40 minute read
IDEAS
Adapting to the Steady Elimination of “Silent Cyber” Coverage
DANIEL J. HEALY ANDERSON KILL
Advertisement
As insurance companies continue to look for ways to absolve themselves of liability for cyber-related losses, it is imperative that in-house counsel be well informed about all possible avenues of indemnity for their company. D ata breaches have made headlines for years. The marquee victims – or culprits, depending on your point of view – have been large retail-facing companies that have had millions of their customers’ personal and financial data records exposed by hackers. Banks and other financial institutions are also at a high risk of major losses from cyberbreaches because they inherently collect and store personal identification and financial information about thousands of people and businesses. In-house counsel have had to educate themselves about both the available cyberinsurance coverage and the indemnity obligations in the involved contracts. These policies and contracts transfer certain types of risks. A company’s insurance policies can pay for its own losses as well as its liabilities to others. Where robust indemnity agreements are in place, they can transfer the obligations to pay for such losses and liabilities to, or away from, the company itself.
Siphoning cyber coverage into specialty policies Cyber policies have proliferated over the past 15 years and now come in many varieties, providing different types of coverage. Some are stand-alone cyber policies with typical coverage for breaches, notification costs, data restoration, ransomware and other situations. Other policies are derivations of errors and omissions (E&O) policies that focus on the act or cause of a loss and extend coverage for data loss and liability to others. For years, other policies, such as general liability, property insurance, and directors and officers (D&O)
liability, have provided coverage for certain types of losses that stem from a data breach or other cyber loss. For example, a general liability policy might cover liability for property damage to another party’s physical property, including computer hardware. A property policy might cover the replacement of bank debit cards, as physical property damaged by a breach. D&O policies could be expected to cover the lawsuits that follow many data breach scenarios, when shareholders or regulators look to blame the victimized company. Insurance companies are now moving ahead with plans to eliminate the coverage found in these non-cyber policies. The insurance companies call such coverage “silent cyber.” This cynical misnomer casts the coverage that has always been found in those non-cyber policies, which is inherent in a plain-language reading of the policies, as if it were an unintended windfall for policyholders. On the contrary, that coverage has always been there, but now insurance companies are looking for ways to eliminate it.
Daniel J. Healy is a partner in the Washington, D.C., office of Anderson Kill, LLP. He is the deputy co-chair of the Cyber Insurance Coverage practice group and a member of the firm’s Insurance Recovery practice group. He previously served as a trial attorney at the U.S. Department of Justice, where he received numerous awards.
Indemnity agreements into the breach If insurance companies get their way and are successful in eliminating coverage that might apply to data breaches and other cyber losses from all non-cyber policies, then policyholders will have to look elsewhere to fully cover their cyber needs. Obviously, the coverage under a policyholder’s stand-alone cyber policy will be of key
Even if the indemnity provision that in-house counsel needs to rely upon is not ideal, there may still be ways to leverage it to mitigate the costs of a loss.
importance. But companies may also need to focus on indemnity agreements. Indemnity agreements can be found in a wide variety of contracts. In the realm of cyber losses, the companies most often involved are service providers that are instrumental in providing the services needed to gather, store, use or secure computer systems that hold data. Sometimes such agreements also involve the systems that are used to process transactions, as more and more transactions are being conducted fully electronically. For example, an agreement with a cloud service provider will likely include an indemnity agreement relating to all claims, causes of action, losses, damages and so forth. But what will the agreement actually do in the event of a cyber loss that emanates from its system but causes the theft or compromise of a client company’s data (which, in turn, is actually that client company’s customers’ or business partners’ data)? If the indemnity provision reads like the following, it is possible, depending on the facts, that the service provider will raise arguments that it does not need to provide the client company with indemnification.
Service Provider shall defend, indemnify and hold harmless Client … from and against any and all claims, demands, suits, judgments, losses, liabilities, damages, costs or expenses of any nature whatsoever … caused solely by any: (i) negligent act or omission of Service Provider, its officers, directors, agents or employees; (ii) failure of Service Provider to perform
the Services in accordance with generally accepted professional standards; or (iii) breach of Service Provider’s representations and warranties, agreements, duties or obligations as set forth in this Agreement.
Such a provision does require the service provider to indemnify the client. But depending on the facts, the question is when. It could be argued that the indemnity obligation would only arise once it has been established what was caused “solely by” the service provider’s negligence, breach of contract, or breach of warranty. If, for example, the breach of the service provider’s system led to a loss despite the service provider having strong security measures in place, that service provider might argue that the loss was not the result of its sole negligence. A slightly broader approach might be to have an indemnity agreement that requires the service provider to indemnify the client company:
from any and all liability, arising out of Service Provider’s negligence, whether it be sole or in concert with others, in connection with performance of the services described.
