Weekly IP Buzz for the week ending January 11, 2019
Here’s a summary of interesting developments in intellectual property, technology, social media, and Internet law for the week ending January 11, 2019.
Privacy Breach: Millions of Facebook User Private Photos Compromised
Facebook disclosed earlier this month that it had to correct an unintended coding error that led to the access of private photos of some of its users. Although the bug did not affect all user accounts, Facebook estimates that almost seven million consumers accounts were compromised because an unintended loophole allowed some third-party applications to access Facebook user private photos, namely, photos specifically designated as “private” in user accounts.
The embattled social network technology giant has already had a difficult year with protecting the privacy of its users despite pledging that it had made improvements to its platform. Earlier this year in March, a third-party firm, Cambridge Analytica, was able to data-mine the usage data of Facebook users without express consent or knowledge. Later, in September, hackers breached Facebook’s security protocols and were able to gain full access to the entire directory of Facebook users, which numbers in the tens of millions.
Due to this latest incident, approximately 1,500 third-party applications were able to access seven million user accounts during a twelve-day period before Facebook discovered the flaw. That is a lot of time for unauthorized access to Facebook user private photos without consent or even knowledge. This glitch can become an extremely costly lesson to Facebook, in many ways.
Read the full article here.
Biometric Data Laws Come Into Play
In today’s age of mobile devices and ever-present Internet connectivity, consumers have witnessed the rise of the use of biometric data in lieu of passwords and other means of identification. As technology continues to rapidly evolve, it has now become common practice for mobile devices to use fingerprints, iris scans, or even full-face recognition as a means of “unlocking” secured devices.
In the past, such use of biometric data was limited to entry into secured grounds or facilities such as high-tech laboratories or classified government buildings. Today, however, a myriad of gadgets use such data, including, but not limited to, cellular phones, mobile tablets, and laptop computers.
As these devices have seamlessly integrated such use of biometric data into consumers’ daily lives by using them as data security “protection measures,” such use has often failed to be scrutinized closely by consumers or federal agencies alike. As such, the law lags severely behind in regulating the use, collection, sharing, and storage of such sensitive biometric data.
Biometric data such as fingerprints and iris scans are unique to the user and can easily become a means of identifying or tagging users without their consent. Similarly, the theft or misuse of such data can qualify as identify theft and wreak similar consequences on consumers’ creditworthiness, social security benefits, etc.
Despite this, however, the United States still lacks overarching guidance regarding the use of such data. This may change, however, with a recent lawsuit that is currently being argued in front of the Illinois Supreme Court.
Read more here.
For more posts, see our Intellectual Property Law Blog.
Darin M. Klemchuk is founder of Klemchuk LLP, a litigation, intellectual property, and business law firm located in Dallas, Texas. He also co-founded Project K, a charitable movement devoted to changing the world one random act of kindness at a time, and publishes Thriving Attorney, a blog dedicated to exploring the business of the practice of law, productivity and performance for attorneys, and other topics such as law firm leadership and management, law firm culture, and business development for attorneys.
Click to learn more about Darin M. Klemchuk's law practice as an intellectual property lawyer.