R | McHale Law’s Privacy & Data Security practice advises clients with respect to the ever growing number of privacy laws and regulations in relation to their corporate transactions, international business operations, and public policy initiatives. We employ a custom-design, enterprise-wide approach to our clients’ privacy and security practices to predict and manage potential legal and regulatory issues relevant to their specific workplaces, industries, and domestic and cross-border privacy needs.
Amongst other matters, we represent clients with regard to developing privacy and security compliance strategies as they relate to a variety of laws, including the Computer Fraud and Abuse Act (CFAA), the Electronic Communications Privacy Act (ECPA), the Stored Communications Act (SCA), the Gramm-Leach-Bliley Act, the CAN SPAM Act, the Children’s Online Privacy Protection Act (COPPA), the Communications Assistance for Law Enforcement Act (CALEA), the Fair Credit Reporting Act (FCRA), the Fair and Accurate Credit Transactions Act (FACTA), the Federal Trade Commission Act, the Health Information Portability and Accountability Act of 1996 (HIPAA), the HITECH Act, the USA Patriot Act, the European Union Privacy Directive and related U.S.-E.U. “Safe Harbor” Program, and state privacy and date security breach notification laws.
Our lawyers work on privacy and data security issues with companies of all types and sizes and across all sectors of the economy, including online and mobile operators and vendors, communications and media companies, marketing agencies, information technology (IT) companies, financial institutions, health care providers, and retailers. We regularly assist clients in:
Privacy & Data Security Litigation
- Preparation of privacy and data collection and use policies
- Advising on the sale of customer lists and the transfer of data to vendors and other third-parties
- Identifying and resolving privacy and security concerns as they relate to emerging fields, such as mobile marketing, geolocation marketing, and behavioral targeting
- Developing strategies to resolve data security breaches and providing data breach crisis management
- Providing counsel on security regulations that apply to export issues relating to controlled technology and software, including the Export Administration Regulations (EAR) and the International Traffic in Arms Regulations (ITAR)
- Consulting on compliance with state and federal subpoenas, wiretap orders, warrants, and other civil and criminal demands for information
- Advising on international e-commerce laws and cross-border data protection issues such as compliance with the European Union Data Privacy Directive and obtaining Safe Harbor certifications
Our litigation services include:
- Litigating cases involving computer and email hacking
- Obtaining information regarding the identity of anonymous/pseudonymous parties from Internet service providers in cases involving defamation, disparagement, and “spoofing” on websites
- Defending regulatory actions brought by the Federal Trade Commission or State Attorney General