Volume 3, Issue 3

January 2006  

 

 

 

About Per Mar

Contact Us

 

CORPORATE OFFICE

Per Mar Security Services
Per Mar Centre
1910 East Kimberly Rd
Davenport, IA 52807
Tel# 1-800-4-PERMAR (737627)
Fax # 563-359-6700

 

The Attorney-Client Privilege: Part II [more...]

Newly Released Guidelines for Anonymous Reporting Overseas [more...]

IRS Audits Focus More on Small Firms [more...]

Katrina Fraudsters Being Caught [more...]

Strategies for Acquiring Taken Domain Names [more...]

Spam: Legislators Take Notice [more...]

The Attorney-Client Privilege: Part II

This is the second article in a two-part series addressing the attorney-client privilege. Last month's article defined and discussed the nature of the privilege and how it may apply to your organization.

Here are some common mistakes that may nullify the attorney-client privilege:

Inadvertent Distribution - Disclosure of confidential communications between an attorney and their client to individuals who have no decision-making authority over the scope of the incident will void the privilege. Moreover, disclosure to individuals without direct responsibility for the matter communicated can also void the privilege. The most common real world example is through e-mail. Confidential e-mail communications can be accidentally or advertently forwarded outside your organization, and with great ease and harmful consequences. Many organizations that regularly deal with private and confidential information have instituted formal policies that mandate that all emails must include a confidentiality statement, even if they do not rise to the level of attorney-client privilege.

Partial Disclosure - Disclosing part of a discussion or advice rendered by your attorney may negate the privilege. You may be tempted to disclose what you might conclude to be superficial or cursory information to answer questions with regard to how you came to a decision. For example, you might be asked "Why are your procedures that way?" and a common response might be "Because our attorney suggested we develop such a procedure." At first thought, this is a rather innocuous statement.

However, should this conversation either proceed to, or result in, litigation, it can be argued (and most probably will be with great success) that your partial disclosure constitutes a forfeiture of the privilege. If you are aware that a conversation is privileged, do not disclose even seemingly harmless content.

Using your Counsel as an Investigator - Probably the most common mistake with regard to investigations of whistleblower, sexual harassment, or most any type of workplace misconduct claims is to use your attorney to investigate the claim. For example, in a sexual harassment claim, the amount of time an individual has to endure the harassment is paramount to the penalty imposed on the organization. In making the claim that the harassment was dealt with in an expedient manner by your organization, you may have to make the investigator, in this case the attorney, available as a witness. In doing so, the attorney would have to disclose any relevant information eliminating the privilege and confidentiality.

Clearly, working with your attorney to formulate specific protocols with regard to the attorney-client privilege as it relates to your organization is extremely important. By following some simple guidelines, you can assure that your organization is in the best, most defensible, legal position moving forward.

The advice given in the article above is not intended to serve as legal advice.

top

 

Newly Released Guidelines for Anonymous Reporting Overseas

On November 10, 2005, the French data protection agency, Commission nationale de l'informatique et des libertés, (CNIL) released a document containing detailed guidelines for European Union (EU) operated companies, related to the implementation and existence of anonymous incident reporting systems. The widespread use of whistleblowing systems, including hotlines and other such solutions in the United States, stems from legal obligations of corporations under the Sarbanes-Oxley Act (SOX), Section 301. To summarize, SOX requires company audit committees to establish procedures for the receipt, retention, and treatment of complaints received by the issuer regarding accounting, internal accounting controls, or auditing matters and that corporations allow for the confidential and anonymous submission by employees of the issuer of concerns regarding questionable accounting or auditing matters. Furthermore, under SOX, employees who "blow the whistle" on financially related improprieties have in addition to protection from retaliation, the opportunity for monetary damages if they are subjected to any type of retaliation.

The formal guidelines stem primarily from two cases involving the well known McDonald's France fast food restaurant, and the retail giant, Wal-Mart. In the case of the former, McDonald's France sought permission to implement different systems that would have allowed their French employees to report workplace misconduct on the part of their managers in an anonymous fashion either via mail or fax. The ruling against McDonald's was based on the fundamental principles of individual rights to privacy. In the case of the latter, Wal-Mart's German subsidiaries implemented a code of ethical conduct and an anonymous alert hotline for its employees to report workplace misconduct while maintaining their identity. Similarly to the findings of the French Data Protection Authority in the case of McDonald's France, the German Labor Court ruled the implementation of such an ethical code (and specifically certain rules within the code) may violate the personal rights of employees, in addition to ruling that an alert hotline was invalid without prior approval from the company's works council. Not surprisingly, such rulings have resulted in widespread ambiguity for US based corporations who have multi-national interests.

In an effort to elucidate the legalities surrounding anonymous reporting systems in the EU, a brief summary, taken from the CNIL guidelines are included below:

  • Whistleblowing systems must be designed as solely complementary to other reporting systems in companies, and should be limited in scope to include financial, accounting, banking, and anti-bribery matters.
  • Controllers of such data must clearly indicate that the whistleblowing system is strictly reserved for financial, accounting, banking, and anti-bribery matters only.
  • Organizations must not encourage employees to utilize such systems in an anonymous fashion.
  • Only relevant data should be included in a report of wrongdoing, and the wording used in the report should express that the facts are alleged.
  • The collection and handling of reports must be entrusted to individuals within the company, who have specific training and are bound by a contractually defined obligation of confidentiality.
  • Data relating to a report found to be unsubstantiated by the entity in charge of processing such reports must be deleted immediately.
  • The alleged wrongdoer must be informed of the entity responsible for the system, the facts he is accused of, any departments which might receive the report as well as how to exercise his/her rights of access and correction.
  • Any person identified through the whistleblowing system may access data concerning him/her and request, as applicable, its correction or removal.

