Today's General Counsel, V13 N1, February/March 2016 by Today's General Counsel

feb / mar 2016 VOLUme 1 3 / NUmber 1 todaysgener alcounsel.com

your

Know

workforce Big Data in Employment The Labor Relations Audit Tailor Compliance Training to the Job

Post-Employment Confidentiality, U.S. and Europe • The Precarious “Independent Contractor” Social Media Analysis for Investigations and Trials

CyBERsECuRiTy What Boards Need to Know • Information Sharing Under the New Cybersecurity Law • In-House Lawyers Meet IT Procurement How Law Departments Spend “Mooting” a Class Action

$199 Subscription rate per year ISSN: 2326-5000 View our digital edition: digital.todaysgeneralcounsel.com

20% 20% of of boards boards engaged engaged with with anan 20% 20% of investor of boards boards engaged with with anan activist activist investor inengaged in thethe past past year. year. 20% 20% of of boards boards engaged engaged with with an an activist activist investor investor in in the the past past year. year. YetYet 46% 46% of of boards boards have have nono plan plan activist activist investor investor in in the the past past year. year. Yet Yet 46% 46% of of boards boards have have no no plan plan forfor responding responding to to activists. activists. Yet 46% 46% of of boards boards have have nono plan plan forYet for responding responding to to activists. activists. 2015-2016 NACD NACD Public Public for2015-2016 for responding responding to to activists. activists. Company Company Governance Governance Survey Survey 2015-2016 2015-2016 NACD NACD Public Public Company Company Governance Governance Survey Survey 2015-2016 2015-2016 NACD NACD Public Public Company Company Governance Governance Survey Survey

qq qq qq

Don't Don't activate activate Don't Don't activate activate the the activists. activists. the the activists. activists. NACD NACD Governance Governance Reviews Reviews NACD NACD Governance Governance Reviews Reviews NACD NACD Governance Governance Reviews Reviews and and Board Board Evaluations Evaluations and and Board Board Evaluations Evaluations and andBoard BoardEvaluations Evaluations Build Build your your best best defense defense against against Build Build your your best best defense defense against against activist activist investors. investors. Build Build your your best best defense defense against against activist activist investors. investors. activist activistinvestors. investors.

Schedule Schedulea acall calltotodiscuss discussa aprogram programforforyour yourboard. board. Schedule Schedulea acall calltotodiscuss discussa aprogram programforforyour yourboard. board. Schedule Schedule a 202-572-2081 acall calltotodiscuss discussa aprogram programforforyour yourboard. board. Phone: Phone: 202-572-2081 Phone: Phone: 202-572-2081 202-572-2081 E-mail: E-mail: steve.walker steve.walker @NACDonline.org @NACDonline.org Phone: Phone: 202-572-2081 E-mail: E-mail: 202-572-2081 steve.walker steve.walker @NACDonline.org @NACDonline.org E-mail: E-mail: steve.walker steve.walker @NACDonline.org @NACDonline.org

Activist Activist investors investors don't don't just just Activist Activist don't don't just just attack attack ainvestors board's ainvestors board's strategy strategy and and Activist Activist don't don't just just attack attack ainvestors board's ainvestors board's strategy strategy and and processes. processes. They They also also attempt attempt to to attack attack a the board's aboard board's strategy strategy and and processes. processes. They They also also attempt attempt to to divide divide the board into into factions. factions. processes. processes. They They also also attempt attempt to to divide divide thethe board board into into factions. factions. divide divide the the board board into into factions. factions. NACD NACD governance governance reviews reviews and and NACD NACD governance governance reviews reviews and and board board evaluations evaluations help help youyou NACD NACD governance governance reviews reviews and board board evaluations evaluations help help you you protect protect your your company company by:by: and board board evaluations evaluations help help protect protect your your company company by:you by:you protect protect your your company company by: `` `` Benchmarking Benchmarking board boardby: `` ` ` Benchmarking Benchmarking board board practices practices and and processes processes `` `` Benchmarking Benchmarking board board practices practices and and processes processes practices practices and and processes processes `` `` Assessing Assessing boardroom boardroom `` `` Assessing Assessing boardroom boardroom communications communications `` `` Assessing Assessing boardroom boardroom communications communications communications communications `` `` Analyzing Analyzing board board strengths strengths and and `` `` Analyzing Analyzing board board strengths strengths and and committee committee composition composition `` `` Analyzing Analyzing board board strengths strengths and and committee committee composition composition committee committee composition composition `` `` Facilitating Facilitating dialogue dialogue and and `` `` Facilitating Facilitating dialogue dialogue and and creating creating action action plans plans `` `` Facilitating Facilitating dialogue dialogue and and creating creating action action plans plans creating creating action action plans plans NACD NACD helps helps you you build build your your NACD NACD helps helps you you build build your your best best defense defense against against activist activist NACD NACD helps helps you build build your your best best defense defense against activist activist investors: investors: a you unified aagainst unified board board and and best best defense defense against against activist activist investors: investors: a unified athat unified board board and and performance performance that fulfills fulfills your your investors: investors: agoals. unified athat unified board board and and performance performance that fulfills fulfills your your strategic strategic goals. performance performance that that fulfills fulfills your your strategic strategic goals. goals. strategic strategic goals. goals.

Problem solved. No matter how complex the legal challenge, our attorneys are up to the task. We’ll help you make the right moves and find solutions that work for your business. With fewer twists and turns.

Uncommon Value

ATLANTA

CHICAGO

DALLAS

DELAWARE

INDIANA

LOS ANGELES

MICHIGAN

MINNEAPOLIS

btlaw.com

Rubik’s Cube® used by permission Rubik’s Brand Ltd. www.rubiks.com

OHIO WASHINGTON, D.C.

feb / mar 20 16 toDay’s gEnEr al counsEl

Editor’s Desk

Those of a certain age can remember when data was a concept best exemplified by something called the IBM punch card, a piece of stiff paper with holes, used to “process” information that cool people called data. Now everyone knows about Big Data and its many uses, especially lawyers – or do they? In this issue of Today’s General Counsel, Scott Forman and Zev J. Eigen note that law departments are investing heavily in data analytics, but when it comes to using analytics creatively many of them are still in the punched-card age. In our Workplace Issues column, they discuss the often overlooked ways that data can be useful in compliance, and in litigation strategies if compliance is questioned. In our inaugural Information Governance Observed column, Barclay Blair sees a recurring problem: Many general counsel are not able to control their company’s data because they don’t know where it is, who takes care of it, or even the statutory requirements dealing with its retention. Some companies, though, are not only using their own data, but they’ve found ways to tap data from outside sources in order to analyze both law department operations and active legal matters. It’s called “legal analytics,” and Owen Byrd says it allows lawyers to make informed predictions about how litigation opponents, their counsel, and judges themselves will behave. In the IP area, Andrew N. Thomases and James L. Davis, Jr. write about developments in patent litigation to watch for in 2016. And for those who are looking to change jobs, Mirra Levitt writes about one of the last niches in the legal arena where the skills of a generalist are in demand: the startup. Law departments at startups usually consist of one person who

by necessity is a jack-of-all-trades who has to be willing to take on some non-legal work, as well. Sergio Marini, President of the European Company Lawyers Association, has a distinctly European take on legal ethics and the role of the legal advisor. He makes a strong argument that socially responsible policies and ethical business practices generate profits, and that the general counsel has a key role in making sure business is done in conformity with a wider system of social rules. He sees the attorney-client privilege as key to in-house counsel’s ability to perform that function. He also notes that such a privilege doesn’t exist under the laws of several European countries.

Bob Nienhouse, Editor-In-Chief bnienhouse@TodaysGC.com

feb / mar 20 16 today’s gener al counsel

Features

C o lu m n s

LEGAL ANALyTICS FOR STRATEGy AND CASE MANAGEMENT

Mark A. Cohen An increasingly necessary skill that’s not taught in law school.

Owen Byrd Mining data to inform legal and business decisions.

50 52 4

ETHICS HAVE CALCULABLE VALUE

WORKPLACE ISSUES Big Data in Employment

THE ANTITRUST LITIGATOR Effective Compliance Training is Tailored

Sergio Marini Credibility, efficiency and “the halo effect.”

SOCIAL MEDIA ANALySIS FOR INVESTIGATIONS AND TRIALS

56 60

HOW LAW DEPARTMENTS SPEND

TIPS FOR BRINGING yOUR IN-HOUSE ExPERIENCE TO A STARTUP

Joshua Rogaczewski What the recent Supreme Court decision could mean for class action defense.

Scott Forman and Zev J. Eigen Data trumps subjective assessment.

Jeffery M. Cross Different pitfalls for marketers and accountants.

Wendy Schmidt and Scarlett Kim From “the banal to the revelatory” and “the embarrassing to the indictable.”

IMPACT OF CAMPBELL-EWALD ON CLASS ACTION LITIGATION

THE LEGAL MARKETPLACE New Must-Have Legal Skill: Collaboration

INFORMATION GOVERNANCE OBSERVED Time for GCs to Step Up Barclay T. Blair Legal owns a data breach.

Lauren Chung Departments doubling down on cost management.

Mirra Levitt Only generalists need apply.

Page 48

for your buck . Ranked the number one law firm in Ontario in the 2015 Canadian Lawyer Regional Firms Survey. WeirFoulds is ready to hear from you.

Protect your future. Gain a competitive advantage. WeirFoulds llp.

416.365.1110 www.weirfoulds.com

FEB / MAR 20 16 TODAYâ&#x20AC;&#x2122;S GENER AL COUNSEL

Departments

Editorâ&#x20AC;&#x2122;s Desk

Executive Summaries

L ABOR & EMPLOYMENT

INTELLEC TUAL PROPERT Y

16 Courts and Regulators Scrutinizing Independent Contractor Relationships

22 Patent Litigation Developments to Watch in 2016

James R. Evans, Jr. Recommended practices to minimize risk.

18 Labor Relations Audit is a Good Management Tool Richard Laner Management can learn from a third-party inquiry, and so can a potential purchaser.

20 PostEmployment Confidentiality, U.S. and Europe Mark Saloman and Joanna Rich Key differences among countries, and from state-to-state in the U.S.

Andrew Thomases and James L. Davis, Jr. Two-part test for enhanced damages may be struck down. E-DISCOVERY

26 Big Data Can Be Asset or Vulnerability Adam Bowen Have effective data maps and defensible retention policies.

CYBERSECURIT Y

30 Legal and IT Procurement Must Cooperate David Ochroch Techies must slow down, lawyers speed up: In a fast-moving process, they need each other.

32 Board Responsibilities for Cybersecurity Robert Kurtz Set the tone and determine who has oversight. COMPLIANCE

28 Rule Amendment Encodes Proportionality

36 Information Sharing Under the New Cybersecurity Law

B. Jay Yelton III Will the burden of the proposed discovery outweigh its likely benefits?

Michael P. Hindelang Antitrust exemption and waiver of privilege guarantee.

Page 22

$110 BILLION

IN CLAIMS & COUNTERCLAIMS AdMINISTEREd IN 5 YEARS *

would you trust just anyone?

When everything is on the line, trust the leader in alternative dispute resolution (ADR) since 1926. The American Arbitration Association® (AAA®) has been entrusted to handle more “bet-the-company” cases than anyone in ADR today. We provide executive facilitation of your disputes by experienced leaders, and access to arbitrators and mediators who specialize in large cases. Meet your AAA executives at adr.org.

adr.org | 1.800.778.7879

editor-in-Chief Robert Nienhouse Chief operating offiCer Stephen Lincoln managing editor David Rubenstein

exeCutive editor Bruce Rubenstein

senior viCe president & managing direCtor, today’s general Counsel institute Neil Signore art direCtion & photo illustration MPower Ideation, LLC law firm business development manager Scott Ziegler database manager Matt Tortora

Contributing editors and writers

Barclay T. Blair Adam Bowen Owen Byrd Lauren Chung Mark A. Cohen Jeffery M. Cross James L Davis Zev J. Eigen James R. Evans, Jr. Scott Forman Michael P. Hindelang Scarlett Kim

Robert Kurtz Richard Laner Mirra Levitt Sergio Marini David Ochroch Joanna Rich Joshua David Rogaczewski Mark Saloman Wendy Schmidt Andrew Thomases B. Jay Yelton III

subsCription Subscription rate per year: $199 For subscription requests, email subscriptions@todaysgc.com

reprints For reprint requests, email rhondab@fosterprinting.com Rhonda Brown, Foster Printing

editorial advisory board Dennis Block GREEnBERG TRAuRIG, LLP

Dale Heist BAKER HOSTETLER

Robert Profusek JOnES DAY

Thomas Brunner

Joel Henning

Art Rosenbloom

WILEY REIn

JOEL HEnnInG & ASSOCIATES

CHARLES RIvER ASSOCIATES

Peter Bulmer JACKSOn LEWIS

Sheila Hollis

George Ruttinger

Mark A. Carter

DuAnE MORRIS

CROWELL & MORInG

David Katz

Jonathan S. Sack

DInSMORE & SHOHL

James Christie BLAKE CASSELS & GRAYDOn

WACHTELL, LIPTOn, ROSEn & KATZ

Steven Kittrell

MORvILLO, ABRAMOWITZ, GRAnD, IASOn & AnELLO, P.C.

MCGuIREWOODS

victor Schwartz

FTI COnSuLTInG

Jerome Libin

SHOOK, HARDY & BACOn

Jeffery Cross

SuTHERLAnD, ASBILL & BREnnAn

Adam Cohen

FREEBORn & PETERS

Thomas Frederick WInSTOn & STRAWn

Jamie Gorelick WILMERHALE

Robert Haig KELLEY DRYE & WARREn

Jean Hanson FRIED FRAnK

Robert Heim DECHERT

Timothy Malloy Mc AnDREWS, HELD & MALLOY

Jean McCreary nIxOn PEABODY

Steven Molo MOLOLAMKEn

Thurston Moore HunTOn & WILLIAMS

Jonathan Schiller BOIES, SCHILLER & FLExnER

Robert Townsend CRAvATH, SWAInE & MOORE

David Wingfield WEIRFOuLDS

Robert Zahler PILLSBuRY WInTHROP SHAW PITTMAn

Ron Myrick ROnALD MYRICK & CO, LLC

All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording, or any information or retrieval system, with out the written permission of the publisher. Articles published in Today’s General Counsel are not to be construed as legal or professional advice, nor unless otherwise stated are they necessarily the views of a writer’s firm or its clients. Today’s General Counsel (ISSN 2326-5000) is published six times per year by Nienhouse Media, Inc., 20 N. Wacker Drive, 40th floor, Chicago, Illinois 60606 Image source: iStockphoto | Printed by Quad Graphics | Copyright © 2016 Nienhouse Media, Inc. Email submissions to editor@todaysgc.com or go to our website www.todaysgeneralcounsel.com for more information. Postmaster: Send address changes to: Today’s General Counsel, 20 N. Wacker Drive, 40th floor, Chicago, Illinois 60606 Periodical postage paid at Oak Brook, Illinois, and additional mailing offices.

TodaysGeneralCounsel.com The newly redesigned website provides a daily glimpse of curated content from experts, consultants, law firms and other valued information sources.

T O D AY S G E N E R A L C O U N S E L . C O M / S U B S C R I B E

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Executive Summaries L ABOR & EMPLOYMENT PAGE 16

PAGE 18

PAGE 20

Courts and Regulators Scrutinizing Independent Contractor Relationships

Labor Relations Audit is a Good Management Tool

Restrictive Covenants in the U.S. and Europe

By Richard W. Laner Laner Muchin Ltd.

By Mark Saloman and Joanna Rich FordHarrison

A labor relations audit by an outside source can reveal what employees really think when they have no fear of reprisal, without creating unrealistic expectations. This information can be used on a confidential basis by senior management to design a labor relations program that increases productivity by maximizing employee satisfaction and reducing absenteeism and turnover. Importantly, a report by outside counsel is subject to attorney-client privilege, so it remains confidential to those limited few who review it. In a labor relations audit, outside independent persons who are sensitive to labor relations interview every member of management who has significant contact with employees. Interviewees are assured that they will not be identified as the source of any information. Thus, anonymity is preserved. The interview probes what the manager has heard about perceptions of subordinate employees on a wide range of subjects. When managers speak in confidence to the auditor they speak more freely than they would to their superior. Employees’ comments are not always based on facts or reality, but the interviewer makes no assessment of accuracy. If employees think there is a problem, then there is a problem. A labor relations audit may also be used to provide a potential purchaser with information essential to determine whether to pursue an acquisition or merger. Purchasers who want to know the facts about a target’s employee relations make an audit a pre-condition of the transaction, as an additional verification regarding the potential of the new operation.

U.S. courts generally enforce non-compete agreements, but the standards of enforcement vary from state to state. Only California, North Dakota, and Oklahoma do not enforce post-employment restrictions as a matter of law. Agreements governing confidentiality, customer non-solicitation and employee non-solicitation provide more targeted protection than non-compete agreements, and often are more palatable to reviewing courts. Non-competes must meet certain general requirements to be enforceable. Employees should receive something of value in exchange for the restriction, the covenant must serve a legitimate business interest, and the operative length of time and geographic scope of the restriction must be reasonable. In the United Kingdom, employees owe a duty of confidence not to misuse or disclose trade secrets, and that duty extends beyond the termination of their employment. Non-compete agreements are generally enforceable against senior executives or those in technical or R&D roles. In France, non-compete clauses must reasonably relate to the employee’s job requirements and must protect the employer’s business interests, and they cannot stifle fair competition. In Germany, to extend protections beyond the termination of employment, the employer and employee may agree to a restrictive covenant that protects a legitimate business interest of the employer and is reasonable in territory, time and scope. A narrow and precise restrictive covenant can target specific risks and protect a business’s valuable intangible assets, while minimizing undue impact on former employees.

By James R. Evans, Jr. Alston & Bird

Because of the potential for significant liability if an independent contractor is ruled to be an employee (e.g., unpaid wages, penalties, interest, attorneys’ fees), proper classification is very important for companies. Federal and state lawmakers, as well as regulators, have declared their intention to bring their resources to bear against companies that use the independent contractor label to skirt compliance with wage and hour laws and saddle workers with costs they maintain should be borne by their employers. Closely examine all independent contractor relationships, and consider using an arbitration agreement governed by the Federal Arbitration Act. Although there are numerous tests for determining whether someone is an independent contractor or employee, the determinative factor often comes down to how much control a company exercises over the manner and method by which services are provided. Companies should avoid retaining any right to discipline the independent contractor, retaining only the right to terminate the agreement. The contract should not impose a duty to comply with company policies. Company management should keep its distance from independent contractors and should not manage, supervise or direct them, or assign work other than a general description of duties. Company management should not be involved in the manner or method by which the work is done. Controls should be limited to ensuring standardized products and services and compliance with legal requirements. Examine the written materials provided to independent contractors and scrub them of indicia of control.

TODAY’S GENER AL COUNSEL FEB / MAR 20 16

Executive Summaries INTELLEC TUAL PROPERT Y

E-DISCOVERY

PAGE 22

PAGE 26

PAGE 28

Patent Litigation Developments to Watch in 2016

Big Data can be Asset or Vulnerability

Rule Amendment Encodes Proportionality

By Andrew N. Thomases and James L. Davis, Jr. Ropes & Gray LLP

By Adam Bowen DTI

By B. Jay Yelton III Warner Norcross & Judd LLP

Several developments in patent litigation could have a significant impact in 2016. Following the Supreme Court’s 2014 decision in Alice Corp. v. CLS Bank International, defendants have been successfully using the ruling to dispose of cases under Section 101 of the patent statutes. Decisions this year may cause the pendulum to swing back toward patent holders, as courts define the limits of the ruling. Pleading standards may be set to change as well. Recent amendments to the Federal Rules of Civil Procedure may have raised the standards for patent complaints to levels applied in other types of cases. These are known as the Twombly and Iqbal standards. District court decisions this year will set the tone for how the amended rules should be interpreted. The Federal Circuit’s current twopart test for enhanced damages based on willful infringement may be struck down. The Supreme Court is set to decide, in a pair of cases called Stryker and Halo, whether to reject the test currently applied by courts. The Federal Circuit is also set to decide whether to review en banc a split panel decision in ClearCorrect, which prevents the ITC from having jurisdiction over electronic transmissions of digital data. If this decision is upheld, it could have a significant impact on the number and types of cases brought before the ITC. The EU’s Unified Patent Court is set to go online in 2017, opening up yet another venue for patent litigation.

