Legal Research, Issues, and
Practice in Cyberspace
-
Jurisdiction, International Issues & Digital
Discovery
Todd Krieger & Cyrus Daftary
April 7th, 2014
1
Agenda





Administrative Discussion
Jurisdiction
International
Digital Discovery
Questions & Answers
2
Administrative Discussions
Week 8
Doing
Business
Online
START
Week 4
Creating and
Entity
Week One
Welcome &
Introduction
Week 5
Access to
Technology,
ADA
Week 9
Tax
Week 6
1st
Amendment,
Social Media
Week 10
Jurisdiction
Week 3
Patents &
Trademark
Week 7
Privacy Issues
Week 12
Class
Projects
Week 13
Class
Projects
Week 11
Class Project
3
Jurisdiction
 A court’s power to adjudicate a controversy.
 Defined by ‘long-arm’ statute and due
process clause of constitution.
4
Jurisdiction - History
 1945 - International Shoe vs Washington:
defendant must maintain ‘minimum
contacts’ with forum state – if it doesn’t
offend the traditional notions of fair play and
substantial justice.
 Due process requires fairness and justice.
 Example: Out of state salesperson who
does business in California.
 Gave courts some discretion.
5
Jurisdiction - History
(cont’d)
 1980 - World Wide Volkswagen vs Woodson:
Plaintiff buys car in New York and is injured
in Oklahoma. The court finds conduct must
be directed towards forum state not merely
placing a product in the stream of commerce.
6
Specific v. General Jurisdiction
 General jurisdiction: (Helicopteros Nacioinales de
Colombia, S.A. vs Hall) Continuous
and systematic
contacts with the forum state. Controversy
need not arise out of the defendant's activities
in the state.
 Specific jurisdiction: (Burger King vs Rudzewics) Cause
of action arises directly from defendant’s
contact with the forum state.
7
Evolution of Online Jurisdiction
 Early websites were informational, online
brochures.
 Early on, disputes were independent of the
websites.
 Plaintiffs tried to use the websites to assert
jurisdiction, usually with little success; they
needed to show something more.
 Lawyers and judges were still learning about
the technology.
8
Early Conflicting Cases – Sporadic
Internet Activities
 Website and toll free number
– (Graphic Controls Corp. vs Utah Med. Prods. Inc.)
– (Inset Sys. vs Instruction Set, Inc.)
 Soliciting and maintaining a website for
future business with knowledge of in-state
access
– (Hearst Corp. vs Goldberger)
– (State by Humphrey vs Granite Gate Resorts)
Source: Todd D. Leitstein - A Solution for Personal Jurisdiction on the Internet, 59 La. L. Rev. 565, 1999
9
First Rational Framework
 Zippo vs Zippo.com :
– Lighter Company vs Online E-mail/Content provider.
– 3,000 customers in PA; 7 agreements with PA based ISPs.
Sliding scale of jurisdiction
Doing Business/Interactivity
Jurisdiction
10
Zippo Three Prong Test
 (1) The defendant must have sufficient
minimum contacts with the forum state.
 (2) The claim asserted against the
defendant must arise out of those contacts.
 (3) The exercise of jurisdiction must be
reasonable.
 Courts in the 5th, 9th, and 10th Circuits have
used the Zippo sliding scale consistently,
but some courts have attempted to refine
the test.
11
Expanding Zippo
 Court in Cybersell, Inc. vs Cybersell, Inc. stated
while the level of interactivity was a crucial factor
for jurisdiction, interactivity alone did not provide
grounds for jurisdiction, but instead required
something more to establish minimum contacts.
– “Something more” consisted of ‘targeting’ or intentional Internet
activity expressly aimed at the forum state.
 S. Morantz, Inc. vs Hang, using Zippo and
targeting approach found an interactive website
