May 19, 2013

You are here: Home / Archives for technology law

Tenth Circuit: FCC Denial of Petition for Regulatory Forbearance Pertaining to Telecommunications Services Was Reasoned and Reasonable

August 7, 2012 by Leave a Comment

The Tenth Circuit Court of Appeals published its opinion in Qwest Corp. v. FCC on Monday, August 6, 2012.

The Tenth Circuit denied the petition for review. Petitioner  sought “review of an order of the Federal Communications Commission (FCC) denying Petitioner’s petition for regulatory forbearance pursuant to 47 U.S.C. § 160(a). Petitioner filed a petition with the FCC in March 2009 seeking relief from certain regulations pertaining to telecommunications services that it provides in the Phoenix, Arizona, metropolitan statistical area (MSA). The FCC denied the petition, citing insufficient evidence of sufficiently robust competition that would preclude Petitioner from raising prices, unreasonably discriminating, and harming consumers. Petitioner challenges the FCC’s decision only as it pertains to Petitioner’s mass-market retail services in the Phoenix MSA. The Court denied the petition, finding that the Phoenix Order was a reasoned and reasonable decision.

Filed Under: Case Law Tagged With: , , ,

Law Firms and Small Businesses: Protecting Security Interests (Part 2)

June 27, 2012 by 1 Comment

Editor’s Note: This is the second in a two-part series of cyber security articles. Part one can be found here.

Reasonable Contractual Expectations

One of my best contractual stories revolves around a conversation with the president of a local web site design firm – a good friend and one who feels comfortable with being candid with me. During one of his development projects, I offered to do a free security evaluation of the soon-to-be-released web application. His rejection of my offer came with the rationale that if the web application was ever compromised, he wanted to be able to honestly tell the client that, to the best of his knowledge, the delivered web site was secure.

I haven’t the faintest idea of the legality of my friend’s hope for plausible deniability, but it should be obvious that two very poor consequences come out of his approach to security. The first is that his client will end up with an unsecure web site, when they could just as easily have had a product that would have withstood all but the most experienced and persistent hackers.

The second eye-opening realization is that the client never asked about security, and the development contract never addressed security. In this case, the client (and potentially the law firm that reviewed the contract) never included security development and testing as one of the primary requirements of the relationship. A single section added to the development contract might have the effect of preventing a devastating security breach.

A favorite statement of mine goes as follows:

Businesses end up with a lack of security because they never, ever ask about it. 

Almost all web site development contracts include obvious legal details like payment schedules, software ownership, and product specifications. These terms protect the interest of the business as well as the development firm – standard boilerplate.

A well-written contract should also include a requirement that the contracted web site be developed under strict security guidelines (consider OWASP as a source of information) and that a comprehensive third-party security penetration test (Acunetix as one such test) be run and presented before product acceptance.

The additional cost for security-oriented development should be minimal, since a knowledgeable development firm should be adhering to these practices regardless of a request. The third-party security penetration test can be contracted for with one of many firms and should cost only a few thousand dollars.

Again, the role of a law firm in this environment should certainly be the crafting and approval of the basic development contract, but also making sure security validation is a well-defined requirement of the overall agreement.

How to Respond After a Breach

When a security breach does occur, businesses (and their counsel) need to be ready to react thoroughly and decisively. A few of my suggestions for the days, weeks, and months following a breach are:

  • Don’t panic. Carefully consider the nature of the breach, what data (if any) has been compromised and what the business’ next steps should be. A premature release of breach information may cause unnecessary customer panic or, even worse, make management look even more inept when they revise information sent out too hastily. Advise them to take the time to respond with dignity and thoughtfulness.
  • If required, inform the appropriate financial and legal entities as soon as possible. Depending on the industry, there may be strict requirements for reporting security breaches. Your client’s problem will only get worse if they are caught hiding information. Keep in mind that many security breaches become public knowledge as the compromised data is used or sold within the cyber underground, not as a result of company disclosure. As a side note, an embarrassingly large number of security breaches are never discovered by the company that was breached.
  • Inform users or clients and customers as soon as appropriate. There is a line between keeping a company viable and an ethical responsibility to customers. My thoughts on this line are to consider the damage that might be done to customers and think about how you would expect to be treated.
  • Call the insurance company. Depending of the nature of the breach, the business may be covered for some, if not all, of the expenses associated with recovery. Suggest that the business give their insurance company a call. They might also take the time to talk about cyber insurance with their agent – for the next time.

As a legal professional, you should easily be able to see the pitfalls inherent in panic-stricken businesses reacting to security breaches. Legal, financial, and professional stakes surrounding a security breach may be high enough to shut down the business. The correct reaction may be well outside of the expertise of the business, or, even worse, the business may naively attempt to react on their own.

Conclusion

Hopefully, I have provided food for thought on the security opportunities and responsibilities of law firms supporting small businesses and their own technological infrastructure. Obviously, I’ve brought up far more issues and concerns than solutions. My hope is that even a casual discussion of security problems will prepare you with far more knowledge than the majority of your clients.

It’s a mean world out there; cyber crime is an industry run by foreign nationals from countries where cyber criminals are not prosecuted. An industry-accepted statistic is that more than 70% of all Internet web sites contain critical security vulnerabilities. Many of your clients, and your own web sites, undoubtedly are on the wrong side of this depressing number.

