Our Privacy & Data Breach Litigation team focuses specifically on risk mitigation solutions to client data breaches, particularly customer and employee data and privacy breaches, and subsequent investigations and litigation as a direct or indirect result of cyber-terrorism, phishing scams, disgruntled employees, natural disasters or in potential non-compliance or violations of the Federal Trade Commission’s requirements for safeguarding data in the US, as well as consumer or commercial law suits in violation of the data privacy regulations set forth by the European Data Privacy Directive (EDPD) and the Asia Pacific Economic Cooperation (APEC). We aggressively respond to breaches through the use of the Computer Fraud and Abuse Act to obtain injunctive and other relief.
Our team is a core part of our Data Protection & Privacy Practice, which addresses global regulatory requirements to safeguard corporate and customer data, and consists of litigators from our Commercial, White Collar, Labor & Employment, Intellectual Property, Healthcare and Financial Services Litigation practices. This diverse litigation perspective combined with deep regulatory insight allows us to proactively protect and respond to the four pillars of our clients’ data protection and privacy concerns:
- Preparedness – Safeguarding physical and electronic data to any kind of threat.
- Response – To any real or threatened data breach.
- Litigation – Quickly addressing all types of litigation including consumer class actions, government law suits, and derivative shareholder litigation.
- Notification – Ensuring customers and regulators are notified in compliance with consumer privacy laws.
Why Choose Us
- Ranked one of the top 20 global law firm platforms in the world by Law360 – a global presence enabling us to quickly address client data and privacy breach investigations and litigation – anywhere.
- Diverse team of litigation and regulatory expertise worldwide, allowing us to comprehensively assess the diverse points of exposure to data and customer privacy breaches and deftly handle any subsequent investigation or ligation.
- Public relations, crisis management and “damage control” experience in high-profile matters.
- Extensive experience in the defense and resolution of class and mass actions throughout the US.
- Authoritative voice on consumer credit and consumer payment laws in the UK, including authoring Consumer Credit: Law, Practice & Precedent, published by Law Society Publishing in January 2012.
- Globally respected participants in data privacy and protection thought leadership:
- Member of the Board of Directors of the International Institute of Communications (IIC).
- Special adviser on data protection matters to the Board of the Storage Networking Industry Association – Europe.
- Member of the International Association of Privacy Professionals and the American, International, Federal Communications and District of Columbia Bar Associations, and a lecturer on legal issues in Modern Spectrum Policy Management.
- Commercial litigation and international dispute resolution lawyers internationally recognized by the American College of Trial Lawyers, Centre for Effective Dispute Resolution, the International Academy of Trial Lawyers, the International Society for Barristers, as well as by Best Lawyers, Chambers, Global Arbitration Review 100 and The Legal 500.
- Award winning, state-of-the-art extranet and eDiscovery technology, including winner of Law Technology News 2012 Most Innovative Use of Technology in a Large Law Firm Award, and ranked in the 2013 InformationWeek 500 – a list of the top technology innovators in the US.
Across the globe, we assist clients in their data and customer privacy compliance needs at every point of their business operations and business strategy:
- Cyber-risk insurance
- Data privacy safeguards, internal and external, consumer-focused policies and internal training
- Due diligence involving joint ventures, mergers, acquisitions and other business collaborations
- Design, implementation and management of global compliance programs in accordance with the EDPD, APEC and emerging regulations in other countries, including the US
- e-Commerce and cloud computing
- Government regulations related to breach of customer or patient data
- Rolling out and managing global payment card industry standards
- Public relations and crisis communications
We have extensive experience in data and privacy breach-related investigations and individual, business-to-business and consumer class action litigation, including US-related issues:
- Consumer identify theft and privacy violations relating to cloud computing, e-Commerce transactions, including industry-specific applications, such as telehealth and mobile health applications
- Electronic Fund Transfer (EFT) or Automated Clearing House (ACH) fraud
- Fair and Accurate Credit Transactions Act (FACTA)
- Fair Debt Collection Practices (FDCPA)
- Federal Computer Fraud and Abuse Act
- False Advertising, Unfair Business Practices, and Defamation
- FTC violations including Children’s Online Privacy Protection Act (COPPA), Fair Credit Reporting Act (FCRA), CAN-SPAM Act, and Gramm-Leach-Bliley and Red Flags Rule
- HIPAA Privacy and Security Rules
- Telephone Consumer Protection Act (TCPA)
- Labor and employment issues, including use of company technology, email retention
- Theft of trade secrets and other IP
- Cross-border, US federal and State Attorneys General investigations and related litigation