10th Newsletter -> 9 - 15 September 2016

$835,000 Fine for Tracking Children Online


The New York Attorney General's office investigated Viacom, Mattel, Hasbro, and JumpStart regarding their practices of online tracking of minors under the age of 13. The investigation concluded with the before mentioned companies agreeing to pay a total fine of $835,000. Tracking user activity for marketing and advertising purposes is a widespread phenomenon on the Internet, but the Children's Online Privacy Protection Act (COPPA) prohibits sites that are directed toward children to collect personal information (e.g. names and email addresses), on children are younger than 13 since 1998. From 2013 onwards, COPPA also prohibits collection of Internet Protocol addresses and the use of collecting cookies.

The investigation revealed that websites owned by Viacom (Nick Jr. and the Nickelodeon), Mattel (Barbie, Hot Wheels, American Girl and Matchbox brands related websites), Hasbro (websites of My Little Pony, Nerf and Transformers), and JumpStart (Neopets website) allowed third-party tracking from vendors and marketers. As a result these companies, with the exception of Hasbro, will pay a fine towards penalties and to implement reforms. Hasbro's COPPA violations were found to be less severe, and it will not pay any fines. 


Read more HERE


Read the full investigation report HERE

_______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________



A Worldwide Class-Action Privacy Lawsuit Against Facebook depends on the CJEU’s decision


Max Schrems, best known for his involvement in the invalidation of Safe Harbor agreement, continues his proceedings for a worldwide class-action privacy lawsuit against Facebook. Schrems first initiated his lawsuit in 2014, when he accused Facebook of breaking EU privacy law in multiple ways and supporting the NSA's Prism surveillance program. Following his lawsuit, 25,000 Facebook users from around the world (excluding the US and Canada) joined Schrems in a class action under Austrian law by assigning their rights to him.

Facebook argued that the class action is inadmissible for procedural reasons and that the Austrian courts have no jurisdiction in this case, since the company has its non-US headquarters in Ireland. The lower courts in Austria disagreed with Facebook’s view and now the Austrian supreme court has asked The Court of Justice of the European Union (CJEU) for a preliminary ruling on this case. The CJEU will either define the allowed scope of the lawsuit, or it will deny it completely. Schrems gave a statement saying he seeks from Facebook a token amount of €500 plus any unjust enrichment for every user involved in the lawsuit, as well as injunctions, so that Facebook would have to follow EU law.


Read more HERE

_______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________



Arizona Supreme Court: Mobile Phones are Intrinsically Private


This week the Arizona Supreme Court reached an unanimous decision that the police overstepped their jurisdiction when they searched a suspect’s mobile phone without a warrant despite the fact that the mobile phone was not password protected. Justice Ann Scott Timmer wrote that cell phones are inartistically private and the fact that no password protection is used does not present an invitation for anyone to snoop. Furthermore, she pointed out a landmark United States Supreme Court decision, Riley v. California, which prohibits the police to search the phone of someone who is arrested without a warrant.

This decision follows the ruling of the court of first instance on a case of a death of a woman, involving her neighbour as a suspect. During the  murder investigation a police officer found a smartphone in the bathroom which he assumed belonged to the suspect. The officer turned it on and opened it with a finger swipe to search her contacts, but instead he discovered a video of the suspect engaging in sexual activity with seemingly unresponsive and presumably dead victim. After this the suspect was detained and he confirmed that he had sex with the victim during the early morning hours and filmed it with his phone. The suspect was charged with necrophilia and two counts of sexual assault predominantly based on the video and his own responses to officers’ questions.


Read more HERE


Read the full Riley v. California decision HERE

_______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________



The U.S. Gets its First Chief Information Security Officer


Gregory Touhill, a former Air Force general and Department of Homeland Security official, has been appointed as the first Federal Chief Information Security Officer (CISO) in the U.S. He is tasked with cybersecurity across the federal government, planning and implementing policy changes to make the nation’s critical infrastructure and government agencies more secure. 

The CISO role was announced in February as part of President Barack Obama’s Cybersecurity National Action Plan. According to the White House Statement the CISO will “play a central role in helping to ensure the right set of policies, strategies, and practices are adopted across agencies and keeping the federal government at the leading edge of 21st century cybersecurity”.


Read more HERE


Read the White House statement HERE

_______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________