When I first started writing about the management of electronic documents, the subject was a contained one, at least from my perspective. I was then concerned solely with compliance with the eDisclosure rules in England and Wales.
Over the years, that interest has spread in two dimensions. One is jurisdictionally, meaning that I am as interested in what happens in the US or Asia Pacific as I am in the UK. The other is in terms of the subject matter – you cannot now look at litigation disclosure on its own, but must inevitably sweep up privacy, data protection, cyber security and all the wider subjects included under the umbrella called information governance.
Of the ten or so sessions which I am involved in in May and June, only two concern disclosure in England and Wales. The others are about privacy or cyber risk, including a panel whose subject is responsibility of companies, and in particular corporate counsel, for cyber risk. That will inevitably have a US focus, but cyber risk knows no frontiers.
So it is that I now find myself reading an article about cyber security in Hong Kong. Dmitri Hubbard of Xerox Legal Business Services in Hong Kong similarly gets involved in much more than ediscovery, which is the context in which I met him many years ago. For example, he and I did a panel together at Legaltech Hong Kong in February on privacy and data protection, subjects as important to Xerox’s clients as eDiscovery. Now here he is writing in Hong Kong Lawyer about cyber risk in a region which he knows well.
Dmitri Hubbard’s article is called Why cybersecurity needs in-house counsel. Many of the issues and remedies described there are of universal application in geographical terms, but there is a particular focus on Hong Kong with, for example, a summary of the guidance given by the Hong Kong Monetary Authority which draws on local data privacy rules as well as worldwide issues.
The article includes a helpful list of ten steps which should be taken by in-house counsel to protect their organisation’s data. That checklist will be useful anywhere.