ArchivePage 2 of 237

Pokѐmon Go Privacy Problems: The Legalities of Mobile App Data Collection

Pokémon Go is the most popular mobile game in U.S. history. In the 24 hours after its release last week, it surpassed the daily active users numbers of every other mobile game that has ever existed—attracting nearly 21 million active users at once.  As a user myself, I can say that when the servers of the game are working properly, it’s a heck of a good time.

The game was created by Niantic and the Pokémon Company and allows users to roam the streets catching Pokémon in an augmented reality version of the real world. So successful is the game that Nintendo’s minority share in the game has boosted their market value by $11 billion in the week or so since it hit the market.

The game is free to play but features a number of available microtransactions—digital offerings within the app itself—to bring in money. However, like many mobile games, this is not the only source of revenue.  The app also collects personal information from its users, which it then strips of identifying information and sells to would-be advertisers.

In the last few days, this data collection has drawn the concern of not only users, but also U.S. Senator Al Franken. He has gone on record with serious concerns about the overreach of the privacy policy of the app—especially considering how many children it counts as users. The whole kerfuffle began in response to a blog post revealing that among the permissions you granted Niantic by creating an account was—for iPhone users using a Gmail to sign in—full access to your Google account.

The Pokѐmon Privacy Policy

The concerns, now known to be slightly alarmist, suggested that the permissions gave Niantic read/write permission for your emails, access to your Google Drive, and even the ability to pilfer your Google Wallet. This came as a heck of a shock to users, because, although the Pokѐmon Go Privacy Policy is available online, there was no indication such access was being granted when users made an account.

Since the initial accusations a few days ago, it has been established that Niantic did indeed get full access to your Google Account, however it was not quite the insidious plot that was initially insinuated. Pokemon Go

Niantic issued a statement that the overreach in permission was a mistake and the access had never been taken advantage of—an assertion that Google has verified.  What’s more, while the permissions did give Niantic potential access to a substantial amount of biographical information such as your email address and phone number, they did not have access to any emails, Google Drive, or Google Wallet.  Niantic patched the access out of the app days after the concerns were raised.

However, don’t let these developments completely send your privacy concerns over Pokѐmon Go blasting off again. If you have not yet updated the app, do so in order to patch out the access to your Google account.  What’s more, it is important to stay informed about exactly how much information you agree to share by making an account or clicking “yes” to those Terms & Conditions.  Pokѐmon Go is still collecting a staggering amount of information on you for later sale.

By using the app, you are accepting that Pokѐmon Go will collect data from you and use it in accordance with their posted privacy policy.  As it stands, they collect your Internet Protocol (IP) address, browser type, operating system, the web page you visited before going on Pokѐmon Go, anything you click on or go to while using Pokѐmon Go, how long you stay on pages you go to, search terms, and more.  Also, because Pokѐmon Go uses GPS tracking to determine where you are and thus which Pokѐmon are around you, the app collects where you go, where you left from, how long you take to get somewhere, and how long you stay at any given location.

Once this data is collected Niantic, per their privacy policy, strips identifying information from the data and pools it together to sell to advertising companies.  If the company or Pokѐmon Go is ever purchased, all this information is part of what will be purchased.

This probably seems like an incredible amount of information for strangers to know about you—and it is. Unfortunately, the only way to avoid this data collection (as with many apps) is stop using Pokѐmon Go.  What’s more, the practice is both common and perfectly legal when done carefully.

Mobile App Overreach: An Ongoing Problem

The Federal Trade Commission requires that mobile apps clearly disclose their privacy policies and what sort of information they collect. They also require that businesses give users an option to decline collection—although that can just mean letting them choose not to use an app.  Failure to do any of these things, or to comply with your own privacy policy, can give rise to an FTC charge of deceptive practices.

For example, Runkeeper is a jogging app that has recently been in hot water for tracking your location—when the app is not active. This information is then sent to advertisers.  In 2012, a social media app called Path got in trouble for taking its users’ entire address book without their knowledge.  They settled an FTC charge, paying $800,000.

