CLOSE X
RSS Feed LinkedIn Instagram Twitter Facebook
Search:
FMG Law Blog Line

Archive for the ‘Coronavirus – Cyber, Privacy & Security’ Category

FINRA Issues Guidance on Remote Work Including Continued Warning for Cyber Threats

Posted on: June 15th, 2020

By: Kathleen Cusack and Kirsten Patzer

Although all 50 states have begun the process of reopening, business spaces have not yet returned to full capacity and many people continue to work remotely.  On May 28, 2020, the Financial Industry Regulatory Authority (FINRA) issued new guidance for working from home based on surveys of financial firms. 

One such piece of guidance is a continued reminder to be vigilant with confidentiality requirements and cybersecurity concerns.  FINRA suggests reminding associated persons of confidentiality requirements, including maintaining a private workspace while working from home and taking extra precautions when working near family or friends.  FINRA also recommends that financial businesses remind and train staff about cybersecurity vulnerabilities and potential fraud risks. 

Since 2015, FINRA has released multiple reports and notices aimed at informing financial professionals about cyber risks and best practices.  The mass shift to remote work has not only resulted in a dramatic increase in the use of personal devices for the completion of work, but has also prompted a sizable increase in cyber threats to individuals and businesses.  According to a study discussed in Forbes, cyber threats increased by about a third between January and March of this year. 

One of the most common types of cyber scams is phishing.  Phishing schemes attempt to entice users to provide sensitive information to people pretending to be a trustworthy person.  To protect against phishing scams, FINRA recommends that businesses employ a combination of technological tools and regular training for employees to identify scams. Financial advisors and other associated persons are reminded to not accept trade instructions, withdrawal requests, or third-party transfers via electronic mail. If such a request is received, the advisor should contact their client via telephone to verify and confirm the instruction.   

FINRA has also cautioned against increased cybersecurity risks with the use of mobile devices.  FINRA warns that compared to in-office devices, mobile devices face a higher risk of theft or exposure to the installation of malicious applications.  

If you have questions or would like more information, please contact Kirsten Patzer at [email protected] or Kathleen Cusack at [email protected]

Additional Information:

FMG has formed a Coronavirus Task Force to provide up-to-the-minute information, strategic advice, and practical solutions for our clients. Our group is an interdisciplinary team of attorneys who can address the multitude of legal issues arising out of the coronavirus pandemic, including issues related to Healthcare, Product Liability, Tort Liability, Data Privacy, and Cyber and Local Governments. For more information about the Task Force, click here.

You can also contact your FMG relationship partner or email the team with any questions at [email protected].

**DISCLAIMER: The attorneys at Freeman Mathis & Gary, LLP (“FMG”) have been working hard to produce educational content to address issues arising from the concern over COVID-19. The webinars and our written material have produced many questions. Some we have been able to answer, but many we cannot without a specific legal engagement. We can only give legal advice to clients.  Please be aware that your attendance at one of our webinars or receipt of our written material does not establish an attorney-client relationship between you and FMG. An attorney-client relationship will not exist unless and until an FMG partner expressly and explicitly states IN WRITING that FMG will undertake an attorney-client relationship with you, after ascertaining that the firm does not have any legal conflicts of interest.  As a result, you should not transmit any personal or confidential information to FMG unless we have entered into a formal written agreement with you. We will continue to produce education content for the public, but we must point out that none of our webinars, articles, blog posts, or other similar material constitutes legal advice, does not create an attorney client relationship and you cannot rely on it as such. We hope you will continue to take advantage of the conferences and materials that may pertain to your work or interests.**

Supreme Court to Hear Arguments Remotely, Including TCPA Constitutional Challenge

Posted on: April 16th, 2020

By: Matthew Foree

This week, the United States Supreme Court announced that it would hear oral arguments remotely for the first time in its history.  The Court will hear oral arguments by telephone conference on certain dates in May in a limited number of cases that had previously been postponed.  The cases are to be assigned dates for argument after confirming counsel’s availability.

The Court’s press release provides that “[i]n keeping with public health guidance in response to COVID-19, the Justices and counsel will all participate remotely.”  Interestingly, the Court stated that it “anticipates providing a live audio feed of these arguments to news media” and that “[d]etails will be shared as they become available.”

