New study provides cybersecurity insights for corporate counsel (Hogan Lovells, 24 Feb 2015) – A recently-released research study published by Indiana University’s Bloomington School of Law highlights the rising importance of cybersecurity law and provides current insights on the role lawyers are playing to help protect companies from cyber threats. The study, entitled “ The Emergence of Cybersecurity Law ,” is based on a survey of corporate law departments as well as interviews conducted with lawyers, consultants, and academic experts. The report finds that although companies increasingly recognize the importance of cybersecurity, few are fully prepared to face the challenge. Substantial numbers of corporate leaders lack confidence in their organizations’ level of preparedness-in part the result of a shortfall of cybersecurity literacy within organizations. While cybersecurity may once have been the domain of IT professionals, companies now recognize that having legal and other disciplines engaged is also necessary. The implication is that lawyers must master the patchwork of legal issues and regulations relevant to cybersecurity risk management, while developing sufficient technical vocabulary to ask the right questions of their IT counterparts. Despite the accelerating frequency of cybersecurity incidents, the report finds that companies still too often turn to lawyers only as a reactive measure rather than as part of a proactive process. To help companies protect their employees and customers from cyber threats, the report recommends that corporate counsel follow a 10-point cybersecurity agenda first proposed in 2012 by Hogan Lovells Partner Harriet Pearson: * * *

 

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/StuartMiles

McPeak on social media & civil discovery (Legal Theory Blog, 14 Nov 2014) – Agnieszka McPeak (University of Toledo College of Law) has posted Social Media Snooping and Its Ethical Bounds (Arizona State Law Journal, 2014 Forthcoming) on SSRN. Here is the abstract: Social media has entered the mainstream as a go-to source for personal information about others, and many litigators have taken notice. Yet, despite the increased use of social media in informal civil discovery, little guidance exists as to the ethical duties – and limitations – that govern social media snooping. Even further, the peculiar challenges created by social media amplify ambiguities in the existing framework of ethics rules and highlight the need for additional guidance for the bench and bar. This article offers an in-depth analysis of the soundness and shortcomings of the existing legal ethics framework, including the 2013 revisions to the American Bar Association’s model rules, when dealing with novel issues surrounding informal social media discovery. It analyzes three predominant ethics issues that arise: (1) the duty to investigate facts on social media, (2) the no-contact rule and prohibitions against deception, and (3) the duty to preserve social media evidence. While the first two issues can be adequately addressed under the existing framework, the rules fall short in dealing with the third issue, preservation duties. Further, even though the existing ethics rules can suffice for the most part, non-binding, supplemental guidelines, or “best practices,” should be created to help practitioners and judges navigate the ethical issues created by new technology like social media.

 

 

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/worradmu

New from AVVO: on-demand, fixed-fee legal advice (Robert Ambrogi, 27 Oct 2014) – Avvo, Inc. – never a company shy about pushing the envelope – has just pushed it a bit further, with the launch of Avvo Advisor , a service that provides on-demand legal advice by phone for a fixed fee of $39 for 15 minutes. The service is available to consumers online or through a free iOS app. To use the service, the consumer first enters his or her zip code and then selects the type of legal matter in which he or she needs help. The consumer is then asked to provide credit card and contact information. The service promises that the consumer will receive a call from an attorney within 15 minutes or else the consumer’s fee will be fully refunded. The service covers nine legal categories: small business, divorce, family, immigration, real estate, landlord-tenant, criminal defense, employment and bankruptcy/debt. It is so far available to consumers in 15 states, with more to be added in the coming months: Arizona, California, Colorado, Florida, Georgia, Illinois, Maryland, Massachusetts, Michigan, New Jersey, New York, Pennsylvania, Texas, Washington and Wisconsin. A separate section of the site provides information for attorneys wishing to enroll in the program. All an attorney needs to participate, it says, is a bank account and a mobile phone. “You control your availability via text, whenever and wherever you want to receive Avvo Advisor sessions.” Avvo notifies the attorney via text when someone purchases a session in the attorney’s state and practice area. The attorney responds to the text to claim the session, then has 15 minutes to initiate the call. Once the call is finished, the entire fee is deposited to the attorney’s account (so there is no fee splitting).

