Features

Colorado recently adopted a new law expanding companies' obligations in the event of a cybersecurity incident, and establishing new data security and disposal obligations. Recent announcements by the SEC likewise emphasize important responsive points for both companies and their personnel in the wake of an incident. Five key takeaways from these developments are highlighted in this article.

Features

Emerging technologies and regulations have the power to create, shape or kill businesses. For the entertainment industry, the European Union's (EU) General Data Protection Regulation (GDPR) and blockchain technology each embody forces that have the potential for profound impact. Taken in tandem, the GDPR and blockchain highlight the possibilities and pitfalls of disruption and the importance of cross-organizational collaboration in compliance and innovation initiatives.

Features

In a nutshell, GDPR mandates that individuals have access and control over the use and maintenance of their data in certain circumstances, while the foundation of blockchain relies on the immutability of data. On the surface, these concepts seem in direct conflict with each other. This article discusses the points where GDPR and blockchain share common ground, where conflicts may exist and possible approaches for mitigating those conflicts.

Features

At both a personal and corporate level, there are huge gains to be made in protecting against data breaches. The fact is that well-implemented client-side encryption — where the corporate user keeps their own key rather than entrusting a third party to guard their sensitive information — is the only sure way to guarantee data privacy when storing data on other people's servers.

Features

<b><i>Part Two of a Two-Part Article</b></i><p>In Part One of this article last month, we began a discussion designed to demystify the hesitations behind cloud security and analyzed the fast-growing transformation to a range of newer technical approaches with important consequences for legal practice. This month we continue the discussion by tackling the security and legal implications of the mass transformation of enterprise IT to cloud services from leading providers such as AWS and Azure.

Features

As rapid technological changes in the 21st century continue to expand the types and volume of private electronic information, the Fourth Amendment's privacy protections are evolving. The critical question in Fourth Amendment cases is whether a person has a “reasonable expectation of privacy in the information or event.”

Features

<b><I>Building an Intelligence-Led Program</b></i><p>With reports of major breaches surfacing with alarming frequency, boards and C-Level management are now looking to counsel to implement programs that help the corporation prepare for, quickly recover and reduce fallout from, inevitable cyber incidents. In-house counsel is facing growing responsibility to minimize damage to the corporate reputation, loss of key data, and legal and regulatory penalties. And many worry their organization is stuck in a game of catch-up.

Features

If the U.S. cannot come to an understanding with the European Parliament by September 1, companies that already participate in Privacy Shield may find themselves in limbo. But there are options.