Compliance Archives

Product Liability in the Internet of Things — Schiff Hardin Product Liability & Mass Torts Blog

April 14th, 2019|Categories: Complex Business Litigation, HB Risk Notes, Technology Law|Tags: Compliance, Emerging Litigation & Risk, Information Technology Law, Legal Tech, Product Liability|

[one-half-first] Photo by Markus Spiske on Unsplash [/one-half-first] [one-half]"Combining a physical object and an intangible technology also creates a novel issue when it comes to strict product liability principles, which typically hold that a product manufacturer may be strictly liable for a product’s defect. The first task in a strict product liability case is to identify the product. In the context of a device that has no internet connectivity, the answer is straightforward. If a ladder is defective and causes an injury, the ladder’s manufacturer may be held strictly liable because a ladder is the product. But when it comes to IoT devices, the line may be blurred. Almost always, the software part of the IoT device is 'manufactured' by a separate entity from the entity that manufactures the physical object. If the IoT device proves to be defective, the question becomes which entity may be held strictly liable." Read the complete post by Schiff Hardin's Gregory Dickinson & Jeffrey D. Skinner here. [/one-half]

One Stock for the Coming Marijuana Boom, Says The Motley Fool

April 12th, 2019|Categories: Complex Business Litigation, Corporate Compliance, HB Risk Notes|Tags: Banking & Finance, Cannabis, Compliance, Emerging Litigation & Risk, Fintech|

"This legal pot stock could be like buying Amazon for $3.19." "Cannabis legalization is sweeping over North America – 10 states plus Washington, D.C., have all legalized recreational marijuana over the last few years, and full legalization arrived in Canada in October 2018. Legal marijuana is worth an estimated $50 billion for the U.S. today. And since experts have projected the U.S. industry to skyrocket to $80 billion by 2030, it’s time for investors to start paying attention. Because whether or not you’re planning on ingesting any THC, you can’t deny the monumental investing opportunity that a potentially $80 billion industry represents." --Grace Phillips, in an article for The Motley Fool

Million-Dollar Settlement in Employee Background Check Case, Top Class Actions Reports

April 11th, 2019|Categories: Class Actions, Employment, HB Risk Notes, HB Tort Notes, Technology Law|Tags: Compliance, Data Privacy, Healthcare, Protected Personal Information (PPI)|

"Job applicants have secured a $1.2 million settlement ending allegations that Maxim Healthcare did not properly inform potential employees that they would have a consumer report pulled as part of the application process. Class Members include those who applied and got a job with the healthcare services company between May 5, 2009 and Aug. 27, 2012, who were also subject to a consumer report check by Maxim. The Maxim Healthcare class action lawsuit claimed that Maxim violated federal consumer privacy protections when procuring employee background checks."

Dan Mogin: Antitrust, Pro-Privacy Moves Led Outside U.S.

March 21st, 2019|Categories: Complex Business Litigation, HB Risk Notes, Technology Law|Tags: Antitrust, Compliance, Data Privacy, eCommerce, Social Media|

In a move that could redefine how 2.6 billion people use Facebook Messenger and Facebook’s acquired WhatsApp and Instagram apps, The New York Times reported on Jan. 25 that Facebook CEO Mark Zuckerberg plans to integrate the platforms. The announcement turned up the volume on antitrust and privacy warnings directed at the social media giant. “Facebook can be legitimately criticized for merging these apps after contrary assurances and perhaps for trying to dominate messaging,” MoginRubin Partner Dan Mogin said, “but perhaps more importantly, this is another example of the evolving convergence between antitrust and privacy that appears to be being driven by forces outside the US enforcement agencies. It’s a challenging issue for antitrust and may eventually lead to a sea change.” See the complete post on the MoginRubin Blog.

Financial Institutions Struggle to Keep Up with ‘Changing Business Needs’ Such as Social Mobile Apps, and Getting Risk Data Quickly, Deloitte Report Suggests

January 27th, 2019|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Compliance, Cybersecurity, Data Analytics, Data Breach, Data Privacy|

