Category: Communication Media & Internet

Small and Mid-Sized Businesses Continue to Be Targeted by Cybercriminals

A recent Ponemon Institute study finds that small and mid-sized businesses continue to be targeted by cybercriminals, and are struggling to direct an appropriate amount of resources to combat the attacks.

The Ponemon study finds that 76 percent of the 592 companies surveyed had experienced a cyber-attack in the previous year, up from 70 percent last year. Phishing and social engineering attacks and scams were the most common form of attack reported by 57 percent of the companies,  while 44 percent of those surveyed said the attack came through a malicious website that a user accessed. I attended a meeting of Chief Information Security Officers this week and was shocked at one statistic that was discussed—that a large company filters 97 percent of the email that is directed at its employees every day. That means that only 3 percent of all email that is addressed to users in a company is legitimate business.

A recent Accenture report shows that 43 percent of all cyber-attacks are aimed at small businesses, but only 14 percent of them are prepared to respond. Business insurance company Hiscox estimates that the average cost of a cyber-attack for small companies is $200,000, and that 60 percent of those companies go out of business within six months of the attack.

These statistics confirm what we all know: cyber-attackers are targeting the lowest hanging fruit—small to mid-sized businesses, and municipalities and other governmental entities that are known to have limited resources to invest in cybersecurity defensive tools. Small and mid-sized businesses that cannot devote sufficient resources to protecting their systems and data may wish to consider other ways to limit risk, including prohibiting employees from accessing websites or emails for personal reasons during working hours. This may sound Draconian, but employees are putting companies at risk by surfing the web while at work and clicking on malicious emails that promise free merchandise. Stopping risky digital behavior is no different than prohibiting other forms of risky behavior in the working environment—we’ve just never thought of it this way before.

Up to this point, employers have allowed employees to access their personal phones, emails and websites during working hours. This has contributed to the crisis we now face, with companies often being attacked as a result of their employees’ behavior. No matter how much money is devoted to securing the perimeter, firewalls, spam filters or black listing, employees still cause a large majority of security incidents or breaches because they click on malicious websites or are duped into clicking on a malicious email. We have to figure out how employees can do their jobs while also protecting their employers.

Copyright © 2019 Robinson & Cole LLP. All rights reserved.

For more on cybersecurity, see the National Law Review Communications, Media & Internet law page.

LinkedIn Petitions Circuit Court for En Banc Review of hiQ Scraping Decision

On October 11, 2019, LinkedIn Corp. (“LinkedIn”) filed a petition for rehearing en banc of the Ninth Circuit’s blockbuster decision in hiQ Labs, Inc. v. LinkedIn Corp., No. 17-16783 (9th Cir. Sept. 9, 2019). The crucial question before the original panel concerned the scope of Computer Fraud and Abuse Act (CFAA) liability to unwanted web scraping of publicly available social media profile data and whether once hiQ Labs, Inc. (“hiQ”), a data analytics firm, received LinkedIn’s cease-and-desist letter demanding it stop scraping public profiles, any further scraping of such data was “without authorization” within the meaning of the CFAA. The appeals court affirmed the lower court’s order granting a preliminary injunction barring LinkedIn from blocking hiQ from accessing and scraping publicly available LinkedIn member profiles to create competing business analytic products. Most notably, the Ninth Circuit held that hiQ had shown a likelihood of success on the merits in its claim that when a computer network generally permits public access to its data, a user’s accessing that publicly available data will not constitute access “without authorization” under the CFAA.

In its petition for en banc rehearing, LinkedIn advanced several arguments, including:

  • The hiQ decision conflicts with the Ninth Circuit Power Ventures precedent, where the appeals court held that a commercial entity that accesses a website after permission has been explicitly revoked can, under certain circumstances, be civilly liable under the CFAA. Power Ventures involved Facebook user data protected by password (that users initially allowed a data aggregator permission to access). LinkedIn argued that the hiQ court’s logic in distinguishing Power Ventures was flawed and that the manner in which a user classifies his or her profile data should have no bearing on a website owner’s right to protect its physical servers from trespass.

“Power Ventures thus holds that computer owners can deny authorization to access their physical servers within the meaning of the CFAA, even when users have authorized access to data stored on the owner’s servers. […] Nothing about a data owner’s decision to place her data on a website changes LinkedIn’s independent right to regulate who can access its website servers.”

