2015 Cyber Security Bills and Impact on Data Breaches Explored
Overview:
In this two hour LIVE Webcast, The Knowledge Group has assembled a panel of notable leaders and professionals to provide the audience with an overview of newly enacted cyber security laws. The speakers will discuss the benefits and implications of the new acts and offer best practices to help in Understanding the 2015 Cyber Security Bills. This CLE course will also provide the audience with useful tips and effective measures to ensure the proper management and protection of corporate data. Guidelines on cyber risk assessment and planning essential in preparing a company from possible cyberattack and financial loss will also be discussed.
Key topics include:
- National Cyber Security Protection Act
- Federal Information Security Modernization Act
- Cyber Security Enhancement Act
- Cybersecurity Workforce Recruitment and Retention Act
- Cyber Security Workforce Assessment Act
- Private-Sector Information Sharing Process
- Codifying Cyber Security Framework
- Reform of Federal Information Systems
- Federal Government's Cybersecurity Workforce
- Compliance Issues
- Cyber Risk Assessment
- Identifying Most Valuable Corporate Assets to Protect
- Identifying Threats
- Quantifying Risks of Cyber Attack
- Strategies for Cyber Risk Mitigation
- Prevention
- Resolution
- Restitution
- Transferring Risks through Cyber Insurance
Agenda:
Stuart T. O’Neal, Trial Attorney and Litigator
Burns and White
- INTRODUCTION
- Stuart O’Neal
- Burns White
- WHY DATA BREACH AND CYBER LIABILITY
- State reasons this is a hot topic
- OUTLINE OF PRESENTATION
- Current Business Trends involving Personal Identifiable Information (PII)
- What is PII?
- How Can Data Security be Breached?
- The Danger of PII Being Compromised
- Data Breach Lawsuits
- Plaintiffs’ Attorney’s Strategy/Causes of Action
- Successful Theories of Defense
- Current State of Case Law/Precedent
- What can we Learn from the Current Case Law/Precedent
- What can we Anticipate moving Forward
- Resources
- Questions and Answers
- CURRENT BUSINESS TRENDS INVOLVING PERSONAL IDENTIFIABLE INFORMATION (PII)
- WHAT IS PII?
- HOW CAN DATA SECURITY BE BREACHED?
- Hackers
- Internally
- Accidentally
- THE DANGER OF PII BEING COMPROMISED
- Bad Press/Future Impact on Business
- Costs of Correction
- Costs of Litigation
- Potentially Large Settlement/Judgment Values
- DATA BREACH IN THE NEWS
- Home Depot – 56 Million Credit Card Numbers
- Staples – 1.16 Million Customer Payment Cards
- Target – 40 Million Credit Card Numbers
- South Carolina Dept. of Revenue
- TRICARE Management Activity – Largest HIPAA breach in history
- PLAINTIFFS’ ATTORNEY STRATEGY/CAUSES OF ACTION
- Individual Lawsuits or Class Actions
- Breach of Express/Implied Contract
- Breach of Fiduciary Duty
- Unjust Enrichment
- Negligence
- State Statutory Claims
- Federal Statutory Claims
- SUCCESFUL THEORIES OF DEFENSE
- Lack of Injury in Fact
- Challenge to the Class Certification
- CURRENT STATE OF CASE LAW/PRECEDENT
- Injury in Fact – no Article III standing
- Clapper v. Amnesty International, 133 S. Ct. 1138 (2013)
- Harris v. comScore, Inc., 825 F.Supp.2d 924 (N.D. Ill. 2011)
- In Re: Google Inc. Cookie Placement Consumer Privacy Litigation, 988 F.Supp.2d 434 (USDC Del. 2013)
- In re Barnes & Noble Pin Pad Litigation, No. 12-cv-8617 (N.D. Ill. 2013)
- Injury in Fact Found!!
- Krottner v. Starbucks, No. 09-35823 (9th Cir. 2010) – Article III standing for “future harm”, but not for Washington State Law
- Resnick v. AvMed, Inc., 693 F.3d 1317 (11th Cir. 2012) – Reversal of trial court finding no standing. Subsequently, this prompted a $3 million dollar settlement.
- Class Certification
- Comcast Corporation, et al. v. Behrend, 133 S.Ct. 1426 (2013) – individualized damages issue precludes certification of class
- In re Hannaford Bros. Co. Customer Data Breach Security Breach Litigation, 293 F.R.D. 21 (USDC Maine 2013) – actual effect and mitigating steps taken by class members differed too much to be certified as class.
