Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Latest from Data Law Insights

On August 14, 2020, California Attorney General Xavier Becerra released final implementing regulations for the California Consumer Privacy Act (CCPA). The CCPA became enforceable on July 1, 2020, and Becerra’s office submitted a final proposed draft of the regulations to the California Office of Administrative Law (OAL) on June 1, 2020. The Proposed Regulations have gone through several revisions since the publication of the initial draft in October of 2019. The OAL approved the final…
As none of us can forget, the COVID-19 pandemic forced companies to close their brick and mortar offices with little time to adequately prepare their employees for a remote work environment. All of a sudden, in-person meetings were replaced with virtual conferences via Microsoft Teams, Zoom, and Amazon Chime – each leaving a new data trail. Many IT and Legal Departments were similarly unprepared for the impact of an all remote workforce on the creation,…
As employees are increasingly working from home during the COVID-19 pandemic, many communications that would typically occur face-to-face are now taking place over chat systems, such as Skype, Bloomberg Messaging, and Slack. Chats are often more informal and unfiltered than other forms of written communication such as email, and often do not provide context for the conversation. And with that comes legal risk. This is because chats may qualify as business documents subject to discovery…
On April 20, 2020, the Supreme Court granted cert in Van Buren v. United States, to resolve an important circuit split over the meaning of “authorized access” under the Computer Fraud and Abuse Act (CFAA). This is the Court’s first foray into analyzing the precise contours of CFAA liability. Van Buren may have far-reaching implications for any individual or business operating in the digital domain, as the scope of civil and criminal liability under the…
E-Discovery no longer dominantly involves emails and shared drive documents. With the increasing prevalence of mobile devices in the workplace and new apps being developed daily, mobile data and other non-email communications are moving to the forefront of discovery. Times have changed, and attorneys have professional and ethical obligations to keep up. To effectively and competently represent clients, attorneys must stay apprised of how to work with these ever-changing forms of data – or get…
Increasing mobile device usage for routine business – such as through text messages and mobile applications like WhatsApp – is contributing to a new developing trend in E-Discovery: broad discovery requests for businesses to collect and produce data from their employees’ mobile phones. The proliferation of electronic communication not only makes it imperative for organizations to have mechanisms in place to capture and preserve mobile text messages, but also raises new challenges about how to…
Crowell & Moring has released its Regulatory Forecast 2020: What Corporate Counsel Need to Know for the Coming Year, a report that explores the impact of regulatory changes on the technology industry and other sectors, and provides insight into thehouse counsel can expect to face in the coming year. For 2020, the Forecast highlights the driving forces behind the increased regulatory focus, including access to the data, online platforms, and cutting-edge technologies that define…
Aiming to identify, enhance, and test supply chain vulnerabilities in the energy sector and cybersecurity response capabilities between public and private sectors, the U.S. Senate Committee on Energy & Natural Resources approved legislation that directs the Department of Energy (DoE) to create several new programs towards the development of “advanced cybersecurity applications and technologies” for the sector.[1]  The Energy Cybersecurity Act of 2019 (the Act) directs DoE to establish programs that identify supply chain…
In Ingham Regional Medical Center v. U.S. (Jan. 6, 2020), the Court of Federal Claims compelled production of certain government investigatory documents that the Court found were not privileged work product prepared “in anticipation of litigation.” The Medical Center sued to recover payments for outpatient healthcare services performed in connection with DoD’s TRICARE program after initial settlement discussions had failed. During discovery, the government inadvertently produced several documents that assessed the accuracy of its…
The Department of Defense (DoD) has released Version 1.0 of the Cybersecurity Maturity Model Certification (CMMC), Appendices A-F, and an Overview Briefing. While Version 1.0 largely mirrors the draft Version 0.7, the final version includes notable revisions. Please click here to see the full client alert.…