* “It’s a fine line society walks in trying to be fair.” Justice Sonia Sotomayor spoke earlier this week on the perils of racial profiling with respect to the Chechen suspects in the Boston Marathon bombings. Were we fair here? [Associated Press]
* What keeps in-house counsel awake at night — aside from the tremendous piles of money they’re rolling around in? Apparently they’re expecting an “onslaught” of food labeling and data breach class actions. [WSJ Law Blog (sub. req.)]
* Susan Westerberg Prager, known for being the longest-serving dean ever at UCLA School of Law, will take up the deanship at another illustrious institution, Southwestern Law School. [National Law Journal]
* The February results for the New York bar exam are out, and with the highest number of test-takers ever, the pass rate was brutal. We may have more on this later. [Thomson Reuters News & Insight]
* Rhode Island just got a little more fabulous. The Ocean State legalized gay marriage yesterday, making it the tenth state to do so, and uniting New England in marriage equality for all. [Bloomberg]
I had today’s column dealing with confidentiality provisions all set to go. However, given the Baylor Law School fiasco, I changed topics to another very contentious issue in business-to-business terms and conditions negotiations: data security. I will take some liberties with the factual scenario of the Baylor data release in order to make the issue more relevant to those of us in-house.
Let’s assume that instead of an employee of Baylor’s admissions office allegedly being responsible for the data release, it was an outside contractor who had been hired to perform data collection for Baylor. Let’s further assume that the contractor acted negligently in releasing the information. Finally, let’s assume that Baylor’s legal counsel vetted the Agreement and Statement of Work (“SOW”) between Baylor and the contractor, and included a data security provision. What should happen now that prospective students’ personal information, including LSAT scores and GPA, are in the public domain? I would begin by stanching the bleeding and assessing the damage….
Last week’s massive credit card data breach was a frustrating reminder that despite everything, all the fights over privacy rights and legislative shouting, if somebody wants to steal an extraordinarily large number of personal consumer information for nefarious purposes, they can probably do it.
As a refresher, on March 30, Global Payments, a third-party payment processor, reported that it had suffered a data breach. Someone gained unauthorized access to company information, a.k.a. private data of people with accounts with major credit card companies such as MasterCard, Visa, American Express, and Discover Financial Services.
So, exactly how many people’s information might have been compromised? Let’s just say it’s more than six figures…
On Monday, my roommate came home griping that his Zappos.com account, which he had not used in a year, had been hacked. Instead of feeling sympathetic, I started wondering how I might write about it. Data breaches are a dime a dozen these days.
It seems almost every company loses control of their customers’ sensitive data at some point. Someone almost always sues after the news breaks. But the lawsuits are rarely successful, unless customers can show real harm caused by the breach.
Most often, companies do not give up full credit card or Social Security numbers. This week, Zappos said it only suffered unauthorized access to somewhat less sensitive information. It’s a bit unnerving, but not the end of the world.
Did that stop some opportunistic consumer from taking action against the online shoe retailer?
Of course not. And we didn’t have to wait very long. A Texas woman filed a class-action lawsuit against Amazon, which owns Zappos, the same day the breach was announced. Is her lawsuit premature, vague, and a bit silly? Probably. Will it go anywhere? Probably not. But c’mon, you gotta love melodramatic, eager-beaver, consumer litigation.
So what, exactly, did Zappos lose? And how many people’s data was compromised? (Hint: it’s a lot.) Let’s mosey on past the jump and find out….
I write about hacking and data security periodically, even though sometimes I get the feeling legal professionals try hard not to think about the subjects. But the stories in this realm bear repeating. Corporate data security is a real concern for many, many corporate attorneys, and especially in-house counsel.
Data security problems used to stem most frequently from weak firewalls or unencrypted equipment. But more and more, the biggest sources of risk and liability are just dumb or technologically overeager employees.
What kind of computer trouble are you and everyone you know getting your company or firm into? Let’s see….
At this point, the lengths companies go to in order to protect data, keep it secure, and prepare for e-discovery is old news. Data breaches — and the news coverage that usually follows — have frightened many companies into at least attempting to ratchet up data security policies. Likewise with retention practices. There have been enough e-discovery horror stories that most companies, and especially their lawyers, know they need to start prioritizing this stuff.
Strangely though, you don’t often hear much about data security within corporate boards. But it turns out that the boards of many multinational corporations with hundreds of millions of dollars in revenue are way, way behind the curve on data security.
Company boards are doing everything from printing out physical copies of thousands of pages of sensitive material, to sending unencrypted information to personal e-mail accounts, unsecured iPhones, and home computers. The Thomson Reuters report, released Wednesday, gives a harrowing account of disasters waiting to happen….
