Blatant Self-Promotion

Each year, LexisNexis “honors a select group of blogs that set the online standard for a given industry.” This year, they expanded Top Blogs to include their Business Law Communities.

Compliance Building is one of the nominated candidates for the LexisNexis Top 25 Business Law Blogs of 2010, featured on the LexisNexis Corporate & Securities Law Community and the LexisNexis UCC, Commercial Contracts & Business Law Community.

Looking at the list of candidates, I see many blogs that I read regularly. If you are looking for a list of business law blogs to read, the list of nominees is a great place to start.

I think most of the nominated blogs are much better than mine. Whether its on quality, popularity, or some other factors, there is no way I will make it into the top 25. I will sit back and take the consolation prize: the honor of being nominated.

Lexis Nexis invites you to comment on the announcement post at either of the following links:

Top 25 Business Law Blogs 2010 – Corporate & Securities Law Community

Top 25 Business Law Blogs 2010 – UCC, Commercial Contracts & Business Law Community

To comment, you have to register. Registration is free and supposedly does not result in sales contacts. The comment period for nominations ends on October 8, 2010. They don’t say how they will end up selecting the top 25 out of the nominees other based on their review and your comments.

I’m also not sure how the Lexis-Nexis Communities fits in with the Martindale Hubbell Connected platform. There seems to be whole lot so substantive information in Communities that is missing in Connected. They should get these two sites together.

Vote for the business law blogs you feel are the best. Include Compliance Building if you think it’s worthy.

Social Media as a Risk Factor

It’s official. Social media is a risk factor. At least according to Estee Lauder and lululemon athletica.

Over at Footnoted, Michelle Leder and her team dig through SEC filings digging up the dirt on bad corporate behavior. They were digging through the 10-K for Estee Lauder when Theo Francis came across a new risk factor.

Our inability to anticipate and respond to market trends and changes in consumer preferences could adversely affect our financial results.

Our continued success depends on our ability to anticipate, gauge and react in a timely and cost-effective manner to changes in consumer tastes for skin care, makeup, fragrance and hair care products, their attitudes toward our industry and brands, as well as to where and how consumers shop for those products. We must continually work to develop, produce and market new products, maintain and enhance the recognition of our brands, achieve a favorable mix of products, and refine our approach as to how and where we market and sell our products. While we devote considerable effort and resources to shape, analyze and respond to consumer preferences, we recognize that consumer tastes cannot be predicted with certainty and can change rapidly. The issue is compounded by the increasing use of social and digital media by consumers and the speed by which information and opinions are shared. If we are unable to anticipate and respond to sudden challenges that we may face in the marketplace, trends in the market for our products and changing consumer demands and sentiment, our financial results will suffer.

It’s not exactly: “We could lose millions if the Twitteratti turn on us.”

Public companies disclose risk factors in their SEC filings trying to inform its stockholders and potential purchasers of its stock about potential losses. Failure to disclose a risk could result in a shareholder suit that the company was hiding its risks.

It looks like Estee Lauder is covering itself in case its customers get ugly in social media, start attacking the company, and stop buying its products.

Ever vigilant, Theo Francis poured back through the SEC database to see if any other companies had disclosed social media as a risk factor in its SEC filings. The only other consumer-product company they  found that lists social media as a risk factor in its 10-K was lululemon athletica, a Vancouver-based maker of “yoga-inspired apparel.”

Social media is not a new disclosure in SEC filings, but it was mostly discussed in marketing strategies and business strategies for tech and media companies. For example, Estee Lauder’s competitor Elizabeth Arden talks about the use of social media as part of its marketing strategy, but does not disclose it as a risk factor.

I wonder if we will see other companies start adding social media as a risk factor. Have you seen any other companies list it as a risk factor?

Sources:

Compliance Bits and Pieces: Ground Zero Mosque Edition

One part of compliance is investigation. Find the facts. Don’t rely on opinion or self-interest statements. With all the hullabaloo about the Ground Zero Mosque I thought I would gather some factual information.

