This post was written by Cynthia O’Donoghue.

In June 2013, the UK Information Commissioner’s Office (ICO) published new guidance entitled “Social networking and online forums—when does the DPA apply?” (Guidance). The document explains what must be considered by organisations that run social media sites, as well as by individuals who upload or

This post was written by Frederick Lah.

Earlier this year, Maryland enacted the nation’s first law explicitly prohibiting employers from requesting or requiring employees or applicants to disclose their usernames and passwords for their personal social media accounts. Many other states are contemplating similar laws, with Illinois’ version likely to become law within the next

This post was also written by Jason H. Ballum, Amy S. Mushahwar, and Frederick Lah.

With March Madness on the horizon, did you know that educational institutions are part of another Final Four? One in four data breaches come from higher educational institutions or K-12 schools. In addition to data breaches, schools face unique privacy

This post was written by Christopher G. Cwalina, Amy S. Mushahwar, and Frederick Lah.

Google, Inc. agreed to a proposed consent order over charges that it used deceptive tactics and violated its privacy promises to consumers when it launched its social network, Google Buzz. The Agency alleged in its Complaint that Google’s information practices violated Section 5 of the FTC Act.

As background, in February 2010, Google launched Buzz, a social networking service within Gmail, its web-based email product. Google used the information of Gmail users, including first and last name and email contacts, to populate the social network. Gmail users were, in many instances, automatically set up with “followers” (people that followed the user or people that the user followed). According to the FTC’s Complaint, even if a user did not enroll in Buzz, the user’s information was shared in a number of ways (e.g., a user who did not enroll in Buzz could still be followed by other Gmail users who enrolled in Buzz). The FTC also alleges that the setup process for Gmail users who enrolled in Buzz did not adequately communicate that certain previously private information would be shared publicly by default. Further, the FTC alleges that certain personal information of Gmail users was shared without consumers’ permission through Buzz (e.g., some information was searchable on the Internet and could be indexed by Internet search engines).Continue Reading FTC and Google – Proposed Settlement Over “Buzz”