Royal Air Force Club

“11 ^th Annual Legal Day”

Friday, 22 ^nd January, 2010

This will once again be held at the

Royal Air Force Club

Piccadilly, London.

This year, there is no specific theme for the seminar. Rather, the ISSG has tried to identify

the key topics of the moment. These are today's challenges. The agenda covers a 'broad

church' of these topics. Please see the draft agenda below for more details. This agenda

may, of course, change but it is expected that the speakers indicated will be presenting.

Once again, the ISSG has been welcomed back to the RAF Club in the heart of London.

This is a superb venue which, although the youngest of the service clubs, has history

along all its walls. Lunch will be formal with a 3-course meal plus wine, as per the

standard set in past Legal Days. Please note that the RAF Club has a strict dress code.

Gentlemen should wear a suite and tie. Ladies are requested to adopt best office dress.

Apart from the presentations, there will be opportunities for networking during the day and

the final session of the afternoon will be a Q&A session with all presenters available for

you to quiz.

Important : The VAT rate will increase on 1

^st

January, 2010. Any seminar bookings after

this date will automatically have the increase rate added to the fee. Please book early to

avoid the increase!

Yours sincerely,

Ian Fish

Membership

Secretary

Legal Day 2010 ~ Provisional Programme

Speaker and Topic

09.30 – 10.00 Registration & Tea/Coffee and networking opportunity.

10.00 – 10.05 Charlotte Walker-Osborn, Partner, Technology Group, Eversheds, LLP

Welcome and Introduction

10.05 – 10.45 Speaker :

Liz Fitzsimons, Senior Associate, Eversheds LLP

Title :

Lock up your data - or risk being locked up!

Synopsis :

There is a new data protection regime and approach with important new powers due to come into force early next year. Data security is increasingly critical for businesses to comply with and leaving things to trust is no longer an option. Learn about recent and planned changes and how best to protect your organisation.

10.45 – 11.25

Speaker : Craig Carpenter, VP & General Counsel, Recommind

Title :

The challenges of e-disclosure

Synopsis : eDisclosure, whether due to regulatory oversight, internal investigation or civil litigation, is not just the province of large financial firms anymore. Why is eDisclosure receiving so much attention these days? And how important is it for those in the world of IT? In this session, we will examine the current state of eDisclosure, where it is heading, its ramifications on other areas of the enterprise (including legal, records management, compliance and IT), its challenges and how they can be addressed in the quickest, most cost effective fashion.

11.25 – 11.35 Coffee/Tea

11.35 – 12.15

Speaker : Paul Midian. Director of Consultancy at Information Risk Management plc

Title :

How to break in legally: Penetration testing and the law

Synopsis : Penetration testing is widely used by organisations who wish to better understand the information and technology risks they are facing. Many organisations carry out regular penetration tests, which are fully embedded in their operational risk management processes.

This talk will provide the audience with knowledge and advice around the legal challenges involved in conducting a penetration test. To provide some background the talk will open with a primer on vulnerabilities in information systems and the penetration testing process itself. Using real world examples and personal experience the talk will move on to cover contractual

challenges, legislation and acts relevant to penetration testing. It will highlight some of the ‘grey areas’ and potential pitfalls when commissioning or carrying out a penetration test. Strategies for limiting and mitigating these risks will be discussed; including effective test scope,

management and permission to test. Not forgetting that penetration testers potentially have access to highly sensitive information, the talk will also cover the responsibilities of the testers themselves and provide advice to procurers on how to ensure these responsibilities are discharged in a professional manner.

12.15 – 13.30 Lunch

A three course lunch with wine will be served. A vegetarian option will be

available.

13.30 – 14.10

^{Speaker :}

Shelley Thomas, Hill Dickinson LLP of Manchester Title : Data Protection Issues with Outsourcing

Synopsis : Signing the contract is one thing but there is a huge amount to do first, such as Privacy Impact Assessments. Then there are indemnities, KPI's, Monitoring etc etc. This presentation will provide a guided tour to the whole contract process and beyond.

14.10 – 14.50

^{Speaker :}Paul Lewis, Technology Strategy Board Title:Digital Britain

Synopsis: Legal issues and challenges arising from the Digital Britain report.

14.50 – 15.00 Coffee/Tea

15.00 – 15.40

Speaker : Gareth Niblett, Chairman, BCS ISSG & Managing Director, Blackarts Limited Title : RIPA: Perception and Practice

Synopsis : There has been much discussion in the media and elsewhere about the use and misuse of the powers granted to many public authorities under the Regulation of Investigatory Powers Act 2000 and associated legislation. Stories about snooping on people for trying to get their children into a particular school or letting their dogs foul the street may make the front page, but they are not necessarily representative of how the powers are used in general. Sure, they should lead to questions about the implementation and effectiveness of the necessity and proportionality tests that are a mandatory part of the legislation, but there may be greater things to concern ourselves with when law enforcement and the intelligence community wish to grow and extend the use of data retention, monitoring and surveillance. This talk will give an overview of many years of practical experience and interactions with the public authorities authorised to seek access to information under RIPA, Part 1, Chapters 1 & 2.

