How California Businesses Must Respond to Data Breaches [e104]

October 13, 2014

The guys kick off the week by discussingthe new requirement for California businesses to provide identity theft solution services after data breaches. They then answer the question, “We developed some IP for clients and could not decide on who owns the IP. As a result, we decided to jointly own it. Should I be worried about the client if they go under or get sued?”

Full Podcast Transcript

NASIR: All right. Welcome to our podcast where we cover business in the news and answer some of your business legal questions that you, the listener, can send in to ask@legallysoundsmartbusiness.com. My name is Nasir Pasha.

MATT: And I’m Matt Staub.

NASIR: Matthew Staub is joining us once again today to our Legally Sound Smart Business podcast. Very fun.

MATT: Happy to be back. 104th straight of episode for me being the guest. So, until you have somebody better, I guess it’ll just be me.

NASIR: I’m just waiting to see if we can get some positive response from our listeners. Still waiting for that to make sure you become a permanent part of the show.

MATT: Over a hundred episodes. It had to have been over a year now at this point too, right? I’m trying to remember.

NASIR: No, it hasn’t been quite a year yet, but I just wish someone would give – I mean, instead of all the negative feedback I get for you, I just wish somebody would just give one positive comment – just one would be good enough, you know?

MATT: All bad?

NASIR: Yeah, it’s been all bad, but I love the feedback. We get a ton of feedback – a ton – but just all negative about you. So, that’s okay.

MATT: Ugh. I’ll work on it, I guess. This will be the episode, I think this is the one I’m going to turn people on, and what’s a better way to do it than talking about data breaches? That’s an exciting topic that everyone wants to hear about.

NASIR: Yeah, agreed.

MATT: This is California, once again, kind of being the, I guess, early adopter- the first ones to really step forward and do this. So, a little bit of background, in 2002, they were the first state I believe to require businesses to notify people affected of data breaches which seems ridiculous now that, prior to 2002, you could just have data breaches as a business and not tell anyone. It seems pretty important but I guess, over ten years ago, things were a lot different but still that’s far enough in time where they should have been telling people beforehand. But, anyways, now California is going to be the first one again to require businesses to provide free identity theft prevention services to people affected by a data breach. It’s credit monitoring in fraud resolution services. I think it span in one year in length. I don’t know if this just the way this is worded or if it only does apply to California residents, but it’s at no cost to California residents. I would think it might expand further than just people from California but I don’t know. It’s a little bit vague on how that works out.

NASIR: Well, what it does mean is, if you are operating even outside California and some of these data breaches affect California residents,, then you may be subject to this law, but I’d like to look into more on how that actually can be implemented because you know there are aspects of states rights vs federal rights whether states can actually regulate interstate activity and especially if you’re not actually necessarily operating in that state but may have customers in that state, it might be a different issue. But, you know, you mentioned California taking the lead on this and that’s one really cool thing about being a licensed lawyer in California because we operate in different states around the country and one thing about California is that they are always on the forefront with many different laws and they do set trends and they do set items that sometimes don’t work and other states don’t follow because basically they look to California to see how it can work out.

MATT: You’re right. It’s kind of a double-edged sword and, you know, other states sometimes look to California to adopt things and, you know, they adopt something that kind of backfires, everyone just kind of pokes fun at them and said, “Oh, it’s stupid,” and, if they do something right, it’s, “Well, you should because you’re the biggest state so you should do things right.” So, it’s kind of how it is, but I founnd something interesting in here. It said 43 percent of businesses have had a breach in the past year which, I mean, those vary obviously from smaller breaches to Home Depot style breaches that just occurred. I only know of that because I just got an email that I’m getting a new credit card because I bought a ton of stuff from Home Depot, so many transactions so I guess my account’s just sending me a new credit card.

NASIR: Yeah, that happened with Target, too. I know my wife got a new credit card.

MATT: I think the Home Depot one was much bigger. Target’s was big; I think Home Depot’s was even bigger but wasn’t during the holiday season so maybe that’s a little bit different.

