The Law of the Land

With new regulations taking effect, and significant cases before the courts, the laws surrounding cybersecurity seem likely to undergo notable changes in 2018. Writing for CSO Online, Tara Swaminatha, a data privacy and cybersecurity partner at Squire Patton Boggs and a former federal prosecutor in the Computer Crime & Intellectual Property Section at the US Department of Justice, offers a roundup of some of the key cases and changes in legislation that will shape the future of cybersecurity law.

  Among the key items discussed are:

  • Disclosures of personal information -- Two cases before the courts seek to further define what balances and limits are there between individual privacy rights, and the ability of the government to force disclosures of information shared between individuals and private organizations.
  • Cybersecurity liability -- The Supreme Court has been petitioned to review a DC Circuit ruling as to what liabilities companies hold in the event of a data breach that may cause future harm to those whose information was stolen or compromised, potentially affecting class action lawsuits.
  • Liability relief -- Legislation put forward in Ohio seeks to establish shields for businesses from lawsuits over data breaches if they can demonstrate their cybersecurity programs meet certain minimum standards, including the NIST Cybersecurity Framework.

With cybersecurity law still rapidly evolving, any of these issues could result in significant changes to how businesses, individuals, and governments are affected by cybersecurity events, breaches, or policies.