Blockchain and GDPR — Frenemies?
In a nutshell, GDPR mandates that individuals have access and control over the use and maintenance of their data in certain circumstances, while the foundation of blockchain relies on the immutability of data. On the surface, these concepts seem in direct conflict with each other. This article discusses the points where GDPR and blockchain share common ground, where conflicts may exist and possible approaches for mitigating those conflicts.
Why Encryption Is the Key to Ensure Data Privacy in the Cloud
At both a personal and corporate level, there are huge gains to be made in protecting against data breaches. The fact is that well-implemented client-side encryption — where the corporate user keeps their own key rather than entrusting a third party to guard their sensitive information — is the only sure way to guarantee data privacy when storing data on other people's servers.
This is Not Your Father's Cloud (Part Two)
<b><i>Part Two of a Two-Part Article</b></i><p>In Part One of this article last month, we began a discussion designed to demystify the hesitations behind cloud security and analyzed the fast-growing transformation to a range of newer technical approaches with important consequences for legal practice. This month we continue the discussion by tackling the security and legal implications of the mass transformation of enterprise IT to cloud services from leading providers such as AWS and Azure.
Cryptography's Legal Landscape
The same applications, and the same cryptographic protocols, don't function in the exact same ways when appearing in 'the same software' utilized in different control devices. What, if any, are the legal ramifications of differing delivery mechanisms for the same cryptographic functions that may or may not perform the same?
In-House Counsel's Growing Role in Data Protection and Security Risk Management
<b><I>Building an Intelligence-Led Program</b></i><p>With reports of major breaches surfacing with alarming frequency, boards and C-Level management are now looking to counsel to implement programs that help the corporation prepare for, quickly recover and reduce fallout from, inevitable cyber incidents. In-house counsel is facing growing responsibility to minimize damage to the corporate reputation, loss of key data, and legal and regulatory penalties. And many worry their organization is stuck in a game of catch-up.
The End of the Privacy Shield?
If the U.S. cannot come to an understanding with the European Parliament by September 1, companies that already participate in Privacy Shield may find themselves in limbo. But there are options.
The Law Firm Cybersecurity Audit Grows Up
In the face of new threats, law firm cybersecurity assessments have become more engaging and demanding affairs. But many hope this new change is just the beginning of a more fundamental shift.
