Privacy and security issues touch virtually every aspect of an organization’s operations–from online activities to workplace policies to cross-border commerce–and can involve multiple layers of regulatory challenges. To further complicate matters, legal rules and technologies are changing rapidly and profoundly.
We are pioneers in this dynamic arena of law. A core group of our intellectual property, communications, technology and employment lawyers and litigators continue to navigate new territory for our clients and share this knowledge with prospective clients and peers. We help clients not only comply with the law, but also custom-design privacy and security plans to forecast and manage potential legal and regulatory issues germane to their specific workplaces, industries and global technology needs. Our areas of expertise include:
We provide counsel on all critical privacy issues for media companies, retailers, health care organizations, financial institutions and other clients handling sensitive data–including personally identifiable information. Our lawyers have extensive experience with the privacy requirements of the Cable Act, FTC, state privacy laws, state data security laws, the Children’s Online Privacy Protection Act (COPPA), the CAN SPAM Act, Communications Assistance for Law Enforcement Act (CALEA), the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), HITECH, ECPA, CPNI, DMCA, payment card industry data security standards, self-regulatory regimes, the European Union’s Data Protection and Privacy Directives, and legislative proposals.
We regularly consult on privacy policies, the sale of customer lists and the transfer of data to vendors. And our lawyers are well-versed in the latest resolution strategies should a breach of security involving personally identifiable information occur, having assisted dozens of clients in resolving such situations.
Security advice and consultation
- Assist with establishing secure private networks
- Help negotiate and implement agreements for Internet and network security
- Provide counsel on security regulations that apply to immigration and import issues and to doing business overseas
- Advise buyers and sellers on U.S. restrictions on exporting software with encryption features
- Represent government agencies as they develop and acquire new computer systems
- Advise on issues related to the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act.
- Provide counsel on contracts involving digital signatures
- Assist with developing and monitoring records management systems
- Consult on the risks involved in sharing information with third parties for marketing or other business purposes
- Provide expertise on the legal requirements for destroying personally identifiable information
- Advise on compliance with state and federal subpoenas, trap and trace, pen register, and wiretap orders, warrants, and other civil and criminal demands for information
Employer workplace issues
We provide up-to-the minute counsel on changing regulations affecting the workplace, including developing and reviewing policies relating to data security, Internet access, email and voicemail security and privacy, or counseling on protecting trade secrets and other forms of IP during the termination of employment.
We have represented media organizations, hospitals and other health care organizations, technology providers, communications companies, banks and other clients in privacy and security matters involving the following:
- Domain name infringement
- Theft of trade secrets and customer lists
- Invasion of privacy and defamation
- Illegal downloading of music and movies
- Database security
International privacy issues
We have substantial experience in all aspects of international privacy issues. We have drafted policies compliant with European Union data protection laws, federal and provincial privacy laws in Canada, and the privacy laws in major Pacific Rim countries. We advise on issues related to transfers of personal information from the EU in connection with outsourcing, commercial transactions, discovery and internal investigations, employee matters and day-to-day operations of multinational organizations. We also help clients navigate restrictions in the USA Patriot Act, revised immigration laws and processes, and various export and import regulations such as the encryption and high-technology provisions of the International Trade in Arms Regulations and the Trading with the Enemy Act. We advise clients on practical approaches for becoming compliant with the new European rules on website cookies and behavioral marketing and on restrictions on the collection and use of geolocation and communications traffic data under European laws. We are closely engaged in ongoing reviews in Europe of the Data Protection Directive (95/46/EC) and the Data Retention Directive (2006/24) and in national implementation of new communications-related privacy laws under the e-Privacy Directive (2002/58/EC).