-
Cybersecurity Law & Strategy
Safeguarding Your Intellectual Property
Matthew Calcagno
The documents that a firm produces are its greatest asset, yet firms historically have not made sufficient efforts to safeguard those documents from both internal and external threats. Law firms have typically had an open-door approach to document access. This means that anyone in your firm can likely access any document at any time, leaving your firm’s intellectual property entirely unprotected.
Read More ›
-
Cybersecurity Law & Strategy
What Is the Appropriate Statute of Limitations Period for BIPA Claims?
Sean Wieber, Patrick O’Meara and Eric Shinabarger
The BIPA compliance lag has led companies using or collecting biometric information to consider how far back their liability may extend. The Illinois General Assembly, however, did not include an explicit statute of limitations period in BIPA. As a result, the statute of limitations has become one of BIPA’s primary battlegrounds as litigants argue about potential class sizes and damages awards.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask — 100 Days Out
Alan L. Friel
Part Two of a Two-Part Article
Part One of this article, last issue, covered how the CCPA applies to businesses — both in and outside California, the revenue threshold, proposed amendments and other open issues. Part Two continues with the rights that CCPA grants to Californians, the CCPA’s impact on company privacy policies, how other states’ privacy laws compare to the CCPA, exceptions and penalties for violating the Act.
Read More ›
-
Cybersecurity Law & Strategy
As Hackers Get Smarter, Can Law Firms Keep Up?
Christine Simmons and Xiumei Dong
“It’s Not the Hardware You Worry About, It’s the Mistake That Someone Makes That Inadvertently Gives a Bad Actor Access.”
The legal industry has poured significant resources into cybersecurity, leading to huge leaps in progress in the last decade. But there are areas where large and small law firms can do much better in preventing and reacting to data breaches, and the legal sector may risk falling behind other industries. That’s partly because hackers are learning how to circumvent law firm security systems, leading to a continuous game of cat and mouse.
Read More ›
-
Cybersecurity Law & Strategy
New Study Shows Which States Lead in Privacy Protection Laws
Sue Reisinger
General counsel who navigate the mishmash of state privacy laws may relate to a new study showing that individual U.S. states’ privacy statutes are spread across a broad spectrum.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Crisis Control: Best Practices for Emergency E-Discovery and Incident Response
Andrew Johnston
A set of steps and best practices that legal teams can follow to ensure thorough and efficient handling of e-discovery in crisis situations.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: A Closer Look At 3 Summer Cases Concerning Lost Data
Mike Hamilton
Summer 2019 put some interesting case law into the books. We’ll take a look at three cases having to do with lost data and whether spoliation sanctions were levied.
Read More ›
-
Entertainment Law & Finance
Security Worries for Online Video Game Companies
Victoria Hudgins
Fortnite video game developer Epic Games Inc. isn’t just dodging digital adversaries — now it’s been slammed with a class action lawsuit over a data breach.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask — 100 Days Out
Alan L. Friel
Part One of a Two-Part Article
Responses to questions businesses frequently ask about the impacts of the CCPA. Implementation challenges inevitably will arise as a company works to apply these new requirements to its business practices. The time is now to start preparing for the CCPA, as well as for other new U.S. privacy laws that are likely to follow.
Read More ›
-
Cybersecurity Law & Strategy
Increasing Client Requirements: Securing Law Firms for the 21st Century
Debra Gray
Gone are the days of “basic security.” What used to be optional is now standard: two factor authentication, complex passwords, clean desk policies, data encryption at rest and in transit, mobile device management and up-to-the-minute patching. Clients expect these items to already be in place and are further expanding their expectations.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity False Claims Act Cases: The Next Frontier
Andrew Mohr and C. Kelly Kroll
A new wave of False Claims Act cases is crashing ashore. Based on the federal government’s inclusion of toughened cybersecurity requirements for government contractors, numerous FCA cases will undoubtedly be filed and litigated in coming years against prime contractors and their major subcontractors for allegedly failing to comply with their contractual cybersecurity obligations.
Read More ›
-
Cybersecurity Law & Strategy
Why Data Competency Is a Requisite for Tomorrow’s Practitioners
Josh Becker
Whether they like it or not, lawyers interact with data every day. While there is no need for them to seek advanced degrees in data science or statistics, it is becoming increasingly difficult for them to provide adequate representation without being skilled in the uses of data.