  • The language of the CFAA should not be read to allow for “authorization” to be assumed (and unable to be revoked) for publicly available website data, either under Ninth Circuit precedent or under the CFAA-related case law of other circuits.

“Nothing in the CFAA’s text or the definition of ‘authorization’ that the panel employed—“[o]fficial permission to do something; sanction or warrant,” suggests that enabling websites to be publicly viewable is not ‘authorization’ that can be revoked.”

  • The privacy interests enunciated by LinkedIn on behalf of its users is “of exceptional importance,” and the court discounted the fact that hiQ is “unaccountable” and has no contractual relationship with LinkedIn users, such that hiQ could conceivably share the scraped data or aggregate it with other data.

“Instead of recognizing that LinkedIn members share their information on LinkedIn with the expectation that it will be viewed by a particular audience (human beings) in a particular way (by visiting their pages)—and that it will be subject to LinkedIn’s sophisticated technical measures designed to block automated requests—the panel assumed that LinkedIn members expect that their data will be ‘accessed by others, including for commercial purposes,’ even purposes antithetical to their privacy setting selections. That conclusion is fundamentally wrong.

Both website operators and open internet advocates will be watching closely to see if the full Ninth Circuit decides to rehear the appeal, given the importance of the CFAA issue and the prevalence of data scraping of publicly available website content. We will keep a close watch on developments.

© 2019 Proskauer Rose LLP.

Whatever Happened to that Big Ringless Voicemail Decision We Were All Expecting? It Was a Nothing Burger—For Now

You’ll recall a few weeks back TCPAWorld.com featured analysis of efforts by VoApps—makers of the DirectDrop ringless voicemail platformto stem the tide of negative TCPA rulings addressing ringless voicemail technologies. VoApps founder David King even joined the Unprecedented podcast to discuss his submission of a lengthy declaration to the court addressing how the technology works and why it is not covered by the TCPA.

Well, a few days ago the Court issued its ruling on the pending motion—a summary judgment effort by the Plaintiff—and I must say, it was rather anti-climactic. Indeed, the court punted entirely on the key issue.

In Saunders v. Dyck O’Neal, Case No. 1:17-CV-335, 2019 U.S. Dist. LEXIS 177606 (W.D. Mich. Oct. 4, 2019) the court issued its highly-anticipated ruling on the Plaintiff’s bid to earn judgment following the Court’s earlier ruling that a ringless voicemail is a call under the TCPA. It was in response to this motion that VoApps submitted a mountain of evidence that although a ringless voicemail may be a “call” it is not a call to a number assigned to a cellular service—and so such calls are not actionable under the TCPA’s infamous section 227(b).

Rather than answer the question directly the Court made mincemeat of the Federal Rules of Civil Procedure and treated the summary judgment motion as if it were some sort of motion to confirm the Court’s earlier ruling. This is weird because: i) no it wasn’t; and ii) there’s no such thing. As the Court put it: “Admittedly, Saunders moved for summary judgment, but her motion is in fact limited to a request for clarification of the impact of the Court’s prior ruling: Was the Court’s prior ruling that DONI’s messaging technology falls within the purview of the TCPA a ruling as a matter of law that binds the parties going forward? The answer is clearly yes.”

Great. So we now know what we already all knew—the Saunders court holds that a ringless voicemail is a call. Got it. As to the key issue of whether the calls were made to a landline to a cell phone, however, the Court finds: “These issues were unnecessary to Saunders’s motion, as she has not [actually] moved for summary judgment on her claim.”

So there you go. Plaintiff’s motion for summary judgment was not actually a motion for summary judgment after all. So all that work by VoApps was for nothing. But not really. Obviously this fight is not yet over. The Court declined to enter judgment in favor of the Plaintiff meaning that further work—and perhaps a trial—lies ahead for the good folks over at VoApps. We’ll keep you posted.

 

© Copyright 2019 Squire Patton Boggs (US) LLP

For more on voicemail & phone regulation, see the National Law Review Communications, Media & Internet law page.

Resist the Urge to Access: the Impact of the Stored Communications Act on Employer Self-Help Tactics

As an employer or manager, have you ever collected a resigning employee’s employer-owned laptop or cellphone and discovered that the employee left a personal email account automatically logged in? Did you have the urge to look at what the employee was doing and who the employee was talking to right before resigning? Perhaps to see if he or she was talking to your competitors or customers? If so, you should resist that urge.

