Privacy and Security Risks in International Arbitration: Threats and the Information Security Protocol

The nature of international arbitral proceedings, which involve the processing, sharing, retention and cross-border transfer of highly sensitive and personal data, makes them prime targets for cyber attacks. Thus, it is crucial for its parties to implement adequate measures to mitigate data privacy and cybersecurity risks. In this guest article series, Bryan Cave Leighton Paisner partners Geraldine Scali and Claire Morel de Westgaver identify some of the cybersecurity and data protection risks that may arise in the context of an international arbitration and propose best practices to mitigate them. This first part explores the arbitration cyber-attack landscape and relevant arbitration standards, and offers guidance on establishing an information security protocol, including protections around data sharing and transfers. Part two will provide insight on privacy and cybersecurity protections specific to remote arbitrations, proper storage and disposal of data post-arbitration and preparing for a breach. See also “H&M’s $41M GDPR Fine Underscores Importance of Employee Data Handling” (Oct. 14, 2020).

To read the full article

Continue reading your article with a CSLR subscription.