Insider Threats Part 3 – Making Third-Party Risk Management A Priority

By Antonia Dumas, Associate at XPAN Law Group LLC In the first blog of this insider threat series, we discussed the importance of changing the perspective regarding third-party relationships as insider threats. Then we turned to more obvious threats, your own employees as your weakest link. However, now we turn to the need to make […]

As Government Agencies Expand the Use of Biometric Technologies, Privacy and Civil Liberties Activists Raise Alarm, and Legislators Start Paying Attention

By Michael A. Shapiro, Attorney at XPAN Law Group, LLC Last month, we wrote about legal developments and changing regulatory landscape affecting the use of biometric data in the private sector. The government at the federal and local levels also collects and processes a vast amount of biometric information on U.S. citizens and foreign nationals.  […]

A CISO and Outside Cybersecurity Counsel: A Marriage Made in Heaven

Frequently people ask, “why would a company [or organization] need a good cybersecurity and data privacy attorney”? A CISO (chief information security officer) should be able to handle everything, right? She should be intimately familiar with the corporate network infrastructure, all of the current policies, procedures, SOPs, and guidelines, all existing privacy and security regulations/requirements, […]

A Biometric Data Regulation: Coming to a State Near You

By Michael A. Shapiro, Attorney at XPAN Law Group, LLC Once a subject of science fiction movies, biometric identification is becoming an integral part of our daily lives.  Between fingerprint scanning, voice print identification, and facial recognition technology, more and more companies are collecting and processing biometric data. While biometric identification provides more security advantages […]

Beware of Potential Conflicts: Should Your Organization Appoint an IT Director as a Data Protection Officer?

**Reproduced from the International Journal for the Data Protection Officer, Privacy Officer, and Privacy Counsel, availabe here.  By Jordan L. Fischer, Esquire, Managing Partner, XPAN Law Group, LLC and Michael A. Shapiro, Esquire, XPAN Law Group, LLC Since the enactment of the European Union’s General Data Protection Regulation (the “Regulation”), the Data Protection Officer (“DPO”) […]

Year Number 2, A Rollercoaster Worth Riding

Dear Family, Friends, Team, Colleagues, and Everyone, XPAN is celebrating its Second Anniversary — even typing that makes us so proud! What started as just an idea has evolved into a full, live, real, law practice in a new and evolving field. Sometimes, we have to pinch ourselves to make sure it has all happened. […]

Nowhere to Run, Nowhere to Hide

This week we saw yet another rash of cyberattacks. The Philadelphia court system website was shut down Tuesday (May 21st) all afternoon because of a virus intrusion. The court website is where attorneys file all of their pleading (complaints, answers, motions) for court cases taking place in Philadelphia. And while it is bad enough to deprive […]

Insider Threats Continued – Your Own Employees Are Your Weakest Link

By Antonia Dumas, Associate at XPAN Law Group LLC In a previous blog post, we discussed  insider threats with a focus on a non-obvious threat, your third-party relationships, describing how an insider threat can be defined and the types of actors that can be a threat to the protection and privacy of your systems and […]

Better Late than Never: While Organizations Struggle to Comply with the California Consumer Privacy Act on Time, Ignorance of the Law Is Not an Option

By Michael A. Shapiro, Attorney at XPAN Law Group, LLC The California Consumer Privacy Act (CCPA) enacted last summer is the first comprehensive U.S. privacy law which creates broad rights for consumers in California and parallel duties on businesses regarding the use of private information.  Among the rights delineated by the CCPA, consumers can seek […]

Your Third-Party Relationships Are Insider Threats

By Antonia Dumas, Associate at XPAN Law Group LLC Last week, I had the pleasure of attending the inaugural Cyber Security Summit held in Philadelphia. One hot topic that came up during several presentations and panel discussions was the issue of insider threats. As I sat there listening to discussions of more obvious insider threats […]