Big data can be tracked and analyzed to help understand customer habits, to customize solutions and products, and to leverage marketing efforts. Data sources often have tools for mining and using the data to the benefit of the company. But on the downside, email, memos, presentations and spreadsheets can accumulate in the routine effort to communicate. This data has the potential to become a pain point long after the end of its useful life by being pulled into review for a legal discovery request. The greatest challenge is unstructured data and email, and it is important not to let this become a problem. Planning ahead with an effective readiness plan has been proven to minimize risks, reduce cost and maintain defensibility. Even when a company is not fully prepared, it is possible to take advantage of discovery requests to get data in order and prepare for future needs. Having readiness plans – with retention policies – and leveraging technology to weed through data can minimize risk with a side benefit of reducing costs. Document review is usually the most expensive part of discovery. In some cases it accounts for more than 70 percent of total discovery costs. Leverage technology to defensibly reduce the number of documents going into review. If a company can make that reduction, it not only will save substantial review costs, but it will enable legal teams and outside counsel to more quickly focus their energy on relevant data.

Possibly the most important of the recent amendments to the Federal Rules of Civil Procedure relate to Rule 26(b)(1), which sets forth discovery scope and limits. The rule as amended states that the scope of discovery must be “proportional to the needs of the case.” Courts will consider the importance of the issues at stake, the dollar amount in controversy and relative access to information by all parties. Parties to litigation should not assume that to take advantage of this change they merely need to object to a discovery request as overly broad and disproportional. According to the recent amendment to Rule 34(b)(2)(B), grounds for an objection must now be stated “with specificity.” As a consequence, to justify a proportionality objection, a party must be able to demonstrate that the time or expense involved in responding is unreasonable in light of the benefits of the proposed discovery. Only in-house counsel can provide the necessary information to establish that their organization’s efforts to comply with discovery requests have been reasonable and proportional to the needs of the case, and that the cost of proposed discovery outweighs the potential benefit. In order to accomplish this, in-house counsel must have a good understanding of their data systems, discovery policies and practices, and electronic discovery capabilities, and they must be prepared to provide a detailed declaration of what is required to comply with discovery requests.

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Executive Summaries CYBERSECURIT Y

COMPLIANCE

PAGE 30

PAGE 32

PAGE 36

Legal and IT Procurement Must Cooperate

Board Responsibilities for Cybersecurity

Information Sharing under the New Cybersecurity Law

By David Ochroch International Business Software Managers Association

By Robert Kurtz Berkeley Research Group

By Michael P. Hindelang Honigman Miller Schwartz and Cohn LLP

Corporations trying to adopt best practices have evolved an interdependent and interdisciplinary arrangement, where IT Supply Chain, commonly called IT Procurement, becomes the front-end/ gating function for contract analysis. “Procurement” acts like paralegals, but with extensive training in supply chain disciplines and contract drafting. To properly fulfill its mission, procurement also must have specific IT knowledge. Meanwhile, in-house counsel sets high-level contract standards. It’s nearly impossible, however, to keep up with the evolving technical environment. Legal can set specific standards for such things as liabilities, indemnities and insurance, but it cannot effectively do the same in detailed technical areas. Legal might reasonably worry about due diligence and losing control of contract standards. With the emphasis on risk mitigation and loss prevention based on Sarbanes Oxley and Gramm-Leach-Bliley considerations, there is concern that allowing IT Procurement to do more direct contracting with software/service vendors would create unacceptable liabilities. But that concern can be addressed by ongoing close cooperation and open communication between Legal and IT Procurement. Legal departments must acknowledge the changing IT procurement landscape. An evolving cooperative review-sharing arrangement between Legal and IT Procurement benefits all parties. It preserves Legal’s influence over key IT contract standards, but leverages IT Procurement’s technical knowledge.This arrangement enables the business to get its technical contracts reviewed more quickly and can make a better internal case for intelligent delays, especially where cloud contracts fall short in areas of cyber and data security standards.

Cyber risk has taken its place next to credit risk, liquidity risk and operational risk as a pressing threat to a company’s health. Board governance is becoming a focus in shareholder lawsuits, and disclosure obligations have made their way to the board level. The board needs to set the tone for enhancing cybersecurity. Various committees, including the risk, executive, operating, or audit committee, can be given oversight responsibilities. A cybersecurity subcommittee of the audit committee can assist in overseeing management’s activities by reviewing a continuously upgraded and comprehensive cybersecurity plan. A good cybersecurity plan takes into account both inside and outside attacks. Planning starts with a thorough assessment of the hardware, software and processes of the entire system. Analyze IT resources, intellectual property concerns, data architecture, physical perimeter security and concerns specific to the company’s particular industry, and map out your particular threat landscape. Consider questions such as: What assets might be especially valuable or vulnerable? What regulatory issues are involved? What security measures are in place? Have employees been trained in data security fundamentals? Is there a viable plan should a breach occur? Cybersecurity should be reviewed by the board at least quarterly, and board members should be expected to attend each meeting. They should be able to invite members of management, technology personnel, auditors and others to attend and provide information. Members, as necessary, should hold executive sessions and private meetings with the company’s IT professionals.

The text of the the Cybersecurity Information Sharing Act (CISA) was incorporated by amendment into a consolidated spending bill in the House, and signed into law by President Obama in December. CISA authorizes entities to share certain information relating to data security threats and defenses with other companies and/or the federal government, so it can be used to help defend against or avoid cyber threats. The assumption is that rapid and widespread information sharing regarding cybersecurity threats will improve the ability of all organizations to respond. Entities are authorized to share any “cyber threat indicator” or “defensive measure.” A cyber threat indicator includes information needed to “describe or identify” any one or combination of several defined items, including methods for defeating security and anomalous activities that may indicate a vulnerability or threat. “Defensive measures,” means techniques for detecting, preventing or mitigating a threat. CISA has several express protections, including a specific antitrust exemption and a guarantee that sharing information with the federal government does not constitute a waiver of any privilege or legal protection that would otherwise apply. This expressly includes trade secret protection. Under the section titled “Protection from Liability,” private entities are granted virtual immunity from lawsuits for behavior in accordance with the Act. A company that discloses a breach under CISA may still face claims from the individuals whose data was disclosed, but claims of harm arising from sharing information with the federal government would be barred.

TODAY’S GENER AL COUNSEL FEB / MAR 20 16

Executive Summaries FEATURES PAGE 48

PAGE 50

PAGE 52

Legal Analytics for Strategy and Case Management

Ethics have Calculable Value

Social Media Analysis for Investigations and Trials

By Owen Byrd Lex Machina

Legal analytics involves the use of data to make quantitative legal predictions that inform decisions made in both the business of law (law department operations) and the practice of law (litigation and transactions). It is based on various kinds of litigation data that has become available from multiple sources. The process identifies trends in the behavior of the involved players – including the lawyers, law firms, parties and judges – from the complex, unstructured legal data found in millions of pages of litigation dockets and documents. Data can be applied to influence each step of the dispute resolution process, from early case assessment, where it can answer such threshold questions as how prospective defendants are likely to react to a claim, to selection of outside counsel, to choosing a venue or obtaining transfer and evaluating judges. Once litigation is under way, every step in the process can be informed by data that improves the chance of winning and minimizes unnecessary legal spending. Similar kinds of analysis can be used to evaluate the opposing party, as well as opposing counsel. Legal analytics brings lawyering back to its roots, providing attorneys with facts on which to base opinions, the core of good lawyering. It enables lawyers to combine insights gleaned from bottomup raw data with traditional top-down controlling authority found in statutes, rules and court opinions. Traditional legal research and reasoning can now be supplemented with analytics, to inform legal advice, documents, negotiations and arguments.

By Sergio Marini Fendi, LVMH Group

Implementing socially responsible policies and promoting an ethical way of doing business generates profits as well as good will. Socially responsible actions make consumers more likely to believe that the company produces high quality products. Activities such as focusing on sustainability and improving internal control procedures can lower costs and improve efficiencies. In-house counsel has a key role in doing business in conformity to a wider system of social rules. In supporting top management’s activities, in-house counsel may be in the position of preventing them from focusing on short-term gains and taking shortcuts to profitability. To facilitate this, in-house counsel need full access to corporate information and the assurance that information received and any opinions given are subject to the attorney-client privilege. The issue of privilege is problematic in Europe. In some European countries in-house counsel are members of the Bar, with the same standing in respect to privilege as lawyers in private practice. In other countries lawyers employed by companies are regulated by a separate set of laws, and in others attorneys who work in companies are neither admitted to the bar nor recognized by the law. In view of the fact that most common law countries recognize the special role of in-house counsel, lack of recognition in other countries may cause unequal treatment and irregularities in a global market. Thus, legislative action on this matter would seem to be necessary at both the country and EU level.

By Wendy Schmidt and Scarlett Kim Deloitte Financial Advisory Services LLP

Research into what people post on social media sites, and with whom they communicate, is increasingly being used in corporate investigations and trial intelligence. The past couple of years has seen the emergence of analytics tools that can gather information from publicly available social media content, enabling attorneys and investigators to dig into social media profiles and actions quickly, economically and legally. These tools can provide information of once unattainable richness and scope to support internal investigations, M&A due diligence, litigation, jury selection, and assessment of insider and outsider threats to the business. New commercially available data analytics, or “sensing” tools, and innovative investigative approaches are improving and accelerating the process. Once a profile or web presence is identified, analysts can analyze the activity level of each user. Online socializing and interactions generate masses of data, and can offer valuable insights into the subjects of an investigation or the parties to a legal action. The challenge lies in navigating the structures and controls of social sites to extract relevant information from the sea of social data. One of social media analytics’ most important powers is the ability to map the relationships of an investigation target, be it a potential juror, witness, attorney or other person of interest. Analyzing multiple social media platforms to capture the nature of the person’s relationships – for example whether individuals are friends, family, business associates, or combinations of these – can be invaluable information for legal teams.

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Executive Summaries FEATURES PAGE 56

PAGE 60

PAGE 62

Impact of Campbell-Ewald on Class Action Litigation

How Law Departments Spend

Tips for Bringing Your In-House Experience to a Startup

By Joshua David Rogaczewski McDermott Will & Emery

In January the Supreme Court, in a split decision, held that defendant CampbellEwald did not do enough to moot plaintiff Jose Gomez’s case by offering him $1503 compensation for sending him an unsolicited text message, and his failure to accept the offer created neither a contract nor a Federal Rule of Civil Procedure 68 judgment. According to the majority, Mr. Gomez still stood to gain from litigating his claim, including his claim to represent a putative class. The Court’s decision shouldn’t be read as a permanent obstacle to defendants in Campbell-Ewald’s position. The opinion reserved judgment on the question of “whether the result would be different if a defendant deposits the full amount of the plaintiff’s individual claim in an account payable to the plaintiff, and the court then enters judgment for the plaintiff in that amount.” Under those facts, the Court would likely hold that the plaintiff’s claim is moot. The tender-of-complete-relief strategy may not always be an option. It probably does not make sense in class actions where plaintiffs have substantial losses or where the plaintiffs’ losses may be undeterminable at the outset. In these types of cases, it may be more cost-effective to fight class certification. The impact of the Campbell-Ewald decision will not be felt immediately. Businesses named often as class action defendants should monitor developments in this area of the law to ensure that they employ the best strategies for defending against class actions.

By Lauren Chung HBR Consulting

A 2015 survey of about 300 corporations found that median total legal spend increased two percent over the 2014 results, to $27 million, but the increase was not across the board. Certain operations fueled the trend more than others. Most organizations were trying to do more with less, as evidenced by their interest in controlling outside legal expenses and by their internal spending priorities. Dedicating funds toward new technology and talent retention are up-front investments that enable future savings in both hiring and the retention of outside counsel. Law departments’ outside spending has plateaued, freeing up funds to be reinvested internally. In the 2015 survey, law departments outside counsel spending held flat, a notable difference from the two percent decrease reported in 2014. Corporate law departments are doubling down on cost management programs with a variety of tactics, including alternative fee arrangements, matter planning and budgeting, stricter budget guidelines and the increasing use of analytics. The median hourly rate survey participants paid to their top three law firms was $487, up from a median of $473. Global median inside legal spending hit $12 million, a three percent increase from last year. More than half of organizations reported an increase in total legal department staff, with an emphasis on lawyers over support staff. Total law department compensation across attorney ranks continues to rise, by 3.5 percent on average, to $334,300. The average value of long-term incentives now stands at almost $93,000.

By Mirra Levitt Priori Legal

Taking your legal skills to a startup requires major adjustments. The author suggests things to consider as you refine your resume and think through your corporate legal expertise in preparation for an interview. Generalist practices may be waning at law firms, but not at a startup, where responsibilities can range from negotiating key supplier agreements and managing the company’s intellectual property portfolio, to handling employee issues and other human resources matters. Highlight elements of your experience that demonstrate your generalist legal ability, and show that you are comfortable taking the lead on the full range of legal matters. Often the in-house lawyer at a startup is the only lawyer in the organization. Be ready to show that you are adept at making independent decisions, because solving issues internally often leads to faster and cheaper solutions. Coming to your interview prepared with examples of where you made a strong independent decision – or, equally important, that you were able to ask the right questions of the right people – will demonstrate that you’ve considered the resource constraints at many startups. If you are seriously considering making the leap from a firm or corporate in-house legal department to a start-up, some firsthand observation will be instructive. Consider shadowing a startup general counsel, or at least meeting with one. By learning more about the types of challenges you might face, you’ll be better able to decide if you really want to make the move.

NACD Board Recruitment Services is the source for exceptional directors.

Recruiting directors for your board? NACD delivers exceptional director candidates.

Learn more about NACD Board Recruitment Services: BoardRecruitment@NACDonline.org or 202-747-7167

`` We draw from our proprietary

pool of independent directors.

`` We quickly identify candidates

who match your criteria.

`` We offer a cost-effective

alternative to traditional search firms.

The result is a fast, affordable search that delivers exceptional candidates for your board.

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Labor & Employment

Courts and Regulators Scrutinizing Independent Contractor Relationships By James R. Evans, Jr.

he assault continues on independent contractor relationships used by many companies. Uber, with its “new economy” business model, is a case in point. Uber depends on the classification of Uber drivers as independent contractors. Despite its protests that it is a tech company, not a transportation provider, Uber continues to draw fire in numerous class action lawsuits challenging the classification of its drivers. The drivers claim that as employees, they should be reimbursed for all miles driven in California since 2009. They also want to recover all of the tips paid by customers that were apparently not paid to the drivers. The federal judge overseeing the case has certified a class that is (for now) fewer than 15,000 drivers. Despite the fact that the judge “helped” Uber rewrite its arbitration agreement and class action

waiver, the judge recently signaled that he may be prepared to strike down that arbitration agreement and enlarge the class to more than 150,000 drivers. If that happens, the amounts at stake may rival the GDPs of some third world countries. Given the current legislative and regulatory attacks on independent contractor classifications, the same problem may be coming soon to companies near (and dear) to you. Uber’s success is driven by a great mobile app and the comfort and convenience offered by armies of drivers who circle the streets of many cities, just waiting to pounce on the next ride request. The business model, however, is utterly dependent on the classification of the drivers as independent contractors. Using this template, Uber drivers bear most of the expenses associated with the ride service. This model allows

Uber to avoid not only the substantial expenses that “old economy” transportation companies are forced to shoulder, but also employment taxes, Social Security contributions, costs of employee benefits, and workers compensation insurance expenses. That is one heck of a good deal for Uber. For the drivers, not so much. Because of the potential for significant liability if an independent contractor is ruled to be an employee (unpaid wages, penalties, interest, attorneys’ fees, etc.), proper classification is incredibly important for companies. Federal and state lawmakers and regulators have declared their intention to bring their resources to bear against companies that use the independent contractor label to skirt compliance with wage and hour laws and saddle workers with costs that should be borne by their employers. The California Division of Labor Standards Enforcement recently ruled that an Uber driver was an employee and had been misclassified as an independent contractor. Although that decision is not binding on Uber, we can infer that reclassification of all drivers is more than possible. Under California law, the ruling can be reviewed de novo by the superior court, and Uber has requested that review. Because the action is not a class action, even if Uber loses the case in court, it will not affect the classification of other drivers. Likewise, the U.S. Department of Labor recently issued a formal interpretation of the federal Fair Labor Standards Act as it pertains to the classification of independent contractors. This advisory opinion signaled the intention of federal regulators to scrutinize independent contractor classifications and treat most workers as employees. Meanwhile, the IRS, Social Security Administration and even presidential candidate Hillary

today’s gener al counsel feb / mar 20 16

Labor & Employment Clinton have criticized the practice of characterizing employment relationships as those of independent contractors. If your company uses these relationships, here are some steps you may wish to take to minimize your exposure:

If you believe that the classification is appropriate, you should nevertheless examine the written materials provided to independent contractors and scrub them of indicia of control. Start with the independent contractor agreement. It should include lan• Closely examine independent conguage indicating that the company is tractor relationships, and consider using not prescribing the manner by which the an arbitration agreement governed by independent contractor will discharge its the Federal Arbitration Act. duties (other than those mandated by Although there are numerous tests law). Companies should avoid retaining that have been crafted by courts and any right to discipline the independent regulators for determining whether contractor and retain only the right to terminate the agreement. The contract should not impose Companies should avoid any duty to comply with the policies of the company. The retaining any right to discipline contract should provide that the independent contractor is exclusively responsible for the independent contractor. supervising and managing itself, is free to choose when someone is an independent contractor to work and when to take meal and or employee, the determinative factor rest periods, and to decide the manner comes down to how much control a and method by which it will deliver the company exercises over the manner and goods or services contemplated by the method by which services are provided. agreement. Do you train them, schedule them, Remember to examine not only the provide them with a place to work, procontract for any terms that may suggest vide written requirements for how they control or potential control, and elimishould do their work, have the discrenate that language, but also review all tion to discipline them? If so, you may other communications with the indepenwish to face the reality that these folks dent contractor that suggest control or are probably your employees, regardthe potential for control. All materials less of the label you put on them. Your provided to the contractor concerning company’s liability for unpaid wages, performance should expressly provide overtime, meal and rest periods, and that they are merely suggestions, and other wage and hour violations, could the contractor will ultimately decide the subject it to a double helping of trouble. manner and method by which a given If your company insists on maintainservice is performed. ing the classification, you should consider requiring the contractors to sign an • Avoid supervision by company arbitration agreement containing a class management. action waiver. The Federal Arbitration The company should not furnish inAgreement strongly supports the enforce- dependent contractors with any forms ability of arbitration agreements that, that are or appear to be employmentby their terms, are subject to the Federal related. It should not furnish employee Arbitration Act. There are expenses ashandbooks or training materials of sociated with arbitration, but the costs any kind. are minimal when compared with the Company management should keep expenses and exposure associated with their distance from independent contracclass actions or a runaway jury verdict. tors and should not manage, supervise, train or direct the contractors or assign • Examine your written materials and work (other than a general description of eliminate indicia of control. duties). Company management should

not be involved in the manner or method by which the work is done. Controls should be limited to ensuring standardized products and services and compliance with legal requirements. In short, keep your distance! • Take a Zen approach to classification. I suggest one additional step for a company to reduce its exposure to civil and regulatory liability for misclassification of independent contractors: candid self-examination. Companies should consider whether independent contractors are really serving as de facto employees. If the company is exercising control over the manner or method by which a particular result is accomplished, if it’s supervising personnel or directing the day-to-day activities of individuals, or if the company is overly involved in how they perform their tasks, then the independent contractor is likely to be treated as an employee. If that’s the case, the company should consider biting the bullet and properly classifying workers as employees. Remember that the characterization contained in a written contract or other materials is not controlling on a court or a regulatory agency. They will pierce through the written materials, and consider the economic reality of the relationship. (If she looks like an employee ...) ■

