Archive for the 'Lawsuit' Category

Understanding Facebook’s Data Breach: The Legalities and Action Taken

Facebook has been in hot water after it came to light that as many as 87 million users had had their private data scraped, sold, amalgamated, and run through machine learning devices to create profiles all without their knowledge and right under Facebook’s nose. The story has been everywhere, but the details go as follows. Back in 2013, a Cambridge University researcher made an app for use on Facebook called “thisisyourdigitallife.”

The app was a basic personality quiz and was taken by about 270,000 users. However, the app permissions settings policies in Facebook were much more permissive back then. The researchers simple quiz had permissions, after you installed it, to scrape the data off your entire Facebook profile and-more dangerously-the Facebook profiles of the people on your friends list.

Some 30 million of these profiles were purchased in 2014 by Cambridge Analytica–a company run by Donald Trump’s former campaign manager and adviser Steve Bannon. The information run through machine learning devices to create larger profiles for each individual and chart trend among them. This information was used by the Trump campaign in their marketing after Jared Kushner hired Cambridge Analytica in 2016.

This is far from the first bit of criticism Facebook has faced in recent years, the fake news issues for instance. However, this also isn’t the first time it has come out that Facebook had not taken the best care of its users’ private data. It’s not even the first time in the last decade that an app has been misused to mine data for a presidential campaign-the Obama for America app did something similar back in 2012.

The whole situation has led to massive legal and media blockback for Facebook and its CEO Mark Zuckerberg. Zuckerberg has spoken before Congress in the last couple days and has been called to speak before MPs, the UK Parliament, and more. The situation has given rise to lawsuits, potential legal and legislative action from the U.S. government, state governments and even governments abroad.

facebookLegal Issues of the Breach Itself

There is an enormous amount of law that could be discussed here, so we’re going to focus on only the most immediately relevant to the situation. One of the central issues here, in terms of understanding Facebook’s legal duties to monitor the actions and content from their user’s posts revolves around a law that far pre-dates Facebook itself-the 1996 Communications Decency Act (CDA).

The CDA makes it so that “No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.” This shields Facebook, and all ISPs and similar websites from liability when it comes to the statements and posts of third parties. There are obviously several exceptions to this.

For instance content which infringes copyright gives rise to separate Digital Millennium Copyright Act safe harbor issues. However, it means that websites such as Facebook are generally immune to many legal claims over the actions of their users as they are not treated “as the publisher or speaker” of that third-party information.

The goal behind this is to help preserve a more robust internet as the reality of the situation is that it is very difficult for a large website to track the actions of all its users. However, it also provides a great deal of legal shelter to a site such as Facebook.

The CDA applies to activities which occur on the internet, the defendant is a “provider or user of an interactive computer service” (this includes websites), and the defendant website isn’t the source of the posted content. It provides protection to websites for essentially any user posting of information online. It also requires the website to not encourage illegal content or design their site to require the input of illegal content.

There are some additional complications to this. However, suffice it to say, social media websites benefit quite a bit from these sort of protections. While there are state by state privacy laws, there’s very little law limiting use of private data at a federal level.

Unless something illegal is happening, the CDA will cover a site such as Facebook when it comes to quite a bit of potential legal issues. Instead, most of the obligations of a site such as Facebook are self-imposed through their privacy policies and terms of service.

These rules have seen some recent changes with the FOSTA-SESTA Acts. However, these changes will have a minimal effect on Facebook’s overall duties to monitor and filter its user’s posts. FOSTA-SESTA mostly acts as a bit of an overbroad attempt to fight online sex trafficking by adding duties on the part of online platforms to police their users, a bit of an odd choice as there is already law on the books which serves the same purpose.

Private Legal Action Against Facebook

Even with protections such as the CDA in mind, there has already been private legal action against Facebook. A class action lawsuit was brought against Facebook, Cambridge Analytica, and Mark Zuckerberg himself on March 22nd.

The lawsuit has six counts including fraud and deceptive practices, breach of contract, negligence, intrusion upon seclusion, and charges under the Stored Communications Act (SCA)–part of the Electronics Communication Privacy Act, one of the few federal privacy laws.

To make a very complicated law simple, the SCA makes it a crime to access without authorization and share with the government the contents of a communication stored online–after a 2010 court case this includes social media messages but not posts on a wall or similar public communications.

The action alleges that Cambridge Analytica mined data with the intent of influencing the 2016 election and Facebook, despite recorded warnings from entities such as the Irish government as early as 2011, irresponsibly let it happen under their nose.

Federal Investigation and Potential Action

At a federal level, we’ve obviously already seen Mark Zuckerberg testify before Congress. However, that is far from the full extent to which the federal government can-and in fact is likely to-go. From potential fines to litigation, there is quite a bit still in movement here.

We already mentioned that this isn’t the first time Facebook has been in trouble over their privacy practices. There is no simpler example of this than the 2011 settlement they reached with the FTC over charges that Facbook had deceived its users by not following its own privacy practices. Under the settlement, Facebook must give it users “clear and prominent notice” and obtain user consent before sharing the user’s information.

They also threw in the most obvious bit, Facebook had to promise not to make any further deceptive privacy claims. Now the question will become whether the FTC will come after Facebook for violating this settlement-known as a consent decree in situations such as this. The fine for such a violation, under the agreement, could be as much $40,000 per user per day–considering this is 87 million users over the course of months that number could end up astronomical.

This has the potential to be the largest fine levied in the history of government regulation, it could even break a trillion dollars. In comparison, the current largest government fine of all time was an approximately $13B fine levied on JP Morgan Chase over its subprime mortgage practices before the recession.

This was followed by a $4B fine levied against BP after their enormous oil spill in the Gulf. This fine, if the FTC chooses to act, has the potential to dwarf both of those combined. This being said, there is little indication of where the FTC plans to go with, so we’ll just have to wait and see where this ends up in the coming days.

Additional federal action could come in the form of new legislation adding additional privacy requirements on online actors, something the U.S. has historically been extremely hesitant to do-especially in light of the push and pull between privacy and the First Amendment. This being said, there are already bills under consideration which may get another look from Congress in light of current events.

A bipartisan bill known as the Honest Ads Act was introduced late last year and would have required social media and other media to disclose which group is running a political advertisement in an effort to increase transparency. The bill has seen little action since its introduction, sitting in the Senate Rules Committee without action. However, it has been backed in recent days by a number of high profile entities such as Twitter and even Facebook itself. This may lead to Congress revisiting the provisions.

State Action in Light of Facebook’s Breach

Individual states have also begun to take action in like of recent events. For instance, California has already put an initiative on the ballot–opposed by Facebook and essentially all broadband providers–that would require companies to disclose what information they gather, how they sell it, and allow people some measure of input over what a given business can do with their data. They’re also seeking to introduce a law which would require social media platforms to identify bot accounts.

Action Taken Abroad

There has been enormous movement on privacy abroad recently, although not really in response to the Facebook situation. The EU has introduced what is almost certainly the most sweeping and powerful privacy protection law ever passed in the world–the General Data Protection Regulation or GDPR.

Taking effect May 25th, the GDPR has had online companies doing business in the EU moving quick to ensure they meet the law’s stringent privacy requirements. With substantial fines for failure to comply, the GDPR applies to all companies doing business in the EU and–among an enormous number of provisions too detailed to even scratch the surface of here–requires companies to maintain full transparency about what information they gather and why.

The users themselves have the power to access this data and can tell companies how they may use it and even have the companies delete that data.

What is Facebook Doing in Light of This Scandal?

As of now, Mark Zuckerberg has said in his testimony to Congress that Facebook will provide apps less access to data and require more transparency as to what data individual apps gather. They have already changed their political advertising policies and, again according to Zuckerberg, will be beefing up their security measures.

However, by Zuckerberg’s own admission, the issue will be a difficult one to completely address. Regardless of what steps are taken, the reality is that the road to eliminating data sharing and breaches is an extremely difficult one just based on the sheer scope of data out there, number of users, and the ever-shifting nature of security threats

As to legal steps on the issue within the U.S., there is a push and pull between limiting the dangers from the content on Facebook and ensuring the proper First Amendment speech protections when it comes to the government creating laws on this issue.

That being said, Facebook is completely free to limit speech, methods of use, etc. through its platform in essentially any way it sees fit through its privacy policies and terms of use. As a private corporation, they are not subject to the First Amendment limitations that the government is. Privacy protections in law are woefully lacking, but complicated to effectively craft. This is an issue should not be rushed, but getting it right is crucial to the ongoing existence of a healthy internet.

Jonathan Lurie is a Founding Partner of The Law Offices of Lurie and Ferri (Contact Info). He primarily handles business law, employment law, and intellectual property issues, but works with all types of civil matters. He is a Vice-Chair of the Sports and Entertainment Interest Group of the California Intellectual Property Section and has won awards for his knowledge of intellectual property, start-up business issues, and California civil procedure. 

