I am really enjoying my work on the ABA’s Cybersecurity Legal Task Force - very bright folks and engaging conversations. Updates:
The Task Force is working on two handbooks. The Cyber and Data Security Handbook and the Critical Infrastructure Response Handbook (that’s the one I’m working on along with many others). We hope to keep the books to a reasonable length and to include some graphics, checklists, etc. and of course to write in plain English as much as possible.
The Task Force is looking at how the Chinese are breaking into law firms. What security measures are reasonable and at what point do you tell clients about a breach? Does it make sense to draft a resolution of some sort? Have ethical obligations changed with technology and the nature of the threat?
Are there different obligations for small and large firms and, if so, how do you determine them? One solution is to let the client host the data in the matter you are working on for them. Then it is up to the client to make sure that privilege is not broken by unauthorized people having access.
The government has divided critical infrastructure into 17 sectors – and legal isn’t one of them. Should there be a legal information sharing environment technology system?
Astonishingly, Capitol Hill is interested in input from the ABA and has given the ABA a list of questions to answer. Another committee. I’m not at all sure who raised my hand – again – but I’d like to give her 40 lashes.
E-mail: [email protected] Phone: 703-359-0700