Tag: internet privacy

• CCPA: Worst-Case Scenarios

  

  The new California Consumer Privacy Act went into effect on January 1, 2020. I’ve received a handful of emails and seen some updates from businesses informing me that their privacy policies have changed, but not as many as I expected. I hope the businesses who are required to comply with this law know the risk they take if opt not to comply with this new privacy law.

  What if There’s a Data Breach

  Like the General Data Protection Regulation in the European Union (GDPR), you have to notify the impacted people if you have a data breach. If you have a data breach impacting personal information, you must notify the individuals “in the most expedient time possible and without unreasonable delay.” In either case, If the breach causes you to notify at least 500 California residents, you must also notify the California Attorney General’s Office.

  If you are in a position where you are entrusted with data that you do not own or license, such as if you are a data storage business, and you have a breach, you must notify the business or person that hired you about the breach.

  CCPA Penalties

  The CCPA is unique in that it is the first privacy law to allow a private right of action. An individual is allowed to sue a company for failing to comply with the CCPA, $100-$750 per violation or their actual damages, whichever is more. This right is limited, however, to situations where there’s unauthorized access, theft, or disclosure of non-encrypted or non-redacted personal information because the business failed to use reasonable security measures. That means if the business did everything right and there was still a data breach, an impacted person can’t sue for their damages.

  In addition to individuals suing for damages under the CCPA, the California Attorney General may fine a business for failing to comply with this law, Up to $7,500 per violation.

  My CCPA Cheat Sheet

  Complying with CCPA is no easy task, especially if your business must comply with CCPA and GDPR. I created a CCPA Cheat Sheet that I use with my clients and update it as more information and guidelines are provided about this new law. I give my cheat sheet out for free to anyone who asks. I will not add you to my email list. (I will invite you to add yourself, but it’s completely voluntary.) If you want a copy, please send me an email.

  January 9, 2020

  •

  Ruth Carter

  •

  CCPA

  Arizona business attorney, Arizona internet attorney, Arizona privacy attorney, best practices for CCPA, California Consumer Privacy Act, Carter Law Firm, CCPA, CCPA and GDPR, CCPA Attorney General fines, CCPA basics, CCPA compliance, CCPA compliance date, ccpa consumer rights, CCPA damages, CCPA data breach, CCPA effective date, CCPA fact sheet, CCPA fines, CCPA guidelines, CCPA how to comply, CCPA implementation, CCPA individual rights, CCPA overview, CCPA privacy, ccpa privacy law, ccpa privacy rights, ccpa rights, ccpa rights guide, ccpa rights lawyer, CCPA summary, CCPA what you need to know, consumer rights under ccpa, data subject rights ccpa, how to implement CCPA, individual rights under ccpa, internet privacy, Phoenix internet lawyer, Phoenix privacy lawyer, Phoenix small business lawyer, rights provided by ccpa, Ruth Carter

• Your Rights Under CCPA

  

  The California Consumer Protection Act (CCPA) went into effect today (January 1, 2020)! California residents just got a lot more rights under this law, at least from the businesses that have to comply with it.

  (If your company makes less than $25 million per year and have contact information for less than 50,000 California people, devices and households; there’s a good chance you don’t have to comply with this law.)

  Your CCPA Rights

  Under the CCPA, California residents have the following six rights:

  1. The right to know whether your personal information is being collected – and the purpose it’s being used for.

  2. The right to know what personal information is being collected about you – upon verifiable request.*

  3. The right to request the specific categories of personal information being collected and the sources from which they were collected, the business or commercial purpose for collecting the information, and the categories of third parties with which the business shares information.

  4. The right to opt-out of the sale of your personal information. (Also, a third party cannot sell your personal information unless you are given specific notice and the opportunity to opt out.)

  5. The right to delete your personal information – upon verifiable request.* This includes the deletion of the personal information the business has, and it must direct service providers to do the same. The law states nine reasons why a business may decline such a request, including to provide you with the goods and/or services you requested.

  6. The right to not be discriminated against if you opt-out. A business can’t charge different rates or provide different level of service solely because you won’t allow the sale of your information. However, a business can provide a different price or quality of service if the difference is reasonably related to the value provided to you by your personal info. It’s ok for a business to give financial incentive for you to allow the collection of your personal information.

  * The CCPA states that the California Attorney General may provide guidance about what constitutes a verifiable request.

