Here are some of the key issues of which law firms and companies need to be aware and steps that should be considered to minimize the risk to keep everyone — and client data — safe.
Michael Bahar, Sarah Paul, Matt Gatewood and Andrew Weiner
In their consideration of possible worst-case cyber attack scenarios, organizations often focus on the various types of attacks and their relative severity. But, the worst-case scenario is not the breach, it's the reputational damage, regulatory enforcement action, the business interruption, and the inevitable litigation that follows a poorly handled breach from an unprepared organization. Given this reality, it is important to adjust planning assumptions and response scenarios to focus on addressing these drivers of post-breach exposure.
With trillions of dollars to keep watch over, the last thing we need is the distraction of costly litigation brought on by patent assertion entities (PAEs or “patent trolls”), companies that don’t make any products but instead seek royalties by asserting their patents against those who do make products.
Technology allows attorneys to keep informed so they can help their clients understand the potential impact on their company.
The Pennsylvania Supreme Court enlivened the Thanksgiving holidays of privacy lawyers in 2018 with its decision in Dittman v. UPMC, which held that an employer has a legal duty to exercise reasonable care to safeguard employees’ personal information. While the scope of the decision technically was confined to the employer-employee relationship, the court’s reasoning implies that such a duty of reasonable care may arise in any scenario where one party engages in the collection of personal information.
Chris Cwalina, Steven Roosa and Tristan Coughlin
Advanced Persistent Threat (APT) intrusions are sophisticated cyber-attacks carried out by well-funded and organized cyber-criminals. The attacks are designed to establish persistence using various tactics, techniques and procedures that are intended to avoid detection and mimic authorized activity in the environment, known as “living off the land.”
David M. Stauss and Malia Rogers
Florida lawmakers have introduced companion bills in the Florida House (HB 963) and Senate (SB 1670) that would create limited online privacy rights and obligations in the state. The legislation appears to be very similar to the Nevada Online Privacy Protection Act, which was amended last year to add a right to opt-out of sales of covered information.
Congress passed the Defend Trade Secrets with much fanfare, touting its potential to curtail both domestic and cross-border theft of American ingenuity and technology. The DTSA offers a unique and powerful remedy to aggrieved parties in their efforts to curb trade secret misappropriation: ex parte seizure of property containing trade secrets. This article provides a brief overview of DTSA seizure orders and discusses e-discovery considerations in connection with those orders.
AI is in many ways still in its infancy, and it’s important to realize that platforms utilizing this technology are heavily dependent on constant human interaction and training.
Part Two of a Two-Part Article
Cybersecurity Law & Strategy partnered with our ALM sibling Legaltech News to ask cybersecurity and e-discovery experts what they thought the key trends of 2019 and what they expect to see in 2020. Part Two looks at e-discovery.