@ericmenhart Latest Tweet:

Internet Safety For Kids

These days, kids get online at a younger age than ever before. There are some very useful things kids can do online, such as learning, research, educational games, and more. The internet is also something that need to be approached carefully for young users. There are plenty of cyber threats such as scams, identity theft, inappropriate content, and other dangerous things online that kids need to stay away from. With two thirds of internet users falling victim to some sort of cyber crime, it’s important to know what you’re up against and how you can keep your kids safe. The Internet Crimes Against Children (ICAC) Task Force Program is an organization that has received more funding over the years in an effort to reduce internet crimes against children.

With things like social media becoming integrated into our lives more every day, kids are spending much higher amounts of time online just in the last few years. Take a look at the information below for facts on internet crime against children, and tips for parents to help prevent these types of crimes.

Internet Safety For Kids

Want to Share this info-graphic?

Simply add the code below to your site or blog!

Menhart Quoted on Do-Not-Track


I was recently quoted on the FTC’s proposed “Do Not Track” list in the Maryland Daily Record (subscription required). The proposed “Do Not Track” list is a follow-up proposal in light of the success of the “Do Not Call” list. The proposal would allow consumers to notify advertisers that they do not want their personal information shared for online marketing purposes. The article discusses a variety of viewpoints as to the necessity of such regulation and looks at the potential difficulties with implementing such a list.


My quote in the article points out that advertisers’ fears about implementation of a “Do Not Track” list are probably a bit overstated. Consumers that are on the “Do Not Call” list are among those least likely to respond to a phone advertisement and being on the “Do Not Call” list is a free way for advertisers to eliminate people least likely to be good telephone sales prospects. I suspect that the same principle will be true of people that actively maintain membership on a “Do Not Track” list.

[Read more...]

Can You Remove Facebook or Twitter Posts?


I am often contacted by potential clients that discover that ostensibly “private” information on social networks, particularly Facebook and Twitter, has become public, often to the potential client’s detriment. The content has often become public because a third-party, including other Facebook or Twitter users, or a third party blog, reposts the information, often in a negative light.


Content of concern to potential clients often includes an inappropriate photograph, or a now-regretful Facebook comment or Twitter post. I also routinely see concerns about direct messages on Twitter or wall-posts on Facebook. In most cases, the potential client asks what can be done to remove the offending content.


Unfortunately, there is usually little chance to remove such content because there is no legal basis on which to base demands for removal. Information that a user generates and publicly posts is generally not legally protected from further dissemination or commentary, except in very special cases where other legal principles such as copyright protection, false light or defamation may apply. If you have questions about your specific situation, contact a privacy attorney here at CyberLaw PC.


Potential clients are often frustrated to hear that opportunity for removal is limited and ask what can be done to prevent future scenarios. I generally offer three main tips to such potential clients:


First, you should always assume that ANY content you post or share on the Internet can become public. Whether it is e-mail, a photograph, a video or simple text, any document shared digitally, even amongst friends, can often find itself becoming viral, replicated thousands of times as it is shared via e-mail and other electronic means. Search for Karen Owen’s “List”, for one such example of an unintended viral consequence.


Second, I generally do not recommend that you issue any type of takedown notice unless you are confident that you have a colorable legal justification for doing so. Individuals that were willing to post the original content in a negative light are quite likely to post your takedown notice as well, compounding the problem. More importantly, there is little chance that the content will be removed as a result of the takedown notice.


Finally, I strongly recommend that EVERYONE that maintains any type of Internet presence register and develop the .com version of their full name. For example, if your name is John Smith, I would recommend that you register JohnSmith.com. If your name is similarly common to John Smith, you may want to use your profession, location or middle initial or name. For example, AttorneyJohnSmith.com or JohnSmithWashingtonDC.com, or JohnMSmith.com.  Prominent individuals at start up companies or firms with strong figure heads may also want to do the same.  


Once the name is registered, be sure to occasionally post newsworthy information about yourself using simple blogging software such as WordPress or Joomla. In most cases, you website will rise very quickly to the top of the search results when people search for you by name and will give you the opportunity to have the opportunity to share “your side of the story” as to any criticism you receive for uncontrolled content or other issues that may arise.


Many people, particularly professionals such as doctors, lawyers, accountants and journalists, will receive some type of negative online attention, warranted or not, at some point in their lives. While an unfortunate reality, taking steps to maintain control of your content and being prepared to proactively respond to criticism makes good sense in both a personal and business context.




[Read more...]

Defining an Intercept under Wiretap Act


The media has picked up on a case in the 9th Circuit that examines the definition of an “intercept” under the Wiretap Act. The district court judge in Bunnell v. Motion Picture Association of America found that a hacker had not “intercepted” messages when he simply copied messages being sent via company servers to a Google Mail account. The judge ruled that because the hacker “did not stop or seize” the messages, there was no intercept.

There are two reasons that such a decision should not stand. First, Judge Florence-Marie Cooper found that “under . . . the ordinary meaning of the word 'intercept,' [the hacker’s] acquisitions of the e-mails did not violate the Wiretap Act.” A quick look at the dictionary entry for the word “intercept,” however, seems to disagree. The second entry for intercept reads “to see or overhear (a message, transmission, etc., meant for another): We intercepted the enemy's battle plan.” The hacker in this case “saw or overheard” e-mail messages, so the “ordinary meaning” argument falls somewhat flat. This is particularly true when Section 2510(4) of the Wiretap Act defines the word “intercept” as being the “the aural or other acquisition of the contents of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device.”

Second, the (seemingly) clear policy initiative of the Wiretap Act is that “Interception and disclosure of wire, oral, or electronic communications [are] prohibited.” It’s hard to fathom that Congress intended to allow such “copy and forward” procedures. Particularly when the headings in the Wiretap Act are as concerned with “disclosure” as “interception.”

While the 9th Circuit’s decision won’t be binding on other Circuits, it’s worth watching. A decision upholding the lower court will definitely lead to renewed privacy fears in both a criminal and civil vein.

[Read more...]

Bill Protects IT Health Privacy


A new bill, entitled “Technologies for Restoring Users'
Security and Trust” (TRUST) in Health Information Act, has been introduced as
House Resolution 5442. The bill regulates the use of information technology
within the American health care system and seeks to protect the privacy and
security of patient medical information. According to Congressman Markey, one
of the bill’s sponsors, TRUST:


  • Empowers patients to keep their medical records out of
    health IT systems unless they first give their consent;
  • Requires patients to be
    notified if systems containing their health information are breached and their
    records are exposed;
  • Mandates the use of data security safeguards such as
    encryption and other technologies that render information unreadable to
    individuals who are not authorized to access it;
  • Authorizes grant funding to
    enable the purchase and enhance the use of qualified health IT systems;
  • Establishes
    a public-private partnership to make recommendations concerning health IT
    standards, criteria for the electronic exchange of personal health information
    and related purposes to encourage the creation of a nationwide interoperable
    health information technology infrastructure.


This is a welcome bill, which has been endorsed by numerous
privacy and medical groups. There have been some questions about electronic
personal health records and how they may be covered under existing privacy law,
such as the Health Insurance Portability and Accountability Act (HIPAA). In
addition, virtually anyone that studies privacy matters agrees that health
privacy is one of the most sacred privacies and should be subject to greater
protections than, for example, marketing studies or other commercial privacy

[Read more...]

Suicide, Cyberbullying & Cybervigilantes


The Washington Post has a feature on the story of Megan
Meier, the girl who committed suicide based on messages she received from a group
of cyberbullies. The feature tells the entire story of the saga from start to
end, and nicely illustrates the mentality and organization of online groups
with questionable intentions.


Also of interest is the limited statutory options prosecutors
had in attempting to charge the cyberbullies. This tragic story will likely be
a watershed point in cyberbullying and one would hope that it would at least
help to prevent similar stories from occurring in the future.

[Read more...]

FTC Proposes Online Behavioral Ad Principles


To address important consumer privacy concerns associated
with online behavioral advertising, the Federal Trade Commission recently
released a set of proposed principles for advertisers to follow.


The “principles” include (a) that web sites that collect
behavioral data should prominently display this fact and give consumers the
option to “opt-out” of the collection, (b) any data that is collected should be
“reasonably protected” by the collector and the collector should retain the
data only for legitimate business or law enforcement needs, (c) companies
should only collect sensitive data for behavioral advertising if they obtain
affirmative express consent from the consumer to receive such advertising, and
(d) companies should obtain affirmative express consent from affected consumers
as a result of materially different privacy policies or other changes.


The FTC’s concentration on this issue is good news. Whether
an online advertiser or a user of the “Web 2.0” type sites, there is a need for
more clarity as to the issues that arise in behavioral advertising. The FTC’s
initial proposed principles make sense for all involved parties.


The devil, as usual, is in the details. Defining information
that qualifies as “behavioral data” and similar tasks are still in front of the
FTC and parties that choose to comment on the proposed principles. The initial
suggestions are reasonable, however, and we can expect to see changes, if any,
in the details as opposed to the broad policy principles.

[Read more...]

Data Thefts and Breaches Rising


Organizations that maintain personal data are spending more
money and time on improving security, but many are finding that investments are
too late or insufficient.


Various watchdog groups report that the number of
compromised records in 2007 reached 162 million records worldwide. The groups
reported that 2007 was a record year for the number of privacy security


While the numbers are interesting, there are two issues
worthy of note. First, the numbers provided by the watch dog groups are
primarily “reported” breaches. The likelihood that there were millions of
additional breaches that never made it into the public view is quite likely.


Secondly, one of the most telling statistics is the high
level of breaches caused by inappropriate handling or human error, compared to
attempts by hackers to compromise data. While security as to outside threats
must continue to be a priority, organizations must give equal importance to
appropriate training and security practices for all personnel who handle
sensitive data.

[Read more...]

Cellular Tracking Raises Privacy Concerns


E911 location tracking, a service initially mandated by the
federal government of wireless providers to track missing persons and for other
purposes, is now being used by the wireless providers to earn a profit. Sprint
Nextel provides a "loopt" that sends an alert when a friend is near,
and Verizon’s Chaperone service allows parents to set up a "geofence"
around a defined area and receive an automatic text message if their cell phone
carrying child travels outside that area.


While these services can be useful for consumers that opt in
to tracking, they are beginning to offer some legal problems when law
enforcement attempts to mandate their use to track criminal activity. Many
attempts have been rebuffed by Federal magistrates as insufficiently specific
to allow for such tracking. Many of these rulings, typically not fit for
publication in legal reporters, are being published by judges in an effort to
create a standard. Other judges have granted requests for data without a
probable cause standard as to suspect’s location so long as the data is limited
to identifying the cellular tower servicing the suspect, which is a less
precise method of tracking an individual.


It seems surprising that this issue is as polarizing as it
is. The probable cause standard is still the standard required for requests for
surveillance. On the other hand, there are some areas of law that don’t require
probable cause at all, such as public surveillance, which law enforcement can
argue is appropriate when tracking open wireless signals.


The vast differences in rulings among federal judges suggest
that a more formal ruling as to the appropriate standard is now appropriate. Hopefully
federal appeals courts and perhaps eventually the Supreme Court can help to
settle the differences seen in the current climate.

[Read more...]

Do Not Track List Proposed for Advertisers


Seeking to follow the successful example of the FTC’s “Do
Not Call” list, a variety of privacy groups have now proposed a “Do Not Track”
list that seeks to create a list for consumers that would prefer to “opt-out”
of being tracked for behavioral marketing campaigns.


The proposal surmises that consumers would want to avoid
having their online activities monitored for marketing purposes and mandates
that advertisers respect the wishes of the consumers on the list. Being on the
list, however, would not lead to any reduction in “direct advertising.” The
results of being on the list would be mostly translucent to a consumer.


Advertisers generally do not support the proposal. Most
argue that targeted advertising is beneficial to consumers, who benefit from
ads that are more relevant to their interests and needs. Advertisers also warn
that targeted ads help to support free content on the Internet and elsewhere. A


These are the types of issues that the FTC will likely begin
to focus upon in the upcoming years. Both sides have good arguments for their
respective positions. The likely result, however, is the eventual implementation
of a “Do Not Track” style list. The FTC will likely determine that consumers
are the ones who should ultimately decide which of the two sides of the issue
is correct. Those that agree with the privacy groups will join the list, those
that agree with the advertisers will simply avoid the list to encourage the
more targeted advertising.

[Read more...]

Attorney Eric Menhart has been seen in: