1

Legal Research, Issues, and Practice in Cyberspace

-

Jurisdiction, International Issues & Digital Discovery

Todd Krieger & Cyrus Daftary

April 7th, 2014

2

Agenda

Administrative Discussion Jurisdiction International Digital Discovery Questions & Answers

3

Administrative Discussions

Week One Welcome & Introduction

Week 4 Creating and

Entity

Week 61st

Amendment, Social Media

Week 5Access to

Technology, ADA

Week 7Privacy Issues

Week 3 Patents & Trademark

START

Week 2 Copyright and Digital

Music

Week 9Tax

Week 10Jurisdiction

Week 11Class Project

Week 8 Doing

Business Online

Week 12 Class

Projects

Week 13 Class

Projects

4

Jurisdiction

A court’s power to adjudicate a controversy. Defined by ‘long-arm’ statute and due

process clause of constitution.

5

Jurisdiction - History

1945 - International Shoe vs Washington: defendant must maintain ‘minimum contacts’ with forum state – if it doesn’t offend the traditional notions of fair play and substantial justice.

Due process requires fairness and justice. Example: Out of state salesperson who

does business in California. Gave courts some discretion.

6

Jurisdiction - History (cont’d)

1980 - World Wide Volkswagen vs Woodson: Plaintiff buys car in New York and is injured in Oklahoma. The court finds conduct must be directed towards forum state not merely placing a product in the stream of commerce.

7

Specific v. General Jurisdiction

General jurisdiction: (Helicopteros Nacioinales de

Colombia, S.A. vs Hall) Continuous and systematic contacts with the forum state. Controversy need not arise out of the defendant's activities in the state.

Specific jurisdiction: (Burger King vs Rudzewics) Cause of action arises directly from defendant’s contact with the forum state.

8

Evolution of Online Jurisdiction

Early websites were informational, online brochures.

Early on, disputes were independent of the websites.

Plaintiffs tried to use the websites to assert jurisdiction, usually with little success; they needed to show something more.

Lawyers and judges were still learning about the technology.

Early Conflicting Cases – Sporadic Internet Activities

Website and toll free number– (Graphic Controls Corp. vs Utah Med. Prods. Inc.)– (Inset Sys. vs Instruction Set, Inc.)

Soliciting and maintaining a website for future business with knowledge of in-state access– (Hearst Corp. vs Goldberger)– (State by Humphrey vs Granite Gate Resorts)

Source: Todd D. Leitstein - A Solution for Personal Jurisdiction on the Internet, 59 La. L. Rev. 565, 1999 9

10

First Rational Framework

Zippo vs Zippo.com : – Lighter Company vs Online E-mail/Content provider.– 3,000 customers in PA; 7 agreements with PA based ISPs.

Sliding scale of jurisdiction

Doing Business/InteractivityJurisdiction

11

Zippo Three Prong Test

(1) The defendant must have sufficient minimum contacts with the forum state.

(2) The claim asserted against the defendant must arise out of those contacts.

(3) The exercise of jurisdiction must be reasonable.

Courts in the 5th, 9th, and 10th Circuits have used the Zippo sliding scale consistently, but some courts have attempted to refine the test.

12

Expanding Zippo

Court in Cybersell, Inc. vs Cybersell, Inc. stated while the level of interactivity was a crucial factor for jurisdiction, interactivity alone did not provide grounds for jurisdiction, but instead required something more to establish minimum contacts. – “Something more” consisted of ‘targeting’ or intentional Internet activity

expressly aimed at the forum state.

S. Morantz, Inc. vs Hang, using Zippo and targeting approach found an interactive website that did not allow for online sales and was not directed at PA residents did not provide minimum contacts with PA over a NY defendant.

13

The “Effects” Test

An alternative to the Zippo sliding scale test is the effects-based approach.

Courts focus their analysis on the actual effects a website had in a particular jurisdiction and do not focus on the technology used.

The effects test originated in Calder vs Shirley Jones, in which a CA entertainer sued a FL publisher for libel.

The effects test has been applied in Blumenthal vs Drudge and Pavolich vs DVD Copy Control Assn.

14

International Transactions

An All Too Common Scenario

Salesperson has a huge new urgent opportunity and wants to use the usual agreement.

Their contact speaks English, so it is no problem if the customer is in another country, right?

It depends…15

One Size Does Not Fit All A standard form agreement might be fine

overseas……until there is a dispute

How would a local court interpret the rights of the parties?