One final note to add one more level of additional worry: Web application security awareness has only recently entered mainstream web site development. If your web site or your client’s is more than four years old, not only is it certainly open to a critical security attack, but it is probably a target for even the most amateurish hackers: script kiddies, young kids who hack web sites because doing so is more fun than playing a predictable Xbox game.

Alan Wlasuk is a managing partner of 403 Web Security, a full service, secure web application development company. A Bell Labs Fellow award-winner with 18+ years of experience building secure web applications, Wlasuk is an expert in web security – from evaluation to web development and remediation.

Learn More: Cyber Security/Privacy CLE Homestudy Programs

Is Your Sensitive Data Secure: Cyber Insurance for Your Firm and Your Clients (video on-demand and mp3 download)

Avoiding The Lawyer’s Digital Nightmare: How To Safeguard Your and Your Clients’ Sensitive Information And Survive The Inevitable (?) Security Breach (video on-demand, mp3 download, and audio CD)

Ethics in a Wild Wired World (video on-demand, mp3 download, and audio CD)

To Use and Protect: Privacy Basics for Business (video on-demand and mp3 download)
Filed Under: Practice Management Tagged With: , , , , , , , ,

Law Firms and Small Businesses: Protecting Security Interests (Part 1)

June 14, 2012 by 1 Comment

Editor’s Note: This is the first in a two-part series of cyber security articles. Part two can be found here.

Is there anything more financially fragile than a small business in the U.S. today? As we climb out of the Great Recession, many of the surviving small businesses were forced to cut corners, often making compromises on the IT side. Combine this with an unprecedented rise in cyber crime that took the 2011 U.S. cost of security breaches to $32 billion, and one can easily predict the future security troubles of many small businesses.

As legal, and sometimes operational and financial, advisers to small businesses, law offices should be more aware than ever of the security risks to small business clients, understand how to mitigate these risks, and lend support when a security breach occurs.

These considerations are also important for attorneys to make regarding their own online presence and security risks, especially solo/small firm practitioners.

While I can’t cover IT security in its entirety here, I’ll touch on three areas, each of which should give you an idea of security troubles ahead and what you might be doing to anticipate these troubles:

  1. Professional and financial liabilities
  2. Reasonable contractual expectations
  3. Responses after a breach

To set the stage for my thoughts on the advice and support a law office might provide to small businesses, consider for themselves, or at least be aware of, let me start by sharing a few details of my background. I am the managing partner of 403 Web Security, a web application security company, and WDDinc, a software development firm with close to 20 years of developing software, much of it for small businesses. While I am not a legal expert, I have seen more than my share of software related contracts and have a firsthand view of the risks these organizations place themselves under.

For the sake of simplicity and to take full advantage of my experience, I’ll limit my notes to web application security – more commonly known as security within small business web sites.

Professional and Financial Liabilities

Without hesitation, I can say that the vast majority of small businesses not only have inadequate security protections in place, but also are oblivious to the fact they are security risks. Even worse, recent headlined security breaches of high-profile companies seem to engender only a misguided belief that they are immune from security attacks because they are small fish in a huge ocean.

The truth is, not only are small businesses not immune from attack, they are prime targets because of their lack of security. Consider the monetary value of even small, undetected breaches – unlimited time to exploit compromised data and the opportunity to revisit the sources months and years into the future.

When considering security liabilities, I like to separate small businesses into two categories. The first would be those businesses that collect and save protected data (i.e., medical, identity) within their own environments. The web sites that support these businesses tend to be custom built by design or development companies that have little or no experience in creating secure web sites, and almost never have the capabilities of testing new sites for security vulnerabilities. These companies potentially are open to huge fines when their data is compromised.

The second, and larger, category is small businesses with e-commerce components. These businesses usually, and wisely, use well-established (and secure) external web services to handle credit card and other payment transactions. Unfortunately, this approach is successful only when the business’ basic web site is secure. The point almost always missed is that a hacker does not always breach a web site for its underlying data. For example, a hacked site may be modified in subtle ways to take an unsuspecting consumer to a fraudulent e-commerce service that will happily collect and exploit the consumer’s credit card as soon as it is entered. Or, one of my favorite security flaws, Cross Site Scripting (XSS), might allow a hacker to take over a legitimate user’s browser – effectively compromising that user’s e-commerce transactions or invading the user’s entire computer.

In either case, a small business may be financially and legally liable for the fraud and illegitimate use of information from its security breaches. Perhaps just as importantly, the loss of reputation and consumer confidence alone might be enough to ruin any small business.

A proactive law firm might be in a unique position to address potential security issues and breach consequences with their clients. This should be part of the support of any client and attorneys should heed the same advice themselves.

Alan Wlasuk is a managing partner of 403 Web Security, a full service, secure web application development company. A Bell Labs Fellow award-winner with 18+ years of experience building secure web applications, Wlasuk is an expert in web security – from evaluation to web development and remediation.

