A prominent Chinese dissident may proceed with his malpractice case against a law firm based on allegations that the firm failed adequately to protect his personal data from hackers, a Washington, D.C. district court said in an opinion on February 20.  In his $50 million suit, the plaintiff, Guo Wengui, alleges that after he retained

The outlines of the attorney-client privilege and work-product doctrine are well-established. But how should they apply when an organizational client suffers a cybersecurity event or other intrusion that results in a data breach?  Should information about the company’s security policies pre-breach and its post-breach response be given any enhanced protection? Under what circumstances?

The questions