The Electronic Communications Privacy Act

The Electronic Communications Privacy Act (Pub. L. 99-508, Oct. 21, 1986, 100 Stat. 1848, 18 U.S.C. § 2510) prohibits unauthorized “intercepts” of electronic communications, such as email.

In Fraser v. Nationwide Mutual Insurance Co., 135 F. Supp. 2d 623 (E.D. Pa. 2001)) an employee had sent the e-mail, the recipient at the competitor company had received it, and so the employer had not intercepted the e-mail while it was being sent, which is the only thing protected by the ECPA. On December 10, 2003, the Third Circuit Court of Appeals affirmed that part of the federal district court’s judgment (352 F.3d 107).

An important note here: an employer can do anything with e-mail messages sent and received on company computers, even including intercepting them during the process of transmitting or receiving, as long as it has notified employees that they have no expectation of privacy in the use of the company e-mail system, that all use of the e-mail system may be monitored at any time with or without notice, and that any and all messages sent, relayed, or received with the company’s e-mail system are the property of the company and may be subject to company review at any time.

New York Social Security Number Protection Law

The New York Social Security Number Protection Law went into effect on January 3, 2009.  Under New York Labor Law §203-d:

Employers may not, unless otherwise required by law:

1. Publicly post or display an employee’s SSN;
2. Visibly print a SSN on any ID badge or card, including time card;
3. Place a SSN in files with unrestricted access; or
4. Communicate an employee’s personal identifying information to the general public.

The statute broadly defines “personal identifying information” to include an employee’s SSN, home address or phone number, personal e-mail address, Internet ID or password, parent’s surname prior to marriage, or driver’s license number

Risk-Based Compliance

Certain customers, vendors, and intermediaries represent a higher compliance risk than others. Risk indicators include geography, relationships to government officials, business type, method of payment, and dollar volume.

In places where risks are very low, compliance burdens can be reduced. Where risks are not low, compliance is heightened . When there are more red flags, the proper response is more compliance.

The key to a risk-based approach is tracking and sorting the critical elements. Apply enhanced due diligence and heighten ongoing monitoring of high-risk parties proportionate to their risk profiles.

Avery Dennison and the Pitfalls in China

Don Lee of the Los Angeles Times has a great story about the pitfalls encountered by Avery Dennison when it was trying to build its road and traffic business in China: Avery Dennison case a window on the pitfalls U.S. firms face in China.

It highlights the gray area between building relationships and corrupt transactions, especially in an economy like China’s where corruption is more pervasive and accepted.

Avery Dennison ended up under a federal investigation for violations of the Foreign Corrupt Practices Act.

Starting a Green Real Estate Fund

Lisa Michelle Galley of the Our Green Journey blog and Galley Eco Capital posts her notes from a panel of green real estate fund managers about why investors and development partners want these funds and the do’s and dont’s for building a green fund.

Does commercial real estate need pure green real estate funds?

  • Green real estate funds align capital more clearly with mission
  • JV development partners are seeking a green fund’s concentrated expertise.
  • Green funds benefit from the superior financial performance of green assets.

Best practices for building a green real estate fund

  • Your team must have sustainability expertise.
  • Pay attention to both the leasing team and lease structure
  • Establish the right partnerships
  • Proper reporting is crucial.

Tenant Notification of Indoor Air Contamination in New York

New York passed Chapter 521 of the Laws of 2008, signed into law by Governor Paterson on September 4, 2008, effective December 3, 2008 which adds N.Y. Envtl. Conserv. Law (ECL) Section 27-2405 (“Tenant notification of indoor air contamination”).

The requirements of the new law apply only to test results that have been provided to the property owner by an “issuer,” which is defined to include:

(a) The New York State Department of Environmental Conservation (“NYSDEC”);

(b) A municipality that has entered a contract with NYSDEC to undertake an environmental restoration project;

(c) A person subject to an order issued pursuant to New York’s hazardous waste and oil spill clean-up laws; or

(d) A “participant” in New York’s Brownfield Cleanup Program (“BCP”).

The definition of participant under the BCP is an applicant into the program who is liable for contamination as an owner or operator. A “volunteer” under the BCP is an applicant not liable for the contamination as a “bona fide” purchaser (i.e., an owner whose liability arises solely from ownership after the contaminants were released). In addition, the new law would not cover test results gathered during due diligence on a purchase or lease.

