This last week of May has been a big one in the James Bond universe. It includes the birthdays of Ian Fleming, who wrote the books, of Richard Maibaum, who wrote many of the screenplays, and of Clifton James, who played the comically exasperated southern Sheriff in the Live and Let Die and The Man

This post is from the Reed Smith side of the blog only.

For well over a year, now Reed Smith has been engaged in an “initiative” concerning the innovative technology, “3D printing,” also known as “additive manufacturing.”  We’ve tried to stay on the forefront of the legal implications of 3D printing, particularly the product liability

The FDA released its final Guidance on Postmarket Management of Cybersecurity in Medical Devices during the week between Christmas and New Year. You can link to a full copy here, and we gave you our detailed take on the draft Guidance here. You can also click here to see what our data privacy and security colleagues wrote about the final Guidance on Reed Smith’s Technology Law Dispatch, as they beat us to the presses.

The final Guidance resembles the draft, with a few refinements. We see two guiding principles in the final Guidance.  First, the final Guidance continues to follow a risk-based approach.  As we observed before, the FDA could not have taken a different tack.  Medical devices always present both benefits and risks, and the goal of regulators when it comes to cybersecurity is to assess and mitigate risks without overly compromising a device’s benefits.  Second, the FDA recognizes that managing medical device cybersecurity takes a village.  Or, in the Agency’s words, “FDA recognizes that medical device cybersecurity is a shared responsibility among stakeholders including health care facilities, patients, providers, and manufacturers of medical devices.”  Guidance, at 12.

The final Guidance therefore recommends the implementation of cybersecurity risk management programs.  Such  programs would include monitoring reported adverse events under current regulations.  The FDA also recommends incorporating elements consistent with the National Institute for Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity.  Guidance, at 14.  We commented in our prior post that the FDA was combining familiar medical device elements with others borrowed from the cybersecurity world.  The citation to NIST’s Framework is a perfect example of the wedding between those two worlds.

More specifically, a cybersecurity risk management program would include:

  • Monitoring cybersecurity information sources for identification and detection of cybersecurity vulnerabilities and risk;
  • Maintaining robust software lifecycle processes;
  • Understanding, assessing and detecting presence and impact of a vulnerability;
  • Establishing and communicating processes for vulnerability intake and handling;
  • Using threat modeling to define clearly how to maintain safety and essential performance of a device by developing mitigations that protect, respond and recover from the cybersecurity risk;
  • Adopting a coordinated vulnerability disclosure policy and practice; and
  • Deploying mitigations that address cybersecurity risk early and prior to exploitation.


Continue Reading

If you represented a large corporation or a wealthy individual, wouldn’t you want to know if your prospective jurors were campaigning for Bernie Sanders on Facebook? Or how about criminal prosecutors who might want to know if members of their jury panel had posted strong feelings on police conduct?  If you were adverse to a drug or medical device company, maybe you would want to know if a prospective juror wrote for the Drug and Device Law Blog (although we can guarantee that you will find no more thoughtful and impartial jurors than the seven individuals who make up the collective “we”).

Millions of potential jurors make information like this (and much more) publicly available on the Internet through social media or otherwise, and what trial advocate would not want to uncover it? We got to thinking about this topic a few months ago when we read a unique order that came out of the Northern District of California in Oracle America, Inc. v. Google Inc., ___ F. Supp.3d ___, 2016 WL 1252794 (N.D. Cal. Mar. 25, 2016).  The district judge in Oracle v. Google asked the parties in a high-stakes copyright action to abstain voluntarily from searching the jury panel’s social media.  If the parties would not agree to a complete ban, then the court would impose specific limitations.

We’ll get to the details in a minute. But first, we set out to see if there are any rules that govern searching jurors’ social media (with research assistance from Reed Smith attorney David Chang).  It turns out there are, mainly within the rules of ethics and professional conduct.  The first rules obviously are our duties of competence and diligence.  They are among the first duties listed under the ABA’s Model Rules and probably the rules governing lawyers in most every state. See Model Rules of Professional Conduct, Rules 1.1, 1.3.  If there is publicly available information that would help us identify jurors with potential biases, a competent and diligent trial advocate needs to consider gaining access to it.

There are, however, countervailing considerations. On April 14, 2014, the ABA’s Standing Committee on Ethics and Professional Responsibility published “Formal Opinion 466, Lawyer Reviewing Jurors’ Internet Presence.”  The ABA committee’s opinion came on the heels of an opinion from the Association of the Bar of the City of New York—“Formal Opinion 2012-2, Jury Research and Social Media.”  These are not the only publications on the topic, but they were at the cutting edge, and they cover the major considerations.


Continue Reading

This is one of those stories you simply cannot make up.

We were using technology to get some ideas about technology. That is, we were surfing around the internet to find descriptions of the successful use of technology in litigation. Our eyes grew weary as we scrolled from screen to screen. There was a lot of same-old-same-old. Then we found an article in the Legal Times from 2005 entitled, “Jurors, Watch the Screen.” You can see the article here. Even as far back as 2005 it was becoming clear that one could use snazzy technology without suffering from the Goliath effect – the perception that your client must have deep pockets. After all, both sides at trials and depositions were using PowerPoints, videos, and arresting graphics. Jurors had come to understand that anyone with a laptop could put on a multi-media show. (Lawyers used to talk about a trial-in-a-box. But by 2005, we went up against a plaintiff lawyer who had a trial-in-a-laptop. He was smooth. He was impressive. He lost.)


Continue Reading