  What about Rewards/Loyalty Programs?

  The sixth right would have created a problem for rewards and loyalty programs, so the legislature created an exception for these. A business can charge different rates or provide a different level of service if it is part of its rewards/loyalty program without being at risk of price discrimination in violation of CCPA.

  Requesting Your Information

  Under CCPA, you may submit two requests within a 12-month period that a business give you a copy of the personal information it has for you, assuming you’re a Californian. (A business may do this for all its customers, but it’s not required to do so.) The business must provide this information at no charge, by mail or electronically, within 45 days. If more time is needed, the business must inform you within the first 45 days, that it may take up to 90 days to provide you a copy of your information.

  Required Notices Under CCPA

  Businesses must provide notice at or before the point of collecting your personal information under CCPA. If it’s being collected online, this will likely occur in the business’ privacy policy, with notice on the page where the information is requested.

  (The General Data Protection Regulation (GDPR) in the European Union requires a business to prove it received consent to collect your information.  To be compliant with this law too, the business should be a box you have to check that you agree to voluntarily share your information with it.)

  A CCPA-compliant notice must include:

  • What categories of personal info are collected and how it’s used by the business;
  • What categories of personal info are collected, disclosed, or sold; and that
  • You have the right to opt-out of having your personal info sold.

  The business is also required to have a “Do Not Sell My Personal Information” conspicuously on the its homepage and privacy policy with a link to page where you can opt-out. The business cannot ask you to opt-in again for at least 12 months. 

  My CCPA Cheat Sheet

  Complying with CCPA is no easy task, especially if your business must comply with CCPA and GDPR. I created a CCPA Cheat Sheet that I use with my clients and update it as more information and guidelines are provided about this new law. I give my cheat sheet out for free to anyone who asks. I will not add you to my email list. (I will invite you to add yourself, but it’s completely voluntary.) If you want a copy, please send me an email.

  January 2, 2020

  •

  Ruth Carter

  •

  CCPA

  Arizona business attorney, Arizona privacy attorney, best practices for CCPA, California Consumer Privacy Act, Carter Law Firm, CCPA and GDPR, CCPA basics, CCPA compliance, ccpa consumer rights, ccpa consumer rights requests, ccpa deletion rights, CCPA do not sell, CCPA effective date, CCPA fact sheet, CCPA how to comply, CCPA individual rights, CCPA loyalty programs, ccpa notice, CCPA notice requirements, CCPA opt in, CCPA opt out, CCPA overview, CCPA privacy, ccpa privacy law, ccpa privacy rights, ccpa rights, ccpa rights guide, ccpa rights lawyer, ccpa rights list, ccpa rights summary, CCPA website compliance, CCPA website requirements, CCPA what you need to know, consumer rights under ccpa, data subject rights ccpa, how to implement CCPA, individual rights under ccpa, internet privacy, Phoenix internet lawyer, Phoenix small business lawyer, rights provided by ccpa, Ruth Carter

• GDPR: Full Disclosure Required

  

  If you’ve been following this blog, you know I’m all about preparing for the General Data Protection Regulation (GDPR) as it applies to content marketing. This rule applies to every company that sends commercial emails to anyone in the European Union. (If you don’t know where everyone on your list is located, assume at least one of them lives in the EU.) We’ve already talked about how, under this law, when you want to add a person to your email list, you must get their specific informed consent and you must be able to prove that you obtained their consent to be on your list.

  The GDPR requires, when you obtain this consent, to provide the person (aka data subject) with the following information:

  • The identity and contact information of the controller of the data subject’s information or their representative;
  • The contact information for the data protection officer (if applicable);
  • Your purpose for processing the data subject’s information and legal basis for doing so;
  • The period of time the data will be stored;
  • The data subject’s right to request erasure or corrections of their data or to restrict the processing of their data;
  • The data subject’s right to withdraw their consent;
  • The data subject’s right to lodge a complaint with the supervisory authority; and
  • Whether the data subject giving their information fulfills a statutory or contractual obligation.

  If you want to process the subject’s data for another purpose, you must tell the person in advance, and when a person’s data is processed for direct marketing purposes, the data subject has the right to object at any time.