See also:


N.Y. Envtl. Conserv. Law (ECL)

§ 27-2405. Tenant notification of indoor air contamination.
1. For purposes of this section:
a. “test results” shall include the results of any tests conducted on indoor air, subslab air, ambient air, subslab groundwater samples, and subslab soil samples; and
b. “issuer” means:
(i) a person subject to an order issued pursuant to title thirteen of this article, article twelve of the navigation law, or title twelve-A of article thirteen of the public health law,
(ii) a participant as defined in subdivision 1 of section 27-1405 of this article subject to an agreement entered into pursuant to title fourteen of this article, or
(iii) by a municipality subject to a contract entered into pursuant to title five of article fifty-six of this chapter; or
(iv) by the department.
2. Any owner of real property or any owner’s agent to whom indoor air contamination test results have been provided by an issuer shall, in cases where test results exceed department of health indoor air guidelines or the occupational safety and health administration guidelines for indoor air quality, provide a fact sheet and timely notice of any public meetings required to be held to discuss such results to all tenants and occupants and upon request such test results and any closure letter, within fifteen days of receipt of such results. Generic fact sheets shall be prepared by the department of health and shall identify at a minimum the compound or contaminant of concern, reportable detection levels established by the department of health indoor air guidelines or the occupational safety and health administration guidelines for indoor air quality and health risks associated with exposure to such compound or contaminant and a means to obtain more information on the compound or contaminant.

3. For real property for which an engineering control is in place to mitigate indoor air contamination, or if the real property is subject to ongoing monitoring pursuant to an ongoing remedial program, the owner or
owner’s agent of real property to whom indoor air contamination test results have been provided by an issuer shall provide, or cause to be provided, fact sheets, and upon request any test results, or closure letter received by such owner or owner’s agent to any prospective tenant prior to the signing of a binding lease or rental agreement. Generic fact sheets shall be prepared by the department of health and shall identify at a minimum the compound or contaminant of concern, reportable detection levels established by the department of health indoor air guidelines or the occupational safety and health administration guidelines for indoor air quality and health risks associated with exposure to such compound or contaminant and a means to obtain more information on the compound or contaminant. Such notice shall be included in the rental or lease agreement and shall contain the following in at least twelve point type in bold face on the first page: “NOTIFICATION OF TEST RESULTS The property has been tested for contamination of indoor air: test results and additional information are available upon request.”

Gullibility

NPR’s Science Friday has an interesting broadcast on Gullibility. Ira Flatow interview Stephen Greenspan, author of Annals of Gullibility: Why We Get Duped and How to Avoid It.

Can science explain why some swindles are so successful? Why are some people more likely to try to buy the Brooklyn Bridge or send money to the heir of a deposed Nigerian prince online? In this segment of Science Friday, we’ll talk about gullibility and the psychological principles at work in scams, from the $15 ‘genuine Rolex’ watch to the Bernard Madoff Ponzi scheme.

Mr. Greenspan was also the author of an essay in the Wall Street Journal: Why We Keep Falling for Financial Scams.

One memorable quote was his take on the Madoff scheme.  Mr. Greenspan point out that the scheme was not focused on greed. Madoff was not offering the high returns of typical Ponzi schemes. Instead, Madoff was offering a steady return. Madoff was offering safety. Mr. Greenspan points out that gullibility can be driven by the fear of losing money as much as it can be driven by the greed for money.

Lawyers and the Social Internet

Kevin O’Keefe, of Real Lawyers Have Blogs, put together his thoughts on what are the best social internet places for a lawyer or law firm to spend their resources: Lawyers and Social Media – It the Big Three. Kevin picks Blogs, Twitter and LinkedIn.

As usual, I agree with Kevin.

View Doug Cornelius's profile on LinkedInEvery professional should have a profile on LinkedIn. Lawyers may rely on their law firm website, but lawyers do not stay at the same law firm for their entire career any more. I was at The Firm for 13 years, but everyone else I keep in touch with from law school had moved to a new place. I was the last person who was still at the same place. LinkedIn is great at keeping track of your job history. LinkedIn is the place to answer the question: How Ddo I know you? When I am planning to meet someone I always run a Google search and a LinkedIn search.

I have found this blog to be a wonderful networking tool. I have created and maintain many relationships through this blog. There is no better way to stay connected, develop your expertise and showcase your abilities than through a blog. It has been tough for me to give up on this blog since moving from knowledge management to compliance. (And obviously unsuccessful.) Compliance Space will come out of the dark in the near future. Although most of you will not be interested in it.