First off. It’s not at Ground Zero.

Just How Far Is the “Ground Zero Mosque” From Ground Zero? by Matt Sledge in the Huffington Post

From 45 Park Place, the former Burlington Coat Factory building that will make way for the Cordoba House, it’s two blocks, around a corner, to get to the WTC site. Park Place doesn’t lie between the construction site and any mass transit stations, so you would need to go out of your way to have it offend you.

Mosques And A City Block (Update) by Scott Greenfield in Simple Justice

If someone was trying to build a Mosque on the Site, there would be one debate. But building a Mosque where the old Burlington Coat Factory used to be isn’t the Site. Not even close. It’s the equivalent of building it ten miles away in Houston. It’s a different neighborhood, climate, time zone. There are a couple of nudie bars, even another tiny Mosque, that far away, not to mention dozens of stores selling cheap junk. It’s not a pretty neighborhood. It’s not what people who don’t know Manhattan think it is. Not even close.

There’s a reason all the elected officials of both stripes in Manhattan think this whole debate is nonsense. They’ve been there and know what they’re talking about. This is being used by politicians to manufacture a debate that doesn’t exist. They are selling a fantasy to people who don’t know any better. This Mosque has absolutely nothing to do with the Site. It doesn’t besmirch anyone’s memory. It might as well be in another country for it’s impact on anything.

The Wikipedia page for Park 51 is full of links to great primary source material and (at least when I read it) mostly avoids opinions on the controversial project.

Park51, originally named Cordoba House and sometimes referred to in the media as the “Ground Zero mosque”, is a planned $100 million, 13-story, glass and steel Islamic community center and mosque. Plans are for the facility to include a 500-seat auditorium, theater, performing arts center, fitness center, swimming pool, basketball court, childcare area, bookstore, culinary school, food court serving halal dishes, and Islamic prayer space for 1,000–2,000 Muslims. It would replace an existing 1850s Italianate building that was damaged in the September 11 attacks, and is located two blocks (about 600 feet, or 180 meters) from the World Trade Center site in Manhattan, New York City.

Muslim Prayers and Renewal Near Ground Zero by Ralph Blumenthal in the New York Times

The location was precisely a key selling point for the group of Muslims who bought the building in July. A presence so close to the World Trade Center, “where a piece of the wreckage fell,” said Imam Feisal Abdul Rauf, the cleric leading the project, “sends the opposite statement to what happened on 9/11.” “We want to push back against the extremists,” added Imam Feisal, 61.

Mosque-erade from The Daily Show with Jon Stewart

The Daily Show With Jon Stewart Mon – Thurs 11p / 10c
Mosque-Erade
www.thedailyshow.com
Daily Show Full Episodes Political Humor Tea Party

Carnival of Trust

The Carnival of Trust is the brainchild of Charles Green of Trust Matters. It’s intended to highlight the best posts about trust in the business and professional workspace over the previous month. He apparently ran out of worthy people to host his carnival and, in what must have been a moment of weakness, asked me to host the Carnival of Trust for July.

Compliance and trust are an odd fit. After all, compliance can be seen as the opposite of trust. Compliance lays out policies and checks to make sure you are complying with those policies. Trust, but verify, and mostly verify.

I love carnivals. So before Mr. Green could change his mind I agreed to host the carnival. Still unsure about how compliance and trust worked together, I’m even more unsure how carnivals and trust go together. So I decided I would write about some of my favorite things at a carnival:

The Happy Clown

Clowns are a highlight of the carnival, with their faces painted in a bright red smile. The classic clown uses “clown white” to cover his entire face, hiding his underlying features. Then the clown adds a perpetual grin. Is there a problem with having a perpetual grin?

Steven DeMaio writes When Being Positive Is Positively Meaningless. Being super-positive can create so much “white noise that when clear, authentic positive feedback is given, it gets muted and loses its punch.” Being positive all the time can lower trust.