  At the first reading of these requirements, my first thought was that the signage at conferences where vendors collect business cards would have to become much more complicated to comply with GDPR. I thought about how this firm will comply with these requirements. People voluntarily add themselves to my email, so I don’t know where they live. I will be adding double opt-in consent for my email list, and I believe the most effective way to comply with these requirements is to include this information in the confirmatory email.

  You can hear more about these requirements here:

  We have to comply with these rules by May 25, 2018 when this new rule goes into effect.

  If you want more information about GDPR, please watch this site and my YouTube channel because I’m creating a substantial amount of content on this topic. You can also send me an email (Note: I can’t give advice to non-clients). I use my mailing list to I share my thoughts about being a lawyer/entrepreneur, updates about projects I’m working on, upcoming speaking engagements, and I may provide information about products, services, and discounts. Please add yourself if you’re interested.

  You can also connect with me on Twitter, Facebook, YouTube, or LinkedIn.

  January 25, 2018

  •

  Ruth Carter

  •

  GDPR, Internet law

  Arizona business attorney, Arizona internet attorney, Arizona social media attorney, Carter Law Firm, EU privacy law, European internet law, GDPR, GDPR compliance, GDPR requirements, General Data Protection Regulation, internet privacy, Phoenix business lawyer, Phoenix internet lawyer, phoenix social media lawyer, Ruth Carter, VenJuris

• Preparing for GDPR: Are You Ready?

  

  This year, I’m putting considerable energy into understanding and complying with the GDPR.

  What is the GDPR?

  The General Data Protection Regulation (GDPR) is a European law that goes into effect on May 25, 2018.

  It impacts any professional commercial activities regarding natural persons residing in the EU, so that includes process personal information about natural person who lives in the EU, or sending commercial emails to any natural person who lives in the EU. Commercial emails include the offer of goods or services, even if you’re not doing it in exchange for money.

  The purpose of this new law is to protect natural persons’ personal data, and it includes provisions about obtaining data subjects’ consent and using adequate security to protect their information. Failure to comply could result in millions of dollars in fines.

  Who is Exempt from GDPR?

  The GDPR does not apply to anyone who stores or uses person’s data for personal use – like if you maintain a personal database of contacts, and some of them happen to be people who live in the EU.

  It also doesn’t apply to anonymous persons or dead people.

  Complying with the GDPR

  I have read the GDPR from cover to cover (260 pages). A significant amount of my work in early 2018 will be related to GDPR compliance – starting with my own company

  My rule for my email list is people add themselves. It’s disrespectful when companies add you to their email list without consent, so I don’t do it. As a result, I have no idea where most of my subscribers are located. I have assume at least one of them is a person who resides in the EU, therefore the GDPR applies.

  For the next few weeks, I’m going to be breaking down this law into it’s requirements and applying them to my business so I can, in turn, educate and help other companies modify their policies and practices before the law goes into effect on May 25, 2018.

  This is not a law that companies can easily comply by adding a new paragraph to their terms of service. It will change their tactics and approach to content marketing.

  If you want more information about GDPR, please watch this site and my YouTube channel because I’m creating a substantial amount of content on this topic. You can also send me an email (Note: I can’t give advice to non-clients). I use my mailing list to I share my thoughts about being a lawyer/entrepreneur, updates about projects I’m working on, upcoming speaking engagements, and I may provide information about products, services, and discounts. Please add yourself if you’re interested.

  You can also connect with me on Twitter, Facebook, YouTube, or LinkedIn.

  January 4, 2018

  •

  Ruth Carter

  •

  GDPR, Internet law

  Arizona internet attorney, Arizona social media attorney, Carter Law Firm, content marketing, GDPR, General Data Protection Regulation, internet privacy, Phoenix internet lawyer, phoenix social media lawyer, Ruth Carter

• Private Online Groups May Not Be Private

  

  I was contacted by person who claimed to be a member of a private Facebook group. She asked if she had any options for recourse when another group member used statements from her post in another article online. This group member also used a pixelated version of the person’s Facebook profile picture. According to the person, she wasn’t recognizable in the altered image, but she feared people could figure it out if they compared to her profile picture to the pixelated one.

  No Expectation of Privacy in Online Posts
  To anyone in this type of situation, I’m sorry to dash your hopes for vindication, but in most situations, there is no expectation of privacy in what you post on the internet – especially on social media, regardless of the privacy settings. It’s too easy for someone to create a screenshot, save, and/or share a post. Moreover, you never know who is looking over a user’s shoulder or with whom they’ll share their screen when they’re viewing your post that is meant for their eyes only.