Can your client enforce their rights?– Protecting IP– Getting paid

Is it lawful to do business there? What is required for the transaction to be

valid?16

The U.S. has an Unusual Legal Climate

Contingency fee plaintiff’s counselPunitive and multiple damagesDiscoveryClass action law suitsCommon law systemSome companies actively avoid the U.S. as

a forumPlaintiffs may be less likely to find the same

windfall in other countries17

Intellectual Property Rights Vary by Country

Copyright: U.S. participates multiple copyright treaties, but copyright definition and enforcement varies by countries and treaties are not universal.

Patent: U.S. patents do not give the patent holder rights overseas.

Trade Secrets: trade secret rights vary by country. NAFTA & GATT provide some protection.

18

The EU takes a different view of software licensing than the U.S.

UsedSoft GmbH vs Oracle International Corp

“With the payment for services you receive, exclusively for your internal business purposes, for an

unlimited period a non-exclusive non-transferable user right free of charge for everything that Oracle develops and makes available to you on the basis of this agreement”

Court ruled downloaded perpetual license was a sale. Consider finite term for licenses and technological

measures to limit transfers. Limit transferability of maintenance contracts. Compare with Vernor case.

19

Distribution Chain

How many layers are there between the end user and the seller?

The rights of the parties may vary if there are other parties between them.

Statutory risks in appointing distributors and agents overseas:– Penalties for termination– FCPA compliance– Control of brand / trademarks– Export control

Who will perform support services?20

There May Be Few Choices

“…Article (23) of the Kuwaiti Commercial Code states that non-Kuwaiti citizens may not pursue any commercial activities in Kuwait, unless having a Kuwaiti partner. This partner's share must not be less than (51%). Article (24) sets forth that any foreign company may not establish a branch in Kuwait and cannot pursue its commercial activities in Kuwait unless having a Kuwaiti agent.”

“..The principal may not decline to renew the agency agreement upon its expiration without paying the agent equitable compensation for the non-renewal, provided that the agent provides evidence that he is not at fault and that his activities successfully promoted the principal’s products.”

21

Work With Local Counsel

Local subject matter expertiseRealistic risk assessmentLanguage skills (where applicable) Cultural awarenessAble to assist with negotiationsCan help navigate through a dispute.

22

Language Considerations

Contractual obligations can be diluted in translation:– Double check key clauses with local counsel or other trusted

native speaker.– Even automated translations can give a hint at a problem.– Have side by side English translation with English prevailing,

where permitted.Consider local language requirements.

23

Automated Translations Are Not Always Accurate

24

Get Accounting Insight

Shift tax burden to the other party.Tax rates vary by country and depend on

categorization of goods:– Rate may be different if technology is delivered digitally or on a

tangible medium– Support service rate may vary from tech license– Creating a local nexus can have profound tax consequences– Who will provide local services?

Be aware of currency exchange issues.Can payment be sent directly to the U.S.?

25

Negotiations Overseas

Local contract negotiation styles will differ– Focus on building a relationship– Turnaround time can vary by regions– Be sensitive to local time zones and holidays.

For important issues, video conference, telephone, or face to face discussions can be more efficient than e-mail.

Leverage business team to assist in working with the other party.

“SPECIAL CIRCUMSTANCES: The workweek in Kuwait is Sunday through Thursday for most businesses, government offices, and commercial banks.” (US State Department)

26

Select a Predictable Forum for Disputes

Local entities may prefer their local court and choice of law.

Foreign forum and choice of law clause may not be enforceable.

Arbitration offers a reasonable alternative.– Define rules and forum– Reserve the right to obtain injunctive relief

What resources are needed if there is a dispute?

Maintaining confidentiality during the disputeLocal dispute may be a leap of faith.

27

Standard Clauses May Not Be Enforceable

Validity of warranty exclusions, disclaimers, and limitations on liability vary by region:– Reverse engineering exclusion in the EU– Statutory warranty remedies– No limitations for death or personal injury in the UK.

Other standard clauses may be illegal:– Interest for late payment under Sharia law.

28

Business to Consumer Sales Overseas Require Additional Caution

The European Union has enacted consumer protection directives that set the minimum standard in the member states.

Typical U.S. style disclaimers may invite local scrutiny (OFT – UK) :– sellers cannot restrict consumers’ rights to reject faulty goods– warranties must be reasonable– contracts must be clear and easy to understand without hidden

‘traps.’

