Maintaining legal professional privilege in a cyber incident is crucial in risk management
Cyber incidents have unique characteristics that can make it especially difficult to claim or preserve legal professional privilege (LPP). But given they are increasingly exposing organisations to expensive litigation and regulatory enforcement action, taking steps before and during a cyber incident to maximise the prospect of LPP attaching to communications is a vital risk management measure.
The Federal Court's recent decision on an LPP application made in class action proceedings against Optus (in connection with a major cyber incident) was the first time such a claim has been tested in an Australian court—but it likely won't be the last.
In light of the current legal climate, this guide has been designed to assist companies with incorporating LPP preservation measures into their cyber readiness activities.
It explains:
- the importance of LPP in the context of escalating litigation and regulatory enforcement action
- the challenges of claiming it in the cyber-incident context
- key actions to take, elements to consider and questions to ask.
