New Paper on Data Breach Harms

This is a draft of my paper Cybersecurity and Data Breach Harms: Theory and Reality, forthcoming in the Maryland Law Review.

Legal Ethics and Technology

I’m speaking tonight at the Gibbons Institute of Law, Science & Technology’s “Legal Ethics, Technological Competence and New Technologies” event.  I’ll focus on Comment 8 to ABA Model Rule 1.1, ABA Formal Opinion 477, and ABA Formal Opinion 483, all of which concern a lawyer’s ethical duties in relation to new technologies.  Here’s the slide deck.

[google-drive-embed url=”https://drive.google.com/file/d/1Jp61G_IzBN0nqH7yzXx5FIgtbB3ILH0l/preview?usp=drivesdk” title=”slidesforethicscle2018.PPTX” icon=”https://drive-thirdparty.googleusercontent.com/16/type/application/vnd.openxmlformats-officedocument.presentationml.presentation” width=”100%” height=”400″ style=”embed”]

AI Data Privacy Concerns

Here’s a working list of legal concerns regarding AI and data privacy:

  • Legal Problem #1: Do you have authority to collect the data?
  • Legal Problem #2: Do you have authority to use the data?
  • Legal Problem #3: Do you have authority to retain the data?
  • Legal Problem #4: Does your algorithm need to be fair?
  • Legal Problem #5: Are you providing data to a business partner that is using it in AI applications?
  • Legal Problem #6: Are you obtaining services from a business partner that is processing data in AI applications?

AI in the Pharma Industry

On Thursday I’m speaking at the Mayer Brown Life Sciences Symposium on AI, Blockchain, and Automation in the pharma industry.  Here’s a graph from a recent EY Report showing the ways in which big data and automation will impact the pharma and healthcare industries.  

These developments promise to revolutionize healthcare for the better.  From a security perspective, these developments present both benefits and risks.  On the risk side, one of the themes I’ll emphasize is the increased attack surface that comes from the integration of information across multiple vendors, devices, platforms, providers, and patients.

Encryption and the Fifth Amendment

This afternoon I’m presenting at the Hofstra Law School IP Colloquium on my paper The Skeleton in the Hard Drive:  Encryption and the Fifth Amendment.  Here are my slides.

[google-drive-embed url=”https://drive.google.com/file/d/1BGkHdofptEBeJjkbbi9gkpycbnjtmlMa/preview?usp=drivesdk” title=”The Skeleton in the Hard Drive.pptx” icon=”https://drive-thirdparty.googleusercontent.com/16/type/application/vnd.openxmlformats-officedocument.presentationml.presentation” width=”100%” height=”400″ style=”embed”]

Slides on Cybersecurity and Legal Ethics

I’m also speaking later with Brett Harris on cyber security and legal ethics.  Here are our slides.

[google-drive-embed url=”https://drive.google.com/file/d/0BzS0leqU862xbFVLaTVHNDYtZHM/preview?usp=drivesdk” title=”Final Cyber 2017 Presentation.ppt” icon=”https://drive-thirdparty.googleusercontent.com/16/type/application/vnd.ms-powerpoint” width=”100%” height=”400″ style=”embed”]

Apple iPhone Unlock Order

Here is a copy of the Order from U.S. Magistrate Judge Sheri Pym in California requiring Apple to render “reasonable technical assistance” to the FBI in obtaining access to an iPhone used by one the San Bernardino terror shooters.

I have previously argued that, under appropriate circumstances and pursuant to a search warrant, the government should be able to obtain passwords and decryption keys from suspects necessary to obtain the plaintext versions of files on seized devices.  The Apple case, however, is different because the court is ordering a non-suspect third party technology company to actively assist with an investigation.  While I might support carefully tailored legislation regarding law enforcement access to encryption keys, a court order such as this one without specific statutory authorization seems troubling.

[google-drive-embed url=”https://drive.google.com/file/d/0BzS0leqU862xSXdaQzRIV01CYVk/preview?usp=drivesdk” title=”SB-Shooter-Order-Compelling-Apple-Asst-iPhone (1).pdf” icon=”https://ssl.gstatic.com/docs/doclist/images/icon_12_pdf_list.png” width=”100%” height=”400″ style=”embed”]

Civil Liability for Data Breaches

Here are my slides from the University of South Carolina Law School symposium on civil liability in data breach cases.

[google-drive-embed url=”https://drive.google.com/file/d/0BzS0leqU862xMDZlckRyejlaNXM/preview?usp=drivesdk” title=”soutcarsymposium.pptx” icon=”https://ssl.gstatic.com/docs/doclist/images/icon_10_powerpoint_list.png” width=”100%” height=”400″ style=”embed”]

PLI Presentation

I presented this morning at PLI’s annual “Think Like a Lawyer, Talk Like a Geek” seminar.  Here is my presentation, which focuses on cyber risk insurance issues.

[google-drive-embed url=”https://drive.google.com/file/d/0BzS0leqU862xc3BvaEtqaGRURmM/preview?usp=drivesdk” title=”pli20152.pptx” icon=”https://ssl.gstatic.com/docs/doclist/images/icon_10_powerpoint_list.png” width=”100%” height=”400″ style=”embed”]

Don’t miss our next event

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed venenatis dignissim ultrices. Suspendisse ut sollicitudin nisi. Fusce efficitur nec nunc nec bibendum. Praesent laoreet tortor quis velit facilisis faucibus. Maecenas sollicitudin lectus diam, non vehicula arcu ullamcorper ac. In pharetra, est vitae interdum tincidunt, urna ligula rutrum tellus, sit amet pharetra purus magna eu enim. Sed iaculis imperdiet nisi, et pulvinar mauris gravida maximus. Phasellus vitae lorem at sem mattis volutpat. In eget dictum dui. Quisque nec sapien at massa mattis semper. Ut ac malesuada turpis. Fusce eu nulla vehicula, tincidunt dui ultrices, fermentum felis. Aliquam lectus nisi, feugiat ut aliquet sed, posuere sed libero.

Pellentesque consectetur massa nec nulla fermentum, at tincidunt elit volutpat. Duis vulputate placerat tortor, sit amet eleifend mauris tincidunt sit amet. Aliquam a maximus ligula. Phasellus nec sapien sed tellus tempor eleifend id a erat. Donec convallis bibendum posuere. Quisque mollis imperdiet malesuada. Suspendisse eget dictum massa.

Phasellus ac posuere nibh, in finibus nulla. In diam arcu, luctus sit amet condimentum sit amet, tristique et leo. Sed tincidunt justo a porttitor tristique. Nulla eu metus tincidunt, ornare magna ullamcorper, semper lacus. Quisque vitae porttitor odio, id tincidunt tellus. Fusce a suscipit eros. Proin sit amet risus fermentum, lobortis quam sed, consequat velit. Quisque sit amet ultricies lorem. Phasellus scelerisque ipsum eget ipsum posuere suscipit. Proin id molestie mauris, a venenatis ipsum. Quisque efficitur, nibh a dapibus mollis, metus tortor fermentum ante, non pellentesque mi magna non leo. Integer quis sem hendrerit, euismod dolor id, dapibus nulla. Maecenas non ultrices lorem. Pellentesque lobortis, diam eget feugiat lacinia, ante augue ullamcorper tortor, vel ornare sapien lacus pharetra quam.