CNET report:::::::::

The U.S. Federal Trade Commission has notified nearly 100 organizations that data from their networks has been found on peer-to-peer file-sharing networks, the agency said on Monday.

The FTC notices went to private and public entities, including schools and local government agencies and organizations with as few as eight employees to as many as tens of thousands, the FTC said in a statement. The sensitive information about customers and employees that was leaked could be used to commit identity fraud, conduct corporate espionage, and for other crimes.

Full CNET Article

FTC Statement: Widespread Data Breaches Uncovered by FTC Probe

Excerpt:……..“Unfortunately, companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers’ sensitive information at risk. For example, we found health-related information, financial records, and drivers’ license and social security numbers–the kind of information that could lead to identity theft,” said FTC Chairman Jon Leibowitz. “Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure. Just as important, companies that distribute P2P programs, for their part, should ensure that their software design does not contribute to inadvertent file sharing.”

FTC’s P2P Guide: Peer-to-Peer File Sharing: A Guide for Business

We did not know true value and the timely insight of David Shonka, Esq., of the FTC (Discover Webinar Here) during our Best Practice Webinar last week. It was such an eDiscovery harbinger.  The subsequent litigation proceedings and eDiscovery ramifications of these leaks are staggering.

–JDM

• The Ten eDiscovery Commandments: The Judges Speak – The Honorable Andrew J. Peck and  The Honorable Frank Maas and moderated by Andrew M. Cohen, Esq., Vice President & General Manager of eDiscovery and Compliance Solutions and Associate General Counsel for EMC

• Authenticity and Admissibility: Enterprise ESI Management, Information Governance and the Chain of Custody challenge - David Shonka, Esq., Deputy General Counsel, FTC; Steven W. Teppler, Esq., EdelsonMcGuire, LLC and Author of “Digital Evidence LifeCycle Management – A Guide for Enterprise, Attorneys, and Technologists”; Anthony J. Diana, Esq., Mayer Brown LLP, James D. Shook, Esq., EMC eDiscovery expert with panel moderated by William D. O’Neil, Esq. Corporate Governance and Compliance Specialists and eDiscovery Expert.

• “eDiscovery for Dummies” – The New Book – Dr. Linda Volonino and Ian Redpath, Esq. co-authors and moderated by Jake Frazier, MBA, Esq., Sr. Director SourceOne eDiscovery – Kazeon and author of “Bringing eDiscovery In-House for Dummies”

• The Future of eDiscovery: Emerging Trends in Law and Technology and How it will Change Your Business – Andrew M. Cohen, Esq., Vice President & General Manager of eDiscovery and Compliance Solutions and Associate General Counsel for EMC; George Socha, Esq., Co-Creator of the EDRM Model; Greg Buckles, Independent eDiscovery Consultant; Farrah Pepper, Esq., Founder and Chairperson for Gibson, Dunn & Crutcher’s Electronic Data Discovery Initiative and Global Task Force and moderated by Jake Frazier, MBA, Esq., Sr. Director SourceOne eDiscovery – Kazeon and author of “Bringing eDiscovery In-House for Dummies” with special guest Robert D. Owen, Esq., Partner – Fulbright & Jaworski LLP

• eDiscovery War Stories: The Dirty Truth from the eDiscovery Trenches - Charles S. Biener, Esq., Vice President and Senior Litigation Counsel CIT Group Inc.; Steven W. Teppler, Esq., EdelsonMcGuire, LLC and Author of “Digital Evidence LifeCycle Management – A Guide for Enterprise, Attorneys, and Technologists” Jeff Seymour, Principal in Deloitte Financial Advisory Services LLP, Northeast leader of its Analytic & Forensic Technology practice and moderated by James D. Shook, Esq., CIPP, recognized authority and author on legal discovery and compliance law.

• Bringing eDiscovery In-House: In-sourcing, Outsourcing and eDiscovery Zen – David Shonka, Esq., Deputy General Counsel, FTC and Jake Frazier, MBA, Esq.; Greg Buckles, Independent eDiscovery Consultant; William D. O’Neil, Esq., Corporate Governance and Compliance Specialists and eDiscovery Expert and moderated by Ari Kaplan, Esq., is principal of Ari Kaplan Advisors, which provides law-related ghostwriting and industry research services, and also trains legal professionals on publishing, communications, business development and networking.  He is the author of The Opportunity Maker: Strategies for Inspiring your Legal Career Through Creative Networking and Business Development (Thomson-West, 2008).

