back to top ↑

April 2: Generic Top Level Domain Names: What the Recent Expansions Mean for Your Brand
Format: Live Webinar

April 9: Navigating the Landmines of Data Security Breaches: Practical Lessons Learned in Unearthing, Disarming, and Avoiding Cyber Threats and Digital Disasters
Format: Live (Washington, DC) or Audio

April 10: Piracy Update: IPR Center Strategies and Successes
Format: Live Webinar

April 12: Emerging Issues in Health Information Exchanges
Format: Live Webinar

April 18: Remote Sales Tax and Nexus Issues: The Latest on Taxation of Internet Sales
Format: Live Webinar

April 23: Hot Legal Issues In Online Affiliate Marketing
Format: Live Audio

April 25: U.S. Privacy Frameworks from the White House and the Federal Trade Commission
Format: Live Audio

April 25: Is Your Legal Blog Compliant? Ethical Considerations in the Wake of Hunter v. Virginia State Bar
Format: Live Webinar

April 26: Ethics of Social Networking
Format: Live Webinar

May 3-4: ITechLaw 2012 World Technology Law Conference & Annual Meeting

ITechLaw invites you to the ITechLaw 2012 World Technology Law Conference & Annual Meeting, to be held in Washington, D.C. at the Ritz Carlton, May 3-4, for an unrivaled program featuring unique sessions led by prominent speakers from around the world. Members of the ABA Business Law and Science & Technology Sections are eligible to register at the ITechLaw Member & Affiliate level; enter ABA12 as the affiliate code at the prompt during the registration process.

You can expect a high-level, professional exchange of knowledge and skills related to technology law at this conference, which includes:

• More than 225 industry professionals from over 40 countries;
• 35+ renowned speakers providing in-depth presentations and contributed papers; and
• One-on-one discussions with your colleagues from around the globe during the many networking opportunities throughout the conference.

Grow your global network through the conference's many social events, including a Welcome Reception at the exclusive Cosmos Club on Wednesday, May 2, a formal, black-tie Gala Dinner on Thursday, May 3, and our Closing Reception following the conference on Friday, May 4. Contact ITechLaw Member Services or call 1-781-876-6299 for additional information.

back to top ↑

At the BLS Spring Meeting in Las Vegas, the Mobile Commerce Subcommittee decided to prepare an issue spotting guide for business lawyers to assist their work with clients who are developing or using applications on mobile devices. It is intended for business lawyers who do not specialize in cyberspace issues and allows the attorney to be aware of potential issues. The guide will include topics such as:

• What is peculiar about mobile applications?
• What data do mobile applications interface with on mobile devices?
• What are the privacy concerns?
• What is personally identifiable information?
• What data is collected and what is done with the data?
• What types of disclosure must or should be made?
• What issues are involved when selling or using mobile apps?
• What liabilities arise when using mobile apps?

The committee is seeking volunteers to work on one or more of the issues. Attorneys interested should contact either Richard Balough or Ted Claypoole.

At the BLS Spring Meeting in Las Vegas, Kathy Porter, partner at Robinson & Cole LLP, chaired a CLE program titled (take a deep breath) "Maps to the Social Media Minefield Part III: Getting Social and Going Mobile: Benefits and Risks of Employee Use of Mobile Devices and Social Media In and Out of the Workplace." For this program John Rothchild, Professor at WayneStateUniversityLawSchool, gave a talk on workplace and corporate use of social media, focusing on guidance from the National Labor Relations Board on what sorts of provisions in an employer's social media use policy may violate employees' rights under Section 7 of the National Labor Relations Act. Kathy spoke about the issues that arise when employees use mobile devices, either company or personally owned, in the workplace, especially when they are lost or stolen. Ahmed Datoo, representing mobile device management company Zenprise, described the services his company provides that can help employers deal with the sorts of issues that Kathy discussed.

The subcommittee continues to work on its safeshopping.org project. There will also be a companion project: updating the safeselling.org website. If you are interested in helping with either project, please contact John Rothchild.

