Editor: What is the general legal environment for business interests in the Midwest?
Kantrow: That's a very broad question, given the size of the Midwest and breadth of cases. In the Chicago area, it really depends on whether you are in state court (the Circuit Court of Cook County; DuPage County and Lake County) or federal court (the Northern District of Illinois). In the Northern District of Illinois, the environment is better for business interests than it has been in many years, given that we have had Republican-appointed judges working their way through the system for 18 of the last 26. Also, the Northern District draws from a larger, more suburban and more conservative jury pool than the Circuit Court of Cook County. Similarly, DuPage and Lake County are not bad venues for businesses as jury pools there reflect generally conservative suburban communities and the judges tend to have less bias against business interests than their Cook County counterparts.
However, it's important not to undervalue cases, even in "conservative" jurisdictions. While it is more difficult for plaintiffs to prove liability to juries here, if a conservative jury finds liability, the damage awards tend to be quite large - sometimes more so than in jurisdictions traditionally viewed as anti-business.
Editor: So, what is Cook County like for business interests?
Kantrow: Rated among the worst "hell hole" jurisdictions by the U.S. Chamber of Commerce Department's annual survey, the Circuit Court of Cook County is getting worse for businesses every year. It is one of the largest unified court systems worldwide with approximately 400 judges and 2.4 million cases filed annually. Its jurors come from Chicago and suburban Cook County communities.
With plaintiffs' attorneys pouring significant sums into circuit court judicial elections, attempts at tort reform in Illinois have failed several times. The only bright spot is that litigation expenses should be decreasing, with the cases getting resolved sooner than before.
Editor: Why are cases getting resolved quicker in Cook County?
Kantrow: There are two principal reasons. First, every year, more circuit court judges are encouraging parties to try alternative dispute resolution (ADR) -- and it's being attempted earlier in the life of a case. Second, several years ago, it typically took six-to-seven years from the filing date to get a significant case tried in Cook County. Now, it is more like four-to-five years -- the Chief Judge is directing judges to push cases through the system more quickly. It is more difficult for parties to get extensions on discovery, motion practice and trial date settings.
Editor: It sounds like businesses are better off litigating in federal court, at least in the Chicago area. What strategies do you employ to get the case heard there?
Kantrow: First of all, federal courts are of limited jurisdiction, while state courts hear practically every type of case. However, there are ways to attempt to get a case into federal court. One of the strategies we employ is to try to remove the case to federal court. This works if the lawsuit involves the Constitution or a federal statute, or the amount exceeds $75,000, the parties are citizens of different states, and our business client/defendant is not a citizen of the state where the lawsuit was filed. When cases are certain to end up in litigation, another approach is to beat our client's adversary to the courthouse steps by filing suit in federal court before they file in state court.
Editor: You practice with the firm's enterprise risks practice group, and one of the areas where you have experience is "rescue counsel" litigation. What does this mean?
Kantrow: When significant litigation is proceeding adversely in a jurisdiction hostile to business interests, clients ask us to get involved, often at the last minute. We handle a range of matters including cyber-perils, intellectual property and trade secrets, punitive damages, bad faith and unfair trade practices, product liability, toxic tort and professional liability matters throughout the country.
Editor: What do you do to protect your clients' interests?
Kantrow: We work to improve the litigation posture of the case, generally by supplementing the trial team. By taking a fresh look at the case, we devise ways to obtain favorable traction for settlement, while also aiming to refine testimony and evidence to improve the chances of prevailing at trial. We also work to preserve the trial record for post-trial motions and appeal through aggressive motion practice, including getting the matter removed to federal court, as I mentioned before.
In punitive damages and bad faith matters, this includes drafting appropriate motions asserting constitutional challenges and, if necessary, filing motions for mistrial. We also attempt to convince the court to phase the trial; i.e., segregate the punitive damages and alleged bad faith issues from the liability phase and try liability before damages. That way, the jury is not poisoned by alleged bad facts or financial data that have nothing to do with whether our client is liable.