NASIR: On one hand, I’m not surprised about that percentage of number of data breaches because I think there’s just so much data out there, it’s so easy – one vulnerability. But, at the same time, what I’m more surprised about is the big companies. I mean, Home Depot and Target, it’s just almost unforgettable. They have to have those protections in there. For small businesses, you know, I was thinking about the cost. You know, how much does this fraud protection and credit monitoring actually cost? I know that a lot of these other credit reporting agencies like Experian and also LifeLock and so forth, they sell at different packages. I’m wondering if it’s the same thing, but that can range from $10.00, $20.00 per month. For a year, that’s about a hundred some dollars per customer – that can really add up if you have a major breach and I assume they probably get a break if they buy in volume, and assuming that’s actually how much it costs, maybe it’s less, much less.

MATT: That was one of the last things I had on when what I was thinking about this. The cost of prevention is going to be, I would think, less than the cost to provide this identity theft preventions to everybody. So, you’re going to have to protect your data anyways so you might as well just do it. You know, if you have to spend a little bit more money to do it, especially now, then it’s definitely going be worth it as opposed to, you know, reacting. You’ve got to be proactive and not reactive. It’s going be financially better but I don’t know if there’s any actual numbers in terms of how much it costs for for one per customer.

NASIR: Yeah, and keep in mind, there is definitely insurance for these kinds of data breaches and I’m sure new insurance policies are going to contemplate this specific issue in California and, frankly, as other states follow, I mean, like I said, if California is adopting this, this is obviously the first step in other states following it as well.

MATT: Yeah.

NASIR: And, frankly, from a consumer perspective, it kind of sucks, you know, as a small business, if I have to pay that amount to recover it. I mean, it’s another additional expense that California is imposing on its business tax payers. But, at the same time, as a consumer, it’d be kind of nice not to have to worry about that when I’m shopping and so forth, yu know?

MATT: Yeah, that’s definitely true. Well, we talked about data breaches and then you somehow threw in constitutional law and this story so I think people are definitely excited on this Monday morning, Monday afternoon.
[MUSIC]

MATT: Should we just get into the question of the day?

NASIR: Yeah, let’s do it.

MATT: All right.
“We develop some intellectual property for clients and cannot decide on who owns the IP. As a result, we decided to jointly own it. Should I be worried about the client if they go under or get sued?”
This is interesting.

NASIR: Yeah, it’s funny. Like, “Okay, we can’t decide who owns it, let’s just both own it together.” And I guess that’s the way to do it but it just seems like, why don’t you just parse it out and spend some time figuring it out? I think jointly owning any intellectual property is just a mess to deal with because people think intellectual property, it is intangible property, right? But, at the same time, when you’re talking about rights and obligations attached to it, you have to think about it as if it was a car. You know, imagined jointly owning a car. Yeah, you both have uses for it, but what about if you let other people use it and how that can affect the other person that’s also the owner? Like, for example, you own a car, you go bankrupt, now what happens to the car when you’re jointly owning the car? It could actually affect, let’s say that the ownership interest in that car goes to a creditor? Then, now all of a sudden, you’re jointly owning this intellectual property or this car with some creditor of your ex-partner, so to speak.
MATTT: I jointly owned my car, is that bad? You’re telling me I should take my wife off of the title.

NASIR: Oh, with your wife? Oh, I thought I jointly owned the car with you.

MATT: Oh, yeah.

NASIR: I thought it was partly mine.

MATT: That’s my other car.

NASIR: Yeah, I think we should sell it.

MATT: I mean, it’s really good points. Jointly owned things can be pretty tough just for all the reasons you mentioned. I mean, there’s some other logistical things as well with copyrights and patents. I think for copyrights you’re required to share profits if it’s jointly owned. Patents, there’s joint participation issues. And this person raised the issue of going under, get sued. If that happens, like, if there’s bankruptcy, if the joint owner goes bankrupt, it’s going to be some issues. It’s just going to be such a hassle to deal with. I would say – I guess, let me go back and see what their question even was – should I be worried? Yeah, I mean, I would be worried. I guess I would try to negotiate, moving forward, don’t do this and then, you know, maybe go back and try to negotiate and get some ownership or give up ownership or whatever you have to do. Maybe it’s worth keeping the ownership for the hassle but it definitely could come back and backfire. I think that’s what this person was kind of alluding to.

