Protecting Client Trust: Ethical and Legal Responsibilities in Data Breach Response

Today, cybersecurity experts often say businesses have either already experienced a cyber-attack or will undoubtedly in the future. While good progress has been made in establishing comprehensive incident response and increasing cybersecurity awareness, attorneys must also meet ethical obligations in understanding the technology, as well as monitoring responding to cyber incidents. In our increasingly digitized world, these responsibilities, outlined in the Model Rules of Professional Conduct, are critical to attorneys’ practice and client representation. This seminar provides attorneys with guidance on their ethical duties and insights from expert practitioners on meeting the challenge of technology.
In this seminar, our expert panelists begin by introducing the ethical concerns that data breaches can create. Our speakers then go on to outline the responsibilities that attorneys have when dealing with a data breach incident using the Model Rules of Professional Conduct. The experts will focus on the necessity of having foundational knowledge on the methods of protecting client data and the violations that could incur. The panelists will then go through the various rules related to the notice of data breach. They will summarize the obligations of reporting to current and former clients. Finally, the panelists will engage in a lively discussion of some of the less clearly defined rules and how they are interpreted by lawyers and courts.
Topics covered in this webinar:

Our Mission is to bridge the knowledge gap between law and technology professionals by educating attorneys on technology to attorneys and technology executives on its laws and regulations. Legal Cyber Academy provides a comprehensive tool and evolving knowledge base through exclusive insights from world class cybersecurity, privacy, web 3.0, forensic, and e-discovery legal and technical practitioners. Earn CLE, CPE, and CE credits. (Refunds are available if you do not receive credit) At Legal Cyber Academy We recognize that technology, the cybersecurity threats it faces, and relevant laws and regulation are rapidly evolving, presenting unique challenges and opportunities. Our platform is dedicated to empowering legal professionals with the skills and understanding necessary to navigate the complex landscape of technology in their field, enabling them to effectively advise clients, draft contracts, and navigate legal implications in a technology-driven world. Simultaneously, we strive to equip technology professionals with the legal knowledge they need to make informed decisions, ensure compliance with regulations, and limit liability. By fostering a deep understanding of legal frameworks, we hope to support technology professionals in creating innovative, compliant, and socially conscious technological advancements. Join us in our mission to reshape the way legal professionals and technology experts understand and interact with each other in a rapidly changing technical and legal landscape. Together, they will mitigate risk better, ensure compliance, and actively shape the future of technology and its accompanying laws.

LAW & FORENSICS LLC – FOUNDER; JAMS – NEUTRAL; HARVARD – ADJUNCT;
Danie Garrie, Esq., is the Co-Founder of Law & Forensics LLC, where he heads the Computer Forensics and digital discovery Cybersecurity teams. Daniel has been a dominant voice in the computer forensics and cybersecurity space for the past 20 years, as an attorney and technologist. He is an adjunct professor at Harvard for Computer Forensics, and prior to Law & Forensics, he successfully built and sold several technology start-up companies. Since co-founding Law & Forensics LLC in 2008, Daniel has built it into one of the leading boutique firms specializing in cybersecurity and forensic engineering. He is a mediator, arbitrator, and e-discovery special master for JAMS and is a partner and head of Cybersecurity practice at Zeichner, Ellman & Krause LLP. Daniel earned both a Bachelor’s and a Master’s degree in computer science from Brandeis University, as well as a J.D. from Rutgers Law School. Daniel has led cyber and forensic teams in some of the most visible and sensitive incidents in the United States. He and his team have worked globally for two of the top five banks and dozens of the largest private and public companies in the world. In addition, Daniel has been awarded several patents for advanced cybersecurity and forensic platforms he built with his team, including TableTop.AI, CustodyTrack.IO, and Forensic Scan. Daniel is also well-published in the cybersecurity space and has authored more than 200 articles and books. His work is cited by Black’s Law Dictionary 10th Ed. defining the terms 'software', 'internet', and 'algorithm'. Lastly, he has been recognized by several United States Supreme Court Justices for his legal scholarship and is a trusted source and thought leader for cybersecurity articles and opinions, cited over 500 times to date.

Of Counsel | Stevens and Lee
The Honorable Thomas I. Vanaskie, former Judge with the United States Court of Appeals for the Third Circuit and Chief Judge of the United States District Court for the Middle District of Pennsylvania, is a member of Stevens & Lee’s Litigation Department. He co-chairs the firm’s Appellate Practice Group with Karl S. Myers and chairs the firm’s Mediation, Neutral Services and Alternative Dispute Resolution Practice Group. Judge Vanaskie was appointed to the United States Court of Appeals for the Third Circuit in 2010 where he served with distinction for eight years, participating in and deciding many complex, high profile cases. Before 2010, he served as a district judge for the United States District Court for the Middle District of Pennsylvania for 16 years, including seven years as chief judge. In May of 2021, he was appointed by the President of the Pennsylvania Bar Association to serve as chair of a statewide task force to study the impact of the COVID-19 pandemic on the delivery of legal services and to make recommendations to mitigate the disruption of services resulting from future catastrophes. The task force generated a comprehensive report that will serve as the foundation for enhancing the use of technology to assure that legal services will be delivered despite widespread disasters.

