Archive:26 November 2013

By: R. Bruce Allensworth, Brian M. Forbes, Robert W. Sparkes, III

The West Virginia Supreme Court of Appeals recently issued a decision addressing mandatory arbitration in connection with a residential mortgage loan that will impact litigants in the Mountain State and potentially influence cases beyond its borders. In a putative class action entitled State of West Virginia ex rel. Ocwen Loan Servicing, LLC v. The Honorable Carrie Webster, Judge of the Circuit Court of Kanawha County, West Virginia; Robert L. Curry and Tina M. Curry, Individually and on behalf of a Similarly Situated Class (“Curry”), the Court considered whether the federal Dodd-Frank Act’s prohibition of mandatory arbitration agreements in residential mortgage loans could be applied retroactively to an arbitration agreement entered into almost four years before the Dodd-Frank Act was enacted. The few courts that had previously addressed the retroactivity of related arbitration prohibitions contained in the Dodd-Frank Act had reached conflicting outcomes. Addressing the issue head on, the highest appellate court in the state of West Virginia has now stated its view that the Dodd-Frank Act’s arbitration prohibition does not apply to a residential mortgage executed prior to its enactment. The Court then found the arbitration agreement at issue, and the class action wavier included therein, valid and enforceable under West Virginia state law.

To read the full alert, click here.

By: Roberta D. Anderson, Bruce J. Heiman, David A. Bateman

On October 22nd, the National Institute of Standards and Technology (NIST) released its long-anticipated Preliminary Cybersecurity Framework for public review and comment. The Cybersecurity Framework was issued in accordance with President Obama’s February 19th Executive Order 13636, Improving Critical Infrastructure Cybersecurity, which tasked NIST with developing a Cybersecurity Framework “to reduce cyber risks to critical infrastructure.” At a very high level, as its name indicates, the Cybersecurity Framework provides a framework for organizations to achieve a grasp on their current cybersecurity risk profile and risk management practices, to identify gaps that should be addressed in order to progress towards a desired “target” state of cybersecurity risk management, and to internally and externally communicate efficiently about cybersecurity and risk management.

Although applying to organizations in critical infrastructure, the Cybersecurity Framework may be used by any organization as part of its effort to assess cybersecurity practices and manage cybersecurity risk. This Alert discusses the Cybersecurity Framework’s risk-based three-part approach, Framework implementation, and incentives.

To read the full alert, click here.