The federal Stored Communications Act, 18 U.S.C. § 2701et seq., is a criminal statute that makes it an offense to “intentionally access[ ]without authorization a facility through which an electronic communication service is provided[ ]and thereby obtain[ ] . . . access to a[n] . . . electronic communication while it is in electronic storage  . . . .” It also creates a civil cause of action for victims of such offenses, remedied by (i) actual damages of at least $1,000; (ii) attorneys’ fees and court costs; and, potentially, (iii) punitive damages if the access was willful or intentional.

So how does this criminal statute apply in a situation in which an employee uses a personal email account on an employer-owned electronic device—especially if an employment policy confirms there is no expectation of privacy on the employer’s computer systems and networks? The answer is in the technology itself.

Many courts find that the “facility” referenced in the statute is the server on which the email account resides—not the company’s computer or other electronic device. In one 2013 federal case, a former employee left her personal Gmail account automatically logged in when she returned her company-owned smartphone. Her former supervisor allegedly used that smartphone to access over 48,000 emails on the former employee’s personal Gmail account. The former employee later sued her former supervisor and her former employer under the Stored Communications Act. The defendants moved to dismiss the claim, arguing, among other things, that a smartphone was not a “facility” under the statute.

While agreeing with that argument in principle, the court concluded that it was, in fact, Gmail’s server that was the “facility” for purposes of Stored Communications Act claims. The court also rejected the defendants’ arguments (i) that because it was a company-owned smartphone, the employee had in fact authorized the review, and (ii) that the former employee was responsible for any alleged loss of privacy, because she left the door open to the employer reviewing the Gmail account.

Similarly, in a 2017 federal case, a former employee sued her ex-employer for allegedly using her returned cell phone to access her Gmail account on at least 40 occasions. To assist in the prosecution of a restrictive covenant claim against the former employee, the former employer allegedly arranged to forward several of those emails to the employer’s counsel, including certain allegedly privileged emails between the former employee and her lawyer. The court denied the former employer’s motion to dismiss the claim based on those allegations.

Interestingly, some courts, including both in the above-referenced cases, draw a line on liability under the Stored Communication Act based on whether the emails that were accessed were already opened at the time of access. This line of reasoning is premised on a finding that opened-but-undeleted emails are not in “storage for backup purposes” under the Stored Communications Act. But this distinction is not universal.

In another 2013 federal case, for example, an individual sued his business partner under the Stored Communications Act after the defendant logged on to the other’s Yahoo account using his password. A jury trial resulted in a verdict for the plaintiff on that claim, and the defendant filed a motion for judgment as a matter of law. The defendant argued that she only read emails that had already been opened and that they were therefore not in “electronic storage” for “purposes of backup protection.” The court disagreed, stating that “regardless of the number of times plaintiff or defendant viewed plaintiff’s email (including by downloading it onto a web browser), the Yahoo server continued to store copies of those same emails that previously had been transmitted to plaintiff’s web browser and again to defendant’s web browser.” So again, the court read the Stored Communications Act broadly, stating that “the clear intent of the SCA was to protect a form of communication in which the citizenry clearly has a strong reasonable expectation of privacy.”

Based on the broad reading of the Stored Communications Act in which many courts across the country engage, employers and managers are well advised to exercise caution before reviewing an employee’s personal communications that may be accessible on a company electronic device. Even policies informing employees not to expect privacy on company computer systems and networks may not save the employer or manager from liability under the statute. So seek legal counsel if this opportunity presents itself upon an employee’s separation from the company. And resist the urge to access before doing so.

© 2019 Foley & Lardner LLP
For more on the Stored Communications Act, see the National Law Review Communications, Media & Internet law page.

Head Hacking: New Devices Gather Brainspray

For more than a decade I have been warning about the vulnerability of brainspray – the brain signals that can be captured from outside your head. In 2008, this article by Jeffery Goldberg demonstrated that an fMRI machine could easily interpret how a person felt about stimuli provided – which could be a boon to totalitarian governments testing for people’s true feelings about the government or its Dear Leader. Of course in 2008 the fMRI costs two million dollars and you must lie still inside it for a useful reading to emerge.

