CLOSE X
RSS Feed LinkedIn Instagram Twitter Facebook
Search:
FMG Law Blog Line

Posts Tagged ‘#Atlanta’

City Hacks – Atlanta’s 2018 Cyberattack and the Growing Need for Cyber Liability Insurance

Posted on: February 12th, 2019

By: Matthew Weiss

Already a growing area of liability insurance for businesses, the importance of cyber insurance for local governments came to the forefront last March when the City of Atlanta suffered a malware attack in which its computer networks were hijacked by hackers seeking a ransom equal to $51,000 in bitcoin. The cyberattack left the City unable to perform basic services, including processing tickets in municipal court and providing Wi-Fi service at Hartsfield-Jackson International Airport. At one point, city employees were advised not to even turn on their computers.

While Atlanta’s cyberattack made national headlines, the role that cyber insurance played in its response has been largely undocumented. The City holds a cyber insurance policy with AIG, and the total cost associated with the cyberattack is believed to have approached $5 million.

Although Atlanta redacted key details of its cyber insurance policy, including its coverage limits, in response to press inquiries, the State of Georgia has acknowledged that it holds a $100 million cyber insurance policy, the largest of any state, covering more than 100 state agencies including every branch of state government except higher education. The policy was put to use when the Georgia Department of Agriculture’s computer system was infected by malware in December 2017, compromising the department’s computer system, including employee email and internal operation servers. The cost of the state’s response to the malware attack exceeded its self-insured retention of $250,000.

The recent experiences of the City of Atlanta and the Georgia Department of Agriculture exemplify the growing importance of cyber insurance for state and local governments. Governments are frequently considered prime targets for cyberattacks due to a lack of synchronization of government systems, the lack of harmonization among third-party vendors rendering services to those governments, and a dearth of qualified professionals employed by governments due to the fact that more lucrative careers are available in the private sector. Indeed, governments frequently assign cybersecurity to their IT departments, which are already overburdened and under-resourced. At the same time, as local governments become more digital, the impact of a cyberattack can become highly disruptive to the city’s operations, as the City of Atlanta’s experience showed. In fact, Forbes has reported that Lloyd’s City Risk Index estimates that the risk of cyberattack is the third most consequential threat to Atlanta and other North American cities, with a collective potential impact of more than $93 billion. Given these substantial risks, Lloyd’s concludes that cities and states should better utilize cyber insurance, with a 1% increase in insurance penetration resulting in a corresponding 22% decrease in the risk to taxpayers.

The growing need for cyber insurance among cities, counties, and states melds both the areas of local government law and insurance coverage and is certain to be a major growth area in the near future. Hopefully, Atlanta’s painful learning experience will better prepare other local governments in the months and years to come.

If you have any questions or would like more information, please contact Matthew Weiss at (678) 399-6356 or [email protected].

Georgia Court of Appeals Concludes the Term “Affiliate” is Ambiguous

Posted on: February 4th, 2019

By: Jake Carroll

In Salinas v. Atlanta Gas Light Company,[1] the Georgia Court of Appeals’ recently examined whether Georgia Natural Gas (“GNG”) and Atlanta Gas Light Company (“AGLC”) were “affiliates.” Both AGLC and GNG were owned and controlled, either directly or through an intermediary, by a company named AGL Resources, Inc.

In Salinas, AGLC sought to dismiss Plaintiff’s claims and compel arbitration. In support of its argument, AGLC relied on a term in GNG’s service agreement that required the Plaintiff to arbitrate any disputes with GNG’s “affiliates.” However, since the term “affiliate” was not defined in GNG’s agreement, the Court of Appeals looked at how the term “affiliate” is defined in the Georgia Code, Black’s Law Dictionary, and other jurisdictions, and ultimately determined that the term is ambiguous. The Court of Appeals construed the agreement against GNG—the drafter of the contract—and as a result, AGLC could not demand arbitration of Plaintiff’s dispute.

While the Court of Appeals did not set-out a specific definition for “affiliate,” the Court’s analysis provides a couple of practice tips to anyone involved in drafting, reviewing, or enforcing contracts, including commercial agreements, government contracts, or insurance policies.

  1. Define Your Terms: The Salinas Court may not have had to address the meaning of “affiliates” if the Agreement had defined the term. But, since the term was not defined, the Court looked elsewhere, including other jurisdictions, the Georgia Code, and the dictionary to determine its meaning. Including a definitions section is an easy way to set out the agreed-upon meaning of a term throughout a contract, and should not be overlooked.
  2. Be Explicit: If there is a certain sibling or parent corporation that should be a beneficiary of a contract, consider listing the specific “affiliates” to which the contract or agreement should apply.
  3. Check Your State’s Code: The Court noted that the term “affiliate” is defined over 20 times in the Georgia Code, and the definitions vary. For example, in the context of financial institutions, an affiliate is an entity that controls the election of a majority of directors, trustees of a financial institution, or an entity that owns or controls 50 percent or more of the financial institution. O.C.G.A. § 7-1-4 (1). In Georgia’s Corporations Act, the definition of affiliate is broader: “a person that directly, or indirectly through one or more intermediaries, controls or is controlled by or is under common control with a specified person.” O.C.G.A. § 14-2-1110 (1).[2] Depending on the type of corporate entity, “affiliate” may not include every entity in a corporate structure, and certain rules regarding ownership and control may be relevant.