This language enables the client company to seek its indemnity rights whether or not it has been established that the service provider was the sole negligent party. In-house counsel should remember, while sifting through these obligations, that in the scenario described, the customers of the company looking to enforce the indemnity provisions against a service provider might be bringing lawsuits. Partner companies could also be threatening to pursue recovery against the company. Instead of fighting a war on multiple fronts, pursuing indemnity for claims it has to defend, the company
should know how it intends to hold a counterparty liable for the expected indemnity. Ideally, the indemnity will be a predictable and efficient way to assign risk. Even if the indemnity provision that in-house counsel needs to rely upon in a given situation is not ideal, there may still be ways to leverage the indemnity obligation and accomplish some transfer of the costs of a loss. For example, if indemnity is tied to particular “work,” “services” or “products” for which one party is clearly meant to be responsible, then parties may not need to spend the time and expense of waiting to litigate who caused what. Instead, they can resolve the indemnity issues quickly, because at least some liability is clear. Also, in-house counsel should look at the insurance requirements that counterparties must have, as well as, potentially, additional insured requirements. Often these insurance provisions go hand in hand with indemnity provisions and permit the company to pursue another’s insurance policies. In an environment where insurance companies are reducing liability for cyber-related losses by eliminating so-called “silent cyber” coverage, it is important to know how to use insurance provisions to access another party’s cyber policy. The sheer cost of data breaches has been studied extensively, and it is immense. It is not unrealistic that a breach could lead to losses that exceed the limits of a company’s cyber coverage. For that reason alone, as part of their company’s response plan, prepared in-house counsel need to have thought through potential avenues of indemnity and ways of tapping other companies’ cyberinsurance policies.
Choose Local Counsel with 5-W's-and-an-H Approach
ESCH MCCOMBIE MCNEES WALLACE & MURICK
When it comes to hiring local professionals – legal representatives or otherwise – asking six key questions will help make sure you get the best possible outcome. C hoosing local professionals to represent your company is part of entering a new market. When analyzing the situation, leadership might ask: “Why should we enter a new market?” or “Where should we go next?” Once answered, follow-up questions could include: “Who should lead our team?” “What will our business model look like?” “When should we enter?” And, of course, “How should we do it?” Those are all very important questions, but deliberately asking them together was probably not a technique taught to you in business school or law school. I think I am correct that famous Chinese military strategist and philosopher Sun Tzu did not specifically instruct leaders to ask “who, what, where, when, why and how” when planning an attack (or a merger). Stephen Covey gave us seven habits of highly effective people but did not encourage those six questions specifically. Motivational speaker Simon Sinek told us to ask “why” first, but even he did not discuss the importance of the other five familiar questions. In my case, it was my third-grade teacher, Mrs. Curry, who taught me the importance of the 5 W’s and an H (5W1H). I’m not here to one-up Sun Tzu, Mr. Covey or Mr. Sinek. Rather, I am merely encouraging you to take the same approach when engaging local professionals that you would when choosing a new market. For example: Why do you need local counsel for a certain project? What is the project? Where should local counsel be located? When should they be engaged? Who is the right choice to use as local counsel? How do you find the right firm? I am a land use attorney in Pennsylvania. My practice focuses on entitlements, approvals, and permits from
state agencies and local government. We are frequently engaged as local counsel to navigate the tangled web of authority in the Commonwealth. In Pennsylvania, local government includes 67 counties and 2,561 municipalities. Each municipality has its own land use regulations. Indeed, developing property in Philadelphia or Harrisburg is quite different than in rural townships. As a result, my practice provides a great foundation for exploring how the 5W1H technique we learned in elementary school can be applied to choosing local professionals for a new project. The example questions answered below focus on finding an appropriate local land use attorney. However, each could be applied to any local need. Unlike Mrs. Curry, who would have us start with “who,” or Mr. Sinek, who would have us start with “why,” our approach must start with “what.”
What Is the Project? You must understand the scope of your project. For example, obtaining approval for a professional office probably has fewer hurdles than obtaining similar approvals for a warehouse or a high-traffic drive-thru restaurant. In the first case, you might start by engaging a local civil engineer to put together a land development plan. Once completed, you might determine that the approval process is straightforward and unlikely to meet opposition, such that local counsel is not needed at all. Conversely, you may know that some residents are likely to oppose your pipeline, shopping center or casino. Perhaps they may even actively protest against it. In that case, you will undoubtedly want local land use counsel to represent you.
