Ethical Issues in Data Security Breach Cases www.ScottandScottllp.com Presented by Robert J. Scott Scott & Scott, LLP 800-596-6176.

Slides:

Advertisements

Similar presentations

Electronic Discovery Guidelines Meet and Confer - General definition. a requirement of courts that before certain types of motions and/or petitions will.

Advertisements

Zubulake v. UBS Warburg LLC “Zubulake IV”

Hot Topics in Privacy & Security Law Presented by Robert J. Scott Managing Partner Scott & Scott, LLP

United States District Court for the Southern District of New York, 2004 District Justice Scheindlin Zubulake v. UBS Warburg LLC Zubulake V.

Considerations for Records and Information Management Programs in Light of the Pension Committee and Rimkus Consulting 2010 Decisions.

Beating Back the Assault Scott O’Connell Nixon Peabody Boston, MA Manchester, NH Attorney Client Privilege.

C. 4 Lawyer's Duty of Confidentiality1 Professional Responsibility Ch. 4 The Lawyer’s Duty of Confidentiality Ch. 4 The Lawyer’s Duty of Confidentiality.

 Two Privileges; Different Purposes ◦ Attorney-Client Privilege ◦ Attorney Work Product Privilege ◦ Implicit assumption: “privilege and work product.

© The McCoy Law Firm 2012 James McCoy The McCoy Law Firm Coit Rd., Ste. 560 Dallas, Texas (214)

© 2007 Morrison & Foerster LLP All Rights Reserved Attorney Advertising The Global Law Firm for Israeli Companies Dispute Resolution in the United States.

Q UINCY COLLEGE Paralegal Studies Program Paralegal Studies Program Litigation and Procedure Discovery: Overview and Interrogatories Litigation and Procedure.

Confidentiality A Defining Duty. What are sources of confidentiality obligations? Constitutional law Disciplinary rules Fiduciary responsibility Court.

LEGAL LIMITS TO COMMUNICATION. COMMON LAW FRAUD  Cunning  Deception  Artifice  Cheat  Circumvent  Breach of Trust  Breach of Confidence  Undue.

COUNSEL: ETHICS TRAINING IS FOR YOU, TOO! Presentation to the SACRS Attorney Breakout November 12, 2008 Harvey L. Leiderman & Jeffrey R. Rieger.

Ethical Issues in the Electronic Age Ethical Issues in the Electronic Age Frost Brown Todd LLC Seminar May 24, 2007 Frost Brown.

Bryan Slone, Deloitte - Omaha(402) Greg Scaglione, Koley Jessen - Omaha(402) September 21, 2010 Privilege/Work Product Doctrine.

Privilege, Privacy, and Waiver. Privilege Attorney/Client In the law of evidence, a client's privilege to refuse to disclose, and to prevent any other.

1 Best Practices in Legal Holds Effectively Managing the e-Discovery Process and Associated Costs.

Scott F. Johnson Maureen MacFarlane.  Attorneys have a myriad of ethical obligations  This presentation covers some of those obligations and considers.

E -nuff! : Practical Tips For Keeping s From Derailing Your Case Presented by Jerry L. Mitchell.

1 Sixth National HIPAA Summit The Health Lawyer as Business Associate March 28, 2003 Session VI 3:00 pm Gerald E. DeLoss, Esquire Barnwell Whaley Patterson.

John B. Pegram Fish & Richardson P.C. International harmonization of Attorney-Client privilege 1 © AIPLA 2015.

Managing Software License Disputes: Cooperation or Litigation Presented by Robert J. Scott Scott & Scott, LLP

1 EFFECTIVE IN-HOUSE COMMUNICATIONS AND PRESERVING THE PRIVILEGES Presented By: John Eldridge Haynes and Boone, LLP (713) and Chris Chaffin BMC.

Attorney-Client Privilege in International Disputes “Groundhog Day – Episode III” Ian Meredith Partner, International Arbitration Practice Group Co-ordinator,

Legal 911: Effective Response to the Corporate Crisis Chris Schaeper Greg Meece Thompson & Knight LLP Jessica Roper Shell Oil Company March 11, 2014.

Data Protection Overview

In the Belly of the Breach: What Every In-House Counsel Needs to Know about Data Breach Response ACC International Legal Affairs Committee Legal Quick.

Investigating & Preserving Evidence in Data Security Incidents Robert J. Scott Scott & Scott, LLP

RECENT DEVELOPMENTS IN PENNSYLVANIA BAD FAITH LITIGATION Presented to: BELL & CLEMENTS BELL & CLEMENTS APRIL 4, 2006 S. David Fineman, Esquire S. David.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Legal Liability Chapter 5.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder Legal Liability Chapter 5.

Legal Liability of CPAs Chapter 4. McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, Inc., All Rights Reserved. 4-2 Primary Sources of CPA Liability.

Attorney-Client Privilege and Privacy Considerations Between US Corporations & Foreign Affiliates General Counsel Conference, Washington, D.C. October.

Privacy and Security Laws for Health Care Organizations Presented by Robert J. Scott Scott & Scott, LLP

Discovery III Expert Witness Disclosure And Discovery Motions & Sanctions.

D E N V E R L A S V E G A S O R A N G E C O U N T Y P H O E N I X S A L T L A K E C I T Y T U C S O N Internal Investigations Richard Gordon

Conducting Cross-Border International Internal Investigations Association of Corporate Counsel International Legal Affairs Committee Jeffrey D. Clark Willkie.

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

© 2007 West Legal Studies in Business, A Division of Thomson Learning Chapter 31 Professional Liability.

Legal Liability of Auditors. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 4-2 Primary Sources of CPA Liability Breach.

DOE V. NORWALK COMMUNITY COLLEGE, 248 F.R.D. 372 (D. CONN. 2007) Decided July 16, 2002.

Against: The Liberal Definition and use of Litigation Holds Team 9.

Attorney-Client Privilege Issues

P RINCIPLES 1-7 FOR E LECTRONIC D OCUMENT P RODUCTION Maryanne Post.

Don’t Call My Bluff The Ethics of Negotiation James H. Gilliam BrownWinick 666 Grand Avenue, Suite 2000 Des Moines, IA Telephone:

Rambus v. Infineon Technologies AG 22 F.R.D. 280 (E.D. Va. 2004)

EDiscovery Preservation, Spoliation, Litigation Holds, Adverse Inferences. September 15, 2008.

Chapter Three Confidentiality In this chapter, you will learn about: Basic principles of confidentiality The attorney-client privilege and the difference.

Copyright © 2007 Pearson Education Canada 1 Chapter 21: Completing the Audit.

Litigating Copyright Infringement Claims Related to Competing Software Applications Presented by Robert J. Scott Managing Partner Scott & Scott, LLP

Davis Wright Tremaine LLP Responding to Your Worst Security Breach Nightmare: When Patient Information Is Stolen Rebecca L. Williams, R.N., J.D. Partner.

What Happens When Your Agreement Goes Michelle Pinto ?

John Steele, Attorney at Law. 2 Confidentiality 3 Topics 1. Definitions 2. Comparison 3. ABA Approach 1. Rule; Exceptions; Other rules 4. California.

WASHINGTON DC | NORTHERN VIRGINIA | NEW JERSEY | NEW YORK | DALLAS | DENVER | ANCHORAGE | DOHA | ABU DHABI Government Investigations – an Inspector General’s.

Fool me twice… Shame on Me Metro Toronto Convention Centre February 2, 2010.

The Sedona Principles November 16, Background- What is The Sedona Conference The Sedona Conference is an educational institute, established in 1997,

U.S. District Court Southern District of New York 229 F.R.D. 422 (S.D.N.Y. 2004)

Title of Presentation Technology and the Attorney-Client Relationship: Risks and Opportunities Jay Glunt, Ogletree DeakinsJohn Unice, Covestro LLC Jennifer.

© Sara M. Taylor 2002 Rules of Discovery  State  Federal.

Investigations: Strategies and Recommendations (Hints and Tips) Leah Lane, CFE Director, Global Investigations, Texas Instruments, Inc.

1 Ethical Lawyering Spring 2006 Class 8. 2 Rest. 68 Except as otherwise provided in this Restatement, the attorney-client privilege may be invoked as.

The Applicability of Patent-Agent Privilege After In re Queen’s University at Kingston Presented by Rachel Perry © 2016 Workman Nydegger.

Technology and Media Law

Legal Liability Chapter 5.

PENNSYLVANIA BAR ASSOCIATION PROFESSIONAL LIABILITY COMMITTEE

Chapter 42 Liability of Accountants & Other Professionals

Legal Liability of CPAs

Bonnie Weiss McLeod Cooley LLP

Presentation transcript:

Ethical Issues in Data Security Breach Cases Presented by Robert J. Scott Scott & Scott, LLP

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Potential Legal Implications of a Data Breach º Federal and State Statutory and Regulatory Issues HIPAA Privacy and Security Rules GLBA Safeguards Rules Data breach notification laws Data protection and destruction laws º Civil Liability Unfair Trade Practice Claims Negligence Breach of Contract Unlawful Trade Practices º Examples of pending, past, and potential cases TJX Radio Shack BJ’s Wholesale Club Choice Point DSW Monster

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Business Impacts of Data Breach

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Evidentiary Risks in the Investigation of a Data Breach? º Discovery of a network security incident investigation creates significant risk management concerns º Attorney client privilege can be lost by involving third parties º Internal investigations or investigations by outside IT professionals alone could be discoverable under the work product privilege º Internal investigations by in-house counsel must avoid problems associated with dual business and legal roles under the primary purpose test

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Using Attorney-Client Privilege to Protect the Investigation º Attorney-client privilege protects communications between an attorney and the attorney’s client º Communication must be confidential and made for the purpose of obtaining legal advice from the attorney º Communications regarding investigation of data breach facts is protected by privilege º Privilege held by the client not by the lawyer º Supreme Court’s subject matter test º Less protection may be afforded to in-house counsel because of dual roles

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Using the Work-Product Privilege to Protect the Investigation º FRCP 26(b)(3) protects work-product from discovery º Opinion work-product consists of mental impressions, opinions, conclusions, or legal theories of an attorney or other representative of a party º Ordinary work-product, including raw factual information, consists of preparation materials that do not disclose opinions or impressions º Ordinary work-product discoverable on showing a substantial need and inability to obtain the substantial equivalent by some other means º The primary purpose test for anticipation of litigation º Documents created for a business purpose are not protected even when the information developed may be helpful in legal proceedings

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP State Breach Notification Laws

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Ethical Obligations With Respect to Statutory Notification º 39 states and the District of Columbia have data breach and/or identity theft statutory schemes and recently enacted federal statutes may apply º All the statutes have been enacted in the last few years, with little or no case law interpreting them º Interpretations must be based upon “good faith” and should involve review of legislative history and contain appropriate disclaimers regarding deference to regulatory agencies interpretation

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP The Problem of Over Reporting

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Attorney-Client Privilege and Advice Regarding Statutory and Regulatory Notice Obligations º Attorney-client privilege should protect advice given by an attorney when assessing whether a company is required to give notice in each state where it does business, where a potential loss of data may have occurred, or under federal law º Attorney-client privilege should protect advice regarding how notice is required to be given, when notice should be given, the form notice should take, and what the contents of any notice should be º Privilege is important to shield this decision-making process from discovery in subsequent litigation where plaintiffs may allege claims based on inadequate notice

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Preserving and Collecting Evidence º Ethical obligation of an attorney to avoid having the client get into a spoliation situation Litigants have an obligation to preserve relevant evidence Spoliation applies to electronic information as well as other documents Adverse inference instruction may be granted even where party did not intentionally destroy the evidence

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Ethical Implications of Discovery Obligations in Data Breach Civil Litigation º Duty to supplement disclosures and discovery responses under FRCP 26(e) º New e-discovery rules Attorney with IT personnel on discovery team can make certain all information is collected and reviewed º Potential problems resulting from incomplete compliance with obligations Sanctions under the rules Client’s litigation position could be affected by failure to comply with discovery obligations

Ethical Issues in Data Security Breach Cases © 2007 Scott&Scott, LLP Contact Information Robert J. Scott Scott & Scott, LLP 2200 Ross Avenue, Suite 5350E Dallas, Texas Phone: Fax: