WEBINAR – COVID-19 – European and U.S. Cybersecurity Issues: Preventing and Responding to Cyber Incidents
Join OneTrust DataGuidance and Sidley for a webinar discussing COVID-19 and European and U.S. cybersecurity and cyber risk insurance issues.
The COVID-19 global pandemic presents unique legal and practical challenges for companies across all industries, including with respect to cybersecurity risks and protections. There are increased cyber vulnerabilities from insider and external threat actors, including cyber attacks on individuals and companies.
In this webinar, we will highlight the dynamic and evolving cybersecurity threats companies face as a result of the pandemic, and the global legal implications of a cyber breach in this new environment – and how they can reduce these risks, and effectively respond to a cyber incident.
COVID-19: Key EU And U.S. Cybersecurity Issues and Risk-Remediation Steps
The COVID-19 crisis has created significant cybersecurity risks for organizations across the world, particularly arising from remote working, scams and phishing attacks, and weakened information governance controls. These risks warrant attention by legal counsel and information security officers in light of potentially significant adverse legal, financial and reputational consequences that could arise – all while the organization is dealing with effects of a global pandemic.
In addition to identifying the cybersecurity risks, we also consider key measures that organizations can consider adopting to reduce such risks, including measures recommended by the UK’s National Cybersecurity Centre (NCSC), EU’s Agency for Cybersecurity (ENISA) and the US Federal Bureau of Investigation. The speed at which the COVID-19 crisis has evolved has meant that many organizations have not been able to deploy effective risk-reducing measures in a timely manner.
Working and Executing Contracts From Home: U.S. eSignatures in the COVID-19 Era
Social distancing imperatives and the resulting surge in remote work polices have led to increased demand for the use of electronic signatures in commercial transactions. Although the method of execution is just one factor to consider when determining the validity and enforceability of a contract, electronic signatures — when appropriately deployed — can provide a convenient replacement for manual wet-ink signatures in many transactions. The U.S. Electronic Signatures in Global and National Commerce Act (E-SIGN), as well as the widespread adoption at the state level of the Uniform Electronic Transactions Act (UETA) or comparable electronic signature laws, provide that electronic signatures and electronic records cannot be denied legal effect, validity or enforceability solely because they exist in electronic form. As workforces suddenly shift to remote operations with siloed employees lacking access to typical office services, yet still facing the same business needs and time demands, companies are reevaluating their electronic signature and records policies and technologies.
Coronavirus Risks – U.S. and European Employment and Privacy Law Issues
This post seeks to help parties navigate issues arising from COVID-19 risks from an employment and privacy law perspective in both the United States and Europe.
Novel coronavirus (COVID-19) presents significant issues for employers to navigate and significant consequences for employees across industries as COVID-19 reduces consumer spending, disrupts supply chains and presents challenges for managing workforces globally. Employers should be aware of their responsibilities and proactively put in place action plans to address this growing problem. Designing these plans, and addressing requested or mandated leaves and other restrictions on employee work, presents myriad employment law issues that may vary by jurisdiction. Employers are also likely to confront privacy questions as they seek information on employees’ and others’ health and travel across jurisdictions. In developing a plan, employers will want to consider these issues in a holistic and coordinated manner.
Retail Privacy Network
You are invited to join privacy professionals in the retail sector for topical conversation, learning and networking at the first Retail Privacy Network meeting.
This interactive meeting will include hot topics in UK/EU data privacy and cybersecurity with practical case studies on retail industry issues.
The agenda will include discussions on:
- Lessons learned from GDPR enforcement actions and update on cookies
- Erasure and back-ups
- Use of biometrics (including facial recognition technology)
- Adtech, real-time bidding and valid consent
Congratulations to Sidley’s Newest Partners!
Congratulations to our 30 colleagues, including Kate Heinzelman and Tomoki Ishiara, for their election to the Sidley Austin partnership, effective January 1, 2020. Kate has strong experience involving complex privacy and data security matters and represents several large, multinational companies, as well as startups, in the healthcare, technology and financial services sectors, among others. Tomoki works out of Sidley’s Tokyo office and supports our global privacy practice in the Asian market.
The Sixth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Available
The sixth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection and cybersecurity landscape in a time when mega breaches are becoming more common, significant new data protection legislation is coming into effect, and businesses are coming under increased scrutiny from regulators, Boards of Directors and their customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law. (more…)
Comments Submitted on California Consumer Privacy Act of 2020—Initiative 19-0021
As submitted for the comment period on Initiatives – Active Measures for Initiative 19-0021 on November 8, 2019.
Dear Mr. Mactaggart,
As privacy practitioners, we share your passion and dedication to the development of information privacy and data protection law in the United States. We acknowledge your achievement in pushing for the enactment of the California Consumer Privacy Act (CCPA) and contributing to the ongoing national conversation to advance privacy rights. Your commitment to these issues is clear, and we commend the seriousness of your work in addressing privacy rights in accordance with your vision.
We write in the spirit of constructive development of privacy regulation, and offer the following comments in the hope of contributing to the goal we share with you: improving the quality and effectiveness of U.S. privacy and data protection law while ensuring the continued innovation and flexibility that so benefit our society. Although we often advise the regulated community on privacy and data protection matters, the views expressed here are our own.
At the outset, we note that there are important improvements in your proposed initiative relative to the enacted CCPA. Many of your new initiative’s provisions could serve to move privacy and data security law in a positive direction. In this vein, we note the following: (more…)
The CCPA and Litigation Mitigation: What You Need to Know Before January 1
The California Consumer Privacy Act (CCPA) takes effect in January. Sidley’s seasoned class action practitioners anticipate the CCPA will drive a proliferation of data- and privacy-driven suits, on multiple fronts.
This webinar will explore this emerging area in consumer class action litigation and highlight concrete steps businesses can take to mitigate CCPA-related risks.
PrivSec New York
Sidley partners William Long and Alan Raul will be speaking at the PrivSec Conference in New York, November 6. Join them for a discussion on recent GDPR enforcement cases and how it impacts the U.S. and global privacy programs. For more event information, click here.