The Sad Clown

On the other side of the midway is the sad clown. Everyone can’t be happy all the time. As the character clown, the sad clown is likely the one who will end up getting a pie thrown at his face.

Scott Greenfield of Simple Justice takes on the Happysphere? You can’t get there from here. If you’re going to write a blog or expect to hear the truth from your peers, you need to expect to get some pie thrown in your face. Scott is happy to throw a pie at those sad clowns who cross the line in the legal blogosphere.

(Expecting a pie myself, I’m sure Charlie is starting wonder why he let me host this.)

The Clown Car

It seems that all of our financial institutions piled into a clown car and engaged in the same foolish activities with home mortgages. It’s fun to see clowns pile out of the impossibly small car. It’s less fun when you realize it’s taxpayer money helping the clown banks get out of their predicament.

Peter Birks writes about Trust and Naivety when it comes to looking at the health of our financial institutions. He writes about how Europe has decided to follow the U.S. lead in running financial institutions through stress tests. Running the tests was fairly successful in the U.S. for improving the public’s confidence in the banks. Birks points out why it’s not as successful in Europe. Different societies have different levels of trust in their government and their institutions.

Ball Toss

It’s pretty easy to throw a ball. It should be easy to win at the ball toss. The game’s barker has little to judge. If the ball goes in, you win. Baseball umpires have a harder job.

Charles Green talks about Baseball, Billy Budd and Business, using the blown call by baseball umpire Jim Joyce as the backdrop for his article. He presents three lessons to be learned:

Lesson 1. From umpire Joyce: face facts. Deal with reality. And the minute you see the facts are against you, call it. Call it on yourself. Take full responsibility.

Lesson 2. From pitcher Galarraga: accept life gracefully. Do all that you can; when you win, be gracious; and when you lose, that’s when you really demonstrate class.

Lesson 3: From Commissioner Selig. Celebrate the humanity of sports, business, life. The humanity of the sport really does transcend winning and losing.

Lion Tamer

The lure of the lion tamer is man against beast; realizing that you are not at the top of the food chain. The hungry lions are looking to eat the lion tamer when he steps into their cage. Health care costs are threatening to devour the American economy. Congress stepped into this cage of hungry lions when it passed the huge new health care law this spring.

Gregory Warner brings us an interesting story on Marketplace about a link between the way private oncologists get paid and how much chemotherapy they prescribe. No surprise. Doctors, like the rest of us, are influenced by how they get paid.

Fortune Teller

What awaits us after we leave the carnival’s midway? The lure of fortune tellers is the hope that their mystical powers will help us see the future and better deal with it.

One of a leader’s job skills is planning for the future and leading their people to best deal with it. Mike Myatt points out the importance of truth & leadership. “Telling the truth is not always easy, and may subject you to substantial opposition and controversy over the short run, but it will do nothing but help build your reputation, success and sustainability over the long haul.”

Elephant Ride

Elephants impress us with their massive size. Mr. Bailey’s biggest triumph as a circus entrepreneur was gaining possession of the first baby elephant born in captivity. This allowed his circus to compete with Barnum’s traveling circus.

Outside the carnival people are often unwilling to talk about the elephant in the room. If you want to be successful, you need to address the obvious problems. Jan Schultink shares a great insight (and image) in VC Pitch: Talk about the elephant in the room.

Demolition Derby

One of the loudest parts of the carnival is the demolition derby. I love seeing old cars smash into each other again and again until there is one fiercely-damaged car left still moving in the arena.

Tom Cox points out that Nice Teams Finish Last. Being nice will lead to workarounds and uncrossed bridges. On the other hand, you don’t want to be fierce, where you attack preemptively and build walls. He proposes a middle path where you are bold. That may not lead to victory in the demolition derby, but it may be a better way to lead a team.

Bumper Cars

The bumper cars offer people of all driving skills the ability to rampage through a pack of cars, with the inevitable collisions resulting in nothing more than a sudden jolt.