As everyone knows, IT professionals and lawyers often want to stab each other’s faces with butter knives have a little trouble seeing eye-to-eye. Practitioners of both the law and computer sorcery tend to be headstrong and preternaturally assured that they are correct 100 percent of the time.
It only makes sense then, that several of Wednesday’s panels at the Legal Technology Leadership Summit dealt with the crucial and interdependent relationship between law dogs and mysterious IT folks. Throughout the day, discussion leaders from both sides of the aisle discussed ways to avoid (or at least mitigate) data breaches and to use technological tools to ease billing nightmares. One session was dedicated to lamenting the top ways IT staff and attorneys drive each other nuts.
For reasons why your boss isn’t thrilled about your sweet new 128 gigabyte flash drive and some classic ha-ha-lawyers-don’t-understand-technology anecdotes, keep on reading….
Has everybody in the world raised their hands yet? Congratulations — your email address may have been stolen.
There was a data breach at Epsilon, a Texas-based marketing firm, last weekend, exposing the names and email addresses of potentially millions of their clients’ customers. I first found out about it when Chase emailed me. You might have gotten a similar alert from one of the affected companies.
Read part of the bank’s announcement and more about the breach, after the jump.
Watch to find out what some of our subscribers received in their May box!
The proper hair styling product might just be the only thing standing between you and your dream job. And the best way to find what works for you is to try the best stuff on the market. Join Birchbox Man for $20 a month and you’ll get customized shipments of the best grooming and lifestyle gear on the market every month—everything from haircare and shaving supplies to style accessories and tech gadgets.
As the leading discovery commerce platform, Birchbox is redefining the retail process by offering consumers a unique and personalized way to discover, learn about, and shop the best grooming and lifestyle products out there. It’s a full 360-degree process: try, learn, buy. Once you sign up and fill out your profile, head over to Birchbox Man’s online magazine to find article and video tutorials on how to get the most out your monthly box products. Pick up full-size versions of anything you like in the Birchbox Shop and earn points for every purchase.
We currently have a number of active openings for associate roles at US and UK firms in HK / China, Singapore and two new in-house openings. As always, please feel free to reach out to us at firstname.lastname@example.org in order to get details of current openings in Asia, as well as to discuss the Asia markets in general and what we expect for openings later this year. Our Evan Jowers and Robert Kinney will be in Beijing the week of March 25 and Evan Jowers will be in Hong Kong the week of April 1, if you would like to meet them in person.
The US associate openings we have in law firms are in the usual areas of M&A, cap markets, FCPA / white collar litigation, finance, and project finance. The most urgent of our top tier (top 15 US or magic circle) law firm openings in Asia (among many other firm openings that we have in Asia) are as follows:
• 2nd to 5th year mandarin fluent M&A associates needed in Beijing and Hong Kong at several firms;
• Korean fluent 2nd to 4th year cap markets associate needed in Hong Kong;
• 2nd to 5th year Japanese fluent M&A associates needed in Tokyo;
• 4th to 6th year mandarin fluent cap markets associate needed in Hong Kong;
• 2nd to 4th year M&A / cap markets mix associate needed in Singapore.
The last time I flapped my wings your way, I tried to make at least enough noise about your mobile phone to make you more than a little bit uncomfortable. I hope I did. If enough of us become anxious enough about the known and unknown unknowns and knowns in our mobile phones, then we can start making wise decisions about how to manage that information and its resultant investigations.
Today, I’d like to put a finer point on the last installment’s topic by asking a question that seemed to catch most attendees off-guard at a conference panel that I moderated last week: is there discoverable personal information in a mobile app? Our panelists’ answer was a uniform “yes” with one stating that, if he had to choose only one type of data that he could discover from a mobile phone, he’d choose app data. Why? Because there’s simply so much of it and because almost all of it is objective – not just user-created like an email – but machine-tracked like GPS, usage duration, log in and log out times, browsed web addresses, browsed actual addresses. Also, most of us seem to have the idea that data doesn’t actually “stick” to our mobile devices the way it “sticks” to our hard drives. Maybe there’s a disconnect based on the fact that our phones are mobile so we assume the data is mobile to?
The traditional job application and interview process can be impersonal, and applicants often struggle to present themselves as more than just the sum of their GPAs, alma maters, and previous work history. ATL has partnered with ViewYou to help job seekers overcome this challenge. ViewYou NOW Profiles offer a unique way for job seekers to make a personal, memorable connection with prospective employers: introduction videos. These videos allow job candidates to display their personalities, interpersonal skills, and professional interests, creating an eDossier to brand themselves to potential employers all over the world. Check it out today!