The Sedona Conference Working Group 11 Midyear Meeting 2024

Date: 
Tuesday, October 29, 2024 - 8:45am to Wednesday, October 30, 2024 - 1:00pm

Event Location:

Offices of King & Spalding
1180 Peachtree Street, NE
Suite 1600
Atlanta, GA 30309

Register today for the 2024 Midyear Meeting of Working Group 11 on Data Security and Privacy Liability, to be held at the offices of King & Spalding in Atlanta, Georgia, on Tuesday-Wednesday, October 29-30, 2024. A welcome reception will be held in the evening of Monday, October 28, from 5:30-7:30 pm.

The meeting’s primary focus will be on new drafts and brainstorming group outlines in need of WG11 member review and comment, including the following:

  • Potential Second Edition of the Commentary on Law Firm Data Security
  • Data Privacy Primer, Second Edition
  • Online Tracking
  • Individual Liability for Data Security Failures
  • Potential AI Projects Update

The meeting will also feature the following sessions:

  • Privacy and Data Security Regulator Roundtable
  • Privacy and Data Security Litigation Update (including recent SCOTUS jurisprudence)
  • WG11 Town Hall

CLE

The Sedona Conference will seek CLE accreditation for this meeting in selected jurisdictions, as dictated by attendance.

Confirmed Dialogue Leaders

iDiscovery Solutions
iDS

Washington, DC, USA

Lockridge Grindal Nauen PLLP

Minneapolis, MN, USA

Complete Discovery Source, Inc

Naples, FL, USA

Ahdoot & Wolfson, PC

New York, NY, USA

Alston & Bird

Atlanta, GA, USA

Bleichmar, Fonti, & Auld, LLP

Oakland, CA, USA

Duane Morris LLP

River Forest, IL, USA

Polsinelli

Birmingham, AL, USA

WilmerHale

Washington, DC, USA

New York, NY, USA

Lewis Roca

Phoenix, AZ, USA

Shook, Hardy & Bacon

Denver, CO, USA

State Court of Gwinnett County

Lawrenceville, GA, USA

Federal Communications Commission

Washington, DC, USA

Berkeley Research Group

Chicago, IL, USA

Littler Mendelson P.C.

Minneapolis, MN, USA

iDS

Saint Charles, IL, USA

Axon Global

Centennial, CO, USA

SafeGuard Privacy Inc.

Sarasota, FL, USA

Shook, Hardy & Bacon, LLP

Kansas City, MO, USA

Cleveland State University College of Law

Boston, MA, USA

Crowe

Spring, TX, USA

Pennsylvania Office of Attorney General

Philadelphia, PA, USA

Connecticut Attorney General's Office

Hartford, CT, USA

Plano, TX, USA

Strauss Borrelli

Chicago, IL, USA

Parry Law PLLC

Raleigh, NC, USA

Dell Technologies

Johns Creek, GA, USA

Crowe LLP

Sarasota, FL, USA

Gowling WLG

Ottawa, ON, Canada

Office of the Tennessee Attorney General

Nashville, TN, USA

Shook, Hardy & Bacon

Washington, DC, USA

The Sedona Conference

Phoenix, AZ, USA

WG 11 Midyear Meeting Agenda 2024

Time Session Panelists
  Monday, October 28, 2024  
5:30 — 7:30 p.m. Welcome Reception  
  Tuesday, October 29, 2024  
8:00 — 8:45 a.m. Breakfast & Sign-in  
8:45 — 9:00 a.m. Welcome & Overview
Murphy, Withers
9:00 — 10:15 a.m. [Session 01] Commentary on Law Firm Data Security, Second Edition  
  The panel of brainstorming group members will lead a dialogue on its outline regarding whether a second edition of the Commentary on Law Firm Data Security ("Commentary") is warranted because of the changes in law and technology, omissions in the original product, or newly developed needs for guidance. The original Commentary, published in 2020, includes a discussion of how organizations should communicate with outside counsel about their data security practices. The Commentary also includes model clauses for engagement letters as well as a sample questionnaire corporate clients could provdie to their law firms to assess data security readiness.
Hon. Priest Johnson (ret.), Kemnitz, Kirtley, Moncure*, Riemann, Wilson
10:15 — 11:15 a.m. [Session 02] Potential AI Projects Update  
  The panel will present, and lead a dialogue with WG11 membership in attendance regarding, the proposal of the current WG11 AI brainstorming group that a drafting team be formed to prepare a Commentary regarding certain statutory clarifications and/or interpretations that the brainstorming group believes are needed in order for the Colorado Privacy Act (Colo. Rev. Stat. §§ 6-1-1301 et seq.) and Colorado AI Law (Colo. Rev. Stat. §§ 6-1-1701 et seq.) to be read consistently with one another when a business is using AI in the hiring process. In addition, the panel will present and/or seek feedback from the WG11 membership regarding other AI-related privacy and/or data security legal issues that might be the basis for forming future WG11 AI brainstorming groups.
Ackert*, Belt, Dalziel, Simpson
11:15 — 11:30 a.m. Morning Break  
11:30 — 12:45 p.m. [Session 03] Individual Liability for Data Security Failures  
  The panel of brainstorming group members will lead a dialogue on its outline regarding whether it is useful to develop a Commentary identifying the legal basis for data security failures that could lead to individual liability (whether civil or criminal); whether the liability is unique to data security obligations or derived from general management or fiduciary responsibilities; differences in the application of the requirements (i.e., is accountability based upon specific knowledge, intent or negligence); and whether there should be guidelines to help individuals protect against such liability.
Donoho, Gray*, Hon. Mares (ret.), Shook
12:45 — 2:00 p.m. Lunch  
2:00 — 3:15 p.m. [Session 04] Town Hall  
  WG11 Steering Committee members will lead a dialogue on progress made on the work product of WG11, and by WG11 as a whole. WG11 member input will be sought regarding the future direction of WG11, including ideas for existing and new commentaries and projects.
Baxter-Kauf, Drum, Evers, Kemnitz, McCarthy, Meal, Moncure, Murphy*, Shook
3:15 — 3:30 p.m. Afternoon Break  
3:30 — 5:00 p.m. [Session 05] Privacy and Data Security Regulator Roundtable  
 

The panel of key U.S. privacy and data security regulators will participate in a roundtable discussion of their offices’ current priorities in the privacy and data security space. The discussion will encompass new legislative and rule-making initiatives in which the regulators’ offices are involved, as well as their offices’ current enforcement focal points and investigatory processes.

JouMurphy*, Neumon, Walker
5:00 — 7:00 p.m. Reception (guests invited)  
     
  Wednesday, October 30, 2024  
8:00 — 9:00 a.m. Breakfast & Sign-in  
9:00 — 10:15 a.m. [Session 06] Privacy and Data Security Litigation Update  
  The panel will lead a dialogue on not only the most significant court decisions, including recent Supreme Court jurisprudence, regarding privacy and data security in the past year, but also court filings that raise novel claims and defenses (even if the cases themselves are pending or have settled), with the goal of bringing WG11 members up-to-the-minute on where the case law currently is – and more importantly, where it could be heading in the future.
Donoho, Hon. Iannazzone, Meal*, Resch
10:15 — 10:30 a.m. Morning Break  
10:30 — 11:45 a.m. [Session 07] Online Tracking  
  The panel of drafting team members will lead a dialogue on their efforts in drafting a Commentary based on the work of the Online Tracking brainstorming group (found here). Dialogue leaders will discuss how they chose which principles to focus on from the brainstorming group and how they arrived at consensus for inclusion, as well as the latest developments in case law and technology related to online tracking. Dialogue leaders will also seek member feedback on the proposed draft, topics for inclusion, and consensus-building.
Clark, Kalat, Matus*, Yannella
11:45 — 1:00 p.m. [Session 08] Data Privacy Primer, Second Edition  
  The panel of WG11 drafting team members will lead a dialogue on their draft Second Edition of the Data Privacy Primer ("Primer") that, among other updates, (1) revises the Primer to address key U.S. federal and state legislative and regulatory changes and case law updates since its publication and 2) expands the Primer to include certain international privacy laws.
Davis, Fedeles, Hansen, Kemnitz, McCarthy*, Wagner
1:00 — 2:00 p.m. Grab-&-Go Lunch (provided)  

*Panel Moderator