- Injury in Fact – no Article III standing
- WHAT CAN WE LEARN FROM CURRENT CASE LAW/PRECEDENT?
- Defense attorneys have two strong arguments, arising early in litigation, to defeat data breach lawsuits.
- Challenges to Injury in Fact and Class Action could significantly devalue such cases, thus leading to a desirable result for your client.
- HOWEVER…..
- WHAT CAN WE ANTICIPATE MOVING FORWARD?
- Plaintiffs’ Attorneys
- Altered strategies to counter attack the negative precedent
- Legislature
- New statutes and Initiatives are out there that could strengthen and broaden the ability to bring litigation for Data Breach.
- California Voters voting on “presumption of harm” in privacy breach cases.
- Data Security and Data Breach Notification Act in front of the Senate
- New statutes and Initiatives are out there that could strengthen and broaden the ability to bring litigation for Data Breach.
- Closely monitor your Jurisdiction to be aware of new developments.
- Plaintiffs’ Attorneys
- RESOURCES
- The Information Law Group
- Data Breach Today
- The Knowledge Group
- Professional Liability Defense Federation
- Burns White, LLC
- Our own Cyber Security Group will continue to stay on top of the trends and developments and post periodic articles on the subject.
- QUESTIONS AND ANSWERS
Caroline McCaffery, General Counsel, Chief Privacy Officer
Clarifai, Inc.
- How a Data Breach currently affects a company
- Training
- Breach preparedness
- Response
- Costs
- Damages - reputational
- Positive and Negative of 1 Federal Breach Notification Law
- If the legislation is one federal breach notification law, that is a good thing for companies who work in technology
- However, not all companies are the same and some requirements may stifle certain sectors due to cost of compliance
- Positives and Negatives of State by State Breach Notification Laws
- If the legislation continues to be state by state, it continues to burden the company with cost in both preparation and response.
- There is familiarity and expertise with this approach already
- Practical advise on how to keep track of new laws in this area and breach preparedness
Who Should Attend:
- Cyber Security Lawyers
- Federal Lawyers
- Homeland Security Lawyers
- Legal Counsel
- Privacy and Data Security Lawyers and Consultants
- Compliance, Risk and IT Officers
- Data Security Professionals
- IT Heads
- Risk Analysts & Controllers
- Risk Officers and Administrators
- Third Party Administrators
- Other Related/Interested Professionals
Stuart T. O’Neal is a trial attorney and litigator at Burns White, where he maintains an active practice throughout Pennsylvania. …
Caroline has 15 years of experience in counseling and providing legal services to technology start-up companies, both as in-house and …
Course Level:
Intermediate
Advance Preparation:
Print and review course materials
Method of Presentation:
On-demand Webcast (CLE)
Prerequisite:
NONE
Course Code:
144719
NASBA Field of Study:
Specialized Knowledge and Applications
NY Category of CLE Credit:
Skills
Total Credits:
2.0 CLE
2.0 CPE (Not eligible for QAS (On-demand) CPE credits)
Login Instructions:
No Access
You are not logged in. Please Login or register to the event to gain access to the materials and login instructions.
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
SPEAKERS' FIRMS:
About Burns and White
Founded in 1987, Burns White is a regional law firm with a national presence in several practice areas. With a full range of service offerings, the firm employs more than 100 attorneys across nine office locations in Pittsburgh, PA (headquarters); Philadelphia, PA; Harrisburg, PA; Wilkes-Barre, PA; Cherry Hill, NJ; Princeton, NJ; Wheeling, WV; Wilmington, DE; and Cleveland, OH. Our lawyers are supported by a staff of more than 50 professionals, including paralegals, information technology specialists, and administrators. Together, they form teams organized around 18 practice groups serving specific industry areas, including cybersecurity, commercial litigation, business practices and employment law to provide unsurpassed service and efficiency.
Website: https://www.burnswhite.com/
About Clarifai, Inc.
Clarifai develops powerful machine learning algorithms to augment intelligence in a new generation of applications. Starting in 2013 with the world’s leading image recognition technology, Clarifai has quickly expanded to incorporate new data sources and support a variety of platforms to provide a deep understanding of image and video content at scale in many environments.
Website: https://www.clarifai.com/