1. WARNING TRACK
Privacy & Data Security Issues
for In-House Counsel
Presented by Anthony Martin
May 7, 2009
Copyright 2009, Husch Blackwell Sanders LLP
2.
3.
4. Cell Phones Stolen from Verizon Stores
POST-
ST. LOUIS POST-DISPATCH
Tuesday, May 5, 2009
Burglars broke into three area Verizon
Wireless stores overnight, stealing
about 100 cell phones and two computers
worth at least $42,000, police said.
5. • State & Local Police • Privacy Policies
• US Attorneys Office • Data Breach Report
• FBI • Service Provider
• FTC Contracts
• Public Relations • PCI-DSS
• IT Department • Banks & CC
• Risk Management • Customer Lists
• Insurance Agents • State Breach Laws
• Legal Team
• Pick up the kids.
9. Information Privacy: how we collect
and use the “personal information” of
others that we are authorized to have.
Data Security: how we keep that
personal information safe from
unauthorized access or use.
11. Labor & Employment
• Reasonable Expectation of Privacy.
• Access to Employee e-mail.
e-
• Location Awareness and Social Media.
• Employee Handbooks and Policies.
12. The Stored Communications Act
prohibits intentional access to an
electronic communication while it is in
electronic storage in such system.
18 U.S.C.A. § 2701
14. The Member States shall provide that the
transfer to a third country of personal
data . . . may take place only if the third
country in question ensures an adequate
level of protection.
Article 25, EU Privacy Directive
23. The most significant cost decrease
was seen in activities relating to
post-breach response.
The U.S. Cost of a Data Breach Study
Ponemon Institute
24. The CEO must certify that all the
information in public reports is valid
and accurate.
The CEO sign off on the validity of the
data without confirmation of the
security of those systems and
networks.
25. The CEO/CFO must attest to having
proper "internal controls."
These “internal controls” include
controls over networked electronic
systems, which can include anything
that sits on the network or connects to
the network.
27. Third-party organizations accounted
for more than 44 percent of all
breaches.
These are the most expensive form of
data breaches due to additional
investigation fees.
29. “You have zero privacy. . .”
.”
“Get over it.”
it.”
Scott McNealy
CEO Sun Microsystems
30. “Every single datum about
my life is private?
silly.”
That's silly.”
Antonin Scalia
US Supreme Court
31. 15-
15-Page Dossier on Scalia . . .
Including:
home address and the value of his home,
home phone number,
movies he likes,
food preferences,
wife's personal e-mail address,
and "photos of his lovely grandchildren."