Main Menu
  • Posts by John McCauley, CIPP (US)

    John maintains a diverse commercial litigation and trial practice in state and federal courts throughout the United States. He has represented regional and national clients, as well as clients in Europe and Asia. John has ...

Posted in Litigation

Does your company have an incident response plan in place in case of a cyberattack or data breach? Companies that do not understand the gravity of these events should take heed of this statistic: 90 percent of businesses that lose data due to a security incident shut down within two years, according to The Ponemon Institute.

Posted in Litigation

The 11th Circuit recently released its long-awaited opinion in FTC v. LabMD. Anyone monitoring data privacy regulation in America has been waiting for this opinion to help corporations understand their obligations under US privacy regulation. 

Republished in Louisville Business First 8.1.2018 

Before the Berkshire Hathaway annual meeting last month, CEO Warren Buffett told CNBC that bitcoin was "probably rat poison squared." Berkshire’s long time Vice Chairman, Charlie Munger was even more blunt when he stated "[t]o me, it's just dementia. It's like somebody else is trading turds and you decide you can't be left out."  

The Securities and Exchange Commission has released new guidance (“Guidance”) to ensure public companies disclose cybersecurity incidents and risks to their investors. As evidence of its view of the importance of the Guidance, the SEC recently announced a $35 million settlement with Altaba, (formerly Yahoo), which waited two years to disclose a massive data breach in 2014.

Posted in Litigation

The European Union’s (EU) General Data Protection Regulation (GDPR) will go into effect on May 25, 2018. Viewable here [1] in all 24 official languages of the 28 member Union, the GDPR sets out a regulatory framework for the processing of personal data of persons within the EU.

Posted in Litigation

At a recent international economic forum, John Chambers, CEO of Cisco Systems Inc., stated that “[t]here are two types of companies: those who have been hacked and those who don’t yet know they have been hacked.” Over the past two years alone, cyberattacks have increased three-fold according to the Verizon 2014 Data Breach Investigation Report. The headlines are replete with instances of massive identity-theft breaches including Target, Chase, eBay, Home Depot, Barnes & Noble, P.F. Chang’s, and most recently the breach at Anthem affecting up to 80 million people. Typically the breaches are financially motivated, so the targets include retail organizations, restaurants, food-service-type firms and banks.

Imagine this: Your company is a defendant in a lawsuit seeking tens of millions of dollars in penalties – and you don’t even know the case has been filed. The case could have been filed months or years ago regarding conduct that happened well before then, and the government could be conducting an investigation and gathering evidence against your company. It is possible you could remain unaware of the lawsuit until the government decides to unseal the complaint and announce the results of its investigation at a press conference.  Does this sound like something out of a movie?

According to the Federal Judicial Center, district court judges and attorneys report that experts from scientific areas testify in only a small proportion of all cases in which experts testify. The vast majority of experts are testifying in non-scientific areas or "soft science." The Federal Judicial Center has categorized "scientific" disciplines as including chemistry, toxicology, statistics, metallurgy, meteorology, behavioral science, epidemiology, geology, physics, agricultural science, molecular biology/genetics, and computer science. By contrast, it has categorized the "non-scientific" or "technical" disciplines to include, among others, medical/mental health, engineering, accident reconstruction, police procedures, fire/arson, economics, accounting, patents and trademarks, law, appraisal, insurance, and securities. See, Molly Treadway Johnson et al., Expert Testimony in Federal Civil Trials: A Preliminary Analysis (2002).

An hour before sunrise Aug. 27, 2006, Comair Flight 5191 was cleared for takeoff on Runway 22 and taxied into position at Bluegrass Airport in Lexington, Ky., with 47 passengers on board. The crew in the cockpit, however, made a series of mistakes and turned onto the airport's secondary runway, Runway 26. Runway 26 was only half as long as Runway 22, had no edge or centerline lights, and was not suitable for commercial aircraft operations. The pilots failed to cross-check their actual heading with the assigned runway heading before advancing the throttles for takeoff. Flight 5191 ran out of runway, crashed, and exploded in a field just outside the airport, killing all passengers. The question that haunted everybody was how could an experienced crew, with numerous and redundant instruments, compasses, charts, checklists, computerized navigation units, cross-checks, and airport signage/lighting, have missed so many clues and made such a mistake?



Recent Posts




Back to Page