Global Information Governance

youthfulgleekingNetworking and Communications

Feb 17, 2014 (3 years and 3 months ago)

138 views

Global Information Governance

Security and Privacy in a New Era


Northern Virginia Chapter, ARMA International

October 2013 Monthly Meeting

Christina Ayiotis, Esq., CRM

Adjunct Faculty, Department of Computer Science, The George Washington University

Co
-
Chair, The Sedona Conference on Cyber Liability

Co
-
Chair, Georgetown Cybersecurity Law Institute

Member, AFCEA International Cyber Committee

Principal Financier, Princess Andrianna Isabella Ayiotis

@christinayiotis

March 2011


http://www.youtube.com/watch?v=
ZJ380SHZ
vYU


plus ça change...

Today’s World


Global organizations experiencing
blurring of lines
between personal and professional
:


What information is created on corporate systems an
organization has “full” control over vs. through “public”
channels where more private information may be seen?


What about integrity of Social Media “records” in the long
-
term?
(“Facebook editing function raises concern over misuse” Joe Miller
BBC News 30 September 2013
http://bbc.in/
19PSyui
)


“GSA offers electronic privacy refresher” Molly Bernhart Walker
Fierce Government
IT September 30, 2013
http://bit.ly/
15H150c


Need to abide by country law in global systems not
architected to do so (biggest dirty little secret globally)


Today’s World


Who decides how employees will execute their job duties and
what tools they will use (or not use)?


Incoming Work Force and E
-
Mail (“Technology and the College
Generation” Courtney Rubin
The New York Times
September 27, 2013
http://nyti.ms/18gnh4v
)


What organization (private sector or public sector) fully manages all
text messages
?


Reconciling privacy and business needs


What can be monitored and by whom?



BYOD further complicates the governance challenge (Drivers are
cost

and
convenience
, issues difficult to push back on during
challenging times)


Only when we can truly (and easily) protect at the data level will this
change


We’ll still wonder who has access and to what end


P
eople, Process, Technology


Government vs. Private Sector Information Governance Challenges
Similar


Records Management may be dead but government still has to manage to
Schedules (theoretically)


Big Data Impact (
Emerging Trends in Law Firm Governance: Unlocking the
Power of Big Data, Predictive Coding and 24/7 Access in Law Firms
Iron
Mountain
July 2013
http://bit.ly/
1aCDJfR
)


What to protect and at what cost



Cybercrime, Espionage, Terrorism


How can the government help the private sector?


Is the government able to even help itself?


Who is in charge? “A Call to One is a Call to All”
-

DHS/FBI/NSA


Who is in the middle?


Would a US Cyber Force help? (“Why the nation needs a US Cyber Force”
James Stavridis
The Boston
Globe
September 29, 2013
http://b.globe.com/
16KA37A
)


Government and Citizens


Expectations around personal information


Social Security Administration


IRS


Medicaid/Medicare


Veteran’s Benefits


Electronic Health Records (DoD/VA)


HIEs (security concerns)


Expectations citizens have about what is truly private


Communications through ISPs (even when encrypted), Social Media
posts in “private” groups, Data Aggregators


E
-
Government

delivery of services


IRS greatest success story of US government (but now there are
concerns about the privacy and security of that data)


Estonia (E
-
vulnerabilities)

California Leads the Way (as always)


Governor
Brown Ushers in a New Privacy Era
in California and Beyond Tanya Forsheit
Information Law Group September 29, 2013
http://bit.ly/
1bmvcSt


AB 370
-

new disclosures to privacy policy (DNT)


SB46 and AB1149 amend breach notification
(online accounts)


“Eraser Bill” passed September 23, 2013,
effective January 1, 2015
http://bit.ly/
17O1iyV



The Future is Here


Google/Facebook/NSA combined data

does
that cover everyone and everything?



Google Glasses
-

http://onforb.es/
100DnaM



The Internet
of
Things
http
://bit.ly/
Xp0Fp



“Cisco
predicts that there will be 50 billion
connected devices by the year 2020.”
http://onforb.es/
16lxrh9




Resources


The ABA Cybersecurity Handbook: A Resource for Attorneys, Law
Firms and Business Professional
s Jill D. Rhodes & Vincent I. Polley
(July 24, 2013)
http://bit.ly/
1ccsPSn



Locked Down: Information Security for Lawyers
Sharon D. Nelson,
David G. Ries and John W. Simek (2012)
http://amzn.to/
1fAIyfC



Building Law Firm Information Governance: Prime Your Key
Processes
Iron Mountain (July 2013)
http://bit.ly/
1hd81Yeh



Emerging Trends in Law Firm Governance: Unlocking the Power of
Big Data, Predictive Coding and 24/7 Access in Law Firms
Iron
Mountain (July 2013)
http://bit.ly/
1aCDJfR



A Proposed Law Firm Information Governance Framework

Iron
Mountain (August 2012)
http://bit.ly/
NA7e4Y

MORE RESOURCES


Shane McGee, Randy V. Sabett, & Anand Shah,
Adequate Attribution:

A
Framework for Developing a
National Policy for Private Sector Use of Active Defense
, 8 J. Bus. & Tech. L. 1 (2013
)

http
://bit.ly/
11CwHaX



Paul M. Schwartz & Daniel J. Solove,
Reconciling Personal Information in the United States and European
Union
, Forthcoming 102 California Law Review


(2014
) September 6, 2013
http://bit.ly/
13YSIPo



Hunton &
Williams LLP,
OECD
Issues Updated Privacy Guidelines

September
16,
2013

http
://bit.ly/
1blOWlH



Chris
Wolf,
Post
-
Snowden Fallout Shouldn't Cripple EU
-
US Safe Harbor
8
/30/
13

http://bit.ly/
16ZxoYE



Bryan
Cunningham,
Do
not let Prism scandal wreck the Safe Harbour system
9
/6/
13

http://bit.ly/
16DdYhS



David Perera,
Indigenous European cloud needed to defeat NSA surveillance, says report

September 23
,
2013
http://bit.ly/
16CP1Dl



Alastair
Stevenson,
EC
calls for single privacy law to protect

1tn worth of data from PRISM snoops
9
/18/
13
http://bit.ly/
169l91c