Privacy, Data Protection, and Cybersecurity
To assist with your understanding of the applicability and requirements of the California Consumer Privacy Act (CCPA) which took effect January 1, 2020, and how we may be able to help your business operate in accordance with the new law, see our updated CCPA Compliance Guide.
The Privacy, Data Protection & Cybersecurity team at Rothwell Figg helps clients understand and navigate the rapidly evolving area of privacy and data protection law. We work with our clients to prepare, integrate, and implement compliance strategies, frameworks for risk management, and best practices, policies, and procedures, and we are ready to assist if litigation arises. We work closely with clients to recognize, respond to, and minimize the serious risks associated with the collection, use, retention, disclosure, and disposal of personal information, susceptible IP, and data, and we are available to help at every step along the way. We can assist with the design and implementation of cybersecurity and data protection policies, best practices, compliance programs, and incident response plans to help ensure that your organization is both compliant with comprehensive and complicated data privacy requirements, but also has policies and programs in place that are workable within your organization. And if there ever is an incident, we can serve as trusted advisors, from the investigation stages through litigation, helping you navigate disclosure requirements to public authorities.
Attorneys in our practice group are all technology-focused advisors and litigators, and are Certified Information Privacy Professionals in the United States (CIPP/US). In addition, we have technical backgrounds and industry experience, including in the following subject areas: computer science, artificial intelligence/machine learning, Internet of Things (IoT), cryptocurrency, blockchain, fintech, bioinformatics, connected device technology, wearables, big data, and adtech.
We are uniquely qualified to assist you with a broad range of privacy, data protection, and cybersecurity issues, including:
- developing privacy, data protection,andcybersecurity programs, including but not limited to:
- developing best practices and incident response plans; and
- assisting with compliance strategy and building an appropriate framework for risk management;
- providing corporate training programs related to privacy, data protection, and cybersecurity;
- defending against challenges under applicable state laws, rules, and regulations, including but not limited to:
- state privacy laws, including the California Consumer Protection Regulation (CCPA);
- state biometric laws, including BIPA (Illinois Biometric Privacy Act);
- state cybersecurity, data security, and data breach notification laws, including New York’s SHIELD law (Stop Hacks and Improve Electronic Data Security); and
- state consumer protection/unfair and deceptive acts and practices (UDAP) laws;
- defending against challenges under applicable U.S. laws, rules, and regulations, including but not limited to:
- Federal privacy laws, including the Gramm Leach Bliley Act (GLBA), the Children’s Online Privacy Protection Rule (COPPA), the Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), Fair Credit Reporting Act (FCRA), the Telephone Consumer Protection Act (TCPA), and other federal data breach laws; and
- Section 5 of the Federal Trade Commission (FTC) Act (unfair and deceptive acts and practices affecting commerce);
- defending against challenges under applicable international laws, rules, and regulations, including but not limited to:
- the European Union’s General Data Protection Regulation (GDPR); and
- protecting and enforcing intellectual property and defending against intellectual property and unfair competition challenges.
Whether you have a privacy plan or data protection practices in place, or you are overwhelmed and don’t know where to start, we will meet you where you are and work with you on a flexible and compliant plan to address the changing legal and business landscape. Should an investigation, dispute, or litigation arise, our lawyers have decades of investigation, dispute resolution, and trial experience to guide you to a successful result.
For more information, please email us at email@example.com.
Advised clients in the financial services sector on matters related to privacy, data protection, and cybersecurity
Advised media entities on a wide range of issues related to privacy for more than 20 years
Assisted a software start-up in the financial services sector with
draftingof cybersecurity, data protection andprivacy policies
Advised media entities on the right to be forgotten, which is the right of an individual to have information on him/her deleted
Advised Internet commerce companies on privacy policies, particularly the handling of customer information
Advised clients on issues concerning how to handle personally identifiable information about EU residents
Represented Internet commerce companies in investigations by the FTC on the use and handling of consumer data