Privacy Monday - September 16, 2013
Dis-Like! Senator Markey Urges the FTC to Investigate Facebook’s New Policies
Written By Adam Veness
As we previously reported here, Facebook has proposed a number of revisions to its Data Use Policy and Statement of Rights and Responsibilities. In response to these proposed changes, Senator Edward J. Markey (D-MA) sent a letter to the Federal Trade Commission (“FTC”) Chairwoman Edith Ramirez asking her to take a closer look into whether these new proposed policies violate Facebook’s 2011 settlement with the FTC. That same day, the FTC announced that it was investigating Facebook’s new policies.
Facebook’s new policies make it clear that users are required to grant Facebook wide permission to use their personal information as a condition to using Facebook. Peter Kaplan, a spokesman for the FTC, stated, “Facebook never sought out a discussion with us beforehand about these proposed changes.” According to the New York Times, Facebook informed the FTC of the new language just before it was posted to its website.
Senator Markey’s letter to the FTC questions whether Facebook is attempting to improperly alter its privacy policy without user consent. He points out that the Facebook/FTC settlement requires that Facebook “clearly and prominently” provide consumers notice and obtain consumers’ “affirmative express consent”, or opt-in, before their information is shared beyond previously established privacy settings. Senator Markey is concerned that the new policy will automatically allow Facebook the right to use user information unless users expressly revoke permission, or opt-out, and this runs contrary to the settlement’s opt-in requirement.
The other main point in Senator Markey’s letter focuses on children under the age of 18. Facebook’s new policies state to users under the age of 18 that “you represent that at least one of your parents or legal guardians has also agreed to the terms of this section (and the use of your name, profile picture, content, and information) on your behalf.” Senator Markey is particularly concerned with this new policy and he points out that impressionable teens are still developing and learning safe online habits. He cautions that “the FTC should pay close attention to any change that could harm our nation’s young people.
The Countdown to the HIPAA Omnibus Rule -- Are you Ready For September 23rd?
With the September 23, 2013 compliance date for the HIPAA Omnibus Rule only one week away, the Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) have developed model Notices of Privacy Practices (“NPP”) to help health care providers and health plans ensure compliance with the HIPAA Privacy Rule and recent changes implemented under the Omnibus Rule. Mintz Levin's Health Law Policy Matters blog has a complete discussion here.
Breach of the Week - 2 Million Vodafone Germany Customers
Another case of insider data theft. “This criminal attack appears to have been executed by an individual working inside Vodafone,” the company said in a statement provided to SecurityWeek. “An individual has been identified by the police and their assets have been seized.”
Read more: SecurityWeek
"Small" is No Excuse - Vermont AG Settles Suit Against Grocer in Data Incident