Cybersecurity and data privacy are becoming increasingly important issues in the law, as governments around the world grapple with regulations to protect individual privacy and manage data breaches. These laws will continue to define how businesses collect and use consumer data, and their obligations
to protect this data from misuse, theft or exposure to unauthorized parties.
We asked three of our alumni who work in cybersecurity and data privacy law to help us understand the challenges and opportunities of the field.
Brad Shear, J.D. ’98, (bshear@shearlaw. com) is managing partner of Shear Law and CEO of Digital Armour in Bethesda, MD.
He specializes in technology law practice and consulting for labor and management, addressing issues of privacy, biometrics, encryption, cybersecurity, social media, regulatory compliance and more.
David Katz, J.D. ’99, (david.katz@arlaw. com) is a partner in the Atlanta office of Adams and Reese, LLP. He specializes in privacy law and compliance, data security, information governance, crisis management, regulatory compliance and ethics.
David Shafer, J.D. ’15, (dshafer@ pilieromazza.com) is an associate
with Piliero Mazza in Washington, D.C. Shafer assists with a variety of business, finance and cybersecurity matters, including private equity transactions
and mergers and acquisitions. He advises clients in all phases of their business life cycle, from start-up to sale of the company and has counseled companies in cybersecurity and data privacy statutes, regulations, policies and breach response procedures.
CYBERSECURITY ROUNDTABLE
    SHEAR: Because so many people are getting hacked and we are seeing how personal data is being weaponized against us on a massive scale. For example, during the 2016 presidential election, we watched how one political party didn’t prioritize cybersecurity, and this mistake may have affected the outcome of the presidential election.
During the past few years, we have watched foreign countries such as North Korea, China and Russia use their cyber-war capabilities to hack our state and federal governments and private companies.
In essence, we are in a cyber war with these countries. Russia and especially
China are not only targeting our military secrets, they are also stealing our country’s intellectual property for economic purposes, and hacking data brokers to obtain vast amounts of personal information on our people to turn them into spies against our country.
KATZ: Cybersecurity has emerged as an attractive field for several reasons. First,
the explosion and then rapid evolution
of information and communications technology led to an exponential growth of the data associated with the use of such
technologies. As individuals and business began to understand how to harness
and monetize the power of such data, its market value increased — both from a pure economic perspective but also in light of information that was capable of being derived from capture of such data.
As a result of this value creation, data security has become a necessity and core component of our economic and national security. This has created tremendous opportunity for the multi-faceted development of this field, which is likely to remain very strong for the immediate future. SHAFER: Regulators, companies and individuals are starting to become more aware of the commoditization of their personal information and the ubiquitous nature of technology. As that awareness has risen, so have the questions about how information and certain technologies are being secured. Cybersecurity issues are now so commonplace that they can no longer be ignored.
Historically, companies have thought of cybersecurity as a cost center, something to be outsourced and forgotten. Now they are realizing that the entire value of their company, whether it is intellectual property, personally identifiable information or other, is at risk. Cybersecurity preparedness, once looked upon as an annoyance, is now
something that is critical to maintaining their value.
Likewise, lawmakers and regulators are looking to pass enforceable legislation and rules to protect critical infrastructure and procurement integrity to bolster national security. Cybersecurity is a hot field right now because we are all aware of its necessity and the fact that it is not going to go away.
How are lawyers in this
field working to address the inadequacy of current statutes?
SHEAR: By counseling clients about these issues and working to educate lawmakers and the courts. For example, when I heard that college admissions officials and athletic departments were demanding that college applicants and students, particularly student-athletes, provide access to their personal and private social media accounts and that employers were doing the same,
I reached out to the national media and went to Annapolis and Washington, D.C. to try to stop these Orwellian and un- American practices.
In response, Maryland became the first state to introduce legislation to stop these troubling behaviors. Since Maryland became the first state to enact state social media privacy laws, more than 26 states have followed our lead. Therefore, I believe it’s the legal community’s duty to use their unique knowledge to make this world a better place that protects free speech and privacy. KATZ: State and federal regulators
are relying on lawyers in this field to
testify in legislative committee hearings
and work to draft legislation to ensure
the modernization of existing statutes. Additionally, lawyers are working to draft new legislation to account for the serious risks presented by inadequate cybersecurity controls in the economy and in the state and federal government.
SHAFER: In my practice I’m noticing a
lot more contractual provisions around
the cybersecurity posture of the other contracting party. Of course, this is dependent upon the nature of the parties and the contract to which they are entering, but in many instances we are seeing increased indemnification obligations
for data breaches, a need to procure cybersecurity insurance, and an obligation
| 20 | Baltimore Law
Cybersecurity seems to be a hot field right now. Why is that?