that did not allow for online sales and was not
directed at PA residents did not provide minimum
contacts with PA over a NY defendant.
12
The “Effects” Test
 An alternative to the Zippo sliding scale test is
the effects-based approach.
 Courts focus their analysis on the actual effects
a website had in a particular jurisdiction and do
not focus on the technology used.
 The effects test originated in Calder vs Shirley
Jones, in which a CA entertainer sued a FL
publisher for libel.
 The effects test has been applied in Blumenthal
vs Drudge and Pavolich vs DVD Copy Control
Assn.
13
International Transactions
14
An All Too Common Scenario
 Salesperson has a huge new
urgent opportunity and wants to
use the usual agreement.
 Their contact speaks English, so it
is no problem if the customer is in
another country, right?
 It depends…
15
One Size Does Not Fit All
 A standard form agreement might be fine
overseas…
…until there is a dispute
 How would a local court interpret the rights of
the parties?
 Can your client enforce their rights?
– Protecting IP
– Getting paid
 Is it lawful to do business there?
 What is required for the transaction to be
valid?
16
The U.S. has an Unusual Legal Climate
 Contingency fee plaintiff’s counsel
 Punitive and multiple damages
 Discovery
 Class action law suits
 Common law system
 Some companies actively avoid the U.S. as
a forum
 Plaintiffs may be less likely to find the same
windfall in other countries
17
Intellectual Property Rights Vary by
Country
 Copyright: U.S. participates multiple
copyright treaties, but copyright definition
and enforcement varies by countries and
treaties are not universal.
 Patent: U.S. patents do not give the patent
holder rights overseas.
 Trade Secrets: trade secret rights vary by
country. NAFTA & GATT provide some
protection.
18
The EU takes a different view of
software licensing than the U.S.
 UsedSoft GmbH vs Oracle International Corp
 “With the payment for services you receive,
exclusively for your internal business purposes, for an
unlimited period a non-exclusive non-transferable user right free of
charge for everything that Oracle develops and makes
available to you on the basis of this agreement”
 Court ruled downloaded perpetual license was a sale.
 Consider finite term for licenses and technological
measures to limit transfers.
 Limit transferability of maintenance contracts.
 Compare with Vernor case.
19
Distribution Chain
 How many layers are there between the
end user and the seller?
 The rights of the parties may vary if there
are other parties between them.
 Statutory risks in appointing distributors
and agents overseas:
– Penalties for termination
– FCPA compliance
– Control of brand / trademarks
– Export control
 Who will perform support services?
20
There May Be Few Choices
 “…Article (23) of the Kuwaiti Commercial Code states that
non-Kuwaiti citizens may not pursue any commercial
activities in Kuwait, unless having a Kuwaiti partner. This
partner's share must not be less than (51%). Article (24)
sets forth that any foreign company may not establish a
branch in Kuwait and cannot pursue its commercial
activities in Kuwait unless having a Kuwaiti agent.”
 “..The principal may not decline to renew the agency
agreement upon its expiration without paying the agent
equitable compensation for the non-renewal, provided that
the agent provides evidence that he is not at fault and that
his activities successfully promoted the principal’s
products.”
21
Work With Local Counsel
 Local subject matter expertise
 Realistic risk assessment
 Language skills (where applicable)
 Cultural awareness
