Seminars

Breadth, depth and an unparalleled record of quality education.

KNOWLEDGE. INSIGHT. SOLUTIONS.

  • Seminars
  • Webcasts
  • CLE Now
  • MP3s
  • Books
  • CDs/DVDs
  • E-Mentor

This program has been conducted.
Please see 'Related Items' for more options.

Privacy and Security Law Institute (Ninth Annual)

Jul. 21 - 22, 2008
University of Chicago - Gleacher Center-Chicago, IL


Overview

Why You Should Attend

This program focuses on critical issues of privacy and data protection faced by all companies, including legal compliance requirements in online privacy and information security practices. The Internet and other emerging information technologies have created powerful tools for the collection, processing, storage and use of personal information. Domestic and international legal restrictions on corporate rights to use such information are complex and evolving, as are new laws requiring corporations to protect the security and integrity of such data. Legislators, regulators and the courts are rapidly developing new law and compliance obligations that companies cannot afford to ignore. PLI's Ninth Annual Institute on Privacy and Security Law focuses on these concerns and other important issues in the law of information privacy and security.

What You Will Learn

  • The latest federal and state legislation, regulations and decisions regarding privacy and security
  • International data protection developments in Europe, Asia and elsewhere, and their impact on U.S. companies
  • Recent developments in the law of privacy in the workplace
  • Responding to security breaches and the latest legislative developments pertaining to information security
  • Privacy implications in the use of behavioral advertising methods
  • Managing privacy, security and regulatory compliance issues in M&A, outsourcing, offshoring and other corporate and commercial transactions
  • Developing law regarding data retention and data destruction
  • Government and civil litigant requests for information - how to respond
  • Emerging standards for information security, such as the Payment Card Industry Security Standard
  • Ethical issues for lawyers arising from using information technology and handling personally identifiable information
  • Legal trends in identity management and online authentication
  • What leading CPOs view as compliance best practices

Who Should Attend

This program is designed for lawyers, business professionals, corporate privacy officers, chief technology officers, compliance and risk managers and any professional handling privacy and security issues today.

Special Features

Live Webcast - Simultaneous live webcast of the San Francisco session is available for individual viewing. Webcast participants will receive streaming audio and/or video of the program, view and print the Course Handbook, and have the ability to submit questions electronically.

For more information click on the Live Webcast link at the top of the page.

Special Bonus to all Registrants

All attendees will receive a complimentary copy of PLI's comprehensive Course Handbook. This softcover, bound volume was written to augment the program and to stand alone as a permanent reference. PLI's Course Handbooks represent the definitive thinking of the nation's finest legal minds, and are often the standard reference in the field.

Please Note: Webcast attendees will receive a downloadable version of the Handbook one business day prior to the program.

PLI Group Discounts

Groups of 4-14 from the same organization, all registering at the same time, for a PLI program scheduled for presentation at the same site, are entitled to receive a group discount.  For further discount information, please contact membership@pli.edu or call (800) 260-4PLI.

PLI Can Arrange Group Viewing to Your Firm

Contact the Groupcasts Department via email at groupcasts@pli.edu for more details.

Cancellations

All cancellations received 3 business days prior to the program will be refunded 100%. If you do not cancel within the allotted time period, payment is due in full. You may substitute another individual to attend the program at any time.

Schedule

Please plan to arrive with enough time to register before the conference begins. A continental breakfast will be available upon your arrival.

DAY ONE: 9:00 A.M. - 5:00 P.M.

Morning Session: 9:00 a.m. - 12:30 p.m.

9:00  Introduction

Francoise Gilbert, Thomas J. Smedinghoff

9:15  The Emerging Law of Data Security: From Corporate Obligations to Provide Security to Breach Notification Requirements
  • The expanding scope of the duty to provide security for corporate data
  • Current regulatory guidance on best practices for security compliance
  • Recent litigation and enforcement actions for failure to provide adequate security
  • The challenge of complying with multiple state breach notification laws
  • Penalties and litigation risk for failure to notify of security breaches
Thomas J. Smedinghoff, Liisa M. Thomas

