-
Cybersecurity Law & Strategy
AI Regulation in the U.S.: What’s Coming, and What Companies Need to Do In 2023
Kim Peretti, Dan Felz and Alysa Austin
Part One of a Two-Part Article
Despite the steady growth of global AI adoption, there is no comprehensive federal legislation on AI in the United States. Instead, the U.S. has a patchwork of various current and proposed AI regulatory frameworks. It is critical for organizations looking to harness this novel technology to understand these frameworks and to prepare to operate in compliance with them.
Read More ›
-
Cybersecurity Law & Strategy
Best Practices in Second Request Document Review: How to Execute An E-discovery-Based Plan
Jessica Robinson and Amit Dungarani
Part 2 of a Two-Part Article
Part 1 of this article discussed approaches to managing second requests using core project management principles that allow you to control the timeliness, cost, and quality of your organization’s response. This follow-up looks at the pragmatics of strategizing and executing a successful plan.
Read More ›
-
Cybersecurity Law & Strategy
The Increasing Challenges of Verification on Social Media
Christine Au-Yeung and Chidera Dawodu
The recent flurry of online impersonators, ranging from accounts posing as President Joe Biden to the pharmaceutical company Eli Lilly, exposes the challenges of social media platforms’ verification and authentication processes. These events show that monitoring and policing trademark infringements and right of publicity violations can be increasingly difficult in the social media context.
Read More ›
-
Cybersecurity Law & Strategy
Successful Hybrid Plans Offer ‘Best of Both Worlds’
Anthony Davies
We're seeing is a variety of successful measures that are designed to help attorneys get what they want: a best-of-both worlds scenario where they keep some work-from-home and fold-in an opportunity to intentionally connect and collaborate with colleagues in the office.
Read More ›
-
Cybersecurity Law & Strategy
The Future of AI Is More Ironman than Terminator
Cat Casey
Many fear cyborgs stealing corner offices from rainmakers, that the future will be Robolawyers instead of humans. The reality is that the most powerful AI today, when applied to complex areas like legal, is more reliant on human interaction, not less.
Read More ›
-
Cybersecurity Law & Strategy
U.S. Supreme Court Will Hear Political Football Section 230 Case — Why This One?
Bruce Heiman
The Supreme Court has decided in the context of national security to consider the parameters of, and possible limits to, “Section 230” liability protections for social media companies. The question is why this case? The Supreme Court has decided to accept a case that, while sounding narrow and technical, actually goes to the heart of the way many Internet platforms operate — algorithmic targeted content recommendations.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: The Attorney-Client Privilege Purpose Requirement and E-Discovery
Kelly Lavelle
On Jan. 9, the U.S. Supreme Court heard oral argument on whether the attorney-client privilege protects against disclosure of dual-purpose communications — where the communications contain both legal and nonlegal advice.
Read More ›
-
Cybersecurity Law & Strategy
Live Webinar: The Crypto Landscape Post-FTX
CLS Staff
On Feb. 15 at 4 p.m. ET, Cybersecurity Law & Strategy will present a complimentary live webinar titled “The Crypto Landscape Post-FTX.” The presentation will cover the current status and near-future outlook for the blockchain (crypto) sector.
Read More ›
-
Cybersecurity Law & Strategy
Typically Uncommon: Defending Class Action Certification in Data Breach Litigation
Brian E. Middlebrook, Tyrik Jiang, John T. Mills and Joseph Salvo
The most common questions and key elements of a negligence claim are whether the defendant breached a duty of care, whether there is any injury as a result of the defendant’s breach of any purported duty of care, and whether the defendant’s alleged breach caused the plaintiff any damages. While these essential questions and elements apply with equal force in data breach litigation, the difficult question to answer in these cases is “what is the value, if any, of your injury or damages?”
