Tag:Social Media

1
Mask Off: Social Media Giants to Unmask Trolls or Risk Themselves Becoming Liable for Defamation Payouts
2
Twitter accounts of prominent figures hacked
3
Hyp3r-misappropriation of data gets Instagram’s attention, but is enough being done?
4
Facing up to privacy risks
5
Victorian ruling clarifies application of privacy principles to social media accounts

Mask Off: Social Media Giants to Unmask Trolls or Risk Themselves Becoming Liable for Defamation Payouts

By Cameron Abbott, Rob Pulham, Warwick Andersen, Max Evans and James Gray

In a significant development in online regulatory oversight, the Australian government announced over the weekend that it will introduce new laws handing Australian courts the power to order social media companies to reveal the identities of anonymous trolls or risk themselves being liable for defamation payouts.

The so called “social media anti-trolling legislation” which the government has said will be introduced into parliament this week proposes to require social media companies stand up a functional and easy-to-use complaints and takedown process for users, who upon suspecting they are being defamed, bullied or attacked may file a complaint with the social media platform requesting that the relevant content be removed.

If that request is denied, the complainant can ask the social media company to provide the details of the “troll” so as to enable the complainant to commence an action. If this request is further denied, or if the social media platform is “unable to do this”, complainants may apply to obtain a court order requiring the social media company to release the identification details of the anonymous user so that a defamation action may be pursued. Failure to comply with such a court order will render the social media company themselves liable for the defamation claim.

Significantly, the reports indicate that these new laws will push legal responsibility for defamatory content from the author or page manager to the social media company which runs the platform. This represents a key move away from social media platforms being distributors of content but rather, in the eyes of online safety, being deemed publishers themselves. We will keep you posted as these proposed laws progress.

Twitter accounts of prominent figures hacked

By Cameron Abbott, Warwick Andersen, Rob Pulham and Keely O’Dowd

Reports have surfaced that the Twitter accounts of prominent companies, politicians and celebrities were compromised on Wednesday, 15 July 2020. Hackers were able to gain large scale access to the Twitter accounts of several prominent and influential US personalities and companies to promote a cryptocurrency scam.

It is concerning that the accounts of prominent figures were targeted and compromised. Given the level of influence and prominence several of those individuals have on social media, the hackers had the potential to cause greater havoc. On this occasion, it appears the hackers were financially motivated to perform the cyber attack by seeking “donations” via Bitcoin. The hackers sent out tweets asking people to donate Bitcoin to an address and the Twitter account holder would double the donation.

Read More

Hyp3r-misappropriation of data gets Instagram’s attention, but is enough being done?

By Cameron Abbott, Michelle Aggromito and Alyssia Totham

Until recently, a security vulnerability in the social media platform Instagram, allowed Hyp3r to illicitly harvest millions of Instagram users’ data and track their locations.

In a similar manner to the Cambridge Analytica scandal that plagued Facebook following the 2016 US presidential election, this latest example of Hyp3r’s mass data collection was discovered through a journalistic investigation and was not uncovered by the social media platform.

Read More

Facing up to privacy risks

By Cameron Abbott and Karla Hodgson

Images of dramatically aged friends and family members have been flooding social media feeds over the last week, courtesy of FaceApp, an app that uses AI to digitally age a user’s photo. While many have been asking themselves “why would I make myself look older?” others have been discussing the risks of allowing an app to access and store personal data.

The app’s privacy policy allows FaceApp to retrieve information such as IP addresses and location data from users, in addition to the photo the user has selected for editing. When users agree to FaceApp’s terms of service, they agree to grant FaceApp a perpetual and irrevocable licence to use this data, including their name and likeness, which can be used for any purposes, including commercial purposes.

Read More

Victorian ruling clarifies application of privacy principles to social media accounts

By Cameron Abbott and Rebecca Murray

The Victorian Supreme Court recently confirmed that an employer was not obliged to immediately notify an employee that it was accessing her Facebook messages during a disciplinary investigation. This case clarifies the manner in which the Victorian Information Privacy Principles (IPPs) apply to social media.

In this case, an employer conducted an investigation into an employee after a colleague reported her for making a number of abusive remarks over Facebook. During the investigation, the employer accessed the employee’s Facebook messages without her knowledge. She was subsequently found guilty of misconduct and given a final warning.

The employee appealed the case to the Supreme Court of Victoria after the Victorian Civil and Administrative Tribunal (VCAT) found that her employer had complied with the IPPs. In her appeal, she questioned whether the ways her employer collected and used the information was necessary “for the purposes of a workplace disciplinary investigation” and whether accessing it without her knowledge or consent was “necessary for one or more of the organisations functions or activities’ for the purposes of IPP 1.1”.

The Supreme Court of Victoria confirmed VCAT’s finding that collecting further information was necessary under IPP 1.1 as the employer was conducting a misconduct investigation “which was a legitimate purpose” and said there was nothing to suggest its approach was inconsistent with the right to privacy. Furthermore, the court found that VCAT was correct in finding that IPP 1.3 (and 1.5) did not impose an obligation of immediate notification on the employer as it could have jeopardised the integrity of the disciplinary investigation. Access the IPPs here. and read the court’s decision here.

Importantly, this case demonstrates that privacy law doesn’t automatically prevent employers from accessing the social media accounts of their employees to conduct investigations in appropriate circumstances.

Copyright © 2024, K&L Gates LLP. All Rights Reserved.