find the latest legal job
Inhouse Legal Counsel -18 months-4 PAE - Real Estate Investment Company
Category: Banking and Finance Law | Location: Melbourne CBD & Inner Suburbs Melbourne VIC
· In brand new prestigious CBD offices
View details
Senior Associate - Competition, Policy & Regulatory
Category: Other | Location: Sydney CBD, Inner West & Eastern Suburbs Sydney NSW
· Work with a well regarded Partner · Sydney CBD
View details
Commercial Litigation Senior Associate
Category: Litigation and Dispute Resolution | Location: Sydney CBD, Inner West & Eastern Suburbs Sydney NSW
· Lawyers Weekly Australia Partner of the Year 2016, Insolvency
View details
MULTIPLEX Regional Legal Counsel (Vic) | 7 to 10 years + PQE
Category: Generalists - In House | Location: Melbourne CBD & Inner Suburbs Melbourne VIC
· Career defining in-house role · Tier One international contractor
View details
Junior Lawyer - Personal Injury Law
Category: Personal Injury Law | Location: Parramatta & Western Suburbs Sydney NSW
· Highly specialized practice · Challenging role with great opportunities
View details
Cyber security slated to become standalone practice

Cyber security slated to become standalone practice

Adam Salter, Jones Day

The rapidly increasing level and complexity of cyber security work conducted by lawyers, coupled with the introduction of mandatory data breach notification, could see cyber security become a standalone practice area, according to a partner.

Jones Day has recently established a standalone cyber security, privacy and data protection practice group, with partners in the US and in Europe solely dedicated to this area.

While Jones Day partner Adam Salter (pictured) isn’t aware of any dedicated cyber security practices at other law firms in Australia, he believes that will change.

“The practice area is evolving quickly at the moment,” Mr Salter told Lawyers Weekly.

“I think there will be a need for more of this type of advice and I think there will be the development of standalone practices.”

For a long time, privacy law in Australia has been focused on the Australian Privacy Principles and their predecessor, the National Privacy Principles, meaning a lot of legal work around privacy was relatively simple, according to Mr Salter.

“I think it’s fair to say because the legislation was ‘lighter touch’ in past years, it wasn't as serious an issue for clients as what it is now,” he said.

“With the development of technology and the enhanced use of technology in all manners of business, and the concerns about hacking of personal information, cyber security is becoming much more of an issue with clients who are concerned about liability, not only to end-user consumers but also in the context of breaching contracts with customers.”

For instance, when negotiating supply contracts with major customers like banks, utilities or telecommunications companies, such contracts now impose significant obligations and supporting (often uncapped) indemnification for privacy-related obligations, according to Mr Salter.

“It’s now not just a matter of clients being concerned about fines or penalties being imposed on them by the privacy regulator, but also falling foul of contractual obligations.”

In the US this is leading to more significant litigation: not just class action litigation led by consumers, but also business-to-business litigation for failing to comply with these obligations.

This means cyber security work is no longer just a matter of advice about privacy principles and drafting policies, but also about defending against, and seeking to avoid, litigation.

“The thing that hasn't really hit Australia – it has certainly hit the US and I think it will come here – is the litigation arising out of data breaches, and the reason for that is there will now be a trigger for people to put their hands up and say, 'We have had a serious data breach',” he said.

“I wouldn’t be surprised if plaintiff class action law firms upskill in this area very quickly, because I think they will see it’s fertile ground for the class action litigation, not only for consumers but potentially for franchisees, and so firms will inevitably get work defending that litigation.”

Mandatory notification

Another factor that may contribute to the increase of cyber security-related work is the introduction of mandatory data breach notification legislation in Australia.

“As I understand it, 47 out of the 50 jurisdictions in the United States already have such legislation, as does Europe, so Australia is well behind in that regard,” Mr Salter said.

“There have been several attempts of introducing the legislation and it's been a bit of a political football, but there now appears to be bipartisan support.”

Mr Salter said the reason this is so important is that the previous guidelines about breach notification and remedial actions arising out of a breach were not mandatory.

“If the bill passes, Australian businesses must report serious data breaches to affected individuals and the Information Commissioner. There will be accompanying fines and penalties for failing to comply and, as with all other forms of compliance, once there's a nasty stick that goes with non-compliance, in-house compliance departments then spend a lot of time addressing it,” he said.

“This is very much at the top of the worry list for directors and for compliance officers at our clients.”


Like this story? Read more:

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

The legal budget breakdown 2017

Cyber security slated to become standalone practice
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
Animal law moots, advocacy, Melbourne University, Australia and New Zealand Intervarsity Moot on Animal Law
Sep 25 2017
Moot unleashes animal advocacy
Melbourne has played host to one of the largest animal law moots, with student participants put th...
Scales
Sep 25 2017
Transgender teens should not need legal approval for hormone treatment, court hears
A transgender 17-year-old known as Kelvin has appealed in the Family Court against the requirement o...
Appointed, Victorian Legal Services Commissioner
Sep 25 2017
NFP CEO appointed Victorian Legal Services Commissioner
The CEO of a Victorian not-for profit pro bono legal services provider has been named as the state...
APPOINTMENTS
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
opinion
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
Help
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...