Why Is Local Counsel Needed? Why do you need local land use counsel for this project? As mentioned above, if the project is likely to be opposed, you will need local counsel to control the
process. Local counsel can help ensure that your application is compliant with local rules and regulations. Local counsel also can keep the municipality and the opposition in check should they attempt to work outside of legally required processes. Sometimes, local counsel is helpful simply because of their contacts. Land use attorneys spend a significant amount of time educating and engaging with elected officials and municipal staff. By building these relationships, we get to know the individuals in local government, who come to trust us and consider us experts. Those relationships take time to build, but they make the approval and permitting process much smoother when we submit a challenging project. Alternatively, your engineer might inform you that you need zoning relief from the local zoning hearing board or the governing body. As with any hearing or legal procedure, you will want competent counsel to represent you.
Where Should Local Counsel be Located? Put simply: close to the project. Although “close” is a relative term, it is an important one for three reasons. First, most small, rural municipalities are uncomfortable, if not threatened, by “big-city attorneys.” (Although, there may be times where that is exactly what you want.) Conversely, even the best rural land use attorneys know better than to work inside the limits of major cities, because city politics and processes are just different. Therefore, finding local land use counsel near the project – or from a similar locale – is important. Relatedly, counsel located near the project are more likely to already have a good rapport with the municipality’s governing body and staff. The concept is similar to how a litigator who has been before a certain judge on multiple occasions comes to learn the judge’s thought process. Local counsel understand the hot-button or target issues in the municipalities where they work. In addition, you gain instant credibility by association and can avoid pitfalls that might not be so obvious to an “outsider.”
Who Should You Engage, and How? You need local counsel who can provide you with the benefits listed above at a cost that fits your budget or cost structure. Therefore, when interviewing a firm, ask how many projects they have worked on in the municipality and the outcome of those projects. Also ask about the firm’s land use bench. Land use is a niche practice and, at least in Pennsylvania, it requires attor-
neys to attend evening meetings. You want to be sure that the firm you choose has the depth and contacts to get your approval. You also want to be comfortable that you will have legal representation if one of their attorneys has two or more conflicting meetings on the same night. Accordingly, finding a firm with a deep land use bench is vitally important. But how do you find that firm? Google only gets you so far. I suggest reaching out to contacts in the project’s region to ask if they know which is the “go-to” firm. Another good option is contacting associations to find out who the best land use attorneys in the area are. For example, if your project is in a township in Pennsylvania, you could reach out to the Pennsylvania State Association of Township Supervisors for a referral. Alternatively, if your usual outside counsel is a member of ALFA International (a lawyer referral group), they probably can get you in touch with a local firm of the same general size and caliber that you are used to working with. Finally, it might be appropriate to contact the municipality to ask who the staff recommends. It is often the relationship between municipal staff and the land use attorney (or other land use professionals) that makes or breaks a difficult project. When Should You Engage Local Counsel? Depending on your project, this question could be as important as “who.” I am biased, but I recommend bringing in local land use Esch McCombie practices in the McNees Real Estate and Pipeline & Oil/Gas Infrastructure practice groups. He focuses his practice on land use matters, including obtaining permits and approvals at the municipal, county and state levels. Using his experience and relationships, he reaches favorable outcomes for clients in matters involving zoning, subdivision, land development, stormwater, noise and traffic, among others.
counsel early in the process. It should be no surprise that the legal cost to file, litigate and win a land use appeal is much higher than the cost associated with the preceding application process. Moreover, the potential negative publicity often is worse with litigation. Win early, for less. Local land use counsel should be consulted the moment you perceive a problem. If you know your project will face opposition, you should engage local counsel before your engineer or architect puts pencil to paper. By working with the other professionals on your team to put together a plan, local counsel can help to significantly reduce required zoning relief and limit potential reasons for denying your plan. Additionally, and if necessary, local counsel can recommend the best local government relations, grassroots and public relations groups, so that you do not find yourself behind the eight ball if social media explodes. Conversely, if your project is innocuous, you might delay bringing in local counsel until your engineer completes a first draft of the plan. Next time you have an issue in an unfamiliar market, pause and work through the what, why, where, who, how and when.
Conclusion The 5W1H of choosing local professionals is important. The next time you have an issue in an unknown market, I encourage you to pause and take some time to work through the “what, why, where, who, how and when” questions discussed above. While Sun Tzu, Mr. Covey and Mr. Sinek didn’t specifically implement a 5W1H approach, I’m certain that they and (your) Mrs. Curry would agree that a deliberate approach to choosing local professionals is a best practice.