  This is true even when an online group is labeled as “private” or “closed.”  In many private or closed Facebook group, other members can invite outsiders to join or a new person can join if their request to be added is approved by one member of the group. Even though a private group is meant for a limited audience, post with care. You never know where a post will end up. This is why one of my rules of thumb for the internet is “Don’t post anything online that you wouldn’t put on the front page of the newspaper.”

  If You Want Real Privacy
  If you want to have a private conversation, keep it offline with your closest confidants or someone with who you have a confidential relationship (e.g. doctor, lawyer, therapist, priest). In a professional setting, have a written non-disclosure agreement(NDA) where everyone is contractually obligated to maintained your confidences.

  Even I use NDAs. I have certain people, where when we sit down for a drink, we start the conversation by saying, “Standing NDA” and we know nothing said between us will be shared with outsiders.

  The Internet is Not a Place for Privacy
  If there are times when you want to speak online while maintaining a level of privacy, you can reduce the risk of being connected to a statement by using an online alter ego. If you go this route, be prepared to be unmasked and live with the consequences at any time. You may use an IP address or post something that will give away your true identity.

  If you want a resource regarding the legal dos and don’ts about the internet, including additional information about online privacy, please check out The Legal Side of Blogging: How Not to get Sued, Fired, Arrested, or Killed. If you need legal help regarding internet privacy, you can contact me directly or a social media lawyer in your community. I post about these issues on Twitter, Facebook, YouTube, and LinkedIn. You can also get access to more exclusive content that is available only to people on my mailing list, by subscribing here.

  March 21, 2017

  •

  Ruth Carter

  •

  Internet law

  Arizona social media attorney, Carter Law Firm, closed Facebook group, expectation of privacy, how to be anonymous online, internet privacy, non-disclosure agreement, Phoenix internet lawyer, private Facebook group, Ruth Carter, VenJuris

• How to have an Anonymous LLC

  

  Here’s the easy answer: You don’t.

  It may be impossible to own an LLC anonymously. There’s always a paper trail and financial records that eventually lead to you.

  Burying Your Identity in Your LLC
  Creating an LLC requires paperwork and money. The Articles of Organization that are filed with the State are public records. If you didn’t want to have your name on your company, you set up layers of companies that own companies that own your LLC so it would take longer to trace it back to you. You could also set up a blind trust where you are the beneficiary. That would keep your name off the public records, but there would still be documents somewhere that show the connection. (Because business filing are public records, I often recommend that clients not use their home address as their business address. There are many low-cost mailbox services.)

  Even if your name is not on the company as an owner, there would still be the records of payments to you. It may require a court order for someone to gain access to this information, but it would be telling if the majority of payments from the company (or companies if you ran it through multiple entities) went to a single person.

  When someone asks how to be an anonymous owner of a company, it raises a red flag for me about their motivations and their business activities. If a company or person is controversial or engaging in potentially malicious acts, it may raise enough eyebrows that someone will be motivated to take a closer look at its inner workings.

  How to Run a Website Anonymously
  Conversely, it may be possible to operate a website relatively anonymously. You would have to essentially divorce yourself from the website:

  • Use an email address for the website registration that isn’t otherwise connected to you. Don’t access this email using your phone.
  • Pay for the website with a pre-paid credit card.
  • Use a web hosting service that protects your information.
  • Only access the website using public wifi. Never access it from work or home.
  • Turn off your phone when working on your website – so the GPS in your phone will be turned off.
  • Consider using an app that masks or mocks your GPS location when you access the internet.

  Even when you take all the precautions to be anonymous online, be prepared to be unmasked at anytime. Whatever you say anonymous, you best be ready to own it once your name and face are attached to it.

  If you want a resource regarding the legal dos and don’ts regarding posts on the internet, please check out The Legal Side of Blogging: How Not to get Sued, Fired, Arrested, or Killed. If you need legal help regarding internet privacy, you can contact me directly or a social media lawyer in your community. I post about these issues on Twitter, Facebook, YouTube, and LinkedIn. You can also get access to more exclusive content that is available only to people on my mailing list, by subscribing here.

