Volume 1 - Number 11 | December 2006
| December issue in PDF format … |
| Web Sites’ CDA §230 Immunity: An Ever-Expanding Universe? By Robert D. Brownstone and Chad Woodford The federal Communications Decency Act of 1996 (“CDA”) immunizes Web site operators and other interactive computer service providers from liability for third parties’ tortious acts. Pub Law No. 104-104 (Feb. 8, 1996) 110 Statutes at Large 56 §509, codified at 47 U.S.C. §230. 47 U.S.C. §230 shields providers and users of interactive computer services from responsibility for third-party content. |
| Online Banking’s Battle Against Phishing By Mark E. Plotkin and Michael Epshteyn Online banking, which has seen explosive growth in recent years, has made it faster, cheaper, and more convenient than ever before for consumers to manage their financial affairs. It also holds the promise of significant cost savings for the financial services industry, as rising numbers of customers are expected to shift from over-the-counter services to online transactions. |
| Cybersecurity Researcher Addresses ‘Misplaced’ Fears: Q&A with Professor Fred H. Cate The Privacy and Data Protection Legal Reporter spoke recently with Professor Fred H. Cate, distinguished professor of law and adjunct professor of informatics at Indiana University, in Bloomington, IN, about what he sees as the hyperbole that, at times, overtakes the public discussion about ID theft and electronic security. As the director of Indiana University’s Center for Applied Cybersecurity Research, Cate is a leading researcher and consultant on issues such as phishing, consumers’ use of passwords, and cybersecurity. |
| Why Most Document Retention Policies in the Digital Era Are Ineffective By Kenneth L. Stein and Richard H. An Many companies have document retention policies in which paper and electronic documents are discarded or deleted after specified time periods, depending on the content and type of document. Those policies serve to keep sensitive information from getting into the hands of others, as well as to control the amount of physical and digital memory space needed to store documents. See Arthur Andersen LLP v. United States, 544 U.S. 696, 704 (2005). Some companies, for example, automatically delete e-mails older than 3 months, unless specifically saved by an employee. See Hynix Semiconductor, Inc. v. Rambus, Inc., No. C-00-20905 RMW, 2006 WL 565893, at *11 (N.D. Cal. 2006). Courts, including the U.S. Supreme Court, have recognized that there is nothing wrong with such policies, even where they might result in the destruction of documents that might be material in a later lawsuit, as long as that lawsuit was not reasonably foreseen at the time the documents were destroyed. See Arthur Andersen, 544 U.S. at 704 (“It is, of course, not wrongful for a manager to instruct his employees to comply with a valid document retention policy under ordinary circumstances.”); Samsung Elecs. Co. v. Rambus, Inc., 439 F. Supp. 2d 524, 543 (E.D. Va. 2006) (citing Arthur Andersen). |