15.40 – 16.00 Panel Session

Charlotte Walker-Osborn (chair)

Questions to the Panel of Speakers and close of the seminar.

Note : This is the planned program for the event but may be subject

to change. Prospective delegates should check

BCS ISSG Web Site

for up-to-date information.

Any changes will be notified to delegates with the Joining Instructions.

Important Notice about V.A.T.

The VAT rate will increase from 15% to 17.5% on 1

^st

January, 2010.

The increased rate will be added automatically to all reservations

received from 01/01/10. To avoid this increase, please make your

reservation as soon as possible.

You can make an immediate Credit Card reservation at :

http://www.bcs.org/events/registration

If you are already a BCS/ISSG member, register and you will be

directed to the list of all BCS events. Scrole down to the Legal Day

on 22

^nd

January, 2010, and click on the link.

Non-BCS delegates who have not previously registered for any

BCS events will need to register on-line using the above URL.

Once registered, you will be directed to the full BCS event page.

If you wish to pay by cheque, please use the form below. The BCS

is unable to issue invoices.

If you absolutely cannot pay in either of these ways, please contact

BCS Specialist Groups Administration on 01793 417416 to discuss

other options.

Information Security Specialist Group

‘Legal Day 2010’

Friday, 22

^nd

January, 2009.

RAF Club Piccadilly, London

Please complete this form and post to :

Rachel Browning

BCS, 1^st Floor, Block D, North Star House, North Star Avenue, Swindon SN2 1FA Émail:

Rachel.Browning@hq.bcs.org.uk

Enquiries: Tel: +44(0)1793 417416

Delegate Details:

Title: First Name: Last Name:

Job Title: Organisation Name: (for name badge)

Address for Correspondence:

Post Code:

Is the above address: Work / Home (please delete as applicable)

Email: Telephone Contact Number:

Is the above email address: Work / Home (please delete as applicable)

By agreeing to attend, BCS will use your email or correspondence address to communicate with you regarding the event.

Dietary / Special Requirements:

Please note the VAT percentage will change on 1^st Jan to 17.5%; a revision of this form will be advertised and prices increased as a result.

Ex-VAT VAT Full Fee

BCS Member (please state your membership no in the box below] ^{£115.00 £20.13} £135.13

Non-BCS Member ^{£140.00 £24.50} £164.50

*Student ^{£35.00 £6.13} £41.13

Total Cost £ If you are a BCS member, please state your Membership Number

*Please include a copy of your student ID card Page 5 of 6

BCS VAT Reg No:GB 618168724

The British Computer Society is registered as a Charity: Number 292786

BOOKING FORM

Cheque Payments only

Payment:

Address for VAT receipt (if different from the address on page 5)

Personal / Company Cheque

I enclose a cheque for the Full Fee. Cheques should be made payable to:

“The British Computer Society”

Additional Information

Payment must be made in advance in order to confirm your place at the event. We do not issue invoices. A VAT receipted invoice will be sent to the person paying, after payment has been cleared.

Please note that that Registration closes at 16.00, Tuesday, 19^th January, 2010.

For overseas delegates who wish to attend the event please note that BCS will not issue an invitation letter.

Cancellation Policy

In the event of cancellation and provided Written Notice (letter or email to Rachel Browning) is received by Friday, 15^th January, 2010, a full refund will be made. In the event of cancellation after this date, we regret that no refund can be given. BCS reserve the right to cancel any event. In this case, the full fee will be refunded. Details of event changes or cancellations are available by phoning +44 (0)1793 417416.

Name Substitutions

Name substitutions are accepted up to 48 hrs prior to the event by fax or email.

Fax: +44 (0)1793 417416

Email: Rachel.Browning@hq.bcs.org.uk Electronic Privacy

As a body for IT professionals BCS Group regularly communicates with its interested parties by email. I understand that BCS Group will not pass on my email address to other organisations.

Data Protection Act 1998

BCS Group will hold your personal data on its computer database and process it in accordance with the Act.

This information may be accessed, viewed and used by the Society for administrative purposes and conducting market research. All of these purposes have been notified to the Commissioner. If you are based outside the European Economic Area (the ‘EEA’), information about you may be transferred outside the EEA in accordance with the requirements of the Act.

Page 6 of 6

BCS VAT Reg No:GB 618168724

The British Computer Society is registered as a Charity: Number 292786