Legal Bytes – A New Beginning

A long time ago in a galaxy far, far away……  oops, wrong beginning.

Welcome to the new Legal Bytes blog.  As many of you know, my Legal Bytes blog has been dormant after my recent transition to Rimon, P.C..  Getting set up, ensuring smooth transitions for clients, enhancing the look and feel of the blog has taken a longer than I hoped, but hopefully the bugs are out of the system and it’s now up to me to try my best to make the new Legal Bytes blog worth the wait.  For newcomers, buckle your seatbelts – this isn’t your ordinary legal blog!

What happened? Why does it matter? How does or could it affect you?  Inquiring minds always want to know and in the process of trying to answer those questions for you, I will always try to illuminate and perhaps also entertain you.   In the coming months I’ll entice you into regular readership, enlighten you with timely content, addict you with my trivia contests, entice you to keep in touch and most of all, try to help you better understand how developments in the law and regulation may affect you.

I intend to continue Light Bytes, with interesting quotes and sayings that pique my interest and hopefully yours.  Of course, there was never a question about my trivia contests. After all, who else but a lawyer could call it “Useless But Compelling Facts”?  We have once again made arrangements with the International Law Office (ILO) based in London. I am privileged to have been re-appointed as Editor and exclusive content coordinator for their U.S. Media, Marketing, Sports & Entertainment Newsletter.  Although there will be content you will see exclusively in the ILO newsletter, you may also see many of our Legal Bytes articles re-purposed and ‘internationalized’ in collaboration with much appreciated work of the ILO editorial staff.  I am again excited to be working with such a valued organization and truly great people – shout out to Carolyn Boyle, my Editorial contact.

Want to know what’s on my radar for the year ahead – I won’t spoil all the surprises, drone on about drones, nor will I keep my head in the clouds or the crowds.  I am fascinated by the legal implications of the Internet with Things (yes, I replaced ‘Of’ with “With”).  I’m also concerned about cybersecurity and data protection.   I am intrigued by the growing robustness of augmented reality, which means I don’t have to walk around with those funny goggles or a digital scuba mask to experience the virtual world.  Mobile technology is transforming our world – making digital content, e-commerce and communication available to billions of people that had previously never seen a television, had a bank account or used a telephone.  I would be remiss not to mention social media – maturing and increasingly commercialized – further blurring the distinctions between information, entertainment and advertising; between me as an individual and an employee; between me at play and at work; and between my trademarks and my reputation; and between my insatiable desire to tell the world and my seemingly paradoxical concern over my privacy!

It is a brave new world – so much to know and so much to keep up with.

So stay tuned, and as always, thank you for reading.

The Paradox of Illumination

I first heard about the paradox of illumination from Lee Loevinger, an extraordinary gentleman I was privileged to know professionally.  Lee was a multi-faceted, multi-talented, thought-provoking lawyer whose sage advice and stimulating ideas continue to resonate with those honored to have known him, and everyone else wise enough to read his work and the words he left behind.

In a nutshell, the paradox of illumination is extraordinarily complex, but simple to describe.  Much like Albert Einstein who, when asked about his theory of relativity and the notion that time is not constant, described it in personal terms: if a man is at dinner for 10 minutes with a beautiful woman, it seems like a fleeting instant; but sit on a burning hot stove for 10 minutes and it seems like an eternity :).

The paradox of illumination can similarly be described on a personal level.  Sit in completely dark room.  Really.  Completely dark.  What can you see?  Nothing.  You know little about your surroundings and can only sense your own body – in fact, you don’t even know how far your surroundings extend beyond your immediate sensations.

Now light a match.  The circle of illumination allows you to see a little of what is around you – but the perimeter and beyond are still dark.  Now light a candle.  The circle of what you can see illuminated by the light is larger than before, but the size of the perimeter beyond which you cannot see is also a lot larger than before.  The larger the light, the larger the area of illumination, but larger by far is the perimeter beyond which we know nothing.

