Privacy Protection: U.S. Falls ShortAttorneys Address Global Privacy Trends, Legislation
Privacy attorney Lisa Sotto says the U.S., in fact, is consistently out of step with the rest of the world when it comes to this critical topic.
"We've talked ourselves silly for the last few years," she says in part two of this roundtable discussion of key legal topics for 2013. "Last year, there were over a dozen pieces of federal legislation introduced, and still we have very, very little [to show for it]."
Outside of the U.S., however, substantial progress is being made, Sotto says, pointing to new laws in the Philippines and Singapore; enactment of legislation in Taiwan and Malaysia; and the biggest of all: the draft EU privacy legislation.
"This is truly a seismic shift in the data protection world," Sotto says of the EU legislation. Among its controversial measures: A 24-hour breach notification requirement, as well as a fine of up to 2 percent of annual revenue for privacy violations.
Attorney David Navetta agrees with Sotto's characterization of U.S. privacy legislation efforts, calling them anemic. But he sees regulatory agencies starting to take matters into their own hands, releasing privacy guidance to organizations under their control.
"In the near future, it's probably going to be the case that regulators are driving the [privacy] agenda, not legislators," Navetta says.
In part two of a five-part series of roundtable discussions, the attorneys talk about:
About the participants:
Lisa Sotto is managing partner for New York-based law firm Hunton & Williams, where she focuses on privacy, data security and information management issues. She has earned a No. 1 U.S. national ranking for privacy and data security from Chambers and Partners.
David Navetta is co-founder of the Information Law Group and co-chairman of the American Bar Association's Information Security Committee. He has been a keen observer of information security-related litigation, including financial fraud and state privacy laws.
Ronald Raether is partner at Faruki Ireland & Cox in Dayton, Ohio. His experience with technology-related issues spans an array of legal areas, including patent; antitrust; licensing and contracts; employment; trademark; domain name disputes; and federal and state privacy statutes.
The first installment of this series focuses on top incidents of 2012 and the legal merits of hack back. Subsequent installments of this series will focus on:
- Fraud litigation trends;
- Breach response best-practices;
- Top security/privacy issues of 2013.