LEGAL
Companies are increasingly looking to network devices, products and facilities through the internet (Internet of Things or IoT), both for consumer products and internal business operations. While the automation of business processes and controls through IoT technology can result in significant efficiencies, counsel must assess the associated legal risks.
Key issues for counsel to consider in enterprise IoT implementation include:
Counsel need to address these risks in negotiating IoT arrangements and reevaluate their clients' insurance coverage and business continuity plans, particularly for mission-critical processes.
For more information on the FTC's report on the risks of the IoT, see Legal Update, FTC Releases Internet of Things Report.
Recent case law developments could complicate, or even prevent, some non-consensual out-of-court restructurings for companies planning to conduct exchange offers or restructurings involving registered debt.
Two recent cases in the US District Court for the Southern District of New York have adopted a broad interpretation of Section 316(b) of the Trust Indenture Act of 1939 (TIA). The two cases, Marblegate Asset Management v. Education Management Corp. and MeehanCombs Global Credit Opportunities Funds, LP v. Caesars Entertainment Corp., both involved elimination of parent guarantees without 100% debtholder consent.
In Education Management, the court denied the plaintiffs' motion for a preliminary injunction seeking to block a restructuring. However, it stated in dicta that it believed the plaintiffs would likely succeed on a claim that the restructuring would violate the TIA. The court rejected a common, narrow reading of Section 316(b) that it simply protects a legal entitlement to demand payment. Instead, the court reasoned that it is a broad protection against non-consensual debt restructurings, creating a substantive right for each debtholder to actually obtain payment.
In Caesars, the court quoted and relied on Education Management in its central holding. The Caesars court denied a motion to dismiss on the grounds that the defendant was not in payment default and the TIA only protected a legal right to receive payment. The court agreed that removal of the parent guarantee would leave the plaintiffs with an empty right to assert a payment default against an insolvent issuer. This is the case even though the guarantee removal was allegedly permitted under the indenture's amendment provision. The Education Management court also stated that Section 316(b) “was intended to force bond restructurings into bankruptcy where unanimous consent could not be obtained.”
These cases may have the effect of empowering minority and dissenting debtholders. The broad reading of Section 316(b) complicates and may limit the ability of issuers and majority debtholders to conduct non-consensual out-of-court restructurings. The decisions raise the question of at what point does an indenture modification without consent in a restructuring impair the ability to obtain payment. Dissenting debtholders may now be quick to argue that a particular modification violates Section 316(b) and find it easier to hold out.
For more information on debt restructuring generally, see Practice Note, Methods of Restructuring Outstanding Debt Securities.
With cybersecurity breaches becoming more common, counsel should carefully consider how responsibility, leadership and coordination regarding cybersecurity issues are structured within the management team and how that translates into increased focus from the board.
Given the recent breaches, the corporate governance community is increasingly concerned with adequately assessing and disclosing cybersecurity risks. These risks include financial and reputational harm, regulatory action and litigation. While management is generally responsible for identifying, assessing and monitoring cybersecurity risks, the extreme harm that can come from a breach has forced boards to increase their oversight of these issues.
While the board's focus will almost certainly be on the company's principal information security or IT officer, it is important for counsel to be sufficiently knowledgeable and prepared to provide advice to the board and answer any questions that the board may have.
While the technical nature of cybersecurity issues can make it difficult to obtain a deep understanding of the company's cybersecurity framework, many of the serious risks posed by breaches are in areas where boards may be better suited to have discussions with counsel.
If the principal information security or IT officer reports to another c-level executive, counsel should at a minimum:
For more information on the board's role in addressing cybersecurity risks to the company, see Article, Board Oversight of Cybersecurity Risks.
This look at the major issues on the horizon for corporate counsel comes from Practical Law – an online legal know-how service. View all the looming issues now – compliments of Practical Law The Journal, which covers the latest transactional and compliance topics that impact your practice. To gain access to more related know- how resources, please visit us.practicallaw.com.
-->
