Historically, privacy and data security were not significant items in commercial transactions. A standard confidentiality clause would typically do the trick. However, as the commercial Internet began to take off in the 1990s, privacy became a major issue. Increased activity by the FTC under its Section 5 authority led to allegations of deceptive and then unfair trade practices. Most companies singled out by the FTC signed settlement agreements, thereby subjecting themselves to 20 years of scrutiny. For many companies, this was a wakeup call to pay attention to privacy issues. Randy Sabett of Cooley LLP covers the various privacy issues that exist today and how those issues evolved from the early days of privacy awareness.
Fast forward almost two decades, and we face another related (but slightly different) set of issues. In the early part of this millennium, data security began its ascent into the consciousness of the corporate world. We now have data breaches happening with more regularity, regulators becoming more involved with these kinds of issues (including significant involvement at the state level), and a greater level of enterprise awareness (including, in part, due to such industry efforts as PCI-DSS).
This seminar examines these trends and focuses on the present-day compliance needs and liability exposure of organizations resulting from the increased attention on protecting sensitive information. Mr. Sabett analyzes a number of different topics, both technical and legal, that can impact an organization. He focuses on how at least some of those issues can be covered in agreements between parties involved in commercial transactions. In addition, an assessment of corporate and board-level awareness identifies who should be involved in these issues and at what level.
I. Become aware of regulatory drivers behind today’s hypersensitivity to privacy and security
II. Appreciate the policy underpinnings for various international, federal, and state approaches to data security
III. Understand the impact of the above issues on commercial transactions
IV. Offer examples of situations where litigation arises from these situations
V. Identify ways to lower the risk of litigation and/or regulatory action
Randy V. Sabett, JD, CISSP, is Vice Chair of the Privacy and Data Protection practice group and a member of the firm's Technology Transactions Group. He rejoined the Firm in 2014 and is resident in the Washington, DC and Reston offices.
Mr. Sabett counsels clients on a wide range of cutting-edge cybersecurity, privacy, IT licensing, and intellectual property issues, including compliance with relevant international, federal and state laws and regulations, government and industry standards (such as the NIST Cybersecurity Framework and the PCI Data Security Standard), authentication, Public Key Infrastructure (PKI), active defense, federated identity, identity theft, and security breaches. Mr. Sabett helps clients develop strategies to protect their information, including advising companies on developing and maintaining appropriate internal controls to meet privacy and cybersecurity requirements. He also drafts and negotiates a wide variety of technology transaction agreements. Having previously served as an in-house counsel to a Silicon Valley startup, Mr. Sabett employs a pragmatic approach when structuring and negotiating such agreements.
Mr. Sabett served as a Commissioner for the Commission on Cyber Security for the 44th Presidency. He has been recognized as a leader in Privacy & Data Security in the 2007 - 2015 editions of Chambers USA: America's Leading Lawyers for Business and is listed in the International Who's Who of Business Lawyers. He also was named the Information Security Professional of the Year by the Information Systems Security Association (ISSA) for 2013 and was previously named as one of the "Top 50 Under 45" by the American Lawyer's IP Law & Business magazine.
Prior to rejoining Cooley, Mr. Sabett was Counsel at ZwillGen, a boutique law firm focused on cybersecurity, and before that a partner at SNR Denton. He also served as Senior Technology Counsel for a Silicon Valley information security company. Additionally, Mr. Sabett has several years of engineering experience in the information security marketplace and has worked in active noise cancellation, as well as having served with the National Security Agency as a crypto engineer. He holds two U.S. patents, one in the area of information security (U.S. Patent No. 6,981,149) and the other in the area of active noise cancellation (U.S. Patent No. 5,440,642).
Mr. Sabett is on the Board of Directors for the Georgetown Cybersecurity Law Institute and the Board of Directors for the Northern Virginia Chapter of the Information Systems Security Association (ISSA). He is also a member of the Section of Science and Technology Law of the American Bar Association, where he has served as both the Co-Chair and the Co-Vice Chair of the Information Security Committee. In addition, Mr. Sabett is a member of the International Association of Privacy Professionals (IAPP).
Selected Publications & Media Appearances
Selected Activities & Speaking Engagements
Very engaging and thoughtful!!
AMAZING! Incredibly helpful.
Randy had great energy and made the material more interesting. Also, he did more to improve the visuals on his powerpoints than most presenters. Thank you.
Finally, an outside counsel who understands that plausible deniability is a defense not a strategy.
Enjoyed the David Letterman-like closing with a "Top 10" list. Appreciated the practice tips (e.g., tabletop exercises and role playing a data breach scenario).
Speaker was interesting and well informed. Material was practical and very useful.
very good presentation - covered many topics in a timely manner
Very knowledgeable instructor. Would be interested in taking a more advanced course from him. Thank you.
This speaker and the content was incredible. It was so packed full of valuable information, that I'll be watching it again.
excellent content and presentation
Unlimited CLE Subscription gives you access to take almost any course from our catalog and earn as much CLE credit as you need.