Follow Doug on TwitterTwitter has exploded as a idea tool. As with most people, I was skeptical of what to do with a 140 character messaging system. But the open design has produced remarkable results for me.The micro-blogging aspect allows me communicate with people in a quick and easy way. Bigger thoughts end up in the blog. Lots of the background communication happens in Twitter.

I also use Twitter for research. Several times a day I search for “compliance”, “FCPA”, “CFIUS,” “Ethics”, and lots of other compliance terms. These tweets connect me with people, news, thoughts, thought-leaders and a plethora of information that helps me with my new role as Chief Compliance Officer.

One of the challenges of taking the new position, in this new area was the great network I had developed in the knowledge management and enterprise 2.0 areas. LinkedIn, blogs and Twitter are helping me to rapidly build a new network in the compliance area.

Facebook is great aggregator of information. I use it largely by having Facebook applications pull posts from blogs, my twitter updates and other sources rather than using Facebook as the primary creation point.

Unlike Kevin, I am still trying out new social internet sites. I still think Legal OnRamp has a bright future. Martindale-Hubble Connected has huge information repository that could create an incredibly powerful tool.

I try others to see what may develop. Eighteen months ago, I thought LinkedIn was boring and would not amount to much. I was wrong. It took a while for Twitter to catch on. I jump on others just to grab my name and to see what may happen. Usually I just waste 10 minutes to create profile (unfortunately, much longer for ABA’s LegallyMinded), see who else is there and explore the feature set. I have long list of bookmarks for dead social internet sites.

As with Kevin, I spend the vast majority of my time with the big three. You should too.

Originally posted on KM Space.

New Social Networks for Lawyers

Omar Ha-Redeye writes on slaw.ca about two new social networks for lawyers: Lawyrs Looking for Alternative Social Networks and Social Network on Jurafide for American Clients.

Jurafide.com is a networking and marketing site that facilitates communication between U.S. clients and non-U.S. lawyers.

Lawyrs.net looks like a social networking platform for lawyers with some group discussions and legal news.

Omar signed up on Lawyrs but finds that it is missing the ability to pull in your contacts and see who you know is in the site. A fatal flaw.

I did not bother signing up for either one. Legal OnRamp seems to be the dominant site in the world of social networking in the legal field. I previously wrote about my bad experiences with LawLink and ABA’s LegallyMinded. I still hold out some hope for Martindale Hubbell Connected. So, I am skeptical that either of these two companies with no apparent connection to the US legal market can provide an interesting online networking platform.

Originally posted on KM Space.

Anti-Fraud Provision of the Investment Advisers Act

On September 10, 2007, the SEC Adopted Rule 206(4)-8. The SEC adopted this rule in response to the decision in Goldstein v. SEC, 451 F.3rd, 873 (in which the Court of Appeals for the District of Columbia ruled that the “client” of an investment adviser was the pool itself and not an investor in the pool).

Rule 206(4)-8 makes it clear that the SEC may prohibit fraudulent conduct of an investment adviser that impacts an investor in the investment pool, regardless of whether the investment adviser has registered with the SEC.

The rule does not create a private right of action.  It only provides the SEC with the authority to enforce the rule. But the SEC does have its broad authority to impose fines, sanctions bar individuals from the securities business and to seek criminal penalties.

The rule prohibits misleading statements and deceptive conduct and is not limited to “statements.” So,  the rule is applicable to non-written misstatements or omissions. The rule would include presentations at investor meetings and phone calls.

The bad act need not be made in connection with the sale of securities. Unlike 10b-5, this rule applies to regular disclosures and investor letters.

Unlike Rule 10b-5, there is no “in connection with” requirement and the SEC would not have to prove reliance or harm by any individual in an enforcement action. Also, Rule 206(4)-8 contains no scienter requirement, unlike Rule 10b-5.  The SEC need only prove that there was a misstatement or omission of a material fact.

The challenging piece is responding to requests for information from investors. If you are providing a piece of information to one investor and not providing it to others did you “omit to state a material fact”?

Although negligent conduct is proscribed, the SEC specifically stated that the rule does not create a fiduciary duty not otherwise imposed by law. This rule should not change the way an investment advisers perform their duties.  It merely removes the doubt regarding the scope of the SEC’s authority created by Goldstein.