Upload
others
View
10
Download
1
Embed Size (px)
Citation preview
Online Reputation Attacks Against Companies: Response Strategies for In-House Counsel Assembling a Multi-Disciplinary Response Team, Preventing and Mitigating Reputational Damage, Developing an Incident Response Plan
Today’s faculty features:
1pm Eastern | 12pm Central | 11am Mountain | 10am Pacific
The audio portion of the conference may be accessed via the telephone or by using your computer's speakers. Please refer to the instructions emailed to registrants for additional information. If you have any questions, please contact Customer Service at 1-800-926-7926 ext. 10.
TUESDAY, SEPTEMBER 30, 2014
Presenting a live 90-minute webinar with interactive Q&A
Melissa Agnes, President and Co-Founder, Agnes + Day, Montreal, Quebec
Chris Anderson, Ph.D., Co-Founder and Group Head, Internet Defamation Division,
Cyber Investigation Services, Tampa, Fla.
Whitney C. Gibson, Partner, Vorys Sater Seymour and Pease, Cincinnati
Tips for Optimal Quality
Sound Quality If you are listening via your computer speakers, please note that the quality of your sound will vary depending on the speed and quality of your internet connection. If the sound quality is not satisfactory, you may listen via the phone: dial 1-866-961-8499 and enter your PIN when prompted. Otherwise, please send us a chat or e-mail [email protected] immediately so we can address the problem. If you dialed in and have any difficulties during the call, press *0 for assistance. Viewing Quality To maximize your screen, press the F11 key on your keyboard. To exit full screen, press the F11 key again.
FOR LIVE EVENT ONLY
Continuing Education Credits
For CLE purposes, please let us know how many people are listening at your location by completing each of the following steps:
• In the chat box, type (1) your company name and (2) the number of attendees at your location
• Click the SEND button beside the box
If you have purchased Strafford CLE processing services, you must confirm your participation by completing and submitting an Official Record of Attendance (CLE Form).
You may obtain your CLE form by going to the program page and selecting the appropriate form in the PROGRAM MATERIALS box at the top right corner.
If you'd like to purchase CLE credit processing, it is available for a fee. For additional information about CLE credit processing, go to our website or call us at 1-800-926-7926 ext. 35.
FOR LIVE EVENT ONLY
Program Materials
If you have not printed the conference materials for this program, please complete the following steps:
• Click on the ^ symbol next to “Conference Materials” in the middle of the left-hand column on your screen.
• Click on the tab labeled “Handouts” that appears, and there you will see a PDF of the slides for today's program.
• Double click on the PDF and a separate page will open.
• Print the slides by clicking on the printer icon.
FOR LIVE EVENT ONLY
Online Reputation Attacks Against Companies: Response Strategies for
In-House Counsel
Whitney C. Gibson Vorys, Sater, Seymour and Pease LLP 513.723.4823| [email protected]
Melissa Agnes
Agnes + Day 514.458.7101| [email protected]
Chris Anderson, Ph.D. Cyber Investigation Services, LLC
850.279.6595| [email protected]
September 30, 2014
There are Many Types of Online Reputation Attacks
› False Negative Reviews › False Positive Reviews by/for Competitors › Attack/Gripe Websites (e.g. CompanySucks.com)
› Scam Report/Complaint Websites (e.g. Ripoff Report)
› Blogs/Blog Posts, Social Media Posts, Message Board/Online Forum Posts
6
Common Attack Forums: Locations of False, Defamatory Content
› Angie’s List
› Better Business Bureau
› Blogs
› Complaints Board
› Media / News Outlets
› Message Boards/Forums
› Pissed Consumer
› RealScam.com
› Ripoff Report
› Search Engines
› WhoScammedYou.com
› Wikipedia
› Yelp
› YouTube
7
Online Reputation Attacks Come from Many Sources
› Dissatisfied consumers/customers › Competitors › Bitter employees › Disgruntled investors › Extortionists › Bloggers wanting to get attention and earn $$ from ads
on their blogs › “Activists”
8
Blog Attack: MonaVie
9
Ripoff Report
10
Negative Yelp Review #1 on Google
11
Social Media’s Impact on Crisis
12
2013 Deloitte Survey
› Reputation is the #1 strategic risk for large businesses, according to >300 senior top management and board members surveyed
› Largely due to rise of social media "The time it takes for damaging news to spread is quicker, it goes to a wider
audience more easily, and the record of it is stored digitally for longer.”
