Privacy and Cybersecurity
Personal information of customers, employees, and vendors is one of the most valuable assets held by a company and also, increasingly, one of the most vulnerable to unlawful disclosure. Personal information essentially includes anything that can be used to identify a particular person. This includes obvious items like names, photos, and social security or other identification numbers. Sometimes it also includes less obvious data points such as computer IP addresses, geolocation information, genetic identifiers, and voice prints. With the proliferation of privacy laws around the world, all aimed at protecting an individual’s ability to control the use and spread of their personal information, companies must perform an analysis of the information they collect and their privacy practices to ensure that they comply with these privacy laws.
Protorae Law’s Privacy and Cybersecurity Practice is a proactive, holistic, strategic counseling practice focused on guiding clients through the review of their corporate activities, data flow, and systems, and modification of their practices to support compliance with the relevant laws. We work collaboratively with clients to deeply understand the information collected, where it lives within the company, how it is used, and with whom it is shared. We then help companies develop the internal policies and practices, information governance systems, and compliance programs necessary to come into compliance with privacy laws that affect their business. Through it all, we focus on creative and cost-effective solutions that match our clients’ goals and budgets.
All computer systems are vulnerable to attack. Corporate and customer information are valuable assets and the penetration methods used by hackers to take them have become increasingly sophisticated. Spoofing (faking credentials to trick legitimate users into giving up information or access), typosquatting (diverting users to acquire their information or access by using emails or URLs that are similar in appearance but incorrect), and ransomware (code that locks users out of their system until ransom is paid and access restored) are just some of the methods used to steal money, information, influence, and to disrupt individuals, companies, and government entities of all kinds.
Cybersecurity law is a growing field of law that focuses on answering two broad questions: (1) how can companies better protect themselves from computer-based intrusion; and (2) if such an intrusion occurs, what steps must a company take to minimize additional intrusion and to notify its users and customers?
Protorae’s Privacy and Cybersecurity Practice is a proactive, strategic counseling practice aimed to help companies identify the weaknesses in their information governance systems and implement internal policies, processes, education, and physical and technical security measures to minimize their business risks associated with unauthorized activities involving company data. We counsel clients from government contractors to international agencies to multi-national corporations on the appropriate steps to mitigate the risk of a cybersecurity attack and support compliance with an ever-growing set of regulations governing collection, processing, use, and destruction of their business’s digital information.
We work closely with our clients to understand their information technology systems and how the employees of the organization interact with those systems. After analyzing and understanding data flows, we help clients reduce their vulnerabilities, speed up their ability to recover from attacks, and identify the resources they need to enhance their cybersecurity and comply with relevant regulations.
We invite you to read our blog, DecodingIP, for new and interesting developments involving privacy, cybersecurity, and intellectual property law and the ever-changing technology that people and businesses interact with every day.