Among the cases the Court is set to hear in May is Barr v. American Association of Political Consultants, Inc., which concerns a constitutional challenge to the Telephone Consumer Protection Act (“TCPA”).  The Court has just scheduled argument in the Barr case for Wednesday, May 6, 2020.The TCPA generally prohibits calls to a cellular telephone using either an “automatic telephone dialing system” (ATDS) or an “artificial or prerecorded voice,” unless the call is made with the prior express consent of the recipient.  In a 2015 amendment to the TCPA, Congress exempted from this prohibition calls “made solely to collect a debt owed to or guaranteed by the United States.” 

In 2016, the Respondents in Barr initiated a declaratory judgment action against the Federal Communications Commission (“FCC”) and the Attorney General, arguing that the TCPA’s content-based ban on protected speech violated the First Amendment.  They sought declaratory relief and an injunction restraining the Government from enforcing the ban against them.  The case made its way to the U.S. Court of Appeals for the Fourth Circuit, which found a First Amendment violation and determined that the government-debt exception was severable from the rest of the TCPA.    

As we have discussed previously, TCPA litigation often centers around whether calls were made using an ATDS.  The current litigation landscape concerning the interpretation of the definition of ATDS has caused a split in the Circuit Courts and generated significant confusion that continues to this day.  In Barr, Respondents argue that the TCPA’s automated call restriction, not just the government-debt exception, violates the First Amendment.  Accordingly, practitioners in this area are anxious for the ruling on this matter, particularly as it relates to how far the Supreme Court will go to resolve the constitutional issue, which can have a major impact on the statute and TCPA litigation moving forward.  

Additional Information:

The FMG Coronavirus Task Team will be conducting a series of webinars on Coronavirus issues on a regular basis. Topics include COVID-19’s impact on finances and loans, the FFCRA, the CARES Act and more. Click here to view upcoming webinars.

FMG has formed a Coronavirus Task Force to provide up-to-the-minute information, strategic advice, and practical solutions for our clients.  Our group is an interdisciplinary team of attorneys who can address the multitude of legal issues arising out of the coronavirus pandemic, including issues related to Healthcare, Product Liability, Tort Liability, Data Privacy, and Cyber and Local Governments.  For more information about the Task Force, click here.

You can also contact your FMG relationship partner or email the team with any questions at [email protected].

**DISCLAIMER:  The attorneys at Freeman Mathis & Gary, LLP (“FMG”) have been working hard to produce educational content to address issues arising from the concern over COVID-19.  The webinars and our written material have produced many questions. Some we have been able to answer, but many we cannot without a specific legal engagement.  We can only give legal advice to clients.  Please be aware that your attendance at one of our webinars or receipt of our written material does not establish an attorney-client relationship between you and FMG.  An attorney-client relationship will not exist unless and until an FMG partner expressly and explicitly states IN WRITING that FMG will undertake an attorney-client relationship with you, after ascertaining that the firm does not have any legal conflicts of interest.  As a result, you should not transmit any personal or confidential information to FMG unless we have entered into a formal written agreement with you.  We will continue to produce education content for the public, but we must point out that none of our webinars, articles, blog posts, or other similar material constitutes legal advice, does not create an attorney client relationship and you cannot rely on it as such.  We hope you will continue to take advantage of the conferences and materials that may pertain to your work or interests.**

Zoom Class Action Raises Privacy Concern with Favored Online Meeting Platform

Posted on: April 2nd, 2020

By: Barry Miller

A class action filed March 30 alleges that the popular Zoom Video Communications platform is rife with privacy concerns.

That story has piqued the interest of the legal community, as Zoom has become the platform of choice among mediators working to resolve disputes during a time when in-person meetings are prohibited or discouraged.

The class action, Cullen v. Zoom Video Communications, Inc., 5:20-cv-02155 (N.D. Cal.), alleges that Zoom “has failed to properly safeguard the personal information of the increasing millions of users of its software application….” It states that “[u]pon installing or upon each opening of the Zoom App, Zoom collects the personal information of its users and discloses, without adequate notice or authorization, this personal information of its users….”

The lawsuit states claims under the California Consumer Privacy Act, as well as the state’s Unlawful and Unfair Business Practices and Consumers Legal Remedies laws. It also makes common-law claims for negligence, invasion of privacy, and unjust enrichment.

