Seminar on Cybersecurity for Lawyers

The Cybersecurity and Forensics Committee (“CFC Committee”) of the Law Society of Singapore and Singtel recently organised a “Seminar on Cybersecurity for Lawyers” on 18 May 2017. The seminar was led by Lim Kian Kim (Chair of the CFC Committee), together with Jeffrey Lim (Vice Chair of the CFC Committee), Leow Jiamin, Joey Pang, Jonathan Kao (members of the CFC Committee), and Freddy Tan from Singtel. The seminar was attended by 78 lawyer, majority of which were senior practising lawyers.
The seminar came days after the global “WannaCry” ransomware attacks, and was an apt reminder that cybersecurity threats are all around us, and also showed the importance of increasing awareness of the legal issues surrounding cybersecurity threats and attacks. 
The seminar started off with Kian Kim giving a brief but succinct introduction on the definition of “cybersecurity”, in dictionaries and from cybersecurity technical bodies. Kian Kim elaborated on foreign legislation, such as the Cybersecurity Information Sharing Act of 2015 in the United States, and the EU Directive on Security of Network and Information Systems, as well as the General Data Protection Regulations. It was definitely a timely and meaningful discussion just ahead of Singapore’s Cybersecurity Bill, which was recently released on 10 July 2017. 

Lim Kian Kim giving a brief but succinct introduction on the definition of “cybersecurity”
I led the second part of the seminar on Cybersecurity and Legal Proceedings, starting the discussion with the recent Singapore decision Wee Shuo Woon v HT S.R.L [2017] SGCA 23 and the obligation of confidence over certain information leaked online. I compared this to United States cases, such as information stolen by Chinese nationals from two law firms (Securities and Exchange Commission v Iat Hong et al.), information allegedly stolen and subsequently misused by Chinese steel manufacturers (United States Steel Corporation’s complaint to the International Trade Commission) and Ethiopia allegedly monitoring an ex-citizen who had obtained asylum in the US (Kidane v The Federal Democratic Republic of Ethopia). Overall, there is much to be done to assist victims of cybersecurity attacks. 

Panel discussion led by Jeffrey Lim (seated extreme left) and Jonathan in blue. Mr Freddy Tan was responding to a question from the audience. 
The third part of the seminar was led by Joey, who focused on Current Rights and Remedies when Dealing with a Cybersecurity Breach. Joey created a fictitious cybersecurity breach scenario where a Singapore based-cloud storage provider was hacked, resulting in common issues such as compromised credit card and personal information, compromised accounts, and leaking of information (such as documents and episodes of popular television series). Joey then discussed remedies from an intellectual property law perspective, statutory remedies (such as those under the Personal Data Protection Act and the Computer Misuse Cybersecurity Act), tort, and sanctions and even possible self-help remedies. 

Leow Jiamin speaking about Cybersecurity and Legal Proceedings
The fourth part of the seminar was led by Freddy of Singtel, who shared his experience in dealing with cybersecurity hacking and the various tools and technology that can be uses to prevent cybersecurity threats and attacks. 

Joey Pang speaking on Current Rights and Remedies when Dealing with a Cybersecurity Breach
The seminar ended with a Panel Discussion moderated by Jeffrey, where some of the issues raised during the presentations were discussed more in depth. The CFC Committee has received much positive feedback from those who had attended the seminar, and is looking forward to organise its next seminar on traditional and digital / cloud forensics, and the challenges that lawyers will face today in the collection of evidence. 

Leow Jiamin
    Associate, Rajah & Tann Singapore LLP
    Member, Cybersecurity and 
    Forensics Committee
    The Law Society of Singapore