Dec 102018
 December 10, 2018  Posted by  Business, Featured News, Laws, Non-U.S., Online, Surveillance

Tristan Greene reports:

Australia‘s government signed a bill into law last week giving law enforcement agencies the right to force technology companies to reveal users’ encrypted messages. Another way of putting it: Australia‘s tech scene will soon be located on the Wayback Machine.

The law was introduced as the Telecommunications and Other Legislation Amendment (Assistance and Access) Bill 2018, but now it’s official. And there’s a lot to be concerned about, even if you don’t live or work in Australia.

Read more on TheNextWeb.

Dec 092018
 December 9, 2018  Posted by  Govt, Non-U.S., Online

Xinhua reports:

China’s Ministry of Public Security said on Saturday it has closed 31 websites and 1,100 social media accounts suspected of engaging in trolling activities or posting messages for extortion since the start of this year.

The police also busted 28 cases involving unlawful activities of paid online trolls, or ghostwriters hired to post online content, and arrested 67 suspects after a series of operations, said the ministry, adding that it found more than 80 enterprises and organizations were blackmailed.

In a statement, the MPS accused the suspects of engaging in extortion, fraud, running illegal businesses, causing trouble, libel, and violation of personal information.

Read more on Shine.cn.

Dec 092018
 December 9, 2018  Posted by  Business, Court, Healthcare, Online

The good folks at EPIC.org write:

In a surprisingly brief opinion, the Ninth Circuit has upheld a decision to dismiss a privacy suit against Facebook concerning the collection of sensitive medical data. In Smith v. Facebook, users alleged that the company tracked their visits to healthcare websites, in violation of the websites’ explicit privacy policies. In a little less than five pages, the Ninth Circuit decided that Facebook was not bound by the promises made not to disclose users’ data to Facebook because Facebook has a provision, buried deep in its own policy, that allows Facebook to secretly collect such data. The court actually wrote that searches for medical information are not sensitive because the “data show only that Plaintiffs searched and viewed publicly available health information…” EPIC filed an amicus brief in the case, arguing that “consent is not an acid rinse that dissolves common sense.” In 2011 Facebook settled charges with the FTC that it routinely changed the privacy settings of users to obtain sensitive personal data. The consent order resulted from detailed complaints brought by EPIC and several other consumer organizations

I hate to say it, but I do understand the court’s reasoning, at least in part.  Just visiting a site about a health issue is not the same thing as going to a doctor’s office for a consultation on a disorder or diagnosis. But we also know that sometimes, these situations create significant problems when advertising relating to a sensitive issue then shows up on a shared browser. For example, if a teen browses for information on transgender issues, and then their parents later have ads pop up while they’re using the browser, the collection and use of data from public sites can cause privacy issues and concerns. 

So yes, the court’s siding with Facebook is very troubling because it’s ignoring what we have learned — that buried provisions in Facebook’s terms of service are generally not read by consumers who click through “I consent.” For the court to say that hey, it’s in there and consumers consented to have their data collected by Facebook, even though they are on a web site that promises NOT to share their data with Facebook, well…. the Ninth Circuit has set consumer privacy back.  As EPIC noted in their amicus brief (p. 6):

Users could point to explicit statements on the medical websites they visited which said their personal data would not be disclosed to others. Yet, Facebook pointed to language, buried deep in its privacy policy, which said that it nonetheless could collect the data, and the lower court sided with Facebook. In such a world, how can users possibly make sense of privacy statements

Although the plaintiffs didn’t prevail, do read EPIC’s amicus brief in this case as it provides a helpful discussion of the concerns.

Dec 082018
 December 8, 2018  Posted by  Court, Healthcare, U.S., Workplace

Matt Covington of Cranfill Sumner & Hartzog LLP writes:

What privacy rights is a Plaintiff afforded for the medical information related to a workers’ compensation claim?

Mastanduno v. Nat’l Freight Industries

The opinion arose from an interlocutory appeal by the plaintiff regarding his privacy interests in personal medical information in Industrial Commission records and decisions. The plaintiff was a truck driver who slipped and fell while moving a pallet while working for the employer. The claim was accepted, but several years later the defendants filed a request for hearing contending the plaintiff was no longer disabled. Prior to the evidentiary hearing the plaintiff moved that all information regarding the hearing be sealed so that it not be a part of the public record. Industrial Commission Opinion and Awards are publicly accessible online and contain histories of medical treatment related to injuries. The plaintiff wished to have his personal information sealed from the searchable database. The deputy commissioner and Full Commission denied the motion and the plaintiff appealed to the Court of Appeals.

Read more on JDSupra.