Forbes magazine reported yesterday that some users are complaining that the recording of private chats in Zoom results in disclosing chats thought to be private. Messages to other chat users are visible when the chat is downloaded, according to a Twitter user Forbes quoted. Zoom this in its story, although it did say that if a host records a Zoom meeting locally, private chats become part of that recording. Another outlet is reporting that Zoom meetings do not support encryption end-to-end.

Both the U.S. Attorney General and the N.Y. Attorney General are investigating Zoom privacy concerns. As a result of such investigations and complaints, Zoom has reportedly removed code that sent user data to Facebook without clearly disclosing that to the user.

Zoom has said that its app did not share sensitive data, such as user names, emails, or phone numbers, but did provide information about user devices (including specifications), operating systems, and time zones.

The federal and New York investigations bear watching by attorneys. Since mid-March, when COVID-19 caused many state and federal courts to close or restrict access to courthouses and ban in-person proceedings, mediators have (commendably) continued to work at getting cases settled without in-person meetings. Most court orders encourage the use of technology to continue the progress of cases. Mediators were among the first to heed that encouragement, and the Zoom platform emerged as their consensus choice.

California mediator Jean Lawler does not believe mediators will stop using Zoom, but she does believe both mediators and the attorneys they work with must have a good understanding of the technology before using it. She notes that Zoom gives users the ability to control settings, and users must be aware of how they are set. “[A]nyone who hosts an online meeting, on any platform, would be well advised to very judiciously take a look at their settings and options to ensure settings that can protect the privacy of the participants,” said Lawler in an email.

Among the most important things, she said, is not to allow recordings of mediation sessions, not allowing chat, requiring unique identifiers and passwords from attendees, and having attendees go to a virtual waiting room so the mediator can allow them into mediation after confirming their identity.

Zoom makes similar security recommendations in a whitepaper available on its site.

Attorneys may also wish to review Zoom’s Compliance Statement with the European Union’s General Data Protection Regulation, and inquire whether the same protective steps have been taken to protect data in the United States. This is particularly true if the mediation may involve the data of EU residents, or data collected from someone while they were visiting the EU.

Another mediator told FMG that confidential information in his mediations continues to be exchanged by mail and email. None of that information is exchanged via Zoom.

As government leaders talk about flattening the contagion curve, Zoom is a reminder that attorneys, mediators, and judges are finding they must accelerate their technology learning curve.  

Additional Information:

The FMG Coronavirus Task Team will be conducting a series of webinars on Coronavirus issues on a regular basis. Topics include COVID-19’s impact on the construction industry, employment issues arising from the virus, the real-world impact of business restrictions, and education claims. Click here to register.

FMG has formed a Coronavirus Task Force to provide up-to-the-minute information, strategic advice, and practical solutions for our clients.  Our group is an interdisciplinary team of attorneys who can address the multitude of legal issues arising out of the coronavirus pandemic, including issues related to Healthcare, Product Liability, Tort Liability, Data Privacy, and Cyber and Local Governments.  For more information about the Task Force, click here.

You can also contact your FMG relationship partner or email the team with any questions at [email protected].

**DISCLAIMER:  The attorneys at Freeman Mathis & Gary, LLP (“FMG”) have been working hard to produce educational content to address issues arising from the concern over COVID-19.  The webinars and our written material have produced many questions. Some we have been able to answer, but many we cannot without a specific legal engagement.  We can only give legal advice to clients.  Please be aware that your attendance at one of our webinars or receipt of our written material does not establish an attorney-client relationship between you and FMG.  An attorney-client relationship will not exist unless and until an FMG partner expressly and explicitly states IN WRITING that FMG will undertake an attorney-client relationship with you, after ascertaining that the firm does not have any legal conflicts of interest.  As a result, you should not transmit any personal or confidential information to FMG unless we have entered into a formal written agreement with you.  We will continue to produce education content for the public, but we must point out that none of our webinars, articles, blog posts, or other similar material constitutes legal advice, does not create an attorney client relationship and you cannot rely on it as such.  We hope you will continue to take advantage of the conferences and materials that may pertain to your work or interests.** 

Telemedicine in a Time of Crisis

Posted on: March 31st, 2020

By: Shaun Daugherty

Social distancing has become a new phrase in our lexicon which has specific meaning and pervasive general understanding within the population.  Telemedicine seems like the ideal format for delivery of certain medical services during the emergency period caused by COVID-19.  However, pre-emergency regulations, restrictions and requirements for qualification and reimbursement to telehealth providers greatly reduced access to these kinds of services.  The CARES Act has taken aim at suspending many of these prior limitations on access and reimbursements to open much needed medical care to those that are in the most need. 