James Evans, a partner at Alston & Bird, is a trial attorney with experience in state and federal courts and expertise in alternative dispute resolution across a variety of forums. He focuses his practice on class action matters, including claims of wage and hour violations and employee misclassification, unfair competition, the validity of advertising and marketing claims, privacy violations under California’s Song-Beverly Act, ADA violations, intentional torts and violations of the California Franchise Investment Act. james.evans@alston.com

feb / mar 20 16 today’s gener al counsel

Labor & Employment

Labor Relations Audit is a Good Management Tool By Richard W. Laner

anagement talks to its employees regularly. But in order to have effective and productive employee relations, management must also listen to its employees and know what they think. The problem is that some employees will not speak up. Shyness, fear – any number of reasons – can cause this reluctance to bring employee concerns and criticisms to management’s attention. And when employees do not voice these concerns themselves, some managers are ineffective in eliciting the kind of communication that would bring them out. So how does a senior manager learn what employees really think about their jobs, their employer, their boss, policy decisions, and their hours, salaries and benefits? Some employers use anonymous written attitude surveys because they assume that, with no fear of reprisal,

employees reveal their honest thinking with these instruments. But attitude surveys have serious risks. They may give employees unrealistic expectations of favorable policy changes or economic improvements. Employees may be asked for their opinions and criticisms, raise them, but then for many reasons find their criticisms and desires cannot be satisfied. This failure to respond can create more negative employee attitudes than existed before the survey. The employer also may be reluctant to ask some questions for legal and practical reasons. (E.g., Do you want a union to represent you? How do you feel about working with various categories of people? ) Standardized survey questions may exaggerate some employee complaints that otherwise would more realistically be downplayed, while ignoring or downplaying others of greater significance. Responses may

be inaccurate. The scope of the written questions may be limited, with no way to probe an answer to ascertain its accuracy. The question may be misunderstood, or the employee may answer falsely for an ulterior purpose. And literacy and other communication barriers may weaken written responses from foreign-born, and perhaps some other employees. A labor relations audit by an outside source can address these issues, by revealing what employees really think when they have no fear of reprisal, and without creating unrealistic expectations. This information can be used confidentially by senior management to custom-design a labor relations program that increases productivity by maximizing employee satisfaction and reducing absenteeism and turnover. In these audits, an outside independent person who is sensitive to labor relations interviews, in private, every member of management who has significant contact with employees. Anonymity is preserved, as each management interviewee is assured that he or she will not be identified as the source of a particular item of information. The interview probes what the manager has heard as to comments, questions and perceptions of subordinate employees on a wide range of subjects, such as wages, paid time off, group insurance, pensions, advancement, discipline, ethnic and gender relations, assignments, morale, training and safety. Also, what employees have to say about their individual supervisors and members of management will reveal who is respected, effective, feared, credible or disliked. When supervisors are given an opportunity to speak their minds in confidence to an outsider who hangs on every word and who is sensitive and sympathetic to their reports, it is remarkable how freely

today’s gener al counsel feb / mar 20 16

Labor & Employment they speak. By contrast, if the manager’s superior asks the same questions, the subordinates are less likely to report all employee complaints or criticisms truthfully, because this could be a reflection on them. A typical reaction: “It’s my responsibility to take care of such matters, so I’ll be criticized if I report this to my boss.” The interviewer makes no assessment of the accuracy of the reports. While there is probing for more information, there is no cross-examination and no demand for proof. In fact, employees’ comments are not always based on factual truths or reality. What they think, what they perceive to be the fact or the truth, is their reality. If employees think there is a problem, then there is a problem. When the facts are contrary to what the employee criticizes, management often has to change attitudes, educate employees, and remove communication barriers. A recent case is illustrative. A company sought advice in light of a union organizational effort by its employees. Management could not understand why any of its employees would look to a union for representation, since a new salary program had recently been instituted at substantial cost, and employees stood to benefit significantly. But a labor relations audit discovered that the new program had been communicated so poorly that the employees erroneously felt they would be worse off than before, and therefore they sought a union to protect them. Careful communications by management then corrected these perceptions, and the company was not unionized. After all interviews are completed, senior management should be presented with an overall report containing every item of significance, along with recommendations for legal and practical remedial action to reverse the negatives. It is not uncommon for such information to result in major shifts in policy or management structure. Importantly, a report by outside counsel is subject to attorney-client privilege so it remains confidential to those limited few who review it. Annual labor relations audits, like financial audits, review and monitor the

recent past, assess the current situation and signal needed future changes. They also help senior management assess their subordinates’ strengths and weaknesses in managing people. Often, there are managers who have nothing to report in the interview and who know little about their employer’s policies or employee benefit programs. They typically report that their employees are happy and have no complaints. Such unrealistic reports may telegraph

If employees think there is a problem, then there is a problem. a need for education in communication skills, for it’s often obvious that these managers do not communicate adequately with their employees. Audit results often further demonstrate that other management training may be necessary to teach supervisors basic management skills, such as how to listen to employees, give instructions, train new employees, discipline employees, and in general how to be an effective leader. A labor relations audit may also be used to provide a potential purchaser with employee relations information essential for a determination as to whether to go ahead with the deal. In an acquisition or merger, people typically are as important, if not more important, than buildings or equipment. An audit can be essential in evaluating the productivity and efficiency of the work force. An analysis of absenteeism and turnover, for example, or the quality of discipline, work practices, attitudes of employees about their jobs, overtime, holidays, vacations and personal days off can all reveal a great deal. Similarly, a review of employee attitudes toward job security, morale, wages, benefits and working conditions can tell a potential purchaser what to anticipate from its new employees.

Other questions that typically are important to a potential purchaser include: • What are employee opinions about supervisors with regard to their human relations skills? • What does a labor cost analysis show with regard to comparative data on wages and benefits? • For non-union organizations, how likely are the employees to support a union if there is an organizational effort? • Are the target firm’s policies and procedures potentially vulnerable to any employee lawsuits? • Are there any “hidden” labor costs in the policies and practices of the firm? Any valuation of a business for acquisition or merger should take these, among other questions, into account. Without such information the valuation and the negotiation strategy may be incomplete. Labor relations audits can be an important management tool. Employers who want effective employee relations, and feedback to monitor their efforts to achieve it, will conduct an annual labor relations audit as faithfully as they have their auditors review their financial records. Purchasers who want to know the facts about employee relations at an acquisition or merger target will make an audit a pre-condition of the transaction, and consider it important verification of the operation’s potential. ■

Richard W. Laner is a partner at the firm of Laner Muchin, Ltd. His entire legal experience is in labormanagement relations, representing management in collective bargaining negotiations, arbitration, matters before the NLRB, EEOC and similar state administrative agencies, and otherwise counseling employers on matters that concern management and affect employees. rlaner@lanermuchin.com

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Labor & Employment

Restrictive Covenants in the U.S. and Europe By Mark Saloman and Joanna Rich

ike toothpaste squeezed from the tube, corporate goodwill, trade secrets, and confidential business information are virtually impossible to recover once stolen by a former employee. To secure the prized assets of your business, restrictive covenants limiting the post-termination activities of employees are an effective tool in the corporate arsenal. These agreements are generally enforceable in the United States, provided they are supported by adequate consideration, narrowly drafted to protect a legitimate business interest, and reasonable in geographic scope

and duration. There are, however, substantial differences in European approaches to comparable restraints. NON-COMPETE AGREEMENTS IN THE U.S.

Historically disfavored because they restrain employees from practicing their chosen trade, U.S. courts may nonetheless enforce non-compete agreements after carefully scrutinizing them and surrounding facts. Enforceable post-employment restraints function as a shield to protect a legitimate business interest, not a “sword” to impede fair competition.

The standards of enforcement vary from state to state, and many states take different and at times opposing approaches to common issues, such as whether and to what extent a reviewing court can modify an overbroad agreement to make it enforceable. Only California, North Dakota, and Oklahoma do not enforce post-employment restrictions as a matter of law. Noting the absence of federal regulation, Congress began to stir last summer when the Senate introduced the Mobility and Opportunity for Vulnerable Employees (MOVE) Act. The MOVE Act would bar employers from demanding that low-wage earners sign non-compete agreements and require employers to disclose to every employee, at the beginning of the hire process, that a non-compete agreement is required. Largely a reaction to high-profile litigation involving the enforceability of restrictive covenants against hourly sandwich shop employees, MOVE fails to consider serious issues for employers. For example, the establishment of an earnings threshold would exempt myriad part-time employees with highlevel access to confidential information and trade secrets. It is little wonder the MOVE Act is languishing in committee, and political experts give it virtually no chance of becoming law. Under current U.S. law, non-competes must meet all of these general requirements to be enforceable: • Adequate Consideration. A common question in enforcement actions is whether the employee received something of value in exchange for the restriction. In most states, the job itself is sufficient consideration to justify enforcement of a non-compete signed at the beginning of the employment

today’s gener al counsel feb / mar 20 16

Labor & Employment relationship. Some states, like Illinois, require the employee to remain employed for a specific time period (two years in Illinois) to validate a non-compete. Others, like Missouri, require no continued employment of any duration. For a non-compete rolled out to an existing employee, many states (including Connecticut, Pennsylvania, and South Carolina) require something of additional value (e.g., additional compensation or a promotion) beyond the mere continuation of the same employment. • Legitimate Business Interest. Because restraints are disfavored, they must protect a legitimate business interest of the employer. Business interests can include corporate goodwill generated by the corporation after expending time, money, and effort; substantial

by distance (e.g., a 50-mile radius from the employer’s office), by the area in which the company conducts business, or, in some situations, by specifying that the former employee cannot do business with the employer’s customers wherever they are located. It is possible to have a global non-compete if the company conducts business worldwide. ALTERNATIVES TO NON-COMPETES

Agreements governing confidentiality, customer non-solicitation and employee non-solicitation provide even more targeted protection than non-compete agreements, and they are often more palatable to reviewing courts. • Confidentiality Agreements. Every state recognizes that trade secrets and confidential information are worthy of

post-employment protection, and agreements safeguarding them are enforced with near uniformity. Adopted in some form in nearly every state, the federal Uniform Trade Secrets Act also provides a measure of protection from a former employee’s misappropriation of trade secrets or confidential information. • Customer Non-Solicitation Agreements. Courts commonly favor customer non-solicitation clauses because they allow former employees to immediately work anywhere, even for a direct competitor. Because they protect the employer’s customer base and allow employees to work in their chosen field, employees are not unduly burdened if they must wait a period of time before conducting business with customers developed or serviced during their employment. Many states, however, will not prohibit former employees from soliciting prospective customers, customers whom they never solicited during their employment, or

• Clawbacks and Employee Choice. A clawback provision gives an employer the right to recover compensation paid to an employee upon breach of a restrictive covenant. States like New York also are more likely to enforce restrictive covenants that offer employees a choice – either comply with post-employment restrictions or risk forfeiture of compensation. (This is often called the “Employee Choice doctrine.”) Because employees control their own fate, the restraint against competition is reasonable. Employers must be aware, however, of potential continued on page 25

Oklahoma do not enforce post-employment restrictions as a matter of law.

• Duration. The length of a noncompete is reasonable if it achieves the goal of protecting the employer’s legitimate business interests while not unfairly harming the former employee. It is easier to enforce a restraint that is comparatively brief. Though determinations are highly case-specific, most states enforce restraints of one or two years. • Geographic Scope. The area covered by the restriction should be as small as needed to protect the employer’s interests. Geographic scope can be measured

• Employee Non-Solicit Agreements. Likewise, an employee non-solicit only stops a departing employee from hiring away or “lifting out” another employee or group of employees, most commonly the former employee’s subordinates. Though designed to protect a legitimate business interest, namely the stability of an employer’s relationships with its workforce, enforcement often turns on the impact of the clause on the mobility rights of otherwise at-will employees who may be mere bystanders to the employer’s agreement with the departing employee. • Garden Leave and Paid NonCompetes. Garden leave refers to a post-employment time period during which the former employee remains employed and continues to receive normal compensation and benefits but does not report for work. Garden leave allows the employer to freeze the employee in place and protect itself from competition. The leave has minimal negative impact on former employees because they continue to be paid as employees during this period. The paid non-compete also has little impact on former employees because they receive a set payment during the non-compete period. They need not, however, receive their normal salary and benefits because they are no longer employees.

In the U.S., only California, North Dakota and

customer relationships developed by the employee during employment; trade secrets (i.e., a formula, pattern, compilation, program or method); and confidential information not considered a trade secret (customer information, financial plans, business strategies). Courts will not enforce restrictions greater than necessary to protect these legitimate needs.

customers they brought with them to their former employer.

FEB / MAR 20 16 TODAYâ&#x20AC;&#x2122;S GENER AL COUNSEL

Intellectual Property

Patent Litigation Developments to Watch in 2016 By Andrew N. Thomases and James L. Davis, Jr.

ver the past few years, the volume of patent litigation in the United States has expanded and contracted. Many companies hope that current trends continue to reduce it by providing tools to seek early resolution of cases and dis-incentivize nuisance litigation filed by entities that do not practice the asserted patents.

Certain Supreme Court rulings, recent rule changes and new vehicles to challenge the validity of a patent appear to be accomplishing these goals, while other potential rulings within the next year may have the opposite effect by incentivizing litigation. Although many issues warrant attention in the dynamic climate of

patent litigation, five developments in particular could have a significant impact on the industry in 2016. APPLICATION OF ALICE

Following the Supreme Courtâ&#x20AC;&#x2122;s 2014 decision in Alice Corp. v. CLS Bank International, defendants have had exceptional success using the ruling to

today’s gener al counsel feb / mar 20 16

Intellectual Property dispose of cases under Section 101 of the patent statutes, which governs what subject matter is patentable. In many instances, cases have been dismissed based on the pleadings alone. Since the Alice decision, Federal Circuit and district courts addressing whether or not a patent claims an unpatentable “abstract” idea decided appeals and motions in favor of invalidity about 90 and 70 percent of the time, respectively (as of December 2015). Over the next year, arguments under Alice and Section 101 will continue to be an important strategy for litigants. Unlike many other case-dispositive issues, which are often decided towards the end of the litigation, district courts have been granting motions to dismiss on Section 101 grounds early, significantly reducing the length and cost of the litigation. Where courts have decided the Section 101 issue at the outset of litigation, many have eschewed the need for a separate hearing to determine the meaning of the claim terms, and that translates into additional cost-savings. Despite defendants’ recent success with arguments under Alice, decisions in the next year may cause the pendulum to swing back in favor of patent holders as courts define the limits of the ruling. While the impact of Alice will be felt for years to come, the development of additional case law interpreting the Supreme Court’s guidance may have an impact that is just as important. HeigHtened Pleading RequiRement

Recent amendments to the Federal Rules of Civil Procedure caused a spike in case filings before the new Rules went into effect on December 1, 2015. Among other changes, the amendments may have raised the pleading standard for patent complaints to the levels applied in other types of cases (known as the Twombly and Iqbal standards). The amendments removed a form complaint from the Federal Rules that required only a bare bones complaint that needed to identify the patent and allege infringement. Now that the form complaint has been removed, litigants may argue that

a complaint must recite enough facts to state a claim to relief that is plausible on its face, and not simply identify a patent and an accused product. While these new Rules may dissuade some nuisance lawsuits and provide an additional weapon for defendants to dispose of a case early, it remains to be seen how big the impact will be and how uniformly the standards will be applied in the district courts. Similar to decisions on Section 101 under the Alice decision, certain districts may apply more lenient standards than others in interpreting the new rules. In that case, nuisance litigation filings in the districts with a more lenient pleading standard will likely increase, while filings in other districts will decrease, at least until the Federal Circuit resolves any discrepancies.

levels before the PTAB are expected to continue in 2016. In these proceedings, the PTAB initially serves a gatekeeping function, deciding whether to institute a trial. If it decides to do so, the PTAB holds the trial and issues a final written decision concerning the patentability of the claims at issue. The whole process by statute takes about 1.5 years – a short timeline relative to the 2.5 year median time to trial for patent cases in district courts. Tellingly, instituted claims have been held unpatentable in about 70 percent of all final written decisions by the PTAB. The PTAB’s three-judge panels offer an advantageous venue to raise important technical issues and complex legal arguments that often accompany an invalidity argument but that may be

If the Court lowers the standard for enhanced damages, it may further incentivize the filing of nuisance litigation by non-practicing entities. It’s likely that won’t be until 2017 at the earliest. District court decisions early in 2016 will set the tone for how the amended rules should be interpreted and may ultimately determine the scope of the amendments’ impact. tHe RetuRn to tHe Patent office

Challenging the patentability of asserted claims in a post-issuance proceeding before the Patent Office’s Patent Trial and Appeal Board has become a common component of any defensive strategy in patent litigation since the proceedings were introduced in 2012. After the first full year that the new proceedings were offered in 2013, filings doubled in 2014 and continued to increase in 2015, though at a slower rate. Many defendants consider these proceedings to be the weapon of choice to defeat patent infringement allegations. Particularly in light of the petitioner success rates for these proceedings, high activity

more challenging to litigate in district court, particularly before a jury. The judges have technical training as well as significant experience in patent law. In addition, PTAB proceedings are almost always less expensive to litigate than district court proceedings. A petitioner typically moves to stay any co-pending district court litigation, often after a PTAB proceeding is filed but in any case usually after it is instituted. The national average for stay rates for contested motions is about 60 percent, although certain districts, such as the Eastern District of Texas, have a significantly lower rate. Staying the case allows a PTAB proceeding to run its course before the associated litigation continues. If litigation is stayed and the PTAB goes on to determine that the challenged claims are unpatentable, defendants avoid the cost of litigation but, more importantly, also eliminate the risk posed by litigation. Based at least on these advantages,

feb / mar 20 16 today’s gener al counsel

Intellectual Property defendants are expected to continue to pursue these strategies in 2016. ClarifiCation of the itC’s reaCh

By statute, the U.S. International Trade Commission has authority to remedy unfair acts, including patent infringement, that involve the importation of

at the inducement of the goods’ seller. While some may view the Suprema decision as an indication that the Federal Circuit is open to broadly interpreting the ITC’s jurisdiction, the ClearCorrect majority applied the statutory interpretation analysis used by the Suprema decision when restricting the ITC’s jurisdiction, showing that the application of Suprema

ClearCorrect, as originally decided by the panel, prevented the ITC from having jurisdiction over electronic transmissions of digital data.

“articles.” In 2016, the Federal Circuit is set to decide whether to review en banc a split panel decision in ClearCorrect, which as originally decided by the panel prevents the ITC from having jurisdiction over electronic transmissions of digital data. An expansion of this scope to include digital data could have a significant impact on the number and types of cases brought before the ITC. The panel majority interprets the term “articles,” as used in the ITC’s enabling statute, to mean “material things.” Based on that interpretation, electronic transmissions of digital data would not be covered within the ITC’s jurisdiction. In response, the dissent points out that limiting the term “article” from the Tariff Acts of 1922 and 1930 fails to take into consideration the evolution of technology since that time. The dissent expresses concern that the ruling improperly hamstrings the ITC’s ability to facilitate a remedy against unfair competition in the electronic age, by providing for exclusion only of physical imports that infringe U.S. intellectual property rights. Another issue related to the scope of the ITC’s jurisdiction was also recently addressed in the Federal Circuit’s en banc decision in Suprema v. ITC. There, the court affirmed the ITC’s interpretation of the prohibition on importing “articles that . . . infringe” as including importation of goods that, after importation, are used by the importer to directly infringe

does not necessarily result in broadening of that jurisdiction. Regardless of the ultimate outcome of ClearCorrect, the ITC will continue to be a reliable patent dispute venue that provides a fast time to trial as well as the threat of an injunction, among other advantages. Apart from the 2010-2013 smartphone wars, the ITC has maintained a fairly steady caseload that is expected to continue, if not increase, over the next year. supreme Court sCrutiny of enhanCed damages

After a string of patent cases that some perceive as favoring defendants, the Supreme Court is set to decide, in the Stryker and Halo cases, whether to reject the test currently applied by courts to determine whether enhanced damages are warranted due to willful infringement. Some predict these decisions will follow Octane Fitness, decided in 2014, where the Court held that district courts should decide whether a case is exceptional and attorneys’ fees should be awarded based on a case-by-case exercise of discretion, considering the totality of circumstances. The Federal Circuit’s current two-part test for enhanced damages based on willful infringement, which requires an objective and subjective analysis, is similar to the test struck down in Octane Fitness. The Court may apply a similar analysis in Stryker and Halo.

