Privacy Fears Surround Google (Again) Amidst Data-Sharing Deal with Hospital Network; Microsoft to Honour California’s Data Privacy Law Across the US; Chinese National Pleads Guilty to Stealing Trade Secrets; Sandra Bullock and Ellen DeGeneres File Suit Against Fake Ads and more.
Privacy Fears Surround Google (Again) Amidst Data-Sharing Deal with Hospital Network
After acquiring the fitness tracking company Fitbit, Google continues its foray into the $3.5 trillion health sector through a partnership with Ascension, a major US hospital network. The two companies aim to collaborate on tools to analyse health information and assist doctors by making it easier to search for specific patient data in medical records. However, much like the Fitbit acquisition, the announcement of this partnership was met with a spate of privacy concerns—with reports that data of tens of millions of patients was already accessible, without their knowledge or consent, by 150 Google employees.
On the face of it, however, these privacy fears might be overstated; the two companies have signed an industry-standard agreement—called a business associate agreement. Such sharing of protected health information by the hospital with Google (who would be the business associate here) is permitted and explicitly provided for, through such agreements, by the Health Insurance Portability and Accountability Act (HIPAA), which is the federal legislation governing data privacy and security provisions for safeguarding medical information in the US. The agreement restricts the scope of Google’s use of the health information to providing tools for the treatment of patients by Ascension’s clinicians and would typically prevent Google from converting the data for its own commercial purposes, combining such data with Google consumer data, and from selling the data to any third parties.
However, several Ascension employees have raised concerns that some of the tools employed by Google import and export the patient data were not compliant with the provisions of the HIPAA, especially its privacy standards. While refusing to comment on the partnership, Google has responded to queries by providing a list of its cloud products that it claims are HIPAA-compliant; this list includes some of the tools that the Ascension employees are concerned about.
Microsoft to Honour California’s Data Privacy Law Across the US
Microsoft has pledged to honour the “core rights” granted under California’s new sweeping data protection and privacy law, and to extend its fulfilment of these rights to consumers across the entire United States. The California Consumer Privacy Act (CCPA), which will go into effect in California on January 1, 2020, is one of the most stringent privacy regulations in the US, and in certain aspects, even fiercer than the EU’s landmark General Data Protection Regulation (GDPR). The CCPA requires companies to disclose to consumers the extent and particulars of their personal data collected, whether and to whom such data is transferred or sold, and allow users to opt-out of any sale of data and to request deletion of any collected data. The Act emphasises on transparency in the process and purpose of the data collection and its use and requires companies to maintain a comprehensive privacy policy. Despite several efforts and debates in Congress, the US has no overarching federal data privacy regime, and Microsoft isn’t legally obliged to extend the honouring of the rights under the Act beyond California. However, like it had done with the GDPR, Microsoft intends to expand its adherence to the main principles of the Act across the US, according to Julie Brill, Microsoft’s chief privacy officer.
Chinese National Pleads Guilty to Stealing Trade Secrets
Hongjin Tan, a Chinese national, pleaded guilty to stealing trade secrets pertaining to manufacture of a “research and development downstream energy market product” that is worth over $1 billion from Phillips 66, a U.S. petroleum company. Tan, who admitted to intentionally copying and downloading research and development materials without authorization from his employer, will be sentenced on Feb. 12 and the Justice Department said it agreed a sentence of up to two years in prison would be appropriate as would $150,000 in restitution to Phillips 66.
Sandra Bullock and Ellen DeGeneres File Suit Against Fake Ads
A lawsuit filed by American actress Sandra Bullock and comedian Ellen DeGeneres takes on 100 anonymous individuals and entities operating sites that are illegally using images of and fake quotes attributed to the two stars to market health products. The lawsuit targets sites within the affiliate marketing industry whose revenue is based on users clicking on ads and being directed to e-commerce sites. Examples of ads listed in the lawsuit include a screenshot of Bullock on Ellen’s television show accompanied by a fake quote pertaining to an anti-ageing face cream. These entities, according to the lawsuit, often change names and their sites show up and disappear overnight. The lawsuit claims that a total of 40 beauty products have been sold using the stars’ names without their permission, and seeks an injunction and compensatory damages.
This is Part I of the IP Privacy and Anti-trust news for the week of 11th November, 2019. Part II is available here.
Authored and compiled by Neharika Vhatkar (Associate, BananaIP Counsels) and Param Gupta (Legal Intern)
The IP, Privacy and Antitrust Law News Bulletin is brought to you by the Consulting/Strategy Division of BananaIP Counsels, a Top IP Firm in India. If you have any questions, or need any clarifications, please write to contact@bananaip.com with the subject: IP, Privacy and Antitrust Law News.
Disclaimer: Please note that the news bulletin has been put together from different sources, primary and secondary, and BananaIP’s reporters may not have verified all the news published in the bulletin. You may write to contact@bananaip.com for corrections and take down.