Month: September 2017

Caroline Song Joins Editorial Board of LA Lawyer Magazine


(562) 386-1654

Caroline Song Joins Editorial Board of LA Lawyer Magazine

LOS ANGELES – Caroline Song, General Counsel/Partner at Expert Depos, has been appointed to the editorial board of Los Angeles Lawyer magazine, a publication of the Los Angeles County Bar Association (LACBA).

“I am honored to be able to contribute to the association and support the development of resources for LACBA members through this volunteer position,” said Song. “Los Angeles Lawyer consistently meets the professional needs of our local legal community.”

Ms. Song, who has co-launched Expert Depos, will be the legal tech voice for the Board and will assist with direction and review of content for the professional journal.

Founded in 2014, Expert Depos is a pioneering online directory and web service that sources court reporter contact information in order to seamlessly direct attorneys and their associates within the legal industry to certified deposition transcripts.

According to Song, “The legal industry has yet to see a massive technological innovation, and court reporters sit at a crucial position to make this happen by selling their copy transcripts to attorneys, investigators, and insurance administrators. Many attorneys don’t even realize court reporters are the people from whom they can purchase copy transcripts.”

Los Angeles Lawyer provides substantive law articles for more than 20,000 attorneys, judges and other members of the legal profession who are members of the LACBA.

Song’s term is for the LACBA’s 2017-18 year.

Pictured: Caroline Song Lloyd
# # #

Tech’s Privacy Legal Landslide, and How to Avoid it

Typically, tech evolves at speeds far greater than the law ever could. And for this reason, it’s easy for businesses to adopt new tech and use it how they want with a feeling of impunity.

But, businesses are still responsible for protecting the sensitive information they collect from their customers. So, as helpful as developments in technology can be, they have created a privacy protection minefield for businesses to tiptoe around.

This month, a particularly worrying class action complaint was filed against Disne for allegedly violating the Children’s Online Privacy Protection Act (COPPA. While some parents claim that Disney violated the act by tracking personally identifiable information on children under 13 through their Princess Pets app, a Disney spokesperson maintains that the issue is in a fundamental misinterpretation of the act on the part of the complainants.

Either way, it proves that not even the giants among us are safe from potential legal landslides surrounding tech and privacy.

So, we’ve created this mini case study on a recent scandal with Yahoo, and topped it off with the three best tips we could find (with more examples) to help you keep your clients (and yourself) out of hot water.

Let’s get started:

In September of last year, it was revealed that Yahoo was subject to a major hack in 2014, with personal information scraped from 500m accounts. Yahoo acknowledges they learned about the attack in 2014, but claim that the information did not reach senior management for a proper follow-up.

This attack is particularly significant since Yahoo accounts are attached to other accounts, including banks.

As Alex Holden, the founder of Hold Security, suggested to the New York Times, “The stolen Yahoo data is critical because it not only leads to a single system but to users’ connections to their banks, social media profiles, other financial services and users’ friends and family.”

Although the attack is alarming, the real issue for Yahoo occurred in the aftermath. The public perceived Yahoo’s actions as an attempt to conceal information and regard their statements since the attack was revealed as an attempt to avoid accountability.

In the end, with CEO Marissa Mayer denying any knowledge of the incident, Yahoo lawyer Ron Bell has become the scapegoat for the entire incident.

The Securities and Exchange Commission (SEC) is investigating Yahoo to determine whether the company broke any laws by failing to disclose the breach to investors holding shares in the midst of the disaster. But, they have concluded that they were under no legal obligation to let their customers know.

To say the least, it has been both a legal and PR nightmare.

Hacks are almost inevitable, but to avoid a similar scandal and legal investigation:


Yahoo could have avoided a legal investigation by coming clean about the hack, at least to their investors. And they could have avoided further scandal by disclosing the attack to their customers regardless of whether it was determined to be legally necessary.

They also should have let other institutions that may have been affected by the hack, especially since financial accounts may have been compromised.


Although it did not become an issue for Yahoo, other companies have been investigated and fined when they misinform their customers.

Ashley Madison and Turn Inc. have both been investigated by Federal Trade Commission (FTC) for deceiving their customers about the use of their data. These companies allegedly charged customers to remove personal data from their servers, while retaining some or all of the information collected.

It’s important to be honest about the scope of your technology, what information you collect, and who you share it with. These policies need to be clear and available to anyone who works with you. Otherwise, you’re open to hefty fines or legal action.

Know your encryption

Several businesses including Henry Schein Practice Solutions and Ashley Madison have been investigated by the FTC for exaggerating the effectiveness of their data encryption, with Henry Schein Practice Solutions paying $250,000 in settlements.

It isn’t enough to have encryption, steps need to be taken to ensure it is both adequate and properly characterized to those using it.

To get a better idea of how to protect yourself, see the latest changes to the FTC privacy policies here.