RSS Feed LinkedIn Instagram Twitter Facebook
FMG Law Blog Line

Archive for November, 2016

Federal Trade Commission Offers Tips on Avoiding and Responding to Ransomware Attacks

Posted on: November 22nd, 2016

By: Amy C. Bender

With ransomware attacks on the rise, it is important to have a plan in place on how best to prevent such attacks and respond when they occur. The Federal Trade Commission, the government agency tasked with protecting consumers, has issued guidance to help both consumers and business defend against ransomware attacks.

The guidance for consumers, which is available here, offers tips and answers frequently asked questions about ransomware. The key points it emphasizes for consumers are:

To avoid a ransomware attack:

  • Update your software regularly
  • Use caution in clicking on links or downloading attachments and apps
  • Back up important files routinely

If you are the victim of a ransomware attack:

  • Prevent the attack from spreading throughout your network
  • Restore/reboot your computer
  • Contact law enforcement

The guidance for businesses, available here, covers many of these same points, but provides additional detail on the nature of ransomware, the unique risks it creates for businesses, and the importance of having solid security measures and incident response plans in place before an incident occurs. The FTC also has published an accompanying video for businesses, available here. For businesses, the FTC guidance recommends:

To defend against ransomware:

  • Train and educate employees
  • Implement security measures
  • Back up data often
  • Develop and test incident response and business continuity plans

To respond to a ransomware attack:

  • Implement your incident response and business continuity plans
  • Contact law enforcement
  • Contain the attack

When you are affected by a ransomware virus, the decision of whether or not to pay the ransom in order to regain access to your files is difficult. The truth is that many businesses and individuals choose to pay the ransom and that it usually works as promised to unlock their files. In some cases, the cost of the ransom even may be covered by a cyber liability insurance policy. But other organizations, such as the FBI, encourage individuals and businesses not to pay the ransom, arguing that doing so only helps perpetuate the problem. These are tough decisions that each person and organization must make for themselves on a case-by-case basis, but to help provide some direction, the FTC guidance also discusses factors to consider in deciding whether to pay the ransom. For instance, by paying the ransom, there is no guarantee of getting back the files, the hackers may increase the ransom price or delete or deny access to the files anyways, and you may become a target for other scams. On the other hand, both individuals and business understandably may not be able to function without the data the hackers have seized.

With ransomware, the best offense is a good defense, and these simple tips can help both individuals and business be better prepared for an attack. FMG’s team of attorneys on our Data Security, Privacy, and Cyber Liability practice group have extensive experience helping clients prepare for, protect against, and respond to ransomware attacks and are available to counsel you through these best practices and challenging decisions. Please contact us to discuss further the steps you can take to protect yourself and your organization.



The Fraudulent Joinder Prevention Act of 2016: Leveling the Removal Playing Field

Posted on: November 21st, 2016

By: Jacob E. Daly

Generally speaking, at least in personal injury cases, plaintiffs prefer to litigate in state courts while defendants prefer to litigate in federal courts. Federal law has long permitted defendants to remove cases filed in state court to federal court based on diversity of citizenship, but only if there is complete diversity and no defendant is a citizen of the forum state. Plaintiffs often take advantage of these rules by naming an in-state person or entity as a defendant in order to defeat removal, but sometimes there is no valid claim against the in-state defendant or the plaintiff has no intention of pursuing the claim against the in-state defendant. To prevent plaintiffs from abusing the complete-diversity rule and the forum-defendant rule, the U.S. Supreme Court established the doctrine of fraudulent joinder.  This doctrine allows the citizenship of the in-state defendant to be disregarded if there is no possibility of it being liable. This is a very demanding standard, and because it is so difficult to satisfy in many instances, some believe that the current law unfairly restricts defendants’ right of removal, especially because most remand decisions cannot be appealed.

Enter the Fraudulent Joinder Prevention Act of 2016. According to the House Report, the FJPA “addresses the problem by codifying a somewhat more robust version of the fraudulent joinder doctrine than the one now applied by the lower Federal courts,” and it “will give out-of-state defendants a better opportunity to secure the neutral Federal forum that they would be entitled to if sued alone.” In addition, the FJPA “will help to protect individuals and small businesses from being dragged into court when their involvement in the controversy is peripheral at best.” To achieve these ends, the FJPA would add a new subsection (f) to 28 U.S.C. § 1447 to govern motions to remand in which (1) the plaintiff argues that the case should be remanded because of a violation of the complete-diversity rule or the forum-defendant rule; and (2) the defendant argues that the joinder of the defendant at issue is fraudulent. The joinder of a defendant would be deemed fraudulent if (1) there is actual fraud in the pleading of jurisdictional facts; (2) the claim against the defendant is not plausible under state law based on the pleadings, affidavits, and other evidence; (3) state or federal law clearly bars all claims against the defendant (e.g., because of an affirmative defense); or (4) objective evidence clearly demonstrates that the plaintiff does not have a good-faith intent to pursue the claim against the defendant. If the district court finds that the defendant was fraudulently joined, it must dismiss without prejudice the claims against the defendant and deny the motion to remand.

The House of Representatives passed the FJPA earlier this year, but the Senate has not yet acted. Given how important removal is to litigation strategy, we will continue to track the progress of this bill.

For any questions you may have, please contact Jake Daly at [email protected].


ICE Reformed: Election of Donald Trump Likely to Affect Federal Immigration Enforcement Priorities

Posted on: November 18th, 2016

By: E. Charles Reed, Jr.