 

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/supakitmod

Suing file-sharers doesn’t work, lawyers warn (TorrentFreak, 13 July 2015) – For more than a decade copyright holders and the U.S. Government have been trying to find the silver bullet to beat piracy. This week the American Bar Association joined the discussion with a 113-page white paper . With their “call for action” the lawyers encourage Congress to draft new anti-piracy legislation and promote voluntary agreements between stakeholders. Among the options on the table is the filing of lawsuits against individual file-sharers, something the RIAA did extensively in the past. Interestingly, the lawyers advise against this option as it’s unlikely to have an impact on current piracy rates. According to the lawyers these type of lawsuits are also financially ineffective, oftentimes costing more than they bring in. In addition, they can create bad PR for the copyright holders involved. “While it is technically possible for trademark and copyright owners to proceed with civil litigation against the consuming public who […] engage in illegal file sharing, campaigns like this have been expensive, do not yield significant financial returns, and can cause a public relations problem for the plaintiff in addressing its consuming public,” the lawyers write. [ Polley : see RIAA story below in “ Looking Back ”]

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

Reduce legal research costs with Google Scholar (Lawyerist, 3 July 2014) – Clients have been increasingly reluctant to pay for legal research. In this age of bundled services, they think that research costs should be included with an attorney’s hourly or flat-rate fee. If you are seeking ways to reduce research costs, here is one good option: Google Scholar . It is an online research service that you should use to find cases and secondary sources-for free. This article first explains the primary benefits of Google Scholar. But before you cancel your subscription to LexisNexis or Westlaw, read the second part of this article on its limitations. * * *

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/Stuart Miles.

Laying out the role of the computer forensics neutral expert (InsideCounsel, 27 May 2014) – When discovery in litigation involves the inspection of computer systems, setting out reasonable and effective protocols often involves a neutral expert in computer evidence. Working for the court, oftentimes at the direction of a special master, the neutral expert will engage with both parties, and often with computer forensics experts, to craft a reasonable inspection protocol. The challenge is to achieve consensus on the approach to preserving, performing analysis and review, and then producing relevant data. Protecting the producing party’s privacy/privilege while identifying only data that is responsive to the inspection demand must be balanced with the requesting party’s goal of finding all relevant evidence. Considering technology, discovery and forensic tools, and any agreements by the parties, the neutral expert must propose or assist with crafting an inspection protocol the parties to the litigation can agree to. Depending on the type of litigation, a company’s most sensitive data may be at issue and subject to discovery. Adequate review is hindered if full access to the relevant sources of data is not provided. Establishing the provenance of important documents, examining versions of source code, recovering evidence of the use of external media or the transfer of proprietary data can only be accomplished through the proper preservation and analysis of the right data sources. Conference calls to meet and confer to identify relevant sources and confirm preservation are crucial early in the inspection process. The neutral expert can work with the party’s IT administrators or consulting computer forensics expert(s) to map the sources of potentially relevant data. The potential evidence sought may inform what type of analysis is relevant. Some issues will involve common data sources, such as laptop and desktop user computers, email and shared network data. Other issues may require the examination of other sources of data, such as client relationship management (CRM) data or a source code revision control system. Whether the issue in the litigation involves allegations stemming from the use of a former employer’s client list or the alleged theft of IP, the neutral expert may need to take into account these additional data sources and prepare a reasonable review protocol. In cases involving the review and production of sensitive data, the consulting and neutral experts sometimes need to come up with a more elaborate protocol to address all the parties’ concerns. On a number of occasions, setting up a “clean room” with restricted access, no outside network connectivity and computer workstations for experts from both sides has been necessary. Protocols for the review and identification of relevant data are established. Procedures for turning over responsive data and the work product of subject matter experts are also spelled out. In these cases, the neutral expert will facilitate the work of other experts and the production of data among the parties.

Provided by MIRLN.

Image courtesy of FreeDigitalPhotos.net/twobee.