To view the CNIL guidelines in their entirety, please visit: http://www.cnil.fr/index.php?1901.

top

 

IRS Audit Trends: Focus on Small Firms, Individuals

The IRS has more than doubled its examination activity for small firms in the fiscal year of 2005. Approximately one out of every 127 returns from corporations with total assets of less than $10 million were examined in 2005, twice the rate of 2004, according to the IRS. Small business owners should take notice and prepare for every year as if this was the year of their audit.

Individual IRS examinations are increasing as well, with approximately one out of every 108 tax returns being audited in 2005, as opposed to only one out of about 130 in 2004.

It should be noted that the vast majority of individual examinations (about 80%) were correspondence audits, or audits of a particular tax issue. Furthermore, face-to-face audits are becoming exceedingly rare, with approximately one out of 526 returns receiving such attention. Source: Kiplinger Tax Letter

top

 

Katrina Fraudsters Being Caught

At least two dozen Red Cross contract workers have been indicted for filing false relief claims and collecting funds earmarked for victims of Hurricane Katrina. The fraudsters created fake accounts that were issued relief checks.\

A Western Union employee notified authorities after she observed the same individual came into the same store three times to pick up wire transfers. Red Cross employees also became suspicious after they noticed an unusual amount of funds going to the Bakersfield, CA Western Union, thousands of miles away from the areas affected by Hurricane Katrina.

The FBI's investigation is expected to last several months and will include looking at thousands of other claims made in California and other states.

The Red Cross has admitted that its system for receiving charity funds was not perfect, and that a premium was placed on having the necessary support in place to receive the high volume of donations.

Source: http://www.cnn.com/2005/LAW/12/28/katrina.fraud/index.html

top

 

Quote of the Month: "Human beings, by changing the inner attitudes of their minds, can change the outer aspects of their lives."
-William James (1842 - 1910)

Strategies for Acquiring Taken Domain Names

Attempting to secure the perfect domain name for your website can be tricky, especially if the name you want is already taken. Oftentimes there may not even be a functional website at that address, yet someone has purchased the rights to the name. Visiting a site like Whois.com can yield some information as to who owns the domain rights and for how much longer, and can even help put you in touch with a broker who can attempt to purchase the name for you from the owner.

Domain rights expire in stages. When a domain owner allows their ownership to lapse, there is time period of anywhere between 10 to 45 days (depending on the domain registrar) during which the now previous-owner has a chance to reacquire the rights. When a domain is actually released to the public after it has expired, it is not broadcasted for all to see, although sites like Dropwatch.com are attempting to change that. One who lives in hope of acquiring the once-taken domain must now monitor the various domain registration sites vigorously, or bring in assistance.

There are services and brokers who can scour for the availability of domains that are due to be available to the public. Check out these helpful sites: Snapnames.com, GoDaddy.com, Enom.com, Pool.com, and Dropshark.com and consider using one or more of them to acquire the domain you want.

top

 

Spam: Legislators Take Notice

The advent of the Internet has brought with it innumerable challenges for our legal system, not the least of which includes the vast amounts of unsolicited email swimming through cyberspace. We all well understand the inconvenience and annoyance associated with receiving slews of spam or "junk" email and the impact it has on our ability to most effectively use email as the timesaving communication tool that it is. However, the Federal Trade Commission (FTC) recently announced in a report to Congress that the incidence of spam email has actually declined by as much as 9% in the two years since the CAN-SPAM Act of 2003 was enacted. This legislation contains four primary provisions:

  • Header information must be accurate. The Act prohibits false or misleading information to be contained in the "From" and "To" sections of the e-mail's header. The originating domain name and email address must accurately identify the initiating party.
  • Recipients must be provided with a method by which they can request to be removed from the mailing list for future correspondence. The method must include a return email address or other internet-based response mechanism.
  • Subject lines cannot be deceptive or misleading in any way regarding the subject matter contained within the email message.
  • Commercial email must contain a valid physical postal address for the sending organization and must identify itself as an advertisement or solicitation.

Legislators have taken further notice of the problems created by the sending of spam emails and new legislation has been proposed in 2005 to further regulate commercial emailing activities. The proposed Anti-phishing Act of 2005 seeks to criminalize Internet activity attempting to obtain personal identifying information that could be used for fraudulent purposes. While this legislation has yet to be enacted, it potentially further protects American consumers from identity theft and other fraudulent use of personal information.

top

 

 

 

Copyright © 2003-2005 PerMar Security - All rights reserved.

Duplication and distribution for commercial purposes is strictly prohibited.
Powered by SecurityNewsletters.comTM

 

 


If you no longer wish to receive these emails, please reply to this message with "Unsubscribe" in the subject line or simply click on the following link: Unsubscribe

This message was sent by Per Mar Security Services using VerticalResponse's iBuilder®

Per Mar Security Services
1910 East Kimberly Road
Davenport, Iowa 52807

Read the VerticalResponse marketing policy.