The Cybersecurity Subcommittee presented a CLE session at the BLS Spring Meeting entitled "Deploying Tools to Build or Self-Sabotage the Enterprise: How Do We Square Legal Obligations for Cybersecurity with the Increasing Use of Technologies that Undermine It?" The speakers included two lawyers, Jamie Clark (General Counsel, OASIS) and Tanya Forsheit (Partner, Information Law Group), and two cybersecurity experts, Col. Gregory Conti (Director, Cyber Research Center, U.S. Military Academy) and Charles Palmer (CTO Security & Privacy at IBM Research). Roland Trope, Partner at Trope and Schramm LLP, moderated the panel.

The panel considered the growing tension between a company's efforts to take advantage of new communications technologies and the cybersecurity vulnerabilities that such technologies introduce into a company, through three fact-based hypotheticals: (i) a pharmaceutical firm considering a move to the cloud; (ii) an electrical power utility company deploying "smart grid" (especially "smart meter") technologies; and (iii) an aerospace firm concerned about the extent to which its purchase offshore of electronic components might expose it to risks of cyberattacks.

The lively discussion addressed how both daily and low frequency but high impact cyber attacks might test the mettle of a firm's board and corporate officers as they attempt to protect intellectual property assets and the company's reputation while remaining highly competitive by adopting and deploying the latest technologies.

Also at the Spring Meeting, the subcommittee met to discuss its three new projects:

• A lawyer's guide to cybersecurity issues for clients considering the adoption and use of cloud computing,
• A guide to cybersecurity for museums (co-chaired by Janice Hugener), and
• A guide to cybersecurity for the deployment of the North American "Smart Grid."

Key issues for each project were discussed and debated by participants, and the objectives for each project were clarified. The subgroup working on the guide to cybersecurity for museums already has completed a first draft outline and will soon have a revised outline for review by registrars of select museums, who have kindly agreed to assist on the project. If you are interested in contributing to any of the projects, please contact Roland Trope or Tom Smedinghoff.

The Cybersecurity Subcommittee is also participating in the newly formed ABA Coordination Group on Cybersecurity. This group has been set up to discuss current cybersecurity initiatives within the ABA and to facilitate the exchange of information about current ABA interests in cybersecurity and ongoing activities among constituent ABA Sections and entities.

At our Vegas meeting, attendees heard a fascinating presentation by Robert Campbell, a Dallas- based FDIC lawyer. He spoke about "data hostage" clauses in cloud services contracts, which can be traps for the unwary. These clauses may erect substantial barriers to users looking to switch to a different service provider. While the literature often discusses other technically related vendor lock-in mechanisms, users pay little upfront attention to how their cloud service agreements may constrain their exit options. Bob showed examples of such clauses and spoke about alternatives.

Also at the meeting, the committee discussed its project to create a model cloud services agreement to assist businesses in contracting for cloud services. It is interested in getting more volunteers to participate in producing model clauses. The product is likely to be a CLE presentation at a future meeting on cloud contracting practices. To get involved, contact Bill Denny or Phillip Schmandt.

The Digital Media Subcommittee presented "Tidying up the Internet: Take Down of Unauthorized Content under Copyright, Trademark and Defamation Law" at the BLS Spring Meeting. The program was arranged by committee co-chair Susan Stephan, of counsel to Kretsch & Gust, PLLC. The panel discussed the foundations of the take-down regime and its applicability in the context of trademarks for which there is no such statutory requirement. The panel also focused on the broader protections for liability from third-party defamation and the practical implications of these laws on content owners and third party providers. Panel participants included Mozelle W. Thompson, FTC Commissioner (1997-2004), CEO of Thompson Strategic Consulting and on the Advisory Board of Facebook; Kristine Dorrain, Director of Internet and IP Services for the National Arbitration Forum; and Jon M. Garon, Director of the NKU Chase Law & Informatics Institute and Professor at Salmon P. Chase College of Law. The written materials are now publicly available at SSRN.

The International Trade Subcommittee held two conference calls on the Ides of March, one on collecting and analyzing the work of international standards bodies that may affect electronic commerce, and one on the UNCITRAL working group on electronic transferable records. A small but opinionated group of members of the Subcommittee participated in each.

In Las Vegas, the subcommittee discussed the UNCITRAL work on Online Dispute Resolution (ODR). Topics included the relation of the eventual work product of UNCITRAL (yet to be determined) to mandatory national laws on consumer protection, the possibility of a single workable set of legal principles to apply internationally, and the tension between a level of general procedural rules that can command wide assent and procedures specific enough to be applied in practice.

