Internet Lawyer Blog

Cyberattacks can hit businesses of any size, causing catastrophic damage to a business's finances and to the integrity of its information security. Hundreds of breaches occurred at large corporations during 2011, affecting over thirty million sensitive or confidential records. Hackers went after Sony, NASDAQ, and other giant businesses, but small companies are also vulnerable to attack. According to a report in the Business Journals, as many as eighty-five percent of small business owners do not see cyberattacks, which may include hackers or malicious software, as a serious threat. Heightened security at these big companies, though, could lead hackers and other cyber criminals to focus their attacks on smaller businesses who may not be so prepared.

Guarding against cybercrime is simply good business for small companies. A hacker targeting a small business can cripple the business or even force it to shut down with a very simple series of hacks or viruses. If a cyber criminal targets a small business' banking system, it could empty its cash reserves and leave it unable to operate. A hacker who compromises a business' confidential client data could expose the business to enough liability to put it out of business.

The "Common Sense Guide to Cyber Security," published by a coalition of government agencies and organizations, including the Federal Emergency Management Agency and the U.S. Chamber of Commerce, offers a set of security practices small businesses can use to protect themselves from cyberattack. After an initial set-up period, most practices involve simple daily maintenance and monitoring.

Risk Management Planning. Businesses should carefully assess the risks and weaknesses in their computing systems to see where protection is most needed. They should prepare contingency plans in case a breach or loss occurs, including how to continue business operations with alternate computing systems or at an alternate location.

Access Control and Accountability. A business's network security plan should include access controls that limit who may access critical systems and information. A single department or officer should have responsibility for information security and for approving new hardware and software, thus ensuring accountability for decisions and errors. At the same time, a business should educate all employees and officers as a means of creating a "culture of security." All employees should sign an agreement committing to the company's cybersecurity policies.

Firewalls and Other Security Measures. Firewalls can protect businesses from many common attacks, particularly from viruses and malware. Companies should also encourage use of complex passwords that combine upper- and lowercase letters, numbers, and other symbols; avoid common words and phrases; and change at least every three months.

Continue reading "Protecting Your Company's Data from Cybercrime" »

Computers and computing activities play an increasingly integral role in daily life in America, affecting our financial activity, social interactions, and more. With an increased level of dependence on networked devices comes the risk of theft, or even attacks, on and through our computer networks. While the business community has already recognized the importance of cybersecurity, the government and legal system are finally responding in five key areas.

National security. The federal government has made cybersecurity a central feature of its national security strategy. Recognizing the risk of an attack on the nation's computer networks by a foreign power or sub-national group, the Department of Defense created a comprehensive strategy for cybersecurity (PDF file) in 2011. The strategy treats "cyberspace" as its own "operational domain," requiring specialized training and organization. The government has also taken steps to combat online theft, which can include not only monetary theft but theft of intellectual property and identity theft. The latter has become more and more sophisticated as thieves find ways to exploit personally identifiable information (PII) stored online.

Federal legislation. The Obama administration proposed legislation outlining ten points for cybersecurity protection. These generally included protection of the American people, the nation's infrastructure, and the federal government's networks and computer systems. Several bills pending in Congress address aspects of cybersecurity. The controversial Cyber Intelligence Sharing and Protection Act (CISPA), for example, allows sharing of data between companies and the National Security Agency in order to investigate and combat cybersecurity threats.

State legislation. Protection of government data, PII, and personal privacy have informed numerous state statutes enacted in the past ten years. California passed a law requiring notification of cybersecurity breaches in 2003, and forty-six other states and the District of Columbia followed suit. Laws requiring "reasonable" levels of security for protected information exist in at least ten states, and numerous states are enacting statutes protecting people from wiretapping and other monitoring of electronic activity.

