In an effort to protect national security, the US Government has stepped up it’s disclosure requests from companies across a variety of industries.
Financial services, telecoms, hotels, and virtually any company that stores customer data will have to comply with an increasing number of these
requests over the few years. The challenge for firms is knowing which requests to comply with and what you need to provide in terms of the disclosure.
The Knowledge Congress has assembled a key panel of thought leaders and experts who will provide a framework for best practices in compliance.
In this two-hour Webcast, we’ll discuss:
- Framework for compliance
- The different types of disclosure requests
- When to comply
- When to push back
- When to seek outside counsel
- How to effectively communicate with your IT department
- Overview as to how a variety of industries is tackling this issue
- And much more
Course Level: Intermediate
Prerequisite: None
Method Of Presentation: Group-Based-Internet
Developer: The Knowledge Conference
Recommended CLE/CPE Hours: 2.0
(Please note, your State Bar or Accounting Board will make the final determination with respect
to continuing education credit.)
Advance Preparation: Print and review course materials
Course Code: 093827
Hugo Teufel III
Former Chief Privacy Officer<
Gregory T. Nojeim
Senior Counsel, Director, Project on Freedom, Security & Technology
Doron Rotman
Managing Director, Advisory Services, National Privacy Service Leader
Peter F. McLaughlin, CIPP
Senior Counsel
Hugo Teufel III , Former Chief Privacy Officer, U.S. Department of Homeland Security
- Before the request – Know and follow applicable laws and your internal policies on data retention. If you don’t need the data, why keep it?
- Getting the request – Consider the scope of the request. Personally identifiable information (PII), or non-PII? Whose information?
- Transnational concerns – PII of Canadian, European citizens, or PII located in Canada, Europe will implicate foreign law and the jurisdiction of
foreign data protection authorities. What to do?
- Foreign requests for US data – European law enforcement and intelligence agencies also can, and do, make “national security” requests. Redress?
- A global approach to privacy/data protection?
SEGMENT 2:
Gregory T. Nojeim, Senior Counsel, Director, Project on Freedom, Security & Technology, Center for Democracy and Technology
- Companies large and small are likely to face a range of requests from the government for disclosure of customer data in terrorism investigations and other national security
investigations.
- Communications service providers in particular - telephone companies, ISPs and others, including universities and non-profits - may receive orders requiring
them to intercept user communications or provide copies of stored communications and associated identifying and transactional data.
- Corporations must be familiar with the array of formats the government may use - National Security Letters,Section 215 orders, FISA orders -- and should understand the
difference between a criminal investigation and a national security investigation.
- Recipients of government demands do have some ability to "push back" against unreasonable requests.
Doron Rotman, Managing Director, Advisory Services, National Privacy Service Leader, KPMG LLP
- You are likely to receive request - you should be ready and have a process to deal with it
- Process should match your organization (types of data collected, structure, culture)
- Who should be involved
- What are the decision points regarding a request
- Documentation and Audit trail
Peter F. McLaughlin, CIPP, Senior Counsel, Foley & Lardner LLP
Focus on National Security Letters
- What is the legal background/basis for NSLs?
- What avenues are available to a recipient for either not complying with a request or for narrowing the scope of a request?
- What happens if a recipient fails to comply?
- What other actions should a recipient take beyond the response to the NSL?
- Section 215 Orders
- Risk Officers and Managers
- General Counsel
- Senior Management
- Chief Security Officers
- Chief Privacy Officers
- Compliance Officers
This is a must attend event to anyone interested in having full understanding about the National Security Investigations Disclosure Requests
and Customer Data.
- New guidance explained by the most qualified key leaders & experts
- Hear directly from key regulators & thought leaders
- Interact directly with panel during Q&A