While fMRI mind reading and lie detection is not yet ready for the courtroom, its interpretations are improving all the time and mobile units are under consideration. And its wearable cousins, like iWatches and computerized head gear are reading changes from within your body, such as electrocardiogram, heart rate, blood pressure, respiration rate, blood oxygen saturation, blood glucose, skin perspiration, capnography, body temperature, motion evaluation, cardiac implantable devices and ambient parameters. Certain head gear is calibrated just for brain waves.

Some of this is gaming equipment and some helps you meditate.  Biofeedback headsets measure your brain waves, using EEG. They’re small bands that sit easily on your head and measure activity through sensors. Several companies like MindWave, NeuroSky, Thync, and Versus all make such equipment available to the general public.

Of course, if you really want to frighten yourself about how far this technology has advances, check in on DARPA and the rest of the US Military. DARPA has been testing brainwave filtering binoculars , human brainwave driven targeting for killer robots,  and soldier brain-machine interfaces for military vehicles. And these are just the things they are currently willing to dicuss in public.

I wrote six years ago about how big companies like Honda were exploring brainspray capture, and have spoken about how Google, Facebook and other Silicon Valley giants have sunk billions of dollars into creating brain-machine interfaces and reading brainspray for practical purposes.

I will write more on this later, but be aware that hacking of this equipment is always possible, which could give the wrong people access to your brain waves and pick up if you are thinking of your bank account PIN or other sensitive matter. Your thoughts of any sort should be protected from view.  Thought-crime has always been on the other side of the line.

Now that it is possible to read your brainspray with greater certainty, we should be considering how to regulate this activity.  I don’t mind giving the search engine my information in exchange of efficient immediate searches.  But I don’t want to open my head to companies or government.

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.

For more in device hacking, see the Communications, Media & Internet law page on the National Law Review.

FTC Attorney on Endorsement Guide Compliance

Influencer marketing and review websites have attracted a great deal of attention recently by states and federal regulatory agencies, including the FTC.  The FTC’s Endorsement Guides addresses the application of Section 5 of the FTC Act to the use of endorsements and testimonials in advertising.

At their core, the FTC Endorsement Guides (the “Guides”) reflect the basic truth-in-advertising principle that endorsements must be honest and not misleading.  The Guides suggest several best practices, including, but not limited to the following:

  1. Influencers must be legitimate and bona fide users, and endorsements must reflect honest opinions.
  2. Endorsers cannot make claims about a product that would require proof the advertiser does not have.  Blogger and brands are potentially subject to liability for claims with no reasonable basis therefor.
  3. Clearly and conspicuously disclose material connections between advertisers and endorsers (e.g., a financial or family relationship with a brand)
  4. To make a disclosure “clear and conspicuous,” advertisers should use plain and unambiguous language and make the disclosure stand out.  Consumers should be able to notice the disclosure easily.  They should not have to look for it.  Generally speaking, disclosures should be close to the claims to which they relate; in a font that is easy to read; in a shade that stands out against the background; for video ads, on the screen long enough to be noticed, read, and understood; and for audio disclosures, read at a cadence that is easy for consumers to follow and in words consumers will understand.
  5. Never assume that a social media platform’s disclosure tool is sufficient.  Some platforms’ disclosure tools are insufficient.  Placement is key.
  6. Avoid ambiguous disclosures like #thanks, #collab, #sp, #spon or #ambassador.  Clarity is crucial.  Material connection disclosures must be clear and unmistakable.
  7. Do not rely on a disclosure placed after a CLICK MORE link or in another easy-to-miss location.
  8. Advertisers that use bloggers and other social media influencers to promote products are responsible for implementing reasonable training, monitoring and compliance programs (e.g., educating members about claim substantiation requirements and disclosing material connections, searching for what people are saying and taking remedial action).
  9. Statements like “Results not typical” or “Individual results may vary” are likely to be interpreted to mean that the endorser’s experience reflects what others can also expect.  Therefore, advertisers must have adequate proof to back up the claim that the results shown in the ad are typical, or clearly and conspicuously disclose the generally expected performance in the circumstances shown in the ad.
  10. Brands can ask customers about their experiences and feature their comments in ads.  If they have no reason to expect compensation or any other benefit before they give their comments, consult with an FTC CID and defense attorney to assess whether a disclosure is necessary.  If customers have been provided with a reason to expect a benefit from providing their thoughts about a product, a disclosure is probably necessary.