10:15  The Law of Workplace Privacy: U.S. and Global Developments
  • Recent case law, legislative and regulatory developments affecting employee privacy rights in the workplace
  • Risks related to background checks, exit interviews and related hiring/firing procedures
  • Current requirements for employee monitoring; impact of new technologies
  • Best practices in corporate policies and employee manuals for use of company information systems and devices, including e-mail and Internet access
  • Complying with regulations on employee privacy in multiple jurisdictions
Christine E. Lyon, Frances M. Wiet

11:15  Break

11:30  The Continuing Expansion of Data-Specific Privacy and Security Rules and Regulations
  • Restrictions on the use of Social Security numbers
  • FACTA and FCRA requirements and litigation 
  • Impact of credit freeze legislation
  • Data destruction and data retention laws
James Harlan Koenig, Maureen A. Young

12:30  Lunch

Afternoon Session: 1:45 p.m. - 5:00 p.m.

1:45  Across the Pond: Recent Developments in EU Data Protection Laws, Regulation and Enforcement
  • Recent data commission decisions, enforcement actions and regulatory guidance
  • Prospects for U.S.-style data breach notice requirements in the EU
  • Scorecard on compliance options for U.S. companies doing business in EU countries: safe harbor, model contract clauses, binding corporate rules, consent
  • New EU data retention laws
Ruth Hill Bro, Francoise Gilbert

2:45  Beyond the EU: Privacy and Security Law Developments of Interest to U.S. Companies Doing Business Overseas

  • Significant recent legislation, regulatory, policy and enforcement developments
  • Options for dealing with cross-border data transfer requirements
  • Trends regarding the development of breach notification requirements
  • Major issues of concern to U.S. companies
Jeff Rohlmeier, Luis Salazar

3:45  Break

4:00  The CPOs Speak: Best Practices for Managing Privacy and Security Risks in a Changing Regulatory Environment
  • Best practices in responding to information security breaches
  • Balancing employee privacy concerns with risk mitigation mandates for the company
  • Handling conflicts between U.S. compliance requirements and non-U.S. data protection laws
  • Dealing with privacy issues in litigation and discovery
  • Putting teeth into company privacy policies: How are violations dealt with? How do companies implement privacy policies?
William C. Boni, Lynn A. Goldstein, Jeff Rohlmeier, Amy E. Yates

5:00  Adjourn

DAY TWO: 9:00 A.M. - 4:45 P.M.

Morning Session: 9:00 a.m. - 12:15 p.m.

9:00  Practicing What We Preach: Current Issues in Information Management, Legal Practice and Legal Ethics
  • The obligations of lawyers in private practice to provide security for their internal information management systems
  • Developing trends regarding electronic communication with clients
  • Recent developments regarding protection and waiver of the attorney-client privilege in electronic communications
  • Ethical and professional liability concerns in electronic discovery
John P. Hutchins

10:00  Privacy in Litigation: Responding to Government and Civil Litigant Requests for Personal Information
  • What rules govern the discovery of personal information in litigation?
  • The rights of individuals to restrict disclosure of their information in discovery
  • What rights does the government have to personal data in a corporation's control?
  • Specific issues associated with response to FISA and warrantless searches and National Security Letters
  • Best practices for managing company compliance with government requests for personal data
J. Beckwith Burr

11:00  Break

11:15  Privacy and Security Risks in Online Marketing and Advertising

  • The intersection of consumer privacy concerns and online behavioral advertising
  • The rise of integrated marketing and the use of "branded entertainment" to reach younger consumers
  • Legal compliance risks associated with social networking Web sites, blogs, portals, usergenerated content (including from minors), and other emerging online advertising techniques
  • Recent guidance in the collection, aggregation and use of consumer tracking data based on Web usage and location-based tracking
  • Best practices in disclosures to consumers about data collection and sharing
Justine Young Gottshall, Roslyn J. Kitchen

12:15  Lunch

Afternoon Session: 1:30 p.m. - 4:45 p.m.

