What General Counsel Need to Do When CEO's Phone Is Hacked
With calls of an investigation into allegations that the Crown Prince of Saudi Arabia "deployed digital spyware" on Amazon CEO Jeff Bezos' phone, general counsel have an important role to protect the CEO and the company when a connected device is hacked.
January 22, 2020 at 03:39 PM
3 minute read
Jeff Bezos arrives at the Statue Of Liberty Museum Opening Celebration at Battery Park. Photo: lev radin/Shutterstock.com
High-ranking executives often use their personal phones for work and keep sensitive information on them. But when an executive's personal phone or device is hacked, the company's general counsel needs to jump in to reduce the data risk.
On Wednesday, the United Nations Human Rights Office of the High Commissioner called for an investigation into allegations that the Crown Prince of Saudi Arabia, Mohammed bin Salman, "deployed digital spyware," which enabled surveillance on Amazon.com Inc. CEO Jeff Bezos and leaked data from his phone. The report states Bezos' phone was hacked through a corrupted video sent by bin Salman in 2018.
According to media reports, Saudi Arabia's foreign minister Prince Faisal bin Farhan Al Saud called the claims "absurd." A spokesperson for Amazon did not return an email seeking comment. Amazon's general counsel, David Zapolsky, could not be reached for comment on Wednesday.
"This is not an atypical scenario," Philip Yannella, a partner at Ballard Spahr in Philadelphia, said.
Yannella said he would first expect the general counsel and CEO to have a conversation about what kind of information is on the device that was hacked. The general counsel should be made aware of any trade secrets and business strategies that were on the phone to begin the process of trying to protect the CEO and the company.
"It's quite possible that there may be information that wouldn't trigger any breach reporting requirements, but there may be sensitive business information," Yannella said.
Edward McAndrew, a partner at DLA Piper in Washington, D.C., said Wednesday there is a "blurring of the lines" when it comes to what is a personal device and work device.
"These things aren't phones; they're basically computers," McAndrew said. "We approach that like we would approach any other kind of hack, and we conduct a cyber-incident investigation."
McAndrew said that investigation should be led by the general counsel in case the hack leads to a data breach in which regulators are called on to investigate or a lawsuit as a result of any breach.
"It needs to be conducted under legal privilege," McAndrew said. "Otherwise the results of the investigation are not going to be protected."
McAndrew said often those affected will want to destroy the device so it can stop tracking the target. However, he said general counsel should team up with the company's information technology or cybersecurity department to get as much information as it possibly can without the hackers knowing. Not doing so could lead to greater exposure to the company's network.
"The device becomes just another expanding surface attack area," McAndrew said.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View All
FTC Sues PepsiCo for Alleged Price Break to Big-Box Retailer, Incurs Holyoak's Wrath
5 minute read
Wells Fargo and Bank of America Agree to Pay Combined $60 Million to Settle SEC Probe
‘Extremely Disturbing’: AI Firms Face Class Action by ‘Taskers’ Exposed to Traumatic Content
5 minute read
MLB's Texas Rangers Search for a New GC and a Broadcasting Deal
Trending Stories
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
