Data Privacy and New Media

Whether it’s providing financial services, initiating new marketing campaigns, providing medical services, or establishing a social media presence, personal information is increasingly an indispensable business asset.  It should come as no surprise that its care and management has become of paramount concern.

Our Data Privacy and New Media Group has deep experience on data privacy, e-retention, new and social media issues, and its members are recognized as thought-leaders in the field.  To cite some examples, members of the group have been appointed by the Department of Justice to oversee the transfer of personal data by financially troubled companies, serve as weekly correspondents for new legislative developments via the IAPP’s Privacy Tracker, and were among the earliest recipients of the Certified Information Privacy Professional (CIPP) designation.

We assist clients in developing strategies to address privacy, data security and information management issues, including:

• Privacy audits, policies and procedures;
• Data security and PCI compliance;
• Employee privacy;
• Record retention/electronic discovery;
• International/cross-border data transfers;
• Data breach readiness and response; and
• Litigation and dispute resolution.

Data Privacy

We are well-versed and regularly advise clients on privacy legislation and regulations, including:

• Federal Trade Commission Act
• Gramm-Leach-Bliley Act (GLBA)
• Fair Credit Reporting Act (FCRA)
• Fair and Accurate Credit Transactions Act (FACTA)
• USA PATRIOT Act
• Sarbanes-Oxley Act
• Health Insurance Portability and Accountability Act (HIPAA)
• Children’s Online Privacy Protection Act (COPPA)
• Electronic Communications Privacy Act (ECPA)
• CAN-SPAM Act
• State data breach notification laws
• Global privacy and data protection laws

We advise clients regarding data security compliance and risk management, and help them develop and implement comprehensive data security policies, procedures and training programs, including payment card industry (PCI) compliance programs, evaluating obligations in outsourcing agreements.  We negotiate vendor and service provider agreements, and develop and implement identity theft programs and procedures, including the Red Flag program required by FACTA.

E-Retention

With our clients storing ever greater amounts of data, we counsel them on determining minimum data retention requirements, developing and implementing data retention policies, evaluating the risk of storing data beyond legally prescribed periods, and counseling and assisting clients in responding to electronic discovery requests in litigation.

Latin American Data Privacy Issues

Our group includes several lawyers deeply versed in Latin American Data Privacy law.  We work with the attorneys in our satellite offices to draft and negotiate contracts relating to cross-border data flow to ensure compliance with applicable local country data and security laws and regulations

Data Breach Readiness and Response

Recent headlines continue to make clear that managing data security and responding to the consequences of a data incident is still of paramount importance.  We are fully experienced in developing and implementing data breach contingency response programs, and have assisted numerous clients with notifications and coordination of criminal and civil responses following a data breach.

Litigation and Dispute Resolution

We represent clients in cases involving privacy and property rights, file sharing, the Internet, spamming, spoofing, phishing, cybersquatting and identity theft.  Working with members of our labor and employment team, we represent employers in litigation alleging invasion of privacy, wiretapping and violations of electronic communication privacy.

Social Media, eCommerce and Technology

We counsel clients on compliance with laws governing eCommerce and the Internet, developing and negotiating privacy provisions in licensing agreements and other contracts, preparing privacy notices, policies, and terms of use, and developing appropriate privacy restrictions on social media sites.

Financial Services

We advise financial service providers about GLBA privacy requirements regarding collection and use of nonpublic personal information.  For GLBA-covered entities, we help design privacy notices, determine permissible disclosures, and draft appropriate agreements with joint marketers and service providers

Contact us to discuss any privacy issue.