Partner | Mullen Coughlin LLC
Carolyn Purwin Ryan is a Partner at Mullen Coughlin. She serves as breach counsel and provides third-party privacy defense legal services. She also aids clients in incident response planning, including tabletop exercises, assessment of regulatory compliance requirements and inquiries from regulators on both the state and federal levels. Ms. Ryan serves as a breach counsel to companies in various areas including healthcare institutions, construction companies, managed service providers, municipalities, professional services, retail, technology and financial institutions. She leads response investigations, guidance in governmental investigations, mitigation and restoration services. Ms. Ryan counsels clients on development of risk assessment policies, vendor agreement analysis and implementation of data privacy practices. Prior to joining Mullen Coughlin, Ms. Ryan was the co-chair of the Cybersecurity and Data Privacy department at her previous firm. She also served as national counsel for several state and federal mass tort litigations representing manufacturers and distributors of pharmaceuticals, medical publishers, morcellators and various surgical devices. She previously clerked for the Honorable Joseph Rosa in the Superior Court of New Jersey and Honorable Richard Berman in the United State Court, Southern District of New York. Carolyn was named a Pennsylvania “Rising Star” by Super Lawyers in 2018 and 2019.

LATAM Managing Director, Head of Americas Channel and Global Alliances | RSA Security
Cristina Dolan is an engineer, computer scientist, problem solver and entrepreneur that has led the transformation of businesses and built revolutionary products utilizing advanced technologies across many industries including Cyber Security, FinTech, Telecom, Media, InsurTech and Retail. In addition to being a cofounder of several blockchain companies, including value-based healthcare company Additum.es, she currently heads up Global Alliances for RSA NetWitness, and has been an advisor to several cyber security, data, and next generation cloud computing companies. Cristina was a co-founder of OneMain.com, which grew to be the 10th largest ISP after a successful IPO (Acquired by Earthlink). Formerly, she held executive roles at Disney, Hearst, IBM, Oracle and Tradingscreen. The recently published book 'Transparency in ESG and the Circular Economy' which she co-authored has been the subject of keynote speeches and her World Economic Forum article. 'Cybersecurity is the most immediate financially material sustainability and ESG risk organizations face, and has been weaponized by nation states.' The global student coding competition she launched, “Dream it. Code it. Win it”, which is the subject of her TED talk, has been honored with numerous awards including: the Trader Magazine Charitable Contribution Award, a MIT Harold E. Lobdell Distinguished Service Award, and Stevie Awards for Best Organization, Best Female Innovator and Best Executive of the Year. Recognized as an industry thought leader, she has received numerous honors including: 100 Women in Finance; Women to Watch in Crypto and Blockchain; 100 Most Influential Blockchain Women; and Thought Leader in Crypto and Blockchain. Cristina earned a master’s degree from the MIT Media Lab and also holds a Master of Computer Science Engineering and Bachelor of Electrical Engineering. Born in New York City, she is a native English speaker and is also fluent in Spanish which was her first language. Cristina is the former Chair of the MIT Enterprise Forum and the former President of the MIT Club of New York and former member of the MIT Alumni Association Selection Committee. Cristina Dolan has built and grown successful technology startups and worked within Fortune 1000 company leading cross functional teams. Throughout her career she has worked in many industries and held roles leading strategic alliances, business development, sales, systems engineering, product management, product marketing, communications and marketing, operations, software development, technology and operations.

Partner | Orrick, Herrington & Sutcliffe LLP
Joe is a trusted cybersecurity lawyer and strategic advisor, who regularly steers clients through data breaches as a partner in crisis management. He brings significant experience advising companies – from one of the largest telecommunications providers to leading entertainment companies to startups on the cutting-edge of AI and more – on the full cycle of an incident. He also advises clients regarding regulatory investigations, class actions, and contract disputes that frequently flow from privacy and cybersecurity incidents. His goal is to help clients respond quickly and with integrity to protect their brand, build trust and mitigate legal risk. He is highly adept at directing incident investigations, analyzing potential claims and defenses, examining potential notification obligations and advising on communications strategies that build trust and engagement. Joe is committed to using these experiences to finding creative and engaging strategies to help companies proactively prepare for an incident and mitigate cybersecurity legal risk. This includes helping to build and improve incident response programs through incident response plans, simulated incidents, threat workshops, and training. It also includes assisting clients to practically evaluate legal risk of security decisions in a variety of transactions and across the product lifecycle. He is driven by a desire to evolve what it means to be a cybersecurity lawyer in the face of rapidly evolving technologies and laws. As a leader, he strives to create spaces where people are valued and solve problems creatively and collaboratively. He also provides strategic advice to cybersecurity companies, including those looking to push technological and defense boundaries in cyber defense, incident response, and threat intelligence. This includes helping companies maximize their security offerings by navigating the Computer Fraud and Abuse Act (CFAA), the Electronic Communications Privacy Act (ECPA), and the Federal Wiretap Act, as well as state law analogs. Joe serves on the Orrick’s Finance and Audit Committee and Pro Bono Committee. A leader and advocate for diversity and inclusion initiatives, Joseph is the co-head of the Latinx affinity group at Orrick and served as a fellow for the Leadership Counsel on Legal Diversity. He is also a member of the Washington Latino Bar Association and the Hispanic National Bar Association.