Category Archives: Electronic Communication

Tips for Web Site Privacy Policies

Does your web site collect data from users?  Whether you allow users to submit personal data (such as email addresses) or simply gather information through cookies, your web site should include a privacy policy to explain how you will use that data. Too often, website managers simply post a form privacy policy without actually reviewing the policy.  Can you confirm that your policy accurately describes what your company does with the data that you collect? Continue reading

Guidelines for Web Site Terms of Use

Corporate websites frequently do – and should – include “terms of use” that govern use of the website by web surfers.  Why should your website contain terms of use?  What terms should should you include?  Are users actually bound by the terms?

In the first of a series of articles on “Internet Rules of the Road,” my colleague Anne Newman of Pepper Hamilton LLP has published a set of helpful guidelines for Web Site Terms of Use.  As Anne writes: Continue reading

SEC Issues Interpretive Release Regarding Use of Company Web Sites

Because many intellectual property professionals are often called upon to handle business law matters that involve technology (but not pure IP), I’d thought many readers would be interested in an article recently published by my colleague Zakiya Black.  The article highlights a recent Securities and Exchange Commission (SEC) guidance about the use of corporate websites for dissemination of disclosure documents, and corporate liability for website content.    As the article explains,

The Release principally focuses on four areas:

  • when information posted on a company Web site is considered “public” for purposes of Regulation FD relating to selective disclosure of material information
  • company liability for information on its Web site(s), including previously posted information, hyperlinks to third-party information, summary information and the content of interactive Web sites
  • the need for companies to implement disclosure controls on and procedures for information presented on a Web site intended for investors, and
  • the format of information that may be presented on a company Web site intended for investors, with the focus on readability, not printability.

For the full article at the Pepper Hamilton LLP website, click here.

US Attorneys Target Identity Theft and Financial Fraud

A recent alert published by Pepper Hamilton LLP attorneys Greg Paw and Travis Nelson notes that U.S. Attorneys in Philadelphia and New Jersey recently introduced a new initiative to combat identify thefy and stepped up their enforcement efforts against financial fraud.  As the alert states:

Frequently, companies of all sizes have been frustrated in their efforts to investigate small incidents of identity theft . . .. The new NICLE program will help to change this. Now, whether an investigation is initiated by law enforcement or referred to law enforcement after having been investigated by private investigators or attorneys, patterns of criminal activity will be more recognizable. Companies will have greater incentive to make reports, and law enforcement will have increased information to catch identity thieves before they move on to their next individual or corporate victim.

The alert also includes tips for companies to implement a successful financial fraud prevention program.  To read the full alert, click here.

New Connecticut State Law Requires Safeguards on Storage of Personal Information

On June 10, the state of Connecticut enacted a new law requiring safeguards on the paper and electronic storage of personal information.  The new law, which takes effect October 1, 2008, may regulate any entity that stores credit card numbers, other account numbers, social security numbers, and other personally identifiable information.

According to a Privacy and Security Alert published by Peter Adler of Pepper Hamilton LLP:

To comply with the safeguard provisions of the Connecticut law, businesses will be required to classify the data they handle, identifying which of the data is personal information and map the flow of the personal information as it is received, processed, stored, transmitted and discarded. . . .  Personal information must by rendered unreadable before disposal. Simply erasing hard drives and other electronic media will not be sufficient, as erasure does not guarantee that electronic information is no longer recoverable.

For more details about the law and the full alert, click here.

New FTC Rules Regulate E-Mails Sent for Commercial Advertising or Promotional Purposes

The Federal Trade Commission (FTC) recently issued new rules under the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (better known as the CAN-SPAM Act).  The new rules clarify, among other things, that the Act covers emails sent by non-profit organizations.  The rules also impose specific requirements on identification of the sender.

Rob Auritt and Sharon Klein of Pepper Hamilton LLP recently wrote a Privacy and Security Alert that describes the new rules in detail.  For example, according to the Alert:

The new rule makes clear that forcing a receipient to visit multiple web pages or providing any information other than an e-mail address and/or a recipients opt-out preferences is a violation of the Act.

To read the full Alert, click here.

Privacy and Security Compliance Webinar scheduled for June 4

My colleague Peter Adler is hosting an online webinar on compliance with information security requirements such as HIPAA, GLBA, FISMA, the FTCA, state laws on privacy and notice of breach laws and private contractual standards such as the Payment Card Industry Data Security Standard (PCIDSS).   The discussion will include a unified approach to security compliance that leads to simultaneous compliance with multiple laws and regulations.

The webinar is scheduled for June 4 at 8:00 am EDT.   For details on how to register, click here.