Apps that seek overreaching permissions, a perfectly legal practice, unless state law says differently, when properly disclosed, are also common. In 2015, it came to light that quite a few third-party flashlight apps were asking for a lot more permissions on your smartphone than they needed.

Many of the apps has the ability to read phone status and identity, view Wi-Fi connections, modify system settings, obtain full network access, and determine your precise location via your phone’s GPS, among other permissions. This was quite an ask for an app that is primarily for finding your keys when they fall under your car seat.

It’s not surprising that people were sensitive to potential privacy issues with Pokѐmon Go given the history mobile apps have with overreaching permissions and privacy law violations. A huge portion of apps include data gathering of some kind as part of how they make their money—especially free to use apps.

Even if you trust a business with this information, that same information makes them a target for hackers. The sheer popularity of Pokѐmon Go, combined with its ability to track your location, means that it is going to be capable of nearly unprecedented data collection.  While Niantic has a solid privacy policy and has complied with FTC privacy regulations, it still can be a privacy risk given how much information is going to pass through its hands.  Don’t let this stop you from catching them all—just remember to know what you’re getting into with Pokѐmon Go and any app you use.

Waitress Told to Wear a Skirt and Look More Feminine Wins Sex Discrimination Case

In Scotland, an eighteen-year-old part-time waitress was asked to wear a skirt and makeup so she would be “easy on the eyes” to male customers.

The young woman claims that she was offered a full-time position as a waitress at the restaurant, but was pulled aside by the manager and told to wear a skirt, makeup, and her hair down to look more feminine and attractive to the customers. After she complained, she was told her existing hours would be cut and that she was no longer offered the full-time waitressing position. She decided to file a sex discrimination lawsuit.

A judge at an industrial tribunal, who makes decisions in legal disputes regarding employment law, awarded her $4,372 for discrimination and lost wages.

Would a case like this prevail in America?

What is Sex Discrimination?

Sex discrimination includes any unequal treatment on the basis of sex. The treatment must not only be different, but also unequal, and therefore lead to inequality between the sexes. For example, designating male versus female bathrooms for each gender does not rise to the level of sex discrimination. However, an employer who pays a woman less for the same work a man performs does constitute sex discrimination because it is unfair. Waitress

Title VII of the Civil Rights Act of 1964 provides protections against sex discrimination in the workplace. The Act makes it illegal for employers to either:

  1. fail or refuse to hire or to discharge any individual, or otherwise to discriminate against any individual with respect to his compensation terms, or privileges of employment, because of that individual’s sex; or,
  2. limit, segregate, or classify employees or applicants for employment in any way which would deprive or tend to deprive any individual of employment opportunities or otherwise affect that person’s status as an employee because of such individual’s sex.

In laymen terms, all employees or applicants must be given equal opportunities for employment and advancement within the company organization. Further, no person can be deprived of any employment opportunity based on his or her gender.

Sexual harassment is also a form of sex discrimination. Generally, sexual harassment may be found if an employee experiences unwanted sexual advances, requests for sexual favors, or other verbal or physical conduct of a sexual nature.

Can An Employer Require Female Employees Wear Skirts?

The short answer is “yes.” Generally an employer can impose a dress code that requires female employees to wear skirts. However, the employer must have a legitimate business necessity for this requirement and it must be reasonably related to the employer’s business needs.

For instance, if the employer wants to foster a professional atmosphere, the employer may require more formal dress, which includes a requirement that female employees wear skirts while their male counterparts wear slacks. There have been some cases where employers have been found guilty of sex discrimination against women for requiring them to wear skirts and not having any equivalent policy (such as wearing slacks) for men.

While it is generally admissible for employers to impose dress codes, it must be done with sensitivity and strict adherence to the law. A dress code cannot impose a greater burden on one gender than another. Referring back to the previous example, it would be sex discrimination require female employees to wear skirts, but have no formal dress code requirement for male employees.

Further, the employer must be careful about sex discrimination and stereotyping claims. Therefore, it is advised that the employer create exemptions in some cases to the dress code, or to forego a dress code altogether to avoid claims of sex discrimination.

Just as an employer is entitled to establish a dress code that requires female employees wear skirts, they may also require female employees wear makeup. However, the employer cannot pass up a female employee for advancement, or terminate a female employee because she did not wear makeup.

D.C. Vote Leaves Accident Victims in Dismay

Washington D.C. council has postponed a vote to change the city’s contributory negligence laws to comparative negligence with regards to automobile-bicycle collisions. This decision has frustrated bicyclists and pedestrians because under the current contributory negligence framework, the victims of such accidents are not entitled to recovery. Under contributory negligence laws, if the victim is viewed as being at least partially responsible for the accident, they will not be awarded damages.

D.C. has a “pure” contributory negligence system, which means that even if the victim of the accident is 1% at fault, they may not recover from either the driver or insurer. This is a very strict standard and in most circumstances denies any form of compensation to victims of such accidents. The only time the damaged party may recover is if their behavior which led to the accident was non-negligent (meaning entirely free from fault) and that the driver was negligent. It is very difficult to establish non-negligence.

Transition Phase – Contributory to Comparative Negligence

In general, the United States as a whole has been transitioning from a contributory negligence framework to that of comparative negligence over the last few decades. Aside from D.C., only four states have stayed with the contributory negligence system. Under a comparative negligence approach, the victim can be compensated even if they are partially at fault; however their recovery will be deducted by the percentage for which they are at fault. This seems like a far more reasonable approach than the other more stringent standard that is slowly fading out.

For the driver and the insurance companies, contributory negligence is ideal because they will not be held liable whatsoever. This of course is a double-edged sword.  Victims prefer the comparative negligence standard, but there is a nefarious element to this. Victims surely will be awarded damages under the comparative framework. Bicycle

However, there have been instances where bicyclists and/or pedestrians have intentionally come into the crosshair of the driver simply to recover damages. One of the reasons contributory negligence exists is because politicians and congressmen such as D.C. Councilmember Kenyan R. McDuffie want to provide safeguards against such acts. The driver should not always be held responsible, for there are times when the victim is in fact the perpetrator.

News reports and various statistics, including one from Gallup, show that states which enforce the contributory negligence standard have far fewer cases of automobile-bicycle accidents than states with comparative negligence.

Obviously, statistics only provide a glimpse of the truth but they should be given some thought. This statistic implies that bicyclists under this framework are more wary of accidents because of the fact that they will not be awarded damages, and it also has a deterrent effect on those “particular” bicyclists/pedestrians that want to fill their pockets by intentionally engaging in vehicular accidents.

Comparative Negligence Discrepancies

Of course, even under those states that apply comparative negligence, they are not all uniform. There are variations on comparative negligence; for example, there is something known as “pure” comparative negligence and another common variant is the modified comparative negligence scheme.

Under the “pure” comparative system, which is the typical approach, the victim may recover, but recovery will be reduced based on the degree of fault. In the modified system, there are two approaches. One is if the victim is 50% or more at fault, then they cannot recover whatsoever. The second approach is that if the victim is 51% or more at fault, then they cannot recover. The difference between the two approaches is a mere 1%. In general, the modified system is far less favorable to the damaged party than is the pure comparative system.

Impact – How It Will Affect Both Driver and Pedestrian

Just to reiterate what has already been stated, D.C. transitioning from one system to another can have drastic implications. For one, as mentioned above, the comparative system favors the victims and the contributory framework benefits the driver and/or insurer. The people of D.C. are unhappy that the vote came out the way it did, as they would prefer to be compensated in the case of an accident. They don’t want the insurers walking all over them. The contributory negligence framework allows for this and gives the insurance companies an excuse not to cover the damages.

At its core, these two diverging systems provide a mechanism that a defendant can invoke if he or she is sued. On the other hand, there are nuances to the law that prevent full protection for one party or the other. Ultimately, the law of the state will determine how both perpetrators and victims of accidents will be treated.

The country is headed towards a comparative approach but as is the case here in D.C., not all legislators are ready to give up on contributory negligence. There are repercussions that go beyond benefiting the insurance companies. The comparative negligence framework might lead to increased insurance premiums and this potential effect is not ideal for the many decision-makers that want to maintain their seat on the throne.

