter’s knowledge or consent not only erodes the renter’s trust and confidence in the retailer, but also opens the retailer up to possible civil and criminal liability.

The recent settlement of charges brought against several rent-to-own companies by the Federal Trade Commission highlights that using software that can log onto a computer, turn on the webcam to take photographs, take screen shots of the computer user’s activities on the computer, and log the keystrokes of the computer user, comes with a price.   According to one news report, civil penalties are not a part of the settlement because civil penalties cannot be imposed for a first violation of the Federal Trade Commission Act.  However, the companies are required to cease using their “spy tools” and, presumably in the future, advise renters of the use of tracking software.  

Further, aside from possible federal action and the costs associated with defending such actions, retailers need to consider possible civil and criminal liability under state laws.  While laws vary from state to state, several states recognize a tort for invasion of privacy, such as intrusion upon seclusion.  Capturing images of a person in a private setting, particularly while engaged in private acts, without the person’s knowledge or consent, may subject a retailer to a civil action.   Even in states that do not recognize a tort for invasion of privacy, under certain circumstances, a person who secretly videotapes an individual engaged in private actions may be liable for the tort of intentional infliction of emotional distress.  Remember that if you use a webcam to take pictures of the area surrounding the computer, you may be capturing images of individuals other than the renters.  Criminal liability is also arguably possible if the state has a statute prohibiting unlawful surveillance and, in some states, there is the possibility, in certain situations, of criminal liability for installing and using key stroke logging software to collect personal information.

If you decide that despite the risks, it is necessary to install and use tracking software, be sure to advise renters of the presence of the software, its uses, and your policy on its use.  The best practice would be to obtain an acknowledgement from the renter, in writing, that the renter was so advised.

Bookmark and Share


Ethics 20/20: The Impact of Technology

Posted on August 30, 2012 03:19 by J. Logan Murphy

Every day, we see the impact of technology on the practice of law. Blogs, social networking, electronically stored information, and other legal resources create enormous economies and unprecedented depth in our field. But with these advantages come unrecognized perils. The transparency and mobility of electronic information creates significant risks to clients, unless properly controlled. As part of the project to rein in technology in the practice of law, the American Bar Association launched an ambitious multi-year project called Ethics 20/20. One of the major goals of Ethics 20/20 was to modernize the rules of ethics and bring them into congruence with the state of technology.

At its most recent meeting, the ABA passed multiple resolutions amending the Model Rules of Professional Responsibility to reflect the evolution of technology in the practice of law. This article provides a brief overview of those amendments. Those who are more interested in the details of the amendments can click here to read the reports online.

Confidentiality When Using Computers
Resolution 105A makes changes to help lawyers understand how to protect client confidences when using new technology, including cloud computing, tablets, and smartphones. Though small, one of the most significant changes is included in Comment 6 to Rule 1.1 (Competence). The Rule now includes a requirement that “a lawyer should keep abreast of changes in the law and its practice, including the benefits and risks associated with relevant technology.” No longer can attorneys simply ignore developments in favor of staid methods of practice. To be competent, an attorney must work effectively with technology and keep alert to technological improvements and changes.

The amendment to Rule 1.6 (Confidentiality of Information) is probably the largest and most impactful rule change related to confidentiality. Now, Rule 1.6(c) requires attorneys to “make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to, information relating the representation of a client.” The comments make it clear that attorneys are required to utilize reasonable safeguards to protect confidential information. These changes are geared toward the protection of electronic data, especially given the innumerable bits of sensitive information flying around every day.

Using Technology for Marketing
Resolution 105B was designed to help lawyers understand how the principles of attorney advertising already incorporated into the Rules are affected by the growth of Internet-based marketing and social networking. This particular resolution accomplishes three main goals. First, changes to Rule 1.18 offer guidance on how to market online without inadvertently forming an attorney-client relationship. Recent cases have demonstrated confusion on behalf of the general public regarding whether an attorney-client relationship is formed when the potential client emails the attorney or fills out a communication form on the attorney’s website. The amendments to Comment 2 of Rule 1.18 address the concern by stating that a person becomes a prospective client by “consulting” with a lawyer. While the existence of a consultation depends on the circumstances, the Comment eliminates potential passive liability to prospective clients. A consultation “does not occur if a person provides information to a lawyer in response to advertising that merely describes the lawyer’s education, experience, areas of practice, and contact information, or provides legal information of general interest.” But, if the lawyer actively invites information about a possible representation, the lawyer is probably stuck with a prospective client.

Second, the Rules contain a prohibition against paying others for a “recommendation,” and this Resolution modifies that prohibition to account for online lead generation services through chances to Comment 5 of Rule 7.2. Lawyers may now pay others for generating client leads, as long as the Internet-based lead generator does not “recommend” the lawyer. The lawyer is also responsible for the representations of the lead generator, with Comment 5 placing the onus on attorneys to ensure that the lead generator is not making statements that are inconsistent with the rules.