 Able to assist with negotiations
 Can help navigate through a dispute.
22
Language Considerations
 Contractual obligations can be diluted in
translation:
– Double check key clauses with local counsel or other trusted
native speaker.
– Even automated translations can give a hint at a problem.
– Have side by side English translation with English prevailing,
where permitted.
 Consider local language requirements.
23
Automated Translations Are Not
Always Accurate
24
Get Accounting Insight
 Shift tax burden to the other party.
 Tax rates vary by country and depend on
categorization of goods:
– Rate may be different if technology is delivered digitally or on a
tangible medium
– Support service rate may vary from tech license
– Creating a local nexus can have profound tax consequences
– Who will provide local services?
 Be aware of currency exchange issues.
 Can payment be sent directly to the U.S.?
25
Negotiations Overseas
 Local contract negotiation styles will differ
– Focus on building a relationship
– Turnaround time can vary by regions
– Be sensitive to local time zones and holidays.
“SPECIAL CIRCUMSTANCES: The workweek in Kuwait is
Sunday through Thursday for most businesses, government
offices, and commercial banks.” (US State Department)
 For important issues, video conference, telephone, or
face to face discussions can be more efficient than email.
 Leverage business team to assist in working with the
other party.
26
Select a Predictable Forum for
Disputes
 Local entities may prefer their local court and
choice of law.
 Foreign forum and choice of law clause may
not be enforceable.
 Arbitration offers a reasonable alternative.
– Define rules and forum
– Reserve the right to obtain injunctive relief
 What resources are needed if there is a
dispute?
 Maintaining confidentiality during the dispute
 Local dispute may be a leap of faith.
27
Standard Clauses May Not Be
Enforceable
 Validity of warranty exclusions, disclaimers,
and limitations on liability vary by region:
– Reverse engineering exclusion in the EU
– Statutory warranty remedies
– No limitations for death or personal injury in the UK.
 Other standard clauses may be illegal:
– Interest for late payment under Sharia law.
28
Business to Consumer Sales Overseas
Require Additional Caution
 The European Union has enacted consumer
protection directives that set the minimum
standard in the member states.
 Typical U.S. style disclaimers may invite
local scrutiny (OFT – UK) :
– sellers cannot restrict consumers’ rights to reject faulty goods
– warranties must be reasonable
– contracts must be clear and easy to understand without hidden
‘traps.’
29
Consumer Protection Directives
 Data Protection Directive 95/46/EC
 Distance Selling Directive 97/7/EC
 Unfair Terms in Consumer Contracts
Directive 93/13/EEC
 Electronic Commerce Directive 2000/31/EC
30
Export Control
 U.S. Department of Commerce Bureau of
Industry responsible for most export regulations
– Export Administration Regulations (EAR)
 Applies to all U.S. companies:
–
–
–
–
Employees
Subsidiaries
Agents
Distributors
 Software transfer can be considered an export:
–
–
–
–
E-mail
FTP
Download
Provision of source code subject to EAR to foreign national in the U.S.
31
Export Administration Regulations
 Restrictions and requirements depend upon:
–
–
–
–
What is exported?
Where is the recipient?
Who is the recipient?
How will the item be used?
 EAR apply no matter whether the software
originated in the U.S. or elsewhere.
 Certain exports could be prohibited or
require a license.
32
Some Exports have Additional
Regulations

