Legal Implications of a Mobile Enterprise

587 views
537 views

Published on

Published in: Technology, News & Politics
1 Comment
0 Likes
Statistics
Notes
  • Make $5,000 your very FIRST month With CPA Marketing! I will Show You Exactly step by step How to Make $5,000 per month in the fastest and easiest way, I GUARANTEE! I will show you Powerful Strategies that I personally used. https://www.fiverr.com/nikolavukicevic/get-you-5-000-dollars-monthly-with-cpa-marketing
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
587
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

Legal Implications of a Mobile Enterprise

  1. 1. 2 nd Annual IT Symposium “ Legal Implications of a Mobile Enterprise”   Brad Frazer September 20, 2011 [email_address] @bfrazjd 208.388.4875
  2. 2. Introduction— The IT Manager’s Perspective <ul><li>Assumes harmony between IT and Legal </li></ul><ul><li>Importance to the Enterprise? </li></ul><ul><ul><li>Legal Exposures </li></ul></ul><ul><ul><li>Bandwidth Impact </li></ul></ul><ul><ul><li>HR Impact </li></ul></ul>208.388.4875 [email_address]
  3. 3. Why? <ul><li>Why is this a problem? </li></ul><ul><li>Look to the Board . . . </li></ul>208.388.4875 [email_address]
  4. 5. Some recent cases . . . <ul><li>Each of these implicates a mobile platform. </li></ul><ul><li>Each thus indicates a legal exposure or issue for the enterprise. </li></ul>208.388.4875 [email_address]
  5. 6. Court Permits Discovery of Text Message Contents <ul><li>A plaintiff who did not invoke any specific privilege being violated, but rather a vague notion of “privacy,” did not meet the burden to quash a document request to her cell phone company that included the contents of her text messages, the U.S. District Court for the District of Maryland ruled Aug. 17. Corsair Special Situations Fund LP v. Engineered Framing Systems Inc., D. Md., No. 09-1201-PWG, 8/17/11. </li></ul>
  6. 7. Court Rules That Instant Message Conversation Modified Terms of Written Contract <ul><li>A federal district court found that an instant message conversation between an employee of CX Digital, an online advertising referral provider, and the Vice President of Marketing at Smoking Everywhere, an electronic cigarette manufacturer, constituted a modification of the companies’ contract for CX Digital to provide online advertising referrals for Smoking Everywhere’s promotional sales offer.  The verdict resulted in an award of over $1.2 million in damages plus accrued interest and attorney’s fees for CX Digital . CX Digital Media, Inc. v. Smoking Everywhere, Inc., No. 09-62020 - Civ (S.D. Fla. Mar 23, 2011) </li></ul>
  7. 8. Court Rules that Messages Sent via Facebook Covered by CAN-SPAM Act <ul><li>On March 28, 2011, the U.S. District Court for the Northern District of California held in Facebook, Inc. v. MaxBounty, Inc., that messages sent by Facebook users to their Facebook friends’ walls, news feeds or home pages are “electronic mail messages” under the CAN-SPAM Act. The court, in denying MaxBounty’s motion to dismiss, rejected the argument that CAN-SPAM applies only to traditional e-mail messages. Facebook, Inc. v. MaxBounty, Inc. , No. CV-10-4712-JF, 2011 WL 1120046 (N.D. Cal. Mar. 28, 2011). </li></ul>
  8. 10. Yes, this is a “SoMe” issue, but . . . <ul><li>Mobile devices and apps inherently multiply the opportunities for mischief. </li></ul><ul><li>A mobile enterprise will thus inherently have more legal issues than a “static” enterprise. </li></ul>208.388.4875 [email_address]
