The Association of Corporate Counsel recently released their 2019 ACC Chief Legal Officers Survey, which addresses the issues that CLOs face and the environment in which they operate.
One of the primary responsibilities of in-house counsel is identifying and mitigating potential risks to the company. Data privacy and cybersecurity issues are now top-of-mind concerns for businesses around the globe . Couple that with the tidal wave of data privacy and cybersecurity regulations sweeping across the United States (CCPA, NYDFS, Colorado, and more), Europe (namely, GDPR), and other parts of the globe and sooner or later every legal department will be involved in data privacy and cybersecurity compliance. The ACC survey found that these issues top the list of concerns for CLOs in 2019.
All companies, their directors and officers, including the GC, are increasingly at risk of becoming the subject of regulatory actions from state and federal authorities as well as lawsuits brought about by customers, employees, partners, and shareholders. The General Counsel, along with management and directors, face heightened expectations to proactively guard against data privacy and cybersecurity threats.
You don’t have to look any further than the Yahoo data breach to recognize how important it is for in-house legal teams to get involved in data privacy and cybersecurity oversight. Adam Janofsky, of the Wall Street Journal, recently reported that, "top leaders at the former Yahoo Inc. agreed to pay $29 million to settle claims from shareholders who accused them of [shirking fiduciary responsibilities]". These issues have the potential to be a career-enabler or career-ender for in-house counsel.
"The monetary settlement is a first for this kind of lawsuit, Mr. Janofsky reports, and could open the way for similar lawsuits against companies after they report breaches. Top corporate leaders should be able to prove they have taken the right cybersecurity precautions at their companies and stay involved in cyber planning and response."- Kim Nash, WSJ Pro, Cyber Daily 1/29/16
When a breach happens, law enforcement will ask, “what information was breached?” The regulators and courts will ask a different question: “What controls did you have in place to prevent a breach from happening.” You need documented evidence of diligence in managing threats and risks.
This week we'll be releasing our "Top 10 Data Privacy & Cybersecurity Questions for In-House Counsel". To get this document delivered directly to your inbox, subscribe now.
Jordan Lawrence is proud to be the Exclusive ACC Alliance Partner for Data Privacy & Cybersecurity. Schedule a call to learn how we help in-house counsel address data privacy & cybersecurity compliance.