CLOSE X
RSS Feed LinkedIn Instagram Twitter Facebook
Search:
FMG Law Blog Line

Posts Tagged ‘technology’

Beware Phony (or Exaggerated) Software Piracy Claims

Posted on: February 3rd, 2020

By: Jeff Alitz

For more than a decade, software companies or software trade groups/alliances have pursued aggressive cost-recovery strategies against customers and former customers for their alleged unauthorized use (i.e, no license available) of software and other intellectual capital published and marketed by the companies.  While the deliberate use of such software without license is not condoned nor encouraged, the cost recovery tactics – and the targets of such tactics – are not always appropriate nor warranted. The savvy tech user and their counsel should be aware of the most egregious recovery strategies and the best protocol to fight them.

The least scrupulous piracy enforcers may employ a variety of methods, from targeting small and undercapitalized companies with only several software users with the threat of crippling fines to giving whistleblowers not only anonymity but also cash for their reporting of the use of unlicensed software to the imposition of damage multipliers (3X actual damages are common) found in seldom read software-license agreements against even the unintentional use of unlicensed software (even where the user has simply misplaced the license over time). Most often, the law firm or other designees of the software company or trade group initiates contact with an alleged unlicensed software user by a demand for a software audit. If the user cannot demonstrate that the products it uses are fully licensed and up to date and tied to all the users’ employees, the software company sharpens its knives.

What can be done? Obvious, but maintaining and internally broadcasting that all the software IS licensed will go far to discourage whistleblowers and will help thwart the piracy hounds if they continue their hunt. IF violations of the software agreements remain unexplained after the audit is complete and the software company continues its pursuit, the “target” and its counsel can employ a variety of defenses to the claims including arguing any infringement was innocent ( which typically reduces the available fine but does not outright exonerate the software user), focusing on statute of limitations defenses and to project a willingness to defend the license violation allegations while at the same time working to achieve a cents on the dollar settlement with the best release that can be negotiated.

Freeman Mathis & Gary’s Data Privacy and Security Practice Group is here to help clients with policies and training. If you have any questions or would like more information, please contact Jeff Alitz at [email protected].

The Ethical Duty of Technology Competence – The Day is Coming in California

Posted on: December 5th, 2019

By: Renata Hoddinott

Recognizing the emergence of technology, its impact on the practice of law, and the importance of lawyers understanding technology, the American Bar Association modified its Model Rules in 2012 to make clear a lawyer’s duty of competence includes both a substantive knowledge of the law and the competent use of technology. ABA Model Rule 1.1 Comment 8 provides, in part, that, “to maintain the requisite knowledge and skill, a lawyer should keep abreast of changes in the law and its practice including the benefits and risks associated with relevant technology.”

Since then, 38 states* have now adopted some version of Comment 8. In 2016, Florida went even further and became the first state to require lawyers to complete three hours of continuing legal education on technology every three years. In 2019, North Carolina followed suit and requires lawyers to complete one hour of continuing education devoted to technology training every year.

But where California normally leads the nation in many areas, in this it is in the minority of hold-out states which have not adopted a version of Comment 8. While the State Bar of California’s Standing Committee on Professional Responsibility and Conduct has issued several opinions involving technology to date, California has not yet expressly referred to a technology component of a lawyer’s duty of competence in its Rules of Professional Conduct.

There are constantly emerging technologies to assist lawyers in delivering legal services to their clients. In the past, lawyers were deemed competent based on their experience and knowledge of a substantive area of law. As technology evolved, so too did the concept of competence. Types of  technology used  by today’s lawyers include the technology used to run a law firm and practice, case management software, billing software, and email, as well as data security to protect client confidentiality, technology used to present information to the court, electronic discovery, saving client information in the cloud and other third-party service platforms, and the use of social media such as Facebook, LinkedIn, and blogs. There is also the growing area of artificial intelligence or AI which is transforming the way lawyers and law firms perform legal research, due diligence, document review, and even more.

While these technologies offer many benefits to help increase efficiency, minimize mistakes, and decrease labor costs, there are also associated risks and pitfalls. Technology competence includes an understanding of the technology a lawyer currently utilizes in his or her practice, the additional technology available, and the technology that a client or prospective client uses or owns. Lawyers who are not technologically competent may be putting their clients and themselves at a disadvantage, as well as potentially risking a malpractice action in certain cases.

Attorneys must recognize the ways in which technology influences the practice of law in California. While it is not yet mandated as in many other states, that day is coming soon. And while technology continues to advance faster than developments in California law, lawyers should consider their duties of competence, diligence, supervision, and maintaining confidentiality when implementing and using technology.

*The states which have adopted some version of Comment 8 are: Alaska, Arizona, Arkansas, Colorado, Connecticut, Delaware, Florida, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Massachusetts, Michigan, Minnesota, Missouri, Montana, Nebraska, New Hampshire, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.

If you have any questions or would like more information, please contact Renata Hoddinott at [email protected], or any other member of our Lawyers Professional Liability Practice Group, a list of which can be found at www.fmglaw.com.

New Cybersecurity Trend: Data Security and Disposal Laws

Posted on: February 7th, 2019

By: David Cole & Amy Bender

Tales of data breaches flood our news reports these days. By now, you hopefully are aware that all 50 states have laws requiring persons and organizations that own or maintain computerized data that includes personal information to notify affected individuals, and sometimes the government, in the event of a data breach involving their personal information. (You know those letters you’ve received from hospitals, retail stores, and other companies advising you that they experienced a data breach that may have exposed your personal information? They didn’t notify you out of the goodness of their hearts – it’s the law!)