1:30  Implementing Security Standards: What Businesses Need to Know About the Payment Card Industry (PCI) Security Standard
  • What role are "standards" playing in how businesses mitigate legal risks associated with information security practices?
  • A primer on key elements of the PCI Security Standard
  • Recent legislation mandating compliance with the PCI Security Standard
  • Practical considerations and best practices in putting PCI-compliant systems and procedures into place 
William Cook, James Cowing

2:30  The 'Deal' Perspective: Addressing  Privacy and Security in Commercial Transactions
  • Why privacy and security compliance have become significant deal points in large corporate and commercial transactions
  • Practice pointers in due diligence related to privacy, information controls and security practices
  • Privacy and security-related terms in M&A transactions allocating data risk
  • Building privacy and security regulatory compliance into outsourcing and offshoring agreements
  • Allocating responsibility for compliance with current and future privacy and security laws
Marcelo Halpern, Jeffrey P. Taft

3:30  Break

3:45  News from the Future: What Privacy and Security Law Will Look Like Five Years from Now
  • Where are privacy and security law headed?
  • What do current trends in online business practices, data tracking technologies and government surveillance say about the scope of information privacy rights in the long run?
  • What have been the successes and failures in privacy law? What do these hits and misses tell us about the future?
  • Will privacy law in the U.S. substantially "federalize"?
  • Will the EU model for data protection prevail as economic globalization continues?
4:45  Adjourn

Faculty

Co-Chair(s)

Francoise Gilbert, Managing Director, IT Law Group
Thomas J. Smedinghoff, Wildman, Harrold, Allen & Dixon, LLP

Speaker(s)

Ruth Hill Bro
J. Beckwith Burr, Wilmer Hale
William J. Cook, Wildman Harrold
James Cowing, CISSP, Managing Director, Digital Resources Group
James X. Dempsey, Vice President for Public Policy, Center for Democracy & Technology
Lynn A. Goldstein, Senior Vice President & Chief Privacy Officer, JPMorgan Chase & Co
Justine Gottshall, Wildman Harrold Allen & Dixon LLP
Marcelo Halpern, Latham & Watkins LLP
John P. Hutchins, Troutman Sanders LLP
Roslyn Kitchen, Cohen Silverman Rowan LLP
James Harlan Koenig, CIPP, Practice Co-Leader, Privacy Strategy & Compliance, PricewaterhouseCoopers LLP
Christine E. Lyon, Morrison & Foerster LLP
Jeff Rohlmeier, Director of Privacy & Compliance, Thomson Reuters
Luis Salazar, CIPP, Shareholder, Greenberg Traurig, P.A.
Jeffrey P. Taft, Partner, Mayer Brown LLP
Liisa M. Thomas, Winston & Strawn LLP
Frances M. Wiet, Acting Chief Privacy Officer - General Counsel, Hewitt Associates LLC
Amy E. Yates, Director - Privacy and Data Protection - ERS - Security & Privacy Services, Deloitte & Touche LLP
Maureen A. Young, Bingham McCutchen LLP

Program Attorney(s)

Tamara C. Kiwi, Program Attorney, Practising Law Institute

CLE Credit

PLI's live programs are approved in all states that require mandatory continuing legal education for attorneys. Please be sure to check with your state for details.

Please check the CLE Calculator above each product description for CLE information specific to your state.

Special Note: In New York, newly admitted attorneys may receive CLE credit only for attendance at "transitional" programs during their first two years of admission to the Bar. Non-traditional course formats such as on-demand web programs or recorded items, are not acceptable for CLE credit. Experienced attorneys may choose to attend and receive CLE credit for either a transitional course or for one geared to experienced attorneys.  All product types, including on-demand web programs and recorded items, are approved for experienced attorneys.

If you have already received credit for attending some or the entire program, please be aware that state administrators do not permit you to accrue additional credit for repeat viewing even if an additional credit certificate is subsequently issued.

Travel Information

Chicago Seminar Location

University of Chicago Gleacher Center, 450 N. Cityfront Plaza Drive, Chicago, Il 60611. (312) 464-8787.

Chicago Hotel Accommodations

Omni Hotel Chicago, 676 N. Michigan Avenue, Chicago, IL 60611. Please contact the hotel directly at 1-800-THE-OMNI or (312) 944-6664. When calling, mention PLI and the name of the program you are attending.The cut-off date for the preferred rate is June 30, 2008.


Related Items

Course Handbooks

Privacy and Security Law Institute (Ninth Annual)



Individual Membership