Gray Plant Mooty Principal Michael R. Cohen knows that for small and medium-sized business owners, every penny counts. So he’d like to offer some free legal advice.
Gray Plant recently teamed with the state Department of Employment and Economic Development to produce “A Legal Guide to Privacy and Data Security,” a free booklet and the latest collaboration between the department and the firm on legal guides for business owners.
“We really tried to write it for non-lawyers, so that when they do talk to their lawyers, they’ll have a better understanding of these issues,” said Cohen. “It’s the only guide that I’m aware of that pulls together all the Minnesota laws related to data privacy and security in one place.”
The guide, weighing in at a formidable 162 pages, covers a wide range of areas, including federal laws governing data privacy and security, privacy and the employment relationship, state data privacy and security laws, global privacy and data security law, sources of information on data privacy and security and various best-practices tips.
“If a company is ever in the throes of a potential data breach, this helps them keep from running around trying to figure out what to do first,” said Cohen. “They have an incident response plan so that they can manage it in an appropriate way.”
The guide is in its second edition, the first one having been published in 2014. It was written by Cohen, with input on specialized areas such as health care and employment law.
Credibility behind the text
According to Charles Schaffer of DEED’s Small Business Assistance Office, collaborations with firms such as Gray Plant are an important way for his office to reach the constituencies that can benefit the most by what DEED has to offer. The department has created business guides in collaboration with other area firms, including Lindquist & Vennum and Merchant and Gould, going back three decades.
To publish the current guide, DEED paid the nominal production and printing costs out of its budget while Gray Plant did the heavy research lifting.
“The law firms contribute their time and expertise pro bono,” said Schaffer. “Even if we might be able to do a publication on our own, their input gives us credibility that there’s expertise behind the product, more so than if it were just another bureaucratic publication from the state government.”
When contemplating business guides, Schaffer said, the department approaches the collaborating firm and spells out some emerging issues related to a certain topic.
“Those issues have been revealed to us either through survey research or we have anecdotal evidence from people who call and ask about it,” he said. “Also, we like to think we’re smart enough to scope out topics.”
Cohen has written other guides in tandem with DEED, including a 2012 volume on technology transactions and one on social media a year later. He said the rapidly changing legal landscape of privacy and data security made it hard to know when to pull the trigger on a second volume: New data privacy standards in the European Union made the guide’s deadline, but the U.S. Supreme Court’s recent ruling in Spokeo v. Robins, which addressed whether an individual can bring action based on wrongful information in a search engine, wasn’t passed down in time.
“It’s always difficult to decide when to prepare an update to a guide like this,” said Cohen. “The laws are ever-changing.”
“I’m glad we were able to provide current information about the new General Data Protection Regulation in the E.U.,” added Schaffer. “International exporters have to live with those new standards of E.U., which is usually much more strict about the information companies can export and use.”
Interest in the new guide has been high. It was initially available in a print edition whose run ran out quickly. At least one University of Minnesota law professor keeps a copy on his desk as a ready reference tool, Cohen said. A recent workshop at Gray Plant covering some of the guide’s topics drew about 75 people, with another one scheduled for sometime this summer (Cohen asks that those interested contact him for more information).
“One of the hallmarks of the Minnesota bar over the years is the willingness of firms to take on this kind of effort pro bono,” said Schaffer. “When we talk to economic development departments in other states, none of them have been able to get this kind of effort from the private bar. That partnership is something we’re very pleased with.”
NOTE: Cohen will present “Lessons from the ‘Panama Papers’: Cybersecurity for Law Firms” at the MSBA Annual Convention on June 24. He will distribute copies of “A Legal Guide to Privacy and Data Security” at the session.