If the Court lowers the standard for enhanced damages, it may further incentivize the filing of nuisance litigation by non-practicing entities. Congress continues to consider patent reform legislation to address these types of cases, but any such legislation is more likely after the 2016 elections. By that time, the impact of the Supreme Court’s prior rulings and the necessity for additional legislation may be easier to gauge. Looking beyond the horizon of 2016, the European Union’s Unified Patent Court is set to go online in 2017, opening up yet another front for patent litigation. While many European countries have already become important venues, the introduction of the UPC will likely bring European patent litigation even more into the spotlight. ■

Andrew N. Thomases is an intellectual property litigation partner in the Silicon Valley office of Ropes & Gray LLP. A co-leader of the firm’s technology, media & telecommunications group, he represents clients across a broad range of technologies before federal courts, the ITC and the PTAB. andrew.thomases@ropesgray.com

James L. Davis, Jr. is an intellectual property litigation associate in the Silicon Valley office of Ropes & Gray LLP. He has a background in computer engineering and represents clients before federal courts, the ITC, and the PTAB in matters concerning technologies ranging from medical devices to high tech. james.l.davis@ropesgray.com

TODAY’S GENER AL COUNSEL FEB / MAR 20 16

Labor & Employment Covenants

continued from page 21 drawbacks, including the possibility that such provisions are not enforceable under the particular state’s law, and ERISA and tax implications. RESTRICTIVE COVENANTS IN WESTERN EUROPE

As in the United States, post-employment restrictions in Europe are scrutinized to ensure the scope is reasonable and the employee does not suffer undue burden. There are key differences, however, that employers must remember when drafting such agreements overseas. For example, in the United Kingdom, employees owe a duty of confidence not to misuse or disclose trade secrets, a duty which extends beyond the termination of their employment. Employers also may use restrictive covenants to protect a legitimate business interest, usually confidential information to which the former employee had access. In practice, this means non-compete agreements are generally enforceable against senior executives or those in technical or research and development roles. As in the United States, and unlike in other European countries, there is no need to pay the former employee during the restricted period. To be enforceable in France, noncompete clauses must reasonably relate to the employee’s job requirements, must protect the employer’s legitimate business interests, and cannot stifle fair competition. Manual labor-intensive employees, for example, cannot be held to post-employment restrictions. French courts carefully scrutinize post-employment restrictions for reasonableness in time and geographic scope. A maximum duration of two years is generally permissible, provided the restriction on activity is narrow. Unlike in the United States, the former employee must be paid a percentage of her former annual salary during the restricted period. Thirty to 50 percent of monthly salary (base and bonus) is typical. Confidentiality, intellectual property, and assignment of inventions agreements are fully enforceable without having to

comply with any specific requirements for validity. To extend protections beyond the termination of employment in Germany, the employer and employee may agree to a restrictive covenant that protects a legitimate business interest of the employer and is reasonable in territory, time (generally less than two years) and scope. Such agreements must be in writing, signed by both employer and employee, and a copy must be provided to the employee. As in the United States, enforceability in Germany is fact-specific and post-employment restrictions may be unenforceable if they present an unreasonable and unjustified interference with the employee’s career. During the restricted period, German law mandates that employees be paid at least 50 percent of their former salary for each year of the restriction, though the employer’s payment can be offset against income earned from new employment during the restricted period. A USEFUL INSTRUMENT

Should your business implement restrictive covenants? Some thought leaders discourage it on the grounds that restrictive covenants harm marketplace efficiency, citing California’s total commitment to employee mobility as central to the success of Silicon Valley. Yet several unique factors (a skilled research base in area universities, plentiful venture capital, steady government spending, and proximity to Stanford University) created the foundation of the Silicon Valley we know today. Indeed, if a ban on non-competes triggers a tech boom, how does one explain the lack of high-tech centers in North Dakota or Oklahoma, and the significant number of high-tech companies in states that honor non-competes, like New York, Massachusetts, and North Carolina? Even California-based tech companies recognize the value of post-employment restrictions, something most recently demonstrated by a massive class action settlement resolving claims that significant area employers created de facto non-competes by agreeing not to hire away each other’s workers.

A narrow and precise restrictive covenant can target specific risks and protect a business’s valuable intangible assets, including confidential information and trade secrets, while minimizing undue impact on former employees. Employers have many options. They can use non-competes, non-disclosure agreements and non-solicitation clauses, by themselves or in combination. But to maximize enforceability and effectiveness, these agreements should be carefully drafted by competent counsel familiar with all state and local nuances. ■

Mark Saloman is a partner in the Berkeley Heights, New Jersey, office of FordHarrison. He counsels and litigates nationwide on all aspects of employment law, including discharge, discipline and other personnel problems, internal investigations, as well as noncompete agreements, non-solicitation provisions, confidentiality agreements and other restrictive covenants. He is a frequent lecturer and an author on employment law and litigation. msaloman@fordharrison.com

Joanna Rich, is a senior associate in the Berkeley Heights, New Jersey, office of FordHarrison. She concentrates her practice on the representation of employers in labor and employment law matters. jrich@fordharrison.com The UK commentary is from James Davies of the Lewis Silkin law firm; the French commentary is from Jean-Michel Mir of the Capstan firm; and the German commentary is from Alexander Ulrich of Kliemt & Vollstädt. All firms are members of the global HR and employment law alliance Ius Laboris.

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

E-Discovery

Big Data Can Be Asset or Vulnerability By Adam Bowen of collecting, processing, and reviewing mountains of unstructured data for relevance can be a burdensome, expensive disruption. However, there are effective ways to prepare ahead of time and handle live discovery requests in a big data environment. The greatest challenge is unstructured data and email, and it’s especially important not to let it become a problem. Planning ahead and executing an effective readiness plan has been proven to minimize risks, reduce cost and maintain defensibility. The best first step is to be prepared. That may seem obvious, but it’s often overlooked. The Federal Rules of Civil Procedure require that companies be prepared to discuss the location and accessibility of potentially relevant information shortly after litigation begins. Often we see that either there is no plan in place, or there is poor execution of an outdated plan. Once a litigation matter starts, the focus is to protect corporate interests at the lowest possible cost. Moreover, the task of uncovering data sources, and preserving and collecting data, is sometimes performed by unenthusiastic departments. Corporate legal teams may have to compete for attention from IT, security, HR, sales and accounting, all while fulfilling duties and complying with federal or state rules.

ech industry buzz says that a big data revolution is underway and it will have a transforming effect on business. But what exactly is big data? In an effort to describe the phenomenon, industry analysts at Gartner defined it as “high-volume, high-velocity and/or high-variety information assets that demand cost-effective, innovative forms of information processing that enable enhanced insight, decisionmaking, and process automation.”

CASE IN POINT

But while Gartner’s definition characterizes big data in terms of assets, data that is indiscriminately stored can become a liability. Email, memos, presentations and spreadsheets can accumulate in the routine effort to communicate the next great idea or emphasize someone’s opinion. These ideas and opinions have the potential to create pain points long after the end of their useful life. When litigation looms, these obsolete documents can get pulled into a review for a legal discovery request, and the process

Following is an example from my experience, in a case where a large corporation was not adequately prepared to overcome the challenge presented by big data. It was confronted with two common problems: The legal department had no control over its outsourcing needs, as it was outside counsel that managed projects and the spend, while the legal department was viewed as a cost center and budgets were minimal. The company did, however, invest time in learning more efficient ways

today’s gener al counsel feb / mar 20 16

E-Discovery

to manage its projects and spend. It recognized the opportunity to become educated during periods when there was no active litigation. Lack of readiness became very apparent when a subpoena by a government agency for a major investigation was issued, and a bet-the-company challenge emerged. It was quickly realized there was a problem due to overly broad document requests. The fact that the company’s data management was highly decentralized made things worse. The company realized this would be a great opportunity to get its electronic data in order. The discovery request had its own challenges. Terabytes of email and file data continued to be found as the company and counsel kept digging. A data map did exist, along with notes and details, and on the surface it seemed to point efforts in the right direction. But it was soon discovered that the last update was years old and several acquisitions past, and since then new systems had been implemented. And while retention policies seem to have had final approval of business group executives, they had never been rolled out organizationally. But because of the investigation, handling data quickly became a high priority. Company leaders made it known that company-wide participation was required, and the corporate legal team now had the eyes and ears of the company. A budget was made available. An e-discovery consultant team worked closely with the client to develop a plan to address the investigation. As data stores were uncovered and used, additional interviews with department heads led to the development of an updated data map. This was supported by the development of policies of “ownership,” and a manageable process for keeping tabs on data without a major event as a catalyst. As stakeholder groups became aware of (or concerned about) how data was being used for this particular investigation, the implementation of retention policies was welcomed. Retention policies were refined and applied to newly centralized systems. And now, as a

result, there was a real desire to manage data for future requirements, as well as current needs, with a deliberate plan. The company also began a process for handling recurring evidence for multiple matters. STAYING CURRENT

Discovery service providers and outside counsel should have a command of technology trends. Effective discovery partners might be outside counsel helping to interview custodians to find data, computer forensics specialists who preserve and collect data from the latest smartphone or iteration from Microsoft, or discovery service providers who support complex work flows. It is crucial to know how these roles fit together to leverage their combined technological acumen. Be open to applying advanced technologies to sort through large amounts of data. Using search terms and filtering to identify relevant data are common practices, but now there are also advanced analytics, including predictive coding, concept searching, computer-assisted review, machine learning, document clustering, email threading, and more. Judiciary rulings have long favored keyword searching, and judiciary commentary generally is in favor of using advanced analytics during discovery for the right cases and data sets. Amendments to the Federal Rules a decade ago did a good job of delineating guidelines on cooperation and disclosure. Determine how each group in the discovery process should leverage available technologies. There may also be an opportunity to evaluate how data from recent past cases are relevant to new ones. Balance the risk and cost savings of reusing technology steps, or even reusing work product for “lowhanging fruit” like corporate organization documents or privileged documents. Organizations might consider developing a more extensive plan to manage information for multiple cases. MINIMIZING RISKS

Having retention policies and technology to weed through the data can

minimize risks, with a side benefit of reduced costs. The Supreme Court (in the Arthur Andersen case) said that document deletion or destruction is permissible pursuant to a reasonable retention policy - that is, as long as there is no regulatory requirement or applicable litigation hold that mandates retention. We have all heard stories of an outdated email that should long since have been deleted having an unfavorable impact on a case. Effective data maps and retention policies can prevent this. Keep attention focused on document review. It is usually the most expensive part of discovery, in some cases accounting for more than 70 percent of total discovery costs. Have a readiness plan in place, and leverage technology to defensibly reduce the number of documents going into review. If a company can make that reduction, it will not only save substantial costs, but it will allow legal teams and outside counsel to focus more of their energy on relevant data rather than outdated and junk documents. Big data will get bigger. Having a plan in place, enforcing execution of the plan, and working with skilled technology partners will help reduce discovery vulnerabilities and allow the company to focus on business. ■

Adam Bowen is a Solutions Architect at DTI, a legal process outsourcing (LPO) company serving law firms and corporations. He focuses on the development and implementation of litigation support and electronic discovery solutions, including forensics and data collection, processing and hosting services. He has over 20 year’s experience managing large-scale data projects. ABowen@DTIGlobal.com

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

E-Discovery

Rule Amendment Encodes Proportionality By B. Jay Yelton III

ecent amendments to the Federal Rules of Civil Procedure can be real game changers with regard to limiting the scope and cost of discovery. To what extent those improvements can be achieved will largely depend on the active involvement of in-house counsel at the beginning of a case. Probably the most important rule amendments relate to Rule 26(b)(1), which sets forth discovery scope and limits. These amendments include the deletion of the phrase “relevant information need not be admissible at the trial if the discovery appears reasonably calculated to lead to the

discovery of admissible evidence.” More importantly, this discovery rule is being amended so it prominently features proportionality factors previously buried. The amended rule now explicitly states that the scope of discovery must be “proportional to the needs of the case.” When faced with a motion for protective order or a motion to compel, courts will consider the importance of the issues at stake, the dollar amount in controversy and relative access to information by all parties, as well as their resources. Additionally, the court will evaluate how important the discovery is in resolving the issues and whether

the burden or expense of the proposed discovery outweighs its likely benefit. This is a welcome and long overdue reduction in the scope of discovery. However, parties should not believe that to take advantage of this change they merely need to object to a discovery request as being overly broad and disproportional to the needs of the case. In fact, these rule amendments explicitly state that more is required. According to the recent amendment to Rule 34(b)(2)(B), grounds for an objection that a discovery request is disproportional, overly broad or unduly burdensome must now be stated “with specificity.” As a consequence, to justify a proportionality objection under the newly amended rules, a party must be able to demonstrate that the time or expense involved in responding is unreasonable in light of the benefits of the proposed discovery. A party should also be able to show, with evidentiary proof, the time, money and procedure that would be required to comply with the objectionable discovery request. Courts cannot make a determination regarding the proportionality of a discovery request in a vacuum. They must rely on counsel to assemble and present those facts to the court on a timely basis. A 2011 case in the District of Columbia, United States ex rel. Julie McBride v. Halliburton Co., provides an example of how courts will perform a proportionality analysis under the factors featured in Rule 26, and illustrates how in-house counsel’s involvement is essential to establish the parameters of discovery. In this case, McBride filed a qui tam action alleging that Halliburton had inflated headcounts documenting usage of its facilities in Iraq and billed the government for costs that were calculated based on those inflated headcounts.

today’s gener al counsel feb / mar 20 16

E-Discovery

The parties negotiated the scope of electronic discovery and reached an agreement on search terms and custodians. As discovery progressed, McBride issued successively more demanding requests for a particular type of report and associated emails. Halliburton attempted to comply with each request, but ultimately objected to one request that would have required the identification, collection, review and production of 35 additional custodians beyond those the parties had agreed to. To provide support for their objection, Halliburton submitted a declaration from its manager of information

effort and resources required to comply with McBride’s request. The court then looked at the importance of the discovery and found that McBride had not made any showing that the discovery sought was crucial to her case, or really any showing that the information sought was highly probative of some fact. Given that she could establish the submission of a false claim with information already produced and had made no showing of the potential significance of the information that was not produced, her request could not be justified when balancing the utility against the cost.

When faced with a motion for protective order or a motion to compel, courts will consider the importance of the issues at stake, the dollar amount in controversy and relative access to information by all parties, as well as their resources. process solutions that provided, in the words of the court, “in excruciating, but highly educational and useful, detail” an explanation of “how the process and collection of data from a current or former employee takes place, from what may be many different sources.” At this point, the court began its proportionality analysis, noting its obligation to balance the utility of the information sought against cost. In assessing the proportionality factors, the court noted that the amount in controversy was great; that Halliburton possessed substantial resources to comply with discovery; and that very important issues of governmental trust were being raised in this matter. Those factors weighed in favor of granting the discovery. However, Halliburton had already incurred $650,000 in discovery costs at this point, excluding attorneys’ fees, and had produced two million paper documents, thousands of spreadsheets and over 500,000 emails. It had also provided the declaration regarding the substantial additional

Halliburton was able to effectively limit discovery in this matter through comprehensive preparation guided by its in-house legal team. By leveraging complete knowledge of their capabilities along with meticulous tracking of efforts and expenditures to date, the company was able to establish effective proportional boundaries. In the McBride v. Halliburton case, the proportionality analysis occurred near the end of the discovery period. However, the recent amendments to the Federal Rules of Civil Procedure encourage parties to evaluate the discovery proportionality factors within the first few months after the complaint is served. For example, the focus of the amendments to Rule 4(m), Rule 16(b)(2) and Rule 26(d)(2) are to expedite the start of discovery. Time periods for serving a defendant and for the court to issue a scheduling order have been reduced from 120 days to 90. The parties can serve requests for production of documents 21 days after the lawsuit has been

filed, even if this is before the discovery kick-off at the initial pretrial conference. Courts increasingly will expect that the parties are prepared to discuss in detail the scope and timing of anticipated discovery at the Rule 16 pretrial conferences. As reflected in Rule 16(c)(2)(F), matters for consideration at the pretrial conference should include “controlling and scheduling discovery, including orders affecting disclosures and discovery under Rule 26.” As a consequence, if in-house counsel hopes to reduce the scope or burden of discovery through the various protections set forth in Rule 26(c), those requests are best made during the Rule 16 pretrial conference. In-house counsel must spearhead the efforts to limit discovery to that which is “proportional to the needs of the case.” Only in-house counsel can provide information to establish that the efforts of their organization in attempting to comply with discovery requests have been reasonable and proportional to the needs of the case, that alternative methods to provide discovery have been explored and that the cost of proposed discovery outweighs the potential benefit. In order to accomplish this, in-house counsel must have a good understanding of their data systems, their discovery policies and practices, and their electronic discovery capabilities, and they must be prepared to provide an “excruciating, but highly educational and useful” declaration of what is required to comply with discovery requests. ■

B. Jay Yelton III, partner at Warner Norcross & Judd LLP, co-chairs the firm’s Data Solutions Practice Group. He has experience designing and implementing programs that help clients manage electronic documents, prepare for litigation and develop e-discovery strategies. jyelton@wnj.com

feb / mar 20 16 todayâ&#x20AC;&#x2122;s gener al counsel

Cybersecurity

Legal and IT Procurement Must Cooperate By David Ochroch

n major corporations, in-house counsel have been reviewing a decreasing share of the technology (software, hardware and services) agreements executed each year. Thatâ&#x20AC;&#x2122;s been my IT procurement experience for the past twenty-five years. There are far too many contracts for Legal to review even a slim majority of them, given the increasing transaction speed demands of business/IT divisions. Corporations trying to adopt best practice have evolved an interdependent

and interdisciplinary arrangement, where IT Supply Chain (commonly called IT Procurement) becomes the front-end/ gating function for contract analysis. In essence, Procurement acts like paralegals, but with extensive training in both supply chain disciplines (sourcing procedures, accounting, vendor relationship management, purchase order processing) and contract drafting disciplines (contract construction, contract standards/boilerplate and, with policy guidance from the lawyers, high-risk

legal issues). Procurement also must have specific IT knowledge to properly fulfill its mission. IT contracting in particular has become a specialization in its own right. The rapid pace of technological change coupled with overwhelming business demand for IT-led projects has created a perfect storm. There is just too much procurement work to process, plus thereâ&#x20AC;&#x2122;s decreasing static knowledge beyond core disciplines. For critical purchases, technical knowledge

today’s gener al counsel feb / mar 20 16

Cybersecurity

that’s just months old can be woefully out of date. One must keep up with technical bulletins, conferences and the trade press – and constantly press the flesh with IT sales reps – to even have a chance to stay relevant. The tech evolution is unrelenting and, more important, within this flux the contractual land mines are constantly

ties. But that concern can be addressed by ongoing close cooperation and open communication between Legal and IT Procurement. That constant partnership, with an exchange of technical/legal acumen, should lead to an acceptable compromise. IT Procurement raises significant contract exceptions to Legal for review,

The 800-pound gorilla forcing this cooperative issue into the open is cloud computing.

shifting, as well. “Future proofing” technical contracts in this environment is an art form that requires an in-depth, multidisciplinary knowledge base. Specialists are in high demand. It is true that ultimately in-house counsel sets policy for high-level contract standards, but it’s nearly impossible for Legal to keep up with the evolving technical environment. Legal can set specific standards for such things as liabilities, indemnities and insurance, but it cannot effectively do the same in detailed technical areas (for example, cyber/data security language). There is simply too much risk of continual obsolescence, in terms of practical contractual knowledge. Even in the rare situation where a corporation contracts with specialized outside counsel with cyber experience (or has a dedicated in-house resource), that legal resource is likely too far removed from expert IT staff and resources that would have the needed up-to-the-minute technical insight. The fact is IT Procurement’s collective experience is often more up-to-date. At first blush, Legal might reasonably worry about due diligence and losing control of contract standards. With the emphasis on risk mitigation and loss prevention based on Sarbanes Oxley and Gramm-Leach-Bliley considerations, one might think allowing IT Procurement to do more direct contracting with software/service vendors would subject the corporation to unacceptable liabili-

and that review becomes an element in a feedback loop which expands the joint knowledge base. In practice, IT Procurement must handle the day-today issues quickly and efficiently, as a way of best utilizing Legal’s more limited resources effectively. The 800-pound gorilla forcing this cooperative issue into the open is cloud computing. Once upon a time, the business needed to go to IT to ask for resources. That request would kick off a discussion between IT and IT Procurement on how to source and contract for those resources. IT Procurement would bring in Legal where indicated and contractual risk would be mitigated, at a reasonable pace. Today, however, it’s often the case that business can easily bypass both IT and IT Procurement – as well as Legal – by contracting directly with cloud, service providers. And in an era where firings happen for IT system failures or failure to provide customer-facing services to anxious consumers, it seems to be enlightened self-interest for the business to quickly obtain resources from the cloud rather than wait weeks/months for internal IT/Supply Chain/Legal to “make up its mind.” In this bypass situation, rarely does anyone knowledgeable in contracting disciplines read the cloud provider’s contract. In terms of due diligence, this should be a major concern, but often it’s well-hidden (and called “shadow IT” in many corporations).

In some cases, procurement delays can be traced to contract review delays. Those delays are deadly to inter-departmental relationships. If Legal and IT Procurement can’t find a way to speed up the contracting process, they become a joint impediment to the business that won’t be well tolerated by the business or senior management. Bypass then becomes almost inevitable, regardless of what’s written in the corporate procedures manual. The cloud has passed them by. Ideally, those cloud contracts get reviewed by IT Procurement just like any other IT-related agreement. Time is truly of the essence when it comes to creating a successful internal business relationship that addresses cloud contract-risk mitigation. The key takeaway for Legal is to recognize and acknowledge the changing IT procurement landscape. An evolving cooperative review-sharing arrangement between Legal and IT Procurement benefits all parties. It preserves Legal’s influence over key IT contract standards, but leverages IT Procurement’s “feeton-the-ground” technical knowledge. Legal thus enables the business to get its technical contracts (particularly for cloud-based services) reviewed more quickly and can make a better internal case for intelligent delays, especially where those cloud contracts fall short in areas of cyber and data security standards. ■

David Ochroch is a consultant specializing in corporate software procurement. He is the creator/ instructor of the professional certification program in software license agreements at the International Business Software Managers Association (IBSMA.org). Formerly, he was Senior Director of IT Procurement for Sallie Mae (the Student Loan Marketing Association). dnoconsulting@gmail.com

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Cybersecurity

Board Responsibilities for Cybersecurity By Robert Kurtz

ompanies are finding that data breaches are both common and expensive. According to a recent Ponemon Institute study, the average per capita cost to a company in 2014 was $3.79 million, an increase of 12 percent from 2013. Board conversations have shifted from IT budgets to enterprise cybersecurity, and the audit

committee is now playing a vital role in monitoring management’s preparation for and response to cyber threats. Cyber risk has taken its place next to credit risk, liquidity risk, and operational risk as a pressing threat to a company’s health. Particularly after the attack on Target, there has been increasing pressure

to hold boards accountable. Board governance is becoming an area of focus in shareholder lawsuits, and disclosure obligations have made their way to the board level. As SEC Commissioner Luis A. Aguilar has noted, boards of S&P 200 companies are “nearly universally” taking responsibility for oversight in cyber risk management.

today’s gener al counsel feb / mar 20 16

Cybersecurity

CYBER RISK MANAGEMENT

Cyber risk management is a framework that an organization adopts to deal with evolving technology-based risks from within and outside the company. The key actors are the board, the C-suite or executive team, and frontline top management in charge of executing cyber risk management. A company’s board of directors needs to set the tone for enhancing security, and it must determine who should have oversight. Various committes such as the risk, executive, operating or audit com-

Threats can occur from within the organization, too. Organizations must go beyond protecting the perimeter. They should also focus on protecting the data itself. It will take money and resources to train employees across the enterprise to keep information safe. Putting the right processes in place is an important step forward. The majority of organizations don’t have a structured, effective framework for assessing and managing security risks, relying instead on a patchwork of nonintegrated, complex and fragile defenses.

The board should have authority to authorize investigations, and it should be empowered to: • Appoint, compensate, and oversee the work of any enterprise security firm employed by the organization. • Pre-approve cybersecurity software/ hardware and cybersecurity consulting and third-party services. • Retain independent enterprise security experts or others to advise the committee or assist in conducting cybersecurity investigations.

Boards should have a clear understanding of the types of threats most likely to represent a risk, and they should continuously educate themselves about evolving legal and regulatory developments. mittee can be given that responsibility. However, many boards do not include any person or group that possesses cybersecurity skills capable of functioning in that capacity. One recommendation is to add a cybersecurity subcommittee to the audit committee that can assist management’s oversight activities by reviewing a continuously upgraded and comprehensive cybersecurity plan that keeps abreast of new risks and technical mitigations. Many boards are beginning to make time to review even relatively minor internal incidents, while also staying up to date on developments outside the company, with a focus on threats and events affecting their industry. Boards should have a clear understanding of the most likely threats, and they should continuously educate themselves about evolving legal and regulatory developments. A cybersecurity action plan may require more time and attention in sectors where the risks and the potential for damages are highest, such as financial services. Boards should inquire about the state of specific security programs, ask for benchmarks, and find out what’s being done to prevent or detect attacks.

Keep an eye on social media. Companies may use it to enhance their brand by interacting with customers, but social media also represents a threat. Its around-the-clock availability means that a company’s reputation may be damaged quickly and with limited effort. Challenges related to social media include data security, privacy concerns, regulatory compliance, and concerns about employee use of work time and equipment. Often the financial consequences of a cyber-attack are not well understood. Theft of funds and intellectual property is not the only risk. There are costs associated with loss of profits and business, and with remediation. A breach could affect overall financial performance, ultimately reducing earnings per share and the company’s market value. RECOMMENDATIONS

Companies that ensure cybersecurity expertise on their boards are fulfilling oversight responsibilities for internal control, the audit process, and the process for monitoring compliance with law, regulation and code of conduct as they relate to malicious attempts to penetrate corporate technology.

• Seek information from external parties or from employees, all of whom should be directed to cooperate with the committee’s requests. • Meet as necessary with the company’s chief information officer (CIO), chief information security officer (CISO), chief security officer (CSO) and IT auditor. The board or its nominating committee should appoint committee members who are independent, technically literate, and designated as “technical expert.” Cybersecurity should be reviewed by the board at least quarterly. Board members should be expected to attend each meeting, in person or via teleconference or videoconference. They should also be able to invite members of management, technology personnel, auditors and others to attend meetings and provide pertinent information. Members should hold private meetings with the company’s IT professionals and executive sessions. The committee should: • Consider the effectiveness of the company’s technology controls. • Understand the scope of internal and external auditor reviews of system continued on page 39

SPECIA L A DVE RT IS IN G S EC T ION FEB/MAR 2016 TODAY’S GENERAL COUNSEL

Super Lawyers, a part of Thomson Reuters, is the only lawyer-ranking service with a patented selection process. How do we do it? The infographic below shows, at a

very high level, the steps we go through to vet the attorneys selected to our list each year. Because of our rigorous selection process, and the fact that our selection is limited to no more than 5 percent of the attorneys in any state or region, you can rely on us as one of your sources for finding an attorney who exhibits excellence in the practice of law. This issue marks the start of a unique partnership between Today’s General Counsel and Super Lawyers. In each issue, you will learn about lawyers and firms that have passed muster with Super Lawyers. We honor attorneys in commercial and consumer practice areas, and the focus with our partnership will be on those selected in a business-related practice area. If you find yourself in need of legal services, whether for your business or personally, start your search with Super Lawyers. For more information on our selection process or to find a lawyer in a specific region or practice area, please visit SuperLawyers.com.

OUR PATENTED SELECTION PROCESS NOMINATIONS Diverse list of the top attorneys nominated by their own peers

INDEPENDENT RESEARCH Validated with third-party research across 12 key categories, conducted by an attorney-led research team

EVALUATIONS Candidates are grouped into categories based on practice area and reviewed by those attorneys who received the highest totals from each category

OF ATTORNEYS SELECTED TO SUPER LAWYERS

FINAL SELECTION 2.5% OF ATTORNEYS SELECTED TO RISING STARS

START YOUR SEARCH FOR AN ATTORNEY WITH SUPER LAWYERS VISIT SUPERLAWYERS.COM Search for an attorney by practice area and location, read features on attorneys selected to our lists and find out more about our patented selection process.

WE WANT TO HEAR FROM YOU

Know a great attorney who should be on our list or featured in a story? Have a question about our selection process? Email us at sl-research@thomsonreuters.com

DISCLAIMER: The information presented in Super Lawyers is not legal advice, nor is Super Lawyers a legal referral service. We strive to maintain a high degree of accuracy in the information provided, but make no claim, promise or guarantee about the accuracy, completeness or adequacy of the information contained in this special section or linked to SuperLawyers.com and its associated sites. The hiring of an attorney is an important decision that should not be solely based upon advertising or the listings in this special section. No representation is made that the quality of the legal services performed by the attorneys listed in this special section will be greater than that of other licensed attorneys. Super Lawyers is an independent publisher that has developed its own selection methodology. Super Lawyers is not affiliated with any state or regulatory body, and its listings do not certify or designate an attorney as a specialist. State required disclaimers can be found on the respective state pages on superlawyers.com.

S P ECI AL ADV ERTISING SEC T I O N TODAY’S GENERAL COUNSEL FEB/MAR 2016

Your Business Is Our Sole Purpose

Left to right: Paul Lackey, Scott Hershman, Roger Mandel

Lackey Hershman, L.L.P. understands that business interests run litigation, and not the other way around. We also recognize battles are often won not only in the courtroom, but in the boardroom, the press and elsewhere. Lackey Hershman has litigated in nearly every state and in Mexico, Europe and the Far East. Our clients include Fortune 500 companies, billion-dollar hedge funds, professional athletes and entrepreneurs. Collectively, Lackey Hershman lawyers have successfully litigated hundreds of complex cases in jurisdictions all over the world. Lackey Hershman also represents individuals and small businesses on a contingent basis in class, derivative and qui tam cases, as well as in individual business torts cases. The firm's ability to successfully take on the world's largest corporations, banks and law firms evens the playing field for the little guy. Lackey Hershman has worked hard to develop fee structures that align its incentives with those of our clients, to create an atmosphere that maximizes value and minimizes cost. In addition to contingent fees, Lackey Hershman has developed blended fee arrangements that allow its clients to have certainty in determining day-to-day legal costs. At the same time, a success fee incentivizes Lackey Hershman to win rather than run up needless billable hours.

10 YEARS

SELECTED TO Super Lawyers

3102 Oak Lawn Ave., Suite 777, Dallas, TX 75219 PH: (214) 560-2201 • FX: (214) 560-2203 • www.lhlaw.net

AN EXCEPTIONAL EXCEPTIONAL LIST AN LIST OF OF EXCEPTIONAL EXCEPTIONAL ATTORNEYS. ATTORNEYS.

Scott Hershman Roger Mandel

Every year, Super Lawyers evaluates attorneys across the country for its annual list of top attorneys. Each candidate is measured against Every year, Super Lawyers evaluates across the country for its annual list of than top attorneys. Each candidate is measured against 12 indicators of peer recognition and attorneys professional achievement. Nominees from more 70 practice areas are considered, and only the 12 of peer recognition and professional achievement. from more than 70 practice areknow considered, onlyit.the topindicators five percent of any state’s attorneys are selected. So whenNominees you see a lawyer on the Super Lawyersareas list, you they’veand earned top five percent of any state’s attorneys are selected. So when you see a lawyer on the Super Lawyers list, you know they’ve earned it. Find your exceptional attorney at SuperLawyers.com Find your exceptional attorney at SuperLawyers.com

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Compliance

Information Sharing Under the New Cybersecurity Law By Michael P. Hindelang

ybersecurity legislation had been proposed in Congress several times, but it didn’t pass the Senate until 2015. The Senate, on October 27, passed the Cybersecurity Information Sharing Act (CISA) by a vote of 74-21. The House of Representatives had previously passed two bills, H.R. 1560 and H.R. 1731, which

contained many of the same provisions as CISA, but also had key differences. The text was incorporated by amendment into a consolidated spending bill in the House and signed into law by President Obama on December 18, 2015. The issues of data security and privacy protection had been highlighted for Congress repeatedly throughout

2015 by numerous high-profile data breaches. They affected not only major corporations, but the government itself, as various agencies disclosed breaches. Significant media attention then led to calls from a variety of interest groups for passage of a cybersecurity law. CISA authorizes entities to share certain information relating to data security

TODAY’S GENER AL COUNSEL FEB / MAR 20 16

Compliance

threats and defenses. This information can be shared with other companies and/or the federal government, and used to help defend against or avoid cyber threats. The basic assumption underlying CISA is that rapid and widespread sharing of information about cybersecurity threats will improve the ability of all organizations to respond. For example, a new hacking method detected by a bank in New York may be shared nationwide and immediately used by a manufacturing company in Detroit and a retailer in Portland to defend against similar attacks that would otherwise have gone undetected. WHAT CAN BE SHARED

While not all information may be shared under CISA, entities are authorized to share any “cyber threat indicator” or “defensive measure.” Each of these terms is broadly defined in the Act and encompasses a great deal of information. A “cyber threat indicator” includes information needed to “describe or identify” any one or combination of several defined items, including methods for defeating security and anomalous activities that may indicate a vulnerability or threat. This definition is broad enough to encompass a vast array of information related to securing data, protecting a company’s systems, and responding to hacking and phishing attempts. (Phishing involves tricking a user into providing access or credentials by posing as a legitimate website, business partner, or other trusted person.) Before sharing a cyber threat indicator, the disclosing entity must take steps to identify personal information, or information that identifies a person not directly related to the threat, that is contained in the data to be shared. The entity may manually review the indicator to determine if there is any personal information contained in it, or use a technical means (such as software) to remove any personal information. The second category of information that can be shared – “defensive measures” – refers to techniques or procedures for detecting, preventing or mitigating a threat. Note that any

defensive measure that causes harm to another person’s computer system is not authorized under CISA. If an entity is subject to other legal restrictions on disclosing or using the data related to a threat, those restrictions must be complied with notwithstanding the authorizations of CISA. This potentially limits the information that can be disclosed. WHO IS COVERED

For purposes of sharing information, the Act defines a “private entity” to include any person, group, or corporation – commercial or non-profit – and even extending to local, state, or tribal governments in certain circumstances. An entity covered by CISA can use a cyber threat indicator or defensive measure that it receives through CISA to apply its own defense measures or to monitor information systems. As with other portions of the Act, this is limited to the

cyber threat indicator or defensive measure to operate its own defensive measure or monitor its systems. As with other portions of the Act, the entity may act only on systems that it controls or has been authorized in writing to access. LEGAL PROTECTIONS

The Act has several express protections for entities that share or receive information. The first, which applies to sharing between private entities, is a specific antitrust exemption. It provides that it’s not a violation of “any provision of antitrust laws” when two or more private entities share information relating to a cyber threat indicator or for purposes of investigating or defending against a cybersecurity threat. Second, any information shared with the federal government is deemed not to constitute a waiver of any privilege or

Information shared with the federal government is deemed not to constitute a waiver of any privilege or legal protection. entity’s own systems, or systems that they are authorized in writing to access. CISA allows but does not require entities to share information with another entity or directly with the federal government. The Department of Homeland Security has responsibility for developing a process for information sharing, as well as ensuring that information submitted is distributed, in real time, to other entities throughout the federal government. There is a list of seven “appropriate” federal entities that are entitled to this information. It includes the Departments of Justice, Homeland Security, and Defense, as well as the Office of the Director of National Intelligence. Once a non-federal entity receives information through the information sharing process, the entity can use the

legal protection that would otherwise apply to the information. This expressly includes trade secret protection and is intended to increase the scope of information that entities are willing to share. Third, any information provided to the federal government can be designated as commercial, financial, or proprietary information. If the sharing entity makes such a designation, the federal government will treat it as such. Fourth, any information shared with the federal government is deemed not to be an ex parte communication with a decision-making official. CISA has privacy provisions directing the federal government to use submitted information only for certain specified activities. While most of these are expressly cybersecurity related, the permitted activities also include responding to

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Compliance

threats of serious bodily or economic harm or threats to minors, responding to terrorist acts, and prosecuting crimes under identity theft, espionage and trade secrets laws. Despite these limitations on the use of personal information by the federal government, there is opposition to CISA from groups which argue that CISA has significant negative repercussions for individuals’ privacy and for government access to data. FREEDOM OF INFORMATION ACT

In addition to the privacy concerns discussed above, various advocacy groups have raised concerns that CISA will negatively impact the Freedom of Information Act. Under FOIA, many records held by the federal government are subject to disclosure. Since CISA is permitting covered entities to submit large amounts of data in order to address cybersecurity threats, CISA also limits the applicability of FOIA to this information. CISA has express limits on information provided to the federal government, deeming any such information “exempt from disclosure.” Further, any information shared with state, local, or tribal governments is likewise exempt from disclosure under any FOIA or sunshine laws that would otherwise be applicable.

This limitation on disclosure of the information is necessary so that businesses will voluntarily provide information relating to threats, hacks, and other incidents – information which may include confidential or trade secret information. (Trade secret status is also not waived by disclosure under CISA.) However, as some groups have argued, this creates a potentially very large body of data that is held by the government and is not subject to disclosure. This prevents individuals from obtaining information relating to them that was submitted under CISA, and that is a concern to both privacy and open-government advocates. LIABILITY LIMITATIONS

One of the CISA provisions of most interest to private entities is the section on “Protection from Liability.” Under this section, private entities are granted legal protections that amount to immunization from lawsuits for behavior that is in accordance with the Act. The first protection covers monitoring information systems in accordance with the Act. The protection is broad, specifying that no cause of action may be maintained in any court, and any such action that is filed must be promptly dismissed. There is a second grant of immunity that extends beyond monitoring

information systems. Any entity (not just private entities) is protected from liability for sharing or receiving cyber threat indicators or defensive measures, if it was done in accordance with the Act. These limitations on liability do not protect the entities from other causes of action, but rather just from claims that sharing information under CISA is itself the basis for liability. For example, a company that detects a data breach and then discloses it under CISA may still face various privacy related claims from the individuals whose data was disclosed. However, if an individual also claimed harm arising from the entity having shared information with the federal government, that claim would be barred. ■

Michael P. Hindelang is a partner at Honigman Miller Schwartz and Cohn, LLP. He heads the Data Security and Privacy Practice Group and the E-Discovery and Information Management Practice Group. mhindelang@honigman.com

T O D AY S G E N E R A L C O U N S E L . C O M

today’s gener al counsel feb / mar 20 16

Cybersecurity

Legal and IT

continued from page 33 controls over operational and financial matters, and obtain reports on significant findings, recommendations and management responses. • Approve the cybersecurity charter and ensure that policies, procedures and incident response practices are current and regularly tested. • Approve decisions regarding the appointment and removal of the CIO and CSO; ensure there are no unjustified restrictions or limitations; and review and concur on the appointment, replacement or dismissal of executives. • Approve the annual cybersecurity plan, any major changes to the plan, and review the company’s performance relative to the plan. • Review the chief security officer’s budget, resource plan, activities and organizational structure. • Review CIO/CSO performances, and concur with the compensation and annual salary adjustment. • Review the effectiveness of the security function. • Meet separately and regularly with the chief audit executive and CIO to discuss matters that the board, internal audit or IT believes should be discussed privately.

