Dallas Bar Association
HEADNOTES |
|
Focus | Employee Benefits/Labor & Employment Law
July 2022 Volume 47 Number 7
DBA Recognized by State Bar STAFF REPORT
At the State Bar of Texas Annual Meeting in June, the Dallas Bar Association accepted several awards for its programs and services. The DBA received the prestigious Award of Merit for outstanding services to its more than 11,000 members and to the community, which highlighted new programs such as the DBA COVID-19 Response Taskforce and Community Outreach, the quick transition to webinars during the pandemic, Virtual LegalLines, and the many additional member services offered. The Dallas Volunteer Attorney Program received a Star of Achievement for its Virtual Clinics, which were started during COVID with the help of Hunton Andrews Kurth. The Allied Bars Equality Committee also received a Star of Achievement for its outstanding programing in the past two years which aimed to
Focus
further the ideals the DBA and affiliate bars collectively to espouse and promote liberty, truth, fairness, justice, due process, and equality. In addition, Headnotes received an award for Best Series of Articles – Substantive Law in the January 2020 Intellectual Property/Science & Technology Law issue. The articles were written by Kevin E. Barnett and Ryan D. Marrone, of Ferguson Braswell Fraser Kubasta PC.; Chelsie Spencer, of Ritter Spencer PLLC; and Benjamin Nise, of Slater Matsil, L.L.P. At the annual meeting, Laura Gibson, of Houston, assumed the role as president of the State Bar, and Cindy Tinsdale, of Granbury, was elected SBOT president-elect. Chad Baruch, of Johnston, Tobey, Baruch, was elected Chair of the State Bar Board, and Paul Stafford, of Stafford Moore, PLLC; and Aaron Tobin, of Condon Tobin Sladek Thornton Nerenberg; were elected to the State Bar Board of Directors. HN
State Bar of Texas President Sylvia Borunda Firth, presents awards to (left to right) Past President Peter Vogel, President Krisi Kastl, and First Vice President Bill Mateja.
Employee Benefits/Labor & Employment Law
Employee Policies Are a Key Component of Sound Cybersecurity BY AMY E. DAVIS
“Cybersmearing” is the use of websites and social media to criticize companies and their executives. While cybersmearing may be a relatively new term to many legal practitioners, the U.S. Supreme Court in 1997 foresaw the writing on the message board wall. In Reno v. ACLU, Justice Stevens observed that with the internet “any person with a phone line can become a town crier with a voice that resonates farther than it could from any soapbox.” Today, cybersmearing is of increasing concern to corporations. Some of the nation’s leading companies have been targets of online criticism ranging from customer service complaints to accusations of fraud. This type of internet disparagement spreads instantaneously and, unchecked, can result in irreparable damage to a company’s reputation and financial health. Cybersmearing is only one form of cyberthreat. Businesses also must be on alert to cyberattacks such as ransomware, phishing, malware, and password hacking. • Ransomware is a malicious software designed to block a company’s access to its own computer system until a sum of money—a ransom—is paid. • Phishing describes a hacker’s attempt to get users to download a malicious link or file or give away sensitive information by pretending to be a trusted source or
contact. This can occur over the phone, by text or, most commonly, by email. The hacker may use an email address and caller ID that suggest the communication is coming from a reputable company or government agency. • Malware includes viruses, worms, or Trojan software surreptitiously downloaded to a computer when a user visits an unsecured website, unknowingly clicks on an infected link, or installs a malicious application. • Password hacking refers to the unauthorized use of a person’s password to gain access to a computer system or other sensitive information. Weak passwords or the reuse of the same password for multiple sites often makes a user vulnerable to this sort of cyberattack. The use of unsecured Wi-Fi networks, such as at airports or restaurants, similarly creates a password vulnerability risk. Both cybersmearing and cybersecurity attacks have serious consequences. Each year, businesses face devastating financial losses, disruption of business operations, and other harm as the result of these actions. Cyberattacks can also result in lost sales. According to a 2019 survey, as much as 81 percent of customers reported they would stop engaging with a brand following a data breach. Employment attorneys are often hired to help companies mitigate risks associated
with cyberthreats. Because employees are often the source of cybersmearing, companies will hire employment attorneys to prepare and implement company policies to deter employee cybersmearing activity. To be effective, the policy should at a minimum prohibit the disclosure of proprietary company information, unprofessional posts, unauthorized statements on the company’s behalf, or malicious criticism of the company and its employees. Careful crafting of such a policy is essential, as the National Labor Relations Board protects an employee’s right to discuss workplace conditions, and overzealous social media prohibitions may infringe this right. A robust social media policy should also require employees to notify management if they encounter rumors or any sort of negative information about their employer online. It is even better when the policy specifically identifies the manner in which employees can report information. Creating an option for anonymous reporting is ideal. Employment attorneys are frequently hired to address cybersecurity issues as well. To quote Pango CEO Hamed Saeed, “Your employees are your first line of defense.” Cybersecurity policies focused on employees is therefore important. A strict email usage policy can stave off cyberattacks. This policy should provide clear guidelines governing employees’ use of business email accounts. Per-
Inside 10 Counsel for a Post-Pandemic Future: Don’t Neglect the Past 16 Management Incentives in LLCs – Equity and Phantom Interests 23 Common Employment Law Mistakes Law Firm Make
sonal use of a business email address may make the account known and, therefore, vulnerable to hackers. Each company’s cybersecurity policy should identify common phishing ploys and ensure the policy addresses them. For example, employees should be required to verify the legitimacy of emails and attachments before accessing them. Explain the steps for verification, such as careful analysis of the sender’s email address. If the email purports to be from a reputable company but comes from a Gmail account or misspells the company name, it is highly suspect. Include instructions for handling suspicious email. Company email usage polices should further require the encryption and regular updating of passwords for any email accounts, other applications, and any device an employee may use for business. Encrypted passwords are burdensome but well worth the effort. Companies can provide password manager software that makes this protection manageable. These policies are only as effective if known and understood by employees. Be sure to hold employee training sessions to explain the policies and the reasons for implementing them. Employment attorneys can be a helpful resource throughout the process. HN Amy E. Davis is a Principal at the Law Center of Amy E. Davis, LLC. She can be reached at adavis@cdfirm.com.
Need Help? You’re Not Alone. Texas Lawyers’ Assistance Program…………...(800) 343-8527 Alcoholics Anonymous…………………………...(214) 887-6699 Narcotics Anonymous…………………………….(972) 699-9306 Al Anon…………………………………………..…..(214) 363-0461 Mental Health Assoc…………………………….…(214) 828-4192 Crisis Hotline………………………………………..1-800-SUICIDE Suicide Crisis Ctr SMU.…………………………...(214) 828-1000 Metrocare Services………………………………...(214) 743-1200 More resources available online at www.dallasbar.org/mentalhealthresources