Menu
Legal shorts for April 28, 2015: Post-breach research protected from discovery, and a trade-secrets battle over betting machines
Cybersecurity research falls under attorney-client, work product protections
A company is hit by hackers and suffers a data breach. It hires two cybersecurity firms to investigate the matter. The company is later sued by a credit-card company, which seeks the results of the cybersecurity firms' research as part of discovery. Does the plaintiff credit-card company get the information from the defendant breach victim?
The U.S. District Court for the Middle District of Tennessee ruled recently in Genesco, Inc. v. Visa U.S.A., Inc. that the cybersecurity firms' research is protected by both the attorney-client privilege and the work-product doctrine. Shea Gordon Leitch, Antony Kim, and Aravind Swaminathan of Orrick, Herrington, and Sutcliffe LLP write about the decision in an April 24, 2015, article on the JD Supra Business Advisor site.
The authors point out that the court's ruling signals the key role legal counsel -- whether in-house or outside -- takes in the investigation of data breaches. By protecting the information collected by security experts on behalf of the potential plaintiffs, the legal counsel provides their corporate clients with a "safe place" to discuss the implications of the breach for the company, its customers, and its business partners.
---------------------------------------------------------
Shenanigans in 'historical' horse-race betting games
I bet you didn't know you can bet on horse races that have already been run. (Makes me wish I had saved all those old Racing Forms.) There's a company called AmTote International that sells betting machines to race tracks and other customers that let people place bets on live and historical horse races.
According to an April 24, 2015, article on the JD Supra Business Advisor site written by Mark Mermelstein and Robert Uriarte of Orrick, Kentucky Downs swapped out its AmTote betting machines in April 2015 for models from competitor Encore Gaming. AmTote sued Kentucky Downs, three of the track's high-ranking employees, and Encore Gaming, alleging misappropriation of AmTote's trade secrets.
AmTote hopes to win an injunction against the defendants under the "inevitable disclosure" doctrine. That doctrine avers that the defendants had no choice but to rely on information it gleaned from using the AmTote machines, which the track had been using since 2011. The inherent similarities of the betting machines from the two companies plays in AmTote's favor, according to the authors.
While the case will likely turn on whether the betting machines' diagnostic reports and other components qualify as trade secrets, what astonishes me is that somebody is making money from bets placed on races that were run years ago. The only reason I bring up the case here is because it gives me an opportunity to wish the entrants in this Saturday's 141st running of the Kentucky Derby the best of racing luck.
Just don't ask me who I've got in the race. I think my pick from last year's race is still circling the Churchill Downs track.
A company is hit by hackers and suffers a data breach. It hires two cybersecurity firms to investigate the matter. The company is later sued by a credit-card company, which seeks the results of the cybersecurity firms' research as part of discovery. Does the plaintiff credit-card company get the information from the defendant breach victim?
The U.S. District Court for the Middle District of Tennessee ruled recently in Genesco, Inc. v. Visa U.S.A., Inc. that the cybersecurity firms' research is protected by both the attorney-client privilege and the work-product doctrine. Shea Gordon Leitch, Antony Kim, and Aravind Swaminathan of Orrick, Herrington, and Sutcliffe LLP write about the decision in an April 24, 2015, article on the JD Supra Business Advisor site.
The authors point out that the court's ruling signals the key role legal counsel -- whether in-house or outside -- takes in the investigation of data breaches. By protecting the information collected by security experts on behalf of the potential plaintiffs, the legal counsel provides their corporate clients with a "safe place" to discuss the implications of the breach for the company, its customers, and its business partners.
---------------------------------------------------------
Shenanigans in 'historical' horse-race betting games
I bet you didn't know you can bet on horse races that have already been run. (Makes me wish I had saved all those old Racing Forms.) There's a company called AmTote International that sells betting machines to race tracks and other customers that let people place bets on live and historical horse races.
According to an April 24, 2015, article on the JD Supra Business Advisor site written by Mark Mermelstein and Robert Uriarte of Orrick, Kentucky Downs swapped out its AmTote betting machines in April 2015 for models from competitor Encore Gaming. AmTote sued Kentucky Downs, three of the track's high-ranking employees, and Encore Gaming, alleging misappropriation of AmTote's trade secrets.
AmTote hopes to win an injunction against the defendants under the "inevitable disclosure" doctrine. That doctrine avers that the defendants had no choice but to rely on information it gleaned from using the AmTote machines, which the track had been using since 2011. The inherent similarities of the betting machines from the two companies plays in AmTote's favor, according to the authors.
While the case will likely turn on whether the betting machines' diagnostic reports and other components qualify as trade secrets, what astonishes me is that somebody is making money from bets placed on races that were run years ago. The only reason I bring up the case here is because it gives me an opportunity to wish the entrants in this Saturday's 141st running of the Kentucky Derby the best of racing luck.
Just don't ask me who I've got in the race. I think my pick from last year's race is still circling the Churchill Downs track.