Why you should attend
This program focuses on critical issues of information privacy, security and data protection faced by all companies. The Internet and other evolving information technologies, wired and wireless, have prompted the development of powerful tools for the collection, processing, storage and use of personal information. These trends create numerous issues regarding limitations on corporate rights to use that information and obligations to protect it from a variety of new risks and vulnerabilities. Legislators, regulators and the courts are rapidly developing new law and compliance obligations to address the privacy and security implications of the information economy. This annual conference focuses on these developments with the goal of keeping attorneys and other privacy professionals informed and up-to-date in this complex and dynamic area of laws and regulations.
What you will learn
- The latest federal and state legislation, regulations and decisions regarding privacy and security
- Foreign developments in data protection law and their impact on U.S. companies
- The current enforcement priorities of the FTC and the state attorneys general
- Information privacy and security issues raised by technology trends, such as cloud computing, social networking, and texting
- Best practices in managing security breach risks
- The latest legislative developments pertaining to information security requirements
- Ethical and privilege issues for lawyers in using information technology
- Evolving online data collection and marketing techniques and their impact on privacy law
- Managing a Security Breach Crisis: Panel discussion on responding to a complex data breach
- Panel of FTC and state attorney general representatives
- Earn one hour of CLE Ethics credit
- Earn Continuing Privacy Education credit
Who should attend
Day One: 9:00 a.m. - 5:00 p.m.
Morning Session: 9:00 a.m. - 12:45 p.m.
9:00 Welcome and Opening Remarks
John B. Kennedy, Lisa J. Sotto
9:15 Legislative and Regulatory Trends in U.S. Privacy and Security Law
- Are we starting on a new direction for privacy and security regulation?
- Key federal legislative and regulatory developments
- Federal policy and enforcement initiatives
- Key state legislative and regulatory developments
- Self-regulation vs. government regulation: Where are we headed?
Matthew H. Meade, Michael Vatis
10:15 Health Privacy and Security: HIPAA Applies to Everyone Now!
- HIPAA and HITECH Act overview
- Understanding the primary HITECH changes and their application beyond covered entities
- Evaluating the biggest risk areas for covered entities and business associates
- Assessing what's still to come
- Updates on enforcement and investigations
- Health care privacy and the impact on health care reform
Kirk J. Nahra
11:15 Networking Break
11:30 Information Security Breaches: The Saga Continues
- Identifying an incident
- Undertaking the initial response
- Conducting a forensic investigation
- Coordinating with law enforcement
- Implementing an incident response plan
- Coordinating notification to affected individuals
- Setting up the call center and identity restoration service
- Preparing website materials
- Managing state attorneys general and federal agencies
- Managing the press
- Handling litigation risks
Joanne McNabb, Lisa J. Sotto, Emily Stapf
12:45 Lunch Break
Afternoon Session: 1:45 p.m. - 5:00 p.m.
1:45 The Rise of Privacy Litigation - New Causes of Action, New Legal Theories
- Survey of claims related to marketing, unfair competition, misuse of data, security breach
- Liability and damage issues
- Statutes with private right of action
- Unsolicited fax and junk email cases
- Behavioral advertising, zombie cookies, and tracking cases
- Social networking and social gaming litigation
- Apps, mobile, texting and location issues
- How to successfully defend privacy class action suits
Mary Ellen Callahan, Alan Charles Raul
2:45 Networking Break
3:00 Ethics and Risk Management for Privacy Professionals
- Ethical challenges in e-discovery
- Rules of the road for lawyer use of social media
- Protecting the attorney-client privilege in the digital domain
- Data security concerns for law firms and law departments
- Special ethics concerns for privacy lawyers
Maura R. Grossman
4:00 Being a Chief Privacy Officer - Greater Challenges, Smaller Budget
- How to integrate privacy compliance and best practices
- How to measure success
- The many layers of the training program
- How to address privacy challenges in an ailing economy
Keith Enright, Harriet P. Pearson, JoAnn Stonier
DAY TWO: 9:00 A.M. - 4:45 P.M.
Morning Session: 9:00 a.m. - 12:15 p.m.
9:00 Global Issues - Privacy and Data Protection in a Global Environment
- Data Protection 2.0 in the European Union; the overhaul of the EU Data Protection Regime; recent developments
- Creating and managing a multi-jurisdictional privacy program for a B2C company
- How to respond to a security breach in a global environment
- Risks and pitfall in conducting an employee investigation in a global organization
Patrice Ettinger, Benjamin Hayes, Miriam H. Wugmeister
11:00 Networking Break
11:15 Clouds Without Borders - How to Ensure Privacy and Security in the Cloud
- Jurisdictional uncertainties
- Regulatory compliance concerns in borderless clouds
- Best practices in selecting services providers
- Poking holes in your vendor’s privacy and security policies
- Negotiating effective contractual protections for privacy and data security
Margaret A. Keane, John B. Kennedy, Christopher M. Koa
12:15 Lunch Break
Afternoon Session: 1:30 p.m. - 4:45 p.m.
