A recent opinion in Illinois raises the question of whether spoliating parties should be encouraged to present the following defense at trial: "Ladies and gentlemen of the jury, yes the main evidence of this case has been destroyed, but it's only because my client and my law firm are completely incompetent when it comes to preserving electronic evidence."
Two recent Chinese laws — the Data Security Law (DSL) and the Personal Information Protection Law (PIPL) — include provisions aimed at restricting the cross-border transfer of China-based data foreign enforcement and judicial authorities. U.S. courts have not yet addressed whether these data protection and privacy laws could bar the production of documents in civil contexts involving governmental litigants or in criminal proceedings.
Truly malicious internal threats can often be treated much like external threats using the tools and backups already in place. But how does a firm proactively identify the softer threats — which may be just as dangerous as the malicious threats and can cripple a firm just as effectively?
Mitigating Its Risks and the Call for Standardization of Software Development Security Protocols This article details the anatomy of a supply chain cyberattack, explores the existing state of supply chain protective contractual terms, and proposes actionable steps with a collective approach to guide legal professionals through their precarious endeavors.
When cyber defenses work, there is a human tendency to become complacent. If you fall into this perception trap, you will quickly find yourself in survival mode — scrambling to restore and recover, and in a position where the best explanation was that the attack was somehow "unexpected." The global cyberthreat is also still very real.
Exploring crypto assets is akin to visiting the Land of Oz. Outwardly, both seem dazzling, foreign and off-color. However, by removing the technological blinders, equivalent to the emerald glasses worn by the citizens of the Emerald City, attorneys will likely understand that they know all they need to integrate crypto assets into their practice.
From a legal perspective, the cloud introduces a unique shared responsibility model that many businesses are only now coming to appreciate; specifically, although the cloud provider may house the data and provide functionality for access and data security controls, the legal obligations remain the responsibility of the business procuring these services.
New e-discovery cases continue to proliferate, spotlighting key trends regarding the handling of ESI in litigation.
To date, cybersecurity has generally been viewed as an organizational responsibility, and data breaches similarly have been treated as organizational weaknesses or failures. Against this backdrop of organizational responsibility, the Department of Justice has brought a noteworthy criminal case against an individual for his personal response to a corporate data breach.
Best Practices to Simplify Future E-discovery Part Two of a Two-Part Series Just as the legal industry had to scramble to figure out how to handle email and other electronic documents a couple decades ago, e-discovery practices must once again shift to account for the realities of business being conducted via chat and the massive amounts of new types of data that chat platforms generate.
