Posted
By

We recently posted a three-part series on BYOD issues in this blog. A primary theme was the inherent tension between employer control and employee privacy in a BYOD environment. In a recently reported case out of the Northern District of Ohio (Lazette v. Kulmatycki), the courts had an opportunity to clarify how to walk this tightrope. Unfortunately, in struggling with existing (and somewhat inadequate) laws, the result seems to have made the rope even more fine rather than clarifying a path across the divide.

Background of a BYOD Case
The case begins with a corporate-liable Blackberry device of a former employee (Lazette) being turned into the employer upon separation. Lazette dutifully deleted her personal email account from the device before returning it to her employer – or so she thought. For whatever reason, her personal email account remained, and her former boss (Kulmatycki) proceeded to read some 48,000 personal emails over the course of the ensuing months.

The headline from the case is that the boss was at fault for reading the emails. This result “feels” right. After all, Lazette no longer worked there, so why was Kulmatycki reading her personal emails – even if he may have had the right to do so when she was still an employee and had personal email on a corporate-liable device.

Continue reading

Posted
By

This article was originally published in the July 22, 2013 issue of Texas Lawyer.

The constant threat of cyberattacks presents many and varying challenges for businesses. Insurance provides one way to deal with them. Because the market for insurance covering these risks and the law interpreting these policies both continue to develop, this is an area in which attorneys can help clients by maximizing their opportunity to secure the broadest possible coverage.

A look at federal and state action on cybersecurity risks provides some critical background. President Obama issued his Executive Order on Improving Critical Infrastructure Cybersecurity in February. In October 2011, the U.S. Securities and Exchange Commissions Division on Corporate Finance issued relevant guidance on financial-disclosure obligations concerning cybersecurity issues in CF Disclosure Guidance Topic No. 2 – Cybersecurity.

Continue reading

Posted
By

On July 24th, 2013 the Massachusetts legislature passed An Act Relative to Transportation Finance (“the Act”), which, among other things, makes “computer system design services and the modification, integration, enhancement, installation or configuration of standardized software” taxable services under the Massachusetts sales and use taxes. Under the Act, “Computer system design services” is defined as “the planning, consulting or designing of computer systems that integrate computer hardware, software or communication technologies and are provided by a vendor or a third party.” The Act passed despite Massachusetts Governor Deval Patrick’s veto, and the new tax becomes effective July 31st, 2013.

The Act makes Massachusetts one of four states that tax computer services. Maryland expanded its definition of taxable services to include computer services in November 2007, but the computer industry fought hard to reverse the decision. On April 8, 2008 the Maryland legislature repealed the tax before the changes took effect. Websites are already appearing to repeal the Massachusetts tax, but considering (a) the effective date and (b) that the legislature overturned the Governor’s veto of the Act, a similar repeal in Massachusetts seems unlikely (at least in the near-term).

Customers and service providers alike should consult their tax attorneys to determine whether and to what extent the expanded definition of taxable services in Massachusetts impacts them. For basic information and guidance regarding the tax changes, you can refer to the Massachusetts Department of Revenue (DOR) technical information release 13-10 (“TIR 13-10”). The DOR has not yet updated Regulation 830 CMR 64H.1.3 (Computer Industry Services and Products) to reflect the new scope of taxable computer industry services but TIR 13-10 states that it intends to do so. The current Massachusetts sales and use tax rate is 6.25%.

Continue reading

Posted
By

Today the European Commission unveiled its legislative package to adapt the EU payments market to the opportunities of the single market and to support EU economic growth . The package includes a proposal for a cap on multilateral interchange fees (MIFs) for card-based payment transactions. MIFs are set by credit-card companies and collected by banks each time a consumer makes a purchase on a card. Fees across Europe vary widely, from less than 0.2% in the Netherlands to more than 1.5% in Poland. In addition, surcharges on consumer debit and credit cards will be banned by the new Payment Services Directive (PSD2). Surcharges are the extra charge imposed by some merchants for payments by card and, according to the Commission, are common notably for purchases of airline tickets online. In 95% of cases, merchants will no longer be allowed to surcharge consumers for using payment cards, whether for domestic or cross-border payments. This measure alone is set to save consumers 730m euro each year. So called ‘three-party schemes’ such as American Express and Diners, as well as commercial cards issued to businesses, which together account for the remaining 5%, are not covered by the surcharging prohibition. Retailers will be able to surcharge for these cards or refuse to accept them.

Introducing the legislative package, Michel Barnier, Internal Market and Services Commissioner, said “…the proposed changes to interchange fees will remove an important barrier between national payment markets and finally put an end to the unjustified high level of these fees.” Vice President Joaquín Almunia added “…interchange fees paid by retailers end up on consumers’ bills. Not only are consumers generally unaware of this, they are even encouraged through reward systems to use the cards that provide their banks with the highest revenues… the regulation capping interchange fees will prevent excessive levels of these fees across the board.”

MIFs have long been under regulatory scrutiny, with laws adopted in the United States, Australia and other countries, and several EC decisions under EU competition laws including the 2007 MasterCard case. Although included in a merchant’s cost of receiving card payments, regulators are concerned that interchange fees are ultimately passed through to consumers through higher prices amounting to tens of billions of euros each year. With Visa and MasterCard’s market share estimated at 96.8% in value, and with interchange fees already banned in countries such as Denmark and the United States, the Commission believes that regulation is required. This is despite the MasterCard case, the proceedings against Visa Europe (which lead to undertakings for consumer debit cards in 2010 and consumer credit cards in 2013) and a rash of other national competition proceedings.

Continue reading

Posted
By

Jim Gatto and James Chang recently published “Mobile Privacy Practices: Recent California developments indicate what’s to come” in the June issue of Computer Law Review International.

The use of mobile applications has seen huge growth in the past few years. As the use of apps become increasingly commonplace, social concerns such as the privacy of app users will increasingly need addressing. California is taking the lead in regulating this important issue. For more information, including an overview of mobile privacy, a summary of California’s stance on how to address the issue, an overview of the state’s principles regarding privacy, its best tips for complying with its principles, and an examination of the privacy related laws outside of California, please read the full article: Mobile Privacy Practices: Recent California developments indicate what’s to come.

Posted
By

The Affordable Care Act of 2010 mandated the creation of health care exchanges (“Exchanges”) which will enable individuals to shop on-line for health insurance beginning October 1, 2013. Creating and configuring the software, databases and interfaces that comprise the technology platforms for these Exchanges has created huge challenges for the fifteen States and the District of Columbia that have decided to build their own Exchange rather than rely on the Exchange being developed by the federal government, as well as for the health insurance companies planning to market and sell their insurance through these consumer portals.

The Exchange mandate has generated a massive amount of IT work and required more technological change than possibly any other federal law to date. To provide an idea of the complexity of building these platforms:

  • Software must be developed that permits multiple health insurers to offer multiple insurance products through a single government-run portal with a common look and feel.
Continue reading

Posted
By

When in the course of commercial events, it becomes necessary for one client to dissolve the operational bonds that have connected it with its supplier, and to assume a new service delivery model . . .

As the outsourcing industry has matured, we have seen a greater incidence of clients looking to dissolve their outsourcing relationships. For some, this is the natural end of the relationship, for some, there is a change in strategy, and increasingly for some, there is dissatisfaction with the service being provided. Against this backdrop, we present four tips for a peaceful move to independence.

I. Read Your Agreement

Continue reading
By
Posted In: Industry Trends
Posted
Updated:

Posted
By

Deploying a software package across the company (or most of the company) is becoming a reality for most companies. Standard processes and systems drive cost, quality and performance improvements. Unlimited deployment rights may also reduce transaction costs and project completion timeframes. The right enterprise and unlimited license agreement can make all the sense in the world.

In the first installment of this blog, we set up a scenario where you are a CIO faced with a decision on whether or not to enter into an “enterprise” or an “unlimited” license arrangement with a major software publisher. In discussing the first of our four questions (“What does “enterprise” or “unlimited” really mean?”), we explained that there are many potentially perilous pitfalls in these license arrangements, and conveyed how you might to look to avoid or mitigate them.

Again working from our four-question framework, let’s now focus on the second question: “Do we really want to be doing business with this publisher?”

Continue reading

Posted
By

The rise of cloud computing services and the privacy/security issues involved have been much discussed (see, for example, our prior blog posts here). But when customers procure cloud-based services, a critical “behind the scenes” issue is often overlooked: is the cloud provider itself relying on third party subcontractors to perform critical functions? When these subcontractors are added to the mix, things become a bit more complicated.

Cloud computing offers a wide variety of services:

  • IaaS: infrastructure as a service to replace a customer’s data center or testing environment;
Continue reading

Posted
By

Although reconciliation of the key terms has been a best practice for over-the-counter derivative trades for some time (particularly with collateralised trades), the scale of the reconciliation exercise imposed by forthcoming regulations in the EU and U.S. has caused many market participants to undertake a fundamental review of the systems and processes in place. For many, compliance can only be achieved by utilising a third party for provision of an appropriate technology platform or an end-to-end service. With imminent compliance deadlines and the late development of the requirements themselves, functionality has understandably been the focus of any sourcing process. However, from a supply chain and outsourcing perspective, a key challenge remains the manner in which the financial services-specific regulations are applied to this type of third-party arrangement.

The New Legislation

With the 1 July deadline for compliance with CFTC Rule 23.502 looming and the equivalent EU legislation (in the form of the Commission Delegated Regulation (EU) No. 149/2013) due to come into force on 15 September, OTC market participants are bracing themselves for major changes to the way they perform portfolio reconciliation in relation to non-cleared trades. In fact, it is looking increasingly likely that the deadline will have to be extended by around three months, to allow further time for compliance by the affected institutions.

Continue reading