What about affiliate marketers with links to online retailers on their websites that get compensated for clicks or purchases?  According the FTC, the material relationship to the brand  must be clearly and conspicuously so that readers will be able to decide how much weight to give the endorsement.  In some instances – like when the affiliate link is embedded in a product review – a single disclosure may be adequate.

When the review has a clear and conspicuous disclosure of a material relationship and the reader can see both the review containing that disclosure and the link at the same time, readers may have the information they need.  However, if the product review containing the disclosure and the link are separated, readers may not make the connection.

Never put disclosures in obscure places, behind a poorly labeled hyperlink or in a “terms of service” agreement.  That is not enough.  Neither is placing a disclosure below the review or below the link to the online retailer so readers would have to keep scrolling after they finish reading.

Consumers should be able to notice disclosures easily.

U.S. regulators are not the only ones policing influencer disclosures.  In fact, the Competition and Markets Authority, the British government agency that regulates advertising, recently sent numerous warning letters to British celebrities and other social media influencers.  The CMA has also recently released its guidelines for influencers.

The FTC has already demonstrated that it monitors accounts of popular influencers.  It has also demonstrated that it can and will initiate investigations and enforcement actions.  Brands are well-advised to review promotional practices, implement written policies and monitoring protocols.

© 2019 Hinch Newman LLP

For more on influencers, endorsement & advertising, see the National Law Review Communications, Media & Internet law page.

How Harmful do Gender Stereotypes Need to be?

Ads Banned in UK Following New Rule

As we reported earlier this year, a new rule dealing with the depiction of harmful gender stereotypes, was introduced into the BCAP and CAP Codes as of June 2019.

The first decisions under the new rules have been released and we have seen two separate ads by Volkswagen and Philadelphia banned by the Advertising Standards Authority (ASA) under the new rule.

Volkswagen’s advert for its eGolf electric car, with the slogan “when we learn to adapt, we can achieve anything” features a man and a woman camping on a sheer cliff face, two male astronauts floating in space, a male athlete with a prosthetic limb, and a woman sitting next to a pram.

Separately, the Philadephia ad by Mondalez depicts fathers being distracted by the cheese spread long enough for their babies to end up on a conveyor belt of Philadelphia, resulting in an embarrassed dad saying “let’s not tell mum”.

Both ads received a number of complaints from the public on the basis that they were contrary to the new rule, which aims to ban harmful gender stereotypes in ads which can

“contribute to inequality in society” and “can, over time, play a part in limiting people’s potential.”

Whilst Volkswagen argued that caring for a new born child was a life-changing experience about adaption, regardless of the gender of the parent depicted, and that a female was also engaged in the adventurous activity of camping on the mountain, the ASA ruled that “unlike her male counterpart, the female rock climber was passive, because she was asleep” and that the woman with the pram was depicted in a stereotypical care-giving role.

Mondalez told ASA that it was in a “no-win situation” having deliberately chosen two dads to avoid depicting the stereotypical image of women handling the childcare responsibilities. However the ASA banned the ad on the basis that it reinforced the stereotype that males are ineffective in care-giving roles.

Critics have said that the watchdog has gone too far and in a statement posted on the website for ISBA, the body representing the UK’s leading advertisers, Phil Smith (director-general and a member of a working group that helped develop the new rules) said the bans are “concerning, both in terms of the precedent they set and the likely impact they will have on advertisers.”

Smith further commented

“In our view, the two decisions go beyond the intent of the new rule and guidance and will likely create confusion for advertisers and the broader co-regulatory system as they seek to address the harmful gender stereotypes and outdated portrayals this rule was designed to tackle.”

The effectiveness of the new rule will be reviewed by CAP in June 2020, to determine whether it is suitable in helping the ASA meet the rule’s objective. It will be interesting to see how the ASA applies the rule in future decisions.

© Copyright 2019 Squire Patton Boggs (US) LLP

ARTICLE BY Carlton Daniel and Katie Rodgers of Squire Patton Boggs (US) LLP.
For more on advertising regulation, see the National Law Review Communications, Media & Internet law page.

An Introduction to Digital Marketing Analytics for Law Firms

Analytics is the science behind the art of digital marketing and is an invaluable part of any law firm’s marketing strategy.  Digital analytics can provide a wealth of information that not only tells you how effective your digital channels are, but if analyzed properly, can provide fact-based information that can help identify prospect behavior and needs.  Legal marketers must be familiar with the proper web analytics tools to be able to capture and interpret the performance of their website but must also be able to go beyond their website to properly assess the performance and return of their digital marketing efforts. In this article we discuss  how law firms can merge web analytics and digital marketing analytics to improve the overall performance of their online marketing efforts.