Defense services and munitions
– Department of State, Directorate of Defense Trade Controls (DTC)

Defense-related goods, services, and technologies
– Defense Technology Security Administration

Nuclear materials and equipment
– Nuclear Regulatory Commission, Office of International Programs

Nuclear technology and technical data for nuclear power and special nuclear materials
– Department of Energy, Office of Arms Controls and Nonproliferation, Export Control
Division

Licenses for natural gas and electric power
– Department of Energy, Office of Fuels Programs

Export of wildlife and endangered and threatened species
– Department of the Interior, U.S. Fish and Wildlife Service

Controlled substances and the import-export of listed chemicals used in the production
of control substances under the Controlled Substances Act
–

Drug Enforcement Administration, Office of Diversion Control, Import-Export Unit
Drugs and medical devices
– Food and Drug Administration, Office of Compliance, Food and Drug Administration,
Import/Export

Hazardous waste exports
– Environmental Protection Agency, Office of Solid Waste, International and
Transportation Branch
33
Export Restrictions Depend on
Classification of the Software
 Export Control Classification Number (ECCN)
determines the licensing requirements under the EAR.
 Items are categorized into 10 categories, each further
delineated into five product groups:
Categories
0 = Nuclear Materials, Facilities, and Equipment
(and Miscellaneous Items)
1 = Materials, Chemicals, Microorganisms and
Toxins
2 = Materials Processing
3 = Electronics
4 = Computers
5 = Telecommunications and Information Security
6 = Sensors and Lasers
7 = Navigation and Avionics
8 = Marine
9 = Propulsion Systems, Space Vehicles, and
Related Equipment
Most goods are not
classified (EAR99).
Product Groups
A. Systems, Equipment
and Components
B. Test, Inspection and
Production Equipment
C. Material
D. Software
E. Technology
34
Export Restrictions Vary by Country
 Cross reference ECCN with the Commerce
Country Chart
35
Embargoed Countries Have
Additional Restrictions
 Restricted Countries:
–
–
–
–
–
Cuba
Iran
North Korea
Northern Sudan
Syria
 Restrictions vary by country
 The list is subject to change
 Export licenses are still permitted for some
categories, but very restricted.
36
Restrictions Vary by Recipient
 Individuals and organizations may be prohibited from
receiving any goods from the U.S. or require a license.
 EAR99 goods or other goods not requiring a license are
restricted.
 Restricted Entity List (EAR Part 744 Supplement 4).
 Treasury Department Specially Designated Nationals
and Blocked Persons List.
 Unverified / Red Flag List.
 Denied Persons List.
37
Exports are Restricted by Use
 EAR99 items and other categories are
restricted by use:
– Items used by parties involved in WMD are prohibited without a
license.
– Nuclear uses.
– Rocket propulsion systems.
– Maritime nuclear propulsion.
– Chemical & biological weapons.
– Certain foreign vessels or aircraft.
38
Substantial Penalties for NonCompliance




Criminal sanctions >$1 million
Criminal penalties
Revocation of export privileges
Reference:
– http://www.bis.doc.gov/licensing/exportingbasics.htm
– http://www.bis.doc.gov/licensing/bis_exports2.pdf
39
Foreign Corrupt Practice Act
 Prohibits illicit payments by U.S. companies to foreign
officials
 Prohibited Payments: It is unlawful to pay or offer
to pay “anything of value” to a “foreign official” to
influence official action or to secure any improper
business advantage in order to obtain or retain
business.
 5 elements:
–
–
–
–
–
Applies to any employee or agent of client in any location
Unlawful to offer, pay, or promise to give “anything of value”
The payment must be intended to induce misuse of an official position
To any foreign official or political party
To influence official action or to secure any improper advantage in order to
“obtain or retain business”
http://www.justice.gov/criminal/fraud/fcpa/guide.pdf
40
Prohibited Payments
 Prohibited Payments: cannot offer, pay, or
promise to give “anything of value”
–
–
–
–
–
–
–
Cash
Services
Payment of Travel Expenses
Excessive Entertainment Expenses
Lavish Gifts
Favorable Loans
Charitable Contributions
41
Exceptions
 Payment Lawful Under Foreign Law
– Must be in the written law or regulations of the foreign country
– Traditional, customary, or not enforced restrictions do not qualify
 Reasonable Business Expenditure
– To promote a business or product
– Includes trip expenses, tours of company facilities, product
demonstrations and training
– Must be reasonable and bona fide
42


“it is difficult to envision any scenario in which the
provision of cups of coffee, taxi fare, or company
promotional items of nominal value would ever
evidence corrupt intent”
“single instances of large, extravagant gift-giving (such
as sports cars, fur coats, and other luxury items) as
well as widespread gifts of smaller items as part of a
pattern of bribes”
Lawful