Read More ›
-
Cybersecurity Law & Strategy
Data Privacy Reviews: The Cornerstone of a Data Breach Response
Andrew Goodman
Including a managed document review vendor in your incident response plan is critical.
Read More ›
-
Cybersecurity Law & Strategy
Marriott Moves to Dismiss Data Breach Lawsuit, Says Passport Numbers Useless to Hackers
Amanda Bronstad
In Its Motion To Dismiss, Marriott Insisted the Breach Caused No Harm to Its Guests and Attached a Declaration By a Former Government Official Who Wrote: “A U.S. Passport Is Virtually Impossible to Forge Successfully.”
Marriott is insisting that last year’s cyberattack did no harm to its hotel guests, not least of which because hackers cannot use stolen passport numbers.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: New Cases Provide Insights on the FRCP 37(e) ‘Reasonable Steps to Preserve’ Requirement
Philip Favro
The Franklin and Culhane Cases Demonstrate the Importance of Both Implementing and Then Following Corporate Litigation Readiness Measures for Purposes of FRCP 37(E)
An evaluation of FRCP 37(e) necessarily entails examining key motion practice flash points that have arisen since the implementation of the rule. One of the most significant of these flash points is what constitutes “reasonable steps to preserve” relevant ESI.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Demystifying Social Media Discovery
Todd Heffner
Social Media Escapes an Easy Definition, But You Know It When You See It
While it would be helpful to understand the technical details of collecting data from various social media platforms, what’s more important is what parts of social media might be relevant to a dispute and what that means for both the requesting and producing parties.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity In the Legal Space: Is Your Organization Prepared?
Sundhar Rajan
Organizations that continue to be complacent about data security ignore the considerable risks posed by a breach: extended downtime, loss of billable hours, destruction or loss of sensitive data and work product, and the potentially catastrophic costs associated with repairing the damage — both to their technology infrastructure and to their reputation and brand.
Read More ›
-
Cybersecurity Law & Strategy
GDPR & CCPA Are Just the Beginning
Karen A. Schuler
How Middle Market Companies Can Shore Up Their Data Privacy
The most significant overhaul to the EU’s data privacy policies in over 20 years, with extraterritorial reach, forced American businesses to remediate, and in some cases, overhaul their data privacy governance programs. But the GPDR was just the beginning. Organizations seeking compliance with the growing number of data privacy regulations will need to remain vigilant, especially for organizations that rely heavily on personal data.
Read More ›
-
Cybersecurity Law & Strategy
The State of the U.S. Privacy Job Market, 2019: Part Two
Jared Coseglia
A Reflection on the Year Behind, the Years Ahead, and Why Privacy Means So Much to Us
Part Two of a Two-Part Article
Part two of The State of the U.S. Privacy Job Market, 2019 will outline what is happening within service providers, consultancies, and vendors will touch briefly on government agencies and will predict the near-future state of the U.S. privacy job market.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Summer 2019 E-Discovery Case Law Review
Mike Hamilton
A review of recent cases involving e-discovery.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Litigation Support, E-discovery and the Recovery of Costs
Nathan Curtis
The Data Explosion vs. Recovery Model Stagnation
For law firms, the pace of exponential growth of data is a substantial problem — mainly due to the fact that the law firm business model of processing, hosting and storing this avalanche of client data, however, has not evolved as quickly as the data itself.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: What GCs Want from Legal Technology
Gina Passarella Cipriani and Zach Warren
Legal Tech Companies Have to Get Out of Their Own Way In Vying for Law Department Adoption
The legal technology industry has some significant hurdles to overcome in its increased push to sell into legal departments, general counsel say, admitting they themselves are part of the problem.
Read More ›
-
Cybersecurity Law & Strategy
It’s Time to Take Third-Party Risk Seriously
Mark Sangster
The use of new technologies such as the Internet of Things (IoT), mobile and cloud by vendors add to the question: Where is my data, and how can I protect it when it is in someone else’s hands? In the hustle and bustle of daily business, third parties often become the overlooked or unwitting accomplice in criminal activities.
Read More ›
-
Cybersecurity Law & Strategy
The State of the U.S. Privacy Job Market, 2019
A Reflection on the Year Behind, the Years Ahead and Why Privacy Means So Much to Us
Part One of a Two-Part Article
In just over a year since GDPR Day, privacy by design has made privacy as a profession one of the fastest growing and hottest verticals in and outside of the legal job market.
