September 28, 2017

MONTH-IN-BRIEF: Internet Law & Cyber-Security

Juliet Moringiello, Sara Beth A.R. Kohut

Data Privacy

D.C. Court Dismisses OPM Data Breach Lawsuits

By Sara Beth A.R. Kohut, Young Conaway Stargatt & Taylor LLP

The U.S. District Court for the District of Columbia recently dismissed two consolidated class-action suits brought by federal employee unions in connection with the 2015 data breach of the U.S. Office of Personnel Management. The records of more than 20 million current and former federal employees were compromised in that breach. Among other bases for the dismissal in memorandum opinion In re U.S. Office of Personnel Management Data Security Breach Litigation, Misc. Action No. 15-1392 (ABJ), MDL Docket No. 2664 (D. D.C. Sept. 19, 2017), the court found that the plaintiffs lacked standing because they did not demonstrate sufficient injury. The court disagreed with plaintiffs that the fact that a disclosure occurred was sufficient to establish an injury under the Privacy Act. Likewise, the claimants’ increased likelihood of future identity theft was not concrete or imminent sufficient to establish standing under the circumstances. Further, those claimants who had suffered actual losses relating to identity theft were unable to tie those losses to the OPM breach.

Digital Currency

Barter in the New Economy: Bitcoin for Legal Fees

By Emily Burton, Young Conaway Stargatt & Taylor, LLP

On September 11, 2017, Nebraska joined several other bar associations, including the Connecticut Bar Association and the Orange County Bar Association, in issuing ethics guidance on the context in which an attorney may accept bitcoin or other digital currencies as payment for legal fees or to hold in trust or escrow accounts. According to Nebraska Ethics Advisory Opinion for Lawyers No. 17-03, bitcoin transactions are essentially barter transactions and must be handled so as to address both bitcoin’s volatile value and its digital nature. Specifically, because bitcoin value is volatile, fees should not be denominated in bitcoin, and when fees are paid in bitcoin, the attorney should (1) notify the client that the attorney will convert the bitcoin into U.S. dollars immediately upon receipt; (2) convert the currency at objective market rates immediately upon receipt through the use of a payment processor; and (3) credit the client's account accordingly at the time of payment. Because bitcoin is a pseudonymous currency, before fees are paid by a third party, the attorney must implement basic know-your-client procedures. After fees are paid, the attorney must keep in mind her obligation to maintain the confidentiality of the representation when converting the bitcoin to U.S. dollars. Finally, because bitcoin is stored as electronic data, attorneys holding bitcoin must take reasonable steps to maintain the security of any funds held for clients in bitcoin form based on current standards for maintaining information securely.

Electronic Contracting

Second Circuit Upholds Uber’s Online Terms

By John Ottaviani, Partridge Snow & Hahn LLP

Uber’s customer terms are enforceable, said the U.S. Court of Appeals for the Second Circuit in Meyer v. Uber Technologies, Inc., No. 16-2750-cv (2d Cir. Aug. 17, 2017). The Court of Appeals reversed a decision by the U.S. District Court for the Southern District of New York which found that Uber’s sign-up process failed to form a binding agreement. Although Uber does not force the user to check a box during the sign-up process to indicate the user’s assent to terms, the Second Circuit found that a “reasonably prudent smartphone user” is on inquiry notice that terms and conditions apply and that the user is agreeing to the terms.

Juliet Moringiello

Commonwealth Professor of Business Law, Widener University Commonwealth Law School

Juliet Moringiello is the Commonwealth Professor of Business Law at Widener University Commonwealth Law School in Harrisburg, PA, where she teaches Property, Bankruptcy, Secured Transactions, Sales, and a seminar on Cities in Crisis. She earned her B.S.F.S. at Georgetown University, her J.D. at Fordham University School of Law, and her LL.M in Legal Education at Temple University School of Law. Professor Moringiello is Chair of the Pennsylvania Bar Association Business Law Section, a Uniform Law Commissioner for Pennsylvania, and a member of the American Law Institute. She is also a Fellow of the American College of Commercial Finance Lawyers and has held several leadership positions in the American Bar Association Business Law Section.

Sara Beth A.R. Kohut

Co-Chair; Cybersecurity, Privacy, and Data Protection Group; Young Conaway

Sara Beth’s practice focuses on advising legal representatives for future claimants in connection with asbestos mass tort insolvency matters and settlement trusts. She has also represented national and local businesses in cases involving intellectual property, corporate and commercial issues in the federal and state courts in Delaware. Sara Beth has advised clients on strategies for protecting intellectual property rights and complying with obligations governing the privacy and security of sensitive data. She currently co-chairs Young Conaway’s Cybersecurity, Privacy, and Data Protection group.