Deloitte's report is based on a survey of 94 financial institutions around the world that operate in a range of financial sectors and with aggregate assets of $29.1 trillion. Deloitte's Edward Hida -- financial risk community of practice global leader and a partner in Deloitte Risk and Financial Advisory -- posted his executive summary the latest Global Risk Management Survey which is the organization's eleventh. The report is a detailed one and Deloitte draws quite a few conclusions around the continued focus on cyber security, engagement of boards of directors, increase attention to non-financial risks, the potential of digital risk management, enterprise risk management, the proliferation of Chief Risk Officers, an increased reliance on stress testing and more. A couple figures jumped out at me which show at least two challenges to financial institutions. Hear this Deloitte professional at ICRMC in Toronto April 15-16! Respondents are finding "extremely challenging" the need to keep up with changing business operational needs, such as deployment of social mobile applications, data analytics and cloud-based risks. Also in the "extremely challenging" category, not surprisingly, are threats from "sophisticated actors," like foreign governments and crackerjack hacktivists. Other issues categorized as "extremely high priority "revolve around getting quality risk data quickly. Given the average length of time other studies show that a hacker can poke around in your network before [...]

Two Judges Find Florida Medical Marijuana Law Unconstitutional

January 4th, 2019|Categories: Complex Business Litigation, Corporate Compliance, HB Risk Notes, HB Tort Notes|Tags: Cannabis, Compliance, Corporate & Securities, Emerging Litigation & Risk, Regulations|

The Program is 'Absolutely Broken' -- Now What? Edited by Tom Hagy Florida Circuit Judge Karen Gievers just held that the Florida medical marijuana law is unconstitutional. Reporting on the judge's Trulieve decision for the Florida Politics news service, journalist Jim Rosica called it "a rebuke to lawmakers and the Rick Scott Administration" that was "stunning even for" Judge Gievers. "In the spirit of boxing legend Muhammad Ali, known for his pre-fight rhymes, Gievers opined that in Florida 'the medical marijuana system was broken. Now, in the Constitution, the people have spoken.'" Rosica reported that while Gov. Scott is appealing the major marijuana decisions against the state Department of Health, the transition team of Republican Governor-elect Ron DeSantis, including Lt. Gov.-elect Jeanette Nuñez, has suggested that he will not continue to defend the law in court. Rosica continued: "Gievers, who retires in April, said her decision striking down the law 'includ(ed), but (is) not limited to, replacement of the voter-selected registry plan with an arbitrary, inconsistent licensing scheme … throttling access of qualifying patients to … safe use of medical marijuana from (providers that) the Department has a clear, undisputed duty to register.' In fact, just passing the law was itself unconstitutional, Gievers suggested: 'Voters made clear in 2016 that the Legislature was to have no role in implementing access to and [...]

Kenneth Jones of Tanenbaum Keale on Law Firm Tech Development Capabilities

October 16th, 2018|Categories: Corporate Compliance, HB Risk Notes, HB Tort Notes, Technology Law|Tags: Compliance, Cybersecurity, Law Practice Technology, Legal Tech|

Should Law Firms Should be Able to Develop Custom Technologies? Here is #10 of Jones' Top-10 List. #10. Security. The cloud is great, and generally speaking, companies in this space operate systems in a highly professional manner. However, occasionally one encounters special business needs which call for extensive “above and beyond” levels of security. This could be times a firm is storing financial information, medical records, or other data they wish to absolutely, positively protect. In these situations — under the theory that “no one does things better than I do” —it’s nice to have the option to build super-secure systems with features such as encrypted data within database tables, and to manage the systems with a very small number of highly trusted professionals specifically known by the law firm. Read more of the article posted by Thomson Reuters. Kenneth Jones oversees various aspects of technology at Tanenbaum Keale LLP in the role of Chief Technologist. He leads efforts to support TK’s computing environment and infrastructure, one that features a strategy of professionally protecting and processing client data in the cloud with highly skilled and respected leading-edge business partners in the technology space. Ken also helps lead and support various TK programs in the areas of security, compliance, business continuity and firm administration. Learn more.

Courtney Klein on Social Media & Security

August 1st, 2018|Categories: Corporate Compliance, HB Risk Notes, Law Firm Operations|Tags: Compliance, Cybersecurity, Law Practice Management, Risk Management, Social Media|

A Restructured Paradigm for Corporate Teamwork By Courtney Klein of Soteria Risk Consultants Social media has become an integral part of everyday life. It’s how some of us get our news, research our opinions, learn about local events, and connect with friends. For the modern western business, it is also immensely important for staying in touch with customers, advertising, and overall visibility. For this reason, many companies employ veritable armies of “Social Media Specialists” that do everything from designing graphics to writing tweets to replying to customer questions and complaints. Some companies interact with each other (such as the hilarious and long-standing Twitter Battle between Wendy’s and McDonald's), and some use it as their primary form of communication. Customers, too, know that social media is a way to get in touch with a company - for good reasons and for bad - and while many companies are aware that they will and do receive threats on social media, very few of them have any kind of protocol in place for how to deal with them – and even fewer still encourage their social media teams to pass this information on to or (better yet) work together with their security team. This sort of blasé attitude to threats – either because “it’s not my job” or “they can’t be serious” – leads to [...]