  February 7, 2017

  •

  Ruth Carter

  •

  Business Law, Internet law, Legalities of Blogging

  anonymous business owner, Arizona internet attorney, Carter Law Firm, how to be anonymous online, how to have an anonymous llc, internet privacy, Phoenix business lawyer, Phoenix internet lawyer, phoenix social media lawyer, run an anonymous website, Ruth Carter, VenJuris

• Lawsuit Filed to Unmask Anonymous Penis Sender

  

  Last week, Melody Lenox filed a lawsuit in Dallas County, Texas for a court order to determine who sent her a penis-shaped gummy candies via Dicks By Mail.

  At first, this sounded like an extreme reaction. If someone spent $15 to send me candy via mail with a note that says “Eat a Bag of Dicks,” I’d probably laugh, and then eat them – because gummy candies are delicious. However, learning about the larger context of the situation, Lenox’s reaction seems reasonable.

  The Bigger Story
  Lenox is the head of human resources at Axxess Technology Solutions, a position that requires her to be the bearer of bad news to some employees. Prior to this unsolicited dick package, she allegedly had her car keyed and was the target of fake posts on Craigslist. She asserts that these acts are related.

  In this context, pursuing a harassment lawsuit against the sender of these candies (assuming the same person(s) are committing these acts), makes sense. Ongoing acts like this are unacceptable.

  What I suspect is happening in this case is Lenox filed a lawsuit against John Doe and then requested a court order to get the purchase information from Dicks By Mail. (Many companies have privacy policies that state they’ll protect your information unless they are required to provide it in response to a court order.) While it’s easy to key a car or post a fake Craigslist post anonymously, sending candy by mail requires a credit card, which will eventually lead to a real person – the suspected harasser.

  Unmasking the Anonymous
  Anytime you do something anonymously, be prepared to be unmasked. When you act anonymously online, there’s always a digital paper trail that shows the IP address of the internet connection used, the GPS location of your smartphone, the profile information of an anonymous website or social media profile, and in this case, the credit card information used for the transaction.

  There have been plenty of situations where a person lost their job or found themselves in a lawsuit when their anonymous persona was unmasked. Using the internet is not an effective way to maintain your anonymity – unless you have mad skills in this area. (And if you have to question whether you have mad skills, you don’t.)

  More about Dicks By Mail

  

  Dicks By Mail is a hilarious way to send a light-hearted sugar-filled message. The company does not endorse the use of their service to threaten or bully someone. If you receive Dicks By Mail it should only be for two reasons: “[S]omeone thinks you’re either a dick or wanted you to laugh!”

  And they do caution people who come to the site with vindictive intent: If you are sending this with the intent to ruin someone’s day, then maybe it’s you who needs to eat a bag of dicks.”

  In case you were wondering, yes, Dicks By Mail is a U.S.-based business, so if you want to stimulate the economy while telling your elected officials what you think of them, this may be a creative way to send a message (though, it may not be effective since they won’t know it came from a constituent).

  The laws that apply to the internet are constantly evolving as the courts are encountering more internet-based problems. If you want to connect with me to keep up with my thoughts about social media law, you can contact me directly or connect with me on Twitter, Facebook, YouTube, or LinkedIn. You can also get access to more exclusive content that is available only to people on my mailing list, by subscribing here.

  January 3, 2017

  •

  Ruth Carter

  •

  Internet law

  Arizona social media attorney, being anonymous online, Carter Law Firm, Court order for personal information, Dicks by Mail, internet harassment, internet privacy, Melody Lenox, Penis candy, Phoenix internet lawyer, Ruth Carter, Suing John Doe, Unmasking the anonymous, VenJuris

• Should your Child have a YouTube Channel?

  

  I recently spoke at a family law conference on how to get usable evidence from social media. Afterwards, a woman approached me and said her 11 year-old child asked to have YouTube channel and several his friends already had channels. She wasn’t sure if she should let him and asked for my input.

  Google Says No
  The easy and obvious surface-level response to this question is Google (which owns YouTube) doesn’t allow anyone to have an account that is under 13 years old. (That’s the rule for all social media accounts in the U.S., by the way.) However, there’s nothing wrong with a parent creating a separate Google account to use with their child to create content for a YouTube channel.