Learn More: Cyber Security/Privacy CLE Homestudy Programs

Is Your Sensitive Data Secure: Cyber Insurance for Your Firm and Your Clients (video on-demand and mp3 download)

Avoiding The Lawyer’s Digital Nightmare: How To Safeguard Your and Your Clients’ Sensitive Information And Survive The Inevitable (?) Security Breach (video on-demand, mp3 download, and audio CD)

Ethics in a Wild Wired World (video on-demand, mp3 download, and audio CD)

To Use and Protect: Privacy Basics for Business (video on-demand and mp3 download)
Filed Under: Practice Management Tagged With: , , , , , , , ,

Colorado Supreme Court: PUC Considered All Mandated Factors in Setting Rates for Basic Residential Phone Service with Evidence to Support Decision

April 30, 2012 by Leave a Comment

The Colorado Supreme Court issued its opinion in Colorado Office of Consumer Counsel v. Colorado Public Utilities Commission on April 30, 2012.

Basic Residential Telephone Service Regulation—Maximum Rate Setting.

The Supreme Court reversed the district court’s judgment, holding that the Colorado Public Utilities Commission (PUC) regularly pursued its authority in setting maximum rates for basic residential telephone service pursuant to CRS § 40-15-502(3)(b). The PUC considered all of the statutorily mandated factors in setting the rates and there was substantial evidence supporting its decision.

Summary and full case available here.

Filed Under: Case Law Tagged With: , , ,

Cyber Insurance: An Efficient Way to Manage Security and Privacy Risk

March 21, 2012 by Leave a Comment

Practically every company in our modern economy has information security and privacy risk. There is no way to completely eliminate it. Whether it is your firm or your client, most companies of all shapes, sizes, and wealth profiles use information technology and handle sensitive information including personal information and credit card numbers. That means organizations face potential direct losses, lawsuits, and liability due to data, security, and privacy breaches.

The frequency and magnitude of data breaches by hackers has only been increasing. We read about security and privacy breaches practically every day in the newspaper. As the world continues to change at seemingly light-speed and cyber risks increase, the need for risk transfer with cyber insurance is also growing. Relying on a general liability or property policy to provide the coverage is no longer a wise choice (if it ever was), and companies could be well-served to get peace of mind and relative predictability by learning more about cyber policies that are actually designed to address the risk.

CBA-CLE will be hold a program on Thursday, March 29 to address the impact of data breaches and the trend toward cyber insurance. The program presenter, David Navetta, Esq., has written several articles about data security and cyber insurance. Read some of his insights below, and then join us to learn more about protecting sensitive information with cyber insurance, an option that may be of great importance to your clients or law firm.

In the early 2000s, just around the “DotCom Bust,” some insurers began developing a product designed to address the financial loss that might arise out of a data breach. This was a time where most “brick and mortar” companies were just beginning to leverage the economic potential of the Internet. At that time, insurers wanted to target the big “dotcom” companies like Amazon, Yahoo, eBay, Google, etc., and other companies pioneering e-commerce and online retailing. At some point, somebody dubbed this type of insurance “cyber insurance.”

The early cyber policies included liability and property components. The liability coverages addressed claim expenses and liability arising out of a security breach of the insured’s computer systems (some early policies only covered “technical” security breaches, as opposed to policy violation-based security breaches). The property-related components covered business interruption and data asset loss/damage arising out of a data breach (during the holiday season many online retailers suddenly developed a tasted for business interruption coverage after realizing just how negatively their business would be impacted by a denial of service attack).  Additional first party coverages included cyber-extortion coverage and crisis management/PR coverage.

Unfortunately for the carriers, it was not easy to get people to understand the need for this coverage (and that is still a challenge today, but certainly a lesser challenge with all of the security and privacy news constantly streaming). Early on there were very few lawsuits and regulators were just beginning to consider enforcement of relatively new statutes like GLB and HIPAA.

Two things changed that made cyber insurance much more relevant. One was a rather sudden event, and the other more gradual.

First, in 2003, California passed SB1386, the world’s first breach notification law. The reality then (as now) is that companies suffer security breaches each and every day. Prior to SB1386, however, breaches of personal information simply went unreported. With SB1386 and the subsequent passage of breach notice laws in 45 other states (and now coming internationally), the risk profile changed for data breaches. Instead of burying the breaches, companies were required to incur significant direct expenses to investigate security breaches and comply with applicable breach notice laws, including the offering of credit monitoring to affected individuals (which is not legally required by existing breach notice laws, but is optionally provided by many companies or “suggested” by state regulators). As a result, the plaintiffs’ bar now had notice of security breaches and began filing class action lawsuits after big breaches (usually involving high-profile brand name organizations). As such, cyber insurance coverage went from coverage addressing a hypothetical risk of future lawsuits, to a coverage addressing real-life risk (and now we have lawsuits getting deeper into litigation and public settlements of these types of cases). Moreover, shortly after the passage of SB 1386 many cyber insurance policies began covering the direct costs associated with complying with breach notification laws, including attorney fees, forensic investigation expenses, printing and mailing costs, credit monitoring expenses and call center expenses.  Breach notification costs are direct and almost unavoidable after a personal information breach.  Regardless of lawsuit activity, a direct financial rationale for cyber insurance coverage now existed.

The other change that occurred more gradually over time, but which has had a significant impact concerning the frequency and magnitude of data breaches, was organized crime. In the early 2000s, hacking was more of an exercise in annoyance or a used for bragging purposes. Hackers at that time wanted their exploits talked about and know. They wanted credit for hacking into or bringing down a sophisticated company (or better yet a division of the Federal Government or military). As such, when an attack happened it was discovered and remediated, and that would be the end of it.