Finally, amendments to Rule 7.3 assist attorneys in determining when communications on the Internet, particularly through social networking sites, may constitute a “solicitation.” Only a “target communication initiated by the lawyer” directed to a “specific person” that “offers to provide” legal services is a solicitation. Communications to the general public, including Internet banners, are not solicitations, so feel free to jump on that Facebook advertising spot.

Lawyers have been slow to adopt the economies of scale that outsourcing can provide, in part because of the perceived ethical dilemmas presented in outsourcing. Outsourcing can endanger confidential client information and presents a quandary over legal work being performed by attorneys not licensed in the United States. Resolution 105C encourages attorneys to ensure the efficiency, competence, and ethics of any outsourcing process. An entirely new comment is added to Rule 1.1, requiring the informed consent of the client to contract with any lawyer outside of the lawyer’s own firm. And, lest we forget, lawyers are always charged with supervising non-lawyers; that requirement does not abate simply because work is being outsourced to a foreign country. Comments 1 and 3 to Rule 5.3 incorporate this concept and apply the general rule to all non-lawyers outside of the lawyer’s own firm. The basic gist of the changes in Rule 105C is to encourage lawyers to keep a sharp eye on professionals hired from outside their own firm, and to work closely with clients in determining the proper scope of outside contracting and supervision. No surprise there—constant communication with the client is a harbinger of a durable and responsible attorney-client relationship.

Mobile Lawyers
A prevalent by-product of an informationally small, but geographically large, practice is the tendency of lawyers to move their practice. The world does indeed get smaller every year. No longer do lawyers move down the street; more and more, attorneys are moving their practice to different jurisdictions, and virtual law offices are sprouting in all states. The remaining resolutions that passed enable attorneys to establish a practice in another jurisdiction—subject to stringent information protection requirements—while pursuing admission in that jurisdiction. Resolutions 105D and 105E address the ABA Model Rule of Practice Pending Admission and the ABA Model Rule on Admission by Motion, respectively. With a few states signaling their intent to adopt a uniform bar exam, these model rules and their amendments continue the progress toward a more uniform practice of law. In case you have never encountered these model rules, or their state versions, their purpose is to allow experienced lawyers who have moved into a different jurisdiction to continue to practice while awaiting an expedited admission to the Bar. 

Bookmark and Share


As reported by InsideCounsel, the American Bar Association House of Delegates (“ABAHD”) recently approved an amended model rule stating that it is ethical for lawyers to disclose client information when trying to move from one firm to another.

Specifically, the rule states that it is ethical for an attorney in negotiations for a different job, as well as attorneys in merging firms, to disclose the identities of clients and the amount of business they generate because the information can help point out any conflicts of interest that might exist.  However, the model rule states that lawyers still should not reveal clients' financial information.

Although the model rule has been approved by the ABAHD, the rule is simply an advisory rule.  In addition, the rule provides little guidance for attorneys faced with the question of how much client information can be ethically revealed in states whose bar associations do not have rules covering this topic.  Thus, prior to revealing any information, lawyers should carefully consider and weigh this model rule against Model Rules of Professional Conduct 1.6 and 1.9.

Bookmark and Share


New Google Service - Creative or Creepy

Posted on July 30, 2012 01:57 by Chad Godwin

Google recently launched a new service called Google Now that is available to users of its most current mobile operating system, Android Jelly Bean.  Google Now automatically creates and presents a series of “cards” that try to organize your life by presenting information Google thinks you’ll need at a given moment.  The information presented via the cards is based on data Google collects based on how you use various Google services - such as Google searches and Gmail.  For example, a recent Tech Crunch article notes that the cards may present you with information relevant to your current location, such as nearby restaurants, weather, schedules for nearby mass transit or how long it will take you to drive home from your given location.  Similarly, the cards may present you with flight schedules and currency exchange rates if you’re in a foreign country.  The first time you click on the Google search box within Jelly Bean, Google pops up an introductory screen to provide more information about Google Now.  Users can then explore the topic further.  To use Now, users must explicitly opt in.

Once a user opts in, Google collects and aggregates even more information about you on a daily basis: accessing your email, your calendar, your contacts, your text messages, your location, your shopping habits, your payment history, as well as your choices in music, movies and books.  In other words, what Google Now does is simply take the new, unified privacy policy you had to opt into a short time ago and regurgitates that information to you in what it considers to be useful ways.  When Google first introduced its new privacy policy, at the beginning of this year, more than 30 U.S. state attorneys general protested.  Now, by opting in to this program, users are providing even more information to Google, including the GPS coordinates for their home.  Nonetheless, there has not been a great deal of attention placed on Google Now or its accompanying privacy implications. Although users may appreciate the convenience of the features that are transparent, they may not consider the significance of the information they are providing access to and what Google may elect to do with their data in the future.  A case can be made that Google essentially “forced” users into agreeing to its new privacy policy, as you could not continue to use Google services without doing so.  However, by actively “opting in” to the new Google Now program, it becomes more difficult to argue that you did not willingly provide Google with access to your data.  So for now, users need to be aware of what they are providing access to.