As ADR Continues to Surge, the Experience Of the Mediator and Arbitrator is the Key Differentiator
Hon. John DiBlasi is a highly sought-after mediator and arbitrator who has been with NAM (National Arbitration and Mediation) for more than a decade. Here, he discusses his extensive career experience and what it’s like to work for one of the true pioneers in the field of alternative dispute resolution.
CCBJ: NAM is a pioneer in ADR. Over the last several years, the company has grown tremendously. What are the biggest changes you’ve seen during your time with NAM?
John DiBlasi: The first thing I should point out is that when I started in the legal profession 40 years ago, mediation was nonexistent. And 28 years ago, when Roy Israel started NAM, he had incredible vision. Roy was able to see that there needed to be some viable alternative for resolution that was more efficient than the justice system. The theory was that if you could bring the parties together to discuss a settlement with a neutral third party assisting in the negotiation process, it would result in the savings of time, money and the ability to control risk. His foresight was incredible, as very few people were utilizing mediation or arbitration at that time. His efforts resulted in NAM becoming a major player in the field of ADR. Eleven years ago, I decided to devote my practice to ADR, as an arbitrator and a mediator. I met with Roy at NAM and discussed what was then the serious decision to give up my private practice. It was a leap of faith, but it was the best career decision I’ve ever made. I’m incredibly proud of my affiliation with NAM because of what it stands for as a company and as a preeminent provider of ADR services. To give you an idea of what it was like a decade ago, when I started with NAM, we would have attorneys come in who had never mediated a case before. I would hear the same refrain: “I don’t understand the benefit of this process, Judge, what’s the point of it? I’m a trial lawyer. I try cases. I’m not interested in settling them. I just don’t see how this process could possibly work.” I heard that in the early years many times. Attorneys simply didn’t understand what ADR is, or its utility. Over time, through word of mouth and outreach, through continuing legal education, the process gained what is now widespread acceptance. The savings of time and money is probably the most significant factor in ADR becoming as popular as it is now. Litigation is incredibly expensive. The prospect of being able to avoid a lengthy trial with a jury that can be very unpredictable became appealing. Save time and expense, while reducing risk. Another factor that started to turn more corporations toward mediation and arbitration, but particularly mediation, was the financial crisis. Businesses started taking a harder look at litigation costs and realized that ADR was a way of substantially reducing them. Caseloads in court systems everywhere, no matter where you happen to be practicing, have increased dramatically. Judges are overworked, court staff are overworked, and there is a reticence on the part of the government – be it federal, state or local – to continue to pour resources into the judiciary. So what’s happening is that over time, because of its cost-effectiveness, plus The Honorable John P. DiBlasi has an illustrious career that includes 10 years spent as Justice of the Supreme Court, Commercial Division where he resolved hundreds of matters. As a full-time neutral with NAM, his ADR practice encompasses a wide and varied range of cases. Reach him at www.jdiblasilaw.com
the savings in time, and the fact that people just do not want to take a risk in court, mediation and ADR in general have exploded, and now more and more people are inclined to take a shot at it.
Let’s talk a bit more about how ADR has expanded and evolved. What are some things that our readers may not know about ADR that they should know, especially as applies to NAM?
In terms of the process itself, NAM is unique as an administrator of the ADR process, whether it’s mediation or arbitration. Parties have a choice when they enter into a contract. They can have it written into the agreement that ADR is a requirement before the parties can enter litigation. They can also specify in the contract that they will use an ADR provider, and even agree that they will use a certain panel. It’s being built into contracts more and more. As a general comment, as a neutral, one thing that I would say right off the bat is that if you’re signing a contract, and mediation or arbitration are mandatory before you litigate, it would be foolish not to designate a specific ADR provider in the agreement. The reason for that might be obvious: Once you are already in conflict, attempting to reach an agreement with respect to the administration of the
process and the selection of the arbitrators or the mediator is going to be difficult. When it comes to specifying that ADR provider, you should make sure to select a first-rate company like NAM to administer the process. NAM’s experienced team of schedulers, account executives and paralegals will save you a lot of time, money and headaches by handling all of the details involved in coordinating a mediation or arbitration. The process is going to go more smoothly. If you’re using a provider like NAM, it’s going to be done efficiently.
What are some of the things you like most about NAM and the way it conducts its business?
Well, you need an ADR provider that understands your needs, number one, and also has the facilities, technology and staff to make your life easy. The other thing about NAM that is unique is the corporate culture, in that there is very little turnover in terms of the people who work for the company. There is a great deal of institutional knowledge among the employees. And the evolution of NAM is really the evolution of the ADR process itself. As a company, NAM understands the needs of its clients, it understands the needs of its mediators and arbitrators, and there is incredible attention to detail in terms of coordination. The entire organization is committed to ensuring that everything is done in an efficient and cost-effective way, which is critical to the ADR process.
You were a justice for the New York State Supreme Court Commercial Division and Civil Division for 10 years. How does that experience help you when you’re mediating or arbitrating a case?
that you were a judge. A lot of people laugh when I say that, but I’ll give you an example. When you’re a judge, you have numerous tools at your disposal to compel a settlement or to strongly encourage it. You can accelerate discovery, you can accelerate motion practice, you can accelerate the trial date. As a mediator, while the skill set is very similar to a judge’s in many ways, it’s a different process. My personal style is to very carefully evaluate the case, which involves a lot of preparation, and come in with a game plan in terms of how I’m going to try to move the parties toward a settlement. While I always remain flexible in advance, I try to have various alternative resolutions in mind. But I also listen carefully during the mediation and want to make sure that everybody gets heard. You cannot rush the mediation process. For the parties to accept a compromise, there must be enough time for them to back off from their original positions. They must be given room to accept the fact that they’re not going to get exactly what they want, while also feeling like they’ve had the opportunity to do as well as they possibly can. You must understand that time is a critical element. People who are accepting a compromise often feel like they’re losing face. They need the time to change their position without feeling like they have lost respect. I always tell parties, “I’m not here to tell you to accept or reject a settlement or to give you legal advice.” Strong-arming people never works. Pushing people hard, the way a judge might, never works. This is a process of facilitation, evaluation and diplomatic persuasion.
How do you see technology playing a role in the future of ADR?
It’s fascinating to me the way the technology has evolved over the years. At NAM we have tech people who are there to support the process in advance and on
a moment’s notice if need be. I was involved in a long, complex arbitration where I had to go from New York to Los Angeles for extended periods. Through the use of technology, we were able to conduct preliminary hearings, hear motion arguments, and take testimony by videoconference – dramatically reducing the amount of time that had to be spent in L.A. In much the same way, you may have a mediation that’s taking place in New York, and you have interested parties who are in other parts of the world. The technology that NAM has enables us to videoconference people in so that they can all participate without traveling. It may sound like a relatively simple thing, but it’s an enormous savings in terms of time and money. I think the use of that kind of technology is just going to continue to grow.
What trends do you see for ADR in 2020 and in the upcoming decade?
The biggest trend I foresee is continued growth in the use of both mediation and arbitration. You’re going to see more and more companies include ADR provisions in their contractual agreements – and selecting a top ADR provider, such as NAM, from the outset. I also believe that the use of technology in ADR, both to reduce costs and to include parties who otherwise could not be present, will help to dramatically increase the use of ADR overall. Ultimately, what you hope to do in business is preserve your relationships, but in the event that you cannot, you want to control litigation costs and reduce risk – and ADR is the way to do that.
Drone Technology Soars to Dizzying Heights Despite the Drag of Regulatory Uncertainty
Jennifer Richter is a partner at Akin Gump with an extensive background working in technology, media and telecommunications. Here, she discusses the innovative world of unmanned aerial vehicles, including the nascent regulatory landscape around this technology and the cooperative effort that will be needed to move it forward.
CCBJ: Please tell us a bit about your background and the focus of your practice?
Jennifer Richter: I love technology. Most of my legal career has been spent solving regulatory and legal puzzles presented by new innovations. When I started my law career almost 30 years ago, I wanted to work with companies that deliver communications services to the public. I caught the media bug during my first broadcast regulation course. When I finished my law degree, I was lucky enough to land a job at a small communications boutique in Washington, D.C. I was hired into their weird new “wireless” practice. This was 1991. The wireless industry didn’t really exist then. Wireless licenses had just been lotteried by the FCC, and there were no wireless networks or cell phones, apart from huge car phones. From that moment on, I’ve worked with companies that have built our nation’s wireless networks, and companies that are inventing new technologies that rely on, or interact with, the wireless networks. This is where unmanned aircraft systems (UAS) comes into the picture. Years ago, when Amazon first indicated they would deliver packages using drones, a group of us met with them to discuss representing them in Washington and working on new drone policies to enable their goals. We discussed many issues, of course, but the issues I focused on related to communications, navigation and surveillance capabilities for UAS.
