Privacy and Security Concerns: The Bring Your Own Device Policy
Overview:The Bring Your Own Device Policy ("BYOD") in the workplace continues to be bring significant challenges for employers and attorneys. Staying informed and knowing the best strategies, are the key to mitigating the potential privacy and security risks that often lead to costly penalties. In this LIVE Webcast, the following key issues will be addressed:
- BYOD: an Overview
- Issues Surrounding BYOD Policy
- Knowing and Handling the Common Privacy and Security Issues
- Impact of the Recent Workplace Cases Concerning BYOD policy
- Best Strategies in Adopting BYOD
- And a lot more!
Privacy and Security Concerns: The Bring Your Own Device Policy LIVE Webcast is designed for employers and attorneys who seek to have an enhanced understanding of the issues surrounding the BYOD Policy in the workplace. Our panel of key thought leaders and practitioners will conduct a thorough panel of the above mentioned topics including the most critical issues which will be followed by a Q&A session in which the audience will be invited to ask the speakers questions live.
James S. DeGraw, Partner,
Ropes & Gray LLP
Introduction of topic thru scene setting
- Four to five key considerations in BYOD programs, including key legal considerations
- How do you address the issues, considering these ramifications.
- Management and governance.
Goodwin Procter LLP
- Data Breaches:
- Breach notification laws require disclosure to consumers when certain personal information is compromised.
- Breaches occurring through employees' own devices raise additional complications that must be addressed in the company's breach response policy
- Data Retention: Enterprises have a wide range of data retention requirements. Permitting employees to bring their own devices raises additional compliance challenges
- Compliance with Law and Contractual Requirements
- Companies permitting employees to bring their own devices and store data on those devices must ensure that they remain in compliance with applicable law, regulation and contractual requirements. For example, a number of laws impose specific data security requirements. Companies must ensure that their employees' and their employees' devices meet all applicable security requirements.
- Access to and Control of Corporate Data:
- Companies will have a need to have access to corporate data stored on employees' devices (both during employment and upon any employee termination).
Lori Chang, Attorney,
Greenberg Traurig, LLP
- Issues pertaining to eDiscovery in a BYOD context and an employer's legal obligations to preserve and respond to discovery seeking information on employees' personal devices; review of recent eDiscovery cases that have implications on BYOD.
- Employer monitoring of employee electronic communications; employee use of social networks and state laws that restrict employer access to employees' personal social media credentials.
Harriet Pearson, Partner,
Hogan Lovells US LLP
What global companies need to do;
- It is vital to address BYOD in a holistic manner. When a company implements BYOD, it is also implementing Bring Your Own Application and Bring Your Own Cloud. Moreover, because employees can bring their devices anywhere, BYOD programs implicate international privacy laws. BYOD policies must be crafted and implemented with an eye to all of the issues that are raised.
- The greatest risk associated with BYOD is data loss. To mitigate those risks, companies should use Mobile Device Management software. But MDM software must be implemented in a careful manner. MDM software raises privacy and other risks. Monitoring employee use of devices raises privacy issues, and remote-wiping may violate computer access laws and risks deleting employees' property.
- Transparency is the first step to implementing a sound BYOD program. A BYOD policy should clearly describe what employee behaviors and activities are permitted; how the company will enforce the policy; how MDM software will be used; whether and how the company will monitor employee activities; and what actions the company may take if a device is reported as lost or stolen or if a device is implicated in a litigation hold or discovery. Counsel, Security, and IT should be brought together to ensure that the BYOD policy accurately reflects company practices.
- Consent is also vital to a BYOD program. In exchange for the flexibility of being able to use their own devices, employees should be asked to consent to the installation of MDM software, and to indicate their understanding of and consent to particular aspects of the BYOD policy. It is especially important that employees indicate their understanding of and consent to acceptable use policies and the use of remote-wiping and monitoring. Rather than just asking for general consent to the BYOD policy, it is advisable to prompt for consents to important aspects of the BYOD policy.
Mauricio F. Paez, Partner,
- Program management and governance
- Labor and Employment issues
- Workplace conduct
- Workplace privacy
- Legal compliance
- Policy implications
- Information and network security issues
- Implementation issues
- Security policy concerns
Who Should Attend:
- Employment, Privacy, Marketing, New Media Attorneys and Related Practice Areas
- Chief Security Officers
- Risk and Compliance Officers
- IT Heads
- Senior Management
- Private Companies
- Public Companies
- Privacy and Data Security Lawyers and Consultants
- And other related/interested professionals
Jim is a technology attorney who provides strategic advice to clients on handling and protecting data, technology, intellectual property assets of their businesses. This includes helping clients develop and protect businesses built on data, technology and intellectual property assets, whether through targeted marketing campaigns by consumer product companies or portfolio licensing programs by academic research centers, and navigating myriad intellectual property issues to put together comprehensive protection strategies.
