We often counsel our clients not to make absolute promises about security or data protection. Just like there is no ocean-front property in Arizona, there is no such thing as perfect security or safety. 

LifeLock, Inc. just learned this lesson the hard way when they promised consumers protection from all forms of identity theft.  As a result, they are now agreeing to pay $12 million in fines state and federal regulators.

 

Several new decisions have come down in the last couple of weeks involving the applicability of section 230 of the Communications Decency Act ("Section 230").  Section 230 provides online service providers with immunity from certain types of claims arising from the publication of information provided by a third party.  However, if the service provider takes an active role in the development of the third-party content, it may lose the protection of Section 230.  These cases provide some additional guidance as to where the line is regarding too much involvement with the content. 

The Massachusetts Standards for the Protection of Personal Information of Residents of the Commonwealth, 201 CMR 17.00, go into effect today, March 1, 2010.  The regulations impose strict data security requirements on every business that owns or licenses “personal information” about a resident of Massachusetts, regardless of where the business is located or does business. 

High school students in one suburban school district have a whole new understanding of the watchful eye of George Orwell’s Big Brother as of last week, when they learned that school officials, without prior notice or consent, could remotely activate the cameras in their school issued laptops and take potentially compromising images of whatever or whomever was in front of the computer at the time of activation. 

Perkins Coie Privacy & Security Partner Albert Gidari was quoted in Michael Isikoff's recent Newsweek article entitled "The Snitch in Your Pocket."

On Friday, the U.S. Court of Appeals for the Third Circuit is to consider whether warrantless tracking of wireless devices is a violation of a citizen's Fourth Amendment right. Police have been using location tracking on a regular basis, yet the legal standards remain unclear.

On January 12, 2010, the U.S. Court of Appeals for the D.C. Circuit rejected a challenge by Core Communications, Inc., the Public Service Commission of the State of New York, and the National Association of Regulatory Utility Commissioners to a November 2008 Federal Communications Commission (FCC) order setting forth the basis for its authority to institute rate caps on intercarrier compensation for telecommunications traffic bound for internet service providers (ISPs).  Core Communications, Inc. v. FCC, Nos. 08-1365, 09-1046, 08-1393 & 09-1044, 2010 WL 86672, at *1, *7 (D.C. Cir. Jan. 12, 2010).

Perkins Coie's Susan Lyon and John Roche co-authored an article, published by SmartGridNews.com, entitled "Smart Grid Privacy Part 1: How to Keep Your Customer Data Protected — and Keep Your Customers."

Attorney General Richard Blumenthal today sued Health Net of Connecticut, Inc. for failing to secure private patient medical records and financial information involving 446,000 Connecticut enrollees and promptly notify consumers endangered by the security breach. http://www.ct.gov/ag/cwp/view.asp?Q=453916&A=3869