A number of Business Law Section committees are interested, notably the ADR Committee, but also International Business and Civil Litigation, as well as other sections of the ABA (Science and Technology being already engaged). Efforts will be pursued through the International Coordinating Committee of the Section to ensure that information is spread to, and input received from, the appropriate sources of expertise. UNCITRAL's emphasis on high-volume, low-value transactions may tend to take the topic outside the interests of some groups that focus on more resource-intensive areas of legal disputes.

It was suggested that the State Department may sponsor one or two conference calls on the ODR work before the next meeting of the UNCITRAL working group in late May. The dates were tentatively set as April 11 and May 9, both at 1 p.m. EDT. Reports of the conference calls and the Spring meeting discussion will appear soon on the subcommittee's web page. A reminder of the conference calls will be sent to the subcommittee's listserv.

The International Telecommunication Union (ITU), a UN organization with 193 member countries, is considering revising its 1988 treaty. The ITU will hold its World Conference on International Telecommunications (WCIT) in Dubai in December 2012 to discuss changes to the International Telecommunication Regulations (ITRs), and on the agenda will be, inter alia, proposals granting powers to the ITU to "regulate" the Internet. Unlike the UN Security Council, in which members have a veto, no one country can block initiatives at the ITU, so efforts to amend the ITRs will require massive diplomatic efforts. Likewise, efforts to prevent changes introduced will also require diplomatic heft. The move by some within the ITU to "governmentalize" regulation of the Internet through a "top-down" approach is in sharp contrast to the multi-stakeholder model that has characterized matters of Internet governance over the last decade. In response to attempts to amend the ITRs by introducing changes to the multi-stakeholder approach to Internet governance, FCC Commissioner Robert McDowell has already expressed his concerns about threats to the multi-stakeholder approach in a 21 February 2012 Op Ed piece in the Wall Street Journal. Meanwhile, the White House, in an attempt to marshal international support, and echoing the position of the OECD, affirmed its commitment to the multi-stakeholder approach to Internet governance. In addition to potential attempts by the ITU to take over ICANN, private sector operators worry that international regulation of the Internet will result in fees and other restrictions on the Internet. Watch this space!

In the past 18 months more than 150 putative class action suits have been filed against social networks, mobile application providers, and advertisers who merely advertise online. On March 22 at the BLS Spring Meeting, Lisa R. Lifshitz, partner at Gowling Lafleur Henderson LLP, moderated a well-attended panel featuring Ian C. Ballon, shareholder at Greenberg Traurig LLP, and Peter McLaughlin, Senior Counsel at Foley & Lardner LLP. The panelists spoke on the latest trends and legal issues relating to privacy litigation and regulation, including (i) key privacy class action and other litigation and (ii) federal and FTC enforcement of privacy laws in the social media, mobile, and web 2.0 spaces. Ian and Peter covered enforcement trends with the FTC, including its new focus on the Fair Credit Reporting Act in the mobile and social media space, the Google settlement, emerging issues in class actions involving misuse or loss of data, how social media is used by today's consumers, and issues regarding damages in private litigation. They also provided some best practice tips on avoiding litigation, including the use of disclaimers and class action waivers, as well as emerging issues regarding mobile technology and litigation. The panel concluded with a lively discussion from the audience, who provided comparative analysis from a European perspective.

The Committee is looking for authors, new or returning, to survey relevant developments in the law of cyberspace for its annual Survey of the Law of Cyberspace in the ABA's The Business Lawyer (see the latest edition). We keep a taxonomy of typical topics for your review.

If you are a new or young member of the committee, this is a great way to become actively involved. Your article will be a law-review style piece of (typically) around 10 double-spaced pages, so quite short. We will be working with you to get your piece in tip-top shape, giving you, and your company, a chance in the spotlight when your work is published.

Of course, seasoned authors are welcome (indeed, expected) to write as well. We are strongly discouraging collective work product, choosing to focus on single-author pieces as much as possible. We intend to collect many smaller pieces (along the lines of 10 book pages or perhaps less) that we will submit and publish alone as a portion of the overall Survey. If you have an associate work on the piece with you, you may give them credit. Students may not be listed as authors under any circumstances.

