Friday, January 31, 2020
Thursday, January 30, 2020
Thursday, January 16, 2020
Wednesday, January 15, 2020
Tuesday, January 14, 2020
Monday, January 13, 2020
CA Implements First US Consumer Data Privacy Law
With the start of 2020, California residents are the first in the country to have enhanced privacy protections akin to those provided in the EU under the General Data Protection Regulation (GDPR). The California Consumer Privacy Act (CCPA), passed in September of 2018, gives Californians certain rights over the personal data collected by companies such as Google, Facebook, data brokers, and media companies.
In general, California residents will now have the following rights: 1) to know what personal data is being collected; 2) to know what types of companies are purchasing or processing their data; 3) to request that their personal data no longer be collected; and 4) to request the deletion of previously collected data.
In addition to the enhanced transparency, tech companies are not allowed to exclude users from their platform because they opted out of data collection. Previously, consumers have had no choice but to accept that their data is being collected when they use a certain tech platform. Now, the CA law prevents companies from discriminating against consumers who exercise their privacy rights. However, the companies can offer “financial incentives” for users who opt-in to data collection. This means that some companies will offer enhanced versions of their platform to people who accept data collection, while there will be a stripped-down version for users who opt out.
The new law may give some additional transparency to US residents outside of the California, but they won’t be able to request that their data no longer be collected or sold. Privacy advocates say there is a lot more legislative ground to cover. At least 20 other states are considering data privacy laws in their state legislatures, but the hope is that a federal law will eventually provide uniform protections. In a few major areas, the CCPA is a less robust privacy law than the GDPR. The CCPA does not require companies to minimize data collection or have a legally valid reason for processing data. For now, the CCPA is a first step towards consumer privacy protection in the tech industry.
By Madeline Person Attorney at Bridgehouselaw
Friday, January 10, 2020
2020 Form W-4
The 2020 Form W-4, Employee's Withholding Certificate, is substantially different from previous versions of the form. The IRS revised the form to comply with the income tax
withholding requirements in the Tax Cuts and Jobs Act (Pub. L. 115-97). The form no longer uses the concept of withholding allowances to account for additional income, deductions, and tax credits, but includes lines where employees can enter those amounts directly so they can be used to calculate the withholding amount.
While the form is different, the IRS designed the withholding tables to work
with a prior year form or the 2020 form. The IRS is not requiring all
employees to complete a new form. However, the new form is required for all new hires in 2020 and for employees who have completed a Form W-4 before 2020 and want to make changes to their withholding in 2020. Also, while employers may not require employees to complete a new form, they may ask them to do so.
Wednesday, January 08, 2020
Traditionally, border agents and U.S. government officials have enjoyed broad authority to conduct searches and investigations of travelers coming into the U.S., actions which are primarily couched under two goals: (1) to search for and discover contraband entering the U.S.; and (2) to prevent the admission and entrance of individuals ineligible for admission into the U.S.
In recent years, border agents have extended their search authority to digital devices. At border inspections, U.S. citizens, residents, and foreign travelers alike have been asked, at times, to allow the inspection of phones, computers, and other devices. This includes, in some cases, the confiscation and “advanced” search of devices, which may involve searching, copying, deleting, and/or noting the contents contained within such devices. Along similar lines, visa applicants are now required to provide social media account information when applying for U.S. visas.
Naturally, such actions are quite alarming – we all have untold quantities of information contained on digital devices and within the digital realm that would normally be subject to the highest levels of privacy: location information, internet search history, text and email message contents, photographs, etc. Additionally, substantial First Amendment concerns arise where government officials have the ability to view and document expressive content such as social media posts, one’s choices related to social media associations or “groups”, private photographs that have religious significance, and journalists’ research.
In several recent court cases, plaintiffs seek to limit the scope of such inspections citing many of the concerns noted above. In Alasaad v. Nielsen, a case from the federal district court in Massachusetts, the district court recently joined several U.S. circuit courts of appeals in holding that searches beyond cursory inspection of digital devices are in violation of the Fourth Amendment where “reasonable suspicion” of the presence of contraband or relevant commission of a crime does not exist. This means that border agents must have some factual basis for conducting more than a cursory search of a digital device at the border. Under the Alasaad holding, being asked to demonstrate one’s computer actually operates and powers on would be a cursory search – and onethat makes a lot of practical sense from a safety perspective. However, being asked to power on one’s computer and then allow agents to scroll through files and review content would likely require reasonable suspicion on the part of the border agents.
Importantly, the Alasaad holding appears limited to U.S. citizens and lawful permanent residents, though the district court did note that it saw little evidence to suggest such broad digital inspections furthered any relevant safety or law enforcement purposes during border inspections of foreigners.
Moreover, in another recent court case, DOC Society v. Pompeo, a case filed in the U.S. District Court for the District of Columbia, the plaintiffs are seeking to invalidate a new requirement, begun on May 31, 2019, that visa applicants submit social media account information during the application process. Citing First Amendment and other concerns, the plaintiffs have asked that the district court find the social media requirement in violation of the U.S. Constitution and of procedural requirements. Importantly, the plaintiffs also requested that the U.S. government be prevented from storing and/or using information gained from use of the social media account information. As this case was filed in December 2019, no decision has yet been rendered. However, this case is certainly worth following for any current or potential visa applicant.
Lastly, given the implications involved, these cases and similar cases seem destined for the U.S. Supreme Court in the near future.
By Andrew Howe Attorney at BridgehouseLaw.
By Andrew Howe Attorney at BridgehouseLaw.