Category Archives: Electronic Communication

“The Value of Corporate Secrets” points out common failures in data security practices

Forrester Research recently published a report entitled “The Value of Corporate Secrets.”  Commissioned by Microsoft and RSA, the report studied data security practices of over 300 companies in North America, Europe and Australia to understand how those companies value sensitive information. 

The findings are revealing.  The report notes that proprietary information and trade secrets contribute nearly twice as much to corporate value as custodial data (such as customer financial information and employee medical information).  However,  corporations devote most of their security resources and budgets to protecting the custodial data.   This is because a wide array of regulations mandate the protection of medical, financial, and other custodial data, while corporations can decide for themselves how best to protect trade secrets.  Because of this, many corporations are unable to assess how effective they are in protecting proprietary information.

RSA has published the full report here.  It’s a worthwhile read for anyone who is involved in protecting a company’s intangible assets. 

Court limits FCC authority to address “net neutrality”

“Net neutrality” is a phrase commonly applied to the idea that access to the Internet should not be subject to tiered or content-based pricing or download speeds.  Net neutrality supporters advocate that Internet service providers should not promote their own content by blocking, slowing or otherwise interfering with access to content published by their competitors. 

In 2005, the Federal Communications Commission published a Broadband Policy Statement in which the FCC stated that it “has jurisdiction necessary to ensure that providers of telecommunications for Internet access or Internet protocol-enabled (IP-related) services are operated in a neutral manner.”  In the statement, the FCC adopted four general principles, including principles that “consumers are entitled to access the lawful Internet content of their choice,” and “consumers are entitled to competition among network providers, application and service providers, and content providers.” 

In a ruling that creates uncertainty for “net neutrality” advocates, the U.S. Court of Appeals for the District of Columbia has called into question the FCC’s jurisdiction to regulate Internet access.  In Comcast v FCC, the Court considered whether applicable laws give the FCC regulatory authority to issue an Order that covered Comcast’s Internet management practices governing users’ access to peer-to-peer file sharing.  The Court concluded that the FCC had no such authority. 

The ruling casts doubts on whether the FCC can proceed with regulations that it proposed in October 2009 governing network neutrality.  However, since the ruling, several sources have quoted members of Congress who stated legislative action to expressly grant the FCC authority to regulate Internet service providers is under consideration.

New FTC guidance affecting online advertising takes effect December 1, 2009

On December 1, 2009, the Federal Trade Commission (FTC) will adopt new Guides Concerning the Use of Endorsements and Testimonials in Advertising.  The new Guides can affect a wide variety of online commercial activity, including product reviews by bloggers and websites that allow consumers to rate of products and services. 

Section 5 of the Federal Trade Commission Act (5 USC  45(a)) prohibits the use of “unfair or deceptive acts or practices in or affecting commerce.”  In the new Guides, the FTC applies Section 5 to new media (such as blogging, consumer ratings, and social media), as well as other endorsement activities. 

According to the revised Guides: Continue reading

Upcoming Pennsylvania CLE to Focus on e-Commerce

The Pennsylvania Bar Institute (PBI) has planned a continuing legal education course that will focus on the legal matters affecting e-commerce.  Now in its sixth year, PBI’s e-commerce update will provide an update on the latest legal issues affecting e-commerce, including:

  • e-contracting
  • issues that arise when using social networking sites for e-commerce
  • privacy law
  • records management
  • security (practical and legal issues)

The course will be held December 1, 2009 in Philadelphia (with simulcasts by video in Erie, Mechanicsburg, and Greensburg); and December 8, 2009 in Pittsburgh.  Additional details and registration forms are available here.

(Note”  the author of this blog is a faculty member for the course.)

Upcoming Pennsylvania CLE to address legal issues surrounding use of social media

On November 10, 2009, the Pennsylvania Bar Institute will host a CLE course on the issues that attorneys and clients face when we (and when our clients) use social media such as Facebook, Twitter, and . . . yes . . . blogs.   The course will be presented in two locations:  Pittsburgh and Philadelphia. 

The agenda for the CLE includes the following topics:

  • Introduction to social media:  how lawyers can use blogs and social networks for marketing and research
  • Intellectual property and social media:  privacy, copyrights, trademarks, and other rights
  • Employment law and social media:  policies and procedures for handling employees who tweet, blog, text, and post
  • The in-house counsel perspective:  a panel discussion with practical tips on how companies are dealing with the legal issues relating to social media
  • Social media and litigation:  what to do when lawyers, judges, witnesses, and jurors become “friends”; how to use social media to help win your case; how to manage data generated by social media in discovery
  • Legal ethics:  ethical questions facing lawyers who blog, tweet, and “friend” online.

Details and sign-up information about the course are available at the PBI website by clicking here.  (Full disclosure:  I am a course planner and faculty member for this CLE.) 


What health care providers need to know about social networking sites

My colleague Andrew Siegel recently wrote an article discussing important legal issues facing health care providers who use blogs, Facebook, YouTube, and other social networking tools to distribute health care-related information.  As Andrew writes:

Hospitals and health care professionals have quickly embraced social networking as a way to interact with patients, market their practices and share information with the health care community. . ..  However, when using such technology, health care providers must be aware of certain legal risks. The most obvious challenge for networking providers is compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.

The article provides tips for health care providers who are using or plan to use social networks to communicate with actual or potential patients.  For the full text of the article, click here.

8/25/09 webinar to discuss soon-to-be-implemented breach notification requirements of the HITECH Act

The American Recovery and Reinvestment Act of 2009 included the HITECH Act, a law supporting the development of a nationwide health information technology (HIT) infrastructure for the use and exchange of health information for patient care.

Starting on Monday August 17, 2009, entities covered under the HITECH Act had 30 days before the security breach notification requirements go into effect.   On August 25, 2009, my Pepper Hamilton partners Sharon Klein and Peter Adler will host a free online webinar to discuss the final breach notification provisions and what organizations must do to comply.

Registration details for the seminar are available at

Employee blogging and use of social media – managing the risk

Last week I participated in several presentations that discussed the use of social media by corporate employees.  Social media usage is exploding.  Recent data indicates that Facebook has over 200,000,000 users, while Twitter has over 7,000,000 users.  According to Technorati data as reported on Wikipedia, at the end of 2007 more than 112,000,000 blogs existed. 

Blogs, Facebook and Twitter accounts, texting, and the use of other social media by employees can create many risks for employers.  Unlike conversations, social media postings leave a data trail — and that data trail can quickly be tracked, copied, and distributed to an unlimited number of readers.  The news headlines are filled with stories of poor judgment by employees on social media sites.  Microsoft fired an employee who published photos of Apple computers being loaded into a Microsoft research facility.  Delta airlines fired a flight attendant who posted photos of herself in a corporate uniform.  Google fired an employee who blogged about, among other things, Google’s compensation.

The risks that employers may face from situations like those described above include: Continue reading

Tips for Web Site Privacy Policies

Does your web site collect data from users?  Whether you allow users to submit personal data (such as email addresses) or simply gather information through cookies, your web site should include a privacy policy to explain how you will use that data. Too often, website managers simply post a form privacy policy without actually reviewing the policy.  Can you confirm that your policy accurately describes what your company does with the data that you collect? Continue reading

Guidelines for Web Site Terms of Use

Corporate websites frequently do – and should – include “terms of use” that govern use of the website by web surfers.  Why should your website contain terms of use?  What terms should should you include?  Are users actually bound by the terms?

In the first of a series of articles on “Internet Rules of the Road,” my colleague Anne Newman of Pepper Hamilton LLP has published a set of helpful guidelines for Web Site Terms of Use.  As Anne writes: Continue reading