1:30 Understanding the Current Online Behavioral Advertising Landscape
- The business case for behavioral advertising
- How behavioral advertising works
- Emerging legislation and regulation in the U.S. and EU
- Current industry self-regulatory efforts
- Enforcement trends
- Super cookies: The next frontier
Scott Meyer, Aaron P. Simpson
2:30 Networking Break
2:45 Privacy and Security Enforcement Agenda: The Regulator’s Perspective
- What privacy and security practices are currently in regulators' sights?
- The changing focus of regulator priorities
- Practical insights businesses can gain from recent privacy and security enforcement actions
- When under a regulator’s scrutiny, what can you do to show yourself in the best possible light?
- Breach notification as a trigger for regulatory scrutiny
- What regulators wish companies knew about privacy and security
Barbara Anthony, Julie S. Brill
3:45 Trend Lines in Privacy and Cybersecurity Law and Policy: Converging or Diverging?
- Are legislative and administrative policies for data privacy and data security complementary, or are they in conflict?
- Has the recent wave of data security laws (such as state breach notification laws) enhanced consumer privacy?
- What does the increasing focus on national cybersecurity portend for U.S. data privacy law and policy in general in the coming years?
- What are the collective effects on privacy of government surveillance and private sector “dataveillance”
- How have EU-style approaches to privacy as a fundamental right been affected by government and private sector initiatives on cybersecurity?
Anita L. Allen, Paul M. Schwartz
Anita L. Allen
~ Henry R.Silverman Professor of Law and Professor of Philosophy, University of Pennsylvania Law School
~ Undersecretary, Consumer Affairs and Business Regulation, Commonwealth of Massachusetts
~ Director of Legal Services, Data Privacy Compliance, North America, Accenture
Paul M. Schwartz
~ Professor of Law, University of California-Berkeley School of Law, Boalt Hall
~ Director, Forensic Technology Solutions, PricewaterhouseCoopers LLP
~ SVP/Global Privacy & Data Usage Officer, MasterCard Worldwide
New York City Seminar Location
PLI New York Center, 810 Seventh Avenue at 53rd Street (21st floor), New York, New York 10019. Message Center, program days only: (212) 824-5733.
New York City Hotel Accommodations
The New York Hilton & Towers, 1335 Avenue of the Americas, New York, NY 10019. 1 block from PLI Center. Reservations 1-800-HILTONS or, 1-877-NYC-HILT. Please mention that you are booking a room under the Practising Law Institute Corporate rate and the Client File # is N495741. Reservations on line at www.hilton.com and enter the same Client File # in the Corporate ID # field to access Practising Law Institute rates.
The Warwick New York Hotel, 65 West 54th Street New York, NY 10019. 1 block from PLI Center. Reservations 800-223-4099 or, hotel direct 212-247-2700. Please mention that you are booking a room under the Practising Law Institute Corporate rate. Reservations on line at www.warwickhotelny.com Click reservations in menu bar on left. Select desired dates. In 'Special Rates' drop down window select Corporate Rate. In 'Rate Code' enter PLIN. Click search and select desired room type and rate plan. Or, you may email reservation requests to: firstname.lastname@example.org.
PLI's live programs are approved in all states that require mandatory continuing legal education for attorneys, except Arizona. Please be sure to check with your state for details.
Please check the CLE Calculator above each product description for CLE information specific to your state.
Special Note: In New York, newly admitted attorneys may receive CLE credit only for attendance at "transitional" programs during their first two years of admission to the Bar. Non-traditional course formats such as on-demand web programs or recorded items, are not acceptable for CLE credit. Experienced attorneys may choose to attend and receive CLE credit for either a transitional course or for one geared to experienced attorneys. All product types, including on-demand web programs and recorded items, are approved for experienced attorneys.
Please note: The State Bar of Arizona does not approve or accredit CLE activities for the Mandatory Continuing Legal Education requirement.
If you have already received credit for attending some or the entire program, please be aware that state administrators do not permit you to accrue additional credit for repeat viewing even if an additional credit certificate is subsequently issued.
Credit will be granted only to the individual on record as the purchaser unless alternative arrangements (prearranged groupcast) are made in advance.