  Teachable Moments and Skill Development
  My first response to the idea of a child having a YouTube channel, is that it’s a great opportunity to develop their skills – both as a content creator and as a person interacting with others online. Before letting the child create video content, have a serious planning discussion with them about what they want to create, their motivations for creating it, and what topics/language are off-limits. All these things should be written down; it’s good practice for creators to have a thoughtful for plan for what they want to create. You can help your child develop their video editing and copyright writing skills, as well as learn the rules about using others’ content and doing product reviews online that comply with the federal rules.

  The parent(s) should review the child’s final draft of a video before it is uploaded to their channel to make sure they’re following the rules. This is an ideal opportunity to talk with your child about the potential long-term effects of a piece of content, and how they would react if they receive feedback from peers or teachers about it at school. Also, you want to decide in advance whether you will allow comments on your child’s videos. It may be prudent to turn these off, at least at first. Allowing your child to post content online comes with the responsibility of being mindful about who is trying to interact with them – either through comments, email, or direct messages.

  Safety First
  If you let you child have a YouTube channel, regardless of their age, be sure you’re monitoring both what they’re communicating to others (publicly and privately) and what others are saying to them. If they are under 18 years old, you should have the passwords to all their accounts and their phone so you can effectively and closely monitor what they’re doing online. The younger they are, the more oversight they need. Use effective software to monitor and protect your kids. Here’s some real-life advice from geek parent Susan Baier about her experience raising a geek child:

  I also strongly recommend that you read the books by security expert Gavin de Becker, especially The Gift of Fear and Protecting the Gift. If you want a resource about the legal dos and don’ts about social media for yourself and your children, I suggest you read The Legal Side of Blogging: How Not to get Sued, Fired, Arrested, or Killed. The lessons in there apply to all social media platforms, including YouTube. If you want to connect with me and my thoughts about children using the internet, you can contact me directly or connect with me on Twitter, Facebook, YouTube, or LinkedIn. You can also get access to more exclusive content that is available only to people on my mailing list, by subscribing here.

  November 20, 2016

  •

  Ruth Carter

  •

  Internet law, Legalities of Blogging

  Arizona internet attorney, Carter Law Firm, children making videos, Children on social media, children on the internet, Children on youtube, Gavin de Becker, Ignite Phoenix, internet predators, internet privacy, internet safety, kids creating videos, kids on YouTube, phoenix social media lawyer, Raising geek kids, Ruth Carter, Susan Baier, YouTube rules, YouTube safety

• Someone Posted a Photo of Me Online Without Consent

  

  People come to this site almost every day with questions about whether someone can post their picture on the internet without obtaining consent. Some people even ask if it’s a crime or whether they can sue.

  Sue for what? Which of your rights have been violated?

  Of course, each situation must be evaluated on its merits. It’s possible that a person is concerned with an intimate photo, a photograph that was taken in a bathroom, or circumstances where they are being harassed. I’m not saying that there aren’t situations where a person’s rights may have been violated; however, the frequency with which I get these questions makes me wonder whether most of these people have a legitimate legal concern or merely hurt feelings.

  No Expectation of Privacy in Public
  Remember, in the U.S., there is no expectation of privacy in anything you do in public (exceptions of course for places like bathrooms, confessionals, etc.). So, if someone snaps a photo of you that is less than flattering, and they post it on the internet, as long as they are not violating your rights, there’s nothing you can do about it.

  Maybe they took a photo of you not putting your shopping cart away, walking around with your skirt tucked into your underwear, or texting while driving. I think there are much more important things to talk about in general and definitely that are worth of documenting permanently online; however, it’s not illegal. Just like it is not illegal to be stupid, it is not illegal to post stupid things online. The internet is full of stupid.

  So What Do You Do?
  Well, if you truly believe that you’ve been the victim of a crime or that your rights have been violated, contact the police or buy an hour with a lawyer to review your situation. You may be in a situation where your legal rights have not been violated but the posting itself and violates the terms that apply to the site where it was published. In that case, reporting the image to the website administrators may be sufficient to get it removed.

  If it is purely a situation where you are merely angry or upset, and the person won’t remove the image when asked, let it go. If you’re embarrassed by your behavior, don’t do it again. If you’re in a situation where the image shows up if someone Googles your name, you can try to bury it by manipulating the search algorithm. Hopefully it’s not a situation where you screwed up so badly that the image or situation is going to dominate the search results for years to come.