29

Consumer Protection Directives

Data Protection Directive 95/46/EC Distance Selling Directive 97/7/EC Unfair Terms in Consumer Contracts

Directive 93/13/EEC Electronic Commerce Directive 2000/31/EC

30

Export Control

U.S. Department of Commerce Bureau of Industry responsible for most export regulations– Export Administration Regulations (EAR)

Applies to all U.S. companies:– Employees– Subsidiaries– Agents– Distributors

Software transfer can be considered an export:– E-mail– FTP– Download– Provision of source code subject to EAR to foreign national in the U.S.

31

Export Administration Regulations

Restrictions and requirements depend upon:– What is exported?– Where is the recipient?– Who is the recipient?– How will the item be used?

EAR apply no matter whether the software originated in the U.S. or elsewhere.

Certain exports could be prohibited or require a license.

32

Some Exports have Additional Regulations

Defense services and munitions– Department of State, Directorate of Defense Trade Controls (DTC)

Defense-related goods, services, and technologies– Defense Technology Security Administration

Nuclear materials and equipment– Nuclear Regulatory Commission, Office of International Programs

Nuclear technology and technical data for nuclear power and special nuclear materials – Department of Energy, Office of Arms Controls and Nonproliferation, Export Control Divis

ion Licenses for natural gas and electric power

– Department of Energy, Office of Fuels Programs Export of wildlife and endangered and threatened species

– Department of the Interior, U.S. Fish and Wildlife Service Controlled substances and the import-export of listed chemicals used in the production

of control substances under the Controlled Substances Act– Drug Enforcement Administration, Office of Diversion Control, Import-Export Unit

Drugs and medical devices– Food and Drug Administration, Office of Compliance,

Food and Drug Administration, Import/Export Hazardous waste exports

– Environmental Protection Agency, Office of Solid Waste, International and Transportation Branch 33

Export Restrictions Depend on Classification of the Software

Export Control Classification Number (ECCN) determines the licensing requirements under the EAR.

Items are categorized into 10 categories, each further delineated into five product groups:

0 = Nuclear Materials, Facilities, and Equipment (and Miscellaneous Items)1 = Materials, Chemicals, Microorganisms and Toxins2 = Materials Processing3 = Electronics4 = Computers5 = Telecommunications and Information Security6 = Sensors and Lasers7 = Navigation and Avionics8 = Marine9 = Propulsion Systems, Space Vehicles, and Related Equipment

A. Systems, Equipment and ComponentsB. Test, Inspection and Production EquipmentC. MaterialD. SoftwareE. Technology

Categories

Product Groups

Most goods are not classified (EAR99).

34

Export Restrictions Vary by Country Cross reference ECCN with the Commerce

Country Chart

35

Embargoed Countries Have Additional Restrictions

Restricted Countries:– Cuba– Iran– North Korea– Northern Sudan– Syria

Restrictions vary by country The list is subject to change Export licenses are still permitted for some

categories, but very restricted.36

Restrictions Vary by Recipient Individuals and organizations may be prohibited from

receiving any goods from the U.S. or require a license. EAR99 goods or other goods not requiring a license are

restricted.Restricted Entity List (EAR Part 744 Supplement 4).Treasury Department Specially Designated Nationals

and Blocked Persons List.Unverified / Red Flag List.Denied Persons List.

37

Exports are Restricted by Use

EAR99 items and other categories are restricted by use:– Items used by parties involved in WMD are prohibited without a

license.– Nuclear uses.– Rocket propulsion systems.– Maritime nuclear propulsion.– Chemical & biological weapons.– Certain foreign vessels or aircraft.

38

Substantial Penalties for Non-Compliance

Criminal sanctions >$1 million Criminal penalties Revocation of export privileges Reference:

– http://www.bis.doc.gov/licensing/exportingbasics.htm– http://www.bis.doc.gov/licensing/bis_exports2.pdf

39

Foreign Corrupt Practice Act Prohibits illicit payments by U.S. companies to foreign

officials Prohibited Payments: It is unlawful to pay or offer

to pay “anything of value” to a “foreign official” to influence official action or to secure any improper business advantage in order to obtain or retain business.