During the existence of the current medical emergency, Medicare beneficiaries are temporarily granted access to telemedicine services in several ways.  Previously, to provide medical services via telemedicine, the provider must have seen and treated the patient within the last three years.  In addition, the pre-emergency restrictions also required stringent real-time audio-visual technology be available on both ends of the service.  The new law temporary lifts and eases these restrictions and opens up the options for services to a broader base of patient.  Now, both new patients and existing patients can take advantage of telemedicine.  No longer does one need to be an established patient for a telemedicine visit.  Additionally, the provider does not have to be compliant with the strict real-time audio-visual requirements as before and things such as FaceTime or Skype calls are permissible. In certain instances, audio only visits are allowed as long as no images are being reviewed.  This is especially useful in those places where there may be limitations in the technology available as well as the functional limitations of those receiving the care. 

The new law temporarily allows for hospice recertification without a face-to-face visit and home dialysis patients to receive periodic evaluations using the telehealth technologies.  The geographic or location restrictions for providers of telemedicine services are also temporarily lifted.  Previously, the regulations limited reimbursements for Rural Health Clinics (RHC) and Federally Qualified Health Clinics (FQHC) to only those services defined as a face-to-face encounter.  The current Act lifts these restrictions and allows for Medicare to reimburse for telemedicine services provided by these RHCs and FQHCs.  The Act also provides the HHS Secretary with the authority to relax additional statutory restrictions on telehealth services to be covered by Medicare. 

Of the $2 trillion total allocated in the CARES Act, $14.4 billion has been specifically earmarked to increase the access of telemedicine to patients of the Veterans Administration facilities throughout the country.  An additional $2.15 billion has been allocated to the Department of Veterans Affairs Information Technology to improve the infrastructure and increase the capabilities to deliver these types of healthcare services.  This is on top of the $27 billion allocated to the HHS’ Public Health and Social Services Emergency Fund to address increased access and infrastructure for telehealth generally. 

Opening the access to telemedicine services will hopefully help reduce the current strain on the healthcare communities by allowing providers to access patients remotely without exposing themselves or their patients to risks that could be avoided.  Those patients in remote or otherwise restricted locations can be screened and, in some instances, treated with the use of a smartphone.   While these measures are only temporary, the hope of many organizations that promote telemedicine is that it will pave the way for a more meaningful method of delivery of telemedicine services into the future. 

Additional Information:

The FMG Coronavirus Task Team will be conducting a series of webinars on Coronavirus issues on a regular basis. Topics include the CCPA, the CARES Act, Law Enforcement and the viruses’ impact on the Construction Industry. Click here to register.

FMG has formed a Coronavirus Task Force to provide up-to-the-minute information, strategic advice, and practical solutions for our clients.  Our group is an interdisciplinary team of attorneys who can address the multitude of legal issues arising out of the coronavirus pandemic, including issues related to Healthcare, Product Liability, Tort Liability, Data Privacy, and Cyber and Local Governments.  For more information about the Task Force, click here.

You can also contact your FMG relationship partner or email the team with any questions at [email protected].

**DISCLAIMER:  The attorneys at Freeman Mathis & Gary, LLP (“FMG”) have been working hard to produce educational content to address issues arising from the concern over COVID-19.  The webinars and our written material have produced many questions. Some we have been able to answer, but many we cannot without a specific legal engagement.  We can only give legal advice to clients.  Please be aware that your attendance at one of our webinars or receipt of our written material does not establish an attorney-client relationship between you and FMG.  An attorney-client relationship will not exist unless and until an FMG partner expressly and explicitly states IN WRITING that FMG will undertake an attorney-client relationship with you, after ascertaining that the firm does not have any legal conflicts of interest.  As a result, you should not transmit any personal or confidential information to FMG unless we have entered into a formal written agreement with you.  We will continue to produce education content for the public, but we must point out that none of our webinars, articles, blog posts, or other similar material constitutes legal advice, does not create an attorney client relationship and you cannot rely on it as such.  We hope you will continue to take advantage of the conferences and materials that may pertain to your work or interests.** 

Facing Increased Cyber Threats Against Legal and Accounting Professionals During the COVID-19 Pandemic

Posted on: March 24th, 2020

By: Renata Hoddinott

Millions around the world have had their daily routines disrupted and a wide variety of companies are participating in the largest “work from home” mobilization in history. While the ability for professionals to work remotely is key to business continuity in the midst of this pandemic, in doing so, firms and professionals have open their networks to unprecedented exposure.