In the past, these laws have focused solely on notifying affected individuals about compromises to their personal information. Outside of specific industries, such as healthcare or financial services, which are regulated by laws applicable only to them, such as HIPAA and the Gramm-Leach- Bliley Act, respectively, there have not been laws of general applicability regulating the standard of care required for protecting personal information in the first place. Recently, however, a trend has emerged among state legislatures to take this next step in cybersecurity legislation by setting standards for businesses’ protection of consumers’ personal information.

The majority of states now have enacted data security and/or data disposal laws that place affirmative obligations on entities (or, in some instances, certain types of industries) that own or use computer data containing personal information to safeguard and/or dispose of or encrypt that data. Below is a current list of states that have adopted these laws:

(Click here for our discussion of the significant and comprehensive data security law California passed last year.)

Unfortunately, there is not one universal standard for how to secure and destroy data containing personal information, but rather, the standard varies by state. Organizations that operate in multiple states thus may have to comply with multiple and differing requirements. In addition, many of these laws only provide general, and often vague, guidelines that do not specify particular technologies or data security measures that should be implemented. For instance, many laws only require that businesses implement “reasonable” administrative, physical, and/or technical safeguards to protect personal information from unauthorized use or disclosure, and then describe “reasonable” measures as those “appropriate based on the size of the business and the nature of information maintained.” That may be clear as mud, but at least it’s a start and enough to put businesses on notice that doing nothing is not an option.

For these reasons, we recommend that businesses work with legal counsel to understand the laws of the states where they do business and to conduct a security risk assessment to evaluate the information they maintain, the potential risks to it, and the current measures in place to protect it. Working with legal counsel, businesses should then work with an experienced cybersecurity provider to translate that risk assessment into an actionable plan for improving data security and privacy within their organization. The legal standards still might be vague, but going through a process like this will put businesses in the best position to demonstrate good faith and reasonable efforts to meet their legal obligations if and when an incident occurs or a claim is made by a third party.

Please contact David Cole, Amy Bender, or one of the other members of our Data Security, Privacy & Technology team at FMG for additional questions or to discuss conducting a risk assessment for your organization.

New Task Force Aims to Reform California’s Technological Ethical Rules

Posted on: January 15th, 2019

By: Paige Pembrook

On December 5, 2018, the California State Bar Task Force on Access Through Innovation in Legal Services held its first meeting and started a long process to modernize ethical rules that currently inhibit lawyers from fully using innovative technologies and services from non-lawyer businesses. Under the Current Rules of Professional Conduct for California lawyers, attorneys risk professional discipline and malpractice liability when using services and software offered by non-lawyer technology businesses, even though those services and software offer significant potential to improve access to and delivery of legal services.

Earlier this year, the State Bar charged the Task Force with recommending rule modifications to allow collaboration and technological innovation in legal services, including use of artificial intelligence and online legal service delivery models. The Task Force is specifically tasked with scrutinizing existing rules and regulations concerning the unauthorized practice of law, lawyer advertising and solicitation, partnerships with non-lawyers, fee splitting, and referral compensation. The Task Force must submit its recommendations to the State Bar Board of Trustees before December 31, 2019.

As any effective rule changes remain years away, lawyers must be aware of and comply with the current rules that restrict lawyers seeking to collaborate with and use technology from non-lawyer businesses. The Rules of Professional Conduct are often implicated when lawyers collaborate with non-lawyer businesses offering technology-driven legal services and software. These rules include those premised on harm to clients that flows from incompetent legal service (Rule 1.1), non-lawyer ownership of law offices and the unauthorized practice of law (Rules 5.4 and 5.5), and the dissemination of biased and/or misleading information (Rules 7.1-7.3).

To the extent that lawyers violate any of the aforementioned rules by using technology-driven legal services and software offered by non-lawyer businesses, they may be subject to State Bar discipline.

If you have any questions or would like more information, please contact Paige Pembrook at [email protected].

Many Drivers Don’t Appreciate Limitations of Driver Assistance Technologies

Posted on: September 28th, 2018

By: Wes Jackson

Pump the breaks, George Jetson! While car technology is quickly advancing towards autonomous vehicles, we aren’t there yet. Even so, a recent study from the AAA Foundation for Traffic Safety suggests many drivers overestimate the abilities of new driver assistance technologies, which could lead to unsafe driving habits.

The study examined drivers’ attitudes toward and interactions with “advanced driver assistance systems,” or ADAS. Anyone who has recently purchased a new car is likely familiar with many of the latest ADAS technologies such as forward collision warning, automatic emergency breaking, lane departure warning, lane keeping assist, blind spot monitoring, rear cross-traffic alert, and adaptive cruise control.

While the study found that most drivers trusted and used these ADAS features, it also revealed that most drivers do not appreciate their limitations. For example, only 21% of owners of vehicles with blind spot monitoring knew that such systems could not detect vehicles passing at a high rate of speed. Similarly, only a third of owners of vehicles with automatic breaking systems knew the systems relied on cameras and sensors that could be compromised by dirt or other debris.

What’s worse, some drivers with ADAS systems admitted to adopting unsafe driving habits in response to the new technologies. For instance, 29% of respondents to the study reported feeling comfortable engaging in other activities while using adaptive cruise control. Similarly, 30% of respondents admitted to relying exclusively on their blind spot monitoring system without checking their blind spots, and 25% of respondents admitted to backing up without looking over their shoulder when using a rear cross-traffic alert system.

These new ADAS technologies can certainly help motorists driver more safely. However, drivers should not succumb to the illusion that these new technologies made alert driving a thing of the past. Until we’re all flying around in autonomous space-age vehicles, be sure to keep your eyes on the road and always look twice before backing up or changing lanes.

The Transportation Law Team at Freeman Mathis & Gary, LLP is on the cutting edge of autonomous vehicle issues. If you have any questions about the AAA Foundation’s report or issues concerning autonomous vehicles, please contact Wes Jackson at [email protected].