The more we can see and the more we know and understand about the world around us, the larger the amount becomes that we don’t know.  In other words, as the circle of our knowledge grows, so does the amount of knowledge we cannot see and don’t know.  The paradox of illumination is the paradox of knowledge.  Perhaps that is why Michelangelo, when he was more than 87 years old, still said, “Ancora Imparo” (I am still learning).

2016 Metamorphosis *

Legal Bytes will soon morph** and undergo a transformation***

Watch For It

*    Metamorphosis: A noticeable change in character, appearance, function or condition.

**    Morph: To undergo dramatic change in a seamless and barely noticeable fashion.

*** Transformation: A marked change in appearance or character, especially for the better.

Advocate General Asks EU Court of Justice WHAT?

The Advocate General of the Court of Justice of the European Union recently announced that it had delivered an opinion in connection with a number of proceedings calling for a preliminary ruling in cases involving Ireland and Austria. In Ireland, the owner of a mobile phone submits that the Irish authorities have unlawfully processed, retained and exercised control over data related to its communications. In Austria, three cases brought by the Province of Carinthia have alleged the Austrian Law on telecommunications is contrary to the Austrian Constitution.

Essentially, the top EU legal advocate is asking the EU court NOT to enforce a bad law so the legislature is afforded a chance to fix it. Seriously? That is like asking the U.S. Supreme Court not to strike down discriminatory laws and give Congress a chance to fix them. Seriously?
 

Continue reading “Advocate General Asks EU Court of Justice WHAT?”

Bond Meets Bond Street: Mannequins are Watching You Shop

An Italian company, Almax S.p.A., is selling a mannequin (price tag about $5,000) in a development that is being closely watched – literally – by retailers, consumers and, of course, regulators and privacy gurus. The new product, marketed as the EyeSee Mannequin, contains a camera embedded in the mannequins eyes, and according to the company’s website: “This product will do much more; it would make it possible to ‘observe’ who is attracted by your windows and reveal important details about your customers: age range; gender; race; number of people and time spent.”

In Europe and the United States, the mannequins are making sporadic appearances – perhaps in showrooms and even in street-side display windows, gathering data as people saunter by the store gazing into the windows. According to reports, Almax may also be testing auditory capabilities that would allow a mannequin to not only see, but to hear what customers are saying as well. Hey, did you just call that mannequin a dummy?

 


(Image from Almax Website)

 

The EyeSee Mannequin has a camera placed as an “eye” that includes facial recognition technology that records information about passersby, such as their gender and race, and the software guesstimates the approximate age of each person scanned by the camera. Typically, cameras can be used in retail stores for security, but in many jurisdictions the shop owners are required to post signs alerting consumers browsing the aisles that they are subject to being recorded. Now, the EyeSee Mannequin gives retailers the ability to collect and store information for marketing purposes – a commercial purpose that may put the technology squarely under a microscope (these vision puns really must stop), since it collects personal data about individuals without their consent. That said, the current product is only supposed to record information, not any actual photographs or image scans, but . . . it could, couldn’t it?

Need to know more about the legal implications of technology in advertising and marketing? Concerned about your rights (and wrongs) in deploying surveillance equipment and gathering data and information about customers and consumers? Are you up-to-date on the latest privacy and compliance requirements? Not sure? Need to see these issues more clearly? OK, don’t be a dummy (I mean mannequin) and consult your lawyer. Don’t hesitate to contact me, Joseph I. Rosenbaum, or the Rimon lawyer with whom you regularly work. We would be happy to see you, hear you and help you.

Insight from California’s Special Assistant Attorney General for Technology

In a recent interview with Travis LeBlanc, California’s Special Assistant Attorney General for Technology, Amy Mushahwar and Joshua Marker of Rimon’s Data Privacy, Security & Management practice, obtained some interesting insight on California’s new Privacy Protection and Enforcement Unit. Mr. LeBlanc addresses current and upcoming privacy trends, and the focus of California’s enforcement actions.

