Your SlideShare is downloading. ×
0
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 1
Digital Information Law & Your Business
Shawn Tuma, Partn...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 2
Social Media
Using It To Grow Your Business
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 3
Data Security & Data Breaches
Your Company’s Biggest Thre...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 4
“Authority” Governing Data Breach
• Laws
• Types
• Common...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 5
What do these sources of “Authority”
have in common?
• Te...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 6
What do you have to do following a data breach?
• Execute...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 7
What does “reporting & notification” mean?
• Law Enforcem...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 8
Cost of a Data Breach!
• In 2012
• $188.00 per lost recor...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 9
Story Time
• you were CEO of a world-wide company
• breac...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 10
Have you ever heard of …
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 11
Important Questions
• Whose 110,000,000+ customers were ...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 12
Allocating risk and mitigating risk by contract
• Alloca...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 13
But all are just contractual obligations
• Look to you f...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 14
The contractual obligations are important and needed
• S...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 15
Recent agency advisory statements
• January 2014: SEC in...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 16
Key Takeaways
• You are still liable for breaches caused...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 17
Sun Tzu – The Art of War
“In all fighting the direct met...
Digital Business Risk
www.brittontuma.com © 2014 Shawn E. Tuma 18
Trade Secrets
Yes, Your Company Has Them and Needs to
Pr...
Upcoming SlideShare
Loading in...5
×

Digital Information Law & Your Business - The Alternative Board

1,396

Published on

A discussion for business owners of digital information law issues of social media law, data security and data breach law, and trade secrets and corporate espionage issues.

Published in: Law, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,396
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Digital Information Law & Your Business - The Alternative Board"

  1. 1. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 1 Digital Information Law & Your Business Shawn Tuma, Partner BrittonTuma 469.635.1335 stuma@brittontuma.com @shawnetuma blog: shawnetuma.com web: brittontuma.com Shawn Tuma is a lawyer whose practice is focused on cutting-edge cyber and information law and includes issues like helping businesses defend their data and intellectual property against computer fraud, data breaches, hacking, corporate espionage, and insider theft. Shawn stays very active in the cyber and information law communities:  Chair, Collin County Bar Association Civil Litigation & Appellate Law Section  Best Lawyers in Dallas, D Magazine  College of the State Bar of Texas  Privacy and Data Security Committee of the State Bar of Texas  Computer and Technology, Litigation, Intellectual Property Law, and Business Sections of the State Bar of Texas  Information Security Committee of the Section on Science & Technology Committee of the American Bar Association  Social Media Committee of the American Bar Association  North Texas Crime Commission, Cybercrime Committee  International Association of Privacy Professionals The information provided is for educational purposes only, does not constitute legal advice, and no attorney-client relationship is created by this presentation.
  2. 2. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 2 Social Media Using It To Grow Your Business
  3. 3. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 3 Data Security & Data Breaches Your Company’s Biggest Threat
  4. 4. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 4 “Authority” Governing Data Breach • Laws • Types • Common Law (courts) • Statutory Law (legislatures) • Sources • International • Federal • State • Local • Agency Rules & Regulations • Industry Standards
  5. 5. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 5 What do these sources of “Authority” have in common? • Tell you what must be done following a breach. • Can you guess who “you” is? • “You” is the entity breached.
  6. 6. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 6 What do you have to do following a data breach? • Execute Breach Response Plan • General Steps • contact attorney (privilege) • assemble your Response Team • contact forensics • contact notification vendor • investigate breach • remediate responsible vulnerabilities • reporting & notification
  7. 7. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 7 What does “reporting & notification” mean? • Law Enforcement • State Attorneys General • Federal Agencies • FTC, SEC, HHS, etc. • Industry Groups • PCI, FINRA, FDIC • Credit Bureaus • Professional Vendors & Suppliers • Consumers
  8. 8. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 8 Cost of a Data Breach! • In 2012 • $188.00 per lost record • $188.00 x “X” - $$$$$$$$
  9. 9. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 9 Story Time • you were CEO of a world-wide company • breach impacting 110 million customers • $61 million in expenses alone • 10% discount to all shoppers • $5 million investment in cybersecurity coalition • offer “free” identity theft and credit monitoring to all affected customers • Net earnings down 34.28% • Earnings per share down 44.60% • Non-cash losses down 487.71% • US sales down 6.60% • Lawsuits, possible enforcement actions, who knows? • and then you learn …
  10. 10. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 10 Have you ever heard of …
  11. 11. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 11 Important Questions • Whose 110,000,000+ customers were furious? • Who spent $61 million in expenses? • Who gave a 10% discount to all shoppers? • Who gave $5 million to a cybersecurity coalition? • Who offered “free” identity theft and credit monitoring to all affected customers? • Whose net earnings are down 34.28%? • Whose earnings per share are down 44.60%? • Whose non-cash losses down 487.71%? • Whose US sales are down 6.60%? • Who is defending lawsuits, enforcement actions? • One more question …
  12. 12. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 12 Allocating risk and mitigating risk by contract • Allocating risk • designate duties & responsibilities A party bears the risk when the agreement allocates the risk to that party. TEX. JUR. 3d Contracts § 123 • indemnify “An undertaking against loss or damage amounts to a guaranty of reimbursement on a payment by the indemnitee. With respect to a promise to indemnify against damages, a right to bring suit does not accrue until the indemnitee has suffered damage or injury by being compelled to pay the judgment or debt.” 14 TEX. JUR. 3d Contribution § 24 • Mitigating risk • require mandatory policies, procedures, and security standards for third parties
  13. 13. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 13 But all are just contractual obligations • Look to you for relief, you must then go enforce your contractual remedies • Breach of Contract • Inability to perform • Unwillingness to perform • Efficient breach theory • Insolvency / bankruptcy • Cost of litigation to enforce
  14. 14. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 14 The contractual obligations are important and needed • Show diligence and taking data security more serious than most • FTC – looking at 3rd party contracts • SEC – looking at policies and 3rd party contracts • Post-breach = helpful for attorneys general • But more is required
  15. 15. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 15 Recent agency advisory statements • January 2014: SEC indicates that the new standard of care for companies may require policies in place for: 1. Prevention, detection, and response to cyber attacks and data breaches, 2. IT training focused on security, and 3. Vendor access to company systems and vendor due diligence. • January 31, 2014: GMR Transcription Svcs – FTC case – is requiring businesses to follow 3 steps when contracting with 3rd party service providers: 1. Investigate by exercising due diligence before hiring data service providers. 2. Obligate their data service providers to adhere to the appropriate level of data security protections through contractual agreements with provider. 3. Verify that the data service providers are adequately protecting data as required by the contractual standards.
  16. 16. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 16 Key Takeaways • You are still liable for breaches caused by 3rd parties! • Contractual agreements are not a magic wand to make liability go away – you are still responsible but now have a remedy against the 3rd party • “Trust, but verify” = Audit! • Cyber Insurance
  17. 17. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 17 Sun Tzu – The Art of War “In all fighting the direct method may be used for joining battle, but indirect methods will be needed to secure victory.” “You can be sure of succeeding in your attacks if you attack places which are not defended.” “The spot where we intend to fight must not be made known; for then the enemy will have to prepare against a possible attack at several different points; and his forces being thus distributed in many directions, the numbers we shall have to face at any given point will be proportionately few.”
  18. 18. Digital Business Risk www.brittontuma.com © 2014 Shawn E. Tuma 18 Trade Secrets Yes, Your Company Has Them and Needs to Protect Them!
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×