Francoise Gilbert on Colorado’s New Privacy Law: Are You Ready?

August 1st, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Compliance, Cybersecurity, Data Breach, Data Privacy, Privacy|

Effective Sept. 1, 2018, Colorado will require all entities that process or store certain personal information of Colorado residents, regardless of whether the entity is located within or outside of Colorado, to have formal data security and data disposal programs. This is the result of the adoption of Bill 18-1128 “Concerning Strengthening Provisions for Consumer Data Privacy,” signed into law at the end of May 2018, to amend and supplement existing law .... Previously, the definition of “personal identifying information” under the Colorado law was limited to a resident’s first name or initial and last name in combination with the individual’s Social Security, driver’s license, or identification card number, or a credit or debit card or bank account number, combined with a password or access code. The new definition includes additional forms of identification, such as student, military, passport, and health insurance identification number, as well as other types of information, such as medical information or biometric data. It also includes username or e-email address in combination with a password or security question answers that would permit access to an online account .... Organizations that collect personal identifying information of Colorado residents and that do not yet have the written programs necessary to formalize their data protection practices urgently need to focus on compliance. -- Francoise Gilbert, Greenberg Traurig Francoise Gilbert, a partner [...]

McLoughlin on Artificial Intelligence in Banking

July 25th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Artificial Intelligence (AI), Banking & Finance, Compliance, Fraud, Risk Management|

"Capital adequacy requirements are not the only kind of regulation that AI is helping banks to meet. An even bigger area is monitoring of trading activities for misconduct and abuse. The Bank of England estimates that misconduct by traders has cost banks a global cumulative of $320 billion to date. For this very large reason, banks are aggressively deploying machine learning to monitor the behavior of their traders and detect unusual behavior." Read Michael McLoughlin's post on LinkedIn. Michael McLoughlin is Global Digital Transformation Partner & Advocate with Microsoft.

Joshua Gold on Cyber Crime and Insurance

July 24th, 2018|Categories: HB Risk Notes, Insurance, Technology Law|Tags: Compliance, Cybersecurity, Data Breach, Fraud, Insurance Companies|

With the amount of trickery going into thefts and embezzlements these days, crime insurance companies too often use the many steps involved in a fraudulent scheme to argue that losses are indirect and otherwise uncovered. The recent decisions of the Second Circuit and Sixth Circuit on the “direct loss” argument and the scope of computer fraud coverage are important victories for policyholders generally, making clear that where the predominant step in the chain is some type of covered fraudulent misconduct involving a computer, a court is not going to entertain a direct loss defense to excuse the insurance company from paying. As such, policyholders should be familiar with their crime coverage and promptly notify all potentially implicated lines of insurance coverage when a cybercriminal is afoot. -- Joshua Gold, Anderson Kill Read Josh's complete article. Joshua Gold is Chair of Anderson Kill’s Cyber Insurance Recovery Practice and was amicus counsel for United Policyholders in the Medidata Solutions, Inc. v. Federal Insurance Company case before the Second Circuit.

Halligan, Weyland on Cybersecurity, Trade Secret Asset Management and the Defend Trade Secret Act of 2016

July 23rd, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Artificial Intelligence (AI), Compliance, Corporate & Securities, Cybersecurity, Data Analytics|

"Cybersecurity protection against outsider theft has largely succeeded, if competently crafted business methods are strictly followed. The more intractable problem of insider theft is now the major concern, and traditional cybersecurity methods are unavailing. The ever-higher digital barriers placed around the corporation and its sensitive data are no defense against data theft by people allowed inside the digital walls in the normal course of business." Read their complete post on LinkedIn. R. Mark Halligan is a Partner and Trial Lawyer at FisherBroyles, LLP. Mr. Halligan has taught Advanced Trade Secrets Law in the John Marshall Law School LLM program for 24 years. Richard F. Weyand is the President of the Trade Secret Office, Inc. www.thetso.com See R. Mark Halligan and Richard F. Weyand Trade Secret Asset Management 2018: A Guide to Information and Asset Management Including RICO and Blockchainavailable on Amazon. https://www.amazon.com/dp/0997070986