NASIR: Yeah, absolutely. So, bottom line, what should they do?

MATT: I think, bottom line, just don’t jointly own intellectual property with you, especially if it’s you and your client. If it’s you and other company that are creating it together, I mean, that makes more sense, I guess. But, if you’re creating something for your client, I wouldn’t do it. If anything I mean, I would prefer to just give up the rights to it as oppose to retaining the ownership. Just charge more or something.

NASIR: Yeah, and, by the way, just because you don’t own it doesn’t mean you can’t use the intellectual property and I think that’s what’s the answer here. In lieu of jointly owning a license agreement where it could be indefinite, it could be non-exclusive, et cetera, so that you get the benefits from the actual IP but then the actual ownership, you know, whether it’s resold to somebody else and so forth, because also, like, more reasons why not to do this is that it also gets very complicated if you’re also jointly owning for, say, the copyright. The copyright law is such as that, if there’s two owners and there’s revenue that’s generated from that copyright, then in theory that should go to both of you and that may not be what you originally intend because maybe you make a separate deal here or there dealing with the copyright and now you have to share it with the person or the other company and, again, it’s unintended consequences is what you’re trying to avoid here – or you should be trying to avoid.

MATT: Yeah. I like the licensed idea. It’s a good compromise.

NASIR: I have to mention, because I started thinking about this is kind of going reverse back to our first story but I was thinking about how the data breach notification law thta California passed, what did you say was back in like in 2003 or so?

MATT: Yeah, ‘02.

NASIR: At that time, they were trying to figure out, if you’re not operating in California but then you have customers that are California residents, what kind of notification process do you have to go through? And they did find that, if the statute specifically applied to that company, for example, if it was personal information and it was a California resident, there was actually breach in security, it fit all the criteria of the actual law suit., even if you don’t have a nexus to the state of California – and, if you recall, we used the word nexus last week with our interview with the founder of Tax Jar but – that loss still applied. So, I’m willing to say that it’s going have the same effect. So, if you have any California users or residents or customers, it’s kind of a big burden on you, I would say.

MATT: Well, you did it again. We had data breach constitutional law and tax all in one. Let’s see… I don’t know if we’re ever going to be able to beat that.

NASIR: No, that’s our best popular topics, right?

MATT: Yeah. Are the people, employees are independent contractors, too?

NASIR: Oh, don’t even tempt me.
All right. Well, thanks for joining us in our constitutional law tax episode.

MATT: Yeah, keep it sound and keep it smart.

Legally Sound | Smart Business

By

The Podcast Where Nasir Pasha and Matt Staub cover business in the news with their legal twist and answer business legal questions that you the listener can send it to info@legallysoundsmartbusiness.com.

Get Business Legal Updates

Please provide your full name.
Please provide a valid email address.
We respect your privacy, and we will never share your information. Unsubscribe at any time.
Legally Sound Smart Business cover art

Legally Sound Smart Business

A business podcast with a legal twist

Legally Sound Smart Business is a podcast by Pasha Law PC covering different topics in business advice and news with a legal twist with attorneys Nasir Pasha and Matt Staub.
Apple Podcast badge
Google Podcast badge
Spotify Podcast badge

Latest Episodes

October 12, 2021

In our latest episode, Nasir and Matt are covering the legal issues on Social Media. The average person spends most of their day on social media, whether they are scrolling for hours or publishing their own content. However, just because you publish your own content on Instagram does not equate to you owning that image….

September 28, 2021

What is a Non-Disclosure Agreement, and when do I need one? In this episode, Nasir and Matt shares why you need to use Non-Disclosure Agreements, basic facts about NDA’s, and discuss about the infamous Jenner-Woods story. Having the right Non-Disclosure Agreement in place not only protects you and your business, but it also makes the…

July 14, 2021

Through a five-round championship bout, Matt travels to Texas from California to determine which state is better for business. Will it be a knockout with a clear winner or will it go to the scorecards?

June 16, 2021

Covered in this episode of Legally Sound Smart Business are some typical business mistakes blunders small businesses often make and how to avoid them. Blunder #1: Copying and pasting agreements It may sound like a good idea at the time, but this blunder comes with hidden pitfalls. Having an attorney draft terms that are specific…

February 4, 2021

How you terminate an employee can make the difference between a graceful transition to avoidable negative outcomes like a dramatic exit or even a lawsuit. We gathered a panel of experts and asked them – is there a “right way” to fire an employee? We would like to thank our guests for this episode: Amr…

December 2, 2020

The COVID-19 pandemic has turned nearly every aspect of life on its head, and that certainly holds true for the business world. In this episode, Matt and Nasir explain how the early days of the pandemic felt like the Wild West and how the shifting legal playing field left a lot open to interpretation and…

November 16, 2020

After plenty of ups and downs, our buyer has finally closed on the purchase of their business. While we’re marking this down in the ‘wins’ column, it never hurts to review the game tape. In this final episode, our hosts, Matt Staub and Nasir Pasha, return to the deal almost a year later to reflect…

September 15, 2020

The ink is drying on the signature line and things are looking great for our buyer. After so much hard work, the finish line is in sight and the cheering within ear shot.   Though the landlord is still serving friction, things seem safe to move forward and for now, our buyer will be keeping…

July 31, 2020

Though things are coming along well, the journey would not be interesting if it was purely smooth sailing. After our buyer opens escrow, they are forced to push the closing date back when suddenly a letter from an attorney was received claiming the business, we are buying has a trade mark on the name!  Now…

June 12, 2020

With frustration at an all-time high and professionalism at an all-time low, our friend the Buyer has “had it” with the Seller and quite frankly their lack of knowledge. At present our Buyer is rightfully concerned that the latest misstep from our loose-lipped Seller will threaten not only the entire operation of the businesses but…

May 11, 2020

As we go deeper into the buying process, we start to uncover more challenges from our seller and encounter some of the wrenches they are tossing our way. When we last left off in episode three our team was knee deep in due diligence for our buyer, had already penned and signed the Letter of…

April 4, 2020

One word–interloper! When a new mysterious broker enters the transaction and starts to kick up dust, Nasir and Matt take the reins. The seller signed off on the letter of intent (see episode 2), yet this “business broker” serves only friction and challenges by refusing to send financials, whilst demanding more of a firm commitment…

April 4, 2020

Just as most stories and deals start out, everyone is optimistic, idealistic and full of hope for clear skies. It’s a perfect outlook with a perfect setup for the ups and downs yet to come. Peek further behind the curtain and into the first steps of buying a business: the letter of intent. After the…

April 4, 2020

When a savvy buyer hears opportunity knocking to purchase a prime positioned business, she decides not to go it alone and taps in the professionals to help navigate what could potentially be a fruitful acquisition. “Behind the Buy” is a truly rare and exclusive peak into the actual process, dangers, pitfalls and achievements, that can…

August 7, 2019

GrubHub is subject to two “matters of controversy” that have likely become common knowledge to business owners: “fake” orders and unfriendly microsites.

May 28, 2019

In this podcast episode, Matt and Nasir breakdown the legal issues of the subscription industry’s business on the internet. Resources A good 50-state survey for data breach notifications as of July 2018. California Auto-Renewal Law (July 2018) Privacy Policies Law by State Why Users of Ashley Madison May Not Sue for Data Breach [e210] Ultimate…

March 12, 2019

In recording this episode’s topic on the business buying process, Matt’s metaphor, in comparing the process to getting married probably went too far, but they do resemble one another. Listen to the episode for legal advice on buying a business.

December 3, 2018

Nasir and Matt return to discuss the different options available to companies looking to raise funds through general solicitation and crowdfunding. They discuss the rules associated with the various offerings under SEC regulations and state laws, as well as more informal arrangements. The two also discuss the intriguing story about a couple who raised over…

July 24, 2018

Flight Sim Labs, a software add-on creator for flight simulators, stepped into a PR disaster and possibly some substantial legal issues when it allegedly included a Trojan horse of sorts as malware to combat pirating of its $100 Airbus A320 software. The hidden test.exe file triggered anti-virus software for good reason as it was actually…