If the potential for financial loss wasn’t enough motivation to buy cybersecurity insurance, the SEC and the Financial Industry Regulatory Authority are on the lookout for firms not operating under a “reasonable standard” to protect against the loss of critical data. These watchdogs will not hesitate to take enforcement action. Insurance falls into two broad categories: first party and third party. First party typically refers to payments

Start with a thorough assessment of the equipment, software and processes of the entire IT system. Analyze IT resources, intellectual property concerns, data architecture, physical perimeter security, and concerns specific to the company’s particular industry. Map out the company’s particular threat landscape. Questions to ask include: What assets might be especially valuable or vulnerable? Are regulatory issues involved? What security measures are

One recommendation is to add a cybersecurity subcommittee to the audit committee. to the company to cover damage from the policyholder’s own loss of data and for other harm to the business, such as theft, fraud, and the cost of forensic investigations. Third party, which covers litigation and regulatory costs as well as credit monitoring, is far more prevalent in the United States than in Europe because of legal requirements to notify customers in the event of a data breach. CREATING AN ACTION PLAN

Most experts recommend that businesses start by having a strategic approach to A company must protect itself startcybersecurity, one which includes plans ing from the top, engrain proper security to secure existing systems and keep the protocol into its everyday culture, and business secure going forward. A comtry to anticipate or patch holes when prehensive cybersecurity plan should problems are detected. The board’s focus on three key areas: seriousness about cybersecurity should be turned into a company-wide plan • Identifying solutions, policies and of action, including buying insurance, procedures to reduce the risk of attacks. creating a cybersecurity action plan and • Putting in place plans and proceinvolving all the company communities, dures to determine the resources that including employees, vendors, customers will be used to remedy a threat in the and consultants. event of a security breach. • Preparing to address the repercusINSURANCE sions of a security threat with employAccording to Inga Beale, CEO of Lloyd’s ees and customers, to ensure that any of London, cyber-attacks cost compaloss of trust or business is minimal and nies $400 billion in 2014. The covershort lived. age companies purchase, she said, is a fraction of what companies are losing. A good cybersecurity plan takes into Furthermore, the firms best prepared for account inside and outside attacks, and cyber-attacks usually wind up buying begins with a thorough understanding insurance. of what the most important assets are.

currently in place? Have employees been trained in data security fundamentals? Is there a viable plan should a breach or intrusions occur? Organizations need to understand where cultural and behavioral risks exist. Risks can arise when priorities and values conflict with one another – for example, the conflict that shows up when a control makes a system more protected but also lowers productivity by making it less usable. In cases of conflict, the dominant culture wins. Cultural and behavioral risk analysis enables enterprise leaders to design strategies that optimize and balance between competing security and business priorities in a measurable and cost-effective way. ■

Robert Kurtz is a managing director in the Technology Advisory Practice at The Berkeley Research Group. He specializes in IT strategy, program management, information governance and security management. He previously served as Vice President of IT at Time Warner and Executive Director of Corporate Technology at the New York Times Company. rkurtz@thinkbrg.com

feb / mar 2016 today’s gener al counsel

THE lEgal mark E Tpl acE

New Must-Have Legal Skill: Collaboration By Mark a. cohen

t’s no secret that changes in legal delivery are accelerating. This means that lawyers must acquire skills not taught in law school, and that goes beyond fulfilling basic continuing legal education requirements. The Model Rules, for example, were recently amended to require that lawyers have a rudimentary understanding of how technology is used to deliver legal services. Fifteen state bars have made that a practice requirement. Collaboration is another skill that, though less trumpeted than technology, affects legal delivery. Law firms have lost their hegemony over the delivery of legal services. As a consequence, law firm attorneys now routinely work with legal service providers, technology specialists, process and project managers, and others in the legal supply chain.

Mark a. cohen is the CEO of Legalmosaic, a consultancy to service providers, consumers, investors, educators and new entrants into the legal vertical. Prior to founding Legalmosaic, he was co-founder of legal service provider Clearspire. This followed his founding of Qualitas, an early entrant into legal process outsourcing. Earlier in his career he was a civil trial lawyer. Currently he is Adjunct Professor of Law at Georgetown Law Center, and a blogger and public speaker. markacohen@legalmosaic.com

This requires lawyers to collaborate as never before. But collaboration is not a skill taught in law school. To the contrary, traditional doctrinal law school curricula tend to characterize legal practice as adversarial rather than collaborative. NEW TO MOST LAWYERS

“Collaboration” as applied to lawyers is like “student athlete” to most big-time college football and basketball players: more feel-good myth than reality. Lawyers, like elite athletes, have been taught that competition yields winners and losers. Theirs is a zero sum game. Collaboration is rarely taught at law school (I know, because I am teaching the first project management course at Georgetown University Law Center).

Nor is it emphasized at law firms. Why is collaboration important for lawyers and how does it figure in the delivery of legal services? Let’s return to what we were taught about being a lawyer. Traditional legal training, both in law school and practice, reinforced the adversarial nature of the legal process. This indoctrination was born from an ethos that law is organized combat, a process that yields winners and losers. Of course, this flies in the face of the reality of practice because (1) the legal adversarial process involves give and take, a counterpoise that is essentially collaborative because both sides adhere to the same rules; (2) even in litigation, the most “combative” legal practice area, 98 percent of cases settle prior to

today’s gener al counsel feb / mar 2016

trial (which begs the question why more cases are not resolved much earlier in the process); (3) likewise, transactions may be actively negotiated by opposing sides; however in the end many are ratified, which means that collaboration (and compromise) has occurred; and (4) the Rules of Civil Procedure, the Rules of Evidence and the other guardrails proscribing the way lawyers engage in their craft implicitly call for adherence, deference and respect for the way the game is played. And that requires a collaborative effort. Is this just a semantic fusing of the words “adversarial” and “collaborative”? No, it is more than that. Lawyers are imbued with a notion that collaboration is for others and that the mandate is to “zealously represent,” not to “work collaboratively” to advance client interest. Could this be driven, in part, by economic selfinterest, and more particularly by the billable hour? Then there is the silo effect created by “origination” and its seminal role in partner compensation. The rainmaker, like the star quarterback, rakes in the biggest bucks. That certainly plays a role. Today, clients assign value to matters, and that means a relation between cost and result. If, for example, a matter has relatively low value to a client (as many do), the lawyer/law firm must work creatively – collaboratively – both internally as well as with the adverse party, to resolve that matter quickly and within the parameters of an acceptable result as outlined by the client. That is not always possible, but the cost-to-value divide has placed a greater emphasis on efficiency, transparency, technology and collaboration. Bottom line: client focus on value, coupled with the legal supply chain, has elevated the importance of collaboration for lawyers. NEW LANDSCAPE

Can we stipulate that 2008 provides a Maginot Line for the delivery of legal services? True, disaggregation (unbundling) of certain basic “legal” tasks was already well underway, technology had emerged

as a key element in legal delivery, and globalization had already assumed great importance. But 2008’s global fiscal crisis and its fallout accelerated changes in the delivery of legal services creating, as some describe it, the new normal. The rules of the road for the delivery of legal services were open to remapping, as client expectations – or demands – for greater value, transparency and collaboration became mandatory, not precatory. So what does “collaboration” mean in the context of the delivery of legal

solely with lawyers, much less exclusively with lawyers in their own firms. Collaboration also applies to the way law firms, as well as in-house legal departments work with other providers. The traditional practice of a legal department assigning a matter to an outside firm that handles it start to finish has yielded to arrangements frequently involving several providers in the supply chain (LPOs, e-discovery and staffing companies, other firms, etc.). The recent tie-up between global behemoth DLA and Lawyers on De-

Lawyers no longer work solely with lawyers, much less exclusively with lawyers in their own firms. services? Let’s start with the way lawyers interact among themselves. Legal specialization, the rapid growth of law firms – often through merger and aggressive lateral hires – globalization, and internecine struggles over origination (or retention) of clients, are all challenges to firm collaboration. At the same time, client demands for greater value, manifested in increased competition among firms, alternative fee arrangements, RFP’s, and the ascendency of service providers who are “not engaged in the practice of law” (but perform tasks crucial to the delivery process) are putting pressure on firms to collaborate. This means many things, including: (1) “right-tasking” work that stays in the firms (assigning it to the right level of expertise and experience for the task, rather than whoever has “idle hands”), (2) retaining project managers, (3) working closely with IT specialists and other non-lawyers who are now embedded in firms and integral to the delivery of their services, and (4) bringing on CFO’s and others who are trained in process management and possess the requisite skills to manage the business of law. All this requires collaboration that most lawyers were not trained to do, not inclined to do, or have never imagined they had to do. Lawyers no longer work

mand, a UK-based legal staffing company, is a good example of systemic collaboration between a law firm and service provider. Collaboration involving law firms and service providers has two key subparts: (1) risk mitigation/integration and (2) budget adherence. The latter can be undertaken either by an in-house department or by the primary outsourced law firm/lawyer. In either case, collaboration is a key element in the successful representation of the client, both from a risk mitigation and a cost perspective (i.e. value). This requires individuals who are equipped to manage the collaborative effort. They must have skills not presently taught in law schools or honed in law firms or in-house legal departments. Translation: Until lawyers are trained in project and process management, project managers who are not necessarily lawyers will manage the process. Those managers will not provide legal oversight – lead lawyers will retain that function – but they will ensure that it is delivered efficiently, timely, transparently, on budget and collaboratively. Finally, in addition to involving non-lawyers, collaboration increasingly involves cross-border issues, and often multi-border issues. As client matters continued on page 43

feb / mar 2016 today’s gener al counsel

work pl ace issues

Big Data in Employment By scott Forman and Zev J. eigen

recent study commissioned by the Coalition of Technology Resources for Lawyers concluded with an eye-catching observation: Legal departments continue to invest in advanced data analytics, but remain relatively unaware of many of its potential benefits. As CTRL rightly pointed out, data analytics will only become more important within legal departments in the coming years. Big

scott Forman is a 42

shareholder at Littler Mendelson, where he guides the firm’s efforts to develop technology platforms that enhance delivery of legal services. He is the founder of Littler CaseSmart®, a platform for defending employment matters that provides data-driven insights on business risks. sforman@littler.com

Zev J. eigen is Littler’s Global Director of Data Analytics. He works with clients to provide analytics resources designed to benchmark and analyze HR and litigation strategies. A nationally recognized authority on workplace data analytics, Eigen has experience in data science, econometrics and statistics, social science research, and labor and employment law. zeigen@littler.com

data plays an increasingly integral role in how organizations make decisions at every level. Companies in a range of industries that once used analytics mostly for customer-facing initiatives are now implementing big data throughout their decision-making, including in their workforce management, employment litigation strategies and to insure compliance. Here we detail the opportunities and potential pitfalls for general counsel to keep in mind when leveraging big data within these three key areas. Workforce ManageMent

The influx of information and new ways to use it for analysis have implications for nearly every aspect of employment decision-making, from the selection and hiring process, through performance

management and promotion decisions, and up to and beyond when termination decisions are made. In the big data age, there are more ways for employers to gain insights into workers and job applicants. It can be from internal data, such as applications and employee e-mail, to information publicly available through social media and other means. Finding data sources that are hard to game or trick is a great way to increase the precision and transparency of decision-making. Performance evaluations provide a prime example of the benefits of big data in employment. As opposed to assessments by supervisors that can be highly subjective, employees can be evaluated through data tracked by the company. These include records of punctuality, results of client/manager

today’s gener al counsel feb / mar 2016

surveys, tracking of output that is keyed directly to the percentage of time and input of any or all contributing workers, and biometric data or other feedback associated with wearable technology. In addition to taking pressure off supervisors and creating a more objective process, such measures can reduce bias and the threat of lawsuits. Big data also provides a means of testing the impact of new employ-

Predictive modeling also provides significant benefits for assessing the likely length, costs and outcome of lawsuits filed against a company, as well as what to expect in the deposition and discovery process. By anticipating hard costs (such as legal fees and the settlement/award amount) and soft costs (such as the impact on personnel and brand reputation), general counsel are in a better position

Finding data sources that are hard to game or trick is a great way to increase the precision and transparency of decision-making. ment policies in such areas as morale, productivity and turnover rates. As an example, we have worked with companies to utilize data that tests the impact of allowing employees to work more flexible schedules. By allowing a pilot group of employees to work remotely on a more flexible schedule, the employer has the opportunity to examine data before rolling out a new company-wide policy. They may find that workers are more productive and feel greater engagement with the company under the new schedule. Managing EMployMEnt litigation

As companies continue to face lawsuits from employees in a range of areas, we have seen big data more efficiently manage the litigation process. In response to dramatic shifts in the legal market, our firm developed a technology platform several years ago called Littler CaseSmart that manages administrative agency charges and single-plaintiff employment litigation. By capturing data on legal matters in an interactive dashboard, companies can identify factors that are triggering litigation and proactively manage risk. For instance, if a certain employment policy is involved in lawsuits more often than others, this signals general counsel to consider additional training on the policy, or changes to the policy itself.

to make informed decisions on how best to proceed with a particular case at inception. Ensuring lEgal CoMplianCE

While the opportunities presented by big data are undeniable, the benefits are set against the backdrop of a legal system that has not yet evolved with advances in technology. As a result, companies must be cautious not to run afoul of laws in such areas as privacy, discrimination, background checks and data security. One way for general counsel to limit their risk is to gain the protection of attorney-client privilege by working with outside law firms that have the substantive expertise and technological capabilities to provide data analytics services. The digitization of information has resulted in the creation of more data in recent years than in the entire history of mankind, and our ability to use computer-based techniques to leverage this information has expanded exponentially. In this environment, employers should prepare for a new world of workforce and litigation management heavily influenced by data sets, analytics and statistical modeling. General counsel who are able to balance the opportunities presented by data science with the laws dictating its use will be best positioned to take advantage of all that big data has to offer. ■

Collaboration

continued from page 41 become more geographically dispersed, lawyers must collaborate with others operating in different sovereign nations, with different legal standards, regulations, practice rules, languages, etc. Such collaboration has both a legal and cultural component. Moreover, cross/multi-border matters often involve complex, inter-disciplinary issues that implicate other professional service areas and require a depth of business expertise. The result: Lawyers now frequently collaborate with non-lawyers in the legal delivery process. This is very far removed from the insular, self-regulated world most lawyers grew up in. Law is only one element in an inter-disciplinary approach to solving complex business challenges, and clients, not lawyers, often decide what is a “legal” versus a “business” issue. Lawyers must learn to collaborate better among themselves, with those in the supply chain, and with disciplines called upon to resolve business challenges. And if they do not learn about process and project management, they will relinquish that function to others who are trained in it. Collaboration is much more than a politically correct word in legal parlance. It is a skill, if not a job requirement, for lawyers engaged in today’s global inter-disciplinary supply chain and technologically enhanced legal delivery system. Even in the retail segment of the legal market, lawyers often work with others to deliver their specialized knowledge and professional judgment on a more cost-effective and value-driven basis. Collaboration is an essential skill for the contemporary lawyer. It’s time that it is so regarded by the Legal Academy and practitioners. ■

feb / mar 2016 today’s gener al counsel

T H E A N T I T R U S T L I T I G AT O R

Effective Compliance Training is Tailored By Jeffery M. cross

ast October, I had the privilege of helping to organize and moderate the Compliance and Ethics Forum held in Chicago by Today’s General Counsel Institute. Like the programs in e-discovery and cybersecurity put on by the Institute, the format involved peer-to-peer discussions among general counsel and compliance officers on topics of interest. One of the sessions was devoted to best practices in compliance training. A theme of much of the discussion during this session was the importance of tailoring the training to the organization. One aspect of that topic was the need to incorporate the culture of the corporation into the training format. In this regard, one participant talked about organizing focus groups to determine which issues employees thought should be covered in compliance and ethics training. Another participant spoke of the benefits of including employees as actors in training videos. Another participant organized an ethics film festival and invited employees to make their own videos. Each of these participants emphasized the importance of finding a training approach that works best for his or

Jeffery cross, is a columnist for Today’s General Counsel and a member of the Editorial Advisory Board. He is a Partner in the Litigation Practice Group at Freeborn & Peters LLP and a member of the firm’s Antitrust and Trade Regulation Group. jcross@freeborn.com.

her organization and achieves employee “ownership” of the program. Another aspect of “tailoring” compliance training that was discussed involved identifying the issues that create the greatest risk of non-compliance within the particular company, and focusing the training on these risk areas. One participant indicated that her company had created a committee composed of compliance officers for different business units of the company. This committee met regularly to identify risk groups that needed specialized training. The tailoring of training to the risks of non-compliance finds support in various sources, including the U.S. Sentencing Guidelines, the International

Chamber of Commerce Antitrust Compliance Toolkit, and the Canadian Bureau of Competition’s guidance for corporate compliance programs. It also has found support in recent speeches by officials in the DOJ and in actions taken by the Justice Department Antitrust Division in recommending fine reductions in criminal antitrust cases. Following the WorldCom and Enron fraud scandals, Congress passed the Sarbanes-Oxley Act of 2002. That law directed the U.S. Sentencing Commission to review and amend the Sentencing Guidelines so that they would be more effective in deterring and punishing organizational misconduct. The Commission issued amended guidelines in November

TODAY’S GENER AL COUNSEL FEB / MAR 2016

2004. Among other changes, the Commission extensively revised the section dealing with compliance “to emphasize the importance of compliance and ethics programs and to provide more prominent guidance on the requirements for an effective program ….” The Sentencing Guidelines set forth seven steps considered necessary for an effective compliance program. These steps include effective training. For all

Compliance officers and management should identify legal risks and then design compliance programs to meet the most likely and serious risks. The Canadian guidelines also admonish businesses to be cognizant that risks may change as the business evolves. The Antitrust Compliance Toolkit from the International Chamber of Commerce similarly suggests establishing a risk assessment methodology and

This philosophy was evident in a Sentencing Memorandum and Motion for a Downward Departure filed by the Antitrust Division in connection with the imposition of a criminal fine against a company charged with violating antitrust laws. In its motion, the Division set forth the features of the compliance program that it considered in its request for a downward adjustment. The motion noted that the compliance program

Sales and marketing executives who attend trade association meetings are vulnerable to price-fixing allegations, and their training should focus on this fact. On the other hand, those working in accounting may need to receive more extensive training on fraud. of them, the Guidelines require that the organization periodically assess the risk of criminal conduct and take action to design, implement or modify its programs to reduce the risks identified. Tailoring the program to address specific vulnerabilities is a logical way to proceed. The example that I often give my clients is that sales and marketing executives who attend trade association meetings are vulnerable to price-fixing allegations, and their training should focus on this fact. On the other hand, those working in accounting need only limited training about price-fixing, but may need to receive more extensive training on fraud. The Canadian Corporate Compliance Program also advocates a “riskbased corporate compliance assessment.”

process. The ICC Guidelines note that risk management is an established business practice which should be applied to antitrust compliance. Last September, Deputy Assistant Attorney General for Criminal Enforcement Brent Snyder of the DOJ’s Antitrust Division spoke about antitrust compliance at a Joint Antitrust Compliance Workshop of the International Chamber of Commerce and the U.S. Council of International Business. He emphasized that the Antitrust Division has not provided a “one-size-fits-all” answer to the question of what makes an effective compliance program. Rather, a compliance program must be designed for the nature of a company’s business and for the markets in which it operates.