Regulatory initiatives. Multiple regulatory agencies have addressed cybersecurity concerns through additional regulations, guidelines, and enforcement actions. The U.S. Security and Exchange Commission (SEC), for example, recently issued a new set of guidelines for publicly-traded companies. The guidelines address disclosure of cybersecurity breaches as a means of making information available to investors. The FBI, meanwhile, established a joint task force to investigate cyber threats.

Continue reading "Legal Developments and Trends in Cybersecurity for 2012" »

When hackers breached the e-commerce firm Zappos in January, they may have compromised the personal information of as many as 24 million users. Legislatures in several states, including California, have responded to attacks such as this one by passing laws enhancing cybersecurity investigation and enforcement, and increasing requirements for disclosure of cyberattacks. The U.S. Securities and Exchange Commission (SEC) has also issued new guidelines for businesses and individuals under attack. The key issue to consider, in light of these new laws and regulations, is how much disclosure is not enough, and how much is too much.

The SEC is recommending disclosure of cyberattacks to an unprecedented degree. A new set of guidelines issued in October 2011 advises publicly-traded companies to disclose details of cybersecurity breaches as part of the quarterly 10-K report. Companies should disclose any and all cyberattacks, regardless of whether they caused a loss. The SEC even encourages companies to disclose "cyberrisks," even in the absence of a breach. This potentially benefits investors, the SEC says, by providing comprehensive information about both actual and potential losses due to hacking and other cyberattacks. At the same time, extensive disclosure could put companies at greater risk by exposing weaknesses to hackers. Companies must carefully consider how much, or how little, to disclose. Too much disclosure could make them vulnerable to attack. Too little disclosure could make them vulnerable to lawsuits by investors.

State laws regarding cybersecurity disclosures are typically not as stringent as the SEC's guidelines. California passed the first such law a decade ago. That law applies to any person or business that owns or licenses computer data containing a California resident's "personal information," such as social security number, home address, driver's license number, and so forth. In the event of a breach that would reasonably lead to an unauthorized person obtaining the personal information, an owner or licensor of personal data must notify the person whose personal information may have been breached.

Forty-six states have followed California's lead and passed similar laws. California has actually fallen behind some states that have passed laws with stricter disclosure requirements. A new law that took effect on January 1, 2012, requires an individual or business to notify the state attorney general of a cybersecurity breach if the breach affects more than five hundred California residents. The notice must include specific details of the type and size of the breach, and a toll-free number to allow users to contact credit agencies.

Continue reading "New Laws and Guidelines on Cybersecurity Disclosures Both Protect and Endanger Personal Information" »

In California, homeowners who are faced with possible foreclosure have several options. Sometimes, where a property has lost significant value and a homeowner is unable or has no incentive to continue making mortgage payments, a bank will accept a short sale. This means the bank agrees to accept less than the borrower owes for the property in order to keep from having to foreclose on it. A distressed homeowner may also be able to negotiate a loan modification or loan refinance with the mortgage lender. A loan modification is exactly what it sounds like. The terms of the mortgage are modified based on an agreement between the mortgage lender and the borrower. Refinancing means an entirely new loan will be created with different terms. Sometimes, entering into bankruptcy may be the best option available to a borrower.

Deed in Lieu of Foreclosure

If a homeowner expects to default on a home loan, the homeowner might be able to avoid the fees and costs of foreclosure by surrendering the property title directly to the bank instead of allowing a foreclosure to take place. When a property is surrendered in lieu of foreclosure, a mortgagee simply turns over his or her title in the property to the lender. Although not all lenders will accept a surrender of title in lieu of foreclosure, the subject may be negotiable. While a surrender of title in lieu of foreclosure will not preserve a homeowner's credit rating, it may demonstrate to future creditors a willingness to tackle problems as they arise.

It is not a good idea for anyone simply to ignore unpaid debts, as costs and problems will generally mount. If a homeowner defaults on a mortgage without pursuing other options, or simply walks away from a loan, a lender has the option to engage in foreclosure proceedings against the property. This means the lender can take a homeowner's title in the property and sell it through a private sale or judicial proceeding. Before choosing foreclosure, however, a borrower should consider whether he or she will wish to qualify for another mortgage loan in the future. Normally, allowing a home loan to go into foreclosure will severely limit a borrower's ability to obtain a subsequent mortgage.