Read More ›
-
Cybersecurity Law & Strategy
A Legal CIO’s Guide to Technology Procurement In 2023
Ted Theodoropoulos
For a legal CIO, one of the key responsibilities is to establish that the organization has the right technology in place to support its operations and achieve its business goals. This can be challenging, as there are many factors to consider when choosing new technology for your organization. One bad decision can have a material impact on not only the bottom line, but on the ability of your firm to compete in an ever-changing legal market.
Read More ›
-
Cybersecurity Law & Strategy
Best Practices In Second Request Document Review: Eliminating the Fear Factor
Jessica Robinson and Amit Dungarani
Part One of a Two-Part Article: Challenges and solutions in document review
HSR second requests have become increasingly common in mergers or acquisitions that meet the premerger reporting threshold, which in 2022 was a transaction value of more than $101 million. The burdens of complying with second requests are onerous. The mere thought of undergoing such an exercise tends to strike fear in the heart of the legal department. In this article series, we’ll outline the major challenges of second requests, suggest strategies to overcome them, and discuss how to face a second request with equanimity and confidence.
Read More ›
-
Cybersecurity Law & Strategy
Innovating Hybrid: Empathy and Iteration
Alaa Pasha
Recognizing that this is a time of innovation, one way law firms can ‘prepare for a future we can’t yet see’ is through leveraging two key levers: the need for empathy and iteration.
Read More ›
-
Cybersecurity Law & Strategy
What’s In Store for the Blockchain Industry In 2023?
Chris Sloan and Justin Daniels
The FTX bankruptcy caps a very difficult 2022 for the entire blockchain industry, spanning exchanges to decentralized finance to non-fungible tokens (NFTs). Blockchain and crypto skeptics are shouting “I told you so,” while investors watch billions of investment dollars evaporate under the harsh light of the bankruptcies of Celsius, Compute North and now FTX.
Read More ›
-
Cybersecurity Law & Strategy
Is Asking E-Discovery Vendors for Indemnification for Data Breaches Provide Security of Clients’ Data?
Cassandre Coyer
Threats of cyberattacks have not only made legal professionals more wary — especially as legal teams in firms and in-house are increasingly the target of cyber hackers — but it has also changed their relationship with vendors.
Read More ›
-
Cybersecurity Law & Strategy
Privilege Logs: Strategy, Best Practices and Practical Advice
Bansri McCarthy, Leonard Impagliazzo and Tara Lawler
This article provides an overview of the different types of privilege logs, lays out best practices for negotiating ESI or privilege-log protocols, and discusses other issues that can occur with privilege logs in e-discovery.
Read More ›
-
Cybersecurity Law & Strategy
Data Minimization Meets Defensible Disposition: Just Say No to ROT and Over-Retention of Personal Information
Martin Tully and Nick Snavely
Like a good diet and regular exercise for the body, data minimization and routine, defensible purging of outmoded documents are essential to maintaining healthy organizational information hygiene.
Read More ›
-
Cybersecurity Law & Strategy
Leaning on Trusted Partners to Drive Legal Tech Adoption and Avoid Failed Implementation
Mark Wilcox
Turning to familiar, trusted partners to help navigate the unruly waters of change management, adoption and an ocean of new legal technology options.
Read More ›
-
Cybersecurity Law & Strategy
FTX Bankruptcy Sends Tremors Through Crypto Regulation
Steven Salkin
The sudden and spectacular crash of crypto-exchange FTX will send long-lasting tremors through both the nation’s financial regulatory and bankruptcy landscapes.
Read More ›
-
Cybersecurity Law & Strategy
Attorneys Can Have Their (Hybrid) Cake and Eat It, Too
AshLea Allberry
Lawyers, especially young lawyers, want to work from home. But there are downsides, such as a decrease in networking and personal relationships. How can technology help balance these out so that attorneys and law firms can have their cake and eat it too.
Read More ›
-
Cybersecurity Law & Strategy
Online Harassment In the Workplace
Jonathan Bick
As businesses expand their use of augmented reality games for the purpose of meeting and recruitment, internet harassment has become more prominent, particularly workplace sexual harassment.
