Law360 interviewed Manatt's Jesse Brody, a partner in the firm's Advertising, Marketing and Media practice, for an article on why in-house counsel must contribute to the governance structure of the company's basic cybersecurity protocols.
Law360 reports that corporate counsel must gain a comprehensive understanding of the type of data the company collects, retains and utilizes and how it is protected and accessed. Any company engaging in digital marketing needs to understand precisely what data is being collected and how it is being used - for privacy purposes and for the security of its own data. Companies that do not maintain proper data governance for their mobile apps and websites risk huge exposure for data loss, theft, mismanagement and huge financial and reputational losses.
Brody said, "Regardless of the size of your company, information security compliance programs should include an audit of a company's current and planned data collection, processing, use, storage and transfer practices to ensure that your company's privacy and security policies are accurate and sufficient. Efforts should be made to ensure that the company's practices, and those of its vendors, comply with those policies. Vendors and others given access to the data should be contractually held to those policies."
Read the article here.