Data, Privacy, Cyber & Security of Critical Infrastructure (SoCI) Series
Are we taking for granted the privacy of personal information, the use of generative AI and cyber risks? As Australia modernises its Privacy Law and data security is top of mind, how do lawyers also grapple with the challenges of chatbots, cyber-attacks and protection of critical infrastructure. This three-part series steps you through a complex regulatory environment that may/may not be keeping up with transformational change. WEB235N01Z
Description
Attend the full series and earn 6 CPD units including:
4 units in Substantive Law
2 units in Professional Skills
This program is applicable to practitioners from all States & Territories
If you register for the full series as a live online product after the date of an individual session, you will be sent the recording for the sessions that have passed. Alternatively, you can register for individual sessions by following the links below.
Session 1
Privacy and Data: are you ready for the road ahead?
Thursday, 4 May 2023
Australia is modernising its Privacy Law. That’s going to be a major transformation for all stakeholders with key recommendations for strengthening the Notifiable Data Breach scheme, removing the small business exemption, establishing GDPR style data subject rights and a statutory tort for serious invasions of privacy.
Lawyers are saying that AI is an opportunity not a threat. Walk away with a good understanding of how chatbots work and their implications for the legal profession. WEB235N01AZ
Chair Olga Ganopolsky General Counsel Privacy & Data Macquarie Group
10.00am to 12.00pm Transformation of Australia’s Privacy Law is underway: several key recommendations include:
- Strengthening the Notifiable Data Breach scheme
- Removing the small business exemption
- Establishing GDPR style data subject rights
- Establishing a statutory tort for serious invasions of privacy
Presented by Katherine Sainty, Sainty Law
11.00am to 12.00pm AI chatbots and Implications for the Legal Profession – Take the Tour
- Step though demonstrations of Chatbots: ChatGPT, Google Bard, Microsoft Bing
- Are they accurate?
- Who owns the copyright and licensing?
- What are the regulatory implications?
- What is the change in value of work?
Presented by Patrick Fair, Patrick Fair Associates
Register here for Session 1 only
Session 2
Cyber Security Checklist for Legal Advisors for Managing Hackers
Thursday, 18 May 2023
With more cyber breaches each week, how well is business managing this major risk? Step through global and domestic trends and how the legal framework translates into various obligations including complexity of notification/reporting to regulators. WEB235N01BZ
Chair Olga Ganopolsky General Counsel Privacy & Data Macquarie Group
10.00am to 12.00pm Cyber Security Checklist for Legal Advisors for Managing Hackers
- Trends: global lens and what we are seeing in Australia, including insurance statistics
- Legal framework: how that translates into various legal obligations, eg complexity of notification, reporting to regulators
- Role of legal adviser: external and in-house
- Case study, with high level outline of scenarios
Presented by Craig Subocz, Senior Associate, Piper Alderman and Michael Parrant, Client Director & Cyber Insurance Practice Leader, Aon
Register here for Session 2 only
Session 3
Industries within the SoCI framework and their Risk Management Programs: Pulse Check
Thursday, 1 June 2023
Understand how Australian organisations, deemed as running infrastructure critical to Australia’s national interest, will need to comply with a new risk management protocol – a major compliance development for 11 industry sectors: communications, data storage & processing, defence industry, energy, financial services, food & grocery, health & medical, higher education & research, space technology, transport, water & sewerage. WEB236N27CZ
Chair Olga Ganopolsky General Counsel, Privacy & Data Macquarie Group
Professional Skills
10.00am to 12.00pm Industries within the SoCI Framework and their Risk Management Programs: Pulse Check
- Two-tiered system
- Regulated sector and responsible entities
- Identifying Critical Infrastructure assets
- Identifying regulation by the rules
- Identifying your positive security obligations
- Building your risk management plans
- Identifying types of hazards and material risk
- Mandatory cyber security incident reporting
- Obligations applicable to Systems of National Significance
- Discretionary powers and penalties
- Serious cyber incidents
- Identifying compliance gaps
Presented by Patrick Fair, Patrick Fair Associates
Register here for Session 3 only
Presenters
Olga Ganopolsky
Olga Ganopolsky is Macquarie Group’s General Counsel - Privacy and Data and is versed in the subject of data protection with extensive experience in detailed privacy policy challenges, law reform and ongoing management of legal and strategic issues. Much of Olga’s work involves implementing new technologies and addressing privacy requirements in an increasingly complex co-regulatory and sometimes contentious environment. Most recently this has included work on implementations of GDPR and the reforms to Security of Critical Infrastructure Act and related regimes, artificial intelligence, CPS 234, Covid-19 related matters, the Consumer Data Right and addressing cross border issues considering the Schrems II Decision of the European Court of Justice and the newly updated Standard Contractual Clause as approved by the Commission.