Read More ›
-
Cybersecurity Law & Strategy
Legislative Heat Wave: A Mid-Year Review of Upcoming Cybersecurity Laws and Enforcement Activity
Michael Bahar, Sarah Paul, Mary Jane Wilson-Bilik and Ali Jessani
While legislation to enhance data privacy rights and obligations continue to make headlines, regulators and legislators are also stepping up their cybersecurity expectations. In the first half of 2019, a number of states have updated their existing data breach notification laws and passed new cybersecurity requirements.
Read More ›
-
Cybersecurity Law & Strategy
How to Keep Mobile Data Safe: The Case for On-Device AI
Gevorg Karapetyan
Bring Your Own Device is one of the biggest compliance-related issues companies face today, and when it comes to security risks, law firms are prime targets. Considering law firms are built on their reputation, firms must make every assurance that the technology they use will protect their data.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity Spending on the Rise in 2019
Debra Frank Montero
As data security challenges continue to escalate, many law firms and corporate legal departments are upping their efforts to strengthen cyber defenses and minimize risks.
Read More ›
-
Cybersecurity Law & Strategy
SHIELD Act Signed in NY
F. Paul Greene
Defines Data Breach and Requires Data Security Controls
New York has brought itself into line with a number of states concerning how they define a data breach, and, where applicable, what substantive security controls they require.
Read More ›
-
Cybersecurity Law & Strategy
Just Say No to Hackers
Frank Ready
Conference of Mayors Resolution Calls for Cities Not to Pay Ransomware
The underlying logic is pretty straightforward: if bad actors realize that there’s no longer any cash waiting for them at the end of the rainbow, they’ll eventually pack up their ball and go home.
Read More ›
-
Cybersecurity Law & Strategy
EU Court Rules Adding Facebook ‘Like’ Button Triggers GDPR Data Collection Obligation
Caroline Spiezio
Websites with embedded Facebook “like” buttons must inform users their data will be collected and processed by the social media giant, the Court of Justice of the European Union has ruled.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Smart Speakers and E-Discovery
Brian Schrader
For businesses that own such a device, or for individual employees who might have a personally owned one on their office desk, the question of who owns any recorded data remains murky.
Read More ›
-
Cybersecurity Law & Strategy
5 Quick and Easy Ways to Hack Your Business Development
Ari Kaplan
The most popular justification for avoiding business-development activities is a lack of time. There are, however, a number of strategies that will allow you to execute and produce results in minutes — or even seconds.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: How E-Discovery Trends Are Reshaping E-Discovery Teams
Nishad Shevde
E-discovery, as an industry, is once again at an inflection point. What are the big trends that are exerting pressure on e-discovery teams today — and more importantly, what will an effective e-discovery team look like in the coming years?
Read More ›
-
Cybersecurity Law & Strategy
Fourth Quarter Educational Events to Stay on Track
Nina Cunningham
A review of upcoming programs and events that bring together many of the most active professionals in the field and its various branches.
Read More ›
-
Cybersecurity Law & Strategy
When Key Employees Quit: 5 Things You Must Do to Keep Control of Critical Data
Michael Ciaramitaro and Sarah Brown
Losing a key employee is never easy — they often take with them institutional knowledge, great internal and external relationships, and critical skill sets. There is also a risk that they’ll take some information or data with them when they go, either inadvertently or on purpose.
Read More ›
-
Cybersecurity Law & Strategy
Training Machines to Speak Legalese: The Perils and Promise of AI in Law
Serena Wellen
When AI is deployed appropriately with proper oversight, it helps us make connections we couldn’t see before, leading us to new legal and business insights. But teaching machines how to interpret “legalese” is nearly as challenging as the task it is trying to solve.
Read More ›
-
Business Crimes Bulletin
Are Companies Playing It Too Safe With GDPR Breach Reporting?
Frank Ready
A new report from the law firm of Pinsent Masons shows that there has been a high level of GDPR "over-reporting" at the U.K.'s Information Commissioner's Office, but organizations who may think they are playing it safe may actually be opening themselves up to further regulatory scrutiny.
Read More ›
-
Cybersecurity Law & Strategy
Electronic Signatures: Legal and Practical Considerations for E-Signing on the Virtual Dotted Line
Anthony J. Diana and David G. Krone
In assessing whether or how to employ e-signatures, particularly in higher risk transactions, organizations should be careful to manage the practical issues and potential legal complexities associated with e-signatures through careful assessment and a robust governance program.