The comparative negligence approach seems like the more reasonable approach because it gives the victim of an accident some form of remedy. It gives certain remedies to the driver and the victim depending on the circumstances. The driver may not be penalized fully if the damaged party was somewhat responsible and the victim will be rightfully compensated.

Federal Judge Quashes Mississippi Law Protecting Those That Discriminate Based on Sexual Orientation

Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof…

Have you heard of a little thing called separation of church and state? Not the first of its kind to pass, Mississippi recently passed HB1523, essentially allowing individuals to discriminate against the LGBT community based on personal religious beliefs.  HB1523 was set to take effect this week, but Federal District Judge Carlton W. Reeves ruled the law violates the First and Fourteenth Amendments.

The Establishment Clause provides us with religious freedom, as well as protections from governmental interference regulating such beliefs. It’s definitely a slippery slope between the two protections.  On the one hand, you want religious freedom and this law appeared to provide protections to Mississippians from being punished for Gay Marriageacting on their religious beliefs.  On the other hand, it does seem discriminatory, favoring one religious belief aimed against the LGBT community.  Was it really just a catalyst for legalizing discrimination?  A way to get around the Supreme Court’s decision in Obergefell?

If you take a look at the language of the bill, as a whole it says an individual can exercise their religious beliefs without negative repercussions from the government. Doesn’t sound so bad, right?  But when you consider the ramifications of further text within the bill, it’s definitely controversial.

The law protected individuals and businesses alike from backlash for:

  • refusing to perform gay marriages or issue marriage licenses,
  • refusing to make a wedding cake or any other wedding planning services,
  • private organizations could make employment decisions (hiring/firing) based on sexual orientation and gender identity (this one’s a doozy!),
  • refusing to rent, sell, or make other terms and conditions about housing based on sexual orientation and gender identity,
  • refusing (adoption agencies) to place a child based on sexual orientation or gender identity,
  • refusing (medical professionals) services related to sex reassignment or gender identity transition,
  • refusing (medical professionals) to participate in fertility services for gay couples,
  • establishing sex-specific standards concerning employees/students in how they groom and dress themselves and can restrict access to bathrooms.

I take it back—they’re all doozies. If legislature is truly to abide by the plain language of the Establishment Clause, they shouldn’t be making laws “respecting an establishment of religion.”  Isn’t this law essentially respecting, or better yet favoring, Christian ideologies?

HB 1523 Singles Out Specific Religious Beliefs

“The sincerely held religious beliefs or moral convictions protected by this act are the belief or conviction that:

  1. Marriage is or should be recognized as the union of one man and one woman;
  2. Sexual relations are properly reserved to such a marriage; and
  3. Male (man) and female (woman) refer to an individual’s immutable biological sex as objectively determined by anatomy and genetics at time of birth.”

If this doesn’t scream recognition of a religious ideology, I don’t know what does. Even more so, the law essentially says the State favors protecting the religious beliefs of those opposed to the LGBT community over everyone else.

Case Law Backs Up Decision

Judge Reeves has plenty of case law to back up his decision.  The Supreme Court decided in the 90’s, followed by a whole slew of cases furthering sexual orientation rights, that discrimination based upon sexual orientation violates the Equal Protection Clause.  Judge Reeves argued HB1523 does not provide the same equal protections anti-discrimination laws protect, but rather draws a stark line between the LGBT community and everyone else broadly denying them their equal protection rights.

Not only is it an equal protection violation, Judge Reeves argues it violates the Establishment Clause.  HB1523 establishes a preferred religion. Not only does it establish a preference for Christianity, but, he argues, it treats Christians that have beliefs contrary to those specifically enumerated within the law (that marriage is between a man and woman) as second-class citizens—it gives special privileges to those that hold the enumerated beliefs over those that don’t.

According to Judge Reeves, why should Muslim or Jewish clerks, who do not believe in interfaith marriages, not be allowed to recuse themselves from issuing a marriage license? It wholly discriminates against, not just the LGBT community, but anyone who doesn’t hold the same enumerated beliefs spelled out in the law.

In all fairness, the concept of protecting individuals from governmental repercussions for acting on religious beliefs is a great idea. However, let them duke it out in court like everyone else instead. Private schools could already maintain their own admission standards and policies regarding its students.

Individuals and private businesses already had the right to refuse service.  Pastors already had the right to exercise discretion when deciding whether to perform marriage ceremonies.  Clerks already had the right to invoke constitutional and statutory defenses when objecting to same-sex marriages.  None of them needed a law that specifically calls out and separates members of the LGBT community in order to exercise their religious beliefs. Carol Burnett, a United Methodist minister and a plaintiff in the case, said it best,

“When there is no separation of church and state, there is no freedom of religion.”

Judge Orders Illinois to Add PTSD to List of Approved Medical Conditions For Medical Marijuana

A medical marijuana pilot program launched early 2014 in Illinois allows registered patients to obtain marijuana for medicinal purposes if their ailment is on the State’s list of approved medical conditions. The program also allows Illinois residents to petition the Department of Public Health to add debilitating medical conditions that aren’t already on the list.  An advisory board consisting of doctors, nurses, patients and advocates recommends which medical conditions are added to the list. Once the recommendation is made, the Director of the Department of Public Health will have the final say whether to approve or deny the Board’s recommendations.

Iraq war veteran Daniel Jabs is suffering from post-traumatic stress disorder (PTSD). Jabs petitioned the Department to add PTSD to the list of recognized medical conditions. The advisory board unanimously approved the addition of PTSD to the list of approved medical conditions and, according to the Department’s rules, the medical condition should have been either approved or denied based on the advisory board’s recommendation alone. However, it was denied based on other reasons.

Judge Has Authority to Add PTSD to Life of Approved Conditions

How is it that the judge had the authority to order the health department to add PTSD to the list of medically approved conditions that warrant the use of medical marijuana? Judges wouldn’t typically have the authority to “add” items like this to an already existing law, but that isn’t really what happened.  It’s the traditional system of checks and balances.

The Department of Public Health will consider petitions, which includes giving public notice and holding a public hearing. Check—this was done.  Petitions need to be either approved or denied within 180 days.  Check—this was done, but wait not so fast.  While the decision ultimately rests with the Department, their decision is subject to judicial review.  Military

Judge Cohen didn’t randomly order PTSD to be added to the approved list. Instead, he heard the lawsuit filed by Jabs, interpreted the law and, ultimately, found the process for which medical conditions are added to the approved list had been violated. In other words, Jabs’ fundamental right to due process of law was violated. The Judge simply ordered the Department to correct it.

The Medical Cannabis Advisory Board took the appropriate steps and approved PTSD, but it was Director Nirav Shah, despite the Board’s evidence and findings, who denied approval after the Board’s recommendation. Judge Cohen ruled that Shah inappropriately conducted his own investigation and used standards not within the program’s (nor the Department’s) rules.  This, Judge Cohen contends, violated Jabs’ due process rights, but was also in direct contradiction to the plain language of Department rules.

According to Judge Cohen, the “Director’s legal duty was to review the evidence, review the advisory board’s recommendations based thereon and render a final decision accepting or denying the proposal…Instead, Director Shah engaged in a private investigation, hidden from public view and more importantly, hidden from the parties, and arrived at his conclusion based thereon. This process was constitutionally inappropriate.”  The Judge gave Illinois 30 days to add PTSD to the list of qualifying conditions and scheduled a follow-up hearing in order to ensure compliance.

Since the statute gives the judiciary the power to review, Judge Cohen was within his authority to review and issue an order based on his findings. It would, however, not be within judicial authority to remove any medical conditions unless the process for which it was approved was in direct contradiction to the Department’s own rules.

Could judges in other states have the same authority? Definitely.  Just with any other law, the judiciary has the power to hear cases and interpret law, but each state will have their laws crafted in a different way that may lay out different procedures. Courts in other states could follow suit so long as they are interpreting laws and not creating laws.