Professional Liability Insurance Or Cyber?

June 6, 2014 Administrator Leave a comment Security

Discussion paper: Lawyers professional liability insurance versus cyber liability insurance (Stuart Pattison, May 2014) – Over the last few years, law firms have been making significant investments in network hardware and software for the operation of their business, including the protection of client data. There is now also increased interest by law firms in purchasing Cyber Liability Insurance, primarily in response to increased scrutiny by clients as to what steps they are taking to improve security of data. In some cases, clients will even audit law firms to ensure compliance with their required standards. Buying Cyber Insurance can provide clients comfort that data security issues are being addressed since insurers have an interest in learning what steps are being taken to mitigate the risk for claims that could fall within the terms of the policy. In addition, Cyber Insurance provides a source of recovery in the event the client incurs financial loss due to a data breach emanating from the law firm. A second driver for these investments is reputational risk and the belief by law firms that loss of client confidence could have significant negative consequences. Of course, law firms have always had an ethical obligation to keep their clients information confidential and secure; indeed it is the cornerstone of the attorney-client relationship and the advent of the internet has not changed those duties. What has changed is the ease by which large amounts of data can be stored, managed and transmitted, and the increased opportunities for third parties to steal information. [ Polley : Interesting paper. Stuart has been involved in the evolution of cyberinsurance-for-lawyers from the very beginning.]

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

FEC Gives PACs The Go-Ahead On Bitcoin

June 4, 2014 Administrator Leave a comment Tech

Federal Election Commission says political action committees can accept payment via Bitcoins (Techdirt, 9 May 2014) – After some amount of hand-wringing, the Federal Election Commission has said thatpolitical action committees (PACs) may accept bitcoin donations , though they can’t then buy goods and services with those bitcoins. Furthermore, it has to convert the bitcoins to dollars before depositing them into its campaign accounts. In other words, its effectively allowing the use of bitcoin as a payment system, rather than as a currency. However, at the same time, it will allow campaigns to buy bitcoins as an investment vehicle. There’s also some confusion over what this all means. Rather than issuing a full ruling, the FEC released an “advisory opinion” based on a specific request from the Make Your Laws PAC, which specifically asked for the ability to accept bitcoin donations up to $100. What’s not clear is if the FEC is just agreeing to that level of donations or if it’s okaying larger donations as well.

Provided by MIRLN.

Image courtesy of techinasia.com/bitcoin-illegal-thailand/cdn.btcpedia.com.

Aspen Down On Casebook Ownership

June 2, 2014 Administrator Leave a comment Legal News

Aspen doesn’t want you to own your own casebooks (Laboratorium, 6 May 2014) – Aspen imprint is a leading publisher of law school casebooks. Over the years, it’s built a reputation for high editorial and design standards. Some of its casebooks, like Property, by the late Jesse Dukeminier et al., are perennially popular. I like to tell new Property professors that no one ever got fired for assigning Dukeminier. Unfortunately, Aspen has chosen to use Dukeminier’s Property in launching a disturbing new program: the “Connected Casebook. The official website isn’t live yet, but law professor Josh Blackman blogged about an email he received from Aspen describing the program. My account follows his. In brief, students, will be required to “buy” a Connected Casebook, which consists of two pieces. First, there is “lifetime access” to a digital version of the casebook, together with various supplementary materials. Second, there is a bound physical version of the casebook, which students can highlight and mark up freely, “but which must be returned to us at the conclusion of the class.” The obvious goal is to dry up the used book market by draining the supply of used copies. But as Josh points out, it seems unlikely that every student will return the physical book. Rather, reading between the lines, Aspen may argue that the physical book is “licensed” rather than “sold” under the reasoning of cases like Vernor v. Autodesk. The result would be that first sale (the right of the owner of a book, or a DVD, or any other copy of a copyrighted work to resell it freely) would never attach, since the students wouldn’t be “owners” of their physical copies. [Polley : this seemed ill-conceived when announced, and Aspen was back-peddling within a day; Prof James Grimmelmann @grimmelm led the forces, and routed Aspen; it was a nice Twitter feed to watch unfold.]

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Surachai.

