Posts Tagged ‘privacy’

Emerging Content Formats Challenge eDiscovery

Emerging Content Formats Challenge eDiscovery

According to a recent report from Osterman Research, any electronic information is potentially subject to e-discovery, including text messages, social media posts, data in collaboration tools and data from the Internet of Things (IoT). Web pages and data from wearable devices and vehicle event recorders are among the new sources of electronically stored content (ESI) that are possible targets for e-discovery.


Eyeing Expansion, Chicago eDiscovery Company Rebrands

Eyeing Expansion, Chicago eDiscovery Company Rebrands

Andrew Sieja, kCura founder and CEO, said the Relativity brand long ago eclipsed kCura, a term which was coined years ago when the company had ambitions to specialize in knowledge management. Instead, it found success in the roughly $2.5 billion e-discovery software market, with a reported 13,000 users including nearly every AmLaw 200 firm, the U.S. Justice Department, plus corporations including NBCUniversal, LinkedIn, Allstate and others.


Your Riskiest Data Is Often Hiding in Plain Sight

Your Riskiest Data Is Often Hiding in Plain Sight

Organizations must consider data across all information systems and gateways, whether unstructured or structured. Don’t focus only on “building walls” around the perimeter to keep people out and keep information in. The challenge with this approach is that as you build a 10-foot wall, your opponent brings an 11-foot ladder. By the time disaster strikes, you may not be able to adequately assess or understand your corporate risk.


Did Data Scraping Just Get A Tiny Bit Safer?

Did Data Scraping Just Get A Tiny Bit Safer?

Is it okay to scrape data from another website? This is a frequently asked question that almost always leads to an ambiguous and equivocal answer.


5 Experts Share Advice on Preparing for GDPR

5 Experts Share Advice on Preparing for GDPR

The General Data Protection Regulation (GDPR) is a great example of change taking place in one part of the world — the European Union — that will have global impact.


Top 10 Steps to Operationalize the GDPR

Top 10 Steps to Operationalize the GDPR

Being GDPR ready is a task which extends beyond the privacy or compliance team and requires the involvement and cooperation of the entire organization to take compliance with the GDPR from theory to practice. 


Edge Computing Could Push the Cloud to the Fringe

Edge Computing Could Push the Cloud to the Fringe

Peter Levine, a general partner at venture capital firm Andreessen Horowitz, has an interesting working theory. He believes that cloud computing is soon going to take a back seat to edge computing — and we will very quickly see the majority of processing taking place at the device level.


Key Considerations for Adopting Ephemeral Communications Tools

Key Considerations for Adopting Ephemeral Communications Tools

As with the adoption of any emerging technology in the workplace (email, electronic signatures, etc.), the use of ephemeral communication tools by an organization requires a risk-versus-reward analysis. 


Merger and Acquisition Due Diligence: Incorporating Privacy, Security, eDiscovery, and Information Governance into Due Diligence

Merger and Acquisition Due Diligence: Incorporating Privacy, Security, eDiscovery, and Information Governance into Due Diligence

Modern M&A practices are just now beginning to catch-up to new technologies by including data privacy (“DP”), information security (“IS”), e-Discovery, and information governance (“IG”) concerns as discrete issues within the traditional due diligence paradigm.


BayLDA Publishes Questionnaire Regarding GDPR Audit

BayLDA Publishes Questionnaire Regarding GDPR Audit

The BayLDA is responsible for data protection for the private sector in Bavaria and is supervising data processing by privately owned corporations/commercial entities, freelancers, privately owned hospitals and nursing homes, associations and political parties, online companies, and private individuals. On the basis of numerous requests, the BayLDA decided to publish its recent questionnaire regarding the GDPR audit in English.


German Parliament Enacts Wide-ranging Surveillance Powers Allowing End User Devices to Be Hacked by Authorities

German Parliament Enacts Wide-ranging Surveillance Powers Allowing End User Devices to Be Hacked by Authorities

On June 22, 2017, the German Parliament passed a bill that, among other things, awards extensive surveillance powers to law enforcement authorities.


No Searching of Cloud Data at the Border

No Searching of Cloud Data at the Border

U.S. border officers aren’t allowed to look at any data stored only in the “cloud” — including social media data — when they search U.S. travelers’ phones.


