These articles originally appeared in our Privacy Law Corner blog between
April 4, 2013 and May 15, 2013.

Children’s Privacy

New Virginia Law Enables Parents to Take Over Social Media Accounts of Deceased Children

Virginia Governor Bob McDonnell recently signed into law H.B. 1752, which enables parents of deceased children to take over the social media accounts of their deceased children. The law applies to “blogging, email, multimedia, personal, social networking, and other online accounts or comparable items as technology develops” managed …

FTC Updates COPPA FAQs to Address New Rules

The FTC has updated its Frequently Asked Questions for complying with the Children’s Online Privacy Protection Act Rule (“COPPA”) as a follow up to recent revisions to the Rule. As we previously reported, changes to the COPPA Rule go into effect on July 1, 2013 …

New Jersey Law Protects Students Using School-Issued Electronic Devices

New Jersey Governor Chris Christie recently signed S. 2057 into law. The new law requires school districts and charter schools to notify students and their parents if school-issued laptops, cell phones, or other electronic devices contain cameras, GPS systems …

[top]

Communications Privacy

Voice Broadcaster Settles Robocall Charges with FTC

Sky Consulting, Inc., a California “voice broadcaster” that does business under the name CallFire, recently settled FTC charges that it violated the Telemarketing Sales Rule by making illegal “robocalls.”

FTC Files Mobile “Cramming” Case

The FTC recently filed its first court action against an alleged mobile “cramming” operation. In its complaint, the FTC alleges that Wise Media, LLC placed unauthorized charges on consumers mobile phone bills, a practice known as “cramming.”

No Privacy Right in Email Submission to Gossip Website

Recently, an arbitrator determined that Mario Lavandeira, operator of the gossip website PerezHilton.com, was not liable for breach of contract and other claims brought against him because he published an inflammatory email sent to him by a reader.

[top]

Consumer Privacy

Illinois Court Finds Contest Sponsor’s Unauthorized Use of Entrant’s Image Violated Illinois Right of Publicity Act

An Illinois Appellate Court recently reversed a lower court’s grant of summary judgment and awarded statutory damages, finding that McHenry County Living magazine used a mother and daughter’s images without their written permission and in violation of the Illinois Right of Publicity …

FTC Soliciting Comments on Cross-Platform Security and Privacy Concerns

The Federal Trade Commission announced on April 17, 2013 that it is seeking comments about the consumer privacy and security issues posed by the rapidly growing connectivity of consumer devices.

[top]

Health Care Privacy

Utah Has New Healthcare Privacy Law with Increased Disclosure Requirements

Utah recently passed a new healthcare law that requires healthcare providers who participate in the state Medicaid or Children’s Health Insurance Program to notify consumers that they have or may submit personally identifiable information to the state’s Medicaid or Children’s Health Insurance Program eligibility database.

[top]

International Privacy

Guidance Released on BCRs for Data Processors

The European Commission’s Article 29 Working Party recently made public an explanatory document on binding corporate rules (“BCRs”) for data processors. BCRs are one way that companies can more easily transport personally identifiable data outside of the EU. If a company outside of the EU has its own binding corporate rules (which rules have been approved by an EU data processing authority), then an entity in the EU can send personal information to that non-EU entity.

Colombia Data Protection Framework Takes Effect

Colombia’s data protection law of 2012 recently went into full effect, following a six-month phase-in period. The law covers consumer databases used for marketing or telemarketing purposes, those containing medical records, and those that contain information about minors.

[top]

Workplace Privacy

Federal Court Finds Plaintiff States Valid Claims Against Ex-Employer That Hacked LinkedIn Account, but Fails to Award Damages

The Eastern District of Pennsylvania recently ruled that an employee properly pled several state law causes of action against her previous employer, Edcomm, an employer she alleged hacked into her LinkedIn account.

New Virginia Law Protects Personal Identifying Information of Employees

Virginia Governor Bob McDonnell recently signed into law H.B. 1931, which makes it unlawful to require an employer to release to third parties certain personal identifying information about current or former employees.

New Arkansas Law Protects Employees’ Social Media Accounts

Arkansas Governor Mike Beebe recently signed H.B. 1901 into law, prohibiting employers from asking employees or job applicants for social media log-in information. Additionally, employers may not require that current or prospective employees add a supervisor to their social media contacts (i.e., “friending”), or require that privacy settings on social media accounts be changed.

NLRB Affirms Facebook Firings Violated Law, Rejecting Employer’s Conspiracy Argument

The National Labor Relations Board recently affirmed an administrative law judge’s findings that Design Technology Group, doing business as Bettie Page Clothing, illegally fired three workers who discussed workplace complaints on Facebook. The three employees were all salespeople who worked at the employer’s wholesale and retail clothing company.

UPMC’s Email, Messaging, and Social Media Policies Recently Found to Violate NLRA

An administrative law judge in Pittsburgh recently struck down an employer’s email, e-messaging, and social media employment policies as inappropriate under the National Labor Relations Act. The policies in question belonged to the University of Pittsburgh Medical Center …

New Mexico Limits Employer Access to Job Applicants’ Social Media Accounts

New Mexico recently became the latest state to prohibit employer access to social media accounts when Governor Susana Martinez signed S.B. 371 into law. The law prohibits employers from requesting a password or otherwise demanding access to a job applicant’s social media account.

[top]

Attorney Advertising Materials

These materials have been prepared by Winston & Strawn for informational purposes only, and are not intended as, nor should they be used as a substitute for, legal advice which turns on specific facts. Receipt of this information does not create an attorney-client relationship. Along with this client bulletin, a library of all the Winston & Strawn LLP Client Bulletins published to date can be accessed by visiting the Publications section of Winston & Strawn’s Web site (www.winston.com).

© 2013 Winston & Strawn LLP