Ping Service
Feedback Forms

Cyber Liability Insurance: The Value of an Educated Broker in the Age of E-Commerce

I first published this article in 2010. Surprisingly, its as relevant today – perhaps even more relevant – than it was four years ago.

Rick

Introduction: Insurance Products for Cyber Risks

Media reports of cyber intrusions, data thefts and computer system malfunctions involving large, high-profile companies such as Sony PlayStation, Citigroup and Lockheed’s Security Vendor, RSA, have led a rapidly growing number of companies to consider the necessity of insurance coverage for technology and cyber privacy risks. As these businesses become more reliant on electronic communication and data storage, they are also developing a heightened awareness that an unauthorized intrusion could endanger their tangible and intangible assets (including their intellectual property) and, in many cases, their reputations and abilities to conduct business. Consequently, prospective policyholders are becoming more cognizant of the necessity for insurance covering these exposures.

Read the rest of this entry »

New York Court to Sony: No Personal Injury Coverage for You!

As many of us have been saying since the advent of cyber insurance coverage, cyber policies potentially cover privacy risks and exposures, not Commercial General Liability policies, be it under a property damage or a personal/advertising injury insuring agreement.  In other words, policyholders and their brokers would be mistaken if they deluded themselves into thinking that a standard base CGL policy’s personal injury/advertising injury coverage applies to a typical cyber breach where personally identifiable information is extracted.  Sadly, my good friend Scott Godes falls into this category.

On February 21, 2014, , Judge Jeffrey K. Oing, of the New York Supreme Court, Manhattan Commercial Division ratified this maxim by denying personal injury coverage to Sony for the 2011 breach and theft of personal information from its PS3 gaming platform, among other databases.  Zurich American Insurance Company v. Sony Corporation of America, Index No. 651982/2011 (N.Y. Supreme, filed 7/20/2011). See Complaint here.

Read the rest of this entry »

Righthaven: SANCTIONED…but how much?

Well, this result seemed almost inevitable. After all, who gets away with misleading a court? Right? But is the amount of the sanction sufficient? Righthaven was ordered to pay a measly $5,000. Is that amount really going to punish Righthaven in any significant way?

Righthaven LLC is a copyright holding company, founded in March 2010, which acquires the rights to newspaper content from its partner newspapers (most notably, Stephens Media, which owns the Las Vegas Review Journal). Upon finding that content has been copied to online sites without permission, Righthaven initiates litigation against the site owners, alleging copyright infringement.
Read the rest of this entry »

Righthaven’s Ba-aaaaack….but its Aim Falls Short

It seems Righthaven hasn’t been able to catch a break since my December 2010 post. Righthaven LLC is a copyright holding company founded in early 2010, which acquires newspaper content from its partner newspapers after finding that the content has been copied to online sites without permission, in order to engage in litigation against the site owners for copyright infringement.

Just last week, in a suit filed against Democratic Underground (“D.U.”), Righthaven sought damages because D.U. used four paragraphs of a 34 paragraph Las Vegas Review Journal article (recall that the Journal and its contents belong to Stephens Media). The post included a link to the full article, as well as citing the Journal.

U.S. District Court Judge Roger Hunt dismissed the lawsuit, holding that a “copyright owner [here, Stephens Media] could not assign a bare right to sue.” In addition, the court came down hard on Righthaven because it failed to advise, as required by law, that Stephens Media had a pecuniary interest in the lawsuits (Righthaven and Stephens Media were sharing the profits received from these lawsuits). Judge Hunt seemed disgusted with Righthaven’s behavior and gave Righthaven two weeks “to show cause … why [Righthaven] should not be sanctioned for this flagrant misrepresentation to the court.” Judge Hunt accused Righthaven of trying to “manufacture standing” in all of its cases. (Click here for the Court’s full decision.) Read the rest of this entry »

Cyber Crime and Securities Fraud Litigation: The Next Wave?

Following the publication of our original post on the implications of a cyber attack on investors’ securities portfolios (see here), we have been asked by scores of readers whether securities fraud litigation arising from cyber crime has ensued. Not surprisingly, the answer is “yes.”

Indeed, we have located at least two such cases, one a putative securities fraud class action against a payment processing company and the second an SEC initiated action against a private investor. The results may (or may not) surprise you, depending on your perspective of trial courts’ levels of judicial activism and willingness to render substantive decisions at early stages of litigation.

In re: Heartland Payment Systems, No. 09-1043 (D.N.J. Dec. 07, 2009) remains the paradigm for such litigation. To facilitate its payment processing services, Heartland Payment Systems (“Heartland”) stored millions of credit and debit card numbers on its internal computer network. In December 2007, hackers launched a Structured Query Language Attack (“SQL attack”) on Heartland’s payroll management system. To its credit, Heartland was able to successfully avert the attack before any personally identifiable information was stolen. At the same time, however, the company failed to detect malicious software (“malware”) which had been placed on the network by the SQL attack. The malware infected Heartland’s payment processing system, ultimately enabling the hackers to steal 130 million consumer credit and debit card numbers. Heartland did not discover the breach until January 2009, at which time it notified government authorities and publicly disclosed the event. Over the course of the following month, Heartland’s stock price dropped over $15 per share. Perhaps not surprisingly, shareholder class actions ensued.

In their complaint, plaintiffs alleged that Heartland and its officers and directors had made material misrepresentations and omissions about the December 2007 SQL attack. Specifically, plaintiffs claimed that the defendants concealed the SQL attack and misrepresented the general state of Heartland’s data security. Plaintiffs further alleged that the defendants’ conduct was fraudulent because they were aware that Heartland’s network had been breached, yet they had not fully remedied the problem Read the rest of this entry »

Bloggers Beware: Righthaven’s got its eye on you…

Whether you own a website where you allow blogs and comments to be posted, or if you are the blogger/poster, listen up.

For those of you who haven’t heard of Righthaven LLC, they are to the blogging world what editors are to the Law Review world…cite-checking and anti-plagiarism “proponents” (let’s call ‘em that, for argument’s sake). Righthaven’s been making quite a splash and has gained popularity among news chains since its coming into existence in the spring of 2010. According to David Kravets’ article, “Righthaven Expands Troll Operation With Newspaper Giant[1], Righthaven has filed over 180 lawsuits and has settled over 70 of them already. Its major suppliers of copyrighted material include Stephens Media (owners of Las Vegas Review-Journal), MediaNews Group (owners of San Jose Mercury News and the Denver Post), and WEHCO Media (owners of Arkansas Democrat-Gazette and Chattanooga Times Free Fress), to name a few.[2] Owned by Net Sortie Systems LLC and SI Content Monitor LLC, Righthaven is the brain-child of Las Vegas-based IP attorney, Steven Gibson.[3] Righthaven’s clients assign their rights in the content to Righthaven, who then sues for copyright infringement.[4]

In order to analyze the problems faced by the parties to such lawsuits, we’ll have to discuss the U.S. Copyright Act, as well as the Digital Millennium Copyright Act (“DMCA”).

Read the rest of this entry »

Immigration Enforcement’s New Target: Counterfeit Movies and Shows

Apparently feeling that they’ve resolved the longstanding issue of illegal immigration and can move on to the next crisis, Immigration and Customs Enforcement (“ICE”) and the U.S. Justice Department have identified a new enemy in their ongoing stuggle to protect truth, justice and the American way: Internet sites that sell counterfeit goods and pirated movies.

Indeed, just this month, government officials announced that they have shut down nine websites as part of their newly announced initiative, “Operation In Our Sites,” which is intended to protect Hollywood’s intellectual property. Officials estimated that nearly 7 million pirated movies and shows per month were downloaded from the offending websites.

The announcement was held on a soundstage at The Walt Disney Studios in Burbank, CA. Neither Johnny Depp nor Captain Hook reportedly was present.

Read the rest of this entry »

Two New Online Resources For IP Information: “WIPO GOLD” And USPTO

Within the last week, two separate intellectual property search engines were launched, each of which has the potential to significantly palliate searches for patents, trademarks and other IP. http://www.wipo.int/wipogold/en/

Specifically, on June 1, 2010, the World Intellectual Property Organization (“WIPO”) introduced a free online public resource, “WIPO GOLD” which aims to facilitate universal access to IP information. It promises “quick and easy access to a broad collection of searchable IP data and tools relating to, for example, technology, brands, domain names, designs, statistics, WIPO standards, IP classification systems and IP laws and treaties..” The site also includes a helpful translation option, should users wish to search results in a language other than the default, English. The news report can be viewed here: http://www.wipo.int/pressroom/en/articles/2010/article_0018.html

Meanwhile, the United States Patent and Trademark Office (USPTO) separately announced on June 2, 2010 that it has entered into a “no-cost, two-year agreement with Google to make bulk electronic patent and trademark public data available to the public in bulk form.” Under the agreement, USPTO will provide Google with “existing bulk, electronic files, which Google will host without modification for the public free of charge.” Examples of searchable items include: patent grants and applications; trademark applications and Trial and Appeal Board (TTAB) proceedings; and patent classification information. The USPTO and Google also will work together to make additional data available in the future, such as patent and trademark file histories and related data, the office said. The bulk data can be accessed at http://www.google.com/googlebooks/uspto.html.

In other words, as technology moves forward, so too does the ability to research and guard intellectual property ownership and interests… at least in the Western Hemisphere and other WIPO member countries. Now, if only the remainder of the world could come together to unify owners’ capabilities to globally protect their IP rights.

PDF Download    Send article as PDF   

37 Downloads? That’ll be $27,500…How Does a Court Determine What to Charge?

This topic angers me. Fines for infringement under the Copyright Act range from $750 to $150,000 per infringement. That’s a wide spectrum! More disturbing is that the Act leaves the pricing decision in the hands of the judge, without any real guidelines for them to follow.

This week, a judge ordered Whitney Harper to pay $27,500 for illegally downloading 37 songs…I’ll do the math for you – that’s $750 a song, i.e., the minimum allowed. Earlier this year, Joel Tenenbaum was held liable for $675,000 for file sharing 30 songs – that’s $22,500 per song. It gets better. Nearly a year ago, Jammie Thomas-Rasset was ordered to pay $1.92 million by a jury for downloading 24 songs…$80,000 per download! How does the court conclude how much to, for lack of a better word, charge per song? Is it based on the popularity of the song? Does Lady Gaga or Jay-Z rank higher than Skid Row or Journey because the former are currently more mainstream?

Read the rest of this entry »