R | McHale Law’s Privacy & Data Security practice advises clients with respect to the ever growing number of privacy laws and regulations in relation to their corporate transactions, international business operations, and public policy initiatives. We employ a custom-design, enterprise-wide approach to our clients’ privacy and data security practices to predict and manage potential legal and regulatory issues relevant to their specific needs, workplaces, and industries.
Amongst other matters, we represent clients with regard to developing privacy and data security compliance programs and strategies as they relate to a variety of laws, including the Gramm-Leach-Bliley Act, the Children’s Online Privacy Protection Act (COPPA), the Federal Trade Commission Act, the Health Information Portability and Accountability Act of 1996 (HIPAA), the HITECH Act, the EU General Data Protection Regulation (GDPR), and state breach notification laws.
Our lawyers work on privacy and data security issues with companies of all types and sizes and across all sectors of the economy, including online and mobile operators and vendors, communications and media companies, marketing agencies, information technology (IT) companies, financial institutions, health care providers, and retailers. We regularly assist clients in:
- Preparation of privacy and data collection and use policies
- Advising on the sale of customer lists and the transfer of data to vendors and other third-parties
- Identifying and resolving privacy and security concerns as they relate to emerging fields, such as mobile marketing, geolocation marketing, and behavioral targeting
- Developing strategies to resolve data security breaches and providing data breach crisis management
- Providing counsel on security regulations that apply to export issues relating to controlled technology and software, including the Export Administration Regulations (EAR) and the International Traffic in Arms Regulations (ITAR)
- Consulting on compliance with state and federal subpoenas, wiretap orders, warrants, and other civil and criminal demands for information
- Advising on international e-commerce laws and cross-border privacy and data protection issues such as compliance with the EU General Data Protection Regulation (GDPR)
Privacy & Data Security Litigation
Our litigation services include:
- Litigating cases involving computer and email hacking
- Obtaining information regarding the identity of anonymous/pseudonymous parties from Internet service providers in cases involving defamation, disparagement, and “spoofing” on websites
- Defending regulatory actions brought by the Federal Trade Commission or State Attorney General