View our digital edition D IGI TA L .T OD AY S G E NE R A L C OUN S E L . C OM

instituted by the defendant required training of senior management and all sales personnel. In addition to classroom training, the program provided for oneon-one training for personnel with jobs such as sales, where there was a high risk of antitrust crimes being committed. If the primary purpose of a corporate legal compliance program is to avoid violations of the law in the first instance, it makes sense to tailor any compliance training to the company’s business. First, undertake a risk assessment in order to focus training on the riskiest areas of the business. Then concentrate special efforts on the people who are most at risk of violating the law, by tailoring the subject matter to address their situations. ■

feb / mar 2016 today’s gener al counsel

I N F O R M AT I O N G O V E R N A N C E O B S E R V E D

Time for GCs to Step Up By Barclay t. Blair

our kid’s slightly annoying chum is midway through a passionless version of Für Elise when the first text message arrives: “big mess- need hlp asap.” Is this just the excuse you need to escape piano recital purgatory? Maybe, but your kid hasn’t played yet, so you ignore the message. Finally it’s his turn. He doesn’t make too many mistakes and your swelling heart is deflated only a little by the constant vibration of your phone. As he takes his bow, you politely excuse yourself to survey the damage: ten missed calls, forty-seven texts, and an unread email count that gives you heart palpitations. This is how your journey into the heart of darkness begins. It will be months before you leave this place, and you will leave it as a changed person. Because today, your organization has experienced a data breach. You are the general counsel. May the force be with you. Data breaches are the like the rash or the cough that is really only a harbinger of the real sickness. And for most organizations today, the sickness is

Barclay t. Blair is the president and founder of ViaLumina and the executive director and founder of the Information Governance Initiative, a cross-disciplinary consortium and think tank. An advisor to Fortune 500 companies, technology providers and government institutions, he has written award-winning books on the topic of information governance. Barclay.blair@iginitiative.com

not bad security, but bad information governance (IG). Think of it this way: if you forget to lock your door – and a thief enters your house and steals the $47,000 in cash you have sitting on the kitchen table, the priceless heirloom jewelry

But the real problem is more difficult to solve. The real problem is that you are not doing IG. I recently sat in a post-data-breach meeting that devolved into a screaming match between the general counsel and the cybersecurity SWAT team. The

You are the general counsel. May the force be with you. over which you have hung a sign reading, “priceless heirloom jewelry here” and also a box of receipts from your 2003 tax return (for some reason) – do you have a security problem, or a deeper and more pernicious problem? The “security” problem can be addressed: Don’t be an idiot and remember to lock your door. Or get self-locking doors.

SWAT team did its job and plugged all the security leaks, but in the process noticed that the company had terabytes of data that nobody seemed to have looked at for years. Duplicative data. Data that they no longer had the software to access. And, expecting a simple answer, they sent a group email to the general counsel, the head of litigation,

today’s gener al counsel feb / mar 2016

the chief privacy officer, the records manager and the chief information officer, asking how they could get approval to excise it. The team’s logic was solid: if we get rid of this apparently useless stuff, we don’t have to spend time and money

filing stating their company has been a good steward of its resources should be outraged. After all, the company is still treating most of its information the same way it did in the 1950s – fixed, physical, immutable, and command and controllable. And, finally, the CEO

Who? What is that person’s methodology, and do you agree with it? • Do you have the authority to approve the deletion of specific pools of information in your company? If not, who does, who gave them that authority, and what process do they go

Are you being honest with yourself (and senior leadership) about the horrendous amounts of money you are wasting in e-discovery, simply because your company does not have its IG act together? securing it (something the US Federal Trade Commission called “data minimization” in a 2015 report). They didn’t get the answer they wanted. Through a dreary series of obfuscatory emails, memos and meetings, a troubling pictured emerged: The company had no idea what information it owned, where it was stored, what value it had, or what legal, business, contractual or other obligations the company had to retain or protect it. Consequently it simply had no idea what it should or could do with the information. So what did they do? The same thing most of us are doing; Nothing. That’s what started the screaming match. To the IT and cybersecurity staff, it was ludicrous that they should bear the cost and risk of protecting information simply because the company was too immature to make a business decision about its fate (a key focus of IG). But the IT and cybersecurity staff aren’t the only ones who should be outraged. Business managers who spend their weekends preparing reports by helplessly squeezing data out of multiple overlapping and conflicting databases with no clear sense of which data is correct should be outraged. Shareholders watching the companies they own light huge piles of money on fire through a complete lack of visibility and control over their information assets should be outraged. CFOs putting their signature at the bottom of a quarterly

should be outraged because the general counsel has not stepped up to provide authoritative and proactive leadership on IG. Can you, as a general counsel, answer these questions? • What is the most valuable information in your organization? Why is it the most valuable? How are you defining value? Where is it stored? Who is responsible for its protection, availability, cost and disposition? Does that person have the right training, mandate, authority and budget? • Is the information that you have a statutory requirement to retain for a specific period of time and in a specific manner really being retained as required? Even the difficult stuff, like the information in your messaging and collaboration environments? Is any of it being destroyed before its time? • Is information containing personally identifiable information being protected in accordance with your legal and contractual requirements, and in compliance with the promises you have made to your customers and shareholders? Is any of it flowing across legal jurisdictions with different expectations about its governance? • Does all the information in your network shared drives, content management systems and email systems have a reason for existing? Do you know how to ask or answer this question? If not, does anybody in your organization?

through to ensure that they are complying with the law and best practices, as well as addressing the needs of the business and IT? • Are you being honest with yourself (and to senior leadership) about the horrendous amounts of money you are wasting in e-discovery, simply because your company does not have its IG act together? You see the skeletons every day through your active matters: the broad document sweep that turns up few responsive files after an intensive and expensive review; the massive amounts of duplication and waste across the company; the near-complete failure of your organization to treat information as a business asset to be formally managed and exploited like any other asset. If you have a good answer to each of these questions, stop whatever you are doing right now and call me. I have never met someone like you, nor seen an organization like yours, and I would be delighted to hear from you. Look, I realize that I am being glib and kicking off my column here with a certain confrontational tone. I get it. But I am simply exasperated with the lack of information leadership and our collective failure to take our information responsibilities seriously. I believe that there is a critical and central role for the GC in changing this. In the end I am hopeful. In my next column I will explain why. ■

FEB / MAR 20 16 TODAYâ&#x20AC;&#x2122;S GENER AL COUNSEL

LEGAL ANALYTICS FOR STRATEGY AND CASE MANAGEMENT BY OWEN BYRD

egal analytics involves the use of data to make quantitative legal predictions that inform decisions made in both the business of law (law department operations) and the practice of law (litigation and transactions). Legal analytics represents a paradigm shift for lawyers. For an in-house department, data helps do three things central to its function: manage risk, make good strategic choices and control spending.

today’s gener al counsel feb / mar 20 16

Legal analytics is based on litigation data, which has become more available in recent years from multiple sources. The U.S. Public Access to Court Electronic Records (PACER) system provides access to federal district court dockets and documents. The International Trade Commission’s EDIS platform contains all ITC investigations. The U.S. Patent and Trademark Office website provides Patent Trial and Appeal Board (PTAB) trials, as well as information about the patents at issue in district court, ITC and PTAB proceedings. Once it is acquired, technology can be used to clean, code and tag litigation data using natural language processing and a machine-learning engine, supervised by attorney experts. The legal analytics process involves mining data for patterns and insights that can inform legal and business decisions. For each case, it identifies trends in the behaviors of the involved players – including the lawyers, law firms, parties and judges – and identifies all asserted patents, findings and outcomes, including any damages awarded. This information can be used to create structured data sets about judges, lawyers, parties and patents from the complex, unstructured legal data found in millions of pages of litigation dockets and documents. Legal analytics then involves rolling up the data into a case management and workflow tool for in-house counsel. The information can be used by corporate counsel to track a company’s IP cases, understand recent developments and prioritize tasks. Having this information readily available allows them to reduce the time spent on weekly update and status calls with outside counsel, and it reduces the burden of tracking case documents. It allows in-house attorneys to handle more work, which means law departments can operate more efficiently. In IP matters, legal analytics helps law departments to understand tendencies and patterns of behavior, and to make decisions based on those tendencies and patterns. The most sophisticated companies use legal analytics not only to assess adverse parties, but also to assess their own litigation behaviors and strategies. Companies use analytics to benchmark peer company litigation, comparing their own strategic IP litigation behavior with the behavior of peers and competitors. By assessing patent litigation volumes, case outcomes and average duration,

settlement propensities, trials, damages awards, propensity for non-practicing entity litigation and other subjects, a company can have a comprehensive body of factual data to support changes in the strategies it deploys across its docket of IP litigation cases.

The legal analyTics process involves mining daTa for paTTerns and insighTs ThaT can inform legal and business decisions. Data can be applied to influence each step of the dispute resolution process. Here are some specific tactical uses: • Early case assessment. Legal analytics can help answer threshold questions in IP litigation before a demand letter is ever drafted, sent or received. Plaintiffs and their attorneys must analyze not only who has caused the harm and who has the deepest pockets, but also how prospective defendants are likely to react to a claim. One obvious measure is the prior litigation behavior of a defendant, but even when that defendant has no prior history, plaintiffs can extract predictive insights out of the litigation behavior of similar parties in similar lawsuits. Defendants and their attorneys can also look to data to inform their response to a demand letter or complaint. Has the plaintiff brought other similar lawsuits? If so, how did the plaintiff behave at each stage of litigation? Was the plaintiff successful? How have other defendants responded to the plaintiff or similar plaintiffs with similar claims or behaviors? • Selection of outside counsel. Having objective data about counsel can inform a selection decision and ensure that it is not made merely out of habit, but is driven by efficiencies and effectiveness. Data can help make sure that continued on page 55

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

Ethics Have T Calculable Value

here is just one social responsibility for businesses, Milton Friedman wrote, and that is to devote its activities and resources to increasing profits. According to this theory, as long as a company stays within legal and regulatory bounds, actions that demonstrate social responsibility are a waste of shareholders’ money. Profit is certainly the goal, but the possibility that implementing socially responsible policies and promoting an ethical way of doing business could generate profit as well as good will is worth considering. Acting ethically adds value to the business in four principal ways:

In-House Counsel Have Key Role By Sergio Marini

• Socially responsible actions promote the company and make consumers more likely to believe that it produces high quality products. • Socially responsible activities, such as focusing on sustainability and improving internal control procedures, can lower costs and improve efficiencies. • Implementing policies to assure compliance with rules and regulations mitigates the risk of penalties or sanctions. • Socially responsible actions generate a sort of “halo effect,” according to a recent study by Harrison Hong of Princeton University and Inessa Liskovich of the University of Texas (reported in The Economist, June 27, 2015). Companies with the most comprehensive social responsibility

today’s gener al counsel feb / mar 20 16

programs receive less costly punishments than other companies when they do commit violations. So it is that acting ethically does have an immediate, positive impact on the bottom line. But there’s more. In the last 40 years some important changes have taken place. Gone are the days when companies could be assumed to answer only to their shareholders. Profit is the main goal on a short-term basis for the shareholders, but the long-term success of companies in a free-enterprise system depends on confidence from stakeholders within the community the business depends on. Companies that behave ethically are able to maintain stakeholders’ satisfaction and confidence. Ethical behavior can also enhance employee loyalty and attract better personnel. This goes beyond mere principle. Unethical behaviors asked of company personnel, or discovered by one employee about another, create workforce tensions. Personnel may find themselves in the moral dilemma of having to choose between safeguarding their positions or acting according to their moral compass. Adhering to ethical and socially responsible policies helps avoid these tensions. Employees feel themselves more accountable to the company and its owners, which leads to better performance. In a world where companies are generally seen as acting unethically for their own profit, individuals will be proud of working for – and buying from – a respected, reputable and still profitable organization. The opposite is true for a company that is found to have acted unethically. It will be blamed and shamed, by its own personnel, and by other stakeholders, as well. Going back to Friedman’s assumption – that so long as it stays within the rules of the game a company need only concern itself about profits – the question arises: Should we refer only to the rules embodied in laws and regulations, or rather go beyond them to a wider system of social rules, such as those dealing with community obligations, gender roles, pollution and behavior toward customers? We suggest the latter. On a long term basis, doing business in conformity to a wider system of social rules will also maximize profits. The in-house counsel has a key role to play in this endeavor. Whereas top management is appointed by the shareholders and acts as their agent, in-house counsel is appointed by the company itself and has primary responsibility towards the company as a whole, including its stakeholders and society at large, not only towards share-

holders. This means that, in supporting top management’s activities, in-house counsel may be in the position of preventing it from focusing on short-term gains and taking “shortcuts to profitability.” In-house counsel should not only have the kind of thorough knowledge of the company that enables strategic advice, but also the broad knowlActing ethically has an edge of applicable rules and regulations that enables immediate positive impact compliance. In addition, like all legal professionals, the on the bottom line. in-house counsel needs a set of “deontological” rules (the expression of the principles of ethics as applied to a profession) in order to provide a framework for giving advice with intellectual independence. To fulfill their ethical obligations, in-house counsel should be provided with full access to corporate information, along with the assurance that the information received and any opinions given are subject to the attorney-client privilege. This encourages management to make full disclosure without the risk of what they disclose being used against them in court. The issue of privilege is problematic in Europe. In some European countries in-house lawyers are members of the Bar, and therefore swear an oath to fulfill the same ethical obligations as lawyers in private practice. In some other countries (for example, Belgium) the profession of lawyers who are employed by companies is regulated by a set of laws. They are part of a separate institution Sergio Marini is which issues its own code of deontology. And in general counsel at some countries, lawyers who work in companies Fendi, LVMH Group. are neither admitted to the Bar nor recognized He is is responsible by the law. In such a varied situation, the European Com- for Fendi’s legal affairs pany Lawyers Association (ECLA) has drafted its worldwide, including intellectual property own Code of Ethics with the aim of setting out and brand protection, common basic professional and ethical principles litigation, corporate for all in-house lawyers in Europe. The Code matters and compliof Ethics is based on those of most member asance. He holds a law sociations, and is a point of reference especially degree from the in those countries where the in-house lawyer’s University of Bologna profession is not yet recognized. and is President of Considering that most common law countries ECLA (European do recognize the special role of in-house counsel, Company Lawyers thus providing for a sort of “legal privilege,” the Association) and a lack of recognition in other countries may cause board member of unequal treatment and irregularities in a global AIGI (Associazione market. Thus, legislative action on this matter Italiana Giuristi would seem to be necessary at both the country d’Impresa). and EU level. ■ sergio.marini@ecla.eu

TODAYâ&#x20AC;&#x2122;S GENER AL COUNSEL FEB / MAR 20 16

Social Media Analysis for Investigations and Trials By Wendy Schmidt and Scarlett Kim

ocial media activity can tell a lot about people, from the banal to the revelatory, and from the embarrassing to the indictable. Research into what people say and post on social media sites, and with whom they communicate, is now integral to business marketing strategies and decisions, and increasingly it is being used in corporate investigations and trial intelligence. Nearly half of respondents to a July 2015 Deloitte poll indicated that their organization uses publicly available social media content when conducting investigations. Only recently, however, have social media analytics technologies and techniques become sophisticated and accessible enough to provide support in these areas of general counsel oversight. In fact, only 13Â percent of poll participants said their organization uses analytics to scour the massive amount of available data. Expect that to change. Next-generation analytics tools have emerged in the past couple of years to gather information from publicly available social media content, enabling attorneys and investigators to dig deeper into social media profiles and actions quickly, economically and legally. The tools can provide information of once unattainable richness and scope to support internal investigations, M&A due diligence, litigation, jury selection and assessment of insider and outsider threats to the business. NEW TOOLS, MORE INSIGHT Analyzing use patterns and commentary across social media platforms can reveal insights to help identify the attitudes, interests and motivations of individuals and groups. Previously, social media research in investigations and

litigation involved legal staff and consultants hunting and pecking around the Internet for profiles and activity – often a time-consuming process, and one stymied by social network privacy rules and settings. Now, commercially available data analytics, or “sensing,” tools and innovative investigative approaches are improving and accelerating the process. The tools enable analysis of individual and community Web presence, often revealing previously unknown connections across multiple platforms. They can allow analysts to map out a person’s network and conduct keyword searches across it to gather relevant details such as names, contact information, business affiliations and geographic locations, often in a matter of minutes. Once a profile or Web presence is identified, depending on what information is publicly available, analysts can analyze the level of activity of each user, including posts, photos and videos. Used along with more traditional public record research, this analysis can shed new light on pending litigation, fraud and corruption investigations, regulatory inquiries, M&A due diligence, and automated sensing of cyber and extremist threats.

Wendy Schmidt is a Deloitte Advisory principal in Deloitte Financial Advisory Services LLP and global leader of Deloitte’s Business Intelligence Services practice. She is based in New York. weschmidt@deloitte. com

Scarlett Kim is a New York-based Deloitte Advisory manager in the Business Intelligence Services practice of Deloitte Financial Advisory Services LLP. sckim@deloitte.com

HOW THE TOOLS WORK Online socializing and interactions generate masses of data, much of it reflecting the activities and relationships of persons of interest in investigations and participants in litigation and trials. During a trial, for example, data such as status updates and contacts can be collected, categorized and analyzed at the courthouse or remotely, and delivered to counsel promptly, up to and during the proceedings. In just minutes, these tools can reveal information about relationships that otherwise would take months to uncover, if it could be discovered at all. Social media sensing can produce insights helpful both in the litigation process and in jury selection. Background research can reveal the profiles and activities of opposing counsel, parties and witnesses. Insights into prospective jurors can reinforce counsel’s views of them or be a surprise, perhaps a pivotal one. Social media sensing can also inform various kinds of investigations. It can help identify bad actors in internal investigations as well as external probes, such as Foreign Corrupt Practices Act investigations. The new tools help identify relationships and reveal commentary that may not be uncovered through other methods. These tools use proprietary algorithms to determine the strength of bonds based on factors such as

common connections and frequencies of interactions, comments, and connection duration. One of social media analytics’ most profound powers is the ability to map the relationships of an investigation target, be it a potential juror, witness, attorney or other person of interest. Analyzing multiple social media platforms to capture the nature of the person’s relationships – for example whether individuals are friends, family, business associates or combinations of these, can be invaluable information for legal teams. AN EXEMPLARY CASE An example of how this works is a recent whistleblower case that involved two companies, and where social media analytics were used to profile six individuals and identify connections between them. Three individuals worked for Company A, and three worked for Company B, which was a vendor to Company A. The whistleblower alleged that Company A’s employees were paying bribes to Company B’s employees, using a scheme in which Company B officers granted Company A employees “additional discounts and marketing funds, which may have been used to create a credit pool for potential bribes.” Scheme proceeds were then kicked back to Company B officers. Social sensing revealed that five of the involved subjects were either directly or indirectly connected to each other on one social media site. The individual identified as Company B’s “chief briber and instigator” maintained direct social media connections with two Company A officers. Another Company B officer was identified as having maintained social media connections with Company A’s “chief bribee” at least three years prior to joining Company B. Company A’s “chief bribee,” while not directly connected to the two remaining company B officers, was revealed to maintain more than 20 mutual connections with them. A review of the subjects’ social media profiles as a group identified 103 mutual connections, 10 of whom either currently or previously worked for Company B. Social media relationships can offer valuable insights into the subjects of an investigation or the parties to a legal action. The challenge lies in navigating the structures and controls of social sites to extract relevant information from the sea of social data. That’s become easier with the emergence of new tools that are significantly more sophisticated and faster than traditional methods of searching social media. ■

today’s gener al counsel feb / mar 20 16

Legal Analytics

continued from page 49 corporate counsel select the best, most qualified outside counsel for the job. It can determine which counsel most often handle which types of cases, the roles they play in those cases, whether the cases went to trial, whether they tend to settle, whether they have been successful, and how. By comparing dockets, corporate counsel can also develop a list of firms with trial experience in the jurisdictions where they most often litigate.

peers. The study revealed case volumes, case types, products at issue, venue, settlement volumes, case phase at settlement, settlement rates, chances of early settlement, number of cases stayed pending re-examination of the patent

The mosT sophisTicaTed companies use legal analyTics noT only To assess adverse parTies, buT also To assess Their own liTigaTion behaviors and sTraTegies.