Why Marketing Analytics Matter

To benefit from your marketing analytics, you must understand why they are important.  Analytics enables you to measure, analyze, and manage the performance of your digital marketing strategy in real time.  Legal marketers can leverage analytics to pinpoint problems and uncover areas of opportunity and potential growth. Knowing which digital marketing analytics are important to your bottom line will help you stay focused on the metrics that matter.

Why You Need to Measure Your Efforts

Your analytics should always include a measurement of your efforts. This is for one simple reason, sustainability. Essentially, you want to ensure that your marketing efforts are contributing to the growth of your firm and producing a positive return on investment (ROI).  By learning to create custom reports and glean actionable insights that actually matter to your firm, you can begin to make data-driven decisions and strengthen your marketing strategy.  At any point during your campaign, you can apply the data to tweak or remove tactics that are not producing the desired return.  By effectively leveraging data intelligence, you will build a more insightful and effective marketing plan.  The good news is that the process of tracking digital marketing has become very straightforward.  Your chosen marketing tool probably has analytics built-in, helping you measure your efforts.

Web Analytics Can Measure Those Efforts

Supplementing the built-in analytics with your marketing analytics is simple. Numerous websites offer web analytics tools, with Google Analytics being among the most famous and most popular. The most attractive reason to use Google Analytics is that it’s free!  Google Analytics will show you the number of views and visits to your website, where those visitors come from and what pages they are looking at. This information enables you to easily see how your website is performing in real-time. Google Analytics will even allow you to organize and track website data across all devices – smart phones, tablets, computers and even smart TVs.  To learn how to create a custom Google Analytics report, checkout this blog post.

Using KPIs

Evaluation of your efforts will come down to KPIs or Key Performance Indicators. You choose these criteria as measurements to demonstrate how effective your marketing strategies are at achieving your key business objectives. As such, they let you see if you are meeting your business goals, whether they are brand awareness or lead generation. Your marketing plan should include the KPIs that most closely meet your specific business objectives. Consider the following KPIs, as they are the most important for optimizing your campaigns:

  • Qualifies leads: This KPI lets you confirm that your campaign is generating qualified leads for your law firm
  • Cost Per Conversion: This metric allows you to evaluate how much you pay for each conversion to help you confirm that your marketing expenses are worth the expenditure.
  • Online Marketing Return on Investment: It should go without saying that your return on investment will let you know whether your efforts are worth it.
  • Form Conversion Rates: Form conversion rates help you determine how well your content marketing drives people to your law firm’s website and encourages them to take action. You can even use the combination of data from the forms and the form conversion rates to develop strategies that boost conversions.
  • Reach and share of voice on Social Media: Don’t forget to consider the conversions that you get from social media as one of your KPIs. This lets you determine which social media network is the best for you so that you can concentrate your efforts for the best ROI.

Takeaway

As a legal marketer, you must understand the impact of your marketing efforts through the effective use of digital marketing analytics and web analytics.  Applying data intelligence is invaluable to the process of improving and optimizing your marketing strategy.

© Copyright 2019 Good2BSocial

ARTICLE BY Talia Schwartz of Good2bSocial.
For more on marketing for law firms, see the Law Office Management page on the National Law Review.

How Are You Investing in Business-Building Relationships?

Discipline is the bridge between goals and accomplishment – Jim Rohn, international business management expert

Some things appear to be so simple that we assume (dangerously) that everyone “gets it.” Bear with me a moment.

For lawyers, it is imperative to consistently and persistently cultivate and nurture their relationships within their network; with clients, to receive more work and strengthen the loyalty bond; with referral sources, to receive more referrals; with prospects, to develop new work; and so on.

Why, then, is it that a significant number of lawyers either have no system — formal or otherwise — for getting and staying in touch with these people or do a dismal job of staying connected?

‘Getting and Staying in Touch’?

Again, a seemingly obvious question, but in my legal marketing practice of more than 25 years, I have worked with very few lawyers who realistically understand, as a practical matter, the fundamental principle of this phrase.

