find the latest legal job
Legal Inhouse / Lawyer / Company Secretary
Category: Other | Location: Brisbane QLD 4000
· Fantastic Company · Potential to be Part Time / Flexible Work Pattern
View details
Part Time Risk & Compliance Officer
Category: Other | Location: Brisbane QLD 4000
· Brisbane City · Flexible Part Time Hours
View details
Infrastructure Lawyer/SA
Category: Construction Law | Location: Sydney CBD, Inner West & Eastern Suburbs Sydney NSW
· Global elite law firm · Dedicated Infrastructure team
View details
In-House Legal Counsel (Mid to Senior)| Regulated Markets (Energy and Gas)
Category: Generalists - In House | Location: Melbourne CBD & Inner Suburbs Melbourne VIC
· Full PD on Request · Exciting High Impact Role
View details
Family Lawyer
Category: Family Law | Location: Eastern Suburbs Melbourne VIC
· Boutique Firm · Great Reputation
View details
Cyber security slated to become standalone practice

Cyber security slated to become standalone practice

Adam Salter, Jones Day

The rapidly increasing level and complexity of cyber security work conducted by lawyers, coupled with the introduction of mandatory data breach notification, could see cyber security become a standalone practice area, according to a partner.

Jones Day has recently established a standalone cyber security, privacy and data protection practice group, with partners in the US and in Europe solely dedicated to this area.

While Jones Day partner Adam Salter (pictured) isn’t aware of any dedicated cyber security practices at other law firms in Australia, he believes that will change.

“The practice area is evolving quickly at the moment,” Mr Salter told Lawyers Weekly.

“I think there will be a need for more of this type of advice and I think there will be the development of standalone practices.”

For a long time, privacy law in Australia has been focused on the Australian Privacy Principles and their predecessor, the National Privacy Principles, meaning a lot of legal work around privacy was relatively simple, according to Mr Salter.

“I think it’s fair to say because the legislation was ‘lighter touch’ in past years, it wasn't as serious an issue for clients as what it is now,” he said.

“With the development of technology and the enhanced use of technology in all manners of business, and the concerns about hacking of personal information, cyber security is becoming much more of an issue with clients who are concerned about liability, not only to end-user consumers but also in the context of breaching contracts with customers.”

For instance, when negotiating supply contracts with major customers like banks, utilities or telecommunications companies, such contracts now impose significant obligations and supporting (often uncapped) indemnification for privacy-related obligations, according to Mr Salter.

“It’s now not just a matter of clients being concerned about fines or penalties being imposed on them by the privacy regulator, but also falling foul of contractual obligations.”

In the US this is leading to more significant litigation: not just class action litigation led by consumers, but also business-to-business litigation for failing to comply with these obligations.

This means cyber security work is no longer just a matter of advice about privacy principles and drafting policies, but also about defending against, and seeking to avoid, litigation.

“The thing that hasn't really hit Australia – it has certainly hit the US and I think it will come here – is the litigation arising out of data breaches, and the reason for that is there will now be a trigger for people to put their hands up and say, 'We have had a serious data breach',” he said.

“I wouldn’t be surprised if plaintiff class action law firms upskill in this area very quickly, because I think they will see it’s fertile ground for the class action litigation, not only for consumers but potentially for franchisees, and so firms will inevitably get work defending that litigation.”

Mandatory notification

Another factor that may contribute to the increase of cyber security-related work is the introduction of mandatory data breach notification legislation in Australia.

“As I understand it, 47 out of the 50 jurisdictions in the United States already have such legislation, as does Europe, so Australia is well behind in that regard,” Mr Salter said.

“There have been several attempts of introducing the legislation and it's been a bit of a political football, but there now appears to be bipartisan support.”

Mr Salter said the reason this is so important is that the previous guidelines about breach notification and remedial actions arising out of a breach were not mandatory.

“If the bill passes, Australian businesses must report serious data breaches to affected individuals and the Information Commissioner. There will be accompanying fines and penalties for failing to comply and, as with all other forms of compliance, once there's a nasty stick that goes with non-compliance, in-house compliance departments then spend a lot of time addressing it,” he said.

“This is very much at the top of the worry list for directors and for compliance officers at our clients.”

Like this story? Read more:

QLS condemns actions of disgraced lawyer as ‘stain on the profession’

NSW proposes big justice reforms to target risk of reoffending

The legal budget breakdown 2017

Cyber security slated to become standalone practice
lawyersweekly logo
Promoted content
Recommended by Spike Native Network
more from lawyers weekly
Nov 22 2017
Reduced investment protections will make robust commercial arbitration mechanisms all the more critical for investors
Promoted by Maxwell Chambers. This article discusses the current trend away from investor protect...
Nov 22 2017
‘Document tsunami’ driving lawyers to upskill in TAR
A prominent Victorian judge has highlighted the growing need for lawyers to expand their knowledge o...
Defamation expert appointed to lead Victorian Bar
Nov 22 2017
Defamation expert appointed to lead Victorian Bar
The Victorian Bar has named Dr Matt Collins QC as its new president, with an additional eight member...
Allens managing partner Richard Spurio, image courtesy Allens' website
Jun 21 2017
Promo season at Allens
A group of lawyers at Allens have received promotions across its PNG and Australian offices. ...
May 11 2017
Partner exits for in-house role
A Victorian lawyer has left the partnership of a national firm to start a new gig with state governm...
Esteban Gomez
May 11 2017
National firm recruits ‘major asset’
A national law firm has announced it has appointed a new corporate partner who brings over 15 years'...
Nicole Rich
May 16 2017
Access to justice for young transgender Australians
Reform is looming for the process that young transgender Australians and their families must current...
Geoff Roberson
May 11 2017
The lighter side of the law: when law and comedy collide
On the face of it, there doesn’t seem to be much that is amusing about the law, writes Geoff Rober...
May 10 2017
Advocate’s immunity – without fear or without favour but not both
On 29 March 2017, the High Court handed down its decision in David Kendirjian v Eugene Lepore & ...