With technology’s omnipresence, companies increasingly confront complex information technology (IT) contracting and data-privacy issues. They also face the increased risk of data breaches, ransomware attacks, insider theft, extortion, and other cyber incidents. That’s why our Data Security & Technology Practice Area offers complete support—contract counseling, drafting and negotiation for IT transactions, legal compliance, due diligence for corporate transactions, incident response, defense to regulatory investigations, and representation in data-security and IT litigation.
Information Technology Transactions
Helping our clients meet the challenges of the ever-changing fields of technology and commerce, our team handles a wide range of technology contracts and transactions involving products and services related to IT—including software, cloud-based applications, platform services, software-as-a-service (SaaS), data-as-a-service (DaaS), bank and credit union core processing contracts, websites, and mobile apps. We provide strategic counseling; technology-vendor due diligence; and counseling, drafting, and negotiation for agreements tailored to our clients’ objectives. For routine transactions, we use our toolbox of contract templates, which includes customizable terms of use, app license terms, sales terms, privacy policies, acceptable use policies, data security addenda, and service level addenda. Our multidisciplinary team includes intellectual property, financial institution, and health care attorneys to ensure the subject-matter capabilities needed for a customized solution.
We provide legal advice regarding cyber-risk liabilities, data-protection obligations, and compliance with data-privacy laws, including the Defend Trade Secrets Act (DTSA), California Consumer Privacy Act (CCPA), Gramm-Leach-Bliley Act (GLBA), Telephone Consumer Protection Act (TCPA), US Health Insurance Portability and Accountability Act (HIPAA), US Family Educational Rights and Privacy Act (FERPA), New York Civil Rights Law, and rights of privacy and publicity. Seamlessly collaborating with our European associates, we also provide advice regarding the European Union’s General Data Protection Regulation (GDPR).
Data Security and Technology Litigation
When business solutions to data-security and technology issues are unattainable, we turn to the legal system to unlock value and protect our clients’ interests. Our team of data-security and technology trial attorneys litigates disputes involving data protection, confidentiality, technology outsourcing, IT systems, trade secrets, digital assets, cybersecurity, cybercrime, and compliance with data-protection laws.
Our experience includes defending class actions and insurance-coverage disputes involving violations of privacy laws and other technology issues. We also represent clients as plaintiffs to redress misappropriation of their confidential information and to pursue culpable technology providers and other third parties that harm our clients’ data-security or technology assets. And whenever necessary, we represent our clients in response to subpoenas and governmental requests to ensure their confidential information is protected.
Legal Compliance With Data Privacy and Security Laws
For any business that collects, stores, transmits, or otherwise relies on data to get the job done, compliance with data privacy and security laws is essential. Our team helps clients comply with ever-evolving federal and state law and avoid problems that can result in significant financial penalties and reputational damage. Our services include identifying and assessing regulatory requirements, providing guidance on best practices and industry standards, and developing and implementing policies, procedures, and training programs.
Cyber Due Diligence for M&A Transactions and Technology Outsourcing
In technology-based transactions, our team helps clients understand the current state of counterparties’ cybersecurity controls and identify areas that may need improvement. By identifying potential security risks, we help clients negotiate better terms, make informed decisions, and minimize the risk of future disputes.
Executive and Personal Protection
We understand the unique challenges faced by public figures when it comes to protecting their privacy and personal safety. Our team provides tailored legal services to executives, entertainers, and other high-profile individuals when their personal safety or reputations are at stake. We have experience prosecuting claims involving invasions of privacy and harm to reputation, protecting the confidentiality of personal information in civil litigation, and advising on criminal-law remedies for harassment, stalking, and extortion attempts.
Cyber-Incident Response
A strong incident-response plan (IRP) enables a business to prepare for the inevitable cyber incident. Whatever happens—business-email compromise, ransomware attack, or even just a mistake in handling sensitive information—our team of “breach coaches” helps clients investigate, assess, respond, and recover so they can restore normal operations as quickly as possible. We employ a proactive, team approach, using the resources necessary to address the problem, manage risk, and reduce the stress on our clients, their employees, and their customers.
Regulatory Investigations
When a cyber incident requires notice to government regulators, an investigation often follows. We leverage knowledge of our client’s business and our experience to manage the investigation, respond to regulators, and negotiate resolutions that protect everyone involved.