You can read the entire discussion and the insights obtained right here: Rimon Attorneys Interview Travis LeBlanc, of California’s New Privacy Protection and Enforcement Unit

As always, if you need help or more information, contact the Rimon lawyers mentioned above; me, Joseph I. Rosenbaum; or any of the Rimon lawyers with whom you regularly work.

IAPP Privacy Presentation – Is the Wizard of Oz Still Behind the Curtain?

On May 10, 2012, I had the privilege of making a presentation at the IAPP Canada Privacy Symposium 2012. The title of my presentation was "Social and Mobile and Clouds, Oh My!" and it addressed some of the emerging issues in privacy, data protection and surveillance that arise as a result of globalizing technology and the convergence of social media, mobile marketing and cloud computing.

As part of that presentation (and as I have started to do for some time now in other presentations), I raised the issue of how lawyers, the law, legislators and regulators often use words to describe activities – words rooted in tradition or precedent – that are no longer applicable to the activity in today’s world. "Privacy" is such a word, although "not applicable" perhaps is too harsh. Obviously the word has significant applicability in a wide variety of situations. But "invasion of privacy" has become a knee-jerk reaction to virtually every information-gathering activity, even information readily and publicly available and, in some cases, posted, disclosed or distributed by the very individual whose privacy is alleged to have been "invaded."

Please feel free to download a PDF of my presentation, "Social and Mobile and Clouds, Oh My!" [PDF] (Note: Embedded video file sizes are too large to include), and let’s start a conversation about how we use words and how they wind up in laws and regulations. Lawyers work with words. Use them artfully and they provide powerful structures within which society, commerce and all forms of human endeavor function. Use them improperly and they cause confusion, uncertainty, inconsistency and inherently inequitable outcomes.

Seems like I am not the only one to point this out. Take a look at the insightful comments by John Montgomery, COO of GroupM Interaction, North America, as reported in a MediaPost RAW posting on Social Media entitled: If Marketing Terms Could Kill.

Kudos John. I’m with you. Let’s get it right.

FYI, Rimon has teams of lawyers who have experience and follow developments in privacy and data protection, information security and identity theft. If you want to know more, if you need counsel or need help navigating, or if you require legal representation in this or any other area, feel free to call me, Joseph I. ("Joe") Rosenbaum, or any of the Rimon lawyers with whom you regularly work.

White House Releases Privacy Report and Calls For a Consumer Bill of Rights

Earlier today, Secretary of Commerce John Bryson and Federal Trade Commission Chairman John Liebowitz outlined the Obama administration’s strategy for ensuring “consumers’ trust in the technologies and companies that drive the digital economy.” On the heels of their announcement, and although it is dated January 2012, the Department of Commerce released a long-awaited report entitled “Consumer Data Privacy in a Networked World, A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy,” the administration’s roadmap for privacy legislation and regulation in the years ahead.

The announcement and privacy blueprint envisions a comprehensive and integrated framework for data protection, rather than the current sector-patchwork-quilt approach, and is comprised of four key pillars: (1) a consumer privacy bill of rights; (2) a multi-stakeholder process and approach dealing with how such a bill of rights would apply in a business context; (3) more effective enforcement; and (4) greater commitment to harmonization and cooperation in the international community.

The Report outlines the seven principles of its proposed Consumer Privacy Bill of Rights and, although calling for legislation and regulation to codify and memorialize these rights, also sets out consumer privacy standards that companies are asked to immediately and voluntarily adopt in a cooperative public-private partnership. These seven principles are:

  1. Individual Control Through Choice
  2. Greater Transparency
  3. Respect for Context
  4. Secure Handling
  5. Access & Correction Rights
  6. Focused Collection
  7. Accountability

The Report notes that a company’s adherence to the voluntary codes will be viewed favorably by the FTC in any investigation or enforcement action for unfair and deceptive trade practices. By implication, a company that does not adopt and follow these principles might be used as evidence of a violation of Section 5 of the FTC Act, even if federal legislation is not passed on the subject. The FTC is expected to soon release its Final Staff Report on Consumer Privacy that will be consistent with the Obama administration’s proposed Framework Report. The report reinforces the administration’s commitment to international harmonization, and also touches upon the role state attorneys general in the United States can play. While we are still reviewing the details – and more will likely be forthcoming from the administration in the weeks and months ahead – Legal Bytes will keep you on top of these developments as they arise.

You can read the entire report right here: Consumer Data Privacy in a Networked World, A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.

These are developments that affect all businesses, domestic and multi-national, global and local, consumers and regulators. The complexity and challenges of compliance should not be underestimated, nor should the administration’s commitment to follow the roadmap outlined. Rimon has teams of lawyers who have experience and follow developments in privacy and data protection, from prevention and policy to compliance and implementation. If you want to know more, need counsel, need help navigating, or if you require legal representation in this or any other area, feel free to call me, Joseph I. (“Joe”) Rosenbaum, or any of the Rimon lawyers with whom you regularly work.

MMA Releases Mobile App Privacy Guidelines – Appy Days Are Here Again

A few days ago (October 17), the Mobile Marketing Association released its MMA Mobile Application Privacy Policy, which the MMA asserts is the first industry guideline to deal with data protection and privacy specifically related to mobile and wireless applications. The guideline being made available for comment is slated to be finalized sometime after November 18, 2011, when the MMA’s comment period is scheduled to close. The press release notes that there are currently more than 425,000 iPhone/iPad apps available from Apple’s App Store, and more than 200,000 available for Android.

The document is intended to deal with some of the basic privacy principles and text that developers should consider incorporating into mobile apps to let consumers know how their data is collected and used, as well as information regarding confidentiality and the security of information that becomes available when a consumer installs and uses a mobile app. Obviously, legal disclaimers and disclosures and issues related to privacy and data protection are quite jurisdiction-specific, and compliance will always require consultation with legal counsel to be sure mobile, and all other online and other applications and processes, conform to the legal requirements of each jurisdiction that applies to consumers for that application or process.

Rimon’s offices around the world are open, coordinating with our Advertising Technology & Media law practice group, ensuring that lawyers knowledgeable in data protection and privacy, as well as in mobile technology and marketing, are available to help you. As always, if you want to know more about how lawyers who understand can help your business, feel free to contact me, Joe Rosenbaum, or any of the Rimon attorneys with whom you regularly work.

Payment Card Industry Takes a Swipe at Virtual Security

Someone in the payment instrument, payment processing, or payment systems environment must be living under a rock if he or she has not heard of or been affected by the Data Security Standards (DSS), or “PCI-DSS” as it has been referred to in the industry, promulgated and released by the Security Standards Council of the Payment Card Industry Association (PCI). Although the original impetus for the credit-card-driven security standards was combating identity theft and credit card fraud in the wake of the data breaches and compromised (or potentially compromised) databases containing sensitive consumer payment account information, the standards have become the de facto starting point for any compliance security standard in the payment industry.

Last week, the PCI Security Standards Council released new comprehensive guidelines for PCI compliance in virtual card holder data environments dealing with consumer payment system and payment transaction security in a virtual environment. Rimon lawyers who work in this area consistently and who have a wealth of experience with information security and financial services, have put together a client alert entitled: "Is the PCI Security Standards Counsel Preparing for Cloudy Weather?"

Credit, debit and prepaid cards; smart cards and chip cards; gift cards and stored value cards; co-branded cards and loyalty rewards programs; corporate cards, fleet cards and purchasing cards; data protection and privacy; information security, identity theft and data breaches; micro, digital and virtual payment systems – E Commerce; The Fair Credit Reporting Act; Regulation E; Regulation Z; Credit Card Act of 2009 (see Credit Card Act of 2009: Act I, Scene 1 or just search the Legal Bytes blog)! Do any of these terms apply to you? Talk to us. It’s what we do. Contact any of the lawyers listed in the Alert, contact me, or contact the lawyer at Rimon with whom you routinely work, and we will make sure we help you or connect you to someone at Rimon who will be happy to do so.