Information Technology

Subscribe to Information Technology

This is part one of a three-part series outlining the topics of discussion from our presentation to the Southern Lancaster County Chamber of Commerce.

This morning, Brandon Harter and I had the pleasure of presenting to a full house of Southern Lancaster County Chamber of Commerce members at the Quarryville Library. Thank you to all who attended and we enjoyed a friendly competition and lively discussion of various ways that technology law impacts every small business in 2019.

If you were unable to attend or if you’d like a brief summary of what was discussed, here’s additional information on two of the discussion topics from this morning’s event:
Continue Reading Expecting the Unexpected: Technology Law Issues for Every Small Business – Part 1

Advertising and other commercial activities happen in an instant on social media. Are you covering your bases legally when posting photos of individuals or groups on your company social media accounts?

State law governs when you can use a person’s name or likeness for commercial or advertising purposes – this is commonly referred to right of publicity or right of privacy depending on the context and legal status in the jurisdiction.

In Pennsylvania, there is a somewhat complicated legal framework comprised of both statutes and case law that governs right of privacy and right of publicity.
Continue Reading When Can You Use Photos of Customers or Employees for Business Purposes?

All digital evidence, whether emails, computer files, or text messages, comes with metadata. Metadata is nothing more than “data about data,” i.e. things your phone or computer keeps track of about a digital file. Some of the most common examples are the “last accessed date” (when a file was last opened) and its “creation date” (when a file was first created).

Great, so metadata exists. So what? I get this question all the time. Particularly from opposing counsel when I’ve demanded that he or she reproduce a set of documents with metadata, usually after he or she has already provided a PDF copy. But I’m not asking for metadata in a fit of gamesmanship or to drive up litigation costs. I do it because metadata can be as valuable as the content itself.
Continue Reading Metadata is NOT an Excuse to Make Your Lawsuit More Expensive

This is the final installment in a three-part series about data breaches and the requirements of Pennsylvania law relating to data breach notification. The previous posts in this series are: Doing Business in 2019? You Should Be Thinking About Data Security; and When Does a Data Breach Require Disclosure Under Pennsylvania’s Data Breach Notification

This is part two of a three-part series about data breaches and the requirements of Pennsylvania law relating to data breach notification. Part one of this series was Doing Business in 2019? You Should Be Thinking About Data Security.

 The first post in this series made the case for why you should take data security seriously. Otherwise, you’ll need to worry about the daunting task of complying with a multitude of data breach notification laws and the public relations nightmare of being the next company that revealed its customers’ personal information.

But as the saying goes: the best-laid plans of mice and men often go awry.
Continue Reading When Does a Data Breach Require Disclosure Under Pennsylvania’s Data Breach Notification Act?

This is part one of a three-part series about data breaches and the requirements of Pennsylvania law relating to data breach notification.

If the events of the past few years are any indication, the scale and frequency of data breaches will only increase in 2019. According to Experian’s 2019 Data Breach Industry Forecast, in the first half of 2018, the number of records compromised exceeded the total number of breached records for all of 2017.

In the event of a data breach, legal compliance obligations can be daunting, particularly if your business stores personally identifiable information for residents of other states. All 50 states have data breach notification laws, each of which is slightly different. And do you store information about residents of the EU? Then you may need to worry about how the GDPR applies.
Continue Reading Doing Business in 2019? You Should Be Thinking About Data Security

Siri’s been around since 2010, but despite my borderline obsession with Apple products and services, my use of Siri has been limited until fairly recently. I think my increased usage is likely due to several factors, including Siri’s recent improvements, a Series 4 Apple Watch that allows Siri to speak back to me, and voice assistant technology reaching a tipping point for widespread adoption, particularly with the Amazon Alexa and Google Home product ecosystems.
Continue Reading Hey Siri, Remind Me To…

Back in July, Matt Landis updated us on several of the stories confirming Lancaster’s technology sector continued to thrive in 2018. As we close out the year, let’s look at a few more that made the news in our area during the second half of the year!

  • Think self-driving cars are still an early-stage

A few months ago I wrote about the Third Circuit Court of Appeal’s avoidance of ruling on whether employers have a duty to protect their employees’ personal information. We now have an answer to that question (at least in this Commonwealth) from Pennsylvania’s Supreme Court: Yes, yes it does.

On the eve of Thanksgiving the Pennsylvania Supreme Court released its decision in Dittman v. UPMC. This lawsuit was brought by employees of the University of Pittsburgh Medical Center over a data breach that leaked the employees’ names, birth dates, social security numbers, and bank account information. But the existence of a duty by UPMC to protect this personal information remained in doubt. The Court ended this debate by ruling:

an employer has a legal duty to exercise reasonable care to safeguard its employees’ sensitive personal information stored by the employer on an internet-accessible computer system.

For employees, this is a decision that should be heralded as an important protection against identity theft. After all, what choice does an employee have but to give personal data to their employer? That the employer must protect that information is just common sense.
Continue Reading PA Supreme Court Finds Employers Must Protect Their Employees’ Personal Data