43
Questionable
Helpful guide: http://www.sec.gov/spotlight/fcpa/fcparesource-guide.pdf
FCPA Enforcement
 Penalties may include substantial fines,
debarment, disgorgement of profits, and
prison
 Recent enforcement actions:
– Siemens (Iraq, Argentina, Bangladesh, Venezuela, Iraq, Israel,
Nigeria, Vietnam, China, Russia, Mexico) $800 million
– Aibel (Nigeria) $4.2 million
– AGA Medical Corp. (China) /$2 million
– Con-Way Inc. (Philippines) $300,000
– Faro Technologies (China) $2.95 million
– Willbros Group (Bolivia, Ecuador, Nigeria) $32.3 million
44
Even Lawful Exceptions can be a
Publicity Nightmare
NHS contractor hosts US junket for health staff
“ABOUT 150 hospital managers and medical staff were flown to the
US, for a conference that included a 1980s-themed street party
which was hosted by one of the biggest contractors in the National
Health Service.
An entire street was cordoned off to allow guests to watch bands
and sip free drinks at local bars last Tuesday. The event was hosted
by X Vendor, which is bidding for NHS contracts worth hundreds of
millions of pounds.
Some trusts sent as many as 11 staff for the four-day conference,
with X Vendor paying for some of the flights and hotel bills in
exchange for the trusts helping to develop and promote its
technology. The total cost for flight and accommodation for the NHS
staff was more than £150,000.”
.
45
Domestic Anti-Corruption Rules also
Apply
 Most jurisdictions have statutes prohibiting
bribery
 Exceptions to the FCPA may be contrary to
local law.
 Training and compliance programs are
critical.
46
What is Discovery?
 “Discovery” refers to the process of
compelling another party to provide
information, which may include documents,
during the course of litigation.
 Gives litigants access to information relevant
to the dispute.
 Discovery requests may be very broad and
burdensome, especially in business litigation.
 Facebook postings and other seemingly
private information can be within the scope of
a discovery request.
– Case discussion: Gatto v United
Airlines
47
Digital Discovery and Data
Retention
 Most new information is electronic.
 Companies need codified policies for retention of
digital and printed information or they could be
overwhelmed by a discovery request.
 Define retention periods based on legal,
business, and personal obligations.
 Must follow policies carefully.
 Third party solutions available.
48
Federal Rules of Civil Procedure For
Electronic Discovery Implemented
12/06
 Rules put in place process for party to
demand access to information that is
claimed to be ‘burdensome to access
and produce.’
 Companies may have hundreds of
unorganized legacy back-up tapes with
year of e-mails and other information
 New rules provide exceptions for good
faith inadvertent destruction.
49
New Rules Harmonize Electronic
Discovery Practices
 Attorneys involved in litigation must
address electronic discovery at the earliest
stage of discovery planning.
 New rules provide a framework for courts
and easier guidance to assist clients.
50
Some Specific Requirements:
 Rule 26(a)(1)(B) changes ‘data compilations’ to
‘electronically stored information’.
– (similar amendments to other rules)
 Rule 16(b) amended to require that scheduling order may
include electronically stored information.
 Rule 26(f) requires parties to confer and discuss issues
related to electronic information.
 Rule 26(b)(2)(B) addresses the burden for data that is not
readily accessible. Party receiving request must
establish unreasonableness of request.
 Rule 37(f) accommodates the accidental loss or
destruction during a routine operation of electronic
information if the party took reasonable steps for
preservation.
– Keep in mind other changes as well.
–
http://www.ims-expertservices.com/newsletters/nov/eddrules-111406.htm
51
Courts Have Defined Expectations of
Digital Discovery
 “Now that the key issues have been
addressed and national standards are
developing, parties and their counsel are
fully on notice of their responsibility to
preserve and produce electronically
stored information.”
– Judge Shura Scheindlin, Zubulake v. Warburg
– Final jury verdict: $29 million.
 Complying with digital discovery
requests may be very expensive, time
consuming and implicating.
52