  On the Flip Side
  If you’re thinking about snapping a picture of someone, check your motives. If you’ve taken a picture and you have the impulse to share it online, double and triple check your motives. What are the benefits of sharing this image? Are you being vindictive? If the situation were reversed, would you want an image of you in a similar situation posted? What if the person in the picture was your parent or significant other – would you post it then?

  The person in the photo isn’t the only one at risk of losing face. Do you want to be the jerk who not only took this photo, but also shared it? You could harm yourself as well as the other person.

  What is socially inappropriate and what is illegal are often two drastically different standards. My rule of thumb for this situations is the same: Think before you act. Think before you post. If you want to talk more about internet privacy or social media law, you can contact me directly or connect with me on Twitter, Facebook, YouTube, or LinkedIn. You can also get access to more exclusive content that is available only to people on my mailing list, by subscribing here.

  September 27, 2016

  •

  Ruth Carter

  •

  Internet law, Photography & the Law

  Arizona internet attorney, can I take a picture of someone and post it online, Carter Law Firm, internet privacy, is it a crime to post a photo online, phoenix social media lawyer, post pictures of people online, posted a photo online without consent, posting photos on Facebook without consent, Ruth Carter, Someone Posted a Photo of Me Online Without Consent, VenJuris

• Typical Sex Video Email Conversation

  

  I regularly receive emails from people asking questions about the legalities related to intimate photos and videos – particularly situations when a third party has possession of them. Sometimes the third party allegedly obtained them nefariously and sometimes the people emailing me voluntarily sent the person photos or video and now they have concerns about what said person will do with them.

  Now they have concerns?! These are questions they should have asked themselves before they sent the photos/video to begin with!

  Here’s an example of how these conversations typically go. The text in italics are things I usually think, but don’t share with the other the person in the moment.

  Prospective Client (PC): I made a video with my boyfriend and his ex got a hold of it. His ex is threatening to send it to my parents and post it. What can I do about this?

  How did his ex get access to your sex video? This sounds like someone neither of you should have contact with.

  ME: How old are you?

  Please don’t be a child . . . please don’t be a child . . . please don’t be a child . . . (Yes, sometimes it’s a minor – or so they say.)

  PC: 24.

  ME: Thank goodness this isn’t a potential inadvertent kiddie porn situation.

  You’re an adult. Besides being embarrassing, who cares if this person shows the video to your parents? (I’ve also had people email me claiming the third party is threatening to send it to the PC’s employer.)

  ME: Where do you and the ex live?

  In Arizona, merely threatening to post revenge porn is a felony.

  PC: Nebraska.

  Ok, well that’s outside the limits of my law license and revenge porn legal knowledge.

  ME: Here’s the list of the current revenge porn and related laws in all 50 States. This will tell you how the laws in your State apply to these situations.

  PC: I don’t know what to do. I want to go to the police but I don’t know if I can do that.

  ME: Of course you can go to the police! Give them a call, explain your situation, and ask if there’s anything they can do to help you. They may be the best ones to know if this situation violates your State’s criminal law.

  And maybe some local resources too that help people in these types of situations.

  I get questions and hits on my site every day from people asking about intimate photos and videos, not all of which were taken with consent, and how to keep them from getting out. Unfortunately, I also get hits from people who want to post revenge porn without repercussions – which is disgusting.

  When in doubt – don’t. Don’t create intimate photos or videos, don’t share them with others, and don’t post them online. What seemed like a good idea in the moment, may create long lasting regret, especially if it shows up when someone Googles your name. However, if you choose to create this type of material, do it with your device, keep it under password, and never let the files out of your control. Once this material is released, it’s hard to get it back or verify that every copy has been destroyed.

  We’re still in the infancy of how we’re going to deal with intimate photos and videos from a social and legal perspective. If you want to chat with me about revenge porn, privacy, or any related topics, you can contact me directly or connect with me on Twitter, Facebook, YouTube, or LinkedIn. You can also get access to more exclusive content that is available only to people on my mailing list, by subscribing here. If you think you’re the victim of revenge porn or threatened revenge porn, contact your local law enforcement agency.

  July 26, 2016

  •

  Ruth Carter

  •

  Cyberbullying & Cyberharassment, Internet law

  Arizona social media attorney, Carter Law Firm, internet privacy, Phoenix internet lawyer, posting intimate photos online, revenge porn, revenge porn law, Ruth Carter, threatening to post sex tape, VenJuris