5 elements: – Applies to any employee or agent of client in any location– Unlawful to offer, pay, or promise to give “anything of value”– The payment must be intended to induce misuse of an official position – To any foreign official or political party– To influence official action or to secure any improper advantage in order to

“obtain or retain business”

http://www.justice.gov/criminal/fraud/fcpa/guide.pdf 40

Prohibited Payments

Prohibited Payments: cannot offer, pay, or promise to give “anything of value”

– Cash– Services– Payment of Travel Expenses– Excessive Entertainment Expenses– Lavish Gifts– Favorable Loans– Charitable Contributions

41

Exceptions

Payment Lawful Under Foreign Law– Must be in the written law or regulations of the foreign country– Traditional, customary, or not enforced restrictions do not qualify

Reasonable Business Expenditure– To promote a business or product– Includes trip expenses, tours of company facilities, product

demonstrations and training– Must be reasonable and bona fide

42

Enforced by the SEC and DOJ

“it is difficult to envision any scenario in which the provision of cups of coffee, taxi fare, or company promotional items of nominal value would ever evidence corrupt intent”

“single instances of large, extravagant gift-giving (such as sports cars, fur coats, and other luxury items) as well as widespread gifts of smaller items as part of a pattern of bribes”

Helpful guide: http://www.sec.gov/spotlight/fcpa/fcpa-resource-guide.pdf 43

QuestionableLawful

FCPA Enforcement

Penalties may include substantial fines, debarment, disgorgement of profits, and prison

Recent enforcement actions:– Siemens (Iraq, Argentina, Bangladesh, Venezuela, Iraq, Israel,

Nigeria, Vietnam, China, Russia, Mexico) $800 million– Aibel (Nigeria) $4.2 million– AGA Medical Corp. (China) /$2 million– Con-Way Inc. (Philippines) $300,000– Faro Technologies (China) $2.95 million– Willbros Group (Bolivia, Ecuador, Nigeria) $32.3 million

44

Even Lawful Exceptions can be a Publicity Nightmare

NHS contractor hosts US junket for health staff

“ABOUT 150 hospital managers and medical staff were flown to the US, for a conference that included a 1980s-themed street party which was hosted by one of the biggest contractors in the National Health Service.

An entire street was cordoned off to allow guests to watch bands and sip free drinks at local bars last Tuesday. The event was hosted by X Vendor, which is bidding for NHS contracts worth hundreds of millions of pounds.

Some trusts sent as many as 11 staff for the four-day conference, with X Vendor paying for some of the flights and hotel bills in exchange for the trusts helping to develop and promote its technology. The total cost for flight and accommodation for the NHS staff was more than £150,000.”. 45

Domestic Anti-Corruption Rules also Apply

Most jurisdictions have statutes prohibiting bribery

Exceptions to the FCPA may be contrary to local law.

Training and compliance programs are critical.

46

47

What is Discovery? “Discovery” refers to the process of

compelling another party to provide information, which may include documents, during the course of litigation.

Gives litigants access to information relevant to the dispute.

Discovery requests may be very broad and burdensome, especially in business litigation.

Facebook postings and other seemingly private information can be within the scope of a discovery request.– Case discussion: Gatto v United

Airlines

48

Digital Discovery and Data Retention

Most new information is electronic. Companies need codified policies for retention of

digital and printed information or they could be overwhelmed by a discovery request.

Define retention periods based on legal, business, and personal obligations.

Must follow policies carefully. Third party solutions available.

49

Federal Rules of Civil Procedure For Electronic Discovery Implemented

12/06 Rules put in place process for party to

demand access to information that is claimed to be ‘burdensome to access and produce.’

Companies may have hundreds of unorganized legacy back-up tapes with year of e-mails and other information

New rules provide exceptions for good faith inadvertent destruction.

50

New Rules Harmonize Electronic Discovery Practices

Attorneys involved in litigation must address electronic discovery at the earliest stage of discovery planning.

New rules provide a framework for courts and easier guidance to assist clients.

51

Some Specific Requirements: Rule 26(a)(1)(B) changes ‘data compilations’ to

‘electronically stored information’.– (similar amendments to other rules)

Rule 16(b) amended to require that scheduling order may include electronically stored information.

Rule 26(f) requires parties to confer and discuss issues related to electronic information.

Rule 26(b)(2)(B) addresses the burden for data that is not readily accessible. Party receiving request must establish unreasonableness of request.

