James A. Sherer

Subscribe to all posts by James A. Sherer

Employee Training and Record-Keeping Requirements in the Final CCPA Regulations and a Preview of New Retention Requirements in the CPRA

Photo of Nichole SterlingPhoto of James A. ShererBy Nichole Sterling and James A. Sherer on Posted in CCPA
The California Consumer Privacy Act (CCPA) does not in itself outline specific employee training or record-keeping requirements that demonstrate business compliance with the law. However, the California attorney general’s final CCPA Regulations, intended to guide the application of the CCPA, detail that specific types of employee training and record-keeping are required for CCPA compliance. Specifically, … Continue Reading

Advancing Digital Strategies (and Hello from the Future!)

Photo of James A. ShererPhoto of Katherine LowryBy James A. Sherer and Katherine Lowry on Posted in Blockchain, Emerging Technology, Internet of Things
The following story is one in a six-part series devoted to the pioneering teams that comprise the firm’s new Digital Asset and Data Management Practice Group. A prime example of BakerHostetler’s preeminence in the legal industry is on display in its latest Practice Group, Digital Asset and Data Management (DADM), which offers holistic, enterprise-wide risk solutions to … Continue Reading

Record-Keeping and Training Requirements in the Proposed Regulations for the CCPA

Photo of Nichole SterlingPhoto of James A. ShererBy Nichole Sterling and James A. Sherer on Posted in CCPA
The California Consumer Privacy Act (CCPA), California Civil Code §1798.100 and following, does not in itself outline specific training and record-keeping requirements that demonstrate business compliance with consumer requests. However, in October 2019, the California attorney general proposed additional CCPA Regulations intended to guide the application of the CCPA, and Section 999.317 of the proposed … Continue Reading

The CLOUD Act and the Warrant Canaries That (Sometimes) Live There

Photo of James A. ShererPhoto of Nichole SterlingBy James A. Sherer, Nichole Sterling and Brittany Yantis on Posted in Cloud Computing
The Clarifying Lawful Overseas Use of Data Act (Pub. L. No. 115-141 (2018), or the CLOUD Act, was enacted in the U.S. on March 23, 2018, in response to difficulties U.S. law enforcement agencies (LEAs) had when attempting to gain access to data held by cloud service providers through Stored Communication Act (SCA) warrants, as … Continue Reading

When is a Chair not a Chair? Big Data Algorithms, Disparate Impact, and Considerations of Modular Programming

Photo of James A. ShererBy James A. Sherer on Posted in Information Governance, International Privacy Law, Social Media
The DESI VII Workshop titled “Using Advanced Data Analysis in eDiscovery & Related Disciplines to Identify and Protect Sensitive Information in Large Collections” was held on the Strand Campus of King’s College in London on June 12, 2017. DESI VII was particularly focused on privacy, and presented numerous papers that examined emerging protocols and novel … Continue Reading

Deeper Dive: Ransomware – WannaCry and the Future of Ransomware-as-a-Service

Photo of Melinda L. McLellanPhoto of James A. ShererBy Melinda L. McLellan and James A. Sherer on Posted in Cybersecurity, Data Breaches, Incident Response, Ransomware
In our 2017 BakerHostetler Data Security Incident Response Report, we addressed the increasingly ubiquitous scourge of ransomware, one of the fastest-growing types of malware causing data security incidents. We noted that ransomware attacks have been steadily expanding in both frequency and severity, and that those trends seemed set to continue for the foreseeable future. Less than a … Continue Reading

Deeper Dive: Security Incident Notification Under the New EU General Data Protection Regulation (GDPR)

Photo of Melinda L. McLellanPhoto of James A. ShererBy Melinda L. McLellan, James A. Sherer and Emily R. Fedeles on Posted in Cybersecurity, Data Breaches, Enforcement, International Privacy Law
As noted in the 2017 BakerHostetler Data Security Incident Response Report, the enactment of the EU General Data Protection Regulation (GDPR) represents the most significant change in European data protection law in more than 20 years. Coming into effect on May 25, 2018, the GDPR focuses on a number of core data protection principles and … Continue Reading

EU High Court Invalidates Safe Harbor Framework for Cross-Border Data Transfers

Photo of Melinda L. McLellanPhoto of James A. ShererBy Melinda L. McLellan and James A. Sherer on Posted in Enforcement, International Privacy Law
On October 6, 2015, the Court of Justice of the European Union (CJEU) issued a highly anticipated judgment that has the potential to impact how thousands of companies transfer data from the EU to the United States. The Court’s decision effectively invalidates the European Commission’s “adequacy” determination with respect to the U.S.-EU Safe Harbor Framework, … Continue Reading

