Category Archives: Privacy

Congress’ Browsing Habits

Source: Speak Together, 2017

Find out what the government is doing on your site

Get real time analytics on Congress, White House, and FCC visits to your site, while taking in part in one of the largest movements for internet privacy in the history of the Web.
Related:
How to Track What Congress Is Doing on the Internet
Source: Louise Matsakis, Motherboard, June 12, 2017

There’s now a way to track what government employees, including elected officials, are doing online during working hours. A new plugin created by a software engineer in North Carolina lets website administrators monitor when someone accesses their site from an IP address associated with the federal government. It was created in part to protest a piece of legislation the president signed earlier this year. In April, President Trump signed a measure allowing internet service providers (ISPs) to sell sensitive information about your online habits without needing your consent, rolling back Obama-era regulations intended to stop that very thing from happening…..

The Rise of Wearable and Smart Technology in the Workplace

Source: Clement L. Tsao, Kevin J. Haskins, Brian D. Hall, ABA National Symposium on Technology in Labor and Employment Law, Presented by the Technology in the Practice and Workplace Committee April 5-7, 2017

….It should not be difficult to imagine that the ability to track each employee’s precise location and physiological activity could have a chilling effect on protected concerted activity under the NLRA. Depending on the type of wearable technology involved, employers could eventually, if not already, have the equivalent of a workplace ankle bracelet, i.e., GPS monitoring device, that could be used as a tool to monitor or interfere with protected concerted activity. For workplaces where there is a certified collective bargaining representative, wearable technology, or any form of a surveillance system, should be a mandatory subject of bargaining. See Colgate-Palmolive Co., 323 NLRB 515, 515-16 (1997) (where the Board held that installation and use of surveillance cameras were mandatory subjects of bargaining). Given the likely chilling effect on protected concerted activity as well as in order to reduce the risk of unlawful surveillance, employers should establish and enforce policies for disabling wearable technology and collecting wearable data outside of working hours….

…..Wearable technology excels at providing data on health. The pedometer of yesterday has been relegated to the vintage dustbin: today’s fitness trackers, like those from Fitbit, Jawbone, Garmin, and Apple, can track not only heart rate and calories burned, but sleep patterns, walking patterns, sweat, diet, and a whole host of other health attributes when paired with mobile apps for tracking mood, fertility, and medication, to name just few. Although many of these devices are designed for the consumer market, they are becoming increasingly common in the workplace, often as part of employee wellness programs. Companies are also finding wearable devices useful for enhancing worker safety: devices for monitoring a worker’s hydration, temperature, movement, and external hazards are already available, and research is continuing into how to coordinate these tools into a “technological guardian angel” for workers. Not surprisingly, the proliferation of wearable technology in the workplace raises a number of legal issues. In particular, the intersection of wearable technology and health implicates issues under the Americans with Disabilities Act (“ADA”), the Genetic Information Nondiscrimination Act (“GINA”), and health privacy laws like the Health Insurance Portability and Accountability Act (“HIPAA”)…..

The Challenges of a Workplace Bring Your Own Device Policy

Source: John Hawthorne, LLRX, April 28, 2017

Everything was so easy a decade back. Employees used company issued computers, spoke on company cell phones, and played by all the rules of CIOs and IT departments. They usually weren’t allowed to use their own laptops or mobile devices, which allowed the IT departments to keep everything locked down.

The more generous companies gave high-profile workers Blackberries, but even those were controlled by a very strict set of guidelines. And they were Blackberries, after all. Not the best devices for surfing the internet or watching videos.

But then the mobile revolution happened. Steve Jobs invented the iPhone, YouTube, Pandora Internet Radio and Spotify Music made significant inroads with users and suddenly people wanted to bring their own devices to work. No longer content to use archaic computers and ancient communication devices, employees wanted to do both personal and business activities on the same device.

And so many companies began implementing Bring Your Own Device (BYOD) policies, allowing workers to use whatever computer or phone they desired. These policies have, in many ways, been a great boon to productivity and have huge advantages. But there are also some significant downfalls to the rise in BYOD.

In this article, I lay out the pros and cons of BYOD, as well as try to provide a bit of objective analysis of the situation…..

Why Courts Fail to Protect Privacy: Race, Age, Bias, and Technology

Source: Bernard Chao, Catherine S. Durso, Ian P. Farrell, Christopher T. Robertson, University of Denver – Sturm College of Law, Legal Studies Research Paper No. 17-03, February 23, 2017

From the abstract:
The Fourth Amendment protects against unreasonable “searches and seizures,” but in the digital age of stingray devices and IP tracking, what constitutes a search or seizure? The Supreme Court has held that the threshold question is supposed to depend on and reflect the “reasonable expectations” of ordinary members of the public concerning their own privacy. For example, the police now exploit the “third party” doctrine to access data held by email and cell phone providers, without securing a warrant, on the Supreme Court’s intuition that the public has no expectation of privacy in that information. Is that assumption correct? If judges’ intuitions about privacy do not reflect actual public expectations, it may undermine the legitimacy of the criminal justice system and exacerbate social unrest.

Although prior research has shown that the police disproportionately target younger people and minority communities, judges tend to be male, white, educated, affluent, and older than the general population. Their intuitions may thus be systematically different. Even worse, cognitive science suggests that judges may have difficulty putting themselves into the shoes of the searched person or considering the reasonableness of the police tactics from an ex ante perspective, without knowledge about the fruits of the search.

With 1200 respondents, we conducted a large-scale survey experiment to test whether, and if so, why, contemporary Fourth Amendment jurisprudence diverges from the societal norms it purports to protect and reflect. We identify a range of privacy expectations for 18 different police practices. We use oversampling, reweighting, and randomization to investigate particular causes of this disparity between judicial and public expectations. We conclude by suggesting better ways forward, so that social science evidence can replace judicial speculation.

Bypassing encryption: ‘Lawful hacking’ is the next frontier of law enforcement technology

Source: Ben Buchanan, The Conversation, March 16, 2017

The discussion about how law enforcement or government intelligence agencies might rapidly decode information someone else wants to keep secret is – or should be – shifting. One commonly proposed approach, introducing what is called a “backdoor” to the encryption algorithm itself, is now widely recognized as too risky to be worth pursuing any further.

The scholarly and research community, the technology industry and Congress appear to be in agreement that weakening the encryption that in part enables information security – even if done in the name of public safety or national security – is a bad idea. Backdoors could be catastrophic, jeopardizing the security of billions of devices and critical communications.

What comes next? Surely police and spy agencies will still want, or even need, information stored by criminals in encrypted forms. Without a backdoor, how might they get access to data that may help them solve – or even prevent – a crime?

The future of law enforcement and intelligence gathering efforts involving digital information is an emerging field that I and others who are exploring it sometimes call “lawful hacking.” Rather than employing a skeleton key that grants immediate access to encrypted information, government agents will have to find other technical ways – often involving malicious code – and other legal frameworks…..

Body-Worn Police Cameras: Separating Fact from Fiction – A Look at 5 Important Claims About the Technology

Source: Michael White and James Coldren, PM Magazine, March 2017

Since mid-2014, a number of police killings of residents has produced public outrage, civil disorder, and strong antipolice sentiment, especially among minority residents. In response to this crisis, in December 2014, President Obama formed the President’s Task Force on 21st Century Policing and charged it with developing recommendations to enhance trust between police and minority communities, as well as to improve police accountability.

The task force final report, published in May 2015, highlighted body-worn cameras (BWCs) as a potential tool for achieving those objectives. Since 2015, the White House, Congress, and the U.S. Department of Justice have strongly supported the adoption of BWCs by police.

This is evidenced by the creation of a National Body-Worn Camera Toolkit by the Bureau of Justice Assistance (BJA) and a federal funding program that has provided nearly $40 million to more than 175 law enforcement agencies for the purchase of BWCs; development of robust and comprehensive policies for BWC use; podcasts from researchers, subject matter experts, and practitioners; and a training and technical assistance mechanism that helps with BWC adoption and program management.

Drug Testing Unemployment Insurance Applicants: An Unconstitutional Solution in Search of a Problem

Source: Rontel Batie, George Wentworth, National Employment Law Project (NELP), Policy Brief, February 2017

From the summary:
Historically, states have never drug tested applicants for unemployment insurance (UI), primarily because the Social Security Act prohibits states from adding qualifying requirements that do not relate to the “fact or cause” of a worker’s unemployment. In the aftermath of the Great Recession, however, some states, in a misguided effort to try to contain the high costs of their UI programs due to high unemployment rates, began clamoring to drug test UI applicants. Their hypothesis (without any facts or data to back it up) was that claims would somehow substantially decrease, either as workers tested positive for drugs or declined to apply because of their drug use.