Questions like: How would remote pilots connect with drones and how often do they need to be connected? How would drones identify themselves while in flight? How would drones connect with each other and avoid colliding? How would drones connect with a low-altitude traffic management system? Their idea from the start was that UAS would rely on today’s commercial wireless networks to support their communications functions, and this made a lot of sense. Wireless networks provide coverage and service to high-rise buildings more than 400 feet above ground level, and this is the airspace in which many small drones will operate. Use of the wireless networks was theoretical then, but today it is widely acknowledged. Even if there are details to work through, ultimately wireless networks will support UAS communications for many different types of drones and many different functions. Those functions include command/control links for drones, remote identification and tracking capabilities, collision avoidance, and real-time transmission of sensor data, videos and photography. All of these functions require spectrum. Regulators and the aviation industry increasingly recognize that traditional aviation air traffic solutions will not be able to satisfy all of the communications needs of UAS. Leveraging existing wireless networks, we are working on new solutions and options for command and control, detect and avoid, and connections to a UAS traffic management system. A lot of testing and standards-setting work is underway to validate this, while some rulemakings at the FAA and FCC are starting to touch on the issue. Various groups are hard at work on standards and policies that will enable commercial wireless networks to support UAS, including the International Telecommunication Union (ITU), Drone Advisory Committee, CTIA, 3GPP, RTCA, ASTM, and ANSI, among others. Apart from the communications issues, our Advanced Aviation Practice at Akin Gump is hard
at work with the major drone innovators, railroads, utilities, insurance companies, entertainment companies, wireless carriers, semiconductor companies, and major aircraft manufacturers on their use of UAS and urban air mobility or advanced air mobility (UAM or AAM) technology for their business plans. UAM/AAM refers to automated air taxis, essentially drones with passengers.
What is the current state of the regulatory landscape related to the UAS industry? Specifically, what are some of the privacy and safety issues we are facing?
First, let me clarify some of the acronyms used to describe this brand-new set of aviation innovations, as it can get confusing. A drone, an unmanned aircraft, and a UAV are the same thing – they are remotely piloted aircraft, highly-automated autonomous devices or vehicles in the sky. The UAS or Unmanned Aircraft System is more than just the drone. It is the drone, the remote pilot, ground station and the communication links and other components that control the drone. My work for the UAS industry largely involves the communications links to and from the drone, and the systems that support it. But the most exciting innovation of all, for the future, will be UAM/AAM – passenger air travel on unmanned vehicles. UAM/AAM will enable a third dimension of passenger air travel that doesn’t exist today, alleviating congestion on roads and enabling better access to desired locations where people want to live and work. Where are we on drone regulations today? There are big gaps that needs to be addressed. Aviation regulation continues to lag behind the capabilities of UAS technology, and more needs to be done on that front – and faster – without compromising safety. Our government knows that and is working on it but the process is slow. The trouble is that entirely new regu- lations are needed for many different components of the UAS ecosystem. For example, we need regulations to enable a remote identification system for UAS. We need regulations to govern collaborative UAS traffic management services that will largely be run by private industry. We need regulations for type certifying the various types of unmanned aircraft. We need regulations for routinely approving advanced UAS operations, such as flight beyond visual line of sight (“BVLOS”), flight over people, and package deliveries by drone. We need regulations for counter-UAS authorities and technologies. We need regulations to protect critical infrastructure from drones. Some think we need privacy regulations related to the capture of information by UAS. We also need the involvement of local cities and communities to develop “smart city” infrastructure, so that there is a robust communications system deployed on the ground that can support all these innovations in the air. Resolving these myriad issues will enable UAS innovations, real and anticipated, across numerous industries, including oil and gas, agriculture, entertainment, real estate, and insurance, including multi-modal transportation, to name just a few. But new regulations take time to develop through the collaboration of all stakeholders, including industry, public interest groups and communities, aviation regulators and the security community. Many federal regulators are involved including the Department Jennifer Richter, a partner with Akin Gump, has represented technology and communications companies and investors for nearly three decades. Previously, she was vice president and general counsel of a wireless communications company. Reach her at jrichter@akingump.com.
of Transportation, FAA, FCC, the Department of Homeland Security, the Department of Justice, the Department of Defense and others. It is not a small task to bring forward a framework that will enable safe and secure deployment, use and integration of UAS in the airspace. In the absence of a complete and finalized regulatory system for various types of UAS, the FAA and industry are trying to accommodate requests for UAS operating approval, and for type certification of UAS, with existing aviation regulations that are largely inapplicable. For example, Google’s Project Wing requested more than 100 exemptions to FAA regulations in order to get their Part 135 application for drone package delivery approved. This laborious approach is obviously not sustainable for an entire industry, or the FAA, over the long term. At Akin Gump, we have developed an interactive database that studies requests for advanced operation authorizations and how the FAA has previously addressed those requests, including requests for Part 135 authorization for package delivery, and requests for authority to fly BVLOS or over people. We are using this tool to help clients successfully navigate a path through the FAA until new policies and procedures are in place. For its part, the FAA recently released a new rulemaking to issue type certificates for individual unmanned aircraft designs heavier than 55 pounds that will be used for package delivery. Comments in response to that rulemaking are due in early March. This is good progress in the right direction.
