AI is also beginning to help managers peer into personal aspects of job performance that used to be left up to managers’ instincts and observations.
The Cloud Security Alliance Cloud Controls Matrix (CCM) is specifically designed to provide fundamental security principles to guide cloud vendors and to assist prospective cloud customers in assessing the overall security risk of a cloud provider.
When choosing a cloud service provider, it’s vital that the datacenter physically reside in a region or country in which data handling and storing legislation is favorable to your company’s business interests.
The takeaway from this case – which surveys a number of cases from other jurisdictions – is that blanket requests for forensic imaging probably will not be approved without very specific parameters that describe the relevance of the information, the precise method for obtaining it, and the reason that the information cannot be obtained elsewhere.
At JPMorgan Chase & Co., a learning machine is parsing financial deals that once kept legal teams busy for thousands of hours.
Kornbacher thinks privacy lawyers are poised to take on a bigger role in M&A deals, particularly during the due diligence phase.
Many US companies may not realize that they might also have to comply with this new EU data security regulation. That’s because the GDPR applies to any business that holds data about, or which markets to individuals within the EU.
The Electronic Communications Privacy Act of 1986, a law passed before the widespread use of e-mail, instant messages and Internet-based social networks, doesn’t permit courts to require U.S.-based Internet service providers to turn over customer e-mails stored on servers outside the country.
On January 11, U.S. and Swiss authorities announced final agreement on the Swiss-U.S. Privacy Shield Framework. The Framework defines standards for handling personal data exported from Switzerland to the U.S. and enables U.S. companies to meet Swiss legal requirements to protect personal data transferred from Switzerland.
On the e-discovery vendor front, the pace of consolidation of large service providers in 2016 was unprecedented compared to prior years.
I have seen hundreds of mistakes over the years, especially in the last decade when my work as a lawyer has been limited to electronic discovery. Many of these blunders were made by “the other side.” Some were funny and made me smile, others were not and led to motions of all kinds. Keeping it real, I have made my own fair share of errors too. Those lessons were painful, but are now deeply etched
In a sign of how internet-connected devices could transform the legal system, a prosecutor in Arkansas is fighting to collect evidence from an Amazon Echo, which could hold sound recordings that reveal details about who committed a murder.
Three Chinese citizens have been charged with hacking into the servers of two prominent – but unidentified – international law firms to steal confidential client information in connection with pending M&A deals.
The Article 29 Data Protection Working Party (WP29) recently held its December plenary meeting to discuss certain issues related to the implementation of the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), which will take effect in May 2018, and of the Privacy Shield, which was opened for self-certification by companies in August.
There are currently no mandatory reporting requirements under UK law specific to cybersecurity incidents except in relation to those communications service providers that are subject to the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended).
The new data privacy regime is expected to result in enhanced transparency, accountability, and individuals’ rights, while optimizing organizational approach to governance and management of data protection as a corporate issue.
SaaS Benefit: Putting costs under operational expenses also affords companies better control of technology spending across the enterprise.
Throughout the election cycle, anxiety over cybersecurity was a central theme, raising issues that businesses and government will face for years to come.
Cloud services providers are subject to HIPAA as business associates even if they are unable to view PHI.
In an industry founded on the legal and ethical obligation to keep information confidential, a data breach erodes trust and may even be grounds for legal and regulatory actions.
The predictive coding method can fail spectacularly with a poor expert, but so can keyword search.
This year’s conference included much conversation about artificial intelligence and machine learning. In addition, advancements in auto-classification was a topic of growing interest for both law firms and corporations.
Lawyers confront disruptive technologies by pretending they don’t exist, like those firms who advised clients to steer clear of cloud computing or the multitudes spending millions of client dollars to contort electronic data into printed, paginated documents.
As many have learned the hard way, placing information on a company intranet, extranet or the internet can open up a world of unintended consequences.