Photo of Bexis

As regular readers know, we bloggers have been following the issue of whether software of various sorts – electronic bytes – is a “product” for product liability purposes.  It’s a longstanding issue, since the current Restatements of Torts specifically defines a “product” as something “tangible,” which arrays of electrons are not.  “A product is tangible

Photo of Bexis

As a follow-on to our post last year about remote (Zoom) depositions), we received a suggestion that we examine MDL orders to see how they have been handling remote deposition procedure during the COVID-19 pandemic.  That made sense to us because in MDLs every procedural jot and tittle is gone over with a fine-toothed comb. 

Photo of Stephen McConnell

This last week of May has been a big one in the James Bond universe. It includes the birthdays of Ian Fleming, who wrote the books, of Richard Maibaum, who wrote many of the screenplays, and of Clifton James, who played the comically exasperated southern Sheriff in the Live and Let Die and The Man

Photo of Bexis

This post is from the Reed Smith side of the blog only.

For well over a year, now Reed Smith has been engaged in an “initiative” concerning the innovative technology, “3D printing,” also known as “additive manufacturing.”  We’ve tried to stay on the forefront of the legal implications of 3D printing, particularly the product liability

Photo of Steven Boranian

The FDA released its final Guidance on Postmarket Management of Cybersecurity in Medical Devices during the week between Christmas and New Year. You can link to a full copy here, and we gave you our detailed take on the draft Guidance here. You can also click here to see what our data privacy and security colleagues wrote about the final Guidance on Reed Smith’s Technology Law Dispatch, as they beat us to the presses.

The final Guidance resembles the draft, with a few refinements. We see two guiding principles in the final Guidance.  First, the final Guidance continues to follow a risk-based approach.  As we observed before, the FDA could not have taken a different tack.  Medical devices always present both benefits and risks, and the goal of regulators when it comes to cybersecurity is to assess and mitigate risks without overly compromising a device’s benefits.  Second, the FDA recognizes that managing medical device cybersecurity takes a village.  Or, in the Agency’s words, “FDA recognizes that medical device cybersecurity is a shared responsibility among stakeholders including health care facilities, patients, providers, and manufacturers of medical devices.”  Guidance, at 12.

The final Guidance therefore recommends the implementation of cybersecurity risk management programs.  Such  programs would include monitoring reported adverse events under current regulations.  The FDA also recommends incorporating elements consistent with the National Institute for Standards and Technology’s Framework for Improving Critical Infrastructure Cybersecurity.  Guidance, at 14.  We commented in our prior post that the FDA was combining familiar medical device elements with others borrowed from the cybersecurity world.  The citation to NIST’s Framework is a perfect example of the wedding between those two worlds.

More specifically, a cybersecurity risk management program would include:

  • Monitoring cybersecurity information sources for identification and detection of cybersecurity vulnerabilities and risk;
  • Maintaining robust software lifecycle processes;
  • Understanding, assessing and detecting presence and impact of a vulnerability;
  • Establishing and communicating processes for vulnerability intake and handling;
  • Using threat modeling to define clearly how to maintain safety and essential performance of a device by developing mitigations that protect, respond and recover from the cybersecurity risk;
  • Adopting a coordinated vulnerability disclosure policy and practice; and
  • Deploying mitigations that address cybersecurity risk early and prior to exploitation.


Continue Reading What You Need To Know About the FDA’s Guidance on Postmarket Cybersecurity

Photo of Bexis

Bexis recently attended the “Emerging Issues in Mass-Tort MDLs Conference” sponsored by Duke Law School (those of us from Philly remember Duke as part of “Black Saturday” back in 1979).  Several panels discussed various issues relating to MDLs including using early, issue-specific fact sheets, which Bexis advocated be considered amended pleadings subject to Rule 8

Photo of Steven Boranian

If you represented a large corporation or a wealthy individual, wouldn’t you want to know if your prospective jurors were campaigning for Bernie Sanders on Facebook? Or how about criminal prosecutors who might want to know if members of their jury panel had posted strong feelings on police conduct?  If you were adverse to a drug or medical device company, maybe you would want to know if a prospective juror wrote for the Drug and Device Law Blog (although we can guarantee that you will find no more thoughtful and impartial jurors than the seven individuals who make up the collective “we”).

Millions of potential jurors make information like this (and much more) publicly available on the Internet through social media or otherwise, and what trial advocate would not want to uncover it? We got to thinking about this topic a few months ago when we read a unique order that came out of the Northern District of California in Oracle America, Inc. v. Google Inc., ___ F. Supp.3d ___, 2016 WL 1252794 (N.D. Cal. Mar. 25, 2016).  The district judge in Oracle v. Google asked the parties in a high-stakes copyright action to abstain voluntarily from searching the jury panel’s social media.  If the parties would not agree to a complete ban, then the court would impose specific limitations.

We’ll get to the details in a minute. But first, we set out to see if there are any rules that govern searching jurors’ social media (with research assistance from Reed Smith attorney David Chang).  It turns out there are, mainly within the rules of ethics and professional conduct.  The first rules obviously are our duties of competence and diligence.  They are among the first duties listed under the ABA’s Model Rules and probably the rules governing lawyers in most every state. See Model Rules of Professional Conduct, Rules 1.1, 1.3.  If there is publicly available information that would help us identify jurors with potential biases, a competent and diligent trial advocate needs to consider gaining access to it.

There are, however, countervailing considerations. On April 14, 2014, the ABA’s Standing Committee on Ethics and Professional Responsibility published “Formal Opinion 466, Lawyer Reviewing Jurors’ Internet Presence.”  The ABA committee’s opinion came on the heels of an opinion from the Association of the Bar of the City of New York—“Formal Opinion 2012-2, Jury Research and Social Media.”  These are not the only publications on the topic, but they were at the cutting edge, and they cover the major considerations.

Continue Reading Did You Search Your Jurors’ Social Media? There Are Rules