Jan 13, 2016
We open up our 2016 year interviewing Shawn Tuma on the show.
Shawn is our legal eagle, and a regular contributor to the podcast.
This episode ran a little bit long (OK a lot long) but I think
you'll enjoy the show...
In this episode...
- Most important cybersecurity-related legal developments of 2015
- Tectonic Shift that occurred with “standing” in consumer data
- Discussion of law prior to Neiman Marcus case, and post Neiman
- Does this now apply to all consumer data breach cases?
- Immediate impact? Companies now liable?
- Lesson is in seeing the trend and how incrementalism works
- Regulatory Trends
- FTC & SEC gave hints in 2014, post-emergence of Target
- Wyndham challenged authority – came to fruition in August
- SEC not far behind – significant case in September 2015
- Aggressiveness of FTC is substantial – FTC v. LabMD … all over
- Officer & Director Liability
- 2014 – SEC Comm. fired the warning shot … pointed the
- Shareholder derivative litigation
- Individual liability of IT / Compliance / Privacy
- Major 2016 Legal Trends
- Regulatory enforcement … which, by the way, is why NIST is
- Shareholder Derivative – much more likely than consumer class
actions at this time
- Lessons from both of these: when you need to persuade the
“money folks” that they need to act, mention D&O Liability
(especially Caremark) and Regulatory focus on individuals … now
they're in the cross-hairs
- Realization that cybersecurity is more of a legal issue than
anything else (IT or business) b/c it is the legal requirements and
consequences that ultimately drive everything