Read More ›
-
Cybersecurity Law & Strategy
A New Stage for Online Copyright Infringement Disputes
Robert E. Browne and Michael D. Hobbs
Copyright holders would be well advised to familiarize themselves with the Copyright Claims Board for resolving copyright infringement claims and to consider its benefits and potential downsides in bringing or defending copyright infringement actions.
Read More ›
-
Cybersecurity Law & Strategy
Cyber Insurance Costs Are on the Rise, But Law Firms Can’t Afford to Forgo It
Rhys Dipshan
While law firms are feeling first-hand the impact of a cyber insurance market struggling to stabilize, the full extent of all the changes have yet to fully hit home.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Twitter’s Future and E-discovery
Cassandre Coyer
Whether Twitter’s doomsday is coming is still uncertain. But the threat of loss of years’ worth of companies’ data could be the impetus behind testing collection tools and reevaluating e-discovery processes.
Read More ›
-
Cybersecurity Law & Strategy
Incident Response Plans and Tabletop Exercises May Be A Waste of Time
Larry Gagnon
Developing and delivering an IRP or TTE to improve the effectiveness of your incident response approach, in isolation, does not work. If your incident response preparation activity does not include some fundamental tactical actions, when the time comes and your house is on fire, your breach response will fail to meet your expectations.
Read More ›
-
Cybersecurity Law & Strategy
Hot Button Enforcement Issues In the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part Four In a Series
The conclusion of the series on Canada’s recently introduced Consumer Privacy Protection Act looks at hot button enforcement issues in the Act.
Read More ›
-
Cybersecurity Law & Strategy
The Great Resignation and Its Impact on Legal Department Contract Workflows & KM
Shanil R. Vitarana
Like other organizations, including law firms, in-house legal departments have not been spared from the “great resignation.” Lawyers and professionals across all industries are actively seeking new opportunities for a host of reasons including better pay, better culture and better balance. When they leave, they take with them not just their talent but the institutional knowledge they’ve accumulated, while their former team members are left to piece things together.
Read More ›
-
Cybersecurity Law & Strategy
Arm Yourself Against Crypto Regulatory Uncertainty
Kristin L. Burnett
The promise that the crypto and digital assets markets bring comes bundled with uncertainty — especially on the regulatory front. Until jurisdictions adopt unified and consistent frameworks that account for the unique facets and features of cryptocurrencies, institutional investors and other market participants must keep abreast of ever-changing, dynamic laws to avoid sanctions and fines.
Read More ›
-
Cybersecurity Law & Strategy
Courts Strictly Construing Cyber Insurance Policies, Finding Coverage Is Narrow
Ella Shenhav and Eric S. Adams
In several recent cases, companies with cyber insurance discovered that provisions in these policies led their insurers to limit coverage. Courts have been strictly construing cyber policies, and have found that the coverage provided is narrow. These decisions hinged upon whether an event constituted a covered “direct” loss and whether intervening actions precluded coverage, like an employee responding to fraudulent communications.
Read More ›
-
Cybersecurity Law & Strategy
Evolution of the Standing Requirement In Data Breach Class Actions
Sean C. Coughlin, Vivian B. Isaboke and Akum K. Singh
As the landscape of cybersecurity and data privacy continues to evolve, so do the requirements needed to establish standing in regard to the type of harm suffered as a result of a data breach. Moreover, there has been a shift in the requirements needed to hold an organization legally and financially responsible for data stolen during a data breach.
Read More ›
-
The Bankruptcy Strategist
Cybercrime and Bankruptcy: The Crypto Winter
Sean J. Coughlin and Vivian B. Isaboke
It comes as no surprise that the crypto winter has reinforced the perception of critics that digital currencies are “risky, flawed and unproven digital financial instruments.” This article analyzes the state of the cryptocurrency market and examines the impact of cybercrimes and crypto bankruptcies on the current market.