True criminals, of course, are less interested in such notoriety. In fact, when trying to steal thousands/millions of records to commit identity theft or credit card fraud it is much better to NOT be detected. Lingering on a company’s network taking information for months or years is a much more profitable endeavor. Recognizing that this type of crime is low risk (it can be performed from thousands of miles away in Eastern Europe with almost no chance of getting caught) and high reward, organized crime flooded into the space. And in this context the word “organized” is truly appropriate – these enterprises retain very smart IT-oriented people that use every tool possible to scale and automate their crimes. They leverage the communication tools on the Internet to fence their “goods” creating, for example, wholesale and retail markets for credit cards, or “eBay”-like auction sites to hawk their illicit wares (e.g. valuable information). The change in orientation described above has essentially resulted in a 24/7/365 relentless crime machine constantly attacking and looking for new ways to attack, and always seeming to be one step ahead of those seeking to stop them. That is why we read about security and privacy breaches practically every day in the newspaper.

Fast-forward to present time. Cyber insurance is a much more established market with more carriers entering on a regular basis. There are primary and excess markets available for big risks, and companies of all sizes are looking at cyber more as a mandatory purchase rather than discretionary. As the world continues to change at seemingly light-speed and cyber risks increase (with the advent of hacktivism, social media and the consumerization of IT/BYOD ) the need for cyber is also growing. With competition pushing cyber insurance prices down, and significant security and privacy risk being retained by organizations, risk transfer is becoming very attractive (and from an overall big picture systemic point of view, spreading risk is also attractive). The price may be right, and the peace of mind priceless.

Click here to read the full article. Program registration information below.

CLE Program: Is Your Sensitive Data Secure? Cyber Insurance for Your Firm and Your Clients

This CLE presentation will take place on Thursday, March 29. Participants may attend live in our classroom or watch the live webcast.

If you can’t make the live program or webcast, the program will also be available as a homestudy in two formats: video on-demand and mp3 download.
Filed Under: CLE Tagged With: , , , , ,

Report from the ABA House of Delegates Meetings at the 2012 Midyear Meeting in New Orleans

March 15, 2012 by Leave a Comment

I have the privilege of serving the Denver Bar Association as a delegate to the American Bar Association (“ABA”) House of Delegates.  The ABA House of Delegates met at the ABA’s midyear meeting held in New Orleans, Louisiana, on February 6, 2012.  This Article summarizes the House of Delegates events at the midyear meeting and the action taken by the House.

The Midyear Meeting was very well-attended.  It had the best reported attendance on record.  The ABA sponsored numerous programs on issues such as the Ethics 20/20 commission, the state court funding crisis, and efforts to improve access to justice.  There were many important issues addressed by the House of Delegates at the midyear meeting.  This Article summarizes a few of them.

Ethics 20/20 Commission’s White Papers and Proposals Relating to the Ethics of Litigation Financing, Non-Lawyer Ownership of Law Firms, Outsourcing, and the Use of Technology of Mobile Devices

Before the House of Delegates convened, the Ethics 20/20 Commission sent information around to the delegates regarding the work of the Commission and its proposals.  Specifically, the Commission informed the delegates of its plan to bifurcate its presentation of proposals to help facilitate the House of Delegates’ consideration of the Commission’s recommendations.  The decision to bifurcate the presentation of proposals foretells a concern that some of the Commission’s proposals will be controversial and will generate much discussion and debate.

Indeed, from the preview that the Commission has provided, some of the issues that the Commission will put before the House will generate much discussion.  The Commission has produced white papers that discuss many of the complex ethical issues that cannot effectively be addressed through changes to Model Rules.  Specifically, one of the Commission’s white papers discusses ethical issues involved with litigation financing, including issues regarding conflicts of interest, a lawyer’s duty of confidentiality, the attorney-client privilege, and rules regulating the exercise of the lawyer’s independent judgment.  The Commission’ white paper can be found by clicking here.

The Commission also is working on proposals relating to alternative business structures for law firms, outsourcing of legal services and confidentiality-related ethics issues arising from lawyers’ use of technology. Additionally, the Commission also is working on a model rule relating to lawyers’ obligations to retain client files.  An issues paper regarding alternative business structures for law firms – including non-lawyer ownership of law firms – has been distributed by the Commission.  It can be found by clicking here.

During the House of Delegates meeting, Former ABA President Carolyn B. Lamm addressed the House about the Commission’s progress.  President Lamm explained that numerous various roundtable sessions and meetings have been held around the country.  She explained that formal recommendations will be presented at the annual meeting in 2012 and at the midyear meeting in 2013.  President Lamm explained that one of the Commission’s more controversial issues is whether non-lawyers should be allowed under legal ethics rules to have a limited ownership interest in law firms in the United States.  This issue has been discussed extensively in Colorado previously.

President Lamm explained that the Commission is considering other issues relating to the need to balance the convenience and efficiencies inherent in a lawyer’s use of new technologies, while also preserving the lawyer-client relationship, confidentiality, competence and the values of the profession.  President Lamm explained that the Commission plans in presenting proposals on each of these issues for consideration by the House of Delegates.  All interested members of the Bar should get in touch with me or other Colorado delegates to discuss any concerns about any of the issues that are being considered by the Ethics 20/20 Commission, or the proposals that are likely coming from the Commission.

