Privacy Lawsuits Increase in 2010 Due to Online Behavioral Tracking

Jan. 25, 2011 - PRLog -- Boca Raton FL – According to the Information Law Group, which concentrates on legal issues around privacy, data security, information technology and e-commerce, 2010 was a banner year for privacy-related lawsuits. And it may just be the tip of an iceberg of litigation to come. The Information Law Group report indicates that “There has been a significant increase in the volume of privacy lawsuits recently filed and being litigated … in addition to significant settlements on the books,” and adds that “most of the lawsuits cited involve online behavioral tracking.”

Among the privacy lawsuits are class actions against Internet marketing companies who track user habits; a suit related to the tracking of mobile device users on the web; a lawsuit against an online advertising firm for engaging in browser history sniffing; a suit naming Facebook and Rapleaf for unpermitted sharing of Facebook user personal information with advertising and marketing companies; and a lawsuit against Apple for allegedly encoding iPad and iPhone with tools that enable advertisers to leverage user download habits.

Given our collective dependence on the Internet to conduct business of all kinds, and the unprecedented profit potential associated with capturing and using all of that online data, is there anything that can be done to thwart the behavioral trackers?

Privacy legislation is certainly a start—enabling victims to sue those caught exploiting their data without permission. Beginning with the Electronic Communications Privacy Act of 1986 and followed a decade later by HIPAA, privacy requirements were taken to a new level in the HITECH Act of 2009. Around the same time, individual states began enacting their own online privacy legislation.  For firms doing business overseas, the EU Data Protection Law and UK Data Protection Act may apply as well. But legislation alone will not stop online behavioral exploitation.

“Individual organizations must take the lead in securing data at rest and data in motion through risk assessments that look at wireless and web transactions,” said Michael Scheidell, chief technology officer for SECNAP Network Security, “as well as preventive measures such as penetration testing, intrusion prevention and encryption.”  

It is also incumbent upon organizations who advertise online to understand what happens to the data that is collected, especially if a third party provider is engaged.  In addition, user training can help limit a company’s exposure “by reminding employees of acceptable Internet uses, approved online browsing practices, and other corporate security and privacy policies,” said Scheidell. “In tandem, IT administrators can tighten up controls to restrict user Internet access on an ‘as needed’ basis.”

In concert with increasingly stringent privacy legislation, individual enterprise actions can effectively safeguard against data exploitation resulting from online behavioral tracking—to ensure that 2011 does not become another banner year for privacy litigation.

About SECNAP
SECNAP Network Security develops information security solutions that enable the secure and private conduct of e-commerce on the Internet. The company’s newest solution, Rule18 Email Encryption, is a finalist for the 2011 Global Product Excellence Awards sponsored by the Information Security Products Guide. Award-winning SpammerTrap Email Security and HackerTrap Network Security solutions ensure unrivaled 24/7 protection of electronic information assets. An extensive portfolio of SECNAP Information Security Services includes external penetration testing, HITECH, HIPAA, GLBA, ISO and other compliance audits, web application and wireless assessments, social engineering testing and much more. For more information, visit www.secnap.com.

# # #

SECNAP Network Security develops advanced information technology solutions that enable the secure and private conduct of e-business.