Covington’s privacy group is on both Twitter and Facebook. Follow us for just-in-time updates on developments in global privacy and data security, including content that you won’t find on our blog.
FDA Issues Untitled Letter Focused On Promotional Claims On Facebook
FDA has previously included claims made on Facebook or other social media platforms along with broader allegations of misbranding using a variety of sources in its enforcement letters . . . [b]y contrast, the present untitled letter focuses solely on a single statement on a Facebook page, and does not take issue with any statements outside the Facebook page.
Continue Reading FDA Issues Untitled Letter Focused On Promotional Claims On Facebook
FDA Issues Draft Guidance on Postmarketing Requirements for Promotion on Social Media
On January 13, 2014, FDA issued a draft guidance document entitled “Fulfilling Regulatory Requirements for Postmarketing Submissions of Interactive Promotional Media for Prescription Human and Animal Drugs and Biologics.” This draft guidance addresses the procedural topic of submitting Forms FDA 2253 and 2301 when firms use social media such as blogs, microblogs, social…
FTC Denies First Request For More Flexible Parental Consent Methods
The FTC has denied AssertID’s request to recognize a new method for obtaining verifiable parental consent for the online collection, use, and disclosure of personal information from children under 13. The application was the first of its kind to be filed since the FTC added a voluntary parental consent approval process to its revised rule implementing…
CA Governor Signs Bill Providing Online Protections For Minors
Earlier this month, we blogged about the California Senate’s passage of the bill titled “Privacy Rights for California Minors in the Digital World”, which prohibits certain targeted advertising to California minors and requires that minors be allowed to delete materials they have posted online. Yesterday, California Governor Jerry Brown signed the legislation, and it…
New Jersey Restricts Employer Access to Employees’ Personal Online Accounts
New Jersey has enacted restrictions on the ability of employers to access employees’ social media accounts, becoming the twelfth state to enact such legislation. More than 30 state legislatures have considered bills on the topic in 2013, according to the National Conference of State Legislatures.
New Restrictions in New Jersey
New Jersey’s new law, signed by Governor Chris Christie on August 29 and effective December 1, generally prohibits employers from requiring or requesting that employees or prospective employees “provide or disclose any user name or password, or in any way provide the employer access to, a personal account through an electronic communications device.” Employers also may not require individuals to waive the law’s protections or retaliate against individuals who refuse prohibited requests or file complaints with the Commissioner of Labor and Workforce Development about violations of the law. An earlier version of the law, passed by the legislature but vetoed by Gov. Christie, also would have allowed aggrieved individuals to file civil suits for injunctions, damages, and reasonable attorneys’ fees and court costs.…
Continue Reading New Jersey Restricts Employer Access to Employees’ Personal Online Accounts
CA Legislature Passes Bill Establishing Online Protections for Minors
Last Friday the California Senate unanimously passed legislation titled, “Privacy Rights for California Minors in the Digital World,” which prohibits certain types of marketing to minors (defined as a natural person under the age of 18 residing in California) and allows minors to delete materials they have posted online. The bill, which already cleared the California Assembly, now has been sent to Governor Jerry Brown for approval. If signed into law, the legislation would be effective beginning January 1, 2015.
The bill, S.B. 365, which was introduced by Senator Darrell Steinberg, adds two new sections to the California Business & Professions Code.
Section 22580 would:
- Prohibit an operator of a website, online service or application, or mobile application that is directed to minors from marketing or advertising on the service or application certain enumerated products or services that minors cannot otherwise legally purchase or use. While some of these products and services may be obvious—e.g., alcohol, firearms, tobacco, and obscene materials—others—e.g., tanning and etching cream that is capable of defacing property—may be less so.
- Prohibit an operator of a website, online service or application, or mobile application from marketing or advertising the enumerated products or services where the operator has actual knowledge a minor is using its service or application, if the marketing or advertising is directed to that minor based on information specific to the minor such as profile, activity, address, or location, but excluding IP addresses and product identification numbers. The operator shall be deemed in compliance with this provision if it takes reasonable actions in good faith designed to avoid marketing or advertising under these circumstances.
