Jan 13, 2016

We open up our 2016 year interviewing Shawn Tuma on the show. Shawn is our legal eagle, and a regular contributor to the podcast. This episode ran a little bit long (OK a lot long) but I think you'll enjoy the show... 

In this episode...

• Most important cybersecurity-related legal developments of 2015
  • Tectonic Shift that occurred with “standing” in consumer data breach claims
    • Discussion of law prior to Neiman Marcus case, and post Neiman Marcus
    • Does this now apply to all consumer data breach cases?
    • Immediate impact? Companies now liable?
    • Lesson is in seeing the trend and how incrementalism works
• Regulatory Trends
  • FTC & SEC gave hints in 2014, post-emergence of Target details
  • Wyndham challenged authority – came to fruition in August 2015
  • SEC not far behind – significant case in September 2015
  • Aggressiveness of FTC is substantial – FTC v. LabMD … all over LimeWire
• Officer & Director Liability
  • 2014 – SEC Comm. fired the warning shot … pointed the finger
  • Shareholder derivative litigation
  • Individual liability of IT / Compliance / Privacy “officers”
• Major 2016 Legal Trends
  • Regulatory enforcement … which, by the way, is why NIST is becoming default
  • Shareholder Derivative – much more likely than consumer class actions at this time
  • Lessons from both of these: when you need to persuade the “money folks” that they need to act, mention D&O Liability (especially Caremark) and Regulatory focus on individuals … now they're in the cross-hairs
  • Realization that cybersecurity is more of a legal issue than anything else (IT or business) b/c it is the legal requirements and consequences that ultimately drive everything