David G. Ries

David G. Ries practices in the areas of environmental, technology, and data protection law and litigation.  For over 20 years, he has increasingly focused on cybersecurity, privacy, and information governance. He has recently addressed in his practice such current issues as cybersecurity and privacy programs and policies, contracting for privacy and security, response to security incidents and data breaches, digital and environmental forensics, admissibility of expert opinions, e-discovery, and defense of enforcement actions. He is a co-author of Locked Down: Practical Information Security for Lawyers, Second Edition (American Bar Association 2016) and Encryption Made Simple for Lawyers (American Bar Association 2015), the editor of eDiscovery, Fourth Edition (PBI Press 2017)  and a contributing author to Information Security and Privacy: A Legal, Business and Technical Handbook, Second Edition (American Bar Association 2011). He is a member of the American Bar Association's Cybersecurity Legal Task Force. 

Publications / Presentations

• Author, "Cybersecurity for Attorneys: The Ethics of Incident Response," ABA Law Practice Today, November 13, 2020. 
• Speaker, “Ransomware 101 For Lawyers: Protection, Response and Recovery,” American Bar Association, September 17, 2020.
• Presenter, "Work-At-Home and Remote Access – It’s Time for a Security Review," #DigitalDectectives Podcast for Legal Talk Network, June 18, 2020. 
• Speaker, “Avoiding Technology Nightmares,” Pennsylvania Bar Institute, August 2020.
• Panelist, “The Ethics of Law Firm Cybersecurity in a Work-from-Home World,” Wyoming State Bar, ALPS Insurance, the Knoxville Bar Association, the California Lawyers Association IP Section, the Virginia State Bar, and the Arizona Women Lawyers Association, July-December 2020 (multiple presentations).
• Speaker, “Cybersecurity Practices That Won’t Bust Your Budget,” Michigan Institute for Continuing Legal Education’s 60th Annual Probate & Estate Planning Institute, May and June 2020.
• Presenter, "Information Security Law Update," Pittsburgh Chapter of the Information Systems Security Association, March 2020. (annual presentations for over 10 years).
• Speaker, “Professional Responsibility Considerations,” Pennsylvania Bar Institute’s eDiscovery Update 2020, Pittsburgh, PA, March 2020.
• Panelist, “Anatomy of a Data Breach: Analyzing Past Breaches to Minimize Risk,” American Bar Association, February 2020. 
• Author, “Cybersecurity for Attorneys: Addressing the Legal and Ethical Duties,” Law Practice Today, November 2019.
• Presenter, “What is ‘Reasonable Security’? - Understanding the Emerging Legal Standards,” Three Rivers Information Security Summit, Pittsburgh, PA, October 2019.
• Presenter, “Ethical Issues in Mineral Title,” Rocky Mountain Mineral Foundation’s Mineral Title Examination Institute, Westminster, CO, September 2019.
• Panelist, “Cyber Responsibilities of Lawyers and Law Firms,” Annual Meeting of the International Association of Defense Counsel, Asheville, NC, July 2019.
• Speaker, “Electronic Communications Best Practices,” and “Safeguarding Client Data: Ethical and Legal Obligations in a Breach-a-Day World,” State Bar of Montana’s Law and Technology Summit, Missoula, MT, June 2019.
• Panelist, "State Law Implications of Federal Regulatory Change," Pennsylvania Bar Institute's Environmental Law Forum, Harrisburg, PA, April 2019.
• Spoke at ABA TECHSHOW in Chicago, IL in February, 2019 on “Anatomy of a Data Breach: Analyzing Past Breaches to Minimize Risk” and “Security Practices That Won’t Bust Your Budget.” Served on the TECHSHOW Planning Board from 2005 through 2008 and has regularly spoken at TECHSHOW since 2005, including presentations like “Egregious Data Security Breaches, Hacks & Leaks,” “Encryption is Now Cheap and Simple and Ethically Required… Maybe,”  “Two-Factor Authentication – Another Reasonable Step to Secure the Information Entrusted to You,” “Batten Down the Hatches: Mobile Security for Lawyers,” “New Geolocation Technologies,” and “The Top 5 Technologies in Advanced E-Discovery.“
• Published the "ABA TECHREPORT 2018 - Cybersecurity" (January 2019) that summarizes cybersecurity experience and trends in the American Bar Association 2018 Legal Technology Survey Report.
• Presented a Clark Hill HR Advantage webinar on “Business E-Mail Compromise – Best Practices for Prevention and Response” in January, 2019.
• Course planner, moderator and speaker for "Balancing Individual Privacy and Public Safety in the Accessibility of Cell Phone Data," presented by the Wecht Institute of Forensic Science and Law and InfraGard-Pittsburgh at Duquesne University in November, 2018.