It is a widely known statistic that it takes 7-10 “touches” to achieve “top-of-mind awareness” status. Lawyers are implored to develop – often with the support of their legal assistant/marketing or IT team, a consolidated contact list including clients; industry and professional contacts; referral sources; prospects; friends and family; school classmates — law school, college, high school, etc.; co-workers and former co-workers; contacts from former clerkships; association contacts; community contacts; holiday card recipients; and so on.

Though it may be an arduous task to assemble all the business cards, old Rolodexes (yes, I’m showing my age), database printouts, etc., it is important to have all your contacts in one system. Can we say “CRM” (contact relationship management) system?

As I often relay to my clients, no list equals no connections, no communications with friends, peers, industry contacts and prospects, and, ultimately, no clients. Remember, we’re in the “relationship-building” business, and it becomes much more daunting to foster relationships if we don’t proactively get and stay in touch.

What does this mean to me?

For purposes of communicating regularly with your various constituents (clients, referral sources, prospects, etc.), no one communication message will be of interest to everyone on your contact list. That is to say, if you develop an e-newsletter or legal update on the importance of developing social media policies for the workplace and send it to your human resource clients, that topic may be of little interest to your charitable organization contacts unless they are involved in employment law issues. There is great efficiency and merit to tailor your message to an intended audience and there is no better way than to develop “categories” of contacts.

When it comes to knowing how, when and how often to reach out, paramount on most attorneys’ minds is that they do not want to be perceived as “too pushy” “aggressive” or otherwise annoying. Understandable. One principle I often convey to my clients is that most people are so involved in their own world, business, family, etc.; you are not capturing 100 percent of their attention most of the time. In other words, to adequately “register” on your targets’ radar, there must be regular, consistent and persistent “touch points”, be they via e-mail, phone call, face-to-face contact and social media outlets. You get the point.

Check Motivations

To build and grow a healthy practice, it is imperative to develop a system of getting and staying in touch but doing so with the appropriate mindset. In short, “It’s not about you.”

Lawyers often query, “What is it that I’m saying to all these people?” Lawyers sometimes say, “I don’t want to bother these folks”? Understandable.

My response is usually a variation on the theme of reaching out with a service mindset and with authentic intentions of checking in on your contacts’ business, seeing how they are making out with a recent transition or starting a new position, or a company move, etc. The universal sowing of seeds of goodwill will ultimately reap only good things. Or, relating another way, employing Newton’s Laws of Motion, “For every action, there is an equal and opposite reaction.” The more “goodwill” you put out, the more it will come back to you … usually multifold.

Time Considerations

Lawyers are very busy. Where do they “find” the time to get and stay in touch with everyone and have the oft-needed downtime?

Just today, I explained to a junior partner client that, if addressed productively, his contacts will soon become his friends. Consider this: we all have certain people with whom we enjoy sharing time. What if those special individuals could be the same ones in your categorized contact lists? How cool would that be? Kill two birds with, well, you know.

Many successful senior attorneys have worked most of their professional careers to create this very scenario though it didn’t happen overnight. It took years, in some cases, one contact at a time. This brings me to my next point.

Leverage Technology

In our digital age, it has never been easier to “get and stay connected” via a host of technological tools (e.g., LinkedIn, Facebook, Twitter, Instagram, blogging). Not a technophile? No sweat; there are “people” who make a career of helping clients “connect”. One such job title is “certified social media specialist”.

Net-Net

In the fiercely competitive legal services arena, cultivating strong relationships is more important than ever before. As a successful lawyer and business owner, you must find a way to get and stay in touch with your desired audiences, targeted constituents and those folks who ultimately can help you grow a healthy practice. It is most easily done by:

• Commit to making it happen.

• Seek buy-in from your support resources (internal and/or external) so everyone is on the same page.

• Develop a viable and workable system for gathering, categorizing and maintaining contacts on an ongoing basis.

• Schedule dates/calendar regular communication with your contacts in addition to the other regular “touches”.

  • For example, on Mondays, review last week’s business development actions. Schedule in two blocks of 15-minute increments to follow up with each contact, offering something of value to them…a copy of a new relevant report, a link to an interesting article, a professional announcement of a common acquaintance.
  • On Tuesdays, place three phone calls to inactive clients to check in on their status/business. Ask if there is anything with which you can help them.
  • On Wednesdays, invite three referral sources to schedule a coffee in the next month. Mark your calendar and make it happen.
  • On Thursdays, research upcoming targeted networking events in an industry you serve, a Bar association event and/or other relevant organization.
  • On Friday, consider what concrete steps you’ve taken during the week and consider next steps to nurture the relationships you’ve cultivated. Take the afternoon off to recover from a busy week.
  • Repeat.

 

© 2019 KLA Marketing Associates.

For more on legal marketing, see the National Law Review Law Office Management page.

Corporate Closedown Does Not Shield Boss From Potential TCPA Culpability

So, your corporation is sued under the Telephone Consumer Protection Act (TCPA). One defense strategy if you are the founder and sole owner: cease operations, terminate your employees, close your offices, formally dissolve the corporation and live in British Columbia. No potential individual exposure for TCPA violations in Alabama – right?

Not so fast, said the United States District Court for the Northern District of Alabama in Eric K. Williams v. John G. Schanck. 2019 U.S. Dist. LEXIS 151778, Case No.:5-15-cv-01434-MHH, decided September 6, 2019. Mr. Williams originally sued Stellar Recovery, Inc., a company founded and solely owned by Schanck, for collection calls made to the plaintiff’s cellphone in Alabama. Mr. Schanck then told the Court in a telephone conference call that “Stellar Recovery had dissolved and did not intend to participate in this lawsuit.” Mr. Williams moved to amend his complaint to add Mr. Schanck individually and Judge Madeline Hughes Haikala granted his motion.

But, wait a minute, countered Mr. Schanck. Service of the amended complaint on me in Vancouver, British Columbia does not afford the Court personal jurisdiction. Furthermore, Mr. Williams is too late because he added me as a defendant after the four-year TCPA statute of limitations had passed. So, Mr. Schanck moved to dismiss under Federal Rules of Civil Procedure (FRCP) 12(b)(2) and 12(b)(6), respectively.

The Court was unconvinced on both counts.

First, on the jurisdictional issue, the Court examined whether Mr. Schanck’s alleged contacts with the State of Alabama were sufficient to satisfy specific jurisdiction (i.e., “contacts within the forum state give rise to the action before the court”). Mr. Williams asserted that Mr. Schanck “guide[d], over[saw], and ratifie[d] all operations of…Stellar” and knew of the “‘violations of the TCPA alleged’ in the complaint and ‘agreed to and ratified such actions of his company.’” Indeed, throughout the complaint, Mr. Williams contended that “Stellar acted on behalf of Defendant Schanck.”

Mr. Schanck did “not challenge the factual allegations concerning his ownership interest in Stellar or his managerial control over the company.” Rather, he contended that the “corporate shield doctrine” precluded the Court from exercising jurisdiction over him. However, Judge Haikala noted that the “express language of the TCPA allows actions against corporate officers who authorize TCPA violations” and Mr. Williams “has alleged just that – that Mr. Schanck directed and authorized the alleged TCPA violations that purportedly occurred in this District.” Motion to dismiss for lack of personal jurisdiction under FRCP 12(b)(2) denied.

Second, the Court also dispensed with the statute of limitations issue. The Court concluded that the claim against Mr. Schanck as an individual arose out of the “conduct, transaction or occurrence set forth or attempted to be set forth in the original pleading.” Under such circumstances, the claims in the amended complaint could relate back to Mr. Williams original complaint.

But, Mr. Schanck argued, Mr. Williams knew about him and his status in Stellar yet chose only to sue the latter. Therefore, there could have been no mistake on his part about the “identity” of the proper party (i.e., Mr. Schanck) to sue and the FRCP 15(c) requirements regarding the timing of serving Mr. Schanck as a new defendant were not met.

Correcting Mr. Schanck’s application of that requirement, the Court noted that the issue was not about Mr. Williams knowledge, but “whether Mr. Schanck himself knew or should have known that he would be named as a defendant ‘but for an error’” by Mr. Williams. And at this stage, “if Mr. Williams contentions about Mr. Schanck’s involvement with Stellar prove correct,” then Mr. Schanck “reasonably should have known that he would be named as a defendant but for an error.” Motion to dismiss for failure to state a claim under FRCP 12(b)(6) denied.

So some TCPAWorld lessons learned about the solidity of the “corporate” shield when one person allegedly runs the company show.

© Copyright 2019 Squire Patton Boggs (US) LLP