• Enforcement Update: U.S. Courts Demonstrate Reluctance to Extend Application of Chinese Data Security and Privacy Laws In Civil Discovery

    June 01, 2022 |

    Two recent Chinese laws — the Data Security Law (DSL) and the Personal Information Protection Law (PIPL) — include provisions aimed at restricting the cross-border transfer of China-based data foreign enforcement and judicial authorities. U.S. courts have not yet addressed whether these data protection and privacy laws could bar the production of documents in civil contexts involving governmental litigants or in criminal proceedings.

  • Mitigating Risks at Professional Service Firms Using Artificial Intelligence

    June 01, 2022 |

    Truly malicious internal threats can often be treated much like external threats using the tools and backups already in place. But how does a firm proactively identify the softer threats — which may be just as dangerous as the malicious threats and can cripple a firm just as effectively?

  • The Anatomy of a Supply Chain Cyberattack

    June 01, 2022 |

    Mitigating Its Risks and the Call for Standardization of Software Development Security Protocols This article details the anatomy of a supply chain cyberattack, explores the existing state of supply chain protective contractual terms, and proposes actionable steps with a collective approach to guide legal professionals through their precarious endeavors.

  • We Must Never Let our Cyber Guard Down

    June 01, 2022 |

    When cyber defenses work, there is a human tendency to become complacent. If you fall into this perception trap, you will quickly find yourself in survival mode — scrambling to restore and recover, and in a position where the best explanation was that the attack was somehow "unexpected." The global cyberthreat is also still very real.

  • Crypto Asset Legal Difficulties

    June 01, 2022 |

    Exploring crypto assets is akin to visiting the Land of Oz. Outwardly, both seem dazzling, foreign and off-color. However, by removing the technological blinders, equivalent to the emerald glasses worn by the citizens of the Emerald City, attorneys will likely understand that they know all they need to integrate crypto assets into their practice.

  • Under Shared Responsibility Cloud Model, Data Owners Retain Control of Access and Data

    June 01, 2022 |

    From a legal perspective, the cloud introduces a unique shared responsibility model that many businesses are only now coming to appreciate; specifically, although the cloud provider may house the data and provide functionality for access and data security controls, the legal obligations remain the responsibility of the business procuring these services.

  • Individual Liability and Criminalizing Cybersecurity Response

    June 01, 2022 |

    To date, cybersecurity has generally been viewed as an organizational responsibility, and data breaches similarly have been treated as organizational weaknesses or failures. Against this backdrop of organizational responsibility, the Department of Justice has brought a noteworthy criminal case against an individual for his personal response to a corporate data breach.

  • The Slack Explosion: Convenient Yet Complicated, Part 2 

    May 01, 2022 |

    Best Practices to Simplify Future E-discovery Part Two of a Two-Part Series Just as the legal industry had to scramble to figure out how to handle email and other electronic documents a couple decades ago, e-discovery practices must once again shift to account for the realities of business being conducted via chat and the massive amounts of new types of data that chat platforms generate.

  • The Importance of ISO Certification for Law Firms

    May 01, 2022 |

    ISO certification is not just a critical way to ensure your firm's security; it's increasingly important for any firm that wants to maintain a competitive advantage in today's legal market.