FTC's Consent Requirement May Signal New Liability for Monitoring Software
While the FTC decision only applies to one Florida company, lawyers said obtaining consent could become a standard practice that monitoring software companies deploy to avoid potential liability.
October 28, 2019 at 09:30 AM
3 minute read
The Federal Trade Commission is tasked with protecting consumers and competition, but it recently trekked into employment law with a decision that could reverberate across the employee-monitoring software industry.
Last week the FTC heralded Retina-x Studios as the agency's first case against developers of "stalking" apps, which tracks a phone user's physical and online activity unbeknownst to the user. Retina-x marketed its app as a tool for employers to monitor employees and parents to track their children's online activity.
Along with implementing cybersecurity measures and other protocols, the FTC ordered Retina-x to obtain "an express written attestation" from every app purchaser confirming they will leverage Retina-x's app for a "legitimate and lawful purposes," including employee monitoring. For some, it's an unusual consent requirement placed on a software developer.
"[It's] a strange requirement," said John Ella, an employment law and employee privacy shareholder at Trepanier MacGillis Battina. "You don't usually see the technology company required to get consent from the employee."
While the order isn't a regulation, law or court decision, it does suggest liability exposure for software companies, Ella said. "There may be liability for app developers and software developers as to how their products are used. The FTC's hook is how is it marketed and they got them on that, in terms of saying all your data is secured."
Indeed, the FTC complaint accused the Florida-based company of violating the Children's Privacy Protection Rule and the Federal Trade Commission Act because of allegedly inadequate data storage security.
Still, while the order only applies to Retina-x, the potential for expanded liability exposure could lead to other companies requiring users to confirm they'll obtain employee consent before downloading their app.
"Depending on how much awareness there is of this consent order … [the companies that employers buy from] will likely say, 'Look, in order to sell this to you we will need to have your attestation you will have written consent from your employees before this is used,'" said Jackson Lewis privacy, data and cybersecurity practice group leader Joseph Lazzarotti.
He added, "The FTC may just make a practice that becomes how you do business in the marketplace. It will be harder to find products that don't have those best practices embedded in them."
However, Lazzarotti noted the FTC's order is unclear about the repercussions if an employer agrees to obtain worker consent but installs the software without employee authorization. Such guidance would likely come from the U.S. Department of Labor, Lazzarotti noted.
To be sure, while the FTC brought its first "stalking apps" case, the agency noted that obtaining written consent is a best practice standard companies should always meet, Ella said.
"It reiterates the fact that written consent is the only way for an employer to show there wasn't an expectation of privacy and that the employee knew, and it doesn't create a new standard, but reinforces consent."
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1Call for Nominations: Elite Trial Lawyers 2025
- 2Senate Judiciary Dems Release Report on Supreme Court Ethics
- 3Senate Confirms Last 2 of Biden's California Judicial Nominees
- 4Morrison & Foerster Doles Out Year-End and Special Bonuses, Raises Base Compensation for Associates
- 5Tom Girardi to Surrender to Federal Authorities on Jan. 7
Who Got The Work
Michael G. Bongiorno, Andrew Scott Dulberg and Elizabeth E. Driscoll from Wilmer Cutler Pickering Hale and Dorr have stepped in to represent Symbotic Inc., an A.I.-enabled technology platform that focuses on increasing supply chain efficiency, and other defendants in a pending shareholder derivative lawsuit. The case, filed Oct. 2 in Massachusetts District Court by the Brown Law Firm on behalf of Stephen Austen, accuses certain officers and directors of misleading investors in regard to Symbotic's potential for margin growth by failing to disclose that the company was not equipped to timely deploy its systems or manage expenses through project delays. The case, assigned to U.S. District Judge Nathaniel M. Gorton, is 1:24-cv-12522, Austen v. Cohen et al.
Who Got The Work
Edmund Polubinski and Marie Killmond of Davis Polk & Wardwell have entered appearances for data platform software development company MongoDB and other defendants in a pending shareholder derivative lawsuit. The action, filed Oct. 7 in New York Southern District Court by the Brown Law Firm, accuses the company's directors and/or officers of falsely expressing confidence in the company’s restructuring of its sales incentive plan and downplaying the severity of decreases in its upfront commitments. The case is 1:24-cv-07594, Roy v. Ittycheria et al.
Who Got The Work
Amy O. Bruchs and Kurt F. Ellison of Michael Best & Friedrich have entered appearances for Epic Systems Corp. in a pending employment discrimination lawsuit. The suit was filed Sept. 7 in Wisconsin Western District Court by Levine Eisberner LLC and Siri & Glimstad on behalf of a project manager who claims that he was wrongfully terminated after applying for a religious exemption to the defendant's COVID-19 vaccine mandate. The case, assigned to U.S. Magistrate Judge Anita Marie Boor, is 3:24-cv-00630, Secker, Nathan v. Epic Systems Corporation.
Who Got The Work
David X. Sullivan, Thomas J. Finn and Gregory A. Hall from McCarter & English have entered appearances for Sunrun Installation Services in a pending civil rights lawsuit. The complaint was filed Sept. 4 in Connecticut District Court by attorney Robert M. Berke on behalf of former employee George Edward Steins, who was arrested and charged with employing an unregistered home improvement salesperson. The complaint alleges that had Sunrun informed the Connecticut Department of Consumer Protection that the plaintiff's employment had ended in 2017 and that he no longer held Sunrun's home improvement contractor license, he would not have been hit with charges, which were dismissed in May 2024. The case, assigned to U.S. District Judge Jeffrey A. Meyer, is 3:24-cv-01423, Steins v. Sunrun, Inc. et al.
Who Got The Work
Greenberg Traurig shareholder Joshua L. Raskin has entered an appearance for boohoo.com UK Ltd. in a pending patent infringement lawsuit. The suit, filed Sept. 3 in Texas Eastern District Court by Rozier Hardt McDonough on behalf of Alto Dynamics, asserts five patents related to an online shopping platform. The case, assigned to U.S. District Judge Rodney Gilstrap, is 2:24-cv-00719, Alto Dynamics, LLC v. boohoo.com UK Limited.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250