Read More ›
-
Cybersecurity Law & Strategy
The Information Governance Groundhog Day Syndrome
Ben Schmidt and Nathan Curtis
Security and privacy start with good information governance, and for many firms — trying to get their information governance policy implemented feels a lot like Groundhog Day. Yes, the one with Bill Murray. Let’s take a closer look.
Read More ›
-
Cybersecurity Law & Strategy
Compliance for Privacy Officers on the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part Three In a Series
Part Three continues the analysis of new compliance requirements in Canada's new Consumer Privacy Protection Act, including the content of organizational privacy policies and anonymization of personal information policies, and business transaction policies contained in the Act.
Read More ›
-
Cybersecurity Law & Strategy
Are We Over Thinking Office Return Strategies?
Anthony Davies
Routines based around ‘work from home’ are calcifying, and commuting, parking, sandwich shops and childcare are fading into distant memory. With each passing week, the challenge to win attorneys back into the office increases.
Read More ›
-
Cybersecurity Law & Strategy
In Digital-First Landscape, All Data Is At Risk
Steve Whiter
With hybrid and remote working practices having become the norm, lawyers communicate through messaging applications — including on personal devices — and firms are using innovative technologies in novel ways as they adopt digital means of working. In this digital-first landscape, all data is at risk. The good news is that new security solutions offer law firms a range of new tools to counter this threat.
Read More ›
-
Cybersecurity Law & Strategy
EU Releases Attempt At Comprehensive Cybersecurity Legislation
Cassandre Coyer
The European Union released its first attempt at a comprehensive cybersecurity legislation, the Cyber Resilience Act — and its impact on the technology market could be far-reaching.
Read More ›
-
Cybersecurity Law & Strategy
Can Regulation Provide Stability Through ‘Cryptocurrency Winter’?
Sean J. Coughlin and Vivian B. Isaboke
It comes as no surprise as we enter the second half of the year that the crypto winter has reinforced the perception of critics that digital currencies are “risky, flawed and unproven digital financial instruments.” This article examines the impact of cybercrimes and crypto bankruptcies on the current market.
Read More ›
-
Cybersecurity Law & Strategy
The Meaning of the 'War Exclusion Clauses' In Cyberinsurance
Isha Marathe
The Eastern European conflict is already adding stress to already strained domestic relationships in the U.S. — between businesses and cyber insurance companies. As businesses face more cyberthreats than ever before, many are seeing higher premiums. Meanwhile, insurance companies are looking for ways to skirt coverage obligations that end up proving far too expensive
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Duty to Preserve ESI of Hybrid-Driven Collaborative Tools
Kimbrilee M. Weber and Julien M. Baumrin
With heightened ease of use and convenience comes a duty for businesses and organizations to employ best practices regarding their responsibilities in maintaining the electronically stored information (ESI) that these applications create.
Read More ›
-
Cybersecurity Law & Strategy
Avoid Making Tech Decisions In Crisis Mode
Tomas Suros
Some law firms are realizing that the hasty, though necessary, decisions made to facilitate remote work should be revisited or undone. Many of the tools implemented in an emergency are insufficient to withstand the increasing cybersecurity threats law firms are facing today. The good news, though, is that it’s not too late to implement the right tech to protect your firm.
Read More ›
-
Cybersecurity Law & Strategy
Why Collaborate: The Future of Legal Services Is Human
Joey Seeber
It is no surprise that in this environment many lawyers are prioritizing qualitative factors, such as work-life balance and feeling appreciated and recognized at work, rather than compensation alone when choosing where to work. Why is it no surprise? Because many of their employers began valuing quality over quantity with their ALSPs years ago. And this shift might do even more for your organization.
Read More ›
-
Cybersecurity Law & Strategy
A Compliance Briefing for Privacy Officers on the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part Two In a Series
Part One of this series introduced the history of Canada’s recently introduced Consumer Privacy Protection Act and reviewed the similarities with GDPR, such as data portability, the right not be forgotten, codes of practice, and a safe harbor provision. Part Two analyzes the new compliance requirement of valid consent.