Federal Trade Commission Joins with Industry Experts to Provide Start-Ups and Developers with Practical Advice at “Start with Security” Conference

Photo of James A. ShererBy James A. Sherer on Posted in Enforcement
The FTC has a history of offering practical advice to organizations and consumers to protect against security threats and related concerns, and is continuing this practice with the upcoming – and very first – “Start with Security” conference, taking place at the University of California’s Hastings College of the Law on September 9, 2015. The … Continue Reading

Social Media’s Not For You—It’s About You: Risks for Organizations in a New Age of Sharing

Photo of James A. ShererPhoto of Melinda L. McLellanBy James A. Sherer and Melinda L. McLellan on Posted in Data Breaches, Information Governance, International Privacy Law, Mobile Privacy, Privacy Litigation, Social Media, Workplace Privacy
Social media and social networking, including websites and applications that allow users to create and share content, have become ubiquitous. Joining the social networking revolution may be very easy for individuals, but establishing best practices for organizations that want or need to be actively engaged with social media is not. Initial considerations tend to focus … Continue Reading

Bring Your Own Device (Everywhere): Legal and Practical Considerations for International BYOD Programs

Photo of Melinda L. McLellanPhoto of James A. ShererBy Melinda L. McLellan and James A. Sherer on Posted in Information Governance, International Privacy Law, Mobile Privacy, Privacy Litigation, Workplace Privacy
The cross-use of mobile devices for personal and professional purposes, commonly referred to as “Bring Your Own Device” or “BYOD”, is a relatively recent phenomenon that has created a host of legal and practical challenges for organizations of all sizes. Implementing a BYOD program is especially complex for companies that have employees who regularly travel … Continue Reading

2014 Information Governance Year in Review

Photo of James A. ShererBy Judy Selby, James A. Sherer and Benjamin Barnes on Posted in Information Governance
2014 has been perhaps the biggest year Information Governance (“IG”) has seen. A relatively small and, if not unknown, at least undefined field only a few years ago has grown into an area of interest—and concern—to many organizations. The continued growth of data, the escalating threat of data breaches, the amazing ability to collect and … Continue Reading

Big Data Changes the Deal: Information Governance Should Now Be Incorporated Into Due Diligence for Corporate Transactions

Photo of James A. ShererBy Judy Selby and James A. Sherer on Posted in Big Data, Cybersecurity
Editor’s Note: We recently launched a graphic illustrating our Cyber Risk Mitigation Services. This week, our attorneys will be writing about specific examples of those services. The past few years have witnessed the unprecedented rise of Big Data. Fully 90 percent of today’s data was created over just the past two years. Businesses now double the … Continue Reading

Are you—or someone you love—a content hoarder?

Photo of James A. ShererBy Judy Selby and James A. Sherer on Posted in Information Governance
Hoarding is defined clinically as embodying “a persistent difficulty discarding or parting with possessions because of a perceived need to save them.” That accumulation occurs regardless of the actual value associated with the possessions, and often stands in stark contrast to what an outsider or “normal” person’s perception. The idea of accumulating vast quantities of … Continue Reading

What? The Rules Committee Hearings Don’t Have A Hashtag?

Photo of James A. ShererPhoto of Jonathan A. FormanBy Karin Scholz Jenson, James A. Sherer and Jonathan A. Forman on Posted in Information Governance
This post is a joint submission with BakerHostetler Discovery Advocate blog. On a snowy Sixth Avenue this week, thousands of people packed the New York Hilton Midtown for the sensory overload that is LegalTech New York (#LTNY), the annual E-Discovery, privacy, and information governance bash. And today, just hours after the massive conference closed, the E-Discovery … Continue Reading

Information Governance – The importance of putting your data house in order

Photo of James A. ShererBy Judy Selby and James A. Sherer on Posted in Information Security
This blog post is a joint submission with BakerHostetler’s Discovery Advocate blog. Information is the lifeblood of businesses today. As the volume of data continues to grow exponentially, intelligent governance of information is essential for enterprises to survive and thrive. Data security concerns, privacy, compliance requirements and the costs of ediscovery all militate toward implementation … Continue Reading
LexBlog