  9. 11. Legal Implications <ul><li>Security </li></ul><ul><ul><li>Lost device = increased network vulnerability? </li></ul></ul><ul><li>Data Breach </li></ul><ul><ul><li>Lost device = lost trade secrets? </li></ul></ul><ul><ul><li>Unsecured Wi-Fi or other network = lost trade secrets? </li></ul></ul><ul><ul><li>Exposure to breach of contract for NDA violations? </li></ul></ul><ul><ul><li>Mandatory disclosure obligations </li></ul></ul><ul><ul><li>Resulting customer and shareholder lawsuits </li></ul></ul><ul><li>E-discovery </li></ul>208.388.4875 [email_address]
  10. 12. Legal Implications (cont’d) <ul><li>Ease of circumvention of corporate policies </li></ul><ul><ul><li>Document retention/destruction policies </li></ul></ul><ul><ul><li>SoMe policies </li></ul></ul><ul><li>Geolocation and the Right of Privacy </li></ul><ul><li>Click-wrap “Hell” </li></ul><ul><li>Texting and driving </li></ul><ul><li>Creation of Warranties/False Advertising </li></ul><ul><li>Copyright Infringement </li></ul>208.388.4875 [email_address]
  11. 13. Legal Implications (cont’d) <ul><li>Expansive license grants (e.g., Twitpic) </li></ul><ul><li>Defamation </li></ul><ul><li>Insider Trading </li></ul><ul><li>Trademark Infringement and Cybersquatting </li></ul><ul><li>Content issues, e.g., obscenity (open WiFi?) </li></ul><ul><li>Contract Modifications (remember $1.2 million) </li></ul><ul><li>CAN-SPAM; privacy </li></ul>208.388.4875 [email_address]
  12. 14. The CIO / CTO / IT Manager’s Role <ul><li>Implement bandwidth restrictions </li></ul><ul><li>Firewalls </li></ul><ul><li>Restricted URLs </li></ul><ul><li>Antivirus measures </li></ul><ul><li>Email protocols (e.g., Postini) </li></ul><ul><li>Data and Email Backups (“Proof Packet”) </li></ul><ul><li>Document Retention Policies </li></ul><ul><li>Server IP Logs </li></ul><ul><li>Privacy Policies </li></ul><ul><li>These are limited, obviously, to “the enterprise” environment. </li></ul>208.388.4875 [email_address]
  13. 15. Response: What can the Enterprise/CIO/CTO do? <ul><li>Top-down controls at Board level </li></ul><ul><ul><li>How do you address this at your company? </li></ul></ul><ul><li>Training </li></ul><ul><li>Insurance </li></ul><ul><li>Employee accountability for device security and use--with consequences for noncompliance. </li></ul>208.388.4875 [email_address]
  14. 16. Response: What can the Enterprise/CIO/CTO do? (cont’d) <ul><li>The Importance of Policies. For example: </li></ul><ul><li>Company employees who accessed data stored on corporate networks in violation of prominently displayed warnings about restrictions on their use and disclosure of information stored there can be prosecuted under the Computer Fraud and Abuse Act, the U.S. Court of Appeals for the Ninth Circuit ruled April 28. The court held that an employee “exceeds authorized access” to a computer network when he or she obtains data and uses it for a purpose that violates company restrictions on data use ( United States v. Nosal , 9th Cir., No. 10-10038, 4/28/11). </li></ul><ul><li>“ [The employees in this case] were subject to a computer use policy that placed clear and conspicuous restrictions on the employees' access both to the system in general and to the [compromised] database in particular,” the court noted. </li></ul>208.388.4875 [email_address]
  15. 17. Response: What can the Enterprise/CIO/CTO do? (cont’d) <ul><li>Important Acronym! </li></ul><ul><li>D N M Y W G S </li></ul>208.388.4875 [email_address]
  16. 18. The Moral of the Story <ul><li>Whose problem is this? IT? Legal? Board? </li></ul><ul><li>Cooperative strategies should be developed and implemented in a multidisciplinary fashion involving IT, HR, Management, and Legal </li></ul><ul><li>Otherwise, just hope you don’t get caught and don’t get sued. </li></ul>208.388.4875 [email_address]
  17. 19. Q & A <ul><li>Questions? </li></ul><ul><li>For a copy of the slide deck, e-mail me at bfrazer@hawleytroxell.com </li></ul><ul><li>Twitter: @bfrazjd </li></ul><ul><li>Call: 208.388.4875 </li></ul>208.388.4875 [email_address]

×