Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Blog Authors

Latest from Data Law Insights

The District of Columbia Bar Rules of Professional Conduct Review Committee (“Committee”) recently released recommended changes to D.C. Bar rules 1.1, 1.6, and 4.4 to address the increased focus and evolving landscape of E-Discovery and technology in law. All D.C. practitioners should take notice of these potential rule changes, and ensure they stay current—or engage those with appropriate expertise—on these quickly changing areas of practice. The proposed changes are as follows:…
As the country’s new Congress settles into its term, several technology issues are coming to the forefront. A number of Senators recently questioned the Department of Justice over how it is collecting cellphone-location data in the wake of the Supreme Court’s landmark Carpenter decision. Carpenter v. United States, 138 S. Ct. 2206 (2018). The House of Representatives is considering a renewed version of legislation that would strengthen the security of “Internet of Things” technologies used by the federal…
The U.S. Department of Justice released revisions to the Foreign Corrupt Practices Act corporate enforcement policy on March 8, 2019. While intended to clarify the DOJ’s position on a number of hot-button issues, including its controversial stance on certain instant-messaging software, a closer look reveals that these changes fall short of answering several key questions faced by companies seeking cooperation credit in FCPA matters. For more information, read this Law360 article written by Crowell &…
EDRM and the Bolch Judicial Institute at Duke Law recently released Technology Assisted Review (TAR) Guidelines (Guidelines) with the aim “to objectively define and explain technology-assisted review for members of the judiciary and the legal profession.” Among the topics covered are the validation and reliability measures practitioners can use to defend their TAR processes. This post summarizes this validation and reliability guidance, which has the potential to be a widely-referenced authority on this topic going…
The Department of Defense recently released a memorandum directing the Defense Contract Management Agency (DCMA) to implement and assess company-wide cyber compliance with the DFARS Safeguarding Clause and related security standard, NIST SP 800-171.  For further analysis, visit our Government Contracts Legal Forum blog post.…
E-discovery does not sit still. To provide high-level service, practitioners necessarily deal with legal technology at the bleeding edge of development. This involves the embrace of nascent artificial intelligence (AI) in combination with other analytic tools and techniques to tackle increasingly challenging discovery projects. As ever-expanding volumes and sources of information strain the capacity of counsel to manage discovery, AI is coming just in time. To read the full article on Crowell’s website, please click…
WELCOME TO YOUR NEW WAR ROOM. TAKE A LOOK AT OUR LITIGATION FORECAST COVER STORY TO SEE HOW COMPANIES ARE USING TECHNOLOGY TO ADVANCE LITIGATION CASE STRATEGY Crowell & Moring has issued its seventh-annual “Litigation Forecast 2019: What Corporate Counsel Need to Know for the Coming Year.”  The Forecast cover story, “Welcome to Your New War Room: How Technology Is Finding Its Way into Litigation Case Strategy,” explores how companies and…
Following a draft Interagency Report published in February, the National Institute of Standards and Technology (“NIST”) has published NISTIR 8200: Interagency Report on the Status of International Cybersecurity Standardization for the Internet of Things (IoT), which seeks to assess the “current state of international cybersecurity standards development for IoT.” In this effort, the Report defines the major areas where IoT is currently being used and evaluates various IoT cybersecurity standards commonly applied in those…
Concluding its investigation into the internal accounting controls of nine public issuers who were recent cyber fraud victims, the Securities and Exchange Commission (“SEC”), Division of Enforcement explicitly reminded issuers to consider cyber-related threats in developing and deploying their Section 13(b)(2)(B) internal accounting controls. The SEC emphasized the importance of tailoring internal accounting controls to cyber-related threats, noting that cyber frauds like those carried out in the nine cases it investigated have caused “over $5…