Katherine Sainty
Katherine Sainty is the founder of Sainty Law, a commercial law firm with specialist expertise in the digital industries and not for profit sector. For many years Katherine has advised major media, technology and communications companies as well as government. Her current focus is advising clients on legal and regulatory issues and strategies to succeed in the expanding digital economy. Clients include digital media companies, broadcasters, ISP and IT companies, content creators and not for profit organisations. She is a frequent commentator and speaker in public forums on digital business issues, most recently on broadband as the driver of the digital economy and the challenges and opportunities that Social Media offers business. Katherine was formerly a partner at Allens and has been recognised as pre-eminent in her field by her peers (in Chambers Global, The World's Leading Lawyers).
Patrick Fair
Patrick Fair is the principal of Patrick Fair Associates, an Adjunct Professor at the School of Information Technology, Faculty of Science, Engineering and Built Environment at Deakin University, the Chairman of the Communications Security Reference Panel at the Communications Alliance, a member of the IoT Alliance of Australia Security Workstream Member Technical Advisory Standing Committee auDA and General Advisor to and an author of LexisNexis Practical Guidance Cybersecurity, Data Protection and Privacy.
Craig Subocz
Craig is an intellectual property and technology lawyer with expertise in all facets of IT contracting and procurement, including advising on competitive procurement processes and the preparation and negotiation of supply and service contracts, such as anything-as-a-service, agile software development, hardware supply and maintenance contracts and managed services arrangements. He has also worked with clients to develop terms of use for electronic commerce platforms. Craig is experienced in data security and information privacy matters, such as preparing privacy and credit reporting policies, employee procedures and data breach response plans, as well as delivery of privacy training. Craig has a broad knowledge of Victorian and Commonwealth privacy laws, as well as the GDPR. Craig has advised a number of clients on compliance with the mandatory data breach notification requirements under the Privacy Act, including whether a data breach is notifiable and the preparation of notifications and applications for exemption from notification requirements. As a registered trade mark attorney, he has routinely advised and represented clients in relation to intellectual property protection, commercialisation and enforcement. Craig has worked with clients to recognise and protect their valuable intellectual property assets, including identifying those assets and taking steps to protect the assets through registration (if available). He has prepared and negotiated commercialisation agreements, including licence agreements, collaboration agreements and research and development agreements.
Michael Parrant
Michael is Aon’s Cyber Insurance Practice Leader which involves management and advice involving all facets of cyber risk and insurance, including the negotiation and placement for many of Aon’s most complicated clients, presenting the outcomes to Audit & Risk Committees and Boards, claims advocacy, technical reviews of coverage and risk profiling of client’s cyber risks as well as industry analysis and creation of thought leadership materials. With specialist skills in all financial lines products, Michael has spent the last 15+ years focusing on global and complex firms for their Technology Errors & Omissions and Cyber insurance placements from Australia and London. Michael started his carrer with Aon in 2002, and has been involved in Financial Lines since then, with a focus on cyber for 10+ years. Following almost 3 years in Aon’s global Head Office in London with the Global Broking Centre which saw Michael focus on Cyber Liability Technology Errors and Omissions and Intellectual Property global insurance placements, Michael has chosen to progress his career with Aon Australia as the Insurance head of the newly created Cyber Solutions Group.