A few months ago, I went to an MCLE seminar on cybersecurity. The 90-minute presentation hit topics such as public wifi, cloud computing, thumb drives, and password strength. The goal of the presentation was of course to scare everyone into being more vigilant in their firm policies regarding cybersecurity. The recommendations included:
Never use cloud computing. Always store your data on onsite servers.
Don’t use thumb drives on company computers.
Never use any mobile devices to store firm information (including emails).
After the presentation, we ate dinner, and everyone and my table came to the same conclusion: “Screw that. We are going to use thumb drives while checking our business email on our phones while client files upload to Dropbox.” That’s because some things are just too convenient to give up. As a solo, I might not want a server that I have to maintain. And I like getting my emails on my phone and on my watch because it makes my life easier.
Now, I don’t want to make light of cybersecurity because it is a very serious issue. But, the fact remains that if your data exists in a tangible form, people can steal it and it is vulnerable….
Do you know where your data is? According to the Federal Trade Commission, the answer is “no.”
The agency wants Congress to intervene against data brokers – companies that collect personal information and resell it, mainly for marketing purposes. The FTC released a report on Tuesday of the top nine data brokers in the US and how most Americans don’t know that their personal information is being collected.
the FTC states that consumers may benefit from increased transparency into the operations of data brokers. It notes that data brokers collect and store billions of data elements covering nearly every U.S. consumer, in many cases without consumers’ knowledge. The FTC recommends that Congress consider enacting legislation to make data broker practices more visible to consumers and to give consumers greater control over the handling of their information by data brokers.
The data collected by firms like Acxiom, Datalogix and Corelogic range from the innocent (what sports you follow) to the personal (health and financial information) and everything in between (what kind of car you drive and general shopping habits).
* “It’s a fine line society walks in trying to be fair.” Justice Sonia Sotomayor spoke earlier this week on the perils of racial profiling with respect to the Chechen suspects in the Boston Marathon bombings. Were we fair here? [Associated Press]
* What keeps in-house counsel awake at night — aside from the tremendous piles of money they’re rolling around in? Apparently they’re expecting an “onslaught” of food labeling and data breach class actions. [WSJ Law Blog (sub. req.)]
* Susan Westerberg Prager, known for being the longest-serving dean ever at UCLA School of Law, will take up the deanship at another illustrious institution, Southwestern Law School. [National Law Journal]
* The February results for the New York bar exam are out, and with the highest number of test-takers ever, the pass rate was brutal. We may have more on this later. [Thomson Reuters News & Insight]
* Rhode Island just got a little more fabulous. The Ocean State legalized gay marriage yesterday, making it the tenth state to do so, and uniting New England in marriage equality for all. [Bloomberg]
I had today’s column dealing with confidentiality provisions all set to go. However, given the Baylor Law School fiasco, I changed topics to another very contentious issue in business-to-business terms and conditions negotiations: data security. I will take some liberties with the factual scenario of the Baylor data release in order to make the issue more relevant to those of us in-house.
Let’s assume that instead of an employee of Baylor’s admissions office allegedly being responsible for the data release, it was an outside contractor who had been hired to perform data collection for Baylor. Let’s further assume that the contractor acted negligently in releasing the information. Finally, let’s assume that Baylor’s legal counsel vetted the Agreement and Statement of Work (“SOW”) between Baylor and the contractor, and included a data security provision. What should happen now that prospective students’ personal information, including LSAT scores and GPA, are in the public domain? I would begin by stanching the bleeding and assessing the damage….
Last week’s massive credit card data breach was a frustrating reminder that despite everything, all the fights over privacy rights and legislative shouting, if somebody wants to steal an extraordinarily large number of personal consumer information for nefarious purposes, they can probably do it.
As a refresher, on March 30, Global Payments, a third-party payment processor, reported that it had suffered a data breach. Someone gained unauthorized access to company information, a.k.a. private data of people with accounts with major credit card companies such as MasterCard, Visa, American Express, and Discover Financial Services.
So, exactly how many people’s information might have been compromised? Let’s just say it’s more than six figures…
On Monday, my roommate came home griping that his Zappos.com account, which he had not used in a year, had been hacked. Instead of feeling sympathetic, I started wondering how I might write about it. Data breaches are a dime a dozen these days.
It seems almost every company loses control of their customers’ sensitive data at some point. Someone almost always sues after the news breaks. But the lawsuits are rarely successful, unless customers can show real harm caused by the breach.
Most often, companies do not give up full credit card or Social Security numbers. This week, Zappos said it only suffered unauthorized access to somewhat less sensitive information. It’s a bit unnerving, but not the end of the world.
Did that stop some opportunistic consumer from taking action against the online shoe retailer?
Of course not. And we didn’t have to wait very long. A Texas woman filed a class-action lawsuit against Amazon, which owns Zappos, the same day the breach was announced. Is her lawsuit premature, vague, and a bit silly? Probably. Will it go anywhere? Probably not. But c’mon, you gotta love melodramatic, eager-beaver, consumer litigation.