Summary of the House of Delegates

After the House of Delegates convened on February 6, 2012, the Delegates were greeted by Mitchell Landrieu, the Mayor of New Orleans, who also is a lawyer.  Mayor Landrieu talked about the challenges that the city has been through in recent years, with Hurricanes Katrina and Rita, and the BP oil spill.  Mayor Landrieu quipped that the city is “waiting for locusts now.”  Mayor Landrieu’s speech was interesting and insightful, explaining that New Orleans is truly resilient and has become the “a laboratory for innovation and change,” because of the disasters it has suffered.  Mayor Landrieu’s speech was an excellent way to kick-off the work of the House.

After the Mayor’s speech and some other introductory actions, the House got to work debating and voting on resolutions before the House.  The House adopted a number of important resolutions, including:

  • Resolution 101A, which adopted the black letter ABA Criminal Justice Standards on Law Enforcement Access to Third Party which provide a framework through which legislatures, courts acting in their supervisory capacity and administrative agencies can balance the needs of law enforcement and the interests of privacy, freedom of expression and social participation.
  • Resolution 101B, which urged governments at various levels to require laboratories producing reports for use in criminal trials to adopt pretrial discovery procedures requiring comprehensive and comprehensible laboratory and forensic science reports, and listed relevant factors to be included in such reports.
  • Resolution 101C, which urged trial judges who have decided to admit expert testimony to consider a number of factors in determining the manner in which that evidence should be presented to the jury, and also provided guidance about how to instruct the jury in its evaluation of expert scientific testimony in criminal and delinquency proceedings.
  • Resolution 101F, which supported legislation, policies and practices that allow equal and uniform access to therapeutic courts and problem-solving sentencing alternatives, such as drug treatment and anger management counseling, regardless of the custody or detention status of the individual.
  • Resolution 113, which called for adoption as ABA policy uniform standards for language access in courts.  The policy provides clear guidance to courts in designing, implementing, and enforcing a comprehensive system of language access services that is suited to the need in the communities they serve.
  • Resolution 102B, which approved the Uniform Electronic Legal Material Act promulgated by the National Conference of Commissioners on Uniform State Laws in 2011, as an appropriate Act for those states desiring to adopt the specific substantive law suggested therein.  The Uniform Act provides rules for the authentication and preservation of electronic legal material.
  • Resolution 108, which urged state and territorial bar admission authorities to adopt rules and procedures to accommodate the unique needs of military spouse attorneys who move frequently in support of the nation’s defenses.
  • Resolution 111, which urged entities that administer a law school admission test to provide appropriate accommodations for a test taker with a disability to best ensure the exam reflects what the test is designed to measure and not the test taker’s disability.
  • Resolution 302, which supported the principle that “private” lawyers representing governmental entities are entitled to claim the same qualified immunity provided “government” lawyers when they are acting “under color of state law.”  This issue is particularly important given that there is a pending case before the United States Supreme Court considering this question.  See Filarsky v. Delia, U.S. No. 10-1018, argued 1/17/2012.

A summary of the resolutions adopted by the House can be found by clicking here.  Additionally, I can provide a copy of the resolutions to any interested reader. Contact me if interested.

Statement from President Robinson

In addition to this important work, the House of Delegates heard from Bill Robinson, President of the ABA.  President Robinson explained that the most pressing issue facing the legal system today is under-funding of the courts, which is at a crisis level.  President Robinson urged all ABA members to consider the under-funding crisis to be a threat to our liberty and rule of law.  President Robinson explained the ABA’s efforts to combat this crisis, including its extensive education efforts and its efforts to increase public awareness about the crisis.  Additionally, the ABA has made the crisis the core of the law day events, which will focus on the theme: “No Courts, No Justice, No Freedom.”

Nomination of James Silkenat as President-Elect

Additionally, the nominating committee announced that James Silkenat of New York was nominated to be President-Elect Designee of the ABA.  The House of Delegates will vote on his nomination at the Annual Meeting in Chicago this August.  If elected, Mr. Silkenat will serve a one-year term as President beginning in August, 2013.  All members of the Bar are urged to give any input on Mr. Silkenat to me or any of the other Colorado delegates.

Other Matters

Finally, the House of Delegates also considered other matters.  Those other matters included a report from the ABA’s Executive Director, Jack Rives, and a report from the ABA’s treasurer.  The House also heard from Chief Judge Washington, who is the President of the Conference of Chief Justices.  Chief Judge Washington spoke about language access to the courts.  He also discussed the core focuses of the Conference, which are judicial independence and civics education.

Conclusion

I hope this Article sufficiently highlighted many of the more interesting or important the agenda items considered by the House of Delegates at the midyear meeting in New Orleans.  I appreciate all input that any members of the Denver Bar Association have regarding any of the issues that have been considered, or will be considered, by the ABA House of Delegates.

The American Bar Association is offering a free trial membership in the ABA and in a section of the ABA. Sign up here.

The Docket eFile brings features from your favorite Denver Bar Association publication to you digitally. When you see the logo, you’re reading an article from The Docket. You’ll also still be able to read the full issue online at denbar.org/docket.

Filed Under: Updates Tagged With: , , , , , , , , , , , , , , , ,

HB 12-1151: Changes to Laws Regarding Human Trafficking

March 2, 2012 by Leave a Comment

On January 20, 2012, Rep. Beth McCann and Sen. Steve King introduced HB 12-1151 – Concerning the Trafficking of Human Beings. This summary is published here courtesy of the Colorado Bar Association’s e-Legislative Report.

The bill repeals the interagency task force on trafficking in persons. A person is entitled to recover damages and to obtain injunctive relief from any person who commits trafficking in adults, trafficking in children, or coercion of involuntary servitude (a human trafficking crime). A conviction for a human trafficking crime is not a condition precedent to maintaining a civil action.

A building or part of a building, including the ground upon which it is situated and all fixtures and contents thereof, every vehicle, and any real property that is used for a human trafficking crime shall be deemed a class 1 public nuisance and thereby subject to seizure, confiscation, and forfeiture.

Each escort bureau shall provide to each employee of the escort bureau a written notice that includes a statement that human trafficking and coercion of involuntary servitude are prohibited and the name, telephone number, and internet web site address of a local, statewide, or national organization that provides assistance to victims of human trafficking and slavery.

Current law requires each massage parlor to display at all times in a prominent place on the licensed premises a printed card stating that it is illegal for any person under 18 years of age to be on the premises, or for any person to allow any person under 18 years of age to be on the premises, unless he or she is accompanied by his or her parent or has a physician’s prescription for massage services. The bill requires the card to also state that human trafficking crimes are prohibited and that courts may impose fines or imprisonment for violations of human trafficking crimes. The bill also requires each massage parlor to display a card that provides the name and contact information of a state or local organization that provides services or other assistance to victims of human trafficking.

A court shall order expunged all juvenile delinquency records in the custody of the court and any records in the custody of any other agency or official that pertain to a petitioner’s conviction for prostitution, soliciting for prostitution, keeping a place of prostitution, public indecency, soliciting for child prostitution, or any corresponding municipal code or ordinance if, at the hearing, the court finds that the petitioner has established by a preponderance of the evidence that, at the time he or she committed the offense, he or she had been sold, exchanged, bartered, or leased by another person for the purpose of performing the offense; or that he or she was coerced by another person to perform the offense. A person is eligible to petition for such an expungement order at any time.

A defendant may petition the district court of the district in which any conviction records pertaining to the defendant’s conviction for prostitution, soliciting for prostitution, keeping a place of prostitution, public indecency, or any corresponding municipal code or ordinance are located for the sealing of the conviction records, except for basic identifying information. If such a petition is filed, the court shall order the record sealed after the petition is filed, the filing fee is paid, and the defendant establishes by a preponderance of the evidence that, at the time he or she committed the offense, he or she had been sold, exchanged, bartered, or leased by another person for the purpose of performing the offense; or that he or she was coerced by another person to perform the offense.

An order entered to seal such conviction records shall be directed to each custodian who may have custody of any part of the conviction records that are the subject of the order. Whenever a court enters an order sealing such conviction records, the defendant shall provide the Colorado bureau of investigation (bureau) and each custodian of the conviction records with a copy of the order and shall pay to the bureau any costs related to the sealing of his or her criminal conviction records that are in the custody of the bureau. Thereafter, the defendant may request and the court may grant an order sealing the civil case in which the conviction records were sealed. An order sealing such conviction records shall not deny access to the criminal records of a defendant by any court, law enforcement agency, criminal justice agency, prosecuting attorney, or party or agency required by law to conduct a criminal history record check on an individual. An order sealing such conviction records does not vacate a conviction. A conviction sealed may be used by a criminal justice agency, law enforcement agency, court, or prosecuting attorney for any lawful purpose relating to the investigation or prosecution of any case, including but not limited to any subsequent case that is filed against the defendant, or for any other lawful purpose within the scope of his, her, or its duties. If a defendant is convicted of a new criminal offense after an order sealing such conviction records is entered, the court shall order the conviction records to be unsealed. A party or agency required by law to conduct a criminal history record check is authorized to use any sealed conviction for the lawful purpose for which the criminal history record check is required by law.

A petition to seal such conviction records shall include a listing of each custodian of the records to whom the sealing order is directed and any information that accurately and completely identifies the records to be sealed. Upon the entry of an order to seal the conviction records, the defendant and all criminal justice agencies may properly reply, upon an inquiry in the matter, that public conviction records do not exist with respect to the defendant. Inspection of the records included in an order sealing conviction records may thereafter be permitted by the court only upon petition by the defendant. Employers, state and local government agencies, officials, landlords, and employees shall not, in any application or interview or in any other way, require an applicant to disclose any information contained in sealed conviction records. An applicant need not, in answer to any question concerning conviction records that have been sealed, include a reference to or information concerning the sealed conviction records and may state that the applicant has not been criminally convicted.

The bar committee of the Colorado state board of law examiners (bar committee) is not precluded from making further inquiries into the fact of a sealed conviction that comes to the attention of the bar committee through other means. The bar committee has a right to inquire into the moral and ethical qualifications of an applicant, and the applicant does not have a right to privacy or privilege that justifies his or her refusal to answer a question concerning sealed conviction records that have come to the attention of the bar committee through other means.

The Department of Education may require a licensed educator or an applicant for an educator’s license who files a petition to seal a criminal record to notify the department of the pending petition to seal. The department has the right to inquire into the facts of the criminal offense for which the petition to seal is pending. The educator or applicant has no right to privacy or privilege that justifies his or her refusal to answer any questions concerning the arrest and criminal records information contained in the pending petition to seal.