In matters where we get involved earlier, we identify and consult with strong experts and, if needed, present them to testify at trial. If warranted, we also like to do jury science to get a flavor for how a local jury would view the case, the key witnesses and the parties' arguments. This assists our clients in selecting a jury, refining trial strategy and preparing witnesses to testify. Also, we are always thinking about whether ADR is appropriate to the case and, if so, how to get there.
Editor: What's the biggest concern, on a national level, for in-house counsel?
Kantrow: Data theft where personal and confidential data is stolen. Over the last couple of years, we have been involved in a number of data and identity theft cases presenting significant exposure to our clients.
Editor: What are some examples of data theft?
Kantrow: A recent well-publicized case involved the largest known theft of credit-card numbers (approximately 46 million) from TJX company, parent of Marshalls. As the Wall Street Journal recently reported, investigators believe the hackers used a telescope-shaped antenna and a laptop computer to obtain and decode credit card data transmitted between price-checking devices, cash registers and the store's computers. The perpetrators used this information to hack into TJX's central database to obtain customer's personal information. Obviously, this sort of data theft would be relatively easy to replicate, absent careful and effective data security.
Another example involves a health care matter. In that case, a patient billing system connected via the Internet to major insurers was hacked and patients' personal medical data was accessed. While tech personnel reported the incident to the risk manager, the system's structure didn't permit the company to determine what data was breached. This example shows how important it is for companies to track data intrusions accurately and identify specifically which data was accessed.
While I could cite numerous other data theft examples, the last involves a case where personal data of nearly 150,000 individuals was stolen from a verification service provider. The theft was discovered quickly, but law enforcement requested that the service provider delay notifying the persons impacted - to permit law enforcement to investigate and attempt to catch the perpetrators. It wasn't until four months after the theft was discovered that the impacted persons were notified. Thus, while the service provider complied with law enforcement, it was exposed to statutory and tort liability. This problem is likely to happen repeatedly, but there are steps that companies should take to limit their exposure.
Editor: What do you mean by statutory and tort liability as they relate to data theft cases?
Kantrow: There are two common forms of liability in data theft matters: statutory and tort. In some cases, criminal laws also may be triggered. Statutory exposure arises from failure to comply with statutes. At least 34 states have data theft notification laws requiring businesses to notify customers when there has been an unauthorized breach of personal information. Depending on the situation, there are a number of federal statutes that can apply as well. Statutory compliance can be very expensive. Some states also are considering enacting laws to minimize the risk of breaches by requiring businesses to safeguard personal information. California already has enacted such a statute.
Tort exposure can develop from breach of duty of care, resulting in injury/damage to another and stemming from abuse of technology systems. In the last few years, we have seen an upswing in data and identity theft lawsuits against businesses. As reported recently in the Wall Street Journal, in the first four months of 2007 alone, there have been about 100 federal lawsuits seeking class-action status against retailers for printing too many digits of credit card information on customer receipts. Many businesses do not have the right kind of insurance policies to defend and indemnify them for this exposure.
Editor: What type of insurance policies should businesses have to protect them?
Kantrow: It really depends on the business. There are a variety of cyber-peril, data theft and privacy protection policies available to businesses. In fact, Cozen O'Connor was involved in developing one of the first such cyber-peril policies many years ago. The policies today are quite specialized and tailored to specific industry areas - businesses should evaluate their risks and determine the right fit for them.
Editor: What positive trends in the legal environment are you seeing for businesses?
Kantrow: Tort reform seems to be gaining ground at the state level, where judges and juries have historically been overly generous to plaintiffs. Federally, the 2005 Class Action Reform Act should help curtail multi-million dollar class action lawsuits against businesses by putting more putative class action cases in federal versus state court. The landscape is sure to evolve. Whether you're in the Midwest or elsewhere, having a strong, proactive legal strategy is key.