We will be utilizing the subcommittee, task force, and working group chairs to do some peer review of all submitted work to be sure it is substantively of the highest caliber. Of course, the usual caveats apply: we can't promise the ABA will accept any submission (but we will work hard to help yours be accepted) and we can't promise you will be invited to write on your first choice topic.

Highlights and things to remember:

• There should be recent developments in the law for the area you propose to survey-if you aren't sure, please do a little research before you volunteer for a topic. The relevant period is June 2011 to June 2012, but some leeway is given for topics previously unsurveyed.
• If your topic was written on in the last survey (see the first link, above), try to pick up where the previous survey left off.
• Comments on pending legislation are rarely approved as topics, though pending legislation can be discussed tangentially.
• The primary audience is U.S.-based lawyers. Surveys of foreign legal developments should address the impact on U.S. lawyers.
• A survey is neither an opinion/advocacy piece, nor a simple case summary. It discusses key cases and then extracts critical points or developments applicable to the practice of law.
• Topics and cases must have relevance to a business lawyer and/or the practice of business law. (For instance, an article on patent law should focus on key cases relevant to business lawyers and may not necessarily highlight key cases to patent attorneys.)
• While you are responsible for providing citations in your article, notably, accurate pinpoint citations, law clerks will be provided to Bluebook for you and edit for grammar, spelling, and readability.

Please visit the link above or email or call us if you are interested and we'll send you a list of topics you might consider writing on; alternatively, you can let us know if you have a topic in mind. We are looking for firm commitments by early April as the deadlines for submission will begin in May, depending on the author/topic. We look forward to another fantastic Survey!

Sarah Jane Hughes
Publications Chair
sjhughes@indiana.edu
812-855-6318

Kristine Dorrain
Programming Chair
kdorrain@adrforum.com
Direct: 952-516-6456
Cell: 952-836-8613

If your subcommittee has an idea for an article in Business Law Today, a non-Survey piece for The Business Lawyer, an article for another journal, or a book or model contract/form project that the Business Section might publish, please let Sarah Jane Hughes know as soon as possible.

back to top ↑

The Electronic Discovery (ESI) in Bankruptcy Working Group has issued an interim report that sets out principles and guidelines for Chapter 11 cases. There are two sets of principles, one for larger cases and one for middle market and smaller cases. A copy of the interim report is available here. The ideas underlying the new report draw on and are broadly similar to points that have been made by The Sedona Conference and the Seventh Circuit Electronic Discovery Pilot Program, but the interim report and principles are specifically tailored to the bankruptcy context.

On March 26, the US Federal Trade Commission released its report and roadmap, Protecting Consumer Privacy in an Era of Rapid Change, for companies to use when handling consumer information. The FTC's recommendations include:

• Privacy by Design - Companies should build in consumers' privacy protections at every stage of product development. These protections include reasonable security for consumer data, limited collection and retention of such data, and reasonable procedures to promote data accuracy.
• Simplified Choice for Businesses and Consumers - Companies should give consumers the option to decide what information is shared about them, and with whom. This should include a Do-Not-Track mechanism that would provide a simple, easy way for consumers to control the tracking of their online activities.
• Greater Transparency - Companies should disclose details about their collection and use of consumers' information, as well as provide consumers access to the data collected about them.

To address the burden on small business, the report concludes that the framework should not apply to companies that collect only non-sensitive data from fewer than 5,000 consumers a year and do not transfer that data. More information is available in the full report and accompanying press release.

The ABA Commission on Ethics 20/20 is working on whether and how to revise its model ethics rules to deal with technological issues of lawyer-client confidentiality, client development, and outsourcing of various aspects of law practice (as well as other non-technology issues). Just last month, it released the following documents:

• Cover Memo from Co-Chairs Jamie S. Gorelick and Michael Traynor,
• Final revised drafts of Commission Proposals scheduled to go to the ABA House of Delegates in August 2012, covering the subjects of
• Technology (Confidentiality),
• Technology (Client Development),
• Outsourcing, and
• Uniformity/Mobility (including Model Rule 5.5 and Practice Pending Admission), Admission by Motion, and Model Rule 1.6 (Duty of Confidentiality).