Any member of the public may petition the court to unseal any file that has been previously sealed upon a showing that circumstances have come into existence since the original sealing, and, as a result, the public interest in disclosure now outweighs the defendant’s interest in privacy. The office of the state court administrator shall post on its web site a list of all petitions to seal conviction records that are filed with a district court. A district court may not grant a petition to seal conviction records until at least 30 days after the posting. After the expiration of 30 days following the posting, the petition to seal conviction records and information pertinent thereto shall be removed from the web site of the office of the state court administrator.

In regard to any conviction of a defendant resulting from a single case in which the defendant is convicted of more than one offense, records of the conviction for prostitution, soliciting for prostitution, keeping a place of prostitution, public indecency, or any corresponding municipal code or ordinance may be sealed only if the records of every conviction of the defendant resulting from that case may also be sealed.

Court orders sealing records do not limit the operations of the Colorado rules of civil procedure related to discovery, the Colorado rules of evidence, certain statutory provisions concerning witness testimony, or any state or federal court.

A person less than eighteen years of age who has been trafficked or coerced into involuntary servitude by an offender is eligible to receive restitution from the offender as part of the offender’s sentence for such an offense.

The amended bill has passed the House and is assigned to the Judiciary Committee in the Senate.

Summaries of other featured bills can be found here.

Filed Under: Legislation Tagged With: , , , , , ,

Employment Law and Social Media: Rights, Obligations, and Disputes in the Workplace

February 15, 2012 by Leave a Comment

The intersection of social media and the workplace has become a given. Use of social media is rapidly expanding while societal norms regarding exposure of employment-related information continue to erode. The result is an increasingly complex social media environment for employees, employers, and attorneys.

Added to the complicated mix are various cases and National Labor Review Board opinions that attempt to define what recourse an employer has against an employee over social media content. When can an employer fire an employee over what the employee said on their personal social media accounts? When is the employee’s speech protected? The questions can sometimes be hard to answer, especially if the company has an underdeveloped, or no, social media policy.

Once an employment decision is made, a host of new issues arise regarding the discovery of social media. Different rules apply to the discovery process in the context of litigation and mediation, and the distinction of what may or may not be discovered in either situation could make all the difference in a case.

On February 22, 2012, join us at CBA-CLE to learn about employment law and social media trends and how they affect you, your clients, and your practice.

This interactive program, Employment Law and Social Media: Rights, Obligations, and Disputes in the Workplace, will use hypotheticals and audience inquiries to approach numerous issues important for practitioners, including:

  • Recent Court decisions and NLRB opinions and their impact on workplace social media policies;
  • Discovery and use of social media in litigation; and
  • Discovery and use of social media in mediation.

As a primer for the discussion, Magistrate Judge Kristen L. Mix, a faculty member for the program, has provided us with a number of Practice Tips that attorneys should be mindful of when engaging in discovery of social media in litigation:

  1. Seek discovery of social networking information from the opposing party before subpoenaing Facebook or other social networking websites.
  2. Perform a public search for information usually available on a social networking website.
  3. Be mindful of your ethical responsibilities. Hiring a private investigator to “friend” the opposing party may be “inherently deceitful and unethical, even if the investigator uses his own name.”(1) Contacting the opponent yourself would likely be impermissible direct contact, and may also violate the rule providing that a lawyer may not engage in conduct involving dishonesty, fraud, deceit, or misrepresentation.(2)
  4. In complex cases, explore the possibility of “unbundling,” or development of a litigation management team to handle electronic data.(3)
  5. This is not your father’s discovery. Successful discovery of social networking information may require significant efforts to educate the judiciary about the fallacy underlying electronic discovery (just because something is electronic, it can be searched and produced instantly) and the actual cost and burden of production.
  6. Advise your clients to be prudent and avoid spoliation sanctions. “The courts have a right to expect that litigants and counsel will take the necessary steps to ensure that relevant records are preserved when litigation is reasonably anticipated, and that such records are collected, reviewed and produced to the opposing party.”(4)
  • (1) Phil. Bar Ass’n Prof’l Guidance Comm. Op. 2009-02 (Mar. 2009), available at http://www.philadelphiabar.org/WebObjects/PBAReadOnly.woa/Contents/WebServerResources/CMSResources/Opinion_2009-2.pdf.
  • (2) See, e.g., Robert S. Kelner & Gail S. Kelner, Social Networks and Personal Injury Suits, N.Y.L.J., Sept. 24, 2009, available at www.law.com/jsp/nylj/PubArticleFriendlyNY.jsp?hubtype=&id=1202434026615.
  • (3) Howard B. Iwrey et al., A Multidimensional Solution to the Problems of Runaway Discovery, 29 No. 6 OF COUNSEL 12 (June 2010) pp. 2-3.
  • (4) Pension Comm. of the Univ. of Montreal Pension Plan v. Bank of Am. Sec. LLC, 685 F. Supp. 2d 456, 472 (S.D.N.Y. 2010).