Government Legislation and Programs

Depending upon when a mortgage was written, federal housing legislation may affect a homeowner's ability to refinance or modify a distressed loan. Government sponsored loan modifications may also be available to mortgage borrowers facing tough times. If you are a distressed homeowner facing possible foreclosure and think you may be a candidate for a loan modification, short sale, refinance, or surrender of title in lieu of foreclosure, it is a good idea to contact an experienced real estate attorney for assistance.

Continue reading "Homeowners Facing Foreclosure in California Have Options" »

Chapter 11 Bankruptcy

Bankruptcy protection allows certain individuals and businesses to repay their debts by either selling their assets or restructuring the company. Bankruptcy proceedings have flourished as the failing economy and lackluster job performance force applicants to seek relief under federal bankruptcy law. Over 1.3 million Americans filed for bankruptcy in 2009. Most were "consumer" cases, marking a 91% increase in chapter 11 filings that year. California still leads the nation in the total number of bankruptcies filed. Chapter 11petitions have also continued to increase despite the national drop in bankruptcy cases filed last year.

Chapter 11 is derived from title 11 of the United States Code (the "Bankruptcy Code"). Chapter 11 protection is used primarily by commercial enterprises that want to keep the business running while they repay creditors through a court-approved plan. Chapter 11 allows businesses to remain in operation while they restructure the organization and use the resulting profits to pay back creditors. Under an approved reorganization plan, businesses can reduce their debts by repaying a portion of their obligations and discharging others. Chapter 11 is unique in that it allows the debtor to be the trustee of the estate (also referred to as the "debtor in possession") and to keep possession of the company's assets while the case is in court.

Depending on the needs of the business, Chapter 11 offers debtors various protections, including but not limited to, the following:

• Maintenance of an intact business
• Opportunity to rescale operations
• Power to object to creditors' claims
• Extended deadline to repay creditors
• Greater flexibility than other chapters
• Recovery of assets and return to profitability
• Discretion to terminate onerous contracts and leases
• Time to sell real estate with equity and handle delinquent taxes

Chapter 11 gives businesses a chance to restructure their finances so they can continue to run. This keeps people employed and produces a profit for stockholders while ensuring that creditors get paid. The rationale behind this protection is that a functioning business is more valuable than one whose assets are sold. Companies under Chapter 11 protection get a financial "reprieve" to reduce debts, extend the repayment deadline, or lower operating costs, until they can "return" to a more viable state. While the case is in court, the debtor remains in possession of the estate and keeps control of the assets while the court approves a reorganization plan. Chapter 11 allows the "debtor in possession" to keep the business going while acting as trustee of the estate.

Under Section 1107 of the Bankruptcy Code, the debtor assumes the same fiduciary duties as a Chapter 11 trustee. These duties include providing an accounting of property and filing monthly operating reports as required by the bankruptcy court. Under this section, trustees have the power to discharge a portion of their obligations and object to creditors' claims. They also have the discretion to employ attorneys, accountants, and other professionals to assist the debtor in bankruptcy proceedings. Chapter 11 debtors generally enjoy more freedom as they undergo a period of consolidation before emerging with a reduced debt load and a reorganized business.
If you are a business owner seeking bankruptcy protection, the experienced California Chapter 11 bankruptcy attorneys at the Law Offices of Salar Atrizadeh can help. Our skilled attorneys and highly trained staff are dedicated to providing the highest quality legal representation to individuals and businesses throughout California. We have successfully handled all types of bankruptcy cases, helping clients get back on their feet. Regardless of the extent of your personal or business liability, we can help you restructure your finances and get a fresh start.

For a confidential consultation, call us at (310) 694-3034 or contact us online.