reasonable expectation

This week, the Medical Identity Fraud Alliance (“MIFA”) released its 2014 Fifth Annual Study on Medical Identity Theft, finding that in the last year, medical identity theft incidents increased by 21.7% from 2013.  The study is annually conducted to determine the pervasiveness of medical identity theft in the United States, how it affects the lives of victims, and what steps should be taken by consumers, healthcare providers, and governments to reduce the incidence of this crime.  Medical identity theft is defined by the report as occuring “when someone uses an individual’s name and personal identity to fraudulently receive medical services, prescription drugs and/or goods, including attempts to commit fraudulent billing.”  In this study, medical identity theft also is deemed to occur when an individual shares his or her health insurance credentials with others.
Continue Reading Study Shows Increase in Medical Identity Theft

Last week, a federal judge in the Eastern District of Washington suppressed evidence from a disguised webcam that had monitored the front yard of the defendant’s home for six weeks.

In United States v. Vargas, U.S. District Judge Edward F. Shea ruled that defendant Leonel Michel Vargas had a reasonable expectation of privacy in the activities occurring in and around the front yard of his rural home, and accordingly, that the warrantless, continuous and covert recording of this space violated the Fourth Amendment.  In doing so, the court held that law enforcement may remotely and continuously view and record an individual’s front yard through the use of a hidden video camera located outside of the individual’s property only with a valid search warrant, which the officers in this case failed to procure in this case.Continue Reading US Court: Reasonable Expectation of Privacy Exists in Rural Front Yard

Researchers at Carnegie Mellon University have designed a website that doles out grades to Android apps based on their privacy practices. The website,, assigns grades based on a model that measures the gap between people’s expectations of an app’s behavior and how the app actually behaves. The grades range from A+, representing no privacy concerns, to D, representing many concerns.

To determine its grades, the Carnegie Mellon model relies on both static analysis and crowdsourcing. In the static analysis component, Carnegie Mellon’s software analyzes what data an app uses, why it uses such data, and how that data is used. For example, the software assessed whether an app used location data, whether that location data was used to provide location features (such as a map app), or whether that location data was used to provide the user with targeted advertising (or for other purposes). In the crowdsourcing component, Carnegie Melon solicited user privacy expectations for certain apps. For example, researchers asked whether users were comfortable with or expected a certain app to collect geolocation information. Where an app collected certain information and users were surprised by that collection, the surprise was represented in the model as a penalty to the app’s overall privacy grade.
Continue Reading Carnegie Mellon Grades Privacy of Android Apps

A federal district court in New Jersey ruled this week that an employer might have invaded an employee’s common-law privacy rights by coercing a co-worker into giving the employer access to the employee’s Facebook profile.

The plaintiff, a nurse and paramedic employed by a non-profit hospital service corporation, alleges that her supervisor forced a co-worker who was one of the plaintiff’s Facebook friends to log into Facebook in front of the supervisor so the supervisor could see the plaintiff’s postings. The complaint alleges the supervisor viewed and copied several of the plaintiff’s posts, including a comment implying that paramedics should not have saved a man who shot and killed a guard at the United States Holocaust Memorial Museum in Washington, D.C. The complaint alleges that the employer sent letters about the post to state regulators in a “malicious” attempt to damage the plaintiff’s reputation and employment opportunities. The defendants asked the court to dismiss the plaintiff’s common law invasion of privacy claim and her claim under New Jersey’s Wiretapping and Electronic Surveillance Control Act.Continue Reading N.J. Federal Court: Privacy Claim Based on Coerced Access to Employee’s Facebook Posts May Proceed