A certified privacy professional, CIPP/US, Jim's work includes advising clients on their collection, handling and protection of data by their organizations; evaluating data policies and practices; responding to data security breaches and incidents, and otherwise navigating the opportunities and concerns raised by changes to data privacy and security laws and by the growth of social media.
Jim is a technology attorney who provides strategic advice to clients on handling and protecting data, technology, intellectual property assets …
Jacqueline Klosek is an attorney with Goodwin Procter LLP, where she practices in the firm’s Data Privacy and Security Task Force. Jacqueline is the author of the following books: Protecting Your Health Privacy: A Citizen’s Guide to Safeguarding the Security of Your Medical Information (Praeger, 2010); The Right to Know: Your Guide to Using and Defending Freedom of Information Law in the United States (Praeger, 2009); War on Privacy (Praeger, 2006); The Legal Guide to e-Business (Greenwood Publishing, 2003) and Data Privacy in the Information Age (Greenwood Publishing, 2000). She is also a co-author of CyberLaw: Texts and Cases, 3rd Edition (Cengage Learning 2010) and is the editor of the 3rd edition of the ABA Guide to International Business Negotiations: A Comparison of Cross-Cultural Issues and Successful Approaches (ABA Publishing, 2008).
Jacqueline is a Certified Information Privacy Professional. She is a graduate of the Vrije Universiteit in Brussels (LLM, European and International Law); Benjamin N. Cardozo School of Law (JD, Law) and New York University (BA, Psychology).
She may be reached at: firstname.lastname@example.org
Jacqueline Klosek is an attorney with Goodwin Procter LLP, where she practices in the firm’s Data Privacy and Security Task …
Lori Chang is an intellectual property attorney in Greenberg Traurig’s Los Angeles office. She represents clients in a variety of business and commercial disputes, with emphasis on matters relating to complex intellectual property and Internet litigation, including privacy, copyright, trademark and Internet law-related issues. Her practice also involves counseling on data security and privacy matters, including matters involving data security breaches and matters pertaining to the Stored Communications Act.
Lori Chang is an intellectual property attorney in Greenberg Traurig’s Los Angeles office. She represents clients in a variety of …
Harriet Pearson is a partner in the Washington, D.C. office of Hogan Lovells, where her practice focuses on privacy, data security, and cybersecurity. She advises companies and boards of directors on legal risk assessments and mitigation strategies; enterprise-wide governance and compliance programs; security incident responses and remediation; investigations and enforcement; cross-border data transfers; regulatory compliance; and legislative, regulatory and self-regulatory processes.
Harriet joined Hogan Lovells in 2012 from the IBM Corporation, where served as Vice President, Security Counsel and Chief Privacy Officer and was responsible for global information policies and practices affecting over 400,000 employees and thousands of clients and vendors.
Harriet currently co-chairs the Georgetown University Cybersecurity Law Institute and serves on the ABA President's Task Force on Cybersecurity and on the advisory boards of the Electronic Privacy Information Center and the Future of Privacy Forum. She previously served on the CSIS Commission on Cybersecurity for the 44th Presidency and the executive committee of the Centre for Information Policy Leadership. A founding and long-serving board member of the International Association of Privacy Professionals (IAPP), she conceived of and spearheaded the founding of the IAPP's Pro Bono Privacy Initiative.
Dubbed by one legal publication as the "First Lady of Privacy," Harriet is one of the first and longest-serving chief privacy officers in the Fortune 500 and an internationally-recognized data privacy and security pioneer. In 2007 the IAPP presented Harriet with its highest honor, the Vanguard Award, awarded annually to "the individual professional who best demonstrates outstanding leadership, knowledge and creativity in the field of privacy and data protection." In 2012 the Executive Women's Forum presented her with its Corporate Practitioner "Woman of Influence" award for cybersecurity, privacy and risk management.
Harriet is an honors graduate of the UCLA School of Law (Order of the Coif) and Princeton University.
Harriet Pearson is a partner in the Washington, D.C. office of Hogan Lovells, where her practice focuses on privacy, data …
Mauricio Paez advises global clients on privacy and data protection, cross-border intellectual property and technology commercial transactions, and strategic sourcing and outsourcing matters. In addition, he advises clients on the acquisition and disposition of technology assets and intellectual property rights worldwide.
As a co-chair of the Firm's global privacy practice, he advises Fortune 100 companies on all legal aspects of privacy and information security. He regularly advises clients on current and emerging information management, privacy, security, and data protection laws. He has assisted clients in developing and implementing worldwide policies and compliance procedures for handling and safeguarding personal and company information, maintaining and transferring customer and employee information, and regulating data transfers with third parties. He conducts privacy assessments and information security policy audits and assists clients in handling and responding to data security incidents on a worldwide basis. Mauricio advises clients on U.S. laws (such as GLB, HIPAA, COPPA, CAN-SPAM, FCRA/FACTA, and security breach notification obligations) and data protection compliance risks in other major jurisdictions (Canada, EU, Latin America, and Asia).
Mauricio's practice is also strong in multijurisdictional sourcing and outsourcing arrangements. His recent representations involve assisting Sprint Nextel in the sourcing of next generation wireless infrastructure equipment to be used to upgrade Sprint's nationwide wireless network. His involvement ranges from assisting clients with competitive requests for proposals, multiple vendor negotiations, setting up offshore captive operations, sourcing partnerships, and multijurisdictional outsourcing transactions.
Mauricio is a member of the American Bar Association, the Hispanic National Bar Association, the New York State Bar Association, and the Association of the Bar of the City of New York.
Mauricio Paez advises global clients on privacy and data protection, cross-border intellectual property and technology commercial transactions, and strategic sourcing …
Print and review course materials
Method of Presentation:
NASBA Field of Study:
Specialized Knowledge and Applications
NY Category of CLE credit:
Unlock All The Knowledge and Credit You Need
Leading Provider of Online Continuing Education
It's As Easy as 1, 2, 3
Get Your 1-Year All Access Pass For Only $199
About Ropes & Gray LLP
Ropes & Gray LLP is a leading global law firm with offices in New York, Washington, D.C., Boston, Chicago, San Francisco, Silicon Valley, London, Hong Kong, Shanghai, Tokyo, and Seoul. Built on a foundation of more than 140 years of forging strong client relationships, Ropes & Gray has over 1,000 lawyers and professionals representing interests across a broad spectrum of industries in corporate law and litigation matters, as well as counseling on labor and employment issues, tax and benefits, creditors' rights, and private client services. The firm's clients include leading industrial companies, financial institutions, government agencies, hospitals and health care organizations, colleges and universities, as well as families and individuals.
About Goodwin Procter LLP
Founded in 1912, Goodwin Procter LLP is a leading Global 100 law firm, with offices in Boston, Hong Kong, London, Los Angeles, New York, San Francisco, Silicon Valley and Washington, D.C. The firm provides corporate law and litigation services, with a focus on matters involving real estate, REITs and real estate capital markets; private equity; technology companies; financial institutions; intellectual property; privacy and data security; products liability and mass torts; and securities litigation and white collar defense. The firm excels at complex and sophisticated transactional work and precedent-setting, bet-the-company litigation. Its attorneys combine in-depth legal knowledge with practical business experience to deliver outstanding results for clients. Goodwin Procter is sustained by an entrepreneurial culture and driven by a commitment to excellence, innovation and client service. For more information, visit www.goodwinprocter.com. Follow us on Twitter @GoodwinProcter
About Greenberg Traurig, LLP
Greenberg Traurig, LLP (GT) is an international, multi-practice law firm with approximately 1750 attorneys serving clients from 36 offices in the United States, Latin America, Europe, the Middle East and Asia. GT offers a multidisciplinary team solving real-world problems in the business, political and legal environments of major commercial centers. With experience in more than 100 practice areas, GT's network of contacts throughout the world position the firm to help clients achieve their objectives both domestically and in the global marketplace. GT's IP and Technology Practice of more than 180 full-time IP and technology attorneys provide strategic counsel for clients requiring in-depth understanding in specialized technology. Experienced in federal and state court litigation of patent, trademark, trade dress, trade secret and copyright infringement, as well as in computer software-related disputes, GT has handled some of the most complex IP cases. GT's Privacy & Data Security group is dedicated to developing strategies to address privacy, data security, and information management issue, with experience that encompasses the full array of legislation and regulations.
About Hogan Lovells US LLP
Hogan Lovells is a global legal practice that helps corporations, financial institutions, and governmental entities across the spectrum of their critical business and legal issues globally and locally. We have over 2,500 lawyers operating out of more than 40 offices in the United States, Europe, Latin America, the Middle East, and Asia.
Hogan Lovells offers:
- an exceptional, high quality transatlantic capability, with extensive reach into the world's commercial and financial centers;
- particular and distinctive strengths in the areas of government regulatory, litigation and arbitration, corporate, finance, and intellectual property; and
- access to a significant depth of knowledge and resource in many major industry sectors including hotels and leisure, telecommunications, media and technology, energy and natural resources, infrastructure, financial services, life sciences and healthcare, consumer, and real estate.
Our practice breadth, geographical reach, and industry knowledge provide us with insights into the issues that affect our clients most deeply and enable us to provide high quality business-oriented legal advice to assist them in achieving their commercial goals.
A distinctive culture
Hogan Lovells is distinguished by a highly collaborative culture which values the contribution of our diverse team both within Hogan Lovells and in the wider community. Our style is open, service focused, and friendly. We believe that our commitment to client service, commerciality, and teamwork provides benefits to our clients and enhances effective business relationships.
About Jones Day
Jones Day is a global law firm with 40 offices in major centers of business and finance throughout the world. Its unique governance system fosters an unparalleled level of integration and contributes to its perennial ranking as among the best in the world in client service. Jones Day provides significant legal representation for almost half of the Fortune 500, Fortune Global 500, and FT Global 500.