April 17, 2018

Attorneys Matt Staub and Nasir Pasha examine Mark Zuckerberg’s congressional hearings about the state of Facebook. The two also discuss Cambridge Analytica and the series of events that led to the congressional hearings, the former and current versions of Facebook’s Terms of Service, and how businesses should be handling data privacy. Full Podcast Transcript NASIR:…

March 10, 2018

The Trump presidency has led to a major increase in ICE immigration enforcement. It’s critical for business owners to both comply with and know their rights when it comes to an ICE audit or raid. Nasir, Matt, and Pasha Law attorney Karen McConville discuss how businesses can prepare for potential ICE action and how to…

February 5, 2018

New years always bring new laws. Effective January 1, 2018, California has made general contractors jointly liable for the unpaid wages, fringe benefits, and other benefit payments of a subcontractor. Nasir and Matt discuss who the new law applies to and how this affects all tiers in the general contractor-subcontractor relationship. Click here to learn…

January 2, 2018

With a seemingly endless amount of new mattress options becoming available, it is unsurprising that the market has become increasingly aggressive. As companies invest in more innovative solutions to get in front of customers, review sites, blogs and YouTube videos have moved to the forefront of how customers are deciding on their mattresses and how…

December 7, 2017

In recent months explosive amounts of high profile allegations of sexual harassment, assault, and varying acts of inappropriate behavior have transcended every sector of our professional world. With a deluge from Hollywood and politics, and the private workforce, accusations have inundated our feeds and mass media. This harassment watershed has not only been felt within…

November 16, 2017

If you are not familiar with the EB-5 program started in 1990 to give green cards to certain qualified investors in the United States, then you may not have been alone a few years ago. Currently, the EB-5 program has since exploded since its inception and now hits its quotas consistently each year. The program…

October 10, 2017

Government requests come in multiple forms. They can come in as requests for client information or even in the form of investigating your company or your employees. Requests for Client Information General Rule to Follow Without understanding the nuances of criminal and constitutional law and having to cite Supreme Court cases, any government requests for…

August 24, 2017

Nasir and Matt suit up to talk about everything pertaining to employee dress codes. They discuss the Federal laws that govern many rules for employers, as well as state specific nuances in California and other states. The two also emphasize the difficulty in identifyingreligious expression in dress and appearance, how gender-related dress codes have evolved…

June 28, 2017

Nasir and Matt discuss the life cycle of a negative online review. They talk about how businesses should properly respond, how to determine if the review is defamatory, the options available to seek removal of the review, how to identify anonymous reviewers, whether businesses can require clients to agree not to write negative reviews, and…

June 7, 2017

On this episode of the Ultimate Legal Breakdown, Nasir and Mattbreak down social media marketing withguests Tyler Sickmeyer and Kyle Weberof Fidelitas Development. They first discuss contests and promotionsand talk about where social media promotions can go wrong,when businesses are actually running an illegal lottery, and the importance of a soundterms and conditions. Next, they…

April 3, 2017

On this episode of the Ultimate Legal Breakdown, Nasir and Matt go in depth with the subscription box business. They discuss where subscription box companies have gone wrong(4:30), the importance of a specifically tailored terms and conditions(6:30), how to structure return policies (11:45), product liability concerns (14:45),the offensive and defensive side of intellectual property (19:00),…

February 1, 2017

Nasir and Matt discuss the suit against Apple that resultedfrom a car crashed caused by the use of FaceTime while driving. They also discuss howforeseeable use of apps can increase liability for companies. Full Podcast Transcript NASIR: Hi and welcome to Legally Sound Smart Business! I’m Nasir Pasha. MATT: And I’m Matt Staub. Two attorneys…

January 5, 2017

The guys kick in the new year by first discussing Cinnabon’s portrayal of Carrie Fisher as Princess Leia soon after her death, as well as other gaffes involving Prince and David Bowie. They alsotalk about right of publicity claims companies could be held liable for based on using someone’s name or likeness for commercial gain.

December 22, 2016

Nasir and Matt discuss the recent incidentat a Victoria’s Secret store where the store manager kicked out all black women after one black woman was caught shoplifting. They then each present dueling steps businesses should take when employees are accused of harassment.