FTC Forced To Disclose

May 29, 2014 Administrator Leave a comment Security

FTC told to disclose the data security standards it uses for breach enforcement (Computerworld, 2 May 2014) – The Federal Trade Commission (FTC) can be compelled to disclose details of the data security standards it uses to pursue enforcement action against companies that suffer data breaches, the agency’s chief administrative law judge ruled Thursday. The decision came in response to a motion filed by LabMD, a now-defunct medical laboratory that has been charged by the FTC with unfair trade practices for exposing sensitive information belonging to 10,000 patients in 2010. LabMD has accused the FTC of holding it to data security standards that do not exist officially at the federal level. It has maintained that the agency must publicly disclose the data security standards it uses to determine whether a company has reasonable security measures in place. The judge held that while LabMD may not inquire about the FTC’s legal standards or rationale, it has every right to know what data security standards the commission uses when pursuing enforcement action. The FTC’s Bureau of Consumer Protection “shall provide deposition testimony as to what data security standards, if any, have been published by the FTC or the Bureau upon which [it] intends to rely on at trial,” Chappell ruled. [ Polley : Steptoe writes : “LabMD is surely hoping that having the FTC acknowledge on the record that it does not actually have “data security standards” will underscore – for the ALJ, for courts, for Congress, and the public – LabMD’s contention that the FTC is acting as a lawless bully.”]

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Victor Habbick.

Apple Lays Down New Rules For Law Enforcement Data

May 27, 2014 Administrator Leave a comment News

Apple releases guidelines for law enforcement data requests (CNET, 7 May 2014) – Apple has published a new set of guidelines regarding how law enforcement agencies and other government entities may request information from the company about user data. The new rules , which were posted to Apple’s website late Wednesday, reflect Apple’s move toward notifying its customers when it receives law enforcement requests for user data. “Apple will notify its customers when their personal information is being sought in response to legal process except where providing notice is prohibited by the legal process itself, by a court order Apple receives (e.g., an order under 18 U.S.C. §2705(b)), or by applicable law or where Apple, in its sole discretion, believes that providing notice could create a risk of injury or death to an identifiable individual or group of individuals or in situations where the case relates to child endangerment,” the guidelines state. Apple says it can extract active user-generated data from native apps on passcode-locked iOS such as SMS, photos, videos, contacts, audio recording, and call history. However, it can’t provide email, calendar entries, or any third-party app data. Also it can only perform data extraction from devices running iOS 4 or later “in good working order” at its Cupertino headquarters. Apple also said that upon the receipt of a valid wiretap order, it can intercept users’ email communications but not their iMessage or FaceTime communications because those communications are encrypted.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/renjith krishnan.

With FCC Decision, Fairness Doctrine Officially Falls

May 23, 2014 Administrator Leave a comment Government

FCC decides that it will no longer enforce the Zapple doctrine – killing the last remnant of the Fairness Doctrine (Broadcast Law Blog, 8 May 2014) – The Zapple Doctrine was an outgrowth of the FCC’s Fairness Doctrine. The Zapple Doctrine required that broadcast stations that give air time to the supporters of one candidate in an election give time to the supporters of competing candidates as well. Even though the Fairness Doctrine has been defunct for years, having had various manifestations of the Doctrine declared unconstitutional either by the Courts or the FCC, Zapple apparently lived on, or at least a death certificate had never been issued (see, for instance, our articles mentioning the continued life support of the Doctrine, here and here ). Thus stations had to be concerned about giving air time to supporters of political candidates for fear of having to provide a similar amount of time to those supporting competing candidates. Apparently, that uncertainty has now been resolved, as in two just released cases, the FCC”s Media Bureau has declared that Zapple, like the rest of the Fairness Doctrine, is dead. The cases just decided (available here and here ) both involved the recall election of Wisconsin Governor Scott Walker, where complaints were filed against the renewals of two radio stations, complaining that those stations did not provide equal opportunities to supporters of Walker’s recall opponent even though station hosts provided on-air support for Walker. The FCC rejected those complaints, declaring: Given the fact that the Zapple Doctrine was based on an interpretation of the fairness doctrine, which has no current legal effect, we conclude that the Zapple Doctrine similarly has no current legal effect.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.