Over at Trust is Everything, Karen Mishra shares some trust lessons she learned as part of her teenage daughter getting ready to drive in Drivers’ Ed: A Whole New Meaning of Trust. I hope her daughter’s learning process is more like the bumper cars than the demolition derby.

Bearded Lady

Carnivals are full of odd people. For most carnivals, that includes the attendees, not just the sideshow performers. The bearded lady has been a staple of the side show for over a century. Although there were many famous bearded ladies, there were also many fakes.

When do Exaggerations and Misstatements Cross the Line? asks Knowledge@Wharton. “Embellishment is part of human nature, experts say, and almost everyone is guilty of it at one time or another. Left unchecked, however, exaggerations that seemed innocuous at first could result in serious, potentially career-ending consequences.”

Big Prizes

The lure of many games at the carnival is that big prize hanging on the wall behind the barker. Everyone wants the big prize. You’re bound to feel some envy when you see a winner carrying that huge stuffed animal around the midway. That envy may drive you to play again, hoping for a shot at the prize.

Jon Ingham looks at the problem of Promotion (and salary envy) in Social Advantage. The workplace is a social environment and workers will “behave dysfunctionally if they believe they’ve been treated unfairly in just a relatively minor way.”

Cotter Pins

Pay close attention to the cotter pins. Carnival rides fold down into truck-sized boxes for transportation to the next venue. Those cotter pins keep the ride re-assembled and keep you from flying off  into the crowd. A cotter pin is the glue that keeps the ride together.

Jack Vinson points to a story with the theory that trust is the glue that holds people together. “Trust is the most important currency in business. By opening up to what is true and creating a vision for the highest good, leaders can build a culture of trust and enhance the bottom line.”

Ring Toss

The ring toss game at the carnival is notoriously difficult. Failure is the usual result. If it were easy, they wouldn’t be giving prizes for winning.

John Scalzi in Whatever discusses the failure mode of clever. He points out that to be really clever you need to know when not to be clever. Before you write that clever bit, realize that the perception of the recipient will affect it. “Just because you intended to be clever doesn’t mean you will be perceived as clever.”

(I should have read that advice before I put this post together.)

You can read more about the Carnival of Trust and find links to past Carnivals of Trust at Charles H. Green’s Trust Matters. You can also use that site to submit an article for consideration in the next carnival.
——————————————————————
Image credits:

Supreme Court Rules on the Privacy of Text Messages

Sort of.

The Supreme Court issued its ruling in Ontario v. Quon regarding a police chief reviewing the content of a police officer’s text messages with consent or a warrant. Many commenters hoped that the Court would issue a broad statement on an employee’s privacy rights in this age of cloud computing and web 2.0.

The Court chose to rule on very narrow grounds and not address the electronic privacy issue:

“A broad holding concerning employees’ privacy expectations vis-à-vis employer-provided technological equipment might have implications for future cases that cannot be predicted. It is preferable to dispose of this case on narrower grounds.”

The Justices were hesitant to jump into the battle about electronic privacy:

“The Court must proceed with care when considering the whole concept of privacy expectations in communications made on electronic equipment owned by a government employer. The judiciary risks error by elaborating too fully on the Fourth Amendment implications of emerging technology before its role in society has become clear.

Prudence counsels caution before the facts in the instant case are used to establish far-reaching premises that define the existence, and extent, of privacy expectations enjoyed by employees when using employer-provided communication devices. Rapid changes in the dynamics of communication and information transmission are evident not just in the technology itself but in what society accepts as proper behavior.”

Instead, the Justices looked narrowly as the special situation of the government as an employer.  Since its the government, the Fourth Amendment’s protection against warrantless searches comes into play. (This is not applicable for a private employer.)  The standard  is that

“when conducted for a “non-investigatory, work-related purpos[e]”or for the “investigatio[n] of work-related misconduct,” a government employer’s warrantless search is reasonable if it is “‘justified at its inception’” and if “‘the measures adopted are reasonably related to the objectives of thesearch and not excessively intrusive in light of’” the circumstances giving rise to the search.”

