As more data laws are passed, in-house counsel need to understand how they will affect vendor relationships.

2021 is off to a hot start with privacy legislation around the world.

After much consideration and research, my predictions for the hottest legal trends in 2021 are below, recognizing that there is carryover from last year’s list and their critical status has only increased.

Amid the new US laws and amendments none were as broad and far-reaching as California’s Consumer Privacy Act (CCPA). The law is expected to serve as a model for other states and nations, so in-house counsel who are not currently affected should follow its developments with an eye toward their own jurisdiction.

Lawyers, whether working in-house or for a firm, tend to operate from the mindset that legal work is protected and always confidential. That does not mean, however, that privacy laws do not apply to legal work. Nor does it mean that law firms or lawyers are invulnerable from attacks.

Those seeking to be compliant with the EU Whistleblowers Directive should also be aware of how it considers data privacy and interacts with existing privacy regulations.

In this unprecedented time, in-house lawyers are living in a new world where courts are on hold and entire workforces are working remotely. Regulators around the world are addressing privacy concerns emanating from the pandemic.

Privacy and public health are overlapping in ways that were unimaginable only a few months ago. The critical question raised by this turn of events is whether the right to privacy is more important than the lives of the people at large?

Given the rise in technology in the first four groupings, the predictions were accurate, and they feed into the predictions for 2020. So, what’s ahead for 2020 in legal tech trends?

Whether you are a recent law school graduate or have decades of in-house experience, consider becoming a privacy expert or adding privacy expertise to your satchel of skills.

It is clear that the European Union is taking a strong stand on protecting personal information from government intrusion and that the United States is particularly susceptible to restrictions. US companies must take appropriate steps to consider the risk and enact mitigations for personal information being processed from the European Union.

Being aware of the risks and working with the right departments to prevent phishing may be a critical new element in your role to approach risk.

Companies are trying to do the right thing in a challenging environment for their employees, communities, and customers. In-house counsel will realize just how critical privacy is to a company and its sustainability and attractiveness to investors.

Implementing a vendor oversight program that is appropriate for your organization is critical. There are several considerations that factor into setting up your program, similar to building a house. You need a solid foundation, a framework that fits both function and form, a well-positioned structure that covers it all, and the internal and external components that make it comfortable and appealing, along with providing safety and security.

In this article, we will first provide an overview of some key concepts that apply to vendor management before discussing the regulatory landscape and the lifecycle of vendor management. We will cover the entire lifecycle: before, during, and after, along with legal requirements and special circumstances.

Often, lawyers who are interested in moving to a privacy role may come from a legal, compliance, or, in rare cases, an information security role. But even if you are not interested in a new focus, how do you help guide your company in considering a person who is looking to transition? As in-house counsel, you may be in a key position to influence the job expectations and description and perhaps even the hiring. Let’s look at each of these three fields.

With changes in the current regulatory environment, the roles of the CPO and CISO are becoming more recognized, more required, and more collaborative — not as siloed roles within in an organization but as partners.

This article explores the realm of knowledge assets to understand the threats to protection and how to minimize those risks.

If your company is addressing GDPR, build in this newly proposed regulation. You may wind up undoing some changes you’ve made in the past few years, but in most cases, you will be adding these new requirements into your action plan for European operations.

This article explores how life circumstances, skills, behavior, and the availability of mentoring contribute to these differences, and the potential for technology to break down barriers. The data cited in the article come from studies conducted by others, as well as the results of a survey that ACC conducted, which had over 200 respondents.

Even though the changes brought by the information revolution cannot be undone, it seems worthwhile to gain perspective on how the information revolution has changed the practice of law, and whether the changes are good, bad or neutral.

Determining the appropriate cross-border transfer mechanism is not a decision to be taken lightly. In-house counsel must consider and weigh multiple factors including the types of data your organization transfers, your organization’s data flows, the locations of your corporate entities, cost, effort and ownership within your organization and much more.