In several aspects of the digital era, the concern with cyber-security in arbitration is also present. With the digitalization of arbitration proceedings, cyber-security awareness became increasingly essential to preserve the confidentiality of information.
Ensuring confidentiality depends on the joint efforts of the actors involved, i.e., the institutions, arbitrators, parties, lawyers, technical assistants, witnesses, experts, and so on, especially in the current scenario, in which interactions between these players have become predominantly digital.
The use of cloud storage, software for document sharing and management, as well as security software, makes technology inexorably linked to arbitration proceedings. Hence the need for protocols capable of establishing guidelines for handling arbitration proceedings while respecting confidentiality and protecting proceedings’ secrecy.
As an example, the Cybersecurity Protocol for International Arbitration, published by the International Council for Commercial Arbitration (ICCA), the New York City Bar Association, and the International Institute for Conflict Prevention and Resolution (CPR) in 2019, and updated in 2022, fulfills this function well.
The aforementioned protocol provides workable measures to promote cybersecurity and confidentiality that can and should be adopted by arbitral institutions and law firms, such as (i) using end-to-end encryption for email and password protection of documents; (ii) using secure file transfer to share documents; (iii) using privacy screens when viewing confidential documents in public; (iv) exercising caution when using the Internet in public settings; (v) implementing policies to reduce the storage period of data used in an arbitration proceeding; (vi) performing routine redundant and secure data backups; (vii)
use of firewalls, antivirus and antispyware software, operating system updates, and other software patches, among others.
L.O. Baptista Advogados adopts a strong policy to restrict access to internal documents, using a VPN connection, a policy of constant change of passwords, closed circuit servers, and communication through e-mails with encryption, among other measures. In addition, it has its data treatment policy with guidance for its collaborators to manage documents safely.
To select a lawyer that will be representing a company in a certain operation, the investor or CEO must look for a professional who, besides technical knowledge, has an organizational structure capable of preserving all his interests, among them, data security and confidentiality.
