| Time | Session | Panelists |
| Wednesday, April 12, 2023 | ||
| 5:30 — 7:30 | Evening Welcome Reception | |
| Thursday, April 13, 2023 | ||
| 7:30 — 8:30 | Buffet Breakfast & Sign-in | |
| 8:30 — 8:45 | Welcome & Announcements | Drum, Promislow, Withers |
| 8:45 — 10:15 | Session 1: Privacy and Security Tabletop Exercise | Carr, Fedeles, Meade, Jorgensen, Promislow* |
| In this session, practitioners will present simulated privacy and data security scenarios that could create notification obligations, regulatory risk, or civil litigation exposure. The remaining panel sessions will offer guidance on addressing and mitigating key risks associated with the scenarios presented in this session. | ||
| 10:15 — 10:30 | Morning Break | |
| 10:30 — 11:45 | Session 2: Assessing Security Risk and Liability Exposure: What is the Current State of "Reasonable Security" | Ackert, Meal*, Murphy, Vibbert |
| Rapid technological advances have fostered innovations by threat actors and those seeking to prevent security incidents. Certain security measures considered "state of the art" a few years ago, may now be obsolete or at least insufficient in isolation. This panel will examine the current legal and technology landscape to help in-house counsel, external counsel and organizations prioritize cybersecurity resource allocation. | ||
| 11:45 — 1:00 | Session 3: Cybersecurity and Privacy Audits and Internal Investigations | Brady, Lutkus, Matus*, McNicholas |
| The landscape of reasonable security measures and privacy requirements is constantly shifting. It's important to stay on top of existing requirements and to address issues that point to privacy or security gaps in ways that both correct deficiencies and preserve relevant evidence where investigations and litigation are reasonably anticipated. This panel will cover the "dos and don'ts" of audits and internal investigations. | ||
| 1:00 — 2:15 | Lunch | |
| 2:15 — 3:30 | Session 4: Privilege Issues and Ethics in Privacy Litigation and Incident Response | Aaron, Baxter-Kauf, Fedeles, Gyasi, Vibbert* |
| The privilege landscape in privacy and cybersecurity adversarial proceedings has evolved significantly over the past decade, and privilege considerations often come into play in cybersecurity and privacy matters well before litigation is "reasonably anticipated." This panel will cover privilege considerations and discuss how counsel and their clients can ethically set privilege parameters in these matters. | ||
| 3:30 — 3:45 | Afternoon Break | |
| 3:45 — 5:00 | Session 5: Privacy and Cybersecurity Insurance | McAndrew, Romine, Saikali*, Wall |
| With the rise of cyber incidents and exponential growth in privacy lawsuits, coverage under cyber liability insurance policies is at an inflection point. This panel will address key legal issues relating to the scope of first and third-party coverage for privacy and data security incidents, coverage issues relating to emerging theories of liability, and how companies can adapt to an evolving insurance marketplace. | ||
| 5:30 — 7:00 | Reception (guests invited) | |
| Friday, April 14, 2023 | ||
| 7:30 — 8:30 | Buffet Breakfast & Sign-in | |
| 8:30 — 9:45 | Session 6: Cross-Border Data Transfer Considerations | Carr, Moncure, Shonka*, State, Wall |
|
Incident response and data privacy and security litigation often cross international borders. Ensuring that personal data is transferred in compliance with applicable laws is essential to avoid "sideshow" supplementary disputes or enhanced penalties. In this session, practitioners who frequently conduct cross-border transfers in the context of investigations and litigation will offer guidance on minimizing data transfer risks. |
||
| 9:45 — 11:00 | Session 7: Regulatory and Judicial Roundtable | Aaron, Jordan, Murphy, Promislow*, Swetnam |
|
In this session, we'll hear from the judges and regulators who are overseeing enforcement and litigation in the privacy and security space and get insights into what they expect from the practitioners and organizations involved in privacy and security-focused investigations and disputes. |
||
| 11:00 — 11:15 | Morning Break | |
| 11:15 — 12:30 | Session 8: Emerging Issues in Privacy and Security Litigation |
Drum*, Jorgensen, Pizzirusso, Rice, Yovanic, |
| In this final session, seasoned practitioners will cover trends cropping up in data breach suits and in the ever-growing acronym-soup of statutory-based privacy litigation (BIPA, CCPA, CIPA, VPPA, etc.). This panel will also revisit the tabletop hypotheticals presented in the first session and address some of the lessons learned throughout the program. | ||
| 12:30 — 12:45 | Wrap-up | Drum, Promislow, Withers |
| 13:00 — 14:00 | Adjournment and Grab-&-Go Lunch (provided) |
Panel Moderator*
Date:
Thursday, April 13, 2023 - 8:30am to Friday, April 14, 2023 - 1:00pm