Between 2008-2014, the federal government utilized a program called “Secure Communities” to arrange for the transfer of suspected aliens from local law enforcement custody to federal custody upon receipt of a detainer request from Immigration and Customs Enforcement (“ICE”). In early 2014, courts began holding local law enforcement agencies liable for claims brought by individuals alleging that the Secure Communities program lacked certain due process or other constitutional requirements. More detail on this history and the claims presented can be found here. When local law enforcement agencies asked for direction from the federal government on whether it viewed ICE detainer requests as permissive or mandatory, the federal government remained silent. Local law enforcement agencies across the United States then began either refusing to honor ICE detainers or placing limitations on when they would comply with the request. In November 2014, President Barack Obama announced by executive order that the Department of Homeland Security would discontinue the “Secure Communities” program and, in July 2015, DHS replaced “Secure Communities” with the “Priority Enforcement Program.” Under this program, the Department of Homeland Security has shifted its focus from deporting any and all suspected aliens, including those charged, but not yet convicted of criminal offenses, to focus only on removing convicted criminals, including gang members and others who pose a known danger to public safety.

With the issue of illegal immigration being central to the campaign of then-presidential candidate Donald Trump, many have questioned how immigration enforcement will proceed once Mr. Trump is sworn in as President of the United States. While no one can predict for certain how aggressive President-elect Trump will be on this issue after January 2017, one Forbes author has analyzed Mr. Trump’s campaign promises and presented one scenario concerning the effect of a Trump presidency on illegal immigration and immigration as a whole. The author opines, in part, that the current DHS policy of prioritizing violent criminals for deportation could be revised to include any and all unlawful immigrants. The entire article can be found here. Since the Department of Homeland Security’s priorities can and have been changed by executive order, once Mr. Trump is sworn in as President of the United States, any change to the Department of Homeland Security’s priorities could happen quickly. We will continue to monitor this issue and provide updates as more information becomes available.

For any questions you may have, please contact E. Charles Reed, Jr. at [email protected].

ADA Website Compliance: More Than Just a Good Idea

Posted on: November 16th, 2016

By: Paul H. Derrick

Since its passage in 1990, the Americans with Disabilities Act (ADA) has become nearly ubiquitous, perhaps best known for its applicability to workplaces, wheelchair access, and service animals. Surprisingly few people, however, are aware that the ADA also applies to websites and other internet-based “places.” For businesses (and their lawyers) unfamiliar with ADA website compliance, trouble could be looming on the horizon.

Businesses That Must Comply

Generally, Title III of the ADA requires a “place of public accommodation” to provide equal access to goods and services to everyone, regardless of any disability. This mandate applies to most businesses, including hotels, retail stores, law firms, sports venues, and more. (Title II of the ADA makes many of the same requirements applicable to state and local governments.) The U. S. Department of Justice (DOJ), which enforces the ADA, has made it clear that it also applies to entities that do business, and even those that exist solely, online.

Specifically, the DOJ has ruled that websites and mobile apps must be accessible to individuals with a broad range of disabilities. Although the proposed amendments to the ADA may not come out until 2018, the DOJ received over 6,000 accessibility complaints in 2015 alone. Businesses that have not made provisions to ensure that their websites are ADA compliant face an array of legal and financial consequences, not all of which are from the government.

Some plaintiffs’ firms already are using software that tests websites for non-compliance and automatically generates a demand letter and draft settlement agreement whenever a non-compliant site is found. (Not surprisingly, most websites are at least partially non-compliant.) The demand letter typically seeks to resolve the alleged violations on an expedited basis and includes stipulations for injunctive relief and payment of attorneys’ fees. Requested remedial measures may include adoption of a website accessibility policy, regular testing of website features by an independent third party, creation or designation of one or more website management positions within the organization, and more.

To continue reading the full article on The Voice of the Defense Bar website, please click here.

All About the Money

Posted on: November 15th, 2016

By: Lisa R. Gorman

I suspect if we took a poll and asked what factor should be used to determine which employees are entitled to earn overtime wages, most would agree on salary. I suspect if we asked how high a salary should be to exempt an employee from overtime wages, most would say at least $50,000.

This year, the Department of Labor (“DOL”) doubled the annual salary threshold for overtime pay under federal law, from $23,660 to $47,476. The DOL estimates the rule will extend overtime coverage to more than 4 million employees across the country. I suspect most would agree those 4 million employees earning an annual income of less than $47,476 deserve to earn overtime when they work more than 40 hours in a week (and, in California, more than 8 hours in a day).  

The problem is not the salary threshold; it’s the myriad of other factors that must be met to qualify for one of the three “White Collar Exemptions.” The factors are difficult to decipher, and, more importantly, they result in arbitrary and inequitable decisions regarding exemption status. For instance, depending on how jobs are structured, recruiters, customer success managers, salespeople and engineers may be exempt, or they may not. In California, our exemption laws go a step further and require employers quantify how much time employees spend engaged in their various job duties to determine whether they qualify for overtime. A ridiculous endeavor given the unlikelihood of accuracy. 

It’s reasonable to require employers pay overtime to lower-income workers; those who don’t earn enough shouldn’t have to work long hours without additional compensation.  Yet, the converse is also true; those who earn enough should be exempt from overtime.

Federal law has a Highly Compensated Employee (HCE) exemption applicable to employees earning six figure salaries (under the new DOL rule, the threshold will increase from $100,000 to $134,000 per year). In California, where thousands of Silicon Valley workers earn six figures but don’t quite fit within the confines of the antiquated exemptions, an HCE exemption would result in more straightforward and equitable pay practices and eliminate time-consuming and expensive litigation.  I suspect most would agree that’s a win-win.

For more information, please contact one of the attorneys from our Labor and Employment Law team.