Even if a government employee could assume some level of privacy in their messages, it would not have been reasonable for them to conclude that his messages were in all circumstances immune from scrutiny by the government employer.

Sources:

Compliance and Humor

At the Compliance Week 2010 Conference I was surprised to discover that the improv comedy group, Second City, had dived into the world of compliance and ethics awareness. They debuted three of their awareness videos during the conference keynotes. They are now available on their Real Biz Shorts website:

The big question is whether humor is appropriate for ethics and compliance?

Second City has a response in their FAQ:

“Well we believe that this programming is too important to be delivered in a way that doesn’t connect with employees. And humor is a great tool to address tough subjects and break the ice, allowing people to dialogue about the issues they face. In the comedy business there is a saying, “things are only funny when they’re true.” Humor for humor’s sake doesn’t work in ethics and compliance, but humor as a way to get to truth is invaluable.”

Tom Yorton, the CEO of Second City Communications, stated four things that comedy pros can teach compliance professionals in an article in the May issue of Compliance Week: Winning Your Audience.

  • Humor Gets to the Truth
  • Dialogues Beat Monologues
  • Foster Open Communication
  • Say It, and Say It Again

Check out the videos if you’re feeling down at your compliance job and need a chuckle. If this sounds interesting, they also offer a free demo with four other high-quality videos.

Now if I could just be funnier…..

Enterprise 2.0, Policies and Compliance

Mike Gotta asked me to join him on a panel about the policy and compliance issues at the Enterprise 2.0 Conference in Boston. This was my fifth Enterprise 2.0 conference: 2007, 2008, 2009, 2009 San Francisco.

That the audience was interested in compliance and regulatory issues is an indication of the industry maturing.

“Policy formation, governance and risk management programs are a critical requirement as organizations assess implications to the enterprise (e.g., identity assurance, data loss, compliance, e-Discovery, security), arising from internal and external use of social networking and social media. This panel of social media and Enterprise 2.0 practitioners will discuss real-life approaches that address management concerns.”

The panel consisted of:

  • Mike Gotta, Principal Analyst, Gartner
  • Bruce Galinsky, IT Director, Global Insurance Company
  • Abha Kumar, Principal, Information Technology, Vanguard
  • Doug Cornelius, Chief Compliance Officer, Beacon Capital Partners LLC
  • Alice Wang, Director, Gartner Inc.

I took the opportunity in my introduction to set the stage for the view of most compliance and in house lawyers:

“I’m the “NO” guy in your organization and most likely the person to bring your enterprise 2.0 or web 2.0 project to a grinding halt. People in my position do not want to hear about being social. I don’t care what you had for lunch or what your kids did last night. I don’t want to endanger the multi-million dollar value of this company so that you can play with Facebook inside the office. “Now get out of my office before I sic my flying monkeys on you.”

We were unsure when planning the session whether the audience would be interested in issues related to external or internal policies. Overwhelmingly, the audience voted for a focus on internal.

One of the initial questions was whether you even need a policy. We were largely in agreement that you may not need a new separate policy. However, I pointed out, your compliance/legal department is going to want one.

Largely, the risks with enterprise 2.0 are not new risks. The big difference is that the bad stuff is now findable. Most of evangelists proclaim the benefit of finding the good stuff you need to do your job better and to encourage innovation. The downside is exposing the bad stuff and opening the enterprise up to liability.

We eventually got to the point in the discussion about if you let personal issue community to form internally. Should you allow an employee to set up a wiki or discussion forum on religious, race or political issues?  Generally it will take some action to create a new community on the enterprise 2.0 platform. Undoubtedly, there will be some need to control the creation of communities and therefore a need for a policy.