Bad actors are capitalizing on the intense focus on COVID-19 panic and fear and security professionals have already noted an increase in malicious schemes. Those include phishing emails framed as alerts regarding the coronavirus outbreak containing attachments purportedly with information about COVID-19 and how to protect against the virus. When people are already stressed, fearful, and desperate for the most up-to-date information to protect themselves and loved ones, there is a significant risk to the security of any network.

Another prevalent threat for professionals, and particularly for CPAs, is in the realm of wire transfer requests. These types of scams are on the rise and can be very convincing, duping even the most cyber-savvy of professionals. Bad actors often begin well in advance of an attack by laying in wait and collecting information over an extended period. When the opportunity presents itself, such as now, these criminals use that information to launch convincing wire transfer requests. They can be framed as emails from “clients” requesting emergency funding and providing fraudulent wire instructions. CPAs often find themselves on the front lines against these malicious schemes and need to remain diligent and exercise extreme caution when responding to any requests. With professionals working remotely it can be more difficult to ensure a request is valid, but it is vital for requests to be double and triple checked and validated directly by phone or video to ensure accuracy before a single dollar is transferred.

Now is the time for all professionals to be vigilant about the cyber dangers. An unprecedented number of professionals are accessing company networks remotely and continuing to service clients including handling sensitive and confidential client data. In an office environment, when a threat is detected, IT can immediately quarantine and disconnect the compromised device and conduct an investigation of the company network. Now, however, employees may be connecting to firms’ servers from their own perhaps less secure networks and IT professionals are not on-site in those locations to troubleshoot issues and contain threats more easily. Failure to appropriately protect the sensitive and confidential data of clients may be the cause of malpractice claims in certain circumstances.

Firms should ensure IT security professionals are accessible to remote working professionals and able to isolate remote devices when necessary and limit the potential damage to the firm’s network through that compromised device. Now more than ever firms and professionals must remain diligent and prepared against new risks of fraud and cyber-attacks. Keeping mindful of cyber threats in the midst of this crisis is critical to ensuring ongoing success.

Additional information: 

The FMG Coronavirus Task Team will be conducting a series of webinars on Coronavirus issues every day for the next week. We will discuss the impact of Coronavirus for companies in general, but also for business in insurance, healthcare, California specific issues, cybersecurity, and tort. Click here to register.

FMG has formed a Coronavirus Task Force to provide up-to-the-minute information, strategic advice, and practical solutions for our clients. Our group is an interdisciplinary team of attorneys who can address the multitude of legal issues arising out of the Coronavirus pandemic, including issues related to Healthcare, Product Liability, Tort Liability, Data Privacy, and Cyber and Local Governments. For more information about the Task Force, click here.

You can also contact your FMG relationship partner or email the team with any questions at [email protected].

**DISCLAIMER: The attorneys at Freeman Mathis & Gary, LLP (“FMG”) have been working hard to produce educational content to address issues arising from the concern over COVID-19. The webinars and our written material have produced many questions. Some we have been able to answer, but many we cannot without a specific legal engagement. We can only give legal advice to clients. Please be aware that your attendance at one of our webinars or receipt of our written material does not establish an attorney-client relationship between you and FMG. An attorney-client relationship will not exist unless and until an FMG partner expressly and explicitly states IN WRITING that FMG will undertake an attorney-client relationship with you, after ascertaining that the firm does not have any legal conflicts of interest. As a result, you should not transmit any personal or confidential information to FMG unless we have entered into a formal written agreement with you.  We will continue to produce educational content for the public, but we must point out that none of our webinars, articles, blog posts, or other similar material constitutes legal advice, does not create an attorney client relationship and you cannot rely on it as such. We hope you will continue to take advantage of the conferences and materials that may pertain to your work or interests.**