Information Technology

Just because your terms of service say you’re not liable, doesn’t mean you aren’t. Like the fine print at the bottom of a contract, website terms of use are a place for businesses to protect themselves. But they are not a substitute for thinking carefully about how you interact with your customers – particularly if

All digital evidence, whether emails, computer files, or text messages, comes with metadata. Metadata is nothing more than “data about data,” i.e. things your phone or computer keeps track of about a digital file. Some of the most common examples are the “last accessed date” (when a file was last opened) and its “creation date” (when a file was first created).

Great, so metadata exists. So what? I get this question all the time. Particularly from opposing counsel when I’ve demanded that he or she reproduce a set of documents with metadata, usually after he or she has already provided a PDF copy. But I’m not asking for metadata in a fit of gamesmanship or to drive up litigation costs. I do it because metadata can be as valuable as the content itself.
Continue Reading

This is the final installment in a three-part series about data breaches and the requirements of Pennsylvania law relating to data breach notification. The previous posts in this series are: Doing Business in 2019? You Should Be Thinking About Data Security; and When Does a Data Breach Require Disclosure Under Pennsylvania’s Data Breach Notification

This is part two of a three-part series about data breaches and the requirements of Pennsylvania law relating to data breach notification. Part one of this series was Doing Business in 2019? You Should Be Thinking About Data Security.

 The first post in this series made the case for why you should take data security seriously. Otherwise, you’ll need to worry about the daunting task of complying with a multitude of data breach notification laws and the public relations nightmare of being the next company that revealed its customers’ personal information.

But as the saying goes: the best-laid plans of mice and men often go awry.
Continue Reading

This is part one of a three-part series about data breaches and the requirements of Pennsylvania law relating to data breach notification.

If the events of the past few years are any indication, the scale and frequency of data breaches will only increase in 2019. According to Experian’s 2019 Data Breach Industry Forecast, in the first half of 2018, the number of records compromised exceeded the total number of breached records for all of 2017.

In the event of a data breach, legal compliance obligations can be daunting, particularly if your business stores personally identifiable information for residents of other states. All 50 states have data breach notification laws, each of which is slightly different. And do you store information about residents of the EU? Then you may need to worry about how the GDPR applies.
Continue Reading

Siri’s been around since 2010, but despite my borderline obsession with Apple products and services, my use of Siri has been limited until fairly recently. I think my increased usage is likely due to several factors, including Siri’s recent improvements, a Series 4 Apple Watch that allows Siri to speak back to me, and voice assistant technology reaching a tipping point for widespread adoption, particularly with the Amazon Alexa and Google Home product ecosystems.
Continue Reading

Back in July, Matt Landis updated us on several of the stories confirming Lancaster’s technology sector continued to thrive in 2018. As we close out the year, let’s look at a few more that made the news in our area during the second half of the year!

  • Think self-driving cars are still an early-stage

A few months ago I wrote about the Third Circuit Court of Appeal’s avoidance of ruling on whether employers have a duty to protect their employees’ personal information. We now have an answer to that question (at least in this Commonwealth) from Pennsylvania’s Supreme Court: Yes, yes it does.

On the eve of Thanksgiving the Pennsylvania Supreme Court released its decision in Dittman v. UPMC. This lawsuit was brought by employees of the University of Pittsburgh Medical Center over a data breach that leaked the employees’ names, birth dates, social security numbers, and bank account information. But the existence of a duty by UPMC to protect this personal information remained in doubt. The Court ended this debate by ruling:

an employer has a legal duty to exercise reasonable care to safeguard its employees’ sensitive personal information stored by the employer on an internet-accessible computer system.

For employees, this is a decision that should be heralded as an important protection against identity theft. After all, what choice does an employee have but to give personal data to their employer? That the employer must protect that information is just common sense.
Continue Reading

When a Stranger Decides to Destroy Your Life (Gizmodo)

This article has been on my mind quite a bit lately, as it highlights some of the worst that social media and the internet has to offer. If you think “it can’t happen to me or my business”, I’d suggest you read this article and consider how you might change your behavior online.

Having worked with clients who are victims of online harassment, unfortunately the circumstances in this article hit close to home. If you are the victim of harassing conduct online, I suggest reaching out to an attorney well-versed in these issues sooner rather than later to discuss your options and develop a plan to minimize the impact on your life and business.

Lancaster Virtual Reality Lounge opening on North Queen Street this November (LancasterOnline)

The name says it all: Lancaster Virtual Reality Lounge will offer a virtual reality arcade experience in downtown Lancaster beginning in November 2018, offering over 200 games and activities to try.
Continue Reading

This post is part of our ongoing series exploring the impact of technology on legal issues.  For an introduction to the series and a collection of the posts in the series, check out this post.

Bing. Bing. Bing. Bing.  That would be the sound of a text message showing up on my phone, watch, iPad, and computer all at the same time.  Don’t worry, I actually have the sound turned off on all but one of those devices, so I don’t drive myself and everyone around me insane.  I love the convenience of it.  No matter which device I am using, I can easily respond to a text or call without having to figure out where the heck I left my phone. And because my fiancé has sworn off all things Apple, I never have to worry about him seeing any surprises I’m planning.

But we’re not like most couples.  Most couples I know have the same type of phone and if it is an iPhone, they often share the same Apple ID.  Sure, this is convenient for a number of reasons.  But what happens when a couple decides to separate and forgets that their ex has access to all of their text messages?  Or can see their emails?  Sadly, I’ve had more than one client who discovered their spouse was unfaithful because the spouse forgot their devices were linked.  I’ve had clients who can’t figure out how their ex found out about someone they were talking to months after separating even though they were never seen together publicly and most communication was limited to texting.  If you shared an account or had your texts or calls going to another device that you do not have exclusive control over, you need to be mindful that your ex may still have access to what you assume are private calls or text messages.
Continue Reading