Archives

Transferring data from Switzerland for eDiscovery purposes in a post-Schrems II world

Michael Simon Introduction: another one bites the dust On September 8, 2020, Adrian Lobsiger, the Swiss Federal Data Protection and Information Commissioner (FDPIC), announced in a position paper that he no longer considers the Swiss US Privacy Shield agreement to be adequate for the purposes of lawfully transferring personal data from Switzerland to the US. […]

Transferring data from the EU for eDiscovery purposes in a post Privacy Shield World

Michael Simon A few weeks ago, I had the privilege of participating in a Masters’ Conference webinar on the topic of how to lawfully transfer EU data to the US after the Court of Justice of the European Union (“CJEU”) invalidated the Privacy Shield agreement on July 16, 2020. Despite many uncertainties that remain from […]

Maintaining Your Data Breach Investigation Report as Privileged

Michael Simon A critical component of any major data breach or incident response is retaining an expert consultant to investigate, remediate and recommend changes to prevent reoccurrence of the breach or incident. Companies and their outside counsel rely on these  experts to report on when the intrusion occurred, how it happened, what safeguards were in […]

Cross-Border Data Management and Cybersecurity: Walking the Tightrope of Compliance and Business Efficiency

This article originally appeared on KuppingerCole Analyst’s Blog on June 26, 2018 and is available in its original here. * * * * * Technology is changing rapidly, correlating in an increasing amount of data collected every second.  These technologies cross-borders and allow businesses to operate on a global scale, at a rate never before […]

Bipartisan Cloud Act introduced in the Senate: What does this potentially mean for data stored overseas?

The debate surrounding overseas storage of data continues.  Last week, Senator Orrin Hatch (R-Utah), co-sponsored by Senators Christopher Coons (D-Del.), Lindsey Graham (R-S.C.) and Sheldon Whitehouse (D-R.I.), introduced the Clarifying Lawful Overseas Use of Data Act, or “Cloud Act”, to create a framework for law enforcement to access data that is stored overseas.  You may recall that a case regarding access to data abroad, under the Stored Communications Act (“SCA”), 18 U.S.C. Chapter 121 §§ 2701–2712, is currently pending in front of the Supreme Court.  

Professionalism is the Name of the Game

I was struck today by an article in the New Jersey Law Journal entitled “Lawyer’s ‘Inadvertent’ E-Discovery Failures Led to Wells Fargo Data Breach.” The article tells the tale of an attorney who inadvertently provided Wells Fargo customer information, including personally identifiable information (“PII”), to her adversary in discovery. Apparently, the parties did not have a confidentiality agreement and the documents were not redacted, which violates privacy protection laws (both state and Federal).  

Where is the Data Located?

The U.S. Federal Courts are currently struggling with what may seem like a simple question before the internet and cloud computing:  where is the data located? Back in the age of paper, this question was easy to answer.  Yes, there may have been copies.  But for the most part, the definitive answer was:  where the paper is physically located.  

eDiscovery as a Sword

We have all seen the cartoon where one character removes the “Beware, Quicksand” sign and another character literally steps in it.  Que the panicked looks, the ominous music and the vain efforts to struggle to get free.  And at the end, the quicksand-trapped character usually provides the audience one last longing look before getting pulled below the surface.