eDiscovery Daily Blog

• January 17, 2017

The proliferation of data in our society today makes the task of protecting sensitive and private data more challenging than ever.  Without a doubt, privacy and data protection laws have evolved quite a bit over the past several years, especially internationally, with the striking down of the 15 year old Safe Harbor agreement back in 2015 over privacy concerns and subsequent adoption of the EU-US Privacy Shield last year.  To help legal practitioners to have a better understanding of various data privacy issues and guidelines, The Sedona Conference® (TSC) has created a new primer to help with this growing issue.

The Sedona Conference and its Working Group 11 on Data Security and Privacy Liability (WG11) has just rolled out the public comment version of its new Data Privacy Primer, which is the Working Group’s first publication for public comment.  In the announcement for the new primer, the TSC states that it is “the first of a number of WG11 publications that are intended to provide immediate, practical benefit to (1) practitioners involved in data security and privacy litigation, and (2) organizations confronting the ever-increasing threat of data breaches and resulting liability.”

This particular Primer is “intended to provide a practical framework and guide to basic privacy issues in the United States and to identify key considerations and resources, including key privacy concepts in federal and state law, regulations, and guidance.”  The TSC notes that it focuses on privacy laws in the U.S. in this Primer and that global privacy laws are outside the scope of its coverage. It also focuses primarily on privacy issues arising under civil rather than criminal law (though criminal law implications are addressed “at various points” in the Primer).

Nonetheless, the PDF file for the Primer checks in at a whopping 115 pages (data security is a weighty topic, after all) and even the Table of Contents stretches on for nearly 3 1/2 pages.  The Primer covers topics ranging from Common Law of Privacy to Federal and State Government Laws and Act regarding privacy policies and protections to discussions of general consumer protection, health (including HIPAA) and financial protections.  It also discusses Workplace and Student privacy considerations which ranges from discussions about use of company equipment and email and bring your own device (BYOD) policies in the workplace and privacy protections for educational records.

The Data Privacy Primer is open for public comment through April 16. Questions and comments can be sent to comments@sedonaconference.org. According to the TSC announcement, the drafting team will “carefully consider all comments received, and determine what edits are appropriate for the final version”.  TSC also plans to schedule a webinar in February for those who may want a more condensed overview of the topic, or can’t get enough of it, depending on your point of view.

BTW, this isn’t the first time that TSC has provided guidance on the issues of privacy and security.  Here is a link to a previous post covering their Commentary release in November 2015 on the subject.

So, what do you think?  How does your organization address data privacy?  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine. eDiscovery Daily is made available by CloudNine solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Daily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.