All that said, what changes do you anticipate in terms of government regulations?
There are many, many changes, recommendations, rulemakings and new regulations coming for UAS, in 2020 and 2021. Right now, we are in the middle of the Remote Identification rulemaking for UAS with the
Urban Air Mobility, which some are now calling Advanced Air Mobility, will enable a third dimension of passenger air travel that doesn’t exist today, alleviating congestion on roads and enabling faster access to desired locations, where people want to work and live.
FAA; the public comment period closed after receiving over 50,000 comments. Apart from enacting Part 107 regulations in 2016, that enabled commercial, visual line of sight use of small UAS, the Remote ID rulemaking is the most critical one for the UAS industry. Our security agencies have held the FAA back from adopting advanced regulations for UAS that will enable BVLOS flight and flight over people, until there is a workable system for Remote ID. Estimates suggest that it may be a few years before we have a working Remote ID system in the field. The FCC and FAA also are engaged in rulemakings that will allow them to make recommendations to Congress under Section 374 of the FAA Reauthorization Act about viable spectrum solutions for command and control of UAS. That report is past due, but is likely to be made in coming months. The FCC also may initiate a rulemaking to establish service and technical rules for the 5030-5091 MHz band, to make it available for command and control of UAS. The FCC also is considering rules for the 5.9 GHz band, the intelligent transportation spectrum, which can be used for vehicle-to-vehicle (“V2V”) communications for cars on the ground, and aircraft. This band may be opened for unlicensed/Wi-Fi use, in part, and the aviation industry plans to weigh in with the FCC to ensure the final plan for the band continues to support aircraft use for V2V. This use case has
already been studied by NASA as part of its progressive testing of a UAS traffic management system. In addition to the current rulemaking for type certificates for package delivery drones that are heavier than 55 pounds, the FAA has tentatively scheduled rulemakings this year that will enable UAS flight over people, and flight beyond the visual line of sight. A rulemaking to protect critical infrastructure from drones under Section 2209 of the FAA Reauthorization Act also is scheduled to commence. It would be very encouraging if all of these rulemakings were issued in 2020. However, it’s possible that a number of them will be postponed to 2021.
What kinds of law enforcement activity are you seeing? How are you advising clients to stay on the right side of enforcement activity?
Probably the most asked question by our clients is “What can I do about the drone that is flying over my confidential business operations?” Industry is concerned about unauthorized drones surveilling their operations. The answer, unfortunately, is not much. It is a federal crime to take an aircraft out of the air, and drones are classified as aircraft. A number of agencies now have counter-UAS authority under Title 18 of the U.S. Code, including the Department of Justice, Department of Defense, Department of Homeland Security and Department of Energy. But unless and until Title 18 authority is expanded to include local law enforcement and certified members of private industry, such as representatives of critical infrastructure, which requires legislative action, it will be extremely difficult to protect private property and facilities from the presence of unwanted drones. Similarly, jamming technologies cannot be used by civilians to disrupt the communications links of a drone in order to disable it. Only the government has the authority to employ jamming technologies. In order to protect private operations, a company could post signage to try to create a “no drone zone,” employ acoustic detect-and-avoid technologies to determine when an aircraft is heading toward their property, and use “attack dog” drones to try to back unwanted drones away from the property. Beyond these, lawful methods of protecting one’s property from drones are limited today. There are a number of bills pending in Congress that seek to address UAS issues, including security threats posed by drones. One of those bills is the DHS Countering Unmanned Aircraft Systems Coordinator Act, which is pending in both the Senate and the House. Congress also has recognized the need to protect some critical infrastructure from drones, but it has yet to implement those protections. In 2016, Congress included Section 2209 in the FAA Extension, Safety, and Security Act of 2016. As written, Section 2209 requires the FAA to establish a procedure for “operators or proprietors of fixed site facilities” to apply for a designation that would “prohibit or restrict the operation of unmanned aircraft in close proximity” to fixed sites identified in their application. That provision required FAA action by January 15, 2017, but there has been no public progress toward implementation. In our view, implementing Section 2209 in a manner that leverages the specialized knowledge of the owners and operators of critical infrastructure is essential to ensuring safe UAS operations around those facilities. We believe the FAA is presently working on a proposed rulemaking to implement Section 2209.
These are exciting and challenging times for technology and aviation. The advances that are being made will change how all of us live and work, hopefully for the better. Finding the right regulatory balance that will safely enable these innovations for all stakeholders will preoccupy our work for many years.