As a lawyer with technological expertise, you may be able to provide valuable input to this project, especially on these initial drafts. The Commission is looking for immediate comments on these drafts; they should be sent to senior research paralegal Natalia Vera. Comments may be posted to the Commission's website. More information about the project is available here.

The National Aeronautics and Space Administration's Inspector General, Paul K. Martin, submitted written testimony before the House Committee on Science, Space, and Technology's Subcommittee on Investigations and Oversight on the subject "NASA Cybersecurity: An Examination of the Agency's Information Security" on February 29, 2012. Significant disclosures by Inspector General Martin included the following:

1. "In 2010 and 2011, NASA reported 5,408 computer security incidents that resulted in the installation of malicious software on or unauthorized access to its systems. . . . Some of these intrusions have affected thousands of NASA computers, caused significant disruption to mission operations, and resulted in the theft of export-controlled and otherwise sensitive data, with an estimated cost to NASA of more than $7 million."
2. "Between April 2009 and April 2011, NASA reported the loss or theft of 48 Agency mobile computing devices, some of which resulted in the unauthorized release of sensitive data including export-controlled, Personally Identifiable Information (PII), and third-party intellectual property. For example, the March 2011 theft of an unencrypted NASA notebook computer resulted in the loss of the algorithms used to command and control the International Space Station."
3. "Our ongoing investigation of . . . [an advanced persistent attack] at JPL [Jet Propulsion Laboratory] involving Chinese-based Internet protocol (IP) addresses has confirmed that the intruders gained full access to key JPL systems and sensitive user accounts. With full system access the intruders could: (1) modify, copy, or delete sensitive files; (2) add, modify, or delete user accounts for mission-critical JPL systems; (3) upload hacking tools to steal user credentials and compromise other NASA systems; and (4) modify systems logs to conceal their actions. In other words, the attackers had full functional control over these networks."

The Federal Trade Commission's Chief Technologist, Ed Felten has a new blog and Twitter account. According to an initial post on Tech@FTC, the goal of these new accounts is to talk about technology in a way that is sophisticated enough to be interesting to hard-core techies, but straightforward enough to be accessible to the broad public that knows something about technology but doesn’t qualify as expert.

back to top ↑

Lisa Lifshitz’s article on “Privacy and Data Security in the Cloud: The Issues, the Law, and Mitigating the Risks to Your Business, Part I,” was just published in Cyberspace Law. To receive a copy of the article, co-written with Danielle Waldman and Christopher Oates, contact Lisa at lisa.lifshitz@gowlings.com.

Juliet Moringiello and co-author Bill Reynolds have written an article entitled "From Lord Coke to Internet Privacy: The Past, Present, and Future of the Law of Electronic Contracting," which will be published soon in the Maryland Law Review. You can access a copy of the article on Juliet's author's page.

An article, "Privacy Considerations Limit Geolocation Technologies," authored by Ted Claypoole and Richard C. Balough, co-chairs of the mCommerce subcommittee, appears in the April 2012 issue of the ABA's online Business Law Today. The article explores how courts address privacy considerations for geolocational technologies, including how courts are beginning to draw lines that define the degree to which Americans may be tracked, followed, and surveilled using cost-effective, location-reporting devices. The U.S. Supreme Court's recent decision in Jones v. United States, which explored in a tangential way the privacy concerns raised by the use of geolocational tracking devices, indicates that privacy issues relating to geolocational tracking will continue to be on the court's agenda. Richard and Ted presented a summary of the article at the Cyberspace Law Committee meeting in Las Vegas.

Roland Trope co-authored an article entitled “Uncovering Enhanced Trademark Protections in the NDAA 2012,” which was recently published in Law360.

Jon Garon, co-chair of the Digital Media Subcommittee, will be presenting on "Funding/New Business Models Without Maximum IP" at Innovate/Activate 2.0 to be held at the University of Berkley Law School on April 20-21, 2012. This interdisciplinary conference focuses on intellectual property and activism.

We are always looking for fresh and relevant content for the CLCC newsletter. Have you written or presented on something your fellow committee members would be interested in? Let them know! Email your contribution to committee Communications Co-Directors Cheryl Balough (cbalough@balough.com) and Lois Mermelstein (lois@loismermelstein.com).

back to top ↑