National Foundation for Judicial Excellence

THE FOUNDATION

The National Foundation for Judicial Excellence (NFJE) is conducting their 16th symposium with periodic virtual events this year. Panels will discuss the changing landscape of cybersecurity, as it affects the protection of both court records and other data on which individuals and businesses rely. Discussions will include the work of the Sedona Conference in attempting to identify the standards that courts should apply in determining whether parties have taken reasonable steps to protect personal data.

THE STUDY

The Sedona Conference has just released the product of its two-year study of how courts should determine whether the security provided for stored personal information was reasonable. Its commentary on a reasonable security test addresses the data breach as well as the agency investigation, and it offers a test for determining the reasonableness of the security at issue.

Released for public comment September 17, the commentary has already been reviewed in The National Law Review, where Theodore Claypoole describes its articulation of “the problems raised by trying to find a ‘reasonable’ set of standards for companies to meet for legal compliance” as “brilliant.”

Bill Sampson, the NFJE’s former President and the Commentary’s Editor-in-Chief, will join Contributing Editor Chris Cronin, one of the United States’ leading consultants in the field of data security, to present the test and lead you through the work The Sedona Conference did to develop it. Cronin will then provide examples of how the test can be applied to the loss of personal data in real-world cases, enabling courts to answer the question, “Was the data security reasonable?”

THE SESSION

Judging Efforts to Protect Personal Information: What Test Should Apply?
In LabMD, Inc. v. Federal Trade Commission, the United States Court of Appeals for the Eleventh Circuit vacated the FTC’s order that LabMD implement the FTC-designed security program on grounds it required an “indeterminable standard of reasonableness.” The panel will discuss LabMD, Inc. and the most promising standard that has emerged in the wake of it—one based upon a duty-of-care risk analysis. Such an approach has been adopted by the Center for Internet Security, and it has been used by Pennsylvania’s OAG in a settlement with Expedia. It is also the subject of an important, current study by the Sedona Conference; and two members from the Sedona Conference will be part of the panel.

• Chris Cronin, HALOCK Security Labs, Schaumburg, IL
• William R. Sampson, Shook Hardy & Bacon LLP, Kansas City, MO

October 15, 2020

About The National Foundation for Judicial Excellence (NFJE)

NFJE is an independent, 501(c)(3) charitable foundation that provides
judges with educational programs and other tools to enhance
the rule of law and administration of justice.

About The Sedona Conference

The Sedona Conference (TSC) is a nonpartisan, nonprofit 501(c)(3) research and educational institute dedicated to the advanced study of law and policy in the areas of antitrust law, complex litigation, intellectual property rights, and data security and privacy law. The mission of TSC is to move the law forward in a reasoned and just way through the creation and publication of nonpartisan consensus commentaries and through advanced legal education for the bench and bar.

SOURCES:

• The National Foundation for Judicial Excellence
• The Sedona Conference