• Choosing a venue or obtaining transfer. For plaintiffs, establishing jurisdiction in a court with a measurable track record favoring plaintiffs with similar claims and a record of moving faster and more often to a jury trial can have more impact on the outcome of litigation than any tactics subsequently employed. For a defendant moving for transfer of venue, quantifying the arguments that have succeeded in the past with a specific judge can help propel the case out of an unfriendly environment and into one where similar defendants more frequently prevail. • Evaluating judges. Once litigation is under way, every step in the process can be informed by data that improves the chance of winning and minimizes unnecessary legal spending. For example, in-house attorneys for a large pharmaceutical company heard anecdotally that the judge presiding over their patent case often ruled on claim construction solely on the briefs, without holding a hearing. Before the company designed and executed on its claim construction strategy, it obtained data that confirmed that the judge ruled on claim construction without a hearing over 80 percent of the time. The company then knew that it had to include all of its arguments in its brief, holding nothing back for a hearing that was likely never to happen. • Evaluating the opposing party. Data about the behavior of peer companies in similar litigation can confirm or suggest adjustments to a litigant’s behavior. One large technology company commissioned a comparative study of its patent litigation behavior and the behavior of 15 of its

at issue by the USPTO, overall case outcomes, win/ loss rates and damages awarded. The results showed a wide variety of behaviors and outcomes, even in response to similar claims by similar plaintiffs. Some companies settled early. Others fought every claim to the bitter end. The data enabled the company to optimize spending and tactics based on information that otherwise would have been unavailable. • Evaluating opposing counsel. Zealous representation in litigation can now be informed by statistical insights into the caseloads and behaviors of opposing counsel. If you knew about all the cases that your opposing counsel is currently handling, and you mapped out all the upcoming filing deadlines in those cases, might you make sure to serve your discovery requests right when opposing counsel is busiest with other deadlines? Legal analytics brings lawyering back to its roots, providing attorneys with facts on which to base opinions – the core of good lawyering. It enables lawyers to combine insights gleaned from bottom-up raw data with traditional topdown controlling authority found in statutes, rules and court opinions. It allows lawyers to make data-driven predictions about how opposing counsel, or a judge, or a party to litigation or a transaction, will behave, or to predict the result of a specific legal strategy or argument. Traditional legal research and reasoning can now be supplemented with analytics, to inform legal advice, documents, negotiations and arguments. ■

Owen Byrd is chief evangelist and general counsel for Lex Machina, a startup that provides legal analytics to the business and practice of law, to both corporations and law firms. As general counsel, he manages Lex Machina’s operations, including legal, financial and human resources. He previously founded and led data-centric software ventures, real estate and non-profit ventures, and operated his own law firm. obyrd@lexmachina. com

feb / mar 20 16 todayâ&#x20AC;&#x2122;s gener al counsel

todayâ&#x20AC;&#x2122;s gener al counsel feb / mar 20 16

Impact of Campbell-Ewald on Class Action Litigation By Joshua David Rogaczewski

magine that you or your company has been sued by an individual who pleads a small amount in damages, but who also claims to represent a class of similarly situated individuals. Imagine further that the cost of

paying the individual what he or she claims is less than the cost of litigating the issue of class certification and defending against the claim. In the abstract, it seemingly makes economic sense to pay the individual instead of paying the defense costs. In the class action context, that decision becomes even more clear if eliminating the individualâ&#x20AC;&#x2122;s claim precludes the putative class action. This analysis explains the strategy that Campbell-Ewald Co. deployed against Jose Gomez, a plaintiff who claimed that Campbell-Ewald (a communications and marketing company) violated the Telephone Consumer Protection Act by sending him an unsolicited text message.

feb / mar 20 16 today’s gener al counsel

The single TCPA violation alleged by Mr. Gomez carried a statutory penalty of $500, which could have been trebled if CampbellEwald acted knowingly or willfully. Accordingly, after the district court denied its motion to dismiss, Campbell-Ewald offered Mr. Gomez $1,503 and reasonable costs to settle the case. When Mr. Gomez did not accept the offer, CampbellEwald argued that its offer destroyed any live controversy between the parties and that the case should be dismissed as moot because Mr. Gomez, under any theory, would not be entitled to greater compensation if his case went forward. On January 20, 2016, the Supreme Court of the United States, in a split decision, held that Campbell-Ewald did not do enough to moot Mr. Gomez’s case. Campbell-Ewald offered only compensation to Mr. Gomez, and his failure to accept the offer created neither a contract nor a Federal Rule of Civil Procedure 68 judgment. Under those circumstances, according to the majority, Mr. Gomez still stood to gain from litigating his claim. Although the result sets back CampbellEwald’s strategy, the Court’s decision should not be read as a permanent obstacle to defendants in Campbell-Ewald’s position. The Court’s opinion reserved judgment on the question of “whether the result would be different if a defendant deposits the full amount of the plaintiff’s individual claim in an account payable to the plaintiff, and the court then enters judgment for the plaintiff in that amount.” Under those facts, the Court would likely hold that the plaintiff’s claim is moot. One member of the majority, Justice Breyer, appeared to be looking at the argument for

Justice Thomas, who concurred in the Court’s judgment but not its reasoning, signaled his view that the tender of complete relief to a plaintiff would moot the plaintiff’s claim. And the three dissenters would have held that the offer alone mooted the claim. Defendants should read these signals, take Campbell-Ewald’s strategy further, and tender the purportedly complete relief to the plaintiff. The tender-of-complete-relief strategy may not always be an option for class- action defendants. It probably does not make sense in class actions where plaintiffs have substantial losses (e.g., a large investor with a securities claim) or where the plaintiffs’ losses may be indeterminable at the outset (e.g., a mass-tort plaintiff). In these types of cases, it may be more cost-effective to fight class certification. But for actions like Mr. Gomez’s – single plaintiff, small claim, easily reducible to a dollar amount – the tender of complete relief strategy, and the Court’s signals validating the strategy, will likely change how those class actions are litigated. First, a class action defendant will likely have to litigate whether its tender would provide the plaintiff with sufficiently complete relief. The Court in Campbell-Ewald spent a significant amount of time during oral argument discussing this issue with the parties. But whether an offer is complete or not will depend largely on the facts of a specific case, and the logical place to resolve such questions is in the district court, when a class action defendant moves for judgment after tendering relief to the plaintiff and the plaintiff presumably objects. Accordingly, class action defendants will need to consider carefully the compositions of their tenders. Does the tender need to match the relief requested in the plaintiff’s pleading? What if the plaintiff seeks injunctive relief? What about attorneys’ fees? Moreover, class action defendants need to account in their litigation budgets for the cost of litigating the sufficiency of the tender, both in the district court and on appeal. If the plaintiff resists efforts to have the case dismissed by the district court, then the plaintiff is likely motivated to appeal the issue. When evaluating the economics of tendering complete relief, class action defendants cannot overlook these costs.

Defendants should read the signals, take Campbell-Ewald’s strategy further, and tender the purportedly complete relief to the plaintiff. “practical” pathways when the plaintiff “has all he wants” and “[t]he case is over.” Another (Justice Kennedy) was part of the majority that held in Genesis Healthcare Corp. v. Symczyk that an offer of complete relief mooted a “collective action” under the Fair Labor Standards Act.

today’s gener al counsel feb / mar 20 16

Second, plaintiffs will probably seek to accelerate decisions on class certification. As a legal matter, until a plaintiff class is certified, the case is between only the individual plaintiff and the defendant, making it easier to render the case moot with a tender to the plaintiff. Accordingly, it matters to the “complete relief” analysis whether the plaintiff is a class representative or not.

required substantially more funds to moot the case. Whether in terms of quantity or quality (or both), class action plaintiff lawyers will give more attention to the construction of potential class actions and the identification of potential class representatives. Fourth, expect plaintiffs to get creative with the relief that they request. Plaintiffs will not (or should not) ask for relief that the defendant

Expect plaintiffs to get creative with the relief that they request. Given this, whenever possible, plaintiffs will likely seek class certification as early in the case as possible, perhaps even as early as when they file suit. If class action plaintiffs respond to an adverse result in Campbell-Ewald in this manner, then class action defendants will also have to accelerate their decisions on whether to make a tender of complete relief. Campbell-Ewald tried to dismiss the case on the merits before making its offer to Mr. Gomez. Future class action defendants may not have that option, and litigants may find themselves in a race between class certification and a tender of complete relief. Indeed, a class action defendant needs to consider, as part of its early case assessment, the tender-of-complete-relief option among the other options for initially responding to a potential class action. Third, plaintiffs will likely sue class action defendants in larger groups and, where possible, with plaintiffs having higher value claims. Aggregating plaintiffs accomplishes two things. It increases the costs of mooting the case, because it costs more to satisfy the demands of a larger number of plaintiffs. And if the plaintiff can enlist a large number of plaintiffs, she might drive the costs of mooting sufficiently high that the defendant litigates the matter, risking class certification. In certain types of class actions, choosing a higher quality plaintiff may make it more difficult to moot the case. For example, Mr. Gomez alleged a single unsolicited text message, which is why CampbellEwald offered $1,503. But what if his lawyers had found a plaintiff who had received one hundred unsolicited text messages? Even if that hypothetical plaintiff was the sole plaintiff, Campbell-Ewald’s strategy would have

lacks the power to provide (like Justice Scalia’s example of the key to Fort Knox) or relief that does not exist (like Campbell-Ewald’s example of a unicorn). Instead, plaintiffs will likely ask for relief that is available to them, but that they think will be difficult for the defendant to provide. For example, the requested relief may include an onerous injunction, significant attorney fees, or a declaration of liability. Each of these items of potential “relief” was raised by members of the Court during oral argument. Class action defendants should not be surprised when plaintiffs increase the specificity of their demands for relief, and then point to the demand when a tender of complete relief does not match the demand precisely. Finally, class action plaintiff lawyers will probably have to increase their investment in lawsuits to maximize their clients’ abilities to overcome tenders of complete relief. Specifically, they will likely have to perform more pre-litigation investigation to identify the best potential class representatives and larger numbers of class members. Mr. Gomez’s status as the sole plaintiff in his case, for example, made his case vulnerable to Campbell-Ewald’s litigation strategy. If he had been part of a larger group of plaintiffs, or if his counsel could tell Campbell-Ewald that it was aware of a large number of individuals who also received unwanted text messages, the costs of Campbell-Ewald’s strategy would have been much greater. The impact of the decision in Campbell-Ewald will not be felt immediately. Indeed, a portion of the impact will be felt to different degrees as the law in this area develops. Businesses named often as class action defendants should closely monitor these developments to ensure that they employ the best defense strategies available. ■

Joshua David Rogaczewski is a partner in the law firm McDermott Will & Emery LLP, based in the Washington, D.C. office. He focuses his practice on complex civil litigation, insurance advice and Virginia state-court litigation. jrogaczewski@ mwe.com

FEB / MAR 20 16 TODAY’S GENER AL COUNSEL

HOW LAW DEPARTMENTS SPEND BY LAUREN CHUNG

or many corporate law departments, 2015 was the year of the balancing act. Now seven years removed from the ﬁnancial crisis, a crisis that hit legal teams hard, we are moving into a new conﬁguration of market dynamics, staffing needs and economic pressures. To get an accurate read on how law departments are prioritizing and what they are preparing for, a review of their spending habits is a good place to start. The 2015 HBR Law Department Survey of more than 300 corporations worldwide found that median total legal spending increased two percent to $27 million, mirroring the growth recorded in our 2014 survey results. This trend, however, isn’t merely the result of across-the-board investments. Certain operations are fueling this uptick more than others.

TODAY’S GENER AL COUNSEL FEB / MAR 20 16

• Outside Counsel Cost Control Looking closer at the data, it’s apparent that law departments’ outside spending has plateaued, freeing up funds to be reinvested internally. Law departments’ outside counsel spending held flat according to our 2015 survey results – a notable difference from the two percent decrease reported in the previous survey. Corporate law departments are doubling down on cost management programs with a variety of tactics, including alternative fee arrangements, matter planning and budgeting, stricter budget guidelines and the increasing use of analytics to contain outside counsel expenses. In many instances, organizations may be reacting to the rising cost of external legal support. The median hourly rate that survey participants paid to their top three law firms is $487, up from a median of $473 according to our survey. The 2015 survey also found that a median value of 43 percent of outside counsel spending goes to the top three billing law firms. This is a decrease from previous years. The increase in hourly rates and coincident decrease in spend going to the top three billing law firms suggest that departments may be leveraging their buying power to reduce spending through the use of the aforementioned techniques. Despite these efforts, in-house legal teams are far from “cutting the cord” with their law firm partners. Worldwide, law departments’ median outside counsel spend reached $14 million. In the United States, these costs still represent more than half (54 percent) of law departments’ total legal spend. • Internal Growth a Top Priority Our 2015 survey found global median inside legal spending (which encompasses compensation, benefits, administrative costs and corporate facilities) hit $12 million, a three percent increase from last year. This year’s movement may not be as significant as the five percent increase we saw in the 2014 survey, but it supports the growing trend that law departments are still focused on investing in their own operations, people and processes. By adding more human capital and upgrading technology in-house, corporate teams bolster their ability to efficiently and cost-effectively manage the increasing legal demand. • Compensation Outpacing Inflation Total law department compensation (including base salary, cash bonuses and long-term incentives) across attorney ranks continues to rise, by 3.5 percent on average to $334,300.

Digging deeper, the increase is weighed more toward financial perks than regular compensation. While our 2015 survey found that the average base salary grew less than five percent to $192,500, the mean cash bonus jumped more than 14 percent to $64,000 annually. The average value of long-term incentives now stands at almost $93,000.

The median hourly rate survey participants paid to their top three law ﬁrms was $487, up from the previous year’s $473. Mean total cash compensation also rose 3.5 percent to $255,100. Chief legal officers and general counsel received the largest increase, compared to other attorney titles such as deputy and subsidiary general counsel, section heads and staff attorneys. • More In-House Staff In-house legal staffing activity also increased. More than half of organizations (53 percent) reported an increase in their total legal department staff, with an emphasis on lawyers over non-lawyer support staff. Forty-seven percent of organizations surveyed brought on more lawyers. For non-lawyer staff, the picture was markedly different. Thirty-two percent of organizations reported an increase in the number of paralegals and only 20 percent reported a rise in secretaries. Across both titles, close to half of survey participants cited no change in either direction. Going forward, the majority of organizations are bracing for increasing demand for their services. More than three-quarters (76 percent) of organizations thought the demand for legal services will be greater next year, with that demand concentrated in the areas of M&A and regulation. • Doing More with less Though overall law department spending was up in the 2015 survey, the endgame for most organizations is to do more with less, as evidenced by their interest in controlling outside legal expenses and internal spending priorities. Dedicating funds toward new technology and talent retention are upfront investments that enable future savings in the areas of hiring and outside counsel. ■

Lauren Chung, a senior director in the Law Department Consulting Practice at HBR Consulting, has over 15 years of management consulting experience. She works with law departments on strategic planning, process and operational management, benchmarking and best practices. She has served law departments in a variety of industries in the United States and Europe, in both public and private sectors. lchung@ hbrconsulting.com

FEB / MAR 20 16 TODAYâ&#x20AC;&#x2122;S GENER AL COUNSEL

TODAY’S GENER AL COUNSEL FEB / MAR 20 16

Tips for Bringing Your In-house Experience to a Startup BY MIRRA LEVITT

hen I left my corporate law

startups are generally quite small, responsibili-

firm job to join Priori Legal as

ties can range from negotiating key supplier

general counsel, I learned first-

agreements to managing the company’s intellec-

hand that taking your legal skills to a startup

tual property portfolio and handling employee

requires some major adjustments. Even though

and other human resource matters. Moreover,

my new role would be closely tied with law-

your sphere of responsibility likely will extend

yering, because I would be working with a

beyond purely “legal” issues.

startup, I knew I needed to prepare for smaller

Given this wide range of responsibilities, in

teams, open offices and long hours. The big-

your interview it will be important to show that

gest change, though, has been how I use my

you are comfortable with, and excited about,

legal skills on a day-to-day basis. Here are four

taking the lead on the full range of legal matters

things to consider as you refine your resume and

facing the startup. Highlight elements of your

think through your corporate legal expertise in

experience that demonstrate your generalist legal

preparation for that big start-up interview:

ability. Show that you know how to think clearly under pressure and discuss your experience han-

• Generalist Skills Matter. Generalist practices may be waning at law firms,

dling unexpected issues as they come up. Demonstrating to your prospective employer

but at a startup, the ability to handle a wide range

that you are ready, willing and able to take on

of legal issues is prized. Because legal teams at

the breadth of legal (and not so legal) challenges

feb / mar 20 16 today’s gener al counsel

involved with working for a startup will significantly improve your strength as a candidate. • Demonstrate Resource Management. Often, the in-house lawyer at a startup – whether or not that lawyer holds a law-related title – is the only lawyer in the organization. For me, this

this case is to highlight your experience taking career risks in the past in order to emphasize that you’re ready to take the plunge this time around. As you tell your story, also think about what skills, legal and otherwise, that you bring to the company. Consider what the startup does – its

Come to your interview prepared with examples of situations where you made a strong independent decision, or were able to ask the right questions of the right people.

Mirra Levitt is general Counsel and co-founder of Priori Legal, a marketplace for general counsels and small and mediumsized businesses to find and work with outside legal support. She formerly worked as an associate at Covington & Burling LLP and as a financial analyst at Goldman Sachs. She was also a Luce Scholar in the microfinance program in the Hanoi, Vietnam, office of Save the Children. mirra.levitt@ priorilegal.com

was a significant departure from the larger corporate environment I was accustomed to, where the presence of many smart lawyers at multiple levels of seniority made it easy to obtain advice and opinions quickly. Now I often need to ask myself, “Is this a question I can answer or do I need to consult outside counsel or another lawyer in order to get comfortable?” In your interview, try to show that you are adept at making independent decisions, because solving issues internally can often lead to faster and cheaper solutions. But you should also highlight examples of your experience drawing on additional resources when you needed to, because reaching out to the right outside lawyer or other relevant advisor at a crucial or betthe-company moment can mean the difference between placing your company on the path to growth or the bumpier road to problems. Coming to your interview prepared with examples of situations where you made a strong independent decision, or were able to ask the right questions of the right people, will demonstrate that you’ve considered the resource constraints operating at many startups. • Tell your story. Your story – why you decided to become a lawyer, why you chose your current company, why you want to move on – matters. Moving from your in-house job to a startup is a huge change, and your interviewers know it. A strong narrative can help convince them that you’ve considered all aspects of this shift, you’re excited to do it anyway and you’ll stick around. One strategy for making

excellent product, important industry, innovative approach – and then think through how all the different elements of your experience can help the company achieve its goals. Your aim is to demonstrate that you’re a strong fit because of who you are in addition to your legal skills. • Be approachable. Showing that you’ll be a team-player is extremely important when interviewing to join a small team. Demonstrating subject matter expertise and intelligence are obviously important, but at a startup approachability and working style matter too. When you’re interviewing to join a small team where everyone needs to pitch in, it’s important to show that you’ll be easy to work with. Working as a lawyer in a startup is not the right decision for everyone. The elements that make startup work exciting – products you believe in, uncertain regulatory environments, fast-paced issues -- can also mean grappling with uncertainty and long hours. So if you’re seriously considering making the leap from a firm or corporate in-house legal department to a start-up, some firsthand experience may help. Consider shadowing a startup GC, or at least meeting with one. By learning more about the types of challenges you might face, you’ll be better able to decide if you really want to make the move, and more likely to ace your interview if you do. ■

TodaysGC Daily Newsletter The daily newsletter is a terrific advertising vehicle to reach 46,000 corporate subscribers. With a high open rate, the newsletter is unmatched as a marketing vehicle within the corporate counsel community.

T O D AY S G E N E R A L C O U N S E L . C O M / S U B S C R I B E