There was some discussion about content, control of the content and fixing mistakes. Personally, I have less concern about that. You need to encourage the team to keep the information current and correct. If someone is operating with the wrong information it is better you know about it and can fix the problem. The alternative is not knowing about the problem because it lives in an email silo, allowing the bad information to continue uncorrected.

When trying to draft a policy it is very useful to look to external policies for ideas and approaches. My social media policies database is a good place to start looking for precedents.  The public web 2.0 industry is well ahead of the slower enterprise 2.0 industry.

Some other issues:

  • FTC and the disclosure of “Material Connection”  (see FTC and Bloggers.)
  • EU Data Privacy
  • Records Management
  • Discovery and Law suits
  • First Amendment
  • Human Resources Issues
    • Labor relations
    • Recommendations
    • Overtime
    • Retiree and alumni involvement
  • Hiring Discrimination
  • Off-Duty activities
  • Company IP, logos and trademarks
  • Monitoring – if you have a policy you need to enforce it.

Each company has a different set of issues they are worried about. Each company also has a unique corporate culture. So there is no right way to drafting a policy. You really need to pick and chose finding the different elements that will work in your enterprise.

Are Facebook and MySpace Messages Subject to Discovery?

In the recent case of Crispin v. Audigier, a California judge ruled that Facebook and MySpace messages that aren’t publicly available are protected information under the Stored Communications Act, and therefore can’t be subpoenaed for use in civil litigation.

Buckley Crispin sued clothing maker Christian Audigier for copyright infringement, alleging that Audigier used his artistic material outside the scope of a license agreement. Audigier issued a subpoena to Facebook, MySpace, and two other third parties seeking communications by Crispin about Audigier.

Crispin’s lawyers argued that such communications fell under the Stored Communications Act, which prevents providers of communication services from divulging private communications to certain entities and individuals. A magistrate judge rejected the argument and found that Facebook and MySpace were not Electronic Communications Services and therefore not subject to the protections of the Stored Communications Act. Because the magistrate judge thought the websites’ messaging services are used solely for public display, he found that they did not meet this definition.

Judge Morrow of the US District Court for the Central District of California disagreed and laid out some thoughts about the use of the sites and how they relate to civil litigation. (Law enforcement can always use a warrant to get the information, assuming it is related to a crime.)

The Judge noted that the Stored Communications Act distinguishes between a remote computing service and an electronic communications service.

“electronic communication service” means any service which provides to users thereof the ability to send or receive wire or electronic communications (18 U.S.C. § 2510(15)) With certain enumerated exceptions, the Stored Communications Act prohibits an electronic communication service provider from “knowingly divulg[ing] to any person or entity the contents of a communication while in electronic storage by that service.” (18 U.S.C. §§ 2702(a)(1), (b))

“remote computing service” means the provision to the public of computer storage or processing services by means of an electronic communications system (18 U.S.C. § 2711(2)) The Stored Communications Act prohibits an remote computing service provider from “knowingly divulg[ing] to any person or entity the contents of any communication which is carried or maintained on that service.” (18 U.S.C. §§ 2702(a)(2)).

In the end, the decision about whether a particular message is subject to disclosure is dependent on security settings. Different messages in Facebook and MySpace (and other web 2.0 sites) will be subject to different standards.

The judge found that webmail and private messages are inherently private and quashed the subpoena for those messages. With respect to the subpoenas seeking Facebook wall postings and MySpace comments, the decision will be dependent on the person’s privacy settings and the extent of access allowed. If the general public had access to plaintiff’s Facebook wall and MySpace comments then presumably they are subject to discovery in civil litigation.

The Stored Communications Act was passed as part of the Electronic Communications Privacy Act in 1986. This was obviously well before the development of the current internet applications and technology. Courts, including the one in this Crispin case, have found that the application of this nearly 25-year-old statute presents challenges in application to the current use of the internet.

As Facebook changes the privacy settings in its platform, those changes will affect the discoverability of messages in civil litigation.

Sources: