As we all know, the internet continually disrupts society on a global scale. It has become a platform for the international exchange of ideas and, more importantly, brought hundreds of millions of people out of extreme poverty. But with this disruptive platform comes challenges of safety and security, access to information, and censorship within multiple legal systems. How can we appropriately apply the legal standards and expectations from every country in the world to the internet which is, by nature, an international platform?
In this episode of In-House Legal, Randy Milch interviews Google Senior Vice President and General Counsel Kent Walker about his path to general counsel of Google and the current legal challenges the multinational technology company faces. Walker examines internet disruption and censorship and talks about how Google approaches the legal balance between personal privacy and the government’s need for access to information.
Walker begins by talking about his path through the U.S. Attorney’s office, AirTouch Communications, Netscape (which became AOL), eBay, and then ending up in his current position at Google and how different sources of training gave him the experience to be a successful general counsel. Through his history in tech companies, he has interacted with the evolution of information law in privacy and defamation, jurisdictional questions, intellectual property definitions, the limits on patents and copyright, and new questions about antitrust in a digital economy.
Milch and Walker then transition into a discussion on threats arising to the internet as it is today. As Google is intimately involved in the balance between necessary encryption and government access to information, Walker discusses how his legal department approaches this fine line. Discussion inevitably turns to censorship and the “right to be forgotten,” a misnomer actually meaning the right to be delisted from the search engines. They talk about self-censorship within tech companies like Facebook and Twitter, collaboration in Silicon Valley after the Snowden Revelations, and the international goal of access to information and freedom of expression.
As general counsel and senior vice president for legal, policy, trust, and safety at Google, Kent Walker is responsible for managing Google’s global legal team and advising the company’s board and management on legal issues and corporate governance matters. Before joining Google, Walker held senior legal positions at a number of leading technology companies. Earlier in his career, Walker was an Assistant U.S. Attorney with the United States Department of Justice, where he specialized in the prosecution of technology crimes and advised the Attorney General on management and technology issues.
As technology continues to become ever more integrated into our daily lives, the challenges that law firms face grow and evolve. Many tech savvy clients are not only concerned with a lawyer’s ability to represent them but also their ability to protect their files and privileged communications. With more instances of data breaches and hacking being mentioned in the mainstream media, what can a law firm do to shore up their cyber security?
In this episode of the Digital Detectives, hosts Sharon Nelson and John Simek sit down with LMG Security Founder and Senior Security Consultant Sherri Davidoff to discuss cyber security and the audits that are currently available for law firms. Sherri gets the conversation started by breaking down some of the more complex cyber security terminology into easy-to-understand language. The group then ponders factors, such as the loss of client data and law firms being hacked, that prompted this cultural shift within the profession and some of the elements that made it difficult for the industry to justify investing in cyber security until now. The focus then shifts to an analysis of the options available to law firms that are seeking to improve their security standards and ways to prepare lawyers to better interact with clients that might ask to see a firm’s cyber security audits. Sherri then caps off the conversation with a discussion of risk assessment, risk management, and how you present these plans to your clients.
Sherri Davidoff is a nationally-recognized cyber security expert who is a founder and senior security consultant at LMG Security. She has over a decade of experience as an information security professional, specializing in penetration testing, forensics, social engineering testing, and web application assessments. Davidoff is an instructor at Black Hat and co-author of “Network Forensics: Tracking Hackers Through Cyberspace”. She is a GIAC-Certified Forensic Examiner (GCFA) and Penetration Tester (GPEN), and holds her degree in computer science and electrical engineering from MIT.
Attorney Ted Schaer from the law firm of Zarwin Baum DeVito Kaplan Schaer Toddy, P.C. in Philadelphia, Pennsylvania discusses the steps that a business can take to help prepare for, and minimize the chances of a cyber-data breach.
Special thanks to our sponsor, A.M. Best Company, Best’s Directories of Recommended Attorneys & Adjuster, including Expert Service Providers.
In episode two of this two-part series, host Charles Volkert, executive director of Robert Half Legal, and industry experts, Thomas Barnett, Rocco Grillo and Joel Wuesthoff, discuss the key components of a comprehensive cybersecurity plan, how companies can determine their readiness, and what many organizations ignore or overlook with data security management.
In episode one of this two-part series, host Charles Volkert, executive director of Robert Half Legal, and industry experts, Thomas Barnett, Rocco Grillo and Joel Wuesthoff, examine data privacy and security issues that are demanding the attention of legal and IT teams across industry sectors. Learn about the particular risks law firms and legal departments face and the prevention strategies legal teams and their IT counterparts are implementing.
“33% of Fortune 100 Organizations will experience an information crisis by 2017.” – Gartner, an information technology research and advisory firm
Recently, data breaches have become one of the most serious threats to companies worldwide, and as more corporate infrastructure moves online, studies suggest that the rising number of data breaches will cost 2.1 trillion dollars globally by 2019. Because of this, a new market of data breach practice groups has emerged to assist with e-discovery, information governance, data security, and preparation for high-risk technological emergencies. In light of this, what should your law firm or company do to prepare for one of these potentially imminent situations?
In this episode of Digital Detectives, Sharon Nelson and John Simek interview Martin Tully, co-chair of Akerman LLP’s Data Law Practice, about why his firm decided to implement a data breach law group, how data security fits in with current e-discovery and information governance practices, and what every company should include in an incident response plan.
“Data Law”: e-discovery, information governance, and data security consulting
Increased client demand for legal technology services
Strategic partnerships between legal and technical professionals
Company interests: preparation for data loss, litigation, and government inquiry
How to proceed during “the upchuck hour”
Reasons for the increase in data breaches
Who and what should be involved in the incident response plan
Simulated data breach exercises
A lack of data security in many law firms
Martin T. Tully is a partner with the Chicago office of Akerman LLP. He is veteran trial lawyer with more than two decades of experience representing domestic and multinational companies in a variety of complex commercial litigation matters. As the co-chair of Akerman’s Data Law Practice, Martin also focuses on keeping clients ahead of the curve regarding the developing law, technology and best practices related to e-discovery, information governance and data security.
Michael Fricklas is executive vice-president, general counsel, and secretary of Viacom Inc., a powerhouse in the digital content industry. Viacom, a global mass media company, owns Paramount Pictures, Nickelodeon, MTV, Spike, Comedy Central, Channel 5 in the UK, and hundreds of other cable television networks. Because of the massive amount of media content it owns (mostly tv shows and movies), Viacom has been at the center of copyright issues involving YouTube/Google. Additionally, as a large corporation with many departments and outsourced legal work, cybersecurity and cyber attacks have become immensely important recently.
In this episode of In-House Legal, Randy Milch interviews Michael Fricklas about his path to becoming general counsel of Viacom, his specific interest in technology law, and what it’s like to be general counsel in a company owned by lawyers. Fricklas also discusses the copyright infringement lawsuit between Viacom and YouTube, how he managed the corporation’s public reputation during that time, and what he predicts for the future of cybersecurity in law firms and corporate legal departments. Tune in for an inside look at how the digital age has influenced the job of general counsel.
Michael Fricklas has served in senior management of Viacom’s legal department since 1993 and has been general counsel and secretary, Viacom’s most senior legal position, since 1998. He has been deeply involved in the legal issues surrounding the digitization of content and, most recently, has become involved in cyber-security issues.
The public and private sectors are equally struggling with cyber security issues. Despite the development of innovative problem-solving technologies and systems, many small, medium, and large companies are still at great risk of a cyber attack. The government cannot regulate these attacks without proper access to business information and the private sector needs government aggregation of widespread data. What is the true value of information sharing and how can cyber insurance greatly assist in this process of creating better cyber security?
In this episode of In-House Legal, Randy Milch interviews Peter Beshar, executive vice president and general counsel of Marsh & McLennan, about his path to becoming general counsel and how businesses should approach the issue of cyber security. Beshar started at Marsh & McLennan immediately after a civil action was filed against them by Attorney General Eliot Spitzer in 2004. He discusses how he dealt with being a new general counsel at a business in crisis. With stocks down, ratings down, and clients, banks, and employees upset, he learned to be relentlessly positive and to make strong decisions. General counsel and in-house lawyers alike can benefit from his knowledge and experience.
After the break, Beshar discusses cyber security risks and how they affect the private and public sectors. He explains Enterprise Risk Management (ERM): technological innovations coupled with cyber insurance which drives and modifies people’s behavior. Additionally, he says, the government should interact with private businesses to share cyber threat indicators and provide widespread information about preventing cyber attacks. The issue of cyber risks is incredibly prevalent in businesses of any size today, and it is important that we create long-lasting systems for preventative measures.
Peter Beshar is the executive vice president and general counsel of Marsh & McLennan Companies, Inc. He has a wealth of experience as a public servant, as a prominent big law firm litigator, and as general counsel for a global enterprise. Beshar is widely known for his experience with cyber risk insurance.
Joe Looby recently released his documentary The Decade of Discovery about the United States versus Philip Morris tobacco lawsuit in the early 2000s and email e-discovery issues. The film also discusses the emergence of the Sedona Conference as a think tank and forum for discussion about cooperation in e-discovery. Many prominent federal judges were interviewed about the issues with open government and record keeping. Also in the documentary, Jason R. Baron, Esq. talks about open government, record keeping at the White House, and how the e-discovery issues played out in the lawsuit. We are beginning to wonder, in this world of big data, how are we dealing with information governance, specifically within issues of open government and data security?
In this episode of Digital Detectives, Sharon Nelson and John Simek interview Jason Baron about information governance, dark data, open government, and his role in The Decade of Discovery. Baron talks about the increasing amount of electronic data affecting the Freedom of Information Act (FOIA) and the discussion e-discovery experts need to have about providing public access to government records. There is a mandate, he explains, that after 2019, all federal agencies must provide all of their permanent records to the archives in electronic or digital form. Because of this, systems and sophisticated softwares will be required to properly filter and provide access to the data. Baron also discusses information governance as a whole, including privacy, security, discovery, and management, and the need for a Chief Information Governance Officer (CIGO) going into the future. He concludes by praising Richard Braman, a leader in the e-discovery industry, for founding the Sedona Conference and creating the Cooperation Proclamation.
Jason R. Baron, Esq. serves as Of Counsel at Drinker Biddle Reath LLP in their Information Governance and eDiscovery Group in Washington DC. He is Co-Chair of the Information Governance Initiative, is currently Chair-elect of the DC Bar Litigation Section E-Discovery Committee, and is an adjunct faculty member at the University of Maryland. His 34 years of public service include serving as a trial lawyer and senior counsel at the US Department of Justice and as the first Director of Litigation at the US National Archives and Records Administration. An internationally recognized speaker and writer on the subject of electronic records, Mr. Baron has been recognized by The American Lawyer magazine as a “trailblazer” in e-discovery in its August 2013 issue of “The Top 50 Big Law Innovators of the Past 50 Years.” He was the 2013 recipient of the Federal Bar Association’s Justice Tom C. Clark Outstanding Government Lawyer award.
In November of 2014, hackers infiltrated Sony’s computer network lifting terabytes of corporate data, human resources information, internal intel, films, corporate emails, and other valuable information. This led the corporate world to question how protected we really are from cyber attacks. In the 1990’s, the only computer issue was viruses, but the attack vectors have since changed. Companies and individuals are now subject to spear phishing, spyware attacks, malware, drive-by downloads, and browsers. What steps are now necessary to keep hackers from accessing your valuable data? And on a separate but equally interesting subject for lawyers, who really was behind the Sony attack?
In this episode of Digital Detectives, hosts Sharon Nelson and John Simek analyze the progression of data security over time, look into data loss prevention steps, and consider each potential suspect of the Sony hack. Nelson describes the internet security suites that have been developed to include protection from all different types of attacks. However, she explains, these security systems are unlikely to keep out a sophisticated and determined hacker who is specifically targeting a corporation, law firm, or individual. The newer systems simply try to detect the infiltration and respond to it, observing what data is compromised and trying to identify the hacker. Simek explains several systems that are being used for security including data loss prevention, intrusion detection, and Security Information and Event Management (SIEM) products which correlate data to figure out what’s normal.
Nelson and Simek then go on to analyze why Sony was attacked and who may have done it. The hosts explain security blogger Bruce Schneier’s theories on the suspects ranging from an official North Korean military operation to a disgruntled ex-employee. Listen to the podcast to hear the hosts’ strong case for who they think the hacker was. Nelson also reviews Sony’s reaction to the security attack. Stay tuned until the end for the NSA’s rumored ability to create a cyber defense system and the international implications of an automated cyber attack response.