• Pillsbury Winthrop Shaw Pittman announced this week it will begin recommending that its clients hire cybersecurity company FireEye to conduct a risk assessment as part of the due diligence phase of a merger.
Such assessments take one-week at minimum and examine infrastructure security and data safeguards; while a more thorough assessment of a company’s cybersecurity can take three to six weeks at minimum, said Holly Ridgeway, director of information security programs at FireEye’s Mandiant.
“Part of the problem right now is that sufficient time isn’t allowed before the acquisition” to conduct a cyber assessment, said Ridgeway.
She said her company will also refer its clients to Pillsbury for a legal analysis of cyber risk following a technical analysis. No other details of the financial partnership were disclosed.
• The California-based content management company Box, announced it will allow users to store information within specific regions, starting in May with Germany, Ireland, Singapore and Japan.
Box has 3 data centers, all in the U.S., but with Box Zones , the company partnered with IBM and Amazon Web Services to provide data storage options in Europe and Asia, a spokeswoman said. The company plans to expand its data storage options in Europe, Latin America and Canada, the spokeswoman said.
• The European Parliament last week approved new data privacy regulations that bring tighter data consent requirements and significant fines for noncompliance.
In an interview with Big Law Business, Stoel Rives’ Jon Washburn, national manager of technical operations and information management, suggested law firms should think about segregating data. If a firm is doing data collection for litigation, for example, and it involves EU citizens’ data, there has to be an understanding of how to store the data and whether it complies with EU privacy laws. “If you have a client in Germany, ask if the data can be stored in the U.S.,” he said.
Greenberg Traurig issued an April 19 alert on the EU General Date Protection Regulation, or GDPR that fines for violating consent requirements can exceed €20 million or 4 percent of the total worldwide annual revenue.
• A federal judge sentenced former Locke Lord IT engineer Anastasio Laoutaris to nine and a half years in prison and handed down a $1.7 million fine. Laoutaris was convicted in 2015 of accessing the firm’s computer network without authorization — approximately four months after he left the firm — and deleting or disabling hundreds of user accounts.
• Zapproved, the Portland, Ore.-based legal hold and cloud services provider, announced it has received a SOC 2 Type 2 Certification.
The SOC2 certification, awarded by American Institute of Certified Public Accountants, requires an infrastructure audit — which looks at power systems, HVAC, physical security, software, people, procedures and data. The process took 10 months and was “a true corporate colonoscopy,” said Chris Bright, vice president of marketing at Zapproved.
• McDermott Will & Emery announced it has organized internal unit for data review during merger due diligence and non-litigation related events. Called McDermott Corporate Services, it has approximately 10 staff attorneys located in Chicago.
• Prosperoware, an enterprise software maker for the legal industry, hired Mark Craddock in London to lead expansion in Europe, the Middle East and Africa. Craddock was previously director of sales for NetDocuments in the EMEA region, and has also worked at Microsoft, Toshiba and Thomson Reuters.
• Redgrave, Information and technology firm, added two attorneys and two advisors to its practice: Charles Ragan, former co-chair of Pillsbury Winthrop’s e-discovery task force, joined as of counsel in the firm’s Minneapolis and San Francisco offices. Dan J. Nichols also joined as of counsel in San Francisco. It also added, Liz Correllus in Washington, D.C., and Angela M. Dillingham in northern Virginia, as advisors.
Cornell Tech — a Cornell University venture based in New York City — will enroll its inaugural class of about 15 students this fall.
The program will offer a Master of Laws in law, technology and entrepreneurship . The students, who mostly will be U.S. lawyers already, will take classes and also will work in teams to counsel entrepreneurs, said Chuck Whitehead, a professor and director of the new program.
Based in Google’s Manhattan office building, it will move to an 11-acre campus on Roosevelt Island off the coast of Manhattan in 2017 as part of a joint initiative between Cornell and Technion-Israel Institute of Technology, with assistance from the City of New York.
• Miami will host the 2016 World Technology Law Conference this May 18 - 20. The International Technology Law Association hosts the event. This year’s theme is “How technology is changing life and the law—and how lawyers can keep up.”
• Also starting May 18, the 11thannual IICE Summit (Information Governance, Investigations, Compliance and eDiscovery Summit) kicks off in London. The 2-day event covers issues of eDiscovery, investigations, and information management
• While summer usually is filled with various bands on tour, AccessData Group announced plans for an EU data privacy educational tour. The e-discovery and digital forensics provider will visit 3 European cities this June with its Cross-Border Quandary Tour: When Data Transfer Collides with Data Privacy .
Register to attend the tour in London (June 20), Amsterdam (June 22) or Frankfurt, Germany (June 23), and join discussions on EU-U.S. conflict of law issues, GDPR compliance, e-discovery preservation and more.
Written by Terry Hyland and Nora Macaluso with assistance from Gabe Friedman.