Building on the InfoLawGroup's depth of experience in social networking and social media, Attorneys David Navetta and Richard Santalesa have co-authored a new whitepaper with the ACE Group, a global leader in insurance and reinsurance, entitled Social Media: The Business Benefits May be Enormous, But Can the Risks - Reputational, Legal, Operational - be Mitigated?
Banks and other financial institutions face unique issues when it comes to the use of social media. Faced with conflicts between social media platform rules, customer expectations, self-regulatory standards, and the strict regulations that govern the industry, guidance has been needed. The industry received some of that guidance recently through a whitepaper issued by BITS, the technology arm of The Financial Services Roundtable whose members are 100 of the largest financial institutions in the U.S.The report addresses the compliance, legal, operational, and reputational risks - and related mitigation strategies - of using social media in connection with a financial or banking operation. Regarding compliance, the report discusses the myriad of compliance areas relevant to banks, including marketing, privacy and security. For example, because social media web sites and web activities are deemed advertising by regulators, the report warns of the risks of failing to comply with various marketing laws and regulations applicable to the banking industry, including state Unfair and Deceptive Acts or Practices Acts and Prize and Gift Acts, as well as others that require additional steps for financial institutions, such as Truth in Lending, Truth in Savings, and FDIC membership rules. The paper predicts even stronger and more subjective requirements to come under the Dodd-Frank Wall Street Reform and Consumer Protection Act. Risks of non-compliance vary widely - from litigation and reputation risk, regulatory enforcement actions and in some cases civil money penalties.
Much like the "Cloud computing revolution" there is an almost frenzied excitement around social media, and many companies are stampeding to exploit social networking. The promise of increased intimate customer interactions, input and loyalty, and enhanced sales and expanded market share can result in some organizations overlooking the thorny issues arising out of social networking. Many of these issues are legal in nature and could increase the legal risk and liability potential of an organization employing a social media strategy.In this multi-part series the InfoLawGroup will identify and explore the legal implications of social media. This series will help organizations begin to identify some of the legal risks associated with social media so that they may start addressing and mitigating these risks while maximizing their social media strategy. In Part One of the series, we will provide a high level overview of the legal risks and issues associated with an organization's use of social media. In subsequent parts members of the InfoLawGroup team will take a deeper dive into these matters, and provide some practical insight and strategic direction for addressing these issues. As always, we view our series as the beginning of a broader conversation between ourselves and the larger community, and we welcome and strongly encourage comments, concerns, corrections and criticisms.
One issue still bobbing below the social networking surface is disclosure of trade secrets, such as a client/customer list, through use of social networking. With seemingly everyone, including us here at the Info Law Group, connecting to business associates and potential and actual clients, the question is not academic.
German state data protection authorities have recently criticized both cloud computing and the EU-US Safe Harbor Framework. From some of the reactions, you would think that both are in imminent danger of a European crackdown. That's not likely, but the comments reflect some concerns with recent trends in outsourcing and transborder data flows that multinationals would be well advised to address in their planning and operations.
Social networking entails some risks and responsibilities. It may implicate privacy and labor law, confidentiality and nondisclosure agreements, advertising regulations, defamation, and other legal regimes, across borders in a global medium. Users, and their employers, need to be aware of these risks and responsibilities in deciding how to make best use of social media.
As some of you know, I tweeted my notes from the IAPP Global Privacy Summit 2010 yesterday and today (@Forsheit for those of you on Twitter). Since many of our readers are not on Twitter, I thought I would provide you with those notes here (minus the usual Twitter hashtags and abbreviations). Please note that there were multiple sessions, and this reflects only those I was able to attend, and only the information I could quickly record, putting virtual pen to paper. These are not direct quotes, unless specifically designated as such. Overall, I think it was a great conference, a wonderful opportunity to reconnect with other lawyers and privacy professionals, and to meet students, lawyers, and others looking to learn more about this constantly evolving legal and compliance space. For me, the conference highlight was Viktor Mayer-Schonberger's keynote this morning on The Virtue of Forgetting in the Digital Age. Without further ado, here are my notes. Would love to hear your thoughts/reactions.
This week, I will be providing short updates from the IAPP Global Privacy Summit in Washington, DC. The conference will be in full swing tomorrow, and I will report on various panels and topics of interest. In the meantime, as I prepare to see old and new friends at the Welcome Reception this evening, a few thoughts on what I expect to see and hear a lot over the next few days.
In honor of Data Privacy Day and its spirit of education, I thought it might be appropriate (and fun) to celebrate some (but certainly not all) of the A, B, Cs of Data Privacy. Would love to see your contributions, too!