December 8, 2016

Nasir and Matt return to talk about the different types of clients that may have outstanding invoices and how businesses can convert unpaid bills to getting paid.

November 10, 2016

After a long break, Nasir and Matt are back to discuss a Milwaukee frozen custard stand that is now revising it’s English only policy for employees. The guys also discuss how similar policies could be grounds for discrimination and what employers can do to revise their policies.

October 6, 2016

The guys discuss the new California law that allows actors to request the removal of their date of birth and birthdays on their IMDB page and why they think the law won’t last. They also discuss how age discrimination claims arise for business owner.

September 29, 2016

Nasir and Matt discuss the racial discrimination claims surroundingAirbnb and how it’s handled the situation. They also discuss some practical tips for businesses experiencing similar issues.

September 8, 2016

Nasir and Matt discuss whyAmazon seller accounts are getting suspended and banned without notice and how business owners can rectify this situation through a Corrective Action Plan.

August 25, 2016

Nasir and Matt talk about the accusations surroundingfashion giant Zararipping off the designs of independent artists like Tuesday Bassen and howsmaller companies can battle the industry giants.

August 18, 2016

Nasir and Matt discuss Brave Software’s ad replacing technology that has caught the eye of almost every national newspaper and has a potential copyright infringement claim looming. They also welcome digital marketing expert Matt Michaelree to speak on the specifics of what Brave is attempting to do and whether it has the answers moving forward.

July 28, 2016

Nasir and Matt discuss the sexual harassment lawsuit filed by Gretchen Carlson against Fox CEO Roger Ailes. They also talk aboutthe importance of sexual harassment training and properly handling such allegations in the office.

July 15, 2016

Nasir and Matt talk about the changes at Starbucks that have led to many disgruntled employees and customers.

June 23, 2016

Nasir and Matt discuss the criminal charges facing FedExinvolving the alleged transportation of illegal drugs. They also talk about how business owners should address working with customers that may be breaking the law.

June 15, 2016

The guys return after a long break to discuss why Yahoo is auctioning off over 3,000 patents and how this decision will affect the longevity of the company.

May 25, 2016

Nasir and Matt discuss the increase in the salary thresholdfor exempt employees and how employerscan try to avoid paying overtime as a result.

May 18, 2016

Nasir and Matt discuss the Baltimore law that makes it very difficult to operate food trucks in the city. They also discuss all the legal restrictions tohaving a food truck.

May 11, 2016

Matt listens to Nasir recap the developing battle in his hometown of Vandalia, Ohio over whether a Dunkin Donuts can move into a location in close proximity to a local favorite donut shop. They then discusswhether the issue is more legal or personal.

May 9, 2016

The guys kick off the week by discussing a Nevada employee who is claiming she was fired for not supporting the Scientology beliefs of her employer.

April 27, 2016

The guys discuss the massive floods in Houston,how employers responded, and why one meteorologist became a local hero. They also discuss the steps businesses should take in preparing for storms outside the workplace.

April 20, 2016

The guys discuss the boycott of Amazon over the products of an unnamed presidential candidate. They also talkabout how a business should handle a boycott and whether it’s possible to exit one unscathed.

We represent businesses.
That’s all we do.

Oh, and we love it.

We love our work. We love reviewing that lease for your new location. We thrive on closing that acquisition that nearly fell through. We’re fulfilled when we structure a business to grow, raise capital, and be legally protected.

We focus on developing close relationships with our clients by being like business partners. A partner who provides essential, personalized, proactive legal support.

We do all of this without utilizing the traditional billable hour model. You pay for the value we bring, not the time spent on calls, emails, and meetings.

Our team is made up of attorneys and staff that share these values and we are retained by clients who want the same.

Pasha Law PC operates in the states of California, Illinois, New York, and Texas.

Meet Our Team

Fractional General Counsel Services

Pasha Law Select offers the expertise of a high-end general counsel legal team for every aspect of your business at a fixed monthly rate. Pasha Law Select is deliberately designed to allow our legal team to be proactive, to anticipate, and to be comprehensive in serving our clients. To be great lawyers, we need to know our clients. We can’t know our clients unless we represent a select number of clients in the long-term. This is Pasha Law Select.

Learn More