When a patron storms out of a store over perceived mistreatment, do not confuse the lack of legal grounds for a discrimination claim with a free pass on the far greater reputational risks that outweigh the cost of any litigation.

In April 2018, at a Philadelphia Starbucks, police arrested two men of color waiting for a third participant before beginning a business meeting. A Starbucks employee contacted police after concluding that the men had not purchased anything. Another patron captured the arrest on video and posted it on Twitter where it soon received more than 200,000 likes. Although it is unknown whether the men initiated any subsequent court action, they eventually settled with Starbucks (for an undetermined amount) and the city of Philadelphia (for $1 each and the promise of a $200,000 investment in a program for entrepreneurs).

To placate protesters and tamp down the backlash, Starbucks closed more than 8,000 locations one May afternoon for diversity training. Currently, the company is facing a race discrimination lawsuit filed by a Caucasian regional manager who claims she was terminated after refusing to discipline another Caucasian employee accused of discrimination in the aftermath of the event.

Several months later, in December,


Continue Reading

Charlie Platt, Director of Data Analytics for iDS, resumes his Ethical Hacker column with a piece on how reducing cyber risk can get in the way of your business – that is, if your rules lack flexibility. The best way to implement successful cyber risk programs without hurting your business, he says, is to design them to adapt to dynamic business requirements by providing an approved exception process.

It’s been a while since I’ve been on these pages. I’ve missed it and it’s good to be back. One big change is that I’m now also focused on data analytics in addition to cybersecurity. I will be heading up the Data Analytics practice at iDS and Robert Kirtley is heading up the Cybersecurity practice. Together we will be talking about how data analytics and cybersecurity go hand in hand, and how we can assist each other in achieving great results for our clients.

In light of that new focus, I’d like to tell you about a project I recently worked on for a client. While on the surface our work was focused on data, there were strong undercurrents of cybersecurity throughout the project. We were engaged to assist the client
Continue Reading

An annotated review of Information Governance Insights columns from 2017

The scope of corporate counsel duties has changed rather rapidly and drastically in the past decade. As companies have quickly begun to digitalize nearly every aspect of their operations, digital information has become the lifeblood and primary asset of nearly all business, in every industry, in every sector. Whether a company makes or sells widgets, transports goods or people, facilitates markets or financial transactions, or provides services of any sort, in the past few years it has also become an information business. The volume of digital information flowing through companies has also grown exponentially in this same short period.
Continue Reading