Mindful of the goal of drug-free workplaces but also of the lack of any data that drug use was an issue among the unemployed, in 2012, Congress reached a narrow compromise on drug testing UI claimants, one that took into account the serious constitutional issues with suspicionless drug testing. Congress agreed to allow, not require, states to test UI claimants in two specific, narrow circumstances: (1) workers who had been discharged from their last job because of unlawful drug use, and (2) workers looking for jobs in occupations where applicants and employees are subject to regular drug testing. Consistent with the new federal law, the U.S. Department of Labor issued regulations that closely tracked the legislation, defining occupations subject to regular testing to mean occupations where testing is legally required (either now or in the future), and not merely permitted.

Congressional Republicans, unhappy with the compromise they agreed to in 2012, have criticized the Labor Department regulations since they were proposed, claiming they were too narrowly drawn even though they closely tracked the legislation. The House of Representatives is now planning to invoke the Congressional Review Act to invalidate these regulations; and presumably, proponents of drug testing are counting on passage of a bill introduced in the 114th Congress by Rep. Kevin Brady (R-TX) that would effectively allow states to drug test all jobless workers filing for unemployment insurance. This bill, which we expect will be reintroduced shortly, would allow states to define occupations that “regularly” drug test to include all occupations where testing (including pre-employment testing) is permitted. If passed, this bill would open the floodgates for states to arbitrarily and unconstitutionally drug test its citizens solely because they are applying for UI benefits.

No one should be so confident that this bill could pass the Senate. Proponents have been trying to build support for drug testing UI claimants for years; but for the very narrow compromise reached in 2012, there has been no wider bipartisan support for the policy. Indeed, that is because such drug testing is simply another humiliation piled onto unemployed workers—a hurdle designed to be so stigmatizing that it discourages people from even applying for a benefit that they have earned in the first place….

Federal Privacy Council Online Law Library

Source: Federal Privacy Council, 2016

The Law Library is a compilation of information about and links to select Federal laws related to the creation, collection, use, processing, storage, maintenance, dissemination, disclosure, and disposal of personally identifiable information (PII) by departments and agencies within the Federal Government. The Law Library does not include all laws that are relevant to privacy or the management of PII in the Federal Government.

The Law Library only includes laws applicable to the Federal Government. Although some of the laws included may also be applicable to entities outside of the Federal Government, the information provided on the Law Library pages is strictly limited to the application of those laws to the Federal Government; the information provided does not in any way address the application of any law to the private sector or other non-Federal entities.

The Law Library pages have been prepared by members of the Federal Privacy Council and consist of information from and links to other Federal Government websites. The Federal Privacy Council is not responsible for the content of any third-party website, and links to other websites do not constitute or imply endorsement or recommendation of those sites or the information they provide.

The material in the Law Library is provided for informational purposes only. The information provided may not reflect current legal developments or agency-specific requirements, and it may not be correct or complete. The Federal Privacy Council does not have authority to provide legal advice, to set policies for the Federal Government, or to represent the views of the Federal Government or the views of any agency within the Federal Government; accordingly, the information on this website in no way constitutes policy or legal advice, nor does it in any way reflect Federal Government views or opinions. Agencies shall consult law, regulation, and policy, including OMB guidance, to understand applicable requirements.

Why People Quit Their Jobs

Source: Harvard Business Review, September 2016

….Attrition has always been expensive for companies, but in many industries the cost of losing good workers is rising, owing to tight labor markets and the increasingly collaborative nature of jobs. (As work becomes more team-focused, seamlessly plugging in new players is more challenging.) Thus companies are intensifying their efforts to predict which workers are at high risk of leaving so that managers can try to stop them. Tactics range from garden-variety electronic surveillance to sophisticated analyses of employees’ social media lives.

Some of this analytical work is generating fresh insights about what impels employees to quit. In general, people leave their jobs because they don’t like their boss, don’t see opportunities for promotion or growth, or are offered a better gig (and often higher pay); these reasons have held steady for years. New research conducted by CEB, a Washington-based best-practice insight and technology company, looks not just at why workers quit but also at when….