High Profile Cases Have Led to
Big Verdicts
 Coleman v. Morgan Stanley: $1.45 Billion jury
verdict for overwriting e-mails, failing to timely
process backup tapes, failure to produce relevant
e-mails and attachments.
 U.S. v. Philip Morris , 327 F. Supp. 2d 21: $2.75
Million in sanctions for failure to follow order to
preserve e-mails and other e-discovery
violations.
53
In Re Information Management Services,
Inc. Derivative Litigation
 Case discussion:
 Digital discovery + employee e-mail privacy
+ attorney client privilege (oh my).
54
Meta-data May Be Critical
 Metadata = ‘data about data’
 Metadata must remain intact:
– History (date of creation and modification)
– Tracking (who created the document and where
does it reside)
– Comments and annotation.
Metadata may leave an implicating trail.
– Previously deleted text
– Comments
– Identity of those who worked on document
– Dates and times of work.
– Changes in date in Windows may not be the same
in the underlying DOS.
55
Electronic Discovery Can be Very
Expensive
 Average may be $1-3 million
 Litigants need efficient data search and
management strategies
– Law firms bill for searches on an hourly basis
 Data may not be in a common or searchable
format
56
Data Security is a Relatively New
Area of Liability
 Company computers may house sensitive
consumer data and trade secrets.
 Failure to adequately protect consumer data
has led to high profile settlements with the FTC:
–
–
–
–
Choicepoint: $15 million
TJX
BJs Wholesale Club
Hannafords – 3/08 - 4 million credit card numbers
compromised
– Target
 Failure to adequately protect trade secrets can
also create a corporate disaster.
57
Sensitive Digital Data May Reside in
Surprising Places
 http://www.cbsnews.com/8301-18563_1626412439.html
 http://business.ftc.gov/documents/bus43copier-data-security
58
Nevada SB 267 Was Passed
in Response
Section 4 of this bill requires a business entity or a
data collector to ensure that any personal information
which is stored on the data storage device of a
copier, facsimile machine or multifunction device in
the possession of the business entity or data collector
is securely encrypted or destroyed by certain
approved methods before the business entity or data
collector relinquishes ownership, physical control or
custody of the copier, facsimile machine or
multifunction device to another person.
http://openstates.org/nv/bills/76/SB267/documents/NVD00008333/
59
Companies are Obligated to
Protect Sensitive Data and
Report Breaches
 Most states require notification of residents if
personal data is compromised and many other
states are not far behind.
– Massachusetts 93H
– http://www.mass.gov/ocabr/business/identity-theft/requirements-for-securitybreach-notifications.html
 Hundreds of data breaches have been reported
 Reporting has led to bad publicity and fines.
 Marriott reported the loss of 200,000 names in
missing backup tapes.
 Some reporting requirements are exempted if the
data was encrypted.
60
ID Theft Has Impacted Millions of
Americans
 U.S. consumers lost billions to identity theft
in 2013
 ID Theft consumes time and money.
 Consumers are more careful with their
personal information.
– Vulnerable to phishing attacks
– As safe as the company where they used their credit
card.
IRS Criminal Investigation Targets Identity Theft Refund Fraud
FS-2013-4, February 2014
The IRS has seen a significant increase in refund fraud that
involves identity thieves who file false claims for refunds by stealing
and using someone's Social Security number.
http://www.irs.gov/uac/Newsroom/IRS-Criminal-Investigation-Targets-Identity-Theft-Refund-Fraud-2014
61
Phishing Attacks Can Be Cleverly
Disguised
62
Data Thieves Actively Target
Websites and Corporate
Networks
 May use e-mail viruses to crack
networks
 Target specific applications to get
sensitive data
– Once the perimeter security is cracked, the entire
network may be available.
 Hijack remote computers to
anonymously attack sites.
63
Reasonable Measures To Protect
Sensitive Information
 Policies
– http://www.mass.gov/ocabr/docs/idtheft/compliance-checklist.pdf






Encryption
Intrusion detection
Firewalls
Password protection
Anti-virus programs
Physical security of laptops and portable media.
64
Questions & Answers
65