Cybersecurity E-Discovery and Privacy
Today, the cyber sphere poses unprecedented threats to businesses worldwide – legal, regulatory, risk management, technical and reputational. No longer the sole purview of the IT Department, cyber security has become an ongoing priority for the General Counsel, executive management and even the Board of Directors.
The risks are broad and pervasive, demanding a proven, new level of cross-functional skills and depth of experience from an emerging breed of specialist cyber legal counsel with an uncommon blend of skills.
ZEK – representing among the world’s largest banks, financial institutions and other leadership businesses enterprises – today is ranked among the best-of-breed cyber security practices in the U.S. We are recognized for enabling clients to prevail due to our experience in analyzing, clarifying and resolving the complexities of cybersecurity – from anticipation, prevention to response.
Practice Distinctions and Overview
Our national and international practice is driven by the most experienced, multi-disciplinary legal team that, in rare combination, brings among the deepest technical, security and operations cyber expertise in the nation. In addition to specialist legal counsel, we are comprised of computer scientists, intelligence experts, forensic digital specialists, PhDs, MBAs and JDs.
For years we have been on the legal and operational front lines of cyber security in both the U.S. and transnational private and public sectors – having developed sophisticated preventative strategies and problem mitigating solutions for both businesses and governments that safeguard against risk and liabilities as well as network, systems and data threats and attacks.
The ZEK team includes the former top cyber official at the National Security Agency (NSA), the former top cyber and Foreign Intelligence Surveillance Act lawyer at the FBI, and one of the country’s most experienced cyber attorneys who also serves as both the chief of the Journal of Law and Cyber Warfare and is one of the few Cyber E-Discovery Special Masters in the federal and state court systems in the United States.
Our team knows the threat environment first-hand because we’ve worked in actual operations. Our legal counsel and insights into risks and operational challenges reflect that pragmatic experience. Understanding the stakes and remedies, our team provides the most informed and efficient “all-under-one-umbrella” approach for protection of systems, networks, data and resources, as well as protection against legal, insurance risk and reputation liabilities.
We are conversant with the latest key technologies and move seamlessly among the participants and stakeholders in any cyber security project – for example, from dynamic, not static, cyber upgrades to protection of systems based in the cloud.
The Issues: Counsel and Operational Insights/Services
This distinctive combination of expertise has enabled ZEK to handle many of the most technically complex and sensitive cyber legal matters to date, ones that are only multiplying and becoming more complex.
These challenging matters range from counsel and solutions regarding:
- compliance with government and industry regulatory bodies,
- data breach notifications/data privacy laws,
- liaising with local/state/federal government entities,
- cyber security insurance,
- support in the C-Suite and with Boards of Directors,
- litigation arising from lawsuits by customers, employees, shareholders, vendors, joint venture and other corporate partners whose personal data, proprietary information, intellectual property or confidential policies and procedures have been lost, compromised and /or held hostage.
Of necessity, in these instances, the team’s expertise and counsel covers:
- analysis and diagnostics of cyber policies, practices, training and systems to anticipate and protect against cyber intrusions and other risks,
- deep experience in how to produce the best outcome after a cyber event and prevent the next one,
- understanding the strategic and tactical applications of the right technology and its suitability to particular environments, and
- expertise in the processes and procedures that must be built to systematically address issues from risk and technology assessments to training and monitoring systems.
ZEK also provides specifically designed services and counsel with proven results, including:
- Cybersecurity Check-Up and Review: It is critical that your IT, cybersecurity, and physical security “sync up” with your policies, practices and employee and board training.
- ZEK attorneys will review existing procedures and policies to ensure they are consistent across all areas of the business and reflect best practices and regulatory realities. We are recognized for our abilities in devising, guiding and testing Incident Response Plans (IRPs) and processes.
- Building A Resilient Cyber Response: Our experienced cyber practitioner-attorneys agree that there is only one way to prepare for the best outcome after a significant cyber event – practicing and testing responses across the entire enterprise, from the boardroom to the mailroom.
- ZEK provides cost-effective, robust simulations that test the policy, compliance and legal underpinnings of cyber response designed to identify gaps and propose effective refinements. This is beyond standard “incident response plans” and focuses on a proactive cybersecurity enterprise that can anticipate problems and threats. In the event of an incident, ZEK has a fully organized, immediately deployable “Cyber Red Team” that will coordinate forensic, legal, organizational and communications responses. Our attorneys bring their experience in facing state and non-state actors as cyber adversaries in building your resilience.
- Third Party Vendor Compliance: Your third party vendors and partners can be the weakest link in your cybersecurity chain.
- ZEK attorneys are experienced in designing incisive questionnaires and audits to identify gaps in third party access and security practices. ZEK attorneys can also perform the necessary contractual due diligence to ensure that business parties understand and perform their obligations to safeguard your systems and data.
- Cyber Litigation: ZEK provides a renowned complex litigation practice in support of cybersecurity clients. We have proven success in class actions, shareholder derivative lawsuits and third party actions.
E-discovery is now a critical aspect of litigation and regulatory investigations. Often, trial and settlement results are determined by the proper management of data and the e-discovery process. Haphazard approaches to data preservation, collection and production for use in litigation or investigations can lead to costly sanctions and unfavorable outcomes. Businesses today must appropriately manage where and how electronic information is stored and establish information governance programs that ensure compliance with discovery obligations.
ZEK has managed the discovery process – and counseled our clients regarding e-discovery issues – across a wide range of industries and commercial matters, including bankruptcy, federal and state regulations, anti-money laundering, foreign corrupt practices and class action litigation. We understand that there is no one-size-fits-all e-discovery strategy and tailor our approach to the business, operations, procedures and technological capabilities of each client. We use our extensive experience and expertise to meet discovery obligations in litigation and to comply with statutory and regulatory schemes, while managing costs and business needs.
ZEK also works with clients to develop reasonable and defensible procedures, appropriate to the specifics of their business, that allow them to better manage future e-discovery responsibilities – whatever the matter. Our e-discovery attorneys leverage extensive backgrounds and training in information technology systems, computer science, digital forensics and investigations and data management, security and privacy to work collaboratively with companies’ legal and IT departments to draft policies ideally suited to the needs and capabilities of each client.
As companies are holding more and more personally identifiable information, privacy concerns are only growing. Our attorneys provide regulatory and compliance advice across the spectrum of privacy laws, including the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, the Children’s Online Privacy Protection Act, the Electronic Communications Privacy Act, the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH), among others. We also counsel on the Foreign Intelligence Surveillance Act (FISA), the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), the Telephone Consumer Protection Act (TCPA) and the Video Privacy Protection Act (VPPA).
We also counsel clients regarding online advertising, marketing, and promotions as they relate to privacy considerations, support companies in designing transactions to effectively protect and utilize informational assets, and provide counseling services related to industries that are governed by other privacy and consumer protection laws, such as the Federal Acquisition Regulation and by regulatory authorities, such as the FTC, SEC, FCC, HHS, and DHS.
Additionally, the upcoming EU General Data Protection Regulation (GDPR) will impose a variety of new requirements on companies accessing the data of EU residents. ZEK’s privacy team works closely with clients to help them understand the scope and applicability of the GDPR and to design compliance programs so that they are prepared to meet the GDPR requirements when they go into effect in 2018.
ZEK attorneys who work on these matters
Daniel B. Garrie, is a partner in Zeichner Ellman & Krause LLP's litigation group, and Executive Managing Partner for Law & Forensics, a legal consulting firm that works with clients across industries on software, cyber security, e-discovery, and digital forensic issues. Daniel specializes in complex software and business litigation, e-discovery, privacy, trade secret and data breach matters, trade secret theft, copyright and patent litigation, and cyber-warfare. A nationally recognized educator and lecturer on various topics including computer software, cyber security, e-discovery, forensics, emerging internet and mobile technologies, and cyber warfare, Daniel is the Editor in Chief of the Journal of Law and Cyber Warfare, a fellow at the Ponemon Information Privacy Institute, a distinguished neutral with CPR, and on the editorial board of the Beijing Law Review. He is the co-editor (together with Yoav Griver) of the multi-year treatise, Dispute Resolution and e-Discovery, which is published by ThomsonReutersWestlaw. Mr. Garrie holds a B.A. and M.A. in Computer Science from Brandeis University and a J.D. from Rutgers School of Law.
Anthony I. Giacobbe, Jr., is Counsel to Zeichner Ellman & Krause LLP's litigation group. Tony is a commercial litigator and is a member of the Sedona Conference's Electronic Document Retention and Production Working Group regarding federal e-discovery. On the state level, Tony was appointed to the NYS Unified Court System's Electronic Discovery Working Group, where he is tasked with updating and improving the New York Rules related to electronically stored information. A former prosecutor, Tony was recently invited to present on e-discovery and security issues to every office of the New York State Attorney General.
Yoav M. Griver, is a partner in Zeichner, Ellman & Krause LLP's litigation group. Yoav specializes in representing clients in complex commercial matters, and has long been a pioneer in the offensive and defensive use of e-discovery. He frequently lectures on e-discovery, cybersecurity, and risk management issues nationally, and writes on these matters for a variety of journals, periodicals, and legal reviews. He is the co-editor (together with Daniel Garrie) of the multi-year treatise, Dispute Resolution and e-Discovery, which is published by ThomsonReutersWestlaw.
Deborah Housen-Couriel is Special Counsel at Zeichner Ellman & Krause LLP, attached to ZEK's New York and Tel Aviv offices. She is a Fellow at Tel Aviv University's Ne'eman Workshop for Science, Technology and Security, where she has been involved in the development of Israel's national cybersecurity policy; a lead researcher at the Minerva Center at Haifa University's Law Faculty; an Associate Researcher at the Herzliya Institute for Counter-Terrorism and a member of its Cyber Desk Review. She is a member of the CCDCOE International Group of Experts currently drafting the “Tallin 2” manual on state activity in cyberspace; and of the ILA Study Group on Cybersecurity, Terrorism and International Law. She served on the public committee of Israel's National Cyber Bureau dealing with cybersecurity professions, and in 2010-11 co-chaired the National Cyber Initiative's Policy and Regulation Committee. She has published research on aspects of the legal and policy aspects of Israeli and global cybersecurity.
Rhea D. Siers is Special Counsel at Zeichner Ellman & Krause LLP, attached to ZEK's New York office. She has an extensive operational and academic background in cyber activities, policy and research. Ms. Siers retired as a member of the Defense Intelligence Senior Executive Service after over thirty years at the National Security Agency (NSA) including postings at the Federal Bureau of Investigation (FBI) and Department of State. Ms. Siers served in a variety of operational, legal, and policy positions dealing with some of the most critical issues facing the US Intelligence Community including cyber operations, information sharing, sharing, counterterrorism and counterintelligence. She is currently Scholar In Residence at the George Washington University Center for Cyber and Homeland Security, where she is focused on research, education and policy on Cybersecurity threats. Ms. Siers is also an adjunct faculty member of George Washington University where she teaches courses on Counterterrorism Policy, Middle East Intelligence, Intelligence Oversight, Intelligence Operations and Transnational Security issues. She is co-author of “Cyber Warfare and the Law” published by Thomson Reuters.
Sean M. Walsh, Special Counsel at Zeichner Ellman & Krause LLP. has an extensive experience in cyber investigations, U.S. cyber policy, and national security matters. Mr. Walsh retired from the U.S. Department of Justice as Assistant General Counsel in FBI’s National Security Law Branch. He provided legal advice on forensic and cyber matters to the Intelligence Community for their Counter Intelligence and Counter Terrorism programs as well as the Foreign Intelligence Surveillance Court. He served as the national security counsel to the FBI Cyber division and participated in interagency shaping national cyber policy. Mr. Walsh served as Assistant General Counsel to the N.Y. City SCA Inspector General’s Office and as a Special Assistant District Attorney in the Manhattan District Attorney’s Office focusing on corruption and money laundering in the city’s construction industry. As such, he initiated and managed fourteen monitorships / private inspector generals in efforts to reform the industry.