CLE Program: Employment Law and Social Media – Rights, Obligations, and Disputes in the Workplace [RESCHEDULED]

This CLE presentation has been rescheduled. Check back soon for program information or call (303) 860-0608.
Filed Under: CLE Tagged With: , , , , , , , ,

HB 12-1044: Creating a Technology Transfer Grant Program in the Office of Economic Development and International Trade

February 2, 2012 by 2 Comments

On January 11, 2012, Rep. Mark Ferrandino introduced HB 12-1044 – Concerning the Creation of the Start-Up Colorado Technology Transfer Grant Program. This summary is published here courtesy of the Colorado Bar Association’s e-Legislative Report.

The establishes the start-up Colorado technology transfer grant program. The purpose of the program is provide grants of up to $750,000 to offices of technology transfer to help further the commercialization of technology projects and discoveries in Colorado, which will, in turn, lead to the creation of Colorado jobs. The start-up Colorado technology transfer cash fund, not to exceed $5 million, is also created. The program is repealed, effective July 1, 2015.

Since this summary, the House Committee on Economic and Business Development amended the bill and referred it to Appropriations.

Summaries of other featured bills can be found here.

Filed Under: Legislation Tagged With: , , ,

[UPDATED] Corporate Practice Update: Patent Reform, Social Media Policy, and Tax Topics for Privately-Held Businesses

November 29, 2011 by Leave a Comment

The America Invents Act, which was signed into law this fall, is the first major overhaul of our nation’s patent law in almost 50 years. Among its many significant provisions, the Act will change the United States patent system from “first-to-invent” to “first-to-file,” aligning the United States with the international standard. New procedures will be also established for third-party challenges to patent and applications, and changes will be made regarding who can file, when they can file, and what prior art can be used against them.

The Corporate Practice Update Series has been postponed.

The effects of the changes will be of particular importance for corporate counsel and privately held businesses, and will be discussed at a CLE program on December 7, 2011 as part of the Corporate Practice Update Series. Along with these developments, the Privately Held Businesses program will cover other issues, including legal issues in social media, social media policy for a privately-held company, and tax topics for small businesses.

The program is being presented by some of Colorado’s leading business entity experts:

  • Fern O’Brien, Esq.
  • Henry Smith, Jr., Esq.
  • Liane Heggy, Esq.

And, don’t miss the other great sections of the Corporate Practice Update Series, covering the Civil Access Pilot Project, Business Entity Update, Securities, Franchises, M&A, and Ethics.

Filed Under: CLE Tagged With: , , , , , ,

Tenth Circuit: Relay Service Rates Set by FCC Not in Violation of Statute and Not Arbitrary and Capricious

October 19, 2011 by Leave a Comment

The Tenth Circuit Court of Appeals issued its opinion in Sorenson Commc’ns, Inc. v. FCC on Tuesday, October 18, 2011.

The Tenth Circuit denied the petition for review. Petitioner challenges the 2010-2011 rates set by the Federal Communication Commission (FCC) to compensate Video Relay Service providers, including Petitioner. Petitioner claims that the rates are in violation of 47 U.S.C. § 225 and are also  arbitrary and capricious in violation of the Administrative Procedure Act (APA).

Section 225 directs the FCC to ensure the availability of nationwide access to “functionally equivalent” relay service, “to the extent possible and in the most efficient manner, to hearing-impaired and speech-impaired individuals in the United States.” Petitioner alleges that the reimbursement rates set by the FCC’s rates are so low that the result violates these statutory requirements. However, Petitioner has failed to show the FCC’s interpretation of “functionally equivalent” is impermissible under the statute. “Consequently, it has not established that the interim rates violate the functional equivalence requirement of § 225.” In terms of the APA argument, the Court acknowledged its deference when reviewing ratemaking orders because “agency ratemaking is far from an exact science and involves policy determinations in which the agency is acknowledged to have expertise.” As such, the FCC is entitled to substantial deference when adopting interim rates. The Commission provided a sufficient explanation for the action it chose to establish the rates and, under the Court’s deferential review, that is all that is required. The rates were therefore not arbitrary and capricious.

Filed Under: Case Law Tagged With: , , , ,

CU Law Dean Phil Weiser to Speak on Reflections as White House Technology Advisor

September 6, 2011 by Leave a Comment

On Wednesday, September 7, 2011, the new Dean of the University of Colorado Law School, Phil Weiser, will give a talk on his “Reflections on Technology Policy While Serving as the Senior Advisor for Technology and Innovation at the White House” for the past two years. Following the presentation, Brad Feld will moderate a question and answer session and welcome questions from the audience.

The event will be held at the CU Law School Wolf Law Building’s Wittemyer Courtroom, from 6:30-7:30 pm. A networking reception will follow.

Click here for more information about the presentation, and click here to register.

Phil Weiser is the Dean and Thompson Professor at the University of Colorado Law School. Prior to re-joining Colorado Law, he served as the Senior Advisor for Technology and Innovation to the National Economic Council Director at the White House. Previously, he served as the Deputy Assistant Attorney General for International, Policy, and Appellate Matters in the United States Justice Department’s Antitrust Division. Before joining the Obama Administration, Weiser was a professor of law and telecommunications at the University of Colorado, where he also served as an Associate Dean. At CU, Weiser established a national center of excellence in telecommunications and technology law, founding the Journal on Telecommunications & High Technology Law and the Silicon Flatirons Center for Law, Technology, and Entrepreneurship. Over the last decade, Weiser has written and taught in the areas of technology, innovation, and competition policy.

Filed Under: Community Tagged With: , , , , , ,
«Older Posts
Protected

2013-05-19 08:27:27