Waterpark Co-Owner Charged With Reckless Murder In Connection With Boy’s Death on Ride

In 2016, 10 year old Caleb Schwab was decapitated during a waterslide. Caleb’s raft became airborne during the ride and hit hoops and netting overhead. Two other adults were injured and Caleb was killed.

Co-owner of Schlitterbahn Waterparks and Resorts, Jeffrey Henry, was arrested for aggravated battery and aggravated child endangerment. The Kansas Attorney General’s office arrested ride designer John Schooley as well, and charged both Henry and Schooley with reckless second-degree murder.

According to the indictment, Henry dropped out of high school and had no technical or engineering background. However, he controlled many decisions regarding Schlitterbahn construction and design projects.

The Attorney General claims the park rushed to complete the world’s tallest waterslide to impress producers of Xtreme Waterparks, a Travel Channel show. Schwab’s death was believed to be an isolated incident until whistleblowers claimed their bosses had covered up prior accidents.

Schwab’s family received a $20 million settlement. The charges against Henry are being filed by the state of Kansas, which is independent from the victims.

waterparkShould Corporations Be Criminally Liable?

Second degree murder is defined in most jurisdictions as non-premeditated murder – i.e. the murder was intentional, but not premeditated. This usually involves “crimes of passion,” like a husband who comes home and finds his wife in bed with another man.

The other type of second degree murder occurs when the defendant acts in a manner that shows complete disregard for life. A man who points a loaded gun at everyone he comes across in public and then accidently shoots someone might not have planned to kill someone. However, he had to have known that using his gun like that might result in a dead body.

It would unjust to hold a person responsible for a crime that he or she did not commit. Corporations and other business entities are organizations with multiple individuals, many of whom may not know what other employees are doing. The law only imposes criminal liability on businesses in two instances: first, when the employer is vicariously liable for an employee’s criminal actions.

However, the standard for criminal vicarious liability is higher than civil vicarious liability – the employer must authorize the criminal acts, rather than the employee acting in the employer’s name. Second, the business owner themselves may be held liable if they committed the criminal acts personally.

In this case, prosecutors are alleging that Henry, as an owner, was acting so recklessly that any reasonable person would have known that it would endanger someone’s life. Henry was making important design and construction decisions even though he had no background in engineering.

His decisions were likely influenced by a desire to impress television producers instead of public safety. Henry also knew that the ride was dangerous as employees reported he had helped cover-up similar accidents. While Henry might not have wanted anyone to die, he had to know that his actions would almost certainly lead to death(s).

Business’s Increasing Responsibility to Society

The biggest concern is increased criminal liability for business owners. The goal of every business is profit. Some business owners will put public safety as a lower concern than making money.

There should certainly be consequences if they do not sufficiently prioritize safety, but those consequences were restricted to civil court through personal injury and product liability laws. Criminal courts should only be used if the actors were intentionally malicious.

On the other hand, it is arguable that society has been too lenient on businesses. Big banks played a large role in 2008 recession, but few were punished. Many received bonuses for tanking the global economy.

Recent events reveal that social media companies like Facebook will abuse their consumer’s privacy if left alone. Perhaps if executives were liable for criminal liability as well as financial liability we’d have less corporate and business abuses than we’ve had so far in the 21st century.

Uber Stops Self-Driving Cars After a Pedestrian is Killed

Uber has pumped the brakes on its self-driving cars program. 49-year-old Elaine Herzberg was killed by a self-driving Uber car on March 18. Dash cam footage shows that Herzberg was looking at the other side of the road as she was riding her bicycle when the car hit her.

The car was going 40 mph prior to the accident and did not slow down when it hit her. The Uber safety driver showed no signs of impairment and the weather was clear and dry. Neither the car nor the safety person saw her until she was struck.

In response, Arizona Governor Doug Ducey suspended Uber’s right to run self-driving cars in Arizona (the company had announced it would suspend its program prior to the announcement).  The suspension was a 180 degree turn on Governor Ducey’s part. After taking office in 2015, Ducey had welcomed high tech companies seeking to test autonomous cars, especially Uber.

Ducey issued executive orders compelling state officials not to enforce taxi licensing rules for self-driving cars. Ducey permitted Uber to test its vehicles in Arizona as long as there was a human driver ready to assume control should there be a need to. Ducey also gave Uber his blessing to operate fully driverless cars on university campuses in the state.

Ducey’s administration claims that his aggressive pursuit of Uber was part of the governor’s plan to poach high-tech companies from California. The Golden State has lead the country in high tech for the 21st century, but states across the country have been courting its companies with offers of tax breaks and other incentives.

Arizona’s pitch to Uber and other companies looking to test self-driving cars was less regulations to interfere with their operations. This was a sharp contrast with California, which had recently voted to impose additional restrictions on driverless cars.

uberUber argues that while the accident was tragic, it is all in pursuit of science. Safety and efficiency requires experimentation and there may be accidents along the way. However, emails obtained by the Guardian between Uber and Governor Ducey indicates that there may be more to the relationship than Ducey’s desire for a business-friendly environment.

Emails show that Uber offered Ducey shirts and office space in San Francisco as the Governor spearheaded deregulation in Arizona. Although Uber has already settled with Herzberg’s estate, the emails renew a new legal debate: who is liable for Ms. Herzberg’s wrongful death?

Is There Potential Liability for Uber and the State?

If Herzberg’s estate wants to pursue a lawsuit, there are two realistic claims: the safety driver in the car or Uber itself. Any claims against the state of Arizona and Governor Ducey would be protected by sovereign immunity. If Governor Ducey did anything illegal, it would be prosecuted by the state Attorney General’s office instead of a private citizen.

Although self-driving car cases are new, the case here is still analogous to a normal accident involving an employer licensed vehicle. Suppose that a UPS or FedEx driver hits a vehicle. UPS and FedEx would be vicariously liable for the injury it caused. Although the Uber vehicle was on auto-pilot, there was a human safety person behind there.

Video footage clearly shows the person was not paying attention when the accident occurred. Given that the person’s job was to take over in the event of an accident, the safety person had clearly failed his or her standard of care. Since the person was an Uber representative, Uber would be responsible for the safety person’s negligence.

Even without the vicarious liability of a careless employee, Uber would still be liable. Self-driving vehicle may be new, but defective product cases are not. If the auto-driving car was supposed to detect pedestrians and failed to do so, then the car, the product, was defective.

The main complication is that the users of the product usually bring a defective product suit, not the victims of it. This should not stop a defective product claim though, as there are plenty of lawsuits involving people injured by products that they didn’t purchase themselves.

One potential hitch in the pedestrian’s suit against Uber is that Herzberg was clearly jaywalking. Many states will bar the plaintiff from recovering if he or she contributed to the accident. However, Arizona is a comparative negligence state.

This means that Herzberg’s estate is not barred from recovery even if she were found to be 99% at fault. The recovery amount would be reduced by the percentage a jury would find the victim at fault though. Herzberg’s jaywalking might have cost her life, but it would only reduce the settlement her estate could recover.

Uber has struggled to teach the systems to adjust for unpredictable human behavior. This will cause more injuries in the future. In the long run though, computer drivers would safety than human drivers since the computers would actually follow all traffic laws and would not take any risks.

People might need to adjust to this new reality, but it will ultimately benefit everyone. There will always be speed bumps when testing new technology. For Uber’s sake, it had best avoid using human being as speed bumps in the future.

“Clock Boy” Ahmed Mohamed’s Lawsuit Dismissed

Ahemd Mohamed’s, also known as “Clock Boy”, discrimination lawsuit has been dismissed from federal court. In September 2015, then 14 year old Mohamed assembled a clock using a circuit board and digital display and brought the clock to school. One of his teachers heard the device beeping and brought Mohamed to the principal’s office.

He was arrested and then suspended for three days. Mohamed claims he was interrogated for ninety minutes before the police would allow him to speak with his parents. Mohamed was charged with possession of a hoax bomb, but the charge was later dropped. He was suspended for three days by the school district.

Mohamed’s arrest sparked a social media firestorm amend allegations that he had been discriminated against because of his religion and ethnicity. Several weeks after his arrest, Mohamed was invited to the White House and spoke with President Obama. The police defended the arrest on the basis that the device could have been mistaken for a bomb if it had been left unattended.

clock boyMohamed’s father filed a lawsuit in federal court in August 2016 against the high school, its principal, and the city of Irving, Texas. The family demanded a written apology and $15 million in damages. Judge Sam Lindsay dismissed the case in 2016, but without prejudice so that Mohamed could refile with more facts. Two years later though, Judge Lindsay dismissed the case again, this time denying Mohamed the ability to refile.

Uphill Battle in Exigent Circumstances

Mohamed’s lawsuit was based on the theory that the Irving School District and City of Irving had discriminated against him based on religion and face, thereby violating the Equal Protection Clause of the 14th Amendment. Mohamed could plea based on the Constitution itself rather than rely on the Civil Rights Act because the School District and the City were controlled by the Constitution directly.

The problem with Mohamed’s complaint was that the case did not lend itself to discrimination on its face. If someone brings a device that looks like a bomb to a classroom, school officials and law enforcement are required to act. Police might have overreacted when they arrested Mohamed and held him for interrogation for over an hour, but the City and School District would have been negligent if they hadn’t acted at all.

Mohamed and his supporters could speculate that the police and the school would not have reacted the way they did if Mohamed was not Arabic or Muslim. However, lawsuits must be built on facts in the case, not mere speculation. Moreover, there’s no way to know how the school or police would react to an Asian or Caucasian student with a device that could reasonably look like a bomb unless someone actually does it.

A more interesting angle in this case is whether Mohamed’s criminal due process was violated. According to Mohamed, he was held for ninety minutes for questioning by police before he was allowed to speak with his parents. Since Mohamed was being held for questioning, the police needed to inform him of his Miranda rights.

Although some news agencies are reporting that he wasn’t allowed to speak with his parents while he was being interrogated, it’s important to know whether he asked for an attorney while he was being held. Sadly, his case was already dismissed with prejudice, so these questions probably won’t be answered.

Part 2: The Legal War Rages On Over Stormy Daniels

Earlier this week, we discussed the non-disclosure agreement which allegedly sought to prevent Stormy Daniels (real name Stephanie Clifford) from disclosing details of her relationship and extramarital affair with President Trump. The penalties under the agreement are hefty, with fines of $1M for every violation. This agreement has led to a legal maelstrom over what Ms. Clifford can say and do.

While President Trump’s attorney Michael Cohen vehemently argues that the entire affair needs to be handled in confidential arbitration under the non-disclosure agreement, Ms. Clifford argues that none of the agreement is enforceable in the first place as Trump never signed it–even under his pseudonym in the agreement “David Dennison.”

As we mentioned in the last article, both sides have moved forward assuming they’re right. Mr. Cohen has gone through arbitration to silence Ms. Clifford while Ms. Clifford has turned to the courts to rule the non-disclosure agreement null and void. Let’s look at the legal proceedings and their chances moving forward.

The Arbitration

As soon as word of the affair started to surface and Ms. Clifford made it clear she wanted to come forward about her experience, Cohen and “Essential Consultants” (an LLC created a few weeks before the agreement with Ms. Clifford to act as a proxy) acted in Trump’s interests and began ex parte arbitration proceedings–proceedings with no notice to Ms. Clifford–to prevent Ms. Clifford from making any statements or releasing any materials related to “Confidential Information.”

In late February of this year, they went before the retired Judge Jacqueline Connor and were issued a restraining order to this effect. This is not a long-term restraining order, but rather was an interim order until the issue was hammered out between the parties.

This was immediately followed by a comment from White House press secretary Sarah Sanders describing the arbitration proceeding as a win for the President–a bit of an odd statement as up this point the White House had maintained that the non-disclosure agreement was not referring to Trump. Even after this arbitration, Mr. Cohen continues to hold that the agreement was entered into without the knowledge of President Trump or his campaign and was agreed to avoid scandal as opposed to any truth to Ms. Clifford’s allegations.

stormy danielsMs. Clifford’s attorney’s have been extremely critical of the idea of arbitration proceedings where only one party shows up and no notice is given that the proceedings are even taking place. However, the non-disclosure agreement does allow for ex parte for injunctions–if not more substantial proceedings. Arbitration provisions in contracts are generally enforceable.

Arbitration agreements are sometimes ruled unconscionable and unenforceable when the balance of power in an agreement is too far towards one side–usually in an employer-employee context. However, there’s not much indication here that one party had an upper hand over the other in negotiations. Arbitration agreements are also occasionally struck down where they favor one side too substantially over the other. However, this is an extremely hard argument to make in court.

Arbitration rules generally allow for ex parte arbitrations on an emergency basis offering temporary relief. This being said, there have been more than a few cases where courts have refused ex parte arbitrations where more substantial relief was sought.

This means that the arguments that have the most weight for Ms. Clifford are the arguments brought in her complaint, that the agreement is unenforceable because it was not signed by President Trump. In general, the validity of unsigned arbitration agreements can vary by state. There are court rulings both allowing arbitration agreements where one party didn’t sign and refusing to accept such an agreement as valid. There is a very valid debate over whether the lack of a valid contract undermines the ability to enforce arbitration. A contract generally needs an offer, acceptance, and consideration to be valid. The consideration was certainly sent in the form of $130,000.

A signature from all parties is not always necessary for acceptance, however Cohen will likely have to find another way to show valid acceptance of all parties–especially in light of his argument that one party to the agreement–one David Dennison aka President Trump–never knew of the agreement at all.

The Complaint

Ms. Clifford’s complaint was filed on March 6th, about a week after the arbitration approved a temporary injunction. As we’ve discussed, it primarily argues that there is no agreement binding Ms. Clifford since it was not signed by Trump–either under his real name or under the “DD” pseudonym. Everywhere he was meant to sign is instead completely unsigned or initialed by Essential Consulting, LLC.

Although Cohen argues Trump never knew about the agreement, emails have been produced showing that Cohen used his Trump Organization email to arrange payment to Ms. Clifford. This makes it even more unlikely President Trump or his Organization had no knowledge of the agreement.

The complaint will argue that if they knew about the agreement that means Trump actively chose not to sign to maintain plausible deniability. This active choice not to sign would support a lack of acceptance and undermine the validity of the agreement.

The complaint itself says that Clifford first decided to come forward about her experiences–which she describes as consensual if motivated by a desire to be on “The Apprentice”–after a recording of Trump came out where he described attempting to seduce a married woman and said he would kiss the woman they were about to meet, commenting that “when you’re a star, they let you do it, you can do anything.”

This led many women to come forward regarding President Trump’s treatment of them and Ms. Clifford thought she should come forward as well. This came to the attention of Mr. Cohen and led to the agreement discussed above shortly after.

The crux of the complaint, as mentioned, is that this agreement is not enforceable. It leans on the allegations that Trump intentionally chose not to sign so he could “later…publically disavow any knowledge of the agreement.” The complaint asks the court to rule that the contract is either unenforceable and void or unconscionable.  The latter argument is a bit of a stretch, but the former has a real chance of success.

Where Will the Case Go from Here?

While Ms. Clifford may have a real case, it is certainly going to be an uphill battle. The lack of signatures certainly doesn’t by itself render the contract necessarily invalid.

What’s more, the case is brought in California and both the California Supreme Court and the US Supreme Court have previously chosen to treat arbitration clauses independent of a larger contract unless there is an attack on the arbitration clauses validity by itself.

This means a court might rule that the validity of the contract has to be handled in confidential arbitration. It’s very likely that such an arbitration would not work out particularly well for Ms. Clifford. This adds another wrench to the works of an already uncertain case.

There is an additional argument Ms. Clifford has yet to bring which may help her cause, although it has a questionable chance of success. The arbitration agreement contained within the contract could be interpreted to require “David Dennison” to invoke it.  The clause was instead invoked here by Essential Consultants and Cohen. This argument is a long shot at best.

If the case moves forward, an enormous if at this point, the discovery will likely show the source of the $130,000. If this money in fact came from Cohen, this is no issue. However, if it came from a more official source it could be a substantial problem for the Trump administration.

Speaking of Mr. Cohen, one thing that is certain going forward is that Cohen has landed himself in a tremendous amount of hot water. His own assertion that he entered into an agreement on his client’s behalf with no knowledge or approval from his client is a professional ethical violation that could see him receive a punishment that could include revoking his license to practice law. If Trump did know about the agreement, then Cohen may have committed fraud–another punishable offense.

Ms. Clifford, however, potentially faces her own share of troubles soon. While we’ve seen from her 60 Minutes interview that she has not been silenced, at $1M per violation of the non-disclosure agreement she may be facing a hefty penalty in her future– recent estimates already have put the damages under her non-disclosure agreement at upwards of $20M.

Jonathan Lurie is a Founding Partner of The Law Offices of Lurie and Ferri (Contact Info). He primarily handles business law, employment law, and intellectual property issues, but works with all types of civil matters. He is a Vice-Chair of the Sports and Entertainment Interest Group of the California Intellectual Property Section and has won awards for his knowledge of intellectual property, start-up business issues, and California civil procedure.