Posted

Google has figured out that I shop for a lot of children’s clothing online, as my two children grow like weeds. Every time I launch a search, my banner ads link to brands that I have bought previously or similar brands that other consumers may have purchased. That is Big Data at work, as it is being used to identify other brands that I might be interested in purchasing based on shoppers with similar consumer profiles to mine. But let’s say that the next banner ad I receive isn’t for children’s clothing, but is instead for an all-inclusive Caribbean vacation. Well, I have never searched for Caribbean vacations, why would this be turning up? Again, this is Big Data at work, because patterns in human behavior have informed Google that people with small children are likely good targets for a quick getaway vacation. This is an example of the value of Big Data in predicting individual consumer behavior based on the behavior of many.

“Big Data” is the somewhat uncreative but accurate term for the process of collecting, culling, and categorizing of data from diverse sources on a massive scale. Through the application of algorithms, companies are analyzing Big Data in order to see patterns in human behavior, and (most commonly) using it to develop targeted, individualized marketing. The primary goal of Big Data is to learn from a large body of information things that we could not comprehend when we used only smaller amounts. Recent trends point to an increase in the use of Big Data, but there are several cautionary points from a legal and privacy perspective to consider.

What are the uses of Big Data, and who uses it? The potential benefits are wide ranging, but can be categorized as follows:

Posted
By

In addition to the consumer hoopla over iOS 7, companies managing BYOD programs also have reason to rejoice. As reported on CIO.com, iOS 7 brings about a new level of control for companies through expanded app-level MDM Capabilities. MDM, or Mobile Device Management, is the technology that companies use to try to segregate the corporate and the personal realms on mobile devices.

Of course, the trick is not in having the coolest technology, but it how you use it. For app-level MDM to work, the company takes control over the app (including the ability to wipe the app and its data). For some apps that themselves share personal and corporate activities (e.g., the address book), the company’s use of MDM to protect its corporate assets will also sweep in personal assets. One can debate whether this is good or bad, but it does exacerbate challenges in balancing personal versus corporate interests. The tool makes it easier to protect the corporate assets, but exposes the personal assets to greater risk.

As we have outlined in prior posts, courts have striven to protect the individual’s interest in their personal data stored on mobile devices from over-reaching companies. Again, as we have previously discussed, the best way for the company to protect itself is by being very clear in its BYOD policies as to what it will and will not do. This requires the manager of the BYOD policy to understand clearly the technical implications of the new iOS 7 capabilities–including both the intended and unintended consequences of leveraging those capabilities–and to make those implications clear to company employees.

Posted
By

As the U.S. moves toward full implementation of the Federal Affordable Care Act (ACA, also known as Obamacare), employers are seeing new challenges and opportunities in the provision of health coverage and other benefits to their employees.
Some predict that ACA will lead to cheaper, better, universal health care. Others predict a calamity. But most agree that the law will drive significant change in the way health care is delivered, paid for and insured in this country. Employers are left wondering how to plan for and manage those changes while containing costs and meeting their employees’ expectations.
Human resource consultants and product vendors are responding by aggressively promoting their services as an answer to the complexity and administrative headaches created by the legislation.  Outsourcing benefits administration functions to these specialists is one approach. Another approach is to engage one of several service providers that have launched private health insurance exchanges in the two years since the ACA legislation passed.
These exchanges promise to address two critical challenges facing employers -1) ensuring compliance with the ACA’s complex rules, in addition to any applicable state and local laws, and 2) securing appropriate coverage benefits for employees at an affordable cost.

What Are the New Private Health Exchange Options?
Individuals and small businesses may use public, government-run exchanges like Covered California to compare and purchase insurance plans.
Larger employers can continue to arrange their own health care programs. As an alternative, some will direct their employees to the public exchanges if the exchanges deliver better pricing, better service and greater options for their employees.  Sixteen states and the federal government will have such exchanges operating come January 2014. This constitutes a threat to existing payors, who may see their business migrating to commoditized public exchanges. Private exchanges recently launched by health insurers, brokers, and human resources and administration consultancies, including major players like Aon Hewitt, Mercer, and Towers Watson, offer individuals and businesses an alternative to the government-run exchanges and traditional payor health care plans. At a minimum, these exchanges generally offer:

· An online self-service portal for covered individuals

By
Posted In:
Posted
Updated:

Posted

Most outsourcing contracts that I see contain a step-in right for the customer. Generally, a step-in right allows the customer to take over the outsourced operations if the supplier cannot or does not perform, and then “step out” when the supplier demonstrates that it will meet its contractual obligations.