-- Henry Ristuccia, Deloitte Global Leader, Governance, Risk and Compliance
13
Why In-House Counsel Should Have a Major Role
› Reputation attacks on the Internet are different › Many legal tactics and issues involved:
• Identifying anonymous posters
• Convincing third-party websites to remove
• Cease and desist letters
• Court order/de-indexing material from Google, other search engines
• Defamation
• Employee agreements
• Privacy issues
• Social media policies
14
Problems Go Beyond Legal
› More in play than just legal analysis and strategies; solutions are complicated because they require an understanding of other areas/strategies
› Other considerations: • SEO
• ORM
• Cyber investigation
• PR
• Customer relations
• Business strategies
15
In-House Counsel: Crisis ‘Quarterback’
16
Our Goal is to Put You in this Position
IHC
ORM SEO
Crisis Response
Cyber Investigation
Legal Strategies
PR
Business Considerations
17
In-House Counsel: Crisis ‘Quarterback’
1) Prevention/Planning/Protection 2) Monitoring 3) Defending
18
Prevention/Planning/Protection
› Draft company policies to prevent attacks • Social Media • Customer Service
› Be careful … • Controversial policies
can lead to public criticism • New California law bars
companies from inserting non-disparagement clauses intended to prevent customers from leaving negative online reviews (Sept. 9, 2014)
19
Union Street Guest House (August 2014)
• NY Post: Hotel that fines guest for bad reviews gets a taste of justice • The Huffington Post: This Hotel's $500 Fine For Bad Reviews Is Backfiring Horribly • The Guardian: Hotel threatening $500 'bad review fee' trolled with spoof complaints
20
Prevention/Planning/Protection – Online Attack Crisis Planning
Step 1: › Identify risks › Communicate with internal team / Understand roles
(and vice-versa) › Evaluate current incident response plan
Step 2: › Prevent preventable › Plan for unpreventable
21
Planning for Unpreventable Risk
› Determine level of threat • Categorize different scenarios (level 1, 2, 3) • Identify red flags • Monitor in real-time, all the time • Identify trigger points for escalation
22
Planning for Unpreventable
› Determine level of threat › Develop the response protocols › Who needs to be involved and what are their
roles and responsibilities? › Develop pre-approved messaging
23
Crisis Response
Managing real-time demands › Prepare your communications in advance › Work with team to pre-approve all messaging
24
25
Prevention/Planning/Protection – Online Attack Crisis Planning
Real-time internal communications are vital › Have a system in place › Assign someone to the task
26
Practice Makes Perfect!
Crisis simulations are a great way to: › Test your plan › Test your team › Strengthen key areas prior to experiencing a
crisis
27
Prevention/Planning/Protection – Building Online Presence
› Reviews: The best defense against negative reviews is a strong offense. Companies need systematic ways to generate positive reviews but yet most are terrible at it.
› Brand Front Page of Google: You must control the front page of Google/Yahoo!/Bing or someone else will. For big brands, comes naturally. For smaller brands, requires consistent effort.
28
Prevention/Planning/Protection –Monitoring
› It’s critical to be aware of what is being said online › Those with large number of social media mentions,
monitoring/alerts need to be on the scale of hourly › For longer term, like material on Google search,
monitoring can often be weekly
29
Prevention/Planning/Protection –Importance of Early Detection
› Early detection, removal can prevent crisis › Prevents information from spreading to other sites › Address problem before more negative reviews › Legal:
• Many ISPs only keep identifying information for a few months, so waiting too long could prevent your ability to identify the attacker
• Want to consider removal before statute of limitations expires (1 year in many states)
30
Defense: Responding to Routine Attacks
› Procedures for responding to routine attacks › Policy for responding to:
• Negative reviews • Wikipedia pages for company, execs • Complaint websites (e.g. Ripoff Report)
› Develop review platform on own website
31
Example › Early Contact with Poster (80-90% removed if contacted w/in 72 hours)
› Post Response with Phone # 1) Thank you for your review and I'm sorry to hear that you feel the blades are not
lasting as long as previously. We have numerous quality checks throughout our manufacturing process, so this is not something we would expect. It may be helpful to know that the item fading is just a guideline and we recommend changing the cartridge when it begins to feel dull. If you would like, give us a call at 1-800-_________.
2) I'm very sorry to hear that your power button has fallen out, but happy to hear that you have been loving your experience with our razor! Our manufacturing process is such that it should not allow things like this to happen, and we will check into it right away. Thank you for bringing this to our attention. We are always happy to speak with our consumers about anything, so if you would like, please give us a call at 1-800-________!
32
Defense: Responding to Serious Attacks
› Investigative Assessment • Evaluate characteristics of attacker • Assess current and potential harm
› May be necessary to unmask identity of anonymous/pseudonymous poster
33
Cyber Investigators / URO
› The best strategy comes from knowing your who is behind the issue
› If possible, you ID them › If you can’t ID, can you profile the screen
name and learn more about them. › Are they using language that might suggest
they are tied to a much bigger movement? (Ex. Dox’d, expect us, language consistent with blogger/social media pro)
34
Attacker Characteristics
› What is he/she capable of? › Is this a one-time attack? Or is it the
beginning of a campaign/series of attacks?
