Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
Let’s consider a familiar fact pattern: a global ecommerce retailer, Plate Co, experiences a data incident as a result of a successful phishing attempt by a bad actor. The bad actor is able to access a server containing over 20 years of customer data. The incident is publicized on the dark web, which results in millions of customer data sets being made public, with a note that it was taken from Plate Co. As the company begins to investigate the incident, they realize that no one in the company knew that the data sat on the server that was accessed by the bad actor. The purchase history for some customers is from 2004, and includes credit card numbers and mailing addresses. The company expands its assessment of its systems and finds that they have been retaining other data, including email and the data for former employees, going back many years and have not been implementing any retention or disposal on that data. Concerned about the results of its investigation, and a potential FTC inquiry, the company decides that it must start to minimize its retention of data across the company. The company is also involved in a number of litigations and regulatory investigations that require it to preserve relevant data, including data going back several years. The company knows that it must take action, but is unsure where or how to start. In the meantime, the status quo persists and the data retained by the company continues to compound.
Continue reading by getting
started with a subscription.
Digital Dibs: Rival Views of Generative AI Copyrights
By Greg Moreman
GAI platforms like ChatGPT and OpenAI often require very little human input, shattering this legal landscape’s framework by posing a simple question: Who authored the material? We’ll explore how two countries are answering this question in different ways.
Empowering Legal Professionals: Navigating AI Solutions for Efficiency and Data Security
By Michael T. Murray and Tony Donofrio
Integrating AI tools into legal practice without compromising the security of sensitive client information is a paramount concern. In this article, we’ll examine how AI is revolutionizing certain aspects of legal work, while offering best practices for employing these technologies and providing guidance for legal professionals in selecting the right AI products and service providers.
Pitfalls In Personal Device Data Collection
By Marjorie Peerce and Marguerite O’Brien
The increasing frequency of “bring your own device” policies creates serious implications for subpoena recipients and litigants to ensure compliance with discovery demands. And courts across the country consider such personal mobile data fair game. To avoid pitfalls —and sanctions — counsel must take proactive steps to ensure proper preservation and collection of personal mobile data and verify that clients comply.
Washington My Health My Data Act FAQs: Data Subject Rights
By Amy de La Lama and Andrea Rastelli
Like so many other features of the MHMDA, data subject rights are deceptively complicated and have the potential to create significant administrative hurdles to getting it right. In this article, we examine the tricky issues in our MHMDA FAQs and take a deep dive into data subject rights.