Read More ›
-
Cybersecurity Law & Strategy
Clients Drive Information Governance: Payment Tied to Guideline Compliance
Stephen Cole
To comply with the data side of the Outside Counsel Guidelines, firms must have a clear information governance strategy for which the firm’s use of technology systems is foundational.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Spring 2019 E-Discovery Case Law Review
Mike Hamilton
The amendments to the Federal Rules of Civil Procedure in 2015 intended to clarify some of the ambiguities that caused inconsistent rulings in e-discovery matters. One such amendment was to Rule 37(e), which seemed to indicate that courts would not levee punitive sanctions without establishing “intent to deprive.” Despite this language, though, courts continue rely on their inherent authority to issue sanctions, meaning organizations must take their preservation obligations seriously.
Read More ›
-
Cybersecurity Law & Strategy
Expanding Your Digital Strategy with RPA
Arup Das
Beyond improving efficiency, new advancements in Robotic Process Automation, or RPA, are helping lawyers do more billable work without hiring more people.
Read More ›
-
Cybersecurity Law & Strategy
2 U.S. Law Firms Among Cybercrime Victims
Patrick Smith
Because They Often Possess Valuable Information on a Variety of Companies and Individuals, Law Offices Continue to Be a Favorite Target for Hackers
The DOJ said that two U.S.-based law firms were among the victims of a “complex transnational organized cyber-crime network” that has been taken down.
Read More ›
-
Cybersecurity Law & Strategy
EU E-Commerce Proposal Aims to Eliminate Barriers; Calls for E-Signatures and Net Neutrality
Simon Taylor
The European Union has put forth an ambitious proposal for how countries can eliminate barriers to e-commerce and protect businesses and consumers engaged in online transactions. But parts of the proposal, published as part of a World Trade Organization initiative that includes the U.S. and China, are likely to face opposition.
Read More ›
-
Cybersecurity Law & Strategy
Companies Poised To Repeat Data Privacy Compliance Mistakes
Phillip Bantz
New Study Shows U.S. Companies Are Taking the Same Failed Approach To Complying With California’s Privacy Regulation As They Did for GDPR
U.S. companies haven’t learned much from the missteps they made while preparing for the European Union’s General Data Protection Regulation (GDPR), suggests a new study on data privacy regulation compliance.
Read More ›
-
Cybersecurity Law & Strategy
State Report: New NJ Data Breach Notification Legislation Signed
Suzette Parmley
Legislation expanding the types of personal data that will trigger a required notification to customers in case of a breach, including email addresses and passwords, was signed into law by Gov. Phil Murphy.
Read More ›
-
Cybersecurity Law & Strategy
State Report: NY Creates Nation’s First Regulatory Cybersecurity Division
Dan M. Clark
New York’s financial regulatory agency has created a first-in-the-nation cybersecurity division to place special focus on protecting the state’s consumers and industries from digital threats.
Read More ›
-
Cybersecurity Law & Strategy
Podcast: Cognitive Security
Jason Thomas
We live in information environment that is unique to this point in time (social media, information overload). How do we know what’s true and what’s not?
Read More ›
-
Cybersecurity Law & Strategy
The Nice-to-Haves and Need-to-Haves of Cloud Computing
Michael Smith and Mike Paul
This article discusses what to look for in a cloud service provider and other issues that will help determine if moving to the cloud is the right move for your firm.
Read More ›
-
Cybersecurity Law & Strategy
IP Theft Goes Far Beyond the Huawei Scandal: How to Stay Safe
Ilia Sotnikov
IP theft is not limited to kingpins of business. Even if your organization has never appeared in the headlines, you cannot rest easy that no one is interested in acquiring your know-how. In fact, analysis the results of our survey for the 2018 Netwrix IT Risks Report reveals that small and medium organizations are actually more vulnerable to IP theft and cyber espionage than enterprises.
Read More ›
-
Cybersecurity Law & Strategy
Data Security Ethics and Best Practices for Court Reporters
Andy Fredericks
The issue of digital security and privacy should be a paramount concern to modern court reporters just as it is to their attorney clients. Yet their biggest risk remains the same as everyone else’s: believing it won’t happen to them.
Read More ›
