Friday, July 3, 2020

Subscribers Only

Free

The Aftermath of a Breach: Evidentiary Protections Related to Forensic Investigations in Limbo

Courts have sometimes ruled that forensic investigations of a breach are protected by the rules of attorney-client privilege or work-product protection, and therefore, are shielded from the discovery process. However, a Virginia district court ordered Capital One to release cybersecurity reports and documentation following a data breach. Taft attorneys offers suggestions businesses and their legal teams […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Lessons Learned for Maintaining Attorney-Client Privileged Data Breach Investigation (and other Consultant) Reports

Recently a federal court compelled production of a breach report performed by an incident response consultant, calling into question the scope of protection by attorney-client privilege and/or work product doctrine, for data breaches and possibly other corporate investigations. Kelley Drye discusses the background and rationale that led to the Court’s finding, and offers advice concerning […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CCPA Final Regulations Submitted – What Does Your Business Need To Do?

As the July 1 CCPA enforcement date looms, Baker Donelson’s Alexander Koskey identifies some notable items that your business should be thinking about for the CCPA: Disclosures regarding the collection and use of personal information Privacy policies Service providers Financial incentives Procedures for handling consumer requests Your employees The applicable scope of exemptions More at […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

EDPB: Pandemic Is No Reason To Suspend GDPR

The European Data Protection Board has issued a statement on the adoption by the Hungarian government of derogations from certain data protection and access to information provisions of the European Union’s General Data Protection Regulation. It states that “even in these exceptional times, the protection of personal data must be upheld in all emergency measures,” […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

California AG Suggests Additional CCPA Regulations May Be Needed

In the detailed summaries of comments to the final California Consumer Privacy Act regulations, responses from the California Office of the Attorney General indicate that some of the areas and issues flagged in the comments may warrant additional, future regulations. Areas include the scope of the law, clarity in the definition of “sale” and other […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Duty of Care of Directors in A Cyberfraud

In Emirate Distributors Ltd v. AALL & Zyleman Co Ltd, Hong Kong’s High Court considered the standard of the duty of care owed to the two plaintiff companies in a cyberfraud by the defendant management and secretarial service company and its three employees, who were also nominee directors of the plaintiffs. Although the directors were […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

New Cyber Threat Warnings And Guidance Issued For Health Care Entities Conducting COVID-19 Research

The U.S. medical and pharmaceutical industries have long been targets of cyber espionage, but the current health crisis substantially raises the threat for a variety of reasons. The most obvious reason is the value of COVID-19 related research, whether related to a vaccine or otherwise. Less obvious is the risk that companies may let their […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Before the CCPA is Enforced, California Moves to Tighten Privacy Obligations as Businesses Reel...

In a letter to California’s Attorney General, a group of businesses and trade associations cited the COVID-19 crisis as having “encumbered businesses in their earnest efforts” to create CCPA compliant programs, and requested a delay in enforcement, which the AG denied. The group Californians for Consumer Privacy has announced the submission of more than 900,000 […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Belgian SA Decision on Lodging GDPR Complaints

The Belgian Supervisory Authority fined a politician €5,000 for sending political marketing materials without an appropriate legal basis. Although the fine was not massive, the case is interesting because the complaint was brought not by the individuals who received the marketing materials, but by their employer, whose employee list the politician had acquired. The legislative […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Destruction of Privilege and Work Product Protection for Data Breach Investigations?

Legal observers have reacted with surprise to recent decisions finding that the work-product doctrine did not apply to a report written by a forensic investigation firm that had been engaged by a law firm on behalf of their client. Baker Hostetler argues that while there are legitimate grounds for criticizing the analysis behind these decisions, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.