Privacy and Data Security Law Institute (Eleventh Annual)

Overview

Why You Should Attend

This program focuses on critical issues of information privacy, security and data protection faced by all companies.  The Internet and other evolving information technologies, wired and wireless, have prompted the development of powerful tools for the collection, processing, storage and use of personal information.  These trends create numerous issues regarding limitations on corporate rights to use that information and obligations to protect it from a variety of new risks and vulnerabilities.  Legislators, regulators and the courts are rapidly developing new law and compliance obligations to address the privacy and security implications of the information economy.  This annual conference focuses on these developments with the goal of keeping attorneys and other privacy professionals informed and up-to-date in this complex and dynamic area of laws and regulations.

What You Will Learn

• The latest federal and state legislation, regulations and decisions regarding privacy and security
• Foreign developments in data protection law and their impact on U.S. companies
• The current enforcement priorities of the FTC and the State Attorneys General
• The unique issues of privacy in the workplace, including privacy of workplace communications and monitoring
• Information privacy and security issues raised by technology trends, such as cloud computing, social networking, and social texting
• Best practices in managing security breach risks
• The latest legislative developments pertaining to information security requirements
• How to respond to Government requests for information
• Ethical and privilege issues for lawyers in using information technology
• Evolving online data collection and marketing techniques and their impact on privacy law

Special Features

• Update on the federal and state laws affecting corporate obligations to protect the privacy and security of personal information
• Panel of FTC and State Attorney General representatives
• The Big Picture: What privacy and security law will look like five years from now

Special Bonus to all Registrants

All attendees receive a complimentary copy of PLI's comprehensive Course Handbook. This softcover, bound volume was written to augment this program and to stand alone as a permanent reference. PLI's Course Handbooks represent the definitive thinking of the nation's finest legal minds, and are often the standard reference in the field.

PLI Group Discounts

Groups of 4-14 from the same organization, all registering at the same time, for a PLI program scheduled for presentation at the same site, are entitled to receive a group discount. For further discount information, please contact membership@pli.edu or call (800) 260-4PLI.

PLI Can Arrange Group Viewing to Your Firm

Contact the Groupcasts Department via email at groupcasts@pli.edu for more details.

Cancellations

All cancellations received 3 business days prior to the program will be refunded 100%. If you do not cancel within the allotted time period, payment is due in full. You may substitute another individual to attend the program at any time.

Schedule

Day One:  9:00 a.m. - 5:00 p.m.

Morning Session:  9:00 a.m. - 12:30 p.m.

9:00  Welcome and Opening Remarks

Francoise Gilbert, Thomas J. Smedinghoff

• Trends in state privacy and security legislation
• Making sense of laws regulating data security, data destruction, SSNs, and credit card data
• The Massachusetts regulations: Anomaly or mainstream?
• Defining the duty to provide security: Is Massachusetts the new California?
• How to develop a compliant comprehensive information security program
• Prospects for uniform state data security laws

• HITECH Act breach notification rules: New approach or more of the same?
• Is the public-private partnership morphing into mandatory regulation?
• A new policy direction for the FTC, and what does it mean for business?
• Practical impact of the Red Flags Rules and related litigation
• How the increased focus on enforcement will affect business
• Federal data security legislation

Hilary M. Wandall, Christopher Wolf

11:15  Networking Break

11:30  Security Breaches: Notification Challenges and Liability Risks

• Addressing the ambiguities in state breach notification laws
• Potential arguments for avoiding notification
• Practical tips for navigating the breach notification process
• Trends in security breach litigation:  Is the liability risk expanding?
• Corporate governance perspective: Liability for failure to protect corporate assets
• The changing view of what constitutes recognizable harm to data subjects

Lynn A. Goldstein, Holly K. Towle

12:30  Lunch Break

Afternoon Session:  1:45 p.m. - 5:00 p.m.

1:45  Privacy and Security around the World

• Recent developments in Europe, Asia, Pacific, the Middle East, and the Americas
• Enforcement actions
• What to do when the laws conflict: Whistle-blowing
• Developing laws regarding security breach notification
• The global workforce: Managing employee issues in the context of a multi-national corporation

Francoise Gilbert, Santiago Jamarillo-Caro, Jeff Rohlmeier

3:45  Networking Break

4:00  Cloud Computing

• Obstacles and concerns when trying to protect data in offshoring transactions
• Where is the cloud? Where is your data?
• What is the risk analysis compared to differences in offshoring?
• Challenges in negotiating and implementing a cloud computing services agreement

Rebecca S. Eisner

5:00  Adjourn

DAY TWO:  9:00 A.M. - 4:45 P.M.

Morning Session:  9:00 a.m. - 12:15 p.m.

9:00  Current Ethical Issues in Privacy & Information Security for Lawyers

• Risks associated with the use of social media and Web 2.0
• Law firm data security: Hacking, electronic client files, and other issues
• An update on the latest developments in electronic discovery
• The current state of affairs with respect to metadata ethics issues
•  The status of the ABA's suit to enjoin the FTC's Red Flags Rule

Renard C. François

10:00  Workplace Privacy: Developments in Monitoring, Surveillance, Background Checks and Remote Computing

• Overview of federal and state laws impacting privacy in the workplace
• Background screening of applicants and employees
• Employee monitoring: Video and audio surveillance
• Privacy tort actions brought by employees
• At-home workers and related privacy risks
• Use of social networking sites and blogs in the workplace

Ruth Hill Bro, Peter F. McLaughlin

11:00  Networking Break

11:15  Data in Dispute: Government and Litigant Requests for Personal Information

• Overview of corporate rights and obligations in the face of government demands for personal information in litigation and investigations
• Specific issues associated with response to government requests in connection with national security
• The rights of individuals to restrict disclosure of their information in discovery
• Cross-border disputes: Conflicts between U.S. regulatory requirements and discovery rules and non-U.S. privacy law
• Implications of recent U.S. litigation involving disclosure of offshore accounts
• Best record retention practices to manage compliance with government requests for data and e-discovery

J. Beckwith Burr, James X. Dempsey

12:15  Lunch Break

Afternoon Session:  1:30 p.m. - 4:45 p.m.

1:30  Regulators and Enforcers Speak Out: Privacy "Re-Think"

• FTC workshops: Reshaping the privacy agenda in the U.S.
• FTC enforcement: Recent data security actions, Safe Harbor enforcement actions
• State AGs focus on privacy and data security

C. Steven Baker, Shannon Choy-Seymour,  Christine Nielsen

2:30  Balancing Technology and Privacy:  Emerging Rules in Online Behavioral Advertising, Mobile Marketing, Social Networking and other Electronic Commercial Communications

• Best practices in online data collection disclosures after Sears
• Legal Do’s and Don’t’s for online behavioral advertising campaigns, social networking, and corporate blogs
• New directions in federal (FTC) and state regulatory oversight of behavioral and other targeted online advertising
• Recent developments in CAN SPAM and telemarketing enforcement and litigation
• Special concerns for direct marketing in the mobile environment
• Data rights and privacy risk allocation in marketing, advertising and hosted services agreements

Ian Ballon, Liisa M. Thomas

3:30  Networking Break

3:45  The Big Picture:  Looking Ahead from 50,000 Feet

• What is the record so far of the new U.S. administration on individual privacy?
• What are the trend lines for U.S. privacy legislation and enforcement?
• Will the HITECH privacy and security regulations drive regulation in other sectors?
• What impact will efforts toward comprehensive national cyber-security policy have on individual privacy?
• What challenges does the shift to cloud computing portend for individual privacy?
• Will the states continue to lead the way in regulating information security standards?

Fred H. Cate

4:45  Adjourn

Faculty

Co-Chair(s)

Speaker(s)

Program Attorney(s)

CLE Credit

Travel Information

Chicago Seminar Location

University of Chicago Gleacher Center, 450 N. Cityfront Plaza Drive, Chicago, Il 60611. (312) 464-8787.

Chicago Hotel Accommodations

Sheraton Chicago Hotel & Towers, 301 East North Water Street, Chicago, Illinois 60611. (312) 464-1000. When calling, mention PLI and the name of the program you are attending. Attendees will have until 30 days prior to the program to receive the preferred rate.