Rule 37(f) accommodates the accidental loss or destruction during a routine operation of electronic information if the party took reasonable steps for preservation.– Keep in mind other changes as well.– http://www.ims-expertservices.com/newsletters/nov/eddrules-111406.htm

52

Courts Have Defined Expectations of Digital Discovery

“Now that the key issues have been addressed and national standards are developing, parties and their counsel are fully on notice of their responsibility to preserve and produce electronically stored information.”– Judge Shura Scheindlin, Zubulake v. Warburg– Final jury verdict: $29 million.

Complying with digital discovery requests may be very expensive, time consuming and implicating.

53

High Profile Cases Have Led to Big Verdicts

Coleman v. Morgan Stanley: $1.45 Billion jury verdict for overwriting e-mails, failing to timely process backup tapes, failure to produce relevant e-mails and attachments.

U.S. v. Philip Morris , 327 F. Supp. 2d 21: $2.75 Million in sanctions for failure to follow order to preserve e-mails and other e-discovery violations.

54

In Re Information Management Services, Inc. Derivative Litigation

Case discussion: Digital discovery + employee e-mail privacy

+ attorney client privilege (oh my).

55

Meta-data May Be Critical Metadata = ‘data about data’ Metadata must remain intact:

– History (date of creation and modification)– Tracking (who created the document and where

does it reside)– Comments and annotation.

Metadata may leave an implicating trail. – Previously deleted text– Comments– Identity of those who worked on document– Dates and times of work.– Changes in date in Windows may not be the same

in the underlying DOS.

Electronic Discovery Can be Very Expensive

Average may be $1-3 million Litigants need efficient data search and

management strategies– Law firms bill for searches on an hourly basis

Data may not be in a common or searchable format

56

Data Security is a Relatively New Area of Liability

Company computers may house sensitive consumer data and trade secrets.

Failure to adequately protect consumer data has led to high profile settlements with the FTC:– Choicepoint: $15 million – TJX – BJs Wholesale Club– Hannafords – 3/08 - 4 million credit card numbers

compromised– Target

Failure to adequately protect trade secrets can also create a corporate disaster.

57

Sensitive Digital Data May Reside in Surprising Places

http://www.cbsnews.com/8301-18563_162-6412439.html

http://business.ftc.gov/documents/bus43-copier-data-security

58

Nevada SB 267 Was Passed in Response

Section 4 of this bill requires a business entity or a data collector to ensure that any personal information which is stored on the data storage device of a copier, facsimile machine or multifunction device in the possession of the business entity or data collector is securely encrypted or destroyed by certain approved methods before the business entity or data collector relinquishes ownership, physical control or custody of the copier, facsimile machine or multifunction device to another person. http://openstates.org/nv/bills/76/SB267/documents/NVD00008333/

59

Companies are Obligated to Protect Sensitive Data and

Report Breaches Most states require notification of residents if

personal data is compromised and many other states are not far behind.– Massachusetts 93H– http://www.mass.gov/ocabr/business/identity-theft/requirements-for-security-

breach-notifications.html

Hundreds of data breaches have been reported Reporting has led to bad publicity and fines. Marriott reported the loss of 200,000 names in

missing backup tapes. Some reporting requirements are exempted if the

data was encrypted.60

ID Theft Has Impacted Millions of Americans

U.S. consumers lost billions to identity theft in 2013

ID Theft consumes time and money. Consumers are more careful with their

personal information.– Vulnerable to phishing attacks– As safe as the company where they used their credit

card.

IRS Criminal Investigation Targets Identity Theft Refund FraudFS-2013-4, February 2014The IRS has seen a significant increase in refund fraud that involves identity thieves who file false claims for refunds by stealing and using someone's Social Security number.http://www.irs.gov/uac/Newsroom/IRS-Criminal-Investigation-Targets-Identity-Theft-Refund-Fraud-2014

61

Phishing Attacks Can Be Cleverly Disguised

62

Data Thieves Actively Target Websites and Corporate

Networks

May use e-mail viruses to crack networks

Target specific applications to get sensitive data– Once the perimeter security is cracked, the entire

network may be available.

Hijack remote computers to anonymously attack sites.

63

Reasonable Measures To Protect Sensitive Information

Policies– http://www.mass.gov/ocabr/docs/idtheft/compliance-checklist.pdf

Encryption Intrusion detection Firewalls Password protection Anti-virus programs Physical security of laptops and portable media.

64

65

Questions & Answers