How realistic is it that a customer can ever exercise those rights, and are they worth the additional time and angst to negotiate?

Outsourcing contracts are not the only type of agreements in which you will find step-in rights. They are used in many other commercial agreements, including construction, project finance and development agreements. In those relationships, step-in rights are generally more straightforward and easier to exercise than in an outsourcing relationship, where it may be impossible to “step-in” and perform the supplier’s obligations.

Posted

It has been said for some time that data is the new oil, but many global organizations continue to struggle to comply with regulatory requirements when it comes to the exploitation of this valuable resource.

A recent worldwide audit of over 2,000 websites, coordinated by the Global Privacy Enforcement Network (“GPEN”), has revealed “significant shortcomings” at many organizations. In particular, approximately half of the websites “swept” failed to display a complete, coherent and compliant privacy policy, or worse still, any policy at all.

The audit, the first of its kind, was conducted in May of this year by 19 different data protection authorities around the world, including the UK’s Information Commissioner’s Office (“ICO”).”The results reveal significant shortcomings” reports Adam Stevens, Intelligence Officer at the ICO, on 16 August, stating that 23% of the 250 websites it reviewed had no privacy policy at all and that a third of those that did have policies ” were considered to be difficult to read, and many weren’t sufficiently tailored to the actual website”.

Posted

Let’s quickly revisit the scenario we’ve been following through our first two installments. That is, you are a CIO faced with a decision on whether or not to enter into an “enterprise” or an “unlimited” license arrangement with a major software publisher. With the first installment, we explored the scope of the deal (What does “enterprise” or “unlimited” really mean?“). And, with the second installment we discussed the prospect of a long-term relationship with the publisher (Do we really want to be doing business with this publisher?“).

Let’s assume you’ve gotten yourself a little more comfortable with the idea of the deal after looking at your team’s responses to the first two questions. Even so, there are additional risks to understand and address, which brings us to the third question:

“Does the deal reflect and account for the long-term nature of the arrangement and relationship with this publisher?”

Posted

Database marketing outsourcing is a strategic transaction for retailers. This type of outsourcing can facilitate the integration of diverse marketing channels (e.g., web, social media, catalog and in-store sales) and enable more targeted and effective marketing to consumers.

Database marketing encompasses a potentially broad array of services, including:

• Implementation and hosting of a CRM database marketing solution;

Posted

There are a number of important reforms being made to UK employment law this year, largely due to the enactment of the Enterprise and Regulatory Reform Act 2013 (“ERRA”). Many of the reforms under ERRA are being implemented over a period of time from 2013 and beyond, following a period of intensive consultation by the UK Government. Keeping track of all the proposed reforms can be a challenge. This Client Alert summarises the key reforms which have recently come into force and provides a timetable for the implementation of other key proposed reforms so that employers can start planning more effectively to accommodate the changes.

Posted

We recently posted a three-part series on BYOD issues in this blog. A primary theme was the inherent tension between employer control and employee privacy in a BYOD environment. In a recently reported case out of the Northern District of Ohio (Lazette v. Kulmatycki), the courts had an opportunity to clarify how to walk this tightrope. Unfortunately, in struggling with existing (and somewhat inadequate) laws, the result seems to have made the rope even more fine rather than clarifying a path across the divide.

Background of a BYOD Case
The case begins with a corporate-liable Blackberry device of a former employee (Lazette) being turned into the employer upon separation. Lazette dutifully deleted her personal email account from the device before returning it to her employer – or so she thought. For whatever reason, her personal email account remained, and her former boss (Kulmatycki) proceeded to read some 48,000 personal emails over the course of the ensuing months.

The headline from the case is that the boss was at fault for reading the emails. This result “feels” right. After all, Lazette no longer worked there, so why was Kulmatycki reading her personal emails – even if he may have had the right to do so when she was still an employee and had personal email on a corporate-liable device.

Posted

This article was originally published in the July 22, 2013 issue of Texas Lawyer.

The constant threat of cyberattacks presents many and varying challenges for businesses. Insurance provides one way to deal with them. Because the market for insurance covering these risks and the law interpreting these policies both continue to develop, this is an area in which attorneys can help clients by maximizing their opportunity to secure the broadest possible coverage.

A look at federal and state action on cybersecurity risks provides some critical background. President Obama issued his Executive Order on Improving Critical Infrastructure Cybersecurity in February. In October 2011, the U.S. Securities and Exchange Commissions Division on Corporate Finance issued relevant guidance on financial-disclosure obligations concerning cybersecurity issues in CF Disclosure Guidance Topic No. 2 – Cybersecurity.