From Data to Dachau: Putting a Face on Data Privacy

From Data to Dachau: Putting a Face on Data Privacy

with the advent of data tools and technologies ranging from autoclassification to automation, it is more important now than ever that legal and information technology professionals consider not only the positive things that can be accomplished with data-centric technology, but that they also consider the potential misuse of data technology.


The New Information Governance Playbook for Addressing Digital Age Threats

The New Information Governance Playbook for Addressing Digital Age Threats

Published in the Richmond Journal of Law & Technology, The New Information Governance Playbook for Addressing Digital Age Threats by Philip Favro, Donald Billings, David Horrigan, and Adam Kuhn provides actionable information for assessing and addressing cyber threats.


Deeper Dive: Vendor Management Crucial for Data Protection

Deeper Dive: Vendor Management Crucial for Data Protection

Organizational obligations regarding data privacy and security extend not only to the data in a company’s possession, but also to its data in the possession of a third-party service provider or business partner.


What Is Auto-Classification and How Does It Assist with GDPR Compliance?

What Is Auto-Classification and How Does It Assist with GDPR Compliance?

Auto-Classification’s ability to group information by category or by specific characteristics will prove useful for GDPR compliance. Similarly, Auto-Classification’s ability to detect the presence of PII and other sensitive content will likely become a best practice when it comes establishing GDPR protections.


Cybersecurity a Pain Point for Plaintiffs

Cybersecurity a Pain Point for Plaintiffs

Enhanced cybersecurity is a rising tide that floats all boats. But, let me reveal who’s likely to get swamped by this rising tide: requesting parties (or, as corporations call them “plaintiffs’ lawyers”), and their experts and litigation support providers.


Shields Up? A Short List of Privacy Shield Certified eDiscovery Providers

Shields Up? A Short List of Privacy Shield Certified eDiscovery Providers

The following short list of companies highlights eDiscovery providers that have been certified with the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks. The frameworks were designed to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.


Securing Client Communications: ABA Issues New Ethics Opinion on Attorney-Client Email

Securing Client Communications: ABA Issues New Ethics Opinion on Attorney-Client Email

This opinion sends a clear signal that law firms have to pay attention to the security of email and other client communication.


Why You Need to Prepare for the GDPR Now

Why You Need to Prepare for the GDPR Now

The GDPR legislation is complex and far-reaching, laying out some specific mandates for businesses. It compels businesses to securely collect and store — as well as more diligently use — the personal data of consumers in 28 EU member states. This will also include the UK, which will maintain equivalent laws post-Brexit.


A 12 Step Approach to General Data Protection Regulation (GDPR) Compliance

A 12 Step Approach to General Data Protection Regulation (GDPR) Compliance

Many of the GDPR’s main concepts and principles are much the same as those in the current Data Protection Act (DPA), so if you are complying properly with the current law then most of your approach to compliance will remain valid under the GDPR and can be the starting point to build from. However, there are new elements and significant enhancements, so you will have to do some things for the first time and some things differently. It is important to use this checklist and other Information Commissioner’s Office (ICO) resources to work out the main differences between the current law and the GDPR.


95% of Organizations Have Employees Seeking to Bypass Security Controls

95% of Organizations Have Employees Seeking to Bypass Security Controls

Employees using private VPNs and Tor on an enterprise network are typically trying to hide their actions and do something that will not be detected by the organization’s security controls, he says. “Security bypass is the first step towards data theft or other destructive behavior,” Koo says.


U.S. Secretary of Commerce Announces Swiss-U.S. Privacy Shield Framework is Open for Business

U.S. Secretary of Commerce Announces Swiss-U.S. Privacy Shield Framework is Open for Business

Today [Wednesday, April 12, 2017], U.S. Secretary of Commerce Wilbur Ross announced that the newly launched Swiss-U.S. Privacy Shield Framework is now accepting self-certifications. The Framework provides companies a mechanism to comply with Swiss data protection requirements when transferring personal data from Switzerland to the United States in support of transatlantic commerce.


Swiss-U.S. Privacy Shield FAQs

Swiss-U.S. Privacy Shield FAQs

When can an organization self-certify to the Swiss-U.S. Privacy Shield? Starting April 12, 2017, organizations can self-certify to the Swiss – U.S. Privacy Shield Framework.