Libananco Holdings Co. v. Rep. of Turkey (ICSID Case No ARB/06/9)

Prime Target

First Second Third

Consequences

The Working Group

http://www.arbitration-icca.org/media/10/43322709923070/draft_cybersecurity_protocol_final_10_april.pdf

• Limiting the disclosure of confidential information by applying the narrow discovery standard that is typical in international arbitration (id. at Art. 6). For example, the International Bar Association Rules on the Taking of Evidence in International Commercial Arbitration (IBA Rules), which are frequently used in international disputes and govern the exchange of documents, limit discovery to “narrow and specific” categories of documents “that are reasonably believed to exist.” (IBA Rules, Art. 3.3(a)(ii)).

• Protecting the transmission of arbitration-related material by (i) identifying secure transmission methods for all participants (g., email, third-party platform, USB drive, or other portable devices), (ii) encrypting, redacting, pseudonymizing, or anonymizing sensitive information; and (iii) restricting access to confidential material through need-to-know or attorneys-eyes-only designations (id.)

• Mitigating data breaches by (i) identifying the source, nature, and scope of the breach; (ii) retrieving lost information and correcting security systems weaknesses; (iii) timely notifying all affected parties in accordance with applicable laws and regulations; and (iv) enlisting expert vendors and law enforcement, where appropriate ( at Art. 18).

• Adopting detailed post-arbitration document retention and destruction policies ( at Art. 6).

id id. id. id. id id. id. id. [email protected] Hagit M. Elul Elul is a partner at Hughes Hubbard & Reed and a member of the ICCA-CPR-NYCBA Working Group on Cybersecurity in International Arbitration. Pavlos Petrovas is an associate at Hughes Hubbard.