• Internal Investigations: The Scoop on Employment Suits and Risk Management - Alitia Faccone, Esq., Partner – McCarter & English and Financial Services Litigation & eDiscovery Specialists; Heidi Maher, Esq., Employment Law Specialists and eDiscovery Expert; Gina Trimarco, Esq., Associate with McCarter & English Employment Law Specialists and eDiscovery Expert  and moderated by Matthew Nelson, Esq., Legal Consultant in EMC’s Global eDiscovery & Compliance practice.

Click Here for the LegalTech Super Session Flyer

David Shonka, Esq. is Deputy General Counsel of the FTC and chair of the FTC’s E-discovery Steering Committee for government law enforcement investigations.  In  our next webinar, David discusses the eDiscovery, Federal Trade and the future of both.

Will the FTC control eDiscovery law?  Join us to find out!

Accolades for David’s work with the FTC:  “Dave’s work for over three decades has played a leading role in making the Office of General Counsel one of the best law offices in the federal government,” Chairman Kovacic said. “His service to this agency is unsurpassed. The Commission is most fortunate to enlist someone of such outstanding accomplishment and judgment to serve as Acting General Counsel.”

Register for this Webinar

First, DATA would put into place a federal law regarding the standards for notification of breaches or thefts involving personally identifiable information. DATA would also require that notification be provided to the Federal Trade Commission (“FTC”) if there is a breach. Although there is no current requirement of notification to state agencies, DATA does allow state agencies and the FTC to enforce the provisions of DATA. Although almost all states and jurisdictions have data breach notification laws in place, and other states are on the verge of passing new data breach notification laws, a federal law would replace the jumble of standards and reporting requirements.

Second, DATA would require that those firms that store personally identifiable information to have in place security policies and procedures to ensure that information is adequately protected. These proposed provisions largely track those already in place in the Gramm-Leach-Bliley Act.

Third, DATA has added provisions related to consumers’ ability to review and correct misinformation held by a firm. Similar to the right to review and protest information contained in credit reports under the Fair Credit Reporting Act, consumers are allowed to point out incorrect “personal information” a firm maintains.

Under DATA, the FTC will be directed to pass regulations and guidance implementing and interpreting many of the specifics, and would be granted civil enforcement authority through its power under the FTC Act to prevent unfair and deceptive trade practices. In addition, DATA would empower state attorneys general to bring civil actions to enforce its provisions with regard to violations against residents of their respective states. Penalties would be substantial. The failure of any covered organization to implement a comprehensive data security program or of data brokers to implement requirements specific to them would carry a maximum penalty of $11,000 per violation — which in the case of the data security program would be $11,000 per day — up to a maximum of $5,000,000. Failing to comply with the breach notification provision would carry a penalty of up to $11,000 per failed notification, up to a maximum of $5,000,000, which could theoretically be reached by an unreported breach of the personal information of only 455 individuals.

The Senate Judiciary Committee last month approved two bills similar to DATA. While there are some differences in those proposals, all three bills seem to enjoy some bipartisan support. Although the full Senate chamber is unlikely to vote on the bills for some time, proponents are now likely to point to the momentum generated by the passage of DATA to bring the issue before the full Senate sooner rather than later.

Reprint from Wildman Harrold’s Privacy and Security Resource Center

]]> http://www.kazeon.com/blog/2009/12/house-passes-data-security-legislation-%e2%80%93-will-the-senate-be-nexthouse-passes-data-security-legislation-%e2%80%93-will-the-senate-be-next/feed/ 0 http://www.kazeon.com/blog/2009/12/emc-to-sponsor-all-star-educational-ediscovery-sessions-at-legaltech-new-york-2010/ http://www.kazeon.com/blog/2009/12/emc-to-sponsor-all-star-educational-ediscovery-sessions-at-legaltech-new-york-2010/#comments Sun, 20 Dec 2009 23:03:11 +0000 David http://www.kazeon.com/blog/?p=365 With the eDiscovery growth, the complexities associated with eDiscovery are daunting. The risk of missteps during the eDiscovery process weighs on the minds of Corporate Counsel, as well as IT professionals.  What do legal and IT professionals need most? Advice and education from trusted experts who have been in the eDiscovery trenches.
“eDiscovery is a dynamic and nascent practice. It involves significant people, process and technology across multiple disciplines, all of which have a specific eDiscovery role to play. To be successful in eDiscovery projects, teamwork across traditional roles is mandatory,” says Karthik Kannan, Sr. Director eDiscovery EMC. “Bringing together the best legal and technical minds, EMC is delivering valuable firsthand eDiscovery technology best practices during our sponsored sessions at Legal Tech in New York.” EMC is sponsoring the following sessions for CLE credit:

• The Ten eDiscovery Commandments: The Judges Speak – The Honorable Andrew J. Peck and  The Honorable Frank Maas and moderated by Andrew M. Cohen, Esq., Vice President & General Manager of eDiscovery and Compliance Solutions and Associate General Counsel for EMC

• Authenticity and Admissibility: Enterprise ESI Management, Information Governance and the Chain of Custody challenge - David Shonka, Esq., Deputy General Counsel, FTC; Steven W. Teppler, Esq., EdelsonMcGuire, LLC and Author of “Digital Evidence LifeCycle Management – A Guide for Enterprise, Attorneys, and Technologists”; Anthony J. Diana, Esq., Mayer Brown LLP, James D. Shook, Esq., EMC eDiscovery expert with panel moderated by William D. O’Neil, Esq. Corporate Governance and Compliance Specialists and eDiscovery Expert.

• “eDiscovery for Dummies” – The New Book – Dr. Linda Volonino and Ian Redpath, Esq. co-authors and moderated by Jake Frazier, MBA, Esq., Sr. Director SourceOne eDiscovery – Kazeon and author of “Bringing eDiscovery In-House for Dummies”

• The Future of eDiscovery: Emerging Trends in Law and Technology and How it will Change Your Business – Andrew M. Cohen, Esq., Vice President & General Manager of eDiscovery and Compliance Solutions and Associate General Counsel for EMC; George Socha, Esq., Co-Creator of the EDRM Model; Greg Buckles, Independent eDiscovery Consultant; Farrah Pepper, Esq., Founder and Chairperson for Gibson, Dunn & Crutcher’s Electronic Data Discovery Initiative and Global Task Force and moderated by Jake Frazier, MBA, Esq., Sr. Director SourceOne eDiscovery – Kazeon and author of “Bringing eDiscovery In-House for Dummies” with special guest Robert D. Owen, Esq., Partner – Fulbright & Jaworski LLP

• eDiscovery War Stories: The Dirty Truth from the eDiscovery Trenches - Charles S. Biener, Esq., Vice President and Senior Litigation Counsel CIT Group Inc.; Steven W. Teppler, Esq., EdelsonMcGuire, LLC and Author of “Digital Evidence LifeCycle Management – A Guide for Enterprise, Attorneys, and Technologists” Jeff Seymour, Principal in Deloitte Financial Advisory Services LLP, Northeast leader of its Analytic & Forensic Technology practice and moderated by James D. Shook, Esq., CIPP, recognized authority and author on legal discovery and compliance law.

• Bringing eDiscovery In-House: In-sourcing, Outsourcing and eDiscovery Zen – David Shonka, Esq., Deputy General Counsel, FTC and Jake Frazier, MBA, Esq.; Greg Buckles, Independent eDiscovery Consultant; William D. O’Neil, Esq., Corporate Governance and Compliance Specialists and eDiscovery Expert and moderated by Ari Kaplan, Esq., is principal of Ari Kaplan Advisors, which provides law-related ghostwriting and industry research services, and also trains legal professionals on publishing, communications, business development and networking.  He is the author of The Opportunity Maker: Strategies for Inspiring your Legal Career Through Creative Networking and Business Development (Thomson-West, 2008).

• Internal Investigations: The Scoop on Employment Suits and Risk Management - Alitia Faccone, Esq., Partner – McCarter & English and Financial Services Litigation & eDiscovery Specialists; Heidi Maher, Esq., Employment Law Specialists and eDiscovery Expert; Gina Trimarco, Esq., Associate with McCarter & English Employment Law Specialists and eDiscovery Expert  and moderated by Matthew Nelson, Esq., Legal Consultant in EMC’s Global eDiscovery & Compliance practice.

Click here to read more!

For the full FTC release: http://www.ftc.gov/bcp/edu/pubs/business/alerts/alt050.shtm