In-house counsel should take a leading role in building upon regulatory actions to adopt cyber risk mitigation measures. This is a list of things that can and should be done before an attack occurs to position your company to effectively respond to a cyber incident.
This Wisdom of the Crowd, compiled from responses posted on the Small Law Departments eGroup, addresses the issues underlying company-wide sharing of employees' personal information.
This Opinion analyses the criteria set down in Article 7 of Directive 95/46/EC for making data processing legitimate. Focusing on the legitimate interests of the controller, it provides guidance on how to apply Article 7(f) under the current legal framework and makes recommendations for future improvements.
This article addresses latest privacy developments regarding data security.
A sample vendor assessment questionnaire from the ACC 2014 Compliance & Ethics Training Program, Session 600.
Privacy law in Australia exists through a two- tiered system of legislation – Federal and State/Territory. The Federal legislation, the Privacy Act 1988 and the combination of its National Privacy Principles and Information Privacy Principles apply across the entire Australian jurisdiction. The States/Territories also have their own legislation, which apply both to public and private bodies, though the exact application differs between the two types of bodies. Read this article to learn more.
This article sets out the steps organizations should be taking to achieve compliance with CASL s anti-spam provisions.
This website privacy policy is intended for use on a website through which an online business collects and processes personal data for the purpose of account management, transactions with users and marketing. The policy is not suitable for use where the online business collects "sensitive" personal data. "Sensitive" personal data is defined in the UK's Data Protection Act 1998 and includes data about a user's physical or mental health, race, ethnicity, political beliefs, trade union membership, sexual life, or crimes committed or alleged to have been committed by the user. The purpose of the policy is to assist a data controller that is within the scope of the UK's Data Protection Act 1998 to comply with the requirement under the Act that any "processing" of personal data must be "fair". The Act applies to all data controllers established in the UK as well as to data controllers that are not established in the UK or in any other European Economic Area country but that use equipment in the UK for processing purposes.
This checklist is for use by licensees when reviewing a licensor's terms for the licence of commercially available packaged software. The checklist covers key issues that frequently arise in these types of licensing arrangements. However, it is not intended to be an exhaustive list and licensees should be careful to review all licence terms carefully. Agreements in respect of software that is to be developed or heavily configured specifically for the licensee are outside the scope of this checklist. In those circumstances, the contract is likely to (and should) contain additional detailed provisions relating to the ownership of intellectual property rights in the new software, acceptance, conformity with specification, delivery of bespoke elements and warranties. The checklist is written from a European perspective. For non-European software licences, users should ensure that they take into account relevant local law issues.
This template Intellectual Property Assignment Agreement is drafted under English law. It covers an arms-length assignment of intellectual property rights existing as at the date of the assignment and is drafted in favour of the assignee. The template is drafted under English law and is necessarily generic. It should therefore be adapted to meet applicable local law requirements where necessary, as well as the particular intellectual property rights that are being assigned.