The Business Case for a Diverse Supplier Program
Debi Mitchell and Kelly Atkinson of Barnes & Thornburg discuss the wide-reaching benefits of deploying diversity and inclusion outreach throughout a company’s full supply chain.
CCBJ: What is supplier diversity, and why is it important?
Kelly Atkinson: Supplier diversity means having diversity among the people, vendors and business partners that provide the various supplies and services your company procures. If your organization is committed to diversity and inclusion, that commitment should include supplier diversity. At Barnes & Thornburg, our long-standing commitment to diversity and inclusion is one of our core values. We want to make sure that, as part of our strategic platform and operations, we are living those core values, and that includes the choices we make about our suppliers.
Debi Mitchell: It’s always helpful to have a diverse supplier pool, and we encourage the companies we work with to support that goal as we go forward.
How can organizations work to extend diversity and inclusion efforts beyond simply recruiting and retaining diverse talent?
Atkinson: At Barnes & Thornburg, diversity and inclusion permeate every aspect of our operations. We include supplier engagement as part of that. It says a lot when you put your money where your mouth is. When others can see that it’s genuinely a big part of your culture, including the way you work with your vendors and suppliers, it has a real impact.
Mitchell: As members of the business community, organizations can keep a lookout for diverse suppliers and vendors to help expand their business’s vendor pool.
What are the keys to success when building and launching a program?
Mitchell: First, identify and put together your goals. Identify your existing pool of suppliers and vendors to see how diverse the group is. Then explore opportunities to identify diverse suppliers and vendors through networking, educational opportunities and client engagements. As you put your program together, make sure that you account for the scope and breadth of your company. Because we have 18 offices, our program needed to work across the U.S., so we included various geographic business areas and products and services tailored to departments throughout our firm. In addition, you need to have top-down buy-in from leadership. We were fortunate that our management committee supported us throughout the development of the program.
Atkinson: With any project, you want to make sure that you’re working with all of the relevant departments and within your organization’s internal controls. You need to incorporate every piece of that structure and draft communications ahead of time, so that things don’t
Debi L. Mitchell is the director of office operations at Barnes & Thornburg, overseeing the firm’s facilities and support services needs. She helps implement firmwide polices concerning operational matters, including document management and disaster recovery, approving firm-wide operational contracts and agreements. Reach her at Debi.Mitchell@btlaw.com.
slip through the cracks. In our case, it was eye-opening how many pieces of our business were affected by this program, because its implementation was both internal and external. You want to be clear about your vendor expectations from the outset as well. One final point: Test and test, and test again, so that you can knock out all of the kinks. You will find lots of
— KELLY ATKINSON
them as you develop the program and engage different users throughout the firm.
What is the business case for implementing a diverse supplier program?
a business case at a lot of companies. At our firm, it truly makes us more thoughtful in our buying decisions and how we engage with our business partners, and that ultimately helps us best serve our clients. One of the big goals of our program is to help us do better to benefit our clients; our diverse supplier program helps us do that.
How can external and internal legal teams work together to engage in diverse procurement?
Atkinson: We can hold each other accountable. For example, we can create reports to show who does the legal work for our clients, which is especially important if they’ve requested diverse teams from the start. Outside counsel can even hold us accountable by asking questions on requests for proposals about our diverse supplier program, which we’re happy to report on because we’re proud of what we’re doing.
Kelly Atkinson is an office administrator with Barnes & Thornburg. She works with the firm’s diversity, development and inclusion director and the diversity and inclusion committee to develop and execute new programs, events, and initiatives to promote the platform of talent sponsorship, integration with the business, and culture. Reach her at Kelly.Atkinson@btlaw.com.
Mitchell: As external and internal legal teams look for expertise to help them in their endeavors, you will want to regularly remind the teams of diverse resources that have been made available. As groups find more and more diverse suppliers, it will be important for the new suppliers be added to the pool of vendors. It only
— DEBI L. MITCHELL
takes one person in a group to help the team engage in diverse procurement. Another opportunity would be to provide educational forums for disadvantaged business enterprises. Small businesses that are owned and managed by women or minorities would benefit from the networking that’s provided, while taking advantage of the educational opportunities.
What aspect of the program might be a surprise to our readers?
Atkinson: A big part of the diversity program that we thought was important – on top of tracking where we spend money and how we make buying decisions – is that we want to ultimately create opportunities to help diverse business enterprises, either by aiding in the certification process, or by creating educational opportunities to help them win more business on their own. We want to use the resources we have within the firm to help businesses succeed, beyond just our spend.
Mitchell: Although creating the program takes quite a bit of time, it really brings attention to how important it is to do the legwork and continue to communicate in order to have a successful program.