• Panel member for "Preparing for Your Data Breach - Yes It's Coming" at the College of Law Practice Management's 2018 Futures Conference, Cybersecurity: This Way Be Dragons, in Boston, MA in October, 2018.
• Spoke on "Utility Cybersecurity" at the ABATE Annual Meeting in October, 2018 in Lansing, MI.
• Coauthor of "What to Do When Your Data is Breached," Michigan Bar Journal (September 2018).
• Spoke on "Cyberinsurance - Options and Coverage" at ILTA's LegalSEC Summit in Crystal City, VA in June, 2018. 
• Panel member on "Drinking Water, Infrastructure and Environmental Justice" at the Pennsylvania Bar Institute's Environmental Law Forum in April, 2018 in Harrisburg, PA. 
• Spoke on "Cyber Security: Protecting Corporate Data in a Breach-a-Day World" at the Michigan Manufacturers Association Law Symposium in Dearborn, MI in February, 2018.
• Presented "Cybersecurity for Tax Professionals" at the Pennsylvania Institute of Certified Public Accountants' Western Pennsylvania Tax Conference in January, 2018.
• Presented on "Safeguarding Client Data in a Breach-a-Day World" at the Institute for Energy Law’s 16th Annual Energy Litigation Conference in Houston, Texas on November 9, 2017. 
• Presented on "Protecting Your Client’s Data: Ethics, Security and Practicality at the 43rd Annual Notre Dame Tax and Estate Planning Institute in South Bend, IN on October 26, 2017. 
• Spoke on "Safeguarding Client Data in a Breach-a-Day" at DRI's Cybersecurity and Data Privacy Seminar in Chicago, IL in September, 2017.
• Panel member for a series of American Bar Association cybersecurity webinars during July, 2017, including "New ABA Ethics Opinion on Securing Electronic Communications," "Your Law Firm Has Been Breached, Now What?" and "Ethics of Keeping Your Confidential Data Safe."
• Spoke on "Encryption is Simple, Easy and Cheap- and May be Ethically Required" and "Digital Transactions: E-Signatures, E-Contracts and Authentication" at the Virginia State Bar TECHSHOW in April, 2017 in Richmond, VA.
• Course planner, moderator and speaker for "Digital Forensics in the Courts," presented by the Wecht Institute of Forensic Science and Law and InfraGard-Pittsburgh at Duquesne University in March, 2017.
• Gave a presentation on "eDiscovery: Professional Responsibility Considerations" at the Pennsylvania Bar Institute's eDiscovery program in March, 2017 in Pittsburgh, PA.
• Spoke on "Encryption for Lawyers: Its Time Has Come" at the University of Richmond Journal of Law and Technology's (JOLT) Symposium on Cyber Security: Protecting Against Cyber Threats and Data Breaches Through Encryption and Regulation in February, 2017.
• Presented on “Safeguarding Client Data in a Breach-A-Day World,” Institute for Law and Technologsafy’s Cybersecurity and Data Privacy Law Conference, Plano, TX, January, 2017.
• Presented on “Securing Documents: Encryption, eSignatures and Other Ways to Protect Client Information” at the Pennsylvania Bar Institute’s Employment Law Institute West, Pittsburgh, PA, November 2016.
• Presented on “Encryption for Lawyers: The Time has Come” at the Pennsylvania Bar Institute's Business Law Institute, Philadelphia, PA, November 2016.
• Presented on “Cyber Risk Management and Liability Issues” at the Pennsylvania Bar Institute's Business Insurance CLE, August 2016.
• Participated on a panel on Incident Response in a Law Firm at ILTA’s (International Legal Technology Association) LegalSEC Summit 2016 in Baltimore, MD in June 2016. The panel addressed best practices and procedures for response to security incidents and data breaches for law firms as well as other businesses and organizations.
• Panel member on Effective and Ethical E-Discovery at the Allegheny County Bar Association’s Bench Bar Conference at the Seven Springs Mountain Resort, PA in June, 2016. The program explored current developments in e-discovery, including new rules amendments, from the perspectives of a federal judge and practicing attorneys.
• Panel member on “Locked Down: The Evolving Duty of Competence & Information Security” at the Association of Professional Responsibility Lawyers Mid-Year Meeting in San Diego, CA in February, 2016.
• Course planner, moderator and speaker for “What’s in Your Mobile Device? Forensic Science in the Digital Age,” presented by the Duquesne University Law School’s Wecht Institute of Forensic Science and Law and InfraGard-Pittsburgh in January, 2016.