So what, exactly, did Zappos lose? And how many people’s data was compromised? (Hint: it’s a lot.) Let’s mosey on past the jump and find out….
I write about hacking and data security periodically, even though sometimes I get the feeling legal professionals try hard not to think about the subjects. But the stories in this realm bear repeating. Corporate data security is a real concern for many, many corporate attorneys, and especially in-house counsel.
Data security problems used to stem most frequently from weak firewalls or unencrypted equipment. But more and more, the biggest sources of risk and liability are just dumb or technologically overeager employees.
What kind of computer trouble are you and everyone you know getting your company or firm into? Let’s see….
At this point, the lengths companies go to in order to protect data, keep it secure, and prepare for e-discovery is old news. Data breaches — and the news coverage that usually follows — have frightened many companies into at least attempting to ratchet up data security policies. Likewise with retention practices. There have been enough e-discovery horror stories that most companies, and especially their lawyers, know they need to start prioritizing this stuff.
Strangely though, you don’t often hear much about data security within corporate boards. But it turns out that the boards of many multinational corporations with hundreds of millions of dollars in revenue are way, way behind the curve on data security.
Company boards are doing everything from printing out physical copies of thousands of pages of sensitive material, to sending unencrypted information to personal e-mail accounts, unsecured iPhones, and home computers. The Thomson Reuters report, released Wednesday, gives a harrowing account of disasters waiting to happen….
As everyone knows, IT professionals and lawyers often want to stab each other’s faces with butter knives have a little trouble seeing eye-to-eye. Practitioners of both the law and computer sorcery tend to be headstrong and preternaturally assured that they are correct 100 percent of the time.
It only makes sense then, that several of Wednesday’s panels at the Legal Technology Leadership Summit dealt with the crucial and interdependent relationship between law dogs and mysterious IT folks. Throughout the day, discussion leaders from both sides of the aisle discussed ways to avoid (or at least mitigate) data breaches and to use technological tools to ease billing nightmares. One session was dedicated to lamenting the top ways IT staff and attorneys drive each other nuts.
For reasons why your boss isn’t thrilled about your sweet new 128 gigabyte flash drive and some classic ha-ha-lawyers-don’t-understand-technology anecdotes, keep on reading….
For most attorneys, time spent managing the books is a necessary evil at best. Yet it is undeniably a crucial aspect of running a successful practice. With that in mind, we invite you to view or download a free webinar by Above the Law and our friends at Clio to learn how to better manage your finances.
Take this opportunity to learn what it takes to streamline your accounting and get the most out of your time. The webinar agenda:
● The basics of accounting for lawyers.
● How legal accounting differs from regular accounting.
● Report and reconciliation issues surrounding trust accounts.
● How to pick and integrate the best accounting tools for your practice.
● Steps to prepare your tax return for your firm’s income.
Do not miss this crucial chance to optimize your accounting practices. Save time and get back to billing!
Ed. note: The Asia Chronicles column is authored by Kinney Recruiting. Kinney has made more placements of U.S. associates, counsels and partners in Asia than any other recruiting firm in each of the past seven years. You can reach them by email: email@example.com.
Please note that Evan Jowers and Robert Kinney are still in Hong Kong and will stay FOR THE REMAINDER OF THIS WEEK. We still have a handful of available slots for meetings with our Asia Chronicles fans. If we have not been in touch lately, reach out and let us know when we could meet! There is no need for an agenda at all. Most of our in-person meetings on these trips are with folks who understand that improving a legal practice through lateral hiring is an information-driven process that takes time to handle correctly.
Regarding trends in lateral US associate hiring in Hong Kong, we of course keep much of what we know off of this blog. Based on placement revenue, though, Kinney is having one of our most successful years ever in Asia. We are helping a number of our law firm clients with M&A, fund formation, cap markets, project finance, FCPA and disputes openings. These are very specific needs in many cases, so a conversation with us before jumping in may be helpful. As always, we like to be sure to get the maximum number of interviews per submission, using a well-informed, highly targeted, and selective approach, taking into account short, medium and long-term career aims.
Making a well informed decision during a job search is easier said than done – the information we provide comes from 10 years of being the market leader in US attorney placements at the top tier firms in Asia. There is no substitute for having known a hiring partner since he/she was an associate or for having helped a partner grow his or her practice from zip to zooming, and this is happily where we stand today – with years of background information on just about every relevant person in all the markets we serve, and most especially in Hong Kong/China/Greater Asia. So get in touch and get a download from us this week if we can fit it in, or soon in any case!
The 2014-2015 law school year is now in full swing. 1Ls are grappling with the strange new world of the Socratic Method and briefing cases. 2Ls are hoping to score some sort of job out of the fall interviewing season. And 3Ls are wondering just what the heck they’re even doing on campus. If, in fact, they are even on campus at all. ATL’s law school experts have designed this challenge to help determine how much you know about the realities of the 3L experience.