If you need help with this issue, or any other commercial law questions, Jake Carroll practices construction and commercial law, is licensed to practice in Georgia and Florida, and is a member of Freeman Mathis & Gary’s Construction Law and Tort and Catastrophic Loss practice groups. He represents corporations and manufacturers in a wide range of litigation and corporate matters involving breach of contract, business torts, and products liability claims. He can be reached at [email protected].

[1] 347 Ga. App. 480; 819 S.E.2d 903 (2018).
[2] See also O.C.G.A. § 18-2-71 (1) (B) (“Affiliate” has multiple definitions, including “[a] corporation 20 percent or more of whose outstanding voting securities are directly or indirectly owned, controlled, or held with power to vote by the debtor or a person who directly or indirectly owns, controls, or holds with power to vote 20 percent or more of the outstanding voting securities of the debtor[.] …”).

Smart Cities Face Hacking Threat

Posted on: August 15th, 2018

By: Ze’eva Kushner

As you sit in traffic, frustrated and wondering why the city or municipality cannot do something to ease congestion, know that a city’s use of internet-connected technology to make your commute better may also invite hackers to wreak havoc on your city.

Traffic is just one of many problems that “smart cities” use internet-connected technology to address.  A smart city can set up an array of sensors and integrate their data to monitor things like air quality, water levels, radiation, and the electrical grid.  That data then can be used to automatically inform fundamental services like traffic and street lights and emergency alerts.

Smart city technology provides many benefits to city management, including connectivity and ease of management.  However, these very same features make the technology an attractive target for hackers.  In a recently released white paper, IBM revealed 17 vulnerabilities in smart city systems around the world.  Some of these risks were as simple as failing to change default passwords that could be guessed easily, bugs that could allow an attacker to inject malicious software commands, and others that would allow an attacker to sidestep authentication checks.  Additionally, use of the open internet rather than an internal city network to connect sensors or relay data to the cloud presents an opportunity for hackers.

Atlanta is an example of a smart city that is attempting to improve its efficiency by employing smart city technology, with its focus being mobility, public safety, environment, city operations efficiency, and public and business engagement.  Atlanta knows all too well how crippling a hack can be, as it suffered from the ransomware attack in the Spring that kept residents from services such as paying their water bills or traffic tickets online.  The hacking threat to smart cities is real and significant.

If you have any questions or would like more information, please contact Ze’eva Kushner at [email protected].

Enforcing an HOA Covenant

Posted on: February 12th, 2018

By: Jan S. Sigman

Many homes built in the metro Atlanta area in the past 20 years are located in subdivisions that have a homeowner’s association (HOA). In 1994, Georgia adopted the Property Owner’s Association Act.  If an HOA elects to become subject to the Act, then the covenants passed by the HOA are enforceable against all the current property owners in the association, as well as subsequent purchasers into the community. Covenants may include restrictions on the development and use of the property.

In Great Water Lanier v. Summer Crest at Four Seasons on Lanier Homeowners Ass’n, Case No. A17A1810 (January 2, 2018), the Georgia Court of Appeals enforced various HOA covenants on a subdivision plat where Great Water accepted but did not sign the warranty deed. On cross motions for summary judgment, the trial court held the parcel was subject to the HOA covenants.  Great Water appealed, but the Court of Appeals affirmed the trial court’s ruling.  By accepting the deed, the Court of Appeals held, Great Water voluntarily consented to be bound by the HOA covenants. This case illustrates the need for buyers to conduct due diligence into HOA covenants that could encumber the property.

Jan Seanor Sigman is licensed to practice in Georgia and represents contractors and design professionals in all construction matters including contract negotiations, payment disputes and delays, contract terminations, and defective work. If you have any questions or would like more information, please contact Jan Seanor Sigman at [email protected].

Atlanta Public Schools Cheating Scandal – Civil Liability Next?

Posted on: April 2nd, 2015

By: Wayne S. Melnick

On Wednesday, April 1, 2015, a Fulton County Superior Court jury handed down guilty verdicts to 11 of the 12 defendants charged in the notorious Atlanta Public Schools (“APS”) cheating scandal in which educators and administrators were alleged to have acted in a wide-spread conspiracy to artificially inflate grades in order to obtain and/or maintain grant money for their schools as well as personal bonuses and prestige for themselves.  Hopefully, this closes one chapter of any ugly period in the history of APS.

However, the specter of civil liability now rears its head.  As an attorney that defends teachers, administrators, and school districts, it is only natural to wonder whether (or when) civil lawsuits will follow. During the criminal trial testimony, prosecutors argued that students were robbed of the opportunity to learn and other grant money to get tutoring otherwise needed.  Does this provide “damages” that are compensable under the law?  If so, what is the cause of action for these wrongdoings?

Without delving deep, it does not take much imagination to see where federal or state civil RICO claims would be fairly easy to establish in light of the criminal convictions (which are required as predicate acts to such a claim).  To the extent there were students with disabilities that were affected, perhaps IDEA or § 504 claims are ripe for assertion as well.

While what happened here is localized to Atlanta, in light of the pressures that are put on teachers and administrators to succeed, it is not far-fetched to think this could happen anywhere in the United States.  As such, it is imperative for school districts and their insurers everywhere to consider the ramifications.