digital privacy

The White House released a proposed bill to protect consumers' digital privacy, the Washington Post's Andrea Peterson reports, but the bill may not be strong enough. The Federal Trade Commission said that the legislation wouldn't provide "strong and enforceable protections" for consumer privacy. The bill would allow industries to develop their own privacy codes of conduct, which the FTC could then enforce. But the bill would preempt state laws dealing with data collection and handling and could preempt state laws like California's that have more stringent standards than at the federal level for data breaches, the privacy of minors and other consumer protection laws. The Recorder's Cheryl Miller notes that a private right of action is explicitly rejected, but that state attorneys general as well as the FTC would have enforcement authority.

Cyrus Farivar, writing for Ars Technica, features five cases that the U.S. Supreme Court could grant certiorari in and take on privacy and surveillance issues involving the National Security Agency: Klayman v. Obama, First Unitarian Church v. National Security Agency, American Civil Liberties Union (ACLU) v. Clapper, United States v. Moalin, and United States v. Muhtorov. Farivar notes the Supreme Court held in United States v. Jones that law enforcement doesn't have the authority to use GPS tracking without a warrant and held in Riley v. California that law enforcement can't search a person's phone without a warrant, reflecting "an awareness that modern tech has changed reasonable privacy."

Jeff Bennion, writing in Above the Law, has a helpful post about the lessons lawyers can learn from the leaked nude photos of Jennifer Lawrence that were apparently hacked out of her iCloud account: "Celebrities with nude photos in their cloud accounts are targets for the same reason lawyers with confidential client files in cloud accounts are: they are easy targets with highly bribable files. Lawyers are mostly clueless when it comes to cybersecurity, yet they use it to store their most valuable information." Bennion suggests that lawyers encrypt their files kept on the cloud in zip files, empty the trash in their cloud storage and make file sharing links temporary. The risk of a data breach, he says, is losing current clients, future clietns and your reputation.

And here's an article I wrote a few months back about the risk hackers pose to law firm's data security: http://www.cultivatedcompendium.com/reporting/risk-hackers-corporate-ame...

In a major landmark in the development of digital privacy, a federal judge has ordered Microsoft to turn over to the U.S. government a customer's emails and other account information stored in an Irish data center, Re/code reports. Microsoft unsuccessfully argued that a U.S. warrant couldn't extend to customer information held abroad.

Re/code said the case appears to be the first in which a U.S. warrant for data held overseas was challenged by an Internet firm.

Shawn DuBravac, chief economist of the Consumer Electronics Association, posits in Techdirt that the U.S. Supreme Court's rulings that warrants are needed before police may search criminal suspects' cellphones has struck the first blow to protect digital privacy in the era of the Internet of Things, or physical objects being connected to the Internet like smart thermostats, coffee pots and refrigerators: the decision "comes at just the right time, because it's not just our phones that are getting smart. Soon, just about everything we touch will capture data about us. Our cars. Our watches. Our clothing. The fundamental privacies at stake in this ruling transcend far beyond phones. The Supreme Court needed to write its decision with the bigger picture in mind, and it did."