Here’s one from the Department of Silver Linings: the spike in hacks and cyber-attacks is giving rise to a host of new practice niches.
Firms are stumbling over themselves to set up cybersecurity groups. Some are marketing their expertise in privacy and intellectual property issues. Others tout their cyber-litigation skills.
Right now, most of the activity is happening inside big law firms, and much of that work draws on an existing client base of banks, tech companies, telecoms and insurers.
But the market is expanding. The future is wide open. After all, anyone with a computer and an online account is a potential client.
New Risks, New Rewards
Even in traditional practice areas - employment law, for example – new opportunities are emerging. Not so long ago, this field dealt mostly with contracts, hiring and firing, wrongful termination, discrimination, non-compete clauses and the like.
These days, employers and workers alike face thorny questions like:
- Can employees conduct personal business on work computers?
- What are the consequences if an employee brings an online virus into the firm?
- Does the firm have a social media policy? Is it in writing?
- Are employees instructed on what they can and cannot post on Facebook?
- Can employees use personal laptops and portable devices for firm business?
- Who has access to cloud data?
- Who has access to online accounts and passwords?
- Are passwords changed when an employee is terminated?
- What are employees allowed to take with them when they leave the firm?
- Who is responsible for monitoring all of this?
Seminars and Security
A trailblazer in the emerging field of cyberlaw is Hunton & Williams. For four consecutive years, Computerworld magazine has ranked the firm number one globally for privacy and data security services.
Among other things, Hunton & Williams represents clients who have been hacked. The firm helps them mitigate losses, file claims and sue responsible parties. It has even established a Centre for Information Policy – which has cranked out a 1,400-page Privacy and Data Security Law Deskbook full of laws, regulations, forms and checklists – to help clients develop proactive cyber-security strategies.
Obviously, no small firm can match such efforts. But with a little creativity, even a solo shop can get in on the cyberlaw action. Here’s how:
- Get educated. The more you know about cybersecurity, the more marketable you will be. Attend a CLE seminar on cyber-risk. Contact the NCBA’s Center of Practice Management and see what resources they have. Order the “Data Breach and Encryption Handbook” from the ABA (though its 2011 publication date means some of the content is already obsolete).
- Present a cyber-risk seminar. Book a room at your local community college. Open the session to the general public, free of charge. Invite a computer geek or data protection pro to address technical issues of privacy and security, while you cover the legal issues.
- Follow the money. Hot practice areas include patent, trademark and copyright litigation, social media liability, trade secrets, online marketing, white collar crime and defamation.
- Market yourself. Let the world know you are open for cyberlaw business. Tell potential clients what sort of cases you are qualified to handle. Advertise your credentials on your website, blog, newsletter and brochure.
Finally, if you have experience in computer programming, software development or data storage, use it. That gives you an extra feather in your cap.
Does your firm offer cyber-law services? What kind? How is it going?
For more information:
- Hunton and Williams http://www.hunton.com/Global_Privacy_and_Cybersecurity/
- FindLaw http://blogs.findlaw.com/in_house/2014/05/in-house-attorneys-game-plan-for-data-breaches-and- http://www.cbsnews.com/news/fbi-director-james-comey-on-privacy-and-surveillance/cybersecurity.html
Jay Reeves a/k/a The Risk Man is an attorney licensed in North Carolina and South Carolina. Formerly he was Legal Editor at Lawyers Weekly and Risk Manager at Lawyers Mutual. Contact him at firstname.lastname@example.org or 919-619-2441.