35
Identifying Anonymous Reviewers/Posters
36
How Identification is Done
› Magic Databases (usually only on TV shows) although database work plus hard digging sometimes pays off.
› Get to IP Address (multiple ways) › Turn IP Address into a name (multiple ways)
** Myth: With IP address we can get lat./long. coordinates and know exactly where located.
37
Cyber Investigation Approach
› Using Cyber Investigators can be an easy, efficient, and cost-effective way of obtaining information regarding an anonymous reviewer
› Be careful when hiring Cyber Investigators, as attorneys must be mindful of potential ethical violations that could occur when using cyber investigation techniques
38
Doe Subpoenas in 3 Steps
1. Subpoena 3rd party website/host for personally identifying subscriber information
2. If only an IP Address is obtained, look up the Internet Service Provider (ISP)
3. Subpoena ISP for account holder information based on IP Address (specific time, date)
39
Forensic Exams
› Online attackers often attempt to cover their tracks by deleting computer data – but evidence suggesting relevant data can be discovered through forensic analysis
› Can explore when pertinent info was erased and whether or not it was normal practice to make the deletions
› Can find out what type of wiping software has been used › In some cases, possible to find pieces related to the deleted
information (such as metadata), which could provide info regarding: 1) when a file was installed; 2) whether the file was modified and when; 3) when the file was deleted; and 4) info about the data contained within the file.
40
Harm/Damage
› How harmful is the content? › Is the person/business actually suffering? › What is the client’s budget and risk
tolerance? › Can the person/business afford not to have
the content removed?
41
Location/Visibility of the Information
› Where is the harmful info? Who can see it? › Does it rank highly in search engines? If not,
could it eventually? Client
Company Website #1
Defamatory Ripoff Report post #2
Domain Authority (per Open Site Explorer):
• Wikipedia 100/100 • Better Business Bureau 96/100 • Yelp 94/100 • Ripoff Report 82/100
42
Search Engine Ranking Examples
43
Specific Techniques/Solutions
44
Evaluating Various Options
1. Reconcile, offer replacement/refund 2. Contact Attacker: confidentiality agreement, negotiate
settlement 3. Cease and Desist Letter 4. Removal: Convince 3rd party websites to remove 5. Court order/De-indexing from search 6. Lawsuit 7. ORM / SEO 8. Crisis Response
45
1. Reconcile, Offer Replacement/Refund
46
Reconcile with Customer
› If the customer is unhappy with the service or product, offer to replace it
› This often results in them changing the review
47
2. Negotiating with Attacker
48
Negotiating Directly with Attacker
› Confidentiality Agreement › Negotiate Settlement (May be necessary for very damaging attacks)
49
3. Cease and Desist Letter
50
Cease and Desist Letter
› Our recommendation is to make sure you have legal grounds for threats, or it could create a PR nightmare
› Ask company how they would be perceived in the court of public opinion: Bully or Victim?
› Include draft complaint with C&D letter
51
Case Study: Ron Gordon Watch Repair
52
4. Removal by Author or Website
53
Removal is Often the Best Solution
› More efficient › Cost-effective › Damages often difficult to prove at trial
54
Convince Author to Remove
› On many websites or forums, the author of the post can edit or delete the content
› Can often approach author, convince them to remove or update their post
55
Contacting Websites
› Contact website, ask for removal if post violates Terms of Service (likely will consider removal if adequate explanation)
EXAMPLE: Yelp › Yelp’s Terms of Service: “You may expose yourself to liability if,
for example, Your Content contains material that is false, intentionally misleading, or defamatory…”
› Yelp’s Content Guidelines: “Don't publicize other people's private information … and please don't post other people's full names unless you're referring to service providers who are commonly identified by their full names.”
56
Websites Will Remove
› Copyright, Trademark Infringement › Threats of Violence › Child Pornography › Obscenity › Impersonation › Confidential Information › Cyberbullying › Other Illegal Content
57
5. Court Order / De-indexing from Search
58
Some Websites Have Stricter Policies
59
Ripoff Report Court Order Approach
› Alternative removal technique › Obtain C.O. against online poster that says
statements are defamatory, present to search engines (fill out online form, etc.) for de-indexing links to the defamatory statements
60
Glassdoor Court Order Approach
› Removal is possible (can flag posts as “inappropriate” or contact site directly, moderators will review)
› Decisions are final: “[C]ontent decisions are within our sole discretion and we do not negotiate about our application of a guideline to our final decision as to whether or not a piece of content warrants removal”
› Court Order approach tricky: de-indexing can remove link to harmful review, but also positive reviews
61
Deletion From Google Search via Google’s URL Removal Tool
› If original source has been changed, yet offending content still appears on Google
62
6. Lawsuit
63
Lawsuits
› Lawsuit – Things to consider • Does reviewer have an ulterior motive?
