-
Cybersecurity Law & Strategy
Cybersecurity 2020 Year In Review — And A Look Into 2021
A new administration in the U.S., ransomware, ALSPs, new regulations in the U.S. and abroad, and the long-lasting impact of working remotely are just some of the factors that respondents say will factor in to how law firms need to prepare for 2021.
Read More ›
-
Entertainment Law & Finance
A Look at the EU’s Latest Proposal for Regulating Online Content
Linda A. Thompson
The DSA is intended to reset the rules around online content moderation and to reframe the responsibility of platforms for illegal content uploaded to their websites.
Read More ›
-
Cybersecurity Law & Strategy
Transitioning to Remote, Electronic Signing for Transactions
Will Norton
The recent move to more remote work environments has prompted many to take a second look at not only eSignature solutions but also remote online notarization (RON). In order to support transactional practice groups in making the transition to electronic signing and closings, one must understand the challenges and opportunities of these technologies.
Read More ›
-
Cybersecurity Law & Strategy
Fall 2020 Data Privacy Updates
Rebecca Perry
America and the EU continue altering data privacy frameworks for businesses.
Read More ›
-
Cybersecurity Law & Strategy
Privacy Issues of Contact Tracing
Shari Claire Lewis
Companies considering whether to suggest, or even to require, contact tracing for employees or others must consider a host of legal issues, including privacy. This article describes contact tracing, focusing on how technology has made it a more powerful weapon against viruses and diseases than ever before.
Read More ›
-
Cybersecurity Law & Strategy
Video Conferencing and the CCPA
Shaia Araghi and Kyle Janecek
Users have become increasingly concerned about the privacy of videoconferencing platforms, due to exposure of information from security breaches. We examined the privacy policies of six prominent applications to determine their compliance with the California Consumer Privacy Act (CCPA).
Read More ›
-
Cybersecurity Law & Strategy
The State of the e-Discovery and Data Privacy Job Market: Pre and Post COVID-19 – Part 2
Jared Coseglia
A deep dive into the pre and post pandemic e-discovery job market landscape and what data privacy professionals can learn from ESI employment trends.
Part Two of a Two-Part Article
Read More ›
-
Cybersecurity Law & Strategy
Summer 2020 Data Privacy Updates
Rebecca Perry
America and the EU Continue Altering Data Privacy Frameworks for Businesses
A close look at a couple of privacy-related issuances from California, along with the European Court of Justice ruling invalidating the EU-U.S. privacy shield.
Read More ›
-
Cybersecurity Law & Strategy
Ransomware – COVID-19 & Upgrading Your Defenses
Jonathan Armstrong and André Bywater
It’s pretty shameful that in the current crisis we’re seeing ransomware on the rise. It’s even more shameful that organizations involved in fighting the virus seem to be especially at risk.
Read More ›
-
Cybersecurity Law & Strategy
Facebook and Instagram Developers Sued for Privacy Violations In U.S. and UK
Alaina Lancaster
Facebook filed two separate lawsuits in the UK and U.S. that the company says is part of an ongoing effort to hold developers that abuse its platform accountable.
Read More ›
-
Cybersecurity Law & Strategy
The State of the e-Discovery and Data Privacy Job Market: Pre- and Post-COVID-19, Part 1
Jared Coseglia
Part One of a Two-Part Article
This deep dive into the specific cause-and-effect paradigms impacting the data privacy and e-discovery verticals illustrates broader trends in the overall legal technology job market while simultaneously giving professionals in (or eager to be in) those disciplines a clear roadmap of where the legal technology, data privacy, and ESI job market was, is today, and where it will be in the future.
Read More ›
-
Cybersecurity Law & Strategy
Cybersecurity for Remote Workers: Keeping Financial Information Secure
Ashley Thomas
At the beginning of the COVID-19 pandemic, businesses scrambled to rapidly deploy a remote workforce which created new challenges for businesses to continue operating and providing critical services. It also created an opportunity for malicious actors to hack into and gain access to IT systems and sensitive, personal information.
Read More ›
-
Business Crimes Bulletin
Where Will the Needle Land?
Scott Pink and John Dermody
COVID-19 Contact Tracing v. Protecting Personal Privacy
As states roll back stay-at-home orders, contact tracing has quickly emerged as an essential tool to manage the spread of the coronavirus and allow the country to return to work safely. But innovative contact tracing methods raise a host of privacy concerns, forcing a reckoning with how we balance privacy and public health.
Read More ›
-
Cybersecurity Law & Strategy
Synchronizing Legal Hold Requirements With Consumer Requests for Data Deletion
Mike Hamilton
The biggest challenge with any legal hold process is ensuring that potentially relevant data is actually preserved. But with evolving requirements for how data is managed by new data privacy laws like the CCPA and the GDPR, it’s become harder to secure data by simply sending a legal hold and assuming the custodian will do their duty to preserve it.
Read More ›
-
Cybersecurity Law & Strategy
How To Avoid Cybersecurity Challenges Brought On By the Pandemic
Tomas Suros
As the current pandemic has forced much of the world into virtual workforce mode, cybercriminals have seized on the uncertainty of the current times to launch new and creative offensives. Fears surrounding COVID-19 are high, conspiracy theories are running rampant, and cyberattackers are counting on stress and distraction to decrease our vigilance against intrusions.
Read More ›
-
Cybersecurity Law & Strategy
Where Will The Needle Land? COVID-19 Contact Tracing v. Protecting Personal Privacy
Scott Pink and John Dermody
Governments and businesses alike are considering how to leverage new technologies to make contact tracing efforts more effective by digitally monitoring our social interactions and physical locations. But such innovative contact tracing methods raise a host of privacy concerns, forcing a reckoning with how we balance privacy and public health.
Read More ›
-
Cybersecurity Law & Strategy
Recent Decisions Clarify Scope of Illinois Biometric Privacy Law
Frank Nolan and Andrew Weiner
For users of biometric information subject to BIPA’s rigorous requirements, the last two years have brought mostly bad news, most notably a smattering of unfavorable decisions on the question of whether plaintiffs must suffer an injury in order to avail themselves of BIPA. Against this backdrop, however, courts have issued decisions on other aspects of BIPA
Read More ›
-
Cybersecurity Law & Strategy
How Privacy Laws Shape COVID-19 Reopening Plans
Justin Eichenberger and Mary Fuller
When it comes to processing personal information, Americans do not have a general right to privacy because the United States does not have a comprehensive privacy law. That does not mean, however, that employers are not subject to other privacy requirements.
Read More ›
-
Cybersecurity Law & Strategy
New Jersey’s Latest Effort on the Privacy Front
Kenneth K. Dort and Mitchell S. Noordyke
New Jersey legislators are joining a growing line of states in proposing a bill to strengthen data privacy protections, following in the footsteps of privacy laws enacted in Europe and California.
Read More ›
-
Cybersecurity Law & Strategy
A CCPA Private Right of Action on the Horizon
David Keating, Jim Harvey and Dan Felz
Class Action Complaints Test Whether Plaintiffs Can Sue for Any Violation of the CCPA
This article provides an overview of how the CCPA addresses private rights of action, summarizes recent class action complaints that attempt to use CCPA violations as the basis for class-wide claims, and provides suggestions for prioritizing activity in CCPA compliance programs in this new litigation environment.
Read More ›
-
Cybersecurity Law & Strategy
Privacy Is Top Priority But Spending Will Decrease, Survey Says
Frank Ready
Exterro’s Annual Study of Legal Spend Management indicates that organizations are expecting to spend less on compliance with privacy laws in 2020 as they wait to see how new regulations like the CCPA are enforced first.
Read More ›
-
Cybersecurity Law & Strategy
Judge Warns Facebook in Approving Record $5B Fine for Alleged Privacy Violations
Jacqueline Thomsen
The Judge Pointed Out that Some FTC Commissioners Wanted to Specifically Sanction Facebook Founder Mark Zuckerberg for the Company Sharing Private User Data With Outside Parties
A federal judge in Washington, DC, signed off on a record $5 billion fine imposed by the U.S. Federal Trade Commission on Facebook for allegedly violating federal law and a previous order with its privacy practices.
Read More ›
-
Cybersecurity Law & Strategy
Coronavirus Work-from-Home Response A Boon for Cybercriminal Exploitation
Mark Sangster
Companies determined to protect their employees and minimize the impact of COVID-19 are enforcing travel restrictions and strong work-from-home policies. However those actions can be used against employees as any firms are likely unprepared for the criminal appetite for the cyberattack exploitation of a remote workforce. Here are some of the key issues of which law firms and companies need to be aware and steps that should be considered to minimize the risk to keep everyone — and client data — safe.
Read More ›
-
Cybersecurity Law & Strategy
COVID-19: Threats Abound: How to Protect Your Remote Workforce
Tomas Suros
The COVID-19 pandemic has changed the conversation around remote work. As more employees work remotely, law firms must employ security best practices to ensure that the extended reliance on the cloud doesn’t expose sensitive data or cripple daily operations. Following is a practical checklist of systems, technologies and processes to consider when evolving your firm for remote work and selecting your cloud technology provider.
Read More ›
-
Cybersecurity Law & Strategy
COVID-19: Companies, Trade Organizations Seek to Postpone CCPA Enforcement Date
Dan Clark
Over 30 trade associations and companies co-signed a letter last month to California Attorney General Xavier Becerra asking him to push back the enforcement date for the California Consumer Privacy Act due to the new coronavirus and a lack of clarity on the enforcement rules.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act is HERE: Are You Litigation Ready?
Ann Marie Mortimer, Jason J. Kim and Lisa J. Sotto
Most companies doing business in California are well aware of the CCPA and prepared diligently in advance of the law’s Jan. 1, 2020 compliance deadline. While compliance certainly is key, even compliant businesses must consider — and prepare for — the eventual onslaught of class action litigation that is coming.
Read More ›
-
Cybersecurity Law & Strategy
States Take the Lead on Securing IoT
Ashley Thomas
The California IoT Security Law is the first of its kind in the nation and pushes device manufacturers to adopt cybersecurity standards during the product development and design stages where none have existed before.
Read More ›
-
Cybersecurity Law & Strategy
Coronavirus Work-from-Home Response A Boon for Cybercriminal Exploitation
Mark Sangster
Here are some of the key issues of which law firms and companies need to be aware and steps that should be considered to minimize the risk to keep everyone — and client data — safe.
Read More ›
-
Cybersecurity Law & Strategy
Litigators and Privacy: The Last People You Want to See, or the First?
Michael Bahar, Sarah Paul, Matt Gatewood and Andrew Weiner
In their consideration of possible worst-case cyber attack scenarios, organizations often focus on the various types of attacks and their relative severity. But, the worst-case scenario is not the breach, it's the reputational damage, regulatory enforcement action, the business interruption, and the inevitable litigation that follows a poorly handled breach from an unprepared organization. Given this reality, it is important to adjust planning assumptions and response scenarios to focus on addressing these drivers of post-breach exposure.
Read More ›
-
Cybersecurity Law & Strategy
In the Know: Top 5 Legal Technology Trends for the 2020s
Deb Dobson
Technology allows attorneys to keep informed so they can help their clients understand the potential impact on their company.
Read More ›
-
Cybersecurity Law & Strategy
Defining Reasonable Care for the Protection of Personal Data
Devin Chwastyk
The Pennsylvania Supreme Court enlivened the Thanksgiving holidays of privacy lawyers in 2018 with its decision in Dittman v. UPMC, which held that an employer has a legal duty to exercise reasonable care to safeguard employees’ personal information. While the scope of the decision technically was confined to the employer-employee relationship, the court’s reasoning implies that such a duty of reasonable care may arise in any scenario where one party engages in the collection of personal information.
Read More ›
-
Cybersecurity Law & Strategy
Florida Lawmakers Introduce Online Privacy Legislation
David M. Stauss and Malia Rogers
Florida lawmakers have introduced companion bills in the Florida House (HB 963) and Senate (SB 1670) that would create limited online privacy rights and obligations in the state. The legislation appears to be very similar to the Nevada Online Privacy Protection Act, which was amended last year to add a right to opt-out of sales of covered information.
Read More ›
-
Cybersecurity Law & Strategy
More Regulation, Stronger Investigations and Home Tech Devices Concerns to Come in 2020, New Gibson Dunn Report Warns
Steve Salkin
On Data Privacy Day last month, Gibson Dunn released the eighth edition of its United States Cybersecurity and Data Privacy Outlook and Review. The report details trends that the privacy industry saw in 2019 from a legislative, regulatory and judicial perspective.
Read More ›
-
Cybersecurity Law & Strategy
A Look Behind, A Look Ahead: Part 1 - Cybersecurity
Steve Salkin
Cybersecurity Law & Strategy partnered with our ALM sibling Legaltech News to ask cybersecurity and e-discovery experts what they thought the key trends were in 2019 and what they expect to see in 2020.
Read More ›
-
Cybersecurity Law & Strategy
Data Privacy: Building Compliant and Adaptable Systems
Tomas Suros
Rather than trying to institute changes to comply with every new privacy law as it emerges, a better approach is to view data privacy as an overall framework and adopt a holistic response to compliance with the built-in flexibility to constantly adapt to an ever-changing legal landscape.
Read More ›
-
Cybersecurity Law & Strategy
GDPR Had Some Bite in 2019
Victoria Hudgins
Although no company was hit with the maximum GDPR fine of 4% of the company’s worldwide annual revenue, GDPR fines issued in 2019 were still a force to be reckoned with.
Read More ›
-
The Intellectual Property Strategist
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask
Alan L. Friel
Part Two of a Two-Part Article
Read More ›
-
Cybersecurity Law & Strategy
Unique Cyber Risks Faced By the Cannabis Industry
Victoria Hudgins
All companies face cybersecurity threats, but the legalized cannabis industry’s storage of personally identifiable information and reliance on seed-to-sale tracking software can place it firmly within hackers’ crosshairs.
Read More ›
-
Cybersecurity Law & Strategy
What Is the Appropriate Statute of Limitations Period for BIPA Claims?
Sean Wieber, Patrick O’Meara and Eric Shinabarger
The BIPA compliance lag has led companies using or collecting biometric information to consider how far back their liability may extend. The Illinois General Assembly, however, did not include an explicit statute of limitations period in BIPA. As a result, the statute of limitations has become one of BIPA’s primary battlegrounds as litigants argue about potential class sizes and damages awards.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask — 100 Days Out
Alan L. Friel
Part Two of a Two-Part Article
Part One of this article, last issue, covered how the CCPA applies to businesses — both in and outside California, the revenue threshold, proposed amendments and other open issues. Part Two continues with the rights that CCPA grants to Californians, the CCPA’s impact on company privacy policies, how other states’ privacy laws compare to the CCPA, exceptions and penalties for violating the Act.
Read More ›
-
Cybersecurity Law & Strategy
New Study Shows Which States Lead in Privacy Protection Laws
Sue Reisinger
General counsel who navigate the mishmash of state privacy laws may relate to a new study showing that individual U.S. states’ privacy statutes are spread across a broad spectrum.
Read More ›
-
The Intellectual Property Strategist
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask
Alan L. Friel
Part One of a Two-Part Article
The California Consumer Privacy Act (CCPA) is a comprehensive new consumer protection law set to take effect on Jan. 1, 2020. In the wake of the CCPA’s passage, approximately 15 other states introduced their own CCPA-like privacy legislation, and similar proposals are being considered at the federal level. Part One of this article covers how the CCPA applies to businesses — both in and outside California, the revenue threshold, proposed amendments and other open issues.
Read More ›
-
Cybersecurity Law & Strategy
The California Consumer Privacy Act: Everything You Wanted to Know But Were Afraid to Ask — 100 Days Out
Alan L. Friel
Part One of a Two-Part Article
Responses to questions businesses frequently ask about the impacts of the CCPA. Implementation challenges inevitably will arise as a company works to apply these new requirements to its business practices. The time is now to start preparing for the CCPA, as well as for other new U.S. privacy laws that are likely to follow.
Read More ›
-
Cybersecurity Law & Strategy
Data Privacy Reviews: The Cornerstone of a Data Breach Response
Andrew Goodman
Including a managed document review vendor in your incident response plan is critical.
Read More ›
-
Cybersecurity Law & Strategy
Marriott Moves to Dismiss Data Breach Lawsuit, Says Passport Numbers Useless to Hackers
Amanda Bronstad
In Its Motion To Dismiss, Marriott Insisted the Breach Caused No Harm to Its Guests and Attached a Declaration By a Former Government Official Who Wrote: “A U.S. Passport Is Virtually Impossible to Forge Successfully.”
Marriott is insisting that last year’s cyberattack did no harm to its hotel guests, not least of which because hackers cannot use stolen passport numbers.
Read More ›
-
Cybersecurity Law & Strategy
Legislative Heat Wave: A Mid-Year Review of Upcoming Cybersecurity Laws and Enforcement Activity
Michael Bahar, Sarah Paul, Mary Jane Wilson-Bilik and Ali Jessani
While legislation to enhance data privacy rights and obligations continue to make headlines, regulators and legislators are also stepping up their cybersecurity expectations. In the first half of 2019, a number of states have updated their existing data breach notification laws and passed new cybersecurity requirements.
Read More ›
-
Cybersecurity Law & Strategy
How to Keep Mobile Data Safe: The Case for On-Device AI
Gevorg Karapetyan
Bring Your Own Device is one of the biggest compliance-related issues companies face today, and when it comes to security risks, law firms are prime targets. Considering law firms are built on their reputation, firms must make every assurance that the technology they use will protect their data.
Read More ›
-
Cybersecurity Law & Strategy
SHIELD Act Signed in NY
F. Paul Greene
Defines Data Breach and Requires Data Security Controls
New York has brought itself into line with a number of states concerning how they define a data breach, and, where applicable, what substantive security controls they require.
Read More ›
-
Cybersecurity Law & Strategy
EU Court Rules Adding Facebook ‘Like’ Button Triggers GDPR Data Collection Obligation
Caroline Spiezio
Websites with embedded Facebook “like” buttons must inform users their data will be collected and processed by the social media giant, the Court of Justice of the European Union has ruled.
Read More ›
-
Cybersecurity Law & Strategy
Legal Tech: Smart Speakers and E-Discovery
Brian Schrader
For businesses that own such a device, or for individual employees who might have a personally owned one on their office desk, the question of who owns any recorded data remains murky.
Read More ›