Michael Bahar, Sarah Paul, Mary Jane Wilson-Bilik and Ali Jessani
While legislation to enhance data privacy rights and obligations continue to make headlines, regulators and legislators are also stepping up their cybersecurity expectations. In the first half of 2019, a number of states have updated their existing data breach notification laws and passed new cybersecurity requirements.
Bring Your Own Device is one of the biggest compliance-related issues companies face today, and when it comes to security risks, law firms are prime targets. Considering law firms are built on their reputation, firms must make every assurance that the technology they use will protect their data.
F. Paul Greene
Defines Data Breach and Requires Data Security Controls
New York has brought itself into line with a number of states concerning how they define a data breach, and, where applicable, what substantive security controls they require.
Websites with embedded Facebook “like” buttons must inform users their data will be collected and processed by the social media giant, the Court of Justice of the European Union has ruled.
For businesses that own such a device, or for individual employees who might have a personally owned one on their office desk, the question of who owns any recorded data remains murky.
Approximately 30 states have enacted anti-SLAPP statutes, which are intended to deter lawsuits that impede the right to free speech and other related activities. New statutory language in Texas's anti-SLAPP statute specifically protects those in the entertainment and media industries, and such explicit reference should prove comfort to content creators and publishers.
Robert J. Anello and Richard F. Albert
Although increased reliance on technology such as emails and texts has provided greater opportunity to gather evidence of criminal activity, law enforcement agencies around the world complain that encryption technologies make it difficult to catch criminals and terrorists and therefore should be restricted.
A new report from the law firm of Pinsent Masons shows that there has been a high level of GDPR "over-reporting" at the U.K.'s Information Commissioner's Office, but organizations who may think they are playing it safe may actually be opening themselves up to further regulatory scrutiny.
To comply with the data side of the Outside Counsel Guidelines, firms must have a clear information governance strategy for which the firm’s use of technology systems is foundational.
The European Union has put forth an ambitious proposal for how countries can eliminate barriers to e-commerce and protect businesses and consumers engaged in online transactions. But parts of the proposal, published as part of a World Trade Organization initiative that includes the U.S. and China, are likely to face opposition.