› Competitor – Lanham Act/False Advertising › Ex-business partner › Personal animosity › Extortion
64
Lawsuits
› Did the client suffer damages or are damages presumed under the law? • Defamation per se: crime, falsehoods that injure one in his business.
› Act quickly – many states have one year statutes of limitations › You cannot sue the website, only the poster › Are there easier methods to stop online attacks and remove the
defamation?
65
Negative Review vs. Potential Defamatory Review
› “Based on my recent lousy experience there last Sunday, I would not recommend this place. I have received better service elsewhere and it is doubtful I come back here.”
vs. › “This company is a complete sham! They made
countless empty promises, they lied to me and stole my money. They are complete frauds! Don’t do business with these scam artists.”
66
Be Mindful of anti-SLAPP Statutes
› Many states have passed statutes to combat Strategic Lawsuits Against Public Participation (SLAPP)
› SLAPP lawsuits often filed in reaction to criticism, wishing to silence critics
› Under anti-SLAPP, judge may dismiss frivolous lawsuits filed against those exercising their First Amendment rights
› Cannot use cost, burden of defending against lawsuit to compel them to take something down; always ensure there is a legal basis for claims, have evidence prepared to survive an anti-SLAPP motion (i.e. be able to prove falsity/defamatory nature, plus damages)
67
Legal Subpoena Approach
› Before issuing a subpoena, attorney must check jurisdiction’s case law to see if issue has been addressed and if there is a viable claim
› Many courts follow the standard from (or similar to) New Jersey’s Dendrite Int’l Inc v. Doe No. 3 – plaintiffs must show: (1) An attempt to provide notice to the anonymous defendants that their
identities are being sought, and explain how to present a defense;
(2) Quote verbatim the allegedly actionable online speech;
(3) Allege all elements of the cause of action;
(4) Present evidence supporting the claim of violation; and
(5) Prove to the court the right to identify the speaker outweighs the First Amendment right of anonymous free speech
68
Legal Subpoena Tips
› You want to pick jurisdiction where you can file, also easiest to subpoena
› Federal › States (all states have different standards)
• CA: CA-licensed attorney must sign • IL: Open new matter • NJ: Follow rules of both states; need court approval in NJ
first before subpoena to another
69
7. ORM and SEO
70
ORM / SEO
› ORM – Online Reputation Management to “bury” bad results on search engines
› Most ORM post-event do not work well if damaging site is well-optimized
› Cost of clean up can be very large, often in the range of $75K+ per keyword
› Many attacks impact multiple keywords and Google Google Suggests.
71
8. Crisis Response
72
Crisis Response
Today’s crisis realities: › 24/7 real-time news cycle › Everything is public › Not everyone fact-checks › Everything has viral potential
73
Crisis Response
Challenges: › Getting ahead of the story and becoming the
narrative of your own crisis. › Being the credible source of information › Meeting real-time demand › Regaining control
74
Crisis Response
The sooner you detect and respond to a threat, the sooner you regain control
75
Crisis Response
76
Crisis Response
Understand who your audiences are and what they expect from your organization
77
Crisis Response
Today’s expectations include: › Real-time communications › Two-way communications › Honesty, transparency › Credible source of information › Sincerity and compassion
78
Crisis Response
So important! Plan ahead and work together.
79
Other Considerations for Handling Online Reputation Attacks
› Simply change business conduct causing negative posting
› Negative reviews can serve as great consumer research top businesses are using the information to make better business decisions
80
Issues = Opportunities
When you plan for the negative and understand expectations of audiences, you can enable your team to transform a negative situation into a positive opportunity. This is where the magic happens!
81
How to Use Outside Consultants
82
Use of Outside Consultants
Client
83
Law of the Instrument
I suppose it is tempting, if the only tool you have is a hammer, to treat
everything as if it were a nail. – Abraham Maslow (1966)
“ ”
84
Combine Knowledge of Crisis Specialists, Cyber Investigative, Legal Experts
85
Solutions are Fact-Dependent
Terms of Service
Jurisdiction
Removal Options
Available legal claims
Statute of Limitations
Potential damage
Search engine strength
Attacker characteristics
Client’s budget
Client’s risk tolerance Search engine rankings
86
Choosing Right Approach Involves Balancing of Factors
Harm Cost of Response Risk of Response
Likelihood of Success
87
The Problems and Solutions Will Be Rapidly Changing
88