- Prohibit an operator of a website, online service or application, or mobile application that is directed to minors or who has actual knowledge that a minor is using its service or application from knowingly using, disclosing, or compiling the personal information of a minor (or allowing a third party to do so) with actual knowledge that such activity is for purposes of marketing or advertising the enumerated products or services to that minor.
- These prohibitions do not apply, however, to the incidental placement of products or services embedded in content, if the content is not distributed by or at the direction of the operator primarily for the purposes of marketing and advertising the enumerated products or services.
- Additionally, “marketing or advertising” is defined to require an “exchange for monetary compensation” in order “to make a communication to one or more individuals, or to arrange for the dissemination to the public of a communication, about a product or service the primary purpose of which is to encourage recipients of the communication to purchase or use the product or service.” Thus, social media content or applications that only promote an enumerated product or service without paid placement would not fall within the scope of the bill.
Continue Reading CA Legislature Passes Bill Establishing Online Protections for Minors
Federal Court Finds Stored Communications Act Applies to Facebook Wall Posts
A New Jersey federal court recently held that an employee’s Facebook wall posts were protected by the Stored Communications Act (“SCA”), 18 U.S.C. § 2701 et seq., in one of the first cases to analyze the SCA’s application to the Facebook wall. Ehling v. Monmouth-Ocean Hospital Service Corp.., No. 2:11-cv-3305 (WMJ) (D.N.J. Aug. 20, 2013). An important factor in the court’s ruling was the fact that the employee had configured her privacy settings to restrict her posts to her Facebook “friends.”
The court found that the employer had not violated the SCA by viewing the employee’s wall, however, because a co-worker, who was one of her Facebook friends, showed the post to their employer without any prior prompting by the employer.
This ruling provides further reason for employers to avoid unauthorized access to an employee’s social media activities. The court’s holding is consistent with the passage by 11 states of laws prohibiting employers from demanding social media passwords from employees. But employers that learn of social media activity by employees through passive means may still be able to take action based on that information.…
Continue Reading Federal Court Finds Stored Communications Act Applies to Facebook Wall Posts
The NLRB Strikes Down Employer Policies on Social Media and the Confidentiality of Complaint Investigations
Many employers have been surprised by recent rulings that two common employment policies run afoul of the National Labor Relations Act (“NLRA”) even if their employees are not union members. Based on a legitimate interest in preserving confidentiality and privacy, many employers have adopted social media policies limiting what employees may post on Facebook or Twitter about their employer or co-workers. Based on similar privacy considerations, employer procedures for investigating sexual harassment and other complaints often place restrictions on what employees may reveal to their co-workers or others about the allegations. According to recent decisions, however, both policies may violate Section 7 of the NLRA, which permits employees to engage in “concerted activity” for “mutual aid and protection.”
Section 7. It is well established under the NLRA that employees may confer with one another about their wages and other terms of employment and may take “concerted” action in an effort to improve their working conditions. Employees (but not managers) are protected by Section 7 of the NLRA, whether or not they are members of a union. But employers rarely face Section 7 issues since claims under Section 7 must be asserted in charges filed with the National Labor Relations Board (“NLRB”), and few employees do so.
Confidentiality of Complaint Investigations. Enforcement Guidance issued by the EEOC directs employers conducting investigations of workplace harassment to assure complainants that they “will protect the confidentiality of harassment complaints to the extent possible.” Employers routinely adopt policies asking employees who are part of workplace investigations, either as complainant or witness, to keep such investigations confidential. Such policies help ensure the integrity of investigations, prevent workplace retaliation for participation in investigations, protect the privacy of complainants, and foster an environment where employees will readily report harassment concerns.…
Continue Reading The NLRB Strikes Down Employer Policies on Social Media and the Confidentiality of Complaint Investigations