Read More ›
-
Cybersecurity Law & Strategy
New Technologies Make for a Shifting Definition of ‘Technical Competence’
Tinamarie Feil
While new and/or improving technologies may be challenging, they likely also present new opportunities which can facilitate delivering the best services at the best cost. Some solutions can be handled directly by law firms — but others will require the courts to approve, and, perhaps, even change of procedures to get with the times.
Read More ›
-
Cybersecurity Law & Strategy
Franchisors and Franchisees Make for Easy Cyber Targets
Marc Lieberstein and Raymond Aghaian
We are increasingly hearing about security breaches, data leaks and other kind of data theft in the franchise world. This is because frequently the franchise systems operate as a connected mass of franchisees all of whom collect, store and transmit a diverse array of consumer and personal data to the franchisor. In other words, franchisors and franchisee make a nice easy target for cyber theft.
Read More ›
-
Cybersecurity Law & Strategy
Jurisdictional License Requirements and Disparate Laws Are Hindering Law Firms’ Fight Against Cybercrime
Isha Marathe
Some cybersecurity experts think the structure of law in the U.S. itself means that truly fighting against growing threat actors is a losing game. Take, for example, the fact that attorneys are largely limited by jurisdictional licensure requirements. While on the other hand, bad actors are often organized, unsaddled by jurisdictional challenges, and able to function as a large decentralized group.
Read More ›
-
Cybersecurity Law & Strategy
Will Other States Follow NY’s Lead on Requiring Cybersecurity CLE?
Cassandre Coyer
New York has become the first state to add a requirement mandating that lawyers take legal education courses in cybersecurity, privacy and data protection. As cyberthreats will likely continue to both grow and evolve in sophistication, attorneys expect this requirement to be only a first step, with more states likely to soon follow.
Read More ›
-
Cybersecurity Law & Strategy
Text Messages In E-Discovery
David Horrigan
This article looks beyond conspiracy theories and Secret Service slip-ups — or subterfuge, depending on one’s perspective — to take a look at the law and technology of texts in e-discovery.
Read More ›
-
Cybersecurity Law & Strategy
Data Rights, Data Duties, & Data Risks: The American Data Privacy and Protection Act
Rita W. Garry
While the ADPPA represents compromises between Democratic and Republican leadership of the U.S. Senate and House of Representatives, particularly around the thorny issues of state law preemption and private rights of action, there are other legislative and big tech industry players pushing their own agendas for comprehensive national data privacy and security frameworks.
Read More ›
-
Cybersecurity Law & Strategy
Not Just Your Same Old Privacy Legislation: A Compliance Briefing for Privacy Officers on the New Canadian Consumer Privacy Protection Act
John Beardwood and Shan Arora
Part One In a Series
This article, which reviews the Canadian Consumer Privacy Protection Act, first seeks to identify the delta between the Act and PIPEDA in order to allow privacy officers of organizations that are already PIPEDA compliant to identify the net new compliance requirements under the Act and second, to highlight the provisions of the Act which, if breached, could lead to the imposition of significant fines.
Read More ›
-
Cybersecurity Law & Strategy
Data Privacy and Security Considerations for Mobile Health App Developers and Their Counsel
Angela Matney
In light of the evolving legal and regulatory landscape, app developers and their counsel should examine developers’ privacy and security practices and take steps to safeguard sensitive data related to reproductive health.
Read More ›
-
Cybersecurity Law & Strategy
California’s Latest Privacy Rulemaking Proposes Further Obligations for Businesses
Kyle Fath, Alan Friel, Shea Leitch and David J. Oberly
While the the California Privacy Protection Agency kicked some of the more difficult issues down the road for further consideration, its first draft of proposed Regs is quite comprehensive with respect to the issues addressed. The authority for some of what is proposed is questionable and will likely be challenged in comments, if not judicial action, if such provisions become final.
Read More ›