Bookmark and Share


The issue of whether CGL policies cover junk fax liabilities under the federal Telephone Consumer Protection Act (TCPA) has largely faded from view.  During the 2004-2010 period, insurers won several key victories in federal courts only to lose much of this ground through adverse state supreme court rulings on the key issue of whether a consumer's receipt of a fax constituted a covered "personal injury" as involving the publication of material that invaded a person's right of privacy.  At the same time, however, the widespread use of TCPA exclusions after 2007 and the growing awareness of most business concerning TCPA exposures substantially reduced the number of coverage disputes.

Although the junk fax wars are no longer on page 1 of the coverage news, a number of recent decisions make clear that the wars continue and, indeed, are being fought on several different fronts.  In particular, insurers have recently argued with success that the $500 statutory damages allowed under the Act are a type of penalty or punitive damages for which coverage is unavailable as a matter of public policy.

In Illinois, where the state supreme court ruled in Valley Forge Ins. Co. v. Swiderski Electronics, Inc., 860 N.E.2d 307 (Ill. 2006) that TCPA claims trigger "personal injury" coverage, the intermediate appellate court ruled last month that there is no duty to indemnify such claims because the $500 statutory penalty for sending unauthorized telefaxes is a form of punitive damages and thus uninsurable under Illinois law.  

In Standard Mut. Ins. Co. v. Lay, No. 4-11-0527 (Ill. App. April 20, 2012), the insurer agreed to defend TCPA claims under a reservation of rights.  The insured insisted on Peppers counsel, however, who negotiated a settlement with class action claim representative for the full amount demanded ($1,739,000) in consideration of an agreement to only pursue recovery from Standard Mutual's policy proceeds.  In affirming a lower court's ruling in favor of Standard Mutual, the Appellate Court noted that actual cost in loss of paper, toner and ink caused by receiving a fax is far less than $500, the purpose of this award must be one of deterrence and not compensation.  It ruled, therefore, that these damages were in the nature of a penalty that, as with punitive damages, is uninsurable as a matter of public policy in Illinois.

More recently, a divided panel of the Missouri Court of Appeals (Eastern District) took a slightly different approach in reaching the same result.  In Olsen v. Siddiqi, No. ED 97455 (Mo. App. May 9, 2012), a class of TCPA claims pursued a garnishment demand for $4.9 million against a telemarketer's liability insurer (American Family) that the plaintiffs had obtained by way of a consent judgment that could only be satisfied through the policy proceeds without risk to the insured.  Although a trial court found coverage, American Family appealed on the grounds that the claims were not for "property damage."

In reversing and finding no coverage, the Missouri appellate court ruled 2-1 that the claims were not "damages" on account of "property damage."  The court distinguished the Eighth Circuit's Missouri ruling in Universal Underwriters Ins. Co. v. Lou Fusz Automotive Network, 401 F.3d 876 (8th Cir. 2005), noting that the policy at issue in that case had expressly defined damages as including punitive damages (where insurable by law).  The Missouri Supreme Court has ruled that fines and penalties are not insurable "damages" unless the policy expressly provides to the contrary.  In this case, the majority declared that the option of recovering statutory damages under the TCPA had a penal purpose and that $500 damages are therefore not insurable.  (The court also rejected the insured's claim for "personal injury" coverage, noting that he had expressly given up this coverage by endorsement).  A minority opinion argued that the loss of toner and fax paper is clearly "property damage."  Justice Mooney also claimed that a $500 award is, in fact, remedial and that it only the provision for trebled damages in the event of intentional TCPA violations that has a penal purpose.

TCPA claims also remain a source of tension between state and federal courts.

In Illinois, state and federal courts have reached conflicting conclusions as to whether the "personal injury" requirement that a "person's right of privacy be invaded precludes CGL coverage for business interests that receive junk faxes.  In Maxum Ind. Co. v. Eclipse Mfg. Co., No. 06 C 4946 (N.D. Ill. June 13, 2011) Judge Lefkow ruled that businesses have no right of privacy and therefore cannot claim coverage, Swiderski notwithstanding.  By contrast, the First Division of the Appellate Court ruled a few months later in Pekin Ins. Co. v. Xdata Solutions, Inc., 958 N.E.2d 397 (Ill. App. Ct. 2011) that a corporation can be a "person" whether the issue is presented under Illinois or Indiana law.

In Massachusetts, where the Supreme Judicial Court followed the Swiderski court's lead in finding CGL coverage for TCPA claims presented under ISO forms in Terra Nova Ins. Co. v. Evan Fray-Witzer, 869 N.E.2d 565 (Mass. 2007), the First Circuit took a different view under different language in the St. Paul general liability policies which required that the insured "make known" material that invades privacy interests.  In Cynosure, Inc. v. St. Paul Fire & Marine Ins. Co., 645 F.3d 1 (1st Cir. 2011), the First the reference to "makes known" clearly requires that the privacy interest be invaded by the content of the communicated materials, not the means of communication consistent with the holdings of the U.S. Courts of Appeal for the Third and Fourth Circuits construing similar wordings.  Writing for the court, former U.S. Supreme Court Justice David Souter declared that "what logic and definition require, syntax confirms."

Finally, disputes persist with respect to the scope of TCPA exclusions that have been a mandatory endorsement to CGL forms since 2007.  This exclusion was upheld by a federal district in a recent Houston case.

A federal judge in Houston ruled in Rick's Cabaret International, Inc. v. Indemnity Ins. Co., No. H-11-3716 (S.D. Tex. January 24, 2012)(insurer was relieved of any duty to defend TCPA claims against its insured by reason of an exclusion in its policy for claims arising out of or relating to "actual or alleged violation of United States Federal Communications Commission rules, regulations, interpretations, policies, statutes, laws or codes").  Even so, insureds and garnishment claimants are succeeding to avoid these exclusions by claiming recovery on common law grounds.

Additionally, the ubiquity of TCPA exclusions in CGL policies is forcing claimants to broaden the scope of their coverage search, exploring claims under E&O or D&O policy that may lack such exclusions.  For instance, in Landmark American  Ins. Co. v. NIP Group, Inc., No. 1-10-1155 (Ill. App. December 5, 2011), the Illinois Appellate Court ruled that that an insurance agency's use of junk faxes to market its services potentially involve the rendering of or failure to render "professional services" so as to trigger its E&O policy.  The First Division noted that as the Landmark policy provided coverage for "advertising liability," the insurer could not argue that advertising could never involve a professional service.

Apart from these coverage issues, the key factor driving insurer exposures to TCPA claims is the risk of class certification.  It remains to be seen how much the U.S. Supreme Court's 2011 Walmart opinion and other opinions addressing Rule 26 certification will create larger roadblocks to class certification of these claims.  In the interim, the Georgia Supreme Court is now considering an appeal that present the novel issue of how such damages should be calculated.

In A Fast Sign v. American Home Services Co., a Georgia trial court determined that the insured had intentionally violated the TCPA by issuing 306,000 junk faxes.  Accordingly, the court awarded damages to the certified class totaling $459 million.  The Georgia Court of Appeals ruled on May 29, 2011 that TCPA liability hinged on a consumer's receipt of a fax and that it was therefore error to award damages based on the number of faxes issued.   The plaintiff's appeal was argued before the Georgia Supreme Court on May 21, 2012.

Bookmark and Share

Categories: Personal Injury | Privacy

Actions: E-mail | Comments


Three law firms based in Austin, Texas recently filed suit on behalf of 13 people claiming that almost 20 apps, including Facebook, Foursquare, Yelp and Twitter, violate policies put in place by distributers such as Apple’s App Store, Amazon’s App Store and Google Play.  The American Statesmen reports that the violations are a result of mobile apps “stealing” address book data, such as names, phone numbers, email addresses and even birthdays.  The lawsuit seeks to stop app developers from harvesting data without permission.  The complaint cites an industry publication that claims the information collected could be worth 60 cents to several dollars per contact. 

A New York Times article investigating contact mining recently noted that “the address book in smartphones — where some of the user’s most personal data is carried — is free for app developers to take at will, often without the phone owner’s knowledge.”  The app developers use the data in an effort to expand the number of people using their program.  Developers use email addresses to target potential new customers and to target advertisements.  Several companies, including Path, a social networking site, have issued apologies regarding “how [their] application used your phone contacts.” 

Attorney Richard Newman, an Internet law attorney and managing partner of the Hinch Newman firm, with offices in both California and New York, thinks that the lawsuits are starting to have an impact.  Mr. Newman stated “the mobile communications industry is finding that failing to properly inform consumers of what is happening to their information is increasingly grabbing the attention of regulatory authorities, including the Federal Trade Commission.”  Until a regulatory framework is hammered out to govern emerging data privacy issues, litigation may be one of the only things keeping pace with technology development.  

Bookmark and Share


Submit Blog

If you wish to submit a blog posting for DRI Today, send an email to today@dri.org with "Blog Post" in the subject line. Please include article title and any tags you would like to use for the post.

Search Blog

Recent Posts




Staff Login