Consumer Privacy and the Danger of Parallel Investigations
The blazing-fast process of parallel investigations immediately exposes the organization to risk it was not expecting, and can spread in unpredictable ways.
March 29, 2019 at 07:00 AM
5 minute read
Following an explosive Wall Street Journal report regarding how app developers accessed deeply private data on a social media platform—such as users' medical and health information—regulators, enforcement agencies, grassroots organizations, and lawmakers pounced. This report and its fallout illustrate the risk that private innovators face from fickle and fast-moving government scrutiny. Companies can take steps to prepare for the unpredictable.
It Only Takes a Spark
In the case of the social media apps, New York Governor Andrew Cuomo mounted an extraordinarily aggressive response to the report, by ordering a multitude of state agencies to investigate the underlying charges and calling on federal regulators to do the same. He was able to get the attention of sympathizers in Congress and has laid a foundation for continued scrutiny. Governor Cuomo's move touched nearly every level of government.
In response, the New York Department of Financial Services wasted no time. Within days of the Governor's order, it issued letters to request information from the social media platform and a group of 11 app developers.
This type of blazing fast process—with the spark of an investigative report (or even a social media posting by an influencer)—can quickly consume a company. It immediately exposes the organization to risk it was not expecting, and can spread in unpredictable ways. This is true even if the company is found, and known, to have done absolutely nothing wrong.
The Risk is High
There is no way to prevent these types of investigative inquiries. This is true because so many companies and/or industries now are immersed in enterprises that can often involve “a deluge of data.” In other words, just by being in the data game, companies face a heightened risk of being called for quick fouls.
The stakes are higher and scrutiny comes faster these days across the economy, but particularly for companies in areas of higher regulatory risk. Hot areas include data monetization and targeted marketing, connected products, communications media, and artificial intelligence, to name a few. Privacy and security practices are sensitive. And heightened supply chain concerns make international business dealings fodder for scrutiny.
Preparation is Key
While a company cannot prevent itself from becoming a target, it can prepare to survive. As with any crisis, it takes preparation, preparation, and preparation, before a crisis hits to help mitigate risk. More specifically, organizations should take several important steps to prepare for a rapidly moving investigation that invariably becomes a parallel investigation, involving multiple state, local, federal, congressional investigators.
1. Define your team and your internal and external communications channels. Before crises hit, it's important to have the silos of any organization—communications, public affairs, in-house counsel, outside counsel, the C-suite, board of directors, investor relations, government relations, employee relations—all able to sing from the same sheet of music. This means making clear exactly what the lines of communication and authority are in responding to any crisis, and mapping out information and data flow so that it is channeled appropriately.
2. Know your regulators and law enforcement agencies. As is the case with any relationship, it is important to establish credibility with regulators and law enforcement agencies far before a crisis hits, rather than have someone else establish (or tarnish) your credibility before you have the opportunity to do so (such as the news media).
3. Retain counsel with regulatory/law enforcement landscape fluency. State regulators operate differently from federal regulators. There are different lines of authority, decision-makers, and personalities. There are also different substantive and procedural legal issues and investigative tools that can be invoked. The same is true for state and federal law enforcement. It is therefore important to have counsel who understand each of these nuances, who can ascertain appropriately how to address, and possibly fight, investigative inquiries.
4. Establish relationships with counsel with subject matter fluency. To enhance credibility with regulators/enforcers, it is important to ensure that counsel has mastery of the facts. This means counsel who know how to conduct efficient and adequate investigations, as well as counsel who possess sophistication with respect to the underlying technology or industry at issue and its broader dynamics.
Companies may not be able to keep themselves out of the crosshairs of government oversight or media conflagrations. But, they can take prudent steps to prepare to respond and limit the damage.
Megan L. Brown is a Partner in the Telecom, Media and Technology and Privacy and Cybersecurity practices at Wiley Rein LLP in Washington, D.C. She is former counsel to the attorney general at the U.S. Department of Justice, serves on the U.S. Chamber of Commerce Cybersecurity Leadership Council and is a 2018 fellow at George Mason University's National Security Institute. She can be reached at [email protected]. Peter Hyun, a Partner in Wiley Rein's White Collar Defense & Government Investigations Practice, is a former Assistant U.S. Attorney in the Eastern District of Virginia's U.S. Attorney's Office, Assistant Attorney General in the New York Attorney General's office, and Chief Counsel to U.S. Senator Dianne Feinstein on the U.S. Senate Committee on the Judiciary. He can be reached at [email protected].
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllTrending Stories
- 1Uber Files RICO Suit Against Plaintiff-Side Firms Alleging Fraudulent Injury Claims
- 2The Law Firm Disrupted: Scrutinizing the Elephant More Than the Mouse
- 3Inherent Diminished Value Damages Unavailable to 3rd-Party Claimants, Court Says
- 4Pa. Defense Firm Sued by Client Over Ex-Eagles Player's $43.5M Med Mal Win
- 5Losses Mount at Morris Manning, but Departing Ex-Chair Stays Bullish About His Old Firm's Future
Who Got The Work
J. Brugh Lower of Gibbons has entered an appearance for industrial equipment supplier Devco Corporation in a pending trademark infringement lawsuit. The suit, accusing the defendant of selling knock-off Graco products, was filed Dec. 18 in New Jersey District Court by Rivkin Radler on behalf of Graco Inc. and Graco Minnesota. The case, assigned to U.S. District Judge Zahid N. Quraishi, is 3:24-cv-11294, Graco Inc. et al v. Devco Corporation.
Who Got The Work
Rebecca Maller-Stein and Kent A. Yalowitz of Arnold & Porter Kaye Scholer have entered their appearances for Hanaco Venture Capital and its executives, Lior Prosor and David Frankel, in a pending securities lawsuit. The action, filed on Dec. 24 in New York Southern District Court by Zell, Aron & Co. on behalf of Goldeneye Advisors, accuses the defendants of negligently and fraudulently managing the plaintiff's $1 million investment. The case, assigned to U.S. District Judge Vernon S. Broderick, is 1:24-cv-09918, Goldeneye Advisors, LLC v. Hanaco Venture Capital, Ltd. et al.
Who Got The Work
Attorneys from A&O Shearman has stepped in as defense counsel for Toronto-Dominion Bank and other defendants in a pending securities class action. The suit, filed Dec. 11 in New York Southern District Court by Bleichmar Fonti & Auld, accuses the defendants of concealing the bank's 'pervasive' deficiencies in regards to its compliance with the Bank Secrecy Act and the quality of its anti-money laundering controls. The case, assigned to U.S. District Judge Arun Subramanian, is 1:24-cv-09445, Gonzalez v. The Toronto-Dominion Bank et al.
Who Got The Work
Crown Castle International, a Pennsylvania company providing shared communications infrastructure, has turned to Luke D. Wolf of Gordon Rees Scully Mansukhani to fend off a pending breach-of-contract lawsuit. The court action, filed Nov. 25 in Michigan Eastern District Court by Hooper Hathaway PC on behalf of The Town Residences LLC, accuses Crown Castle of failing to transfer approximately $30,000 in utility payments from T-Mobile in breach of a roof-top lease and assignment agreement. The case, assigned to U.S. District Judge Susan K. Declercq, is 2:24-cv-13131, The Town Residences LLC v. T-Mobile US, Inc. et al.
Who Got The Work
Wilfred P. Coronato and Daniel M. Schwartz of McCarter & English have stepped in as defense counsel to Electrolux Home Products Inc. in a pending product liability lawsuit. The court action, filed Nov. 26 in New York Eastern District Court by Poulos Lopiccolo PC and Nagel Rice LLP on behalf of David Stern, alleges that the defendant's refrigerators’ drawers and shelving repeatedly break and fall apart within months after purchase. The case, assigned to U.S. District Judge Joan M. Azrack, is 2:24-cv-08204, Stern v. Electrolux Home Products, Inc.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250
