In the News

Haynes and Boone in Law360: Class Cert. Denied In Collapsed $2.5B Hedge Fund Row

U.S. District Judge Barbara M.G. Lynn ruled Aug. 25 that class certification wasn’t warranted in the suit launched by investors Southern Avenue Partners LP and Levine Capital Ltd. alleging Perot Investments’ fund managers Steven L. Blasnik and Peter M. Karmin had lied about the risk they were taking by investing heavily in CMBS and had failed to disclose how overleveraged the CMBS investment was. >>



Recent Publications

FCC Brings Its First Data Breach Enforcement Action

The Federal Communications Commission (“FCC”) is the latest government agency to make a foray into data breach enforcement, proposing a $10 million fine against two telecommunications carriers for failing to protect the personal information of up to 305,000 consumers. >>

Key Developments in Privacy and Data Security

Cyber threats are inarguably on the rise, and regulators and law enforcement are stepping up their efforts to ensure that companies are managing personal data responsibly, creating a perfect storm of risk. More and more, our clients are asking, “What can we do to protect ourselves?” The answer? Be aware of the risks, understand the legal implications, and prepare for the inevitable. >>

CFPB Relaxes Rules Governing Privacy Disclosures

The Consumer Financial Protection Bureau (“CFPB”) announced today that it would allow financial institutions to provide their privacy notices to consumers online and would no longer require annual distribution of paper copies, provided that the institutions meet certain requirements. >>

Directors Beware: ISS Urges Ouster of Target’s Directors in the Wake of its Data Breach

Institutional Shareholder Services (“ISS”), a prominent proxy adviser, has issued a report urging Target Corporation’s shareholders to oust seven of the company’s directors for “failure to provide sufficient risk oversight” on cybersecurity. >>

Defining Foreign Government and Foreign Officials under the FCPA

Under the Foreign Corrupt Practices Act (the “FCPA”), it is unlawful for companies to bribe or make corrupt payments to officials of foreign governments or of any “instrumentality” thereof. >>



Emily Westridge Black

Associate

Austin


600 Congress Avenue
Suite 1300
Austin, Texas 78701
T +1 512.867.8422
F +1 512.867.8605

Dallas


2323 Victory Avenue
Suite 700
Dallas, Texas 75219
T +1 214.651.5221
F +1 214.200.0656

Areas of Practice

Education

  • J.D., University of Texas at Austin School of Law, 2007, cum laude, Phi Delta Phi
  • B.A., University of North Carolina at Chapel Hill, 2003, cum laude, Phi Beta Kappa

Bar Admissions

  • Texas, 2007

Court Admissions

  • U.S. Court of Appeals for the Fifth Circuit
  • U.S. District Court for the Northern District of Texas
  • U.S. District Court for the Southern District of Texas

Judicial Clerkships

The Honorable W. Osmond Smith III, Superior Court of North Carolina (Caswell and Person Counties), May-September 2002
Emily Westridge Black

Emily Westridge Black is an associate in the White Collar Criminal Defense and Privacy and Data Breach groups. Her practice focuses on defense of corporations and individuals facing federal and/or state investigations, internal corporate investigations, data breach matters, and complex business litigation. She recently completed a sabbatical with an international pharmaceutical company, where she focused on anti-corruption and Foreign Corrupt Practices Act initiatives.

Selected Client Representations

  • Lead counsel for defendants in a putative class action alleging breach of fiduciary duty, aiding and abetting, and vicarious liability in connection with the failure of a hedge fund. Defeated class certification and obtained voluntary dismissal of remaining claims.
  • Internal investigation and remediation of a data security breach of an information technology solutions company; counsel client on the company’s remediation efforts, disclosure obligations, and recourse against the former employee.
  • Internal investigation of data security breach at high profile specialty retailer that implicated payment card information and personal identifying information; counsel client on numerous post-breach issues including disclosure obligations, public disclosure, negotiation of fraud recovery and operational reimbursement fines and penalties with card brands, and related counseling regarding collateral litigation; counsel client on insurance coverage for breach-related expenses.
  • Internal investigation and remediation of a data security breach at a Fortune 200 transportation company; civil prosecution of entity responsible for the security breach.
  • Investigation of criminal spear-phishing attack used to steal funds from public oilfield services technology company; direct forensic investigation of attack; counsel client on disclosure obligations and remediation efforts.
  • Internal investigation of alleged FCPA violations made against a Fortune 200 company in connection with the construction of cross-border facilities.
  • Defense of the former CEO of an international technology company in an SEC enforcement action for options backdating.
  • Internal investigation on behalf of the audit committee of a national construction and restoration company regarding securities issues and fraud allegations.
  • Defense of an international freight forwarder under federal investigation for antitrust compliance issues.
  • Defense of a national multi-industry company in breach of warranty litigation.

Selected Publications and Speeches

  • "A Focus on Cybersecurity Litigation Risks and Liabilities," presented to the General Counsel Forum, November 6, 2014.
  • "Critical Organizational Threats Facing General Counsel," presented to the Texas Lawyer In-House Counsel Summit, November 6, 2014.
  • "A Compliance Officer’s Guide to Cyberliability and Cyber Insurance," Houston Compliance Roundtable, October 15, 2014.
  • "What You Need to Know About Cybersecurity," presented to the Better Business Bureau of Central, Coastal, Southwest Texas and the Permian Basin, September 16, 2014.
  • "A Guide to Data Protection and Breach Response—Part 2," Intellectual Property & Technology Law Journal Vol. 26, No. 8, August 2014.
  • "A Guide to Data Protection and Breach Response—Part 1," Intellectual Property & Technology Law Journal Vol. 7, No. 3, July 2014.
  • "What You Need to Know About Data Security and Cyber Insurance: Practical tips on preparing for and responding to a cyber security breach," presented to public and private company clients in the Dallas area, June 26, 2014.
  • "Understanding Privacy, Cybersecurity, and Cyber Insurance," Austin Compliance Roundtable, May 28, 2014.
  • "What Registered Entities Need to Know about Cybersecurity and Cyber Insurance," San Antonio Compliance Roundtable, May 14, 2014.
  • "Cyber Liability and Loss Seminar," presented to public and private company clients in the Austin area, April 22, 2014.
  • "2013 Year in Review: Antitrust and Business Litigation," Texas Bar Journal, January 2014.
  • "2012 Year in Review: Antitrust and Business Litigation," Texas Bar Journal, January 2013.
  • "2011 Year in Review: Antitrust and Business Litigation," Texas Bar Journal, January 2012.
  • "2010 Year in Review: Antitrust and Business Litigation," co-author with David McAtee, Texas Bar Journal, January 2011.
  • "Managing Risk: A Guide for Investment Advisers," co-author with Katherine Addleman, National Society of Compliance Professionals Southern Regional Meeting, February 2010.

Professional Leadership

  • Steering Committee of the American Bar Association's Death Penalty Representation Project
  • Executive Committee of the Board of Directors of the Dallas Mayor's Committee
  • Patrick E. Higginbotham Inn of Court, Associate (2009)

Selected Representative Experience


Internal Investigation of Data Security Breach
Internal investigation and remediation of a data security breach of an information technology solutions company; counsel client on the company’s remediation efforts, disclosure obligations, and recourse against the former employee.

Investigation and Remediation of Spear-Phishing Attacks
Investigation of criminal spear-phishing attack used to steal funds from public oilfield services technology company; direct forensic investigation of attack; counsel client on disclosure obligations and remediation efforts.

Liability for Alleged Breach of Customer Payment Card Information
Internal investigation of data security breach at high profile specialty retailer that implicated payment card information and personal identifying information; counsel client on numerous post-breach issues including disclosure obligations, public disclosure, negotiation of fraud recovery and operational reimbursement fines and penalties with card brands, and related counseling regarding collateral litigation; counsel client on insurance coverage for breach-related expenses.

Data Breach Investigation
Investigate theft of payment card data and other personal identifying information from hotel; liaise with law enforcement and payment card sponsors; draft and deliver disclosures to card processors, consumers, and regulators in domestic and international jurisdictions; counsel client regarding insurance coverage for data breach claims.

Securities and Exchange Commission v. Bartek, 484 Fed. App'x 949 (5th Cir. 2012)
Defended client Douglas Bartek, the former chairman and CEO of Microtune, Inc. in a stock options backdating case in Federal District Court and the Fifth Circuit Court of Appeals.

Data Breach Investigation and Litigation
Internal investigation and remediation of a data security breach at a Fortune 200 transportation company, including coordination with law enforcement and forensic investigators. Achieved favorable settlement of civil claims against entity responsible for the security breach.

Antitrust Counseling in Proposed Telecommunications Acquisition
Represented AT&T before the DOJ and FCC on antitrust matters related to proposed acquisition of T-Mobile USA, including pre-merger integration counseling and planning.

In re Parkcentral Global Litigation
Represent entities in a class action alleging breach of fiduciary duty and vicarious liability in connection with the failure of the Parkcentral Global hedge fund.

United States ex rel. Abbott v. BP P.L.C., BP America, Inc., BP Exploration and Production, Inc.
Representation of BP in United States ex rel. Abbott v. BP P.L.C., BP America, Inc., BP Exploration and Production, Inc. (S.D. Tex.), a False Claims Act qui tam suit involving allegations of false certifications of compliance with regulations governing defendants’ offshore oil and gas leases in the Gulf of Mexico.

SEC v. Microtune, 783 F. Supp.2d 867 (N.D. Tex. 2011)
In a stock option backdating case, won summary judgment and dismissal of all claims in action brought by the SEC against a former CEO.

Memberships

  • American Bar Association 
  • ABA Young Lawyers Division 
  • State Bar of Texas 
  • Texas Young Lawyers Association 
  • Dallas Association of Young Lawyers 

Online Publications

10/29/2014 - FCC Brings Its First Data Breach Enforcement Action
The Federal Communications Commission (“FCC”) is the latest government agency to make a foray into data breach enforcement, proposing a $10 million fine against two telecommunications carriers for failing to protect the personal information of up to 305,000 consumers.

10/24/2014 - Key Developments in Privacy and Data Security
Cyber threats are inarguably on the rise, and regulators and law enforcement are stepping up their efforts to ensure that companies are managing personal data responsibly, creating a perfect storm of risk. More and more, our clients are asking, “What can we do to protect ourselves?” The answer? Be aware of the risks, understand the legal implications, and prepare for the inevitable.

10/20/2014 - CFPB Relaxes Rules Governing Privacy Disclosures
The Consumer Financial Protection Bureau (“CFPB”) announced today that it would allow financial institutions to provide their privacy notices to consumers online and would no longer require annual distribution of paper copies, provided that the institutions meet certain requirements.

05/30/2014 - Directors Beware: ISS Urges Ouster of Target’s Directors in the Wake of its Data Breach
Institutional Shareholder Services (“ISS”), a prominent proxy adviser, has issued a report urging Target Corporation’s shareholders to oust seven of the company’s directors for “failure to provide sufficient risk oversight” on cybersecurity.

05/21/2014 - Defining Foreign Government and Foreign Officials under the FCPA
Under the Foreign Corrupt Practices Act (the “FCPA”), it is unlawful for companies to bribe or make corrupt payments to officials of foreign governments or of any “instrumentality” thereof.

05/14/2014 - Company Faces Shareholder Derivative Suit Following Series of Data Breaches
A shareholder of a major public hotel corporation recently filed a derivative suit against several of the company’s officers and directors alleging they violated their fiduciary duties, wasted corporate assets, and were unjustly enriched in connection with three separate data breaches between 2008 and 2010.

05/08/2014 - A Desk Guide to Data Protection and Breach Response - Special Series
If your business is connected to the Internet, it is vulnerable to attack, either by willful perpetrators intent on exfiltrating your proprietary or sensitive data for their own personal gain, or by casual hackers or hacktivists intending to cause damage to your business.

04/09/2014 - Court Rules that FTC has Authority to Regulate Corporate Cybersecurity
Beleaguered companies suffering from data breaches got more bad news when a federal judge held that the United States Federal Trade Commission (the “FTC”) has the authority to regulate corporate cybersecurity practices.

03/28/2014 - SEC Roundtable is Latest Sign of Cybersecurity’s Critical Importance to Businesses
On March 26, 2014, the Securities and Exchange Commission (“SEC”) hosted a roundtable to discuss cybersecurity. The roundtable focused on how cybersecurity affects markets and how public companies and other businesses should address cybersecurity issues.

03/27/2014 - A Desk Guide to Data Protection and Breach Response - Part 7
In this installment of our special series, A Desk Guide to Data Protection and Breach Response, we discuss the firestorm of litigation that can arise following a breach and provide practical guidance for preparing for the worst.

03/13/2014 - A Desk Guide to Data Protection and Breach Response - Part 5
In this installment of A Desk Guide to Data Protection and Breach Response, we discuss disclosure and enforcement actions by regulators, including state attorneys general, the U.S. Federal Trade Commission (the “FTC”), and the U.S. Department of Health and Human Services (the “HHS”), among others.

03/06/2014 - A Desk Guide to Data Protection and Breach Response - Part 4
In this installment of our special series, A Desk Guide to Data Protection and Breach Response, we discuss strategies companies should implement once they suspect a data breach has occurred.

02/20/2014 - A Desk Guide to Data Protection and Breach Response - Part 2
In this installment of our special series, A Desk Guide to Data Protection and Breach Response, we discuss how companies can create a tailor-made data security plan to limit their breach exposure.

02/13/2014 - A Desk Guide to Data Protection and Breach Response - Part 1
The news has been filled with stories of high-profile data breaches, exposing breached companies to intense and negative scrutiny from lawmakers, regulators, media, customers, and plaintiffs’ attorneys. Other companies that handle personal information have been asking us how they can avoid a similar fate. In the coming weeks, we will be exploring that issue through our special series, "A Desk Guide to Data Protection and Breach Response."

02/05/2014 - California AG Cracks Down on Timing of Data Breach Disclosures
Kaiser Foundation Health Plan, Inc. (“Kaiser”) has agreed to pay $150,000 to settle claims by the California Attorney General (the “AG”) that Kaiser’s notification to California residents regarding a breach of their personal information was unreasonably delayed. In its suit, the AG alleged that Kaiser should have provided notice as soon as it determined that particular individuals’ information had been or was “reasonably believed to have been” breached – even before Kaiser concluded its internal investigation.

01/01/2014 - 2013 Year in Review: Antitrust and Business Litigation
2013 Year in Review: Antitrust and Business Litigation

12/19/2013 - Prosecutors Obtain First RICO Conviction in a Cybercrime Case
A federal jury in Nevada recently convicted 22-year-old David Ray Camez of violating the Racketeering Influenced and Corrupt Organizations Act (“RICO”) for his association with a “carder” website, Carder.su.

12/16/2013 - The IP Beacon, December 2013
The IP Beacon is a Haynes and Boone Newsletter highlighting current issues in Intellectual Property Law.

10/02/2013 - Fifth Circuit Expansion of Cyber Liability?
The Fifth Circuit Court of Appeals recently held that a company may be liable for weak cybersecurity measures that cause another party economic injury, even if there is no contractual relationship between the parties.

09/30/2013 - The IP Beacon, September 2013
A Haynes and Boone Newsletter highlighting current issues in Intellectual Property Law.

08/15/2013 - White House Reports on Recommended Incentives for Adopting Cybersecurity Framework
The White House recently issued a report outlining potential incentives that may be available to companies that adopt the voluntary cybersecurity framework currently being developed by the National Institute of Standards and Technology.

04/25/2013 - California Man Convicted of Hacking into Former Employer’s Computer Network
A jury in the Northern District of California has convicted David Nosal of violating the Computer Fraud and Abuse Act (“CFAA”) by accessing his former employer’s computer network without authorization to obtain confidential information for use in a competing business.

04/23/2013 - SEC and DOJ Resolve Parallel FCPA Investigations through Dual Non-Prosecution Agreements
This week, the Ralph Lauren Corporation became the first company to obtain a non-prosecution agreement from the Securities and Exchange Commission in connection with a Foreign Corrupt Practices Act (“FCPA”) investigation.

04/17/2013 - California Computer Hacking Case Highlights Important Circuit Split on the Computer Fraud and Abuse Act
The computer hacking trial of David Nosal is under way in federal district court in California. The trial is being followed with interest in the business community because it is the latest development in a case that highlights an important split in the interpretation of the Computer Fraud and Abuse Act (“CFAA”) that has far-reaching ramifications with respect to liability–and protection for companies’ proprietary information.

03/14/2013 - Cyber Attacks are the Number One Threat to National Security
The U.S. Director of National Intelligence, James Clapper, advised the Senate Intelligence Committee this week that cyber attacks are the number one threat to national security.

03/12/2013 - Public Companies Increasingly Disclosing Cybersecurity Risks
An increasing number of public companies - particularly banks and financial institutions - are disclosing cybersecurity incidents in their filings with the Securities and Exchange Commission.

03/06/2013 - Texas Executive Convicted of Hacking Former Employer’s Computer Network
A federal jury in the Northern District of Texas has convicted Michael Musacchio, a former logistics company executive, of violating the federal Computer Fraud and Abuse Act.

02/28/2013 - Supreme Court Limits Government’s Ability to Seek Civil Penalties on Stale Claims
The United States Supreme Court yesterday significantly limited the federal government’s ability to bring an action for civil penalties more than five years after the alleged misconduct occurred.

02/19/2013 - President Obama Signs Cybersecurity Executive Order
President Obama recently signed an executive order focused on improving the security of the nation’s infrastructure from cyber attack.

01/01/2013 - 2012 Year in Review: Antitrust and Business Litigation
Developments in federal and Texas courts in 2012 should give antitrust and business litigators much to ponder in 2013.

11/20/2012 - DOJ and SEC Release Long-Awaited FCPA Resource Guide
On November 14, 2012, the Department of Justice and the Securities and Exchange Commission released the much-anticipated Resource Guide to the U.S. Foreign Corrupt Practices Act (the “Guide”).

01/13/2012 - Texas Bar Journal Guest Article: 2011 Year in Review - Antitrust and Business Litigation
In 2011, the U.S. Supreme Court issued a significant opinion that should narrow the scope of general jurisdiction for corporations.

07/21/2011 - Armor Holdings, Inc., Settles Foreign Corrupt Practices Act Claims with SEC, DOJ
Armor Holdings, Inc., recently resolved allegations that it violated both the anti-bribery and accounting provisions of the Foreign Corrupt Practices Act. Because of Armor’s extensive cooperation with the government, it was able to obtain a non-prosecution agreement from the Department of Justice and a settlement from the Securities and Exchange Commission.

01/01/2011 - 2010 Year in Review: Antitrust and Business Litigation
In 2010, the U.S. Supreme Court issued a significant antitrust opinion and another opinion that clarified the scope and constitutionality of the crime known as "theft of honest services." The Court also adopted important amendments to Federal Rule of Civil Procedure 26 concerning expert discovery. Finally, the U.S. Department of Justice and the Federal Trade Commission promulgated new horizontal merger guidelines.

02/08/2010 - Managing Risk: A Guide for Investment Advisers
As an investment adviser, you make your living by predicting, weighing, and ranking risks for your clients. But do you pay equal attention to the risks that you and your firm face? As we leave behind the tumultuous Aughts, now is the perfect time to revisit your compliance policies and internal controls to ensure that you are doing everything possible to safeguard your firm’s future.

01/01/2010 - 2009 Year in Review: Antitrust and Business Litigation
In 2009, the U.S. Supreme Court issued a significant antitrust opinion an another opinion of profound importance with roots in the antitrust law. At the same time, the Federal Trade Commission announced its decision in an antitrust dispute that might be interesting to anyone who has bought or sold a home recently. Finally, looking ahead to 2010, the Court is considering an appeal that may clarify when independent actors may be considered a single entity for antitrust purposes.