• Course planner and speaker for the Pennsylvania Bar Institute’s Identity Theft program in Pittsburgh, PA in January, 2016 and earlier programs over the past several years.
• Panel member on “E-Discovery Ethics: Emerging Standards of Technological Competence” at the Pennsylvania Bar Institute’s Employment Law West Program in Pittsburgh, PA in November 2015.
• Spoke on “Competence in Technology: What the Ethics Rules Require,” at the Pennsylvania Bar Institute’s Oil & Gas Colloquium in Pittsburgh, PA in September, 2015.
• Presented on “Encryption for Lawyers: Its time Has Come,” at the American Bar Association Annual Meeting in Chicago, in August, 2015. 
• Panelist on “The Ethics of Mobile Security: Protecting Client and Health Data Outside the Office” and  “The New Era for Healthcare Privacy and Security” at the ABA’s 16th Annual Conference on Emerging Issues in Healthcare Law, Lake Buena Vista, FL, in March, 2015.
• Course planner and moderator for “Social Media in the Courts,” presented by the Wecht Institute of Forensic Science and Law and InfraGard-Pittsburgh at Duquesne University in January, 2015.
• Gave a presentation on “What is “Reasonable Security”? – Emerging Legal Standards” for the Pittsburgh Chapter of ISACA in October, 2014.
• Spoke on “Safely and Ethically Navigating the Cloud” at the ABA Annual Meeting in Boston, MA in August, 2014.
• Served as a course planner for the Pennsylvania Bar Institute’s Technology Institute in Philadelphia, PA in June, 2014 and spoke on panels on “BYOD: Bring Your Own Device (or Disaster)” and “Mobility, the Cloud, and Ethics.”
• Spoke on “The Ethical Implications of NSA Surveillance for Lawyers” at the Energy & Mineral Law Foundation’s 35th Annual Institute at White Sulphur Springs, WV in June, 2014. Has been a regular speaker at past Annual Institutes for over 10 years, including sessions on conflicts, confidentiality, privilege, e-discovery and experts.
• Panelist on “Ethical Obligations – A Lawyer’s Duty of Competency” and “Sophisticated Technology Issues” at the Pennsylvania Bar Institute / Allegheny County Bar Association 3rd Annual eDiscovery Symposium in Pittsburgh, PA in June, 2014. Also spoke at earlier programs in 2012 and 2013.
• Spoke on “ESI in Environmental Matters: E-Discovery Basics, Developments, Difficulties with Compliance” at the Pennsylvania Bar Institute Environmental Law Forum in Harrisburg, PA in April, 2014.
• Participated on a panel, “Maintaining Client Confidences in a High-Tech World,” at the ABA Section of Environment, Energy, and Resources Law’s 43rd Spring Conference in Salt Lake City, UT in March, 2014. An encore presentation was done by webinar in June, 2014.
• Spoke on “Professional Ethics: Hot Topics of Concern for Oil & Gas Attorneys” at the Pennsylvania Bar Institute’s 5th Annual Oil and Gas Colloquium in Pittsburgh, PA in September 2013 in Pittsburgh, PA. Gave similar presentations in earlier years.
• Presented “Locked Down: Information Security for Attorneys” at the ABA Annual Meeting in San Francisco, CA in August, 2013.
• Course planner and speaker for Pennsylvania Bar Institute’s E-Commerce: Legal and Practical Issues” program held in Pittsburgh, PA in March, 2013, and for several earlier programs over the past several years.
• Panelist, “Locked Down: Security for Cloud Services and Mobile Devices,” ABA Midyear Meeting, Dallas, TX in February 2013.
• Spoke on “Computer Forensics in the Courts” at Cyril H. Wecht Institute of Forensic Science and Law’s program Digital Detectives: A Computer Forensics Update at Duquesne University in January, 2013.
• Speaker, "Locked Down: How Security for Mobile Devices Helps Avoid Ethical Dilemmas," ABA Webinar, May 2012.
• Spoke on Experts and Work Product at the Pennsylvania Bar Institute’s Environmental Law Forum in Harrisburg, PA in April 2011.
• Speaker, “Ethics in Leasing in the Marcellus Shale,” Rocky Mountain Mineral Law Foundation and Energy & Mineral Law Foundation Special Institute on Development Issues in the Major Shale Plays, Pittsburgh, December 2010.
• Co-author, “Expert Opinions in Environmental Litigation: a Daubert Update,” in the proceedings of the Energy & Mineral Law Foundation’s Thirty-First Annual Institute, May 2010.
• Participated in a demonstration direct and cross-examination of a computer